initial buildroot for linux 5.15

This commit is contained in:
Huan.Feng
2021-12-06 14:12:13 +08:00
parent d7767d594e
commit 7b6fc358fa
12736 changed files with 508822 additions and 0 deletions
+35
View File
@@ -0,0 +1,35 @@
fix musl build
Patch inspired by
https://github.com/kraj/meta-musl/blob/master/recipes-core/util-linux/util-linux-2.25/0001-switch_root-use-typeof-instead-of-__SWORD_TYPE-for-s.patch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
diff -uNr ecryptfs-utils-109.org/src/utils/mount.ecryptfs_private.c ecryptfs-utils-109/src/utils/mount.ecryptfs_private.c
--- ecryptfs-utils-109.org/src/utils/mount.ecryptfs_private.c 2016-01-22 17:04:52.000000000 +0100
+++ ecryptfs-utils-109/src/utils/mount.ecryptfs_private.c 2016-01-24 16:52:37.000000000 +0100
@@ -224,6 +224,7 @@
static int check_cwd_f_type()
{
+ struct statfs buf;
/**
* This is *not* a list of compatible lower filesystems list for
* eCryptfs. This is a list of filesystems that we reasonably expect to
@@ -235,7 +236,7 @@
* deceive other programs with a crafted /proc/self/*. See
* https://launchpad.net/bugs/1530566 for more details.
*/
- __SWORD_TYPE f_type_whitelist[] = {
+ typeof(buf.f_type) f_type_whitelist[] = {
0x61756673 /* AUFS_SUPER_MAGIC */,
0x9123683E /* BTRFS_SUPER_MAGIC */,
0x00C36400 /* CEPH_SUPER_MAGIC */,
@@ -259,7 +260,6 @@
0x58465342 /* XFS_SB_MAGIC */,
0x2FC12FC1 /* ZFS_SUPER_MAGIC */,
};
- struct statfs buf;
size_t i, whitelist_len;
if (statfs(".", &buf) != 0) {
@@ -0,0 +1,173 @@
Fix build with OpenSSL 1.1.x
Downloaded from upstream commit
https://code.launchpad.net/~jelle-vdwaa/ecryptfs/ecryptfs/+merge/319746
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
=== modified file 'src/key_mod/ecryptfs_key_mod_openssl.c'
--- a/src/key_mod/ecryptfs_key_mod_openssl.c 2013-10-25 19:45:09 +0000
+++ b/src/key_mod/ecryptfs_key_mod_openssl.c 2017-06-02 18:27:28 +0000
@@ -41,6 +41,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <libgen.h>
+#include <openssl/bn.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/err.h>
@@ -55,6 +56,19 @@
char *passphrase;
};
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+static void RSA_get0_key(const RSA *r,
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+{
+ if (n != NULL)
+ *n = r->n;
+ if (e != NULL)
+ *e = r->e;
+ if (d != NULL)
+ *d = r->d;
+}
+#endif
+
static void
ecryptfs_openssl_destroy_openssl_data(struct openssl_data *openssl_data)
{
@@ -142,6 +156,7 @@
{
int len, nbits, ebits, i;
int nbytes, ebytes;
+ const BIGNUM *key_n, *key_e;
unsigned char *hash;
unsigned char *data = NULL;
int rc = 0;
@@ -152,11 +167,13 @@
rc = -ENOMEM;
goto out;
}
- nbits = BN_num_bits(key->n);
+ RSA_get0_key(key, &key_n, NULL, NULL);
+ nbits = BN_num_bits(key_n);
nbytes = nbits / 8;
if (nbits % 8)
nbytes++;
- ebits = BN_num_bits(key->e);
+ RSA_get0_key(key, NULL, &key_e, NULL);
+ ebits = BN_num_bits(key_e);
ebytes = ebits / 8;
if (ebits % 8)
ebytes++;
@@ -179,11 +196,13 @@
data[i++] = '\02';
data[i++] = (nbits >> 8);
data[i++] = nbits;
- BN_bn2bin(key->n, &(data[i]));
+ RSA_get0_key(key, &key_n, NULL, NULL);
+ BN_bn2bin(key_n, &(data[i]));
i += nbytes;
data[i++] = (ebits >> 8);
data[i++] = ebits;
- BN_bn2bin(key->e, &(data[i]));
+ RSA_get0_key(key, NULL, &key_e, NULL);
+ BN_bn2bin(key_e, &(data[i]));
i += ebytes;
SHA1(data, len + 3, hash);
to_hex(sig, (char *)hash, ECRYPTFS_SIG_SIZE);
@@ -278,7 +297,9 @@
BIO *in = NULL;
int rc;
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
CRYPTO_malloc_init();
+ #endif
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
ENGINE_load_builtin_engines();
=== modified file 'src/key_mod/ecryptfs_key_mod_pkcs11_helper.c'
--- a/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2013-10-25 19:45:09 +0000
+++ b/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2017-06-02 18:27:28 +0000
@@ -41,6 +41,7 @@
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
+#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
@@ -77,6 +78,19 @@
typedef const unsigned char *__pkcs11_openssl_d2i_t;
#endif
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+static void RSA_get0_key(const RSA *r,
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
+{
+ if (n != NULL)
+ *n = r->n;
+ if (e != NULL)
+ *e = r->e;
+ if (d != NULL)
+ *d = r->d;
+}
+#endif
+
/**
* ecryptfs_pkcs11h_deserialize
* @pkcs11h_data: The deserialized version of the key module data;
@@ -282,7 +296,11 @@
goto out;
}
+ #if OPENSSL_VERSION_NUMBER < 0x10100000L
if (pubkey->type != EVP_PKEY_RSA) {
+ #else
+ if (EVP_PKEY_base_id(pubkey) != EVP_PKEY_RSA) {
+ #endif
syslog(LOG_ERR, "PKCS#11: Invalid public key algorithm");
rc = -EIO;
goto out;
@@ -318,6 +336,7 @@
int nbytes, ebytes;
char *hash = NULL;
char *data = NULL;
+ const BIGNUM *rsa_n, *rsa_e;
int rc;
if ((rc = ecryptfs_pkcs11h_get_public_key(&rsa, blob))) {
@@ -331,11 +350,13 @@
rc = -ENOMEM;
goto out;
}
- nbits = BN_num_bits(rsa->n);
+ RSA_get0_key(rsa, &rsa_n, NULL, NULL);
+ nbits = BN_num_bits(rsa_n);
nbytes = nbits / 8;
if (nbits % 8)
nbytes++;
- ebits = BN_num_bits(rsa->e);
+ RSA_get0_key(rsa, NULL, &rsa_e, NULL);
+ ebits = BN_num_bits(rsa_e);
ebytes = ebits / 8;
if (ebits % 8)
ebytes++;
@@ -358,11 +379,13 @@
data[i++] = '\02';
data[i++] = (char)(nbits >> 8);
data[i++] = (char)nbits;
- BN_bn2bin(rsa->n, &(data[i]));
+ RSA_get0_key(rsa, &rsa_n, NULL, NULL);
+ BN_bn2bin(rsa_n, &(data[i]));
i += nbytes;
data[i++] = (char)(ebits >> 8);
data[i++] = (char)ebits;
- BN_bn2bin(rsa->e, &(data[i]));
+ RSA_get0_key(rsa, NULL, &rsa_e, NULL);
+ BN_bn2bin(rsa_e, &(data[i]));
i += ebytes;
SHA1(data, len + 3, hash);
to_hex(sig, hash, ECRYPTFS_SIG_SIZE);
@@ -0,0 +1,61 @@
fix parallel build issue
Build randomly fails since December 2017 on buildroot
(http://autobuild.buildroot.org/?reason=ecryptfs-utils-111):
make[5]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/ecryptfs-utils-111/src/utils'
/bin/mkdir -p '/home/buildroot/autobuild/instance-2/output-1/target/sbin'
/bin/bash ../../libtool --mode=install /usr/bin/install -c mount.ecryptfs umount.ecryptfs mount.ecryptfs_private '/home/buildroot/autobuild/instance-2/output-1/target/sbin'
libtool: install: /usr/bin/install -c mount.ecryptfs /home/buildroot/autobuild/instance-2/output-1/target/sbin/mount.ecryptfs
/usr/bin/install: cannot create regular file '/home/buildroot/autobuild/instance-2/output-1/target/sbin/mount.ecryptfs': File exists
Makefile:832: recipe for target 'install-rootsbinPROGRAMS' failed
make[5]: *** [install-rootsbinPROGRAMS] Error 1
As spotted by Thomas Petazzoni, build failure happens because of the
following line in src/utils/Makefile.am:
install-exec-hook: install-rootsbinPROGRAMS
-rm -f "$(DESTDIR)/$(rootsbindir)/umount.ecryptfs_private"
$(LN_S) "mount.ecryptfs_private" "$(DESTDIR)/$(rootsbindir)/umount.ecryptfs_private"
The install-exec-hook target should not have a dependency on
install-rootsbinPROGRAMS.
From https://www.gnu.org/software/automake/manual/html_node/Extending.html#Extending:
"""
In contrast, some rules also have a way to run another rule, called a
hook; hooks are always executed after the main rules work is done. The
hook is named after the principal target, with -hook appended. The
targets allowing hooks are install-data, install-exec, uninstall, dist,
and distcheck.
For instance, here is how to create a hard link to an installed program:
install-exec-hook:
ln $(DESTDIR)$(bindir)/program$(EXEEXT) \
$(DESTDIR)$(bindir)/proglink$(EXEEXT)
"""
So, they explicitly say that these hooks are run after the main rule
work is done, which means the dependency on install-rootsbinPROGRAMS is
not needed. And the example they use to illustrate is *exactly* the
situation of ecryptfs-utils: creating a link to a program that was
installed.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status: https://bugs.launchpad.net/ecryptfs/+bug/1857622]
diff -Nuar ecryptfs-utils-111-orig/src/utils/Makefile.in ecryptfs-utils-111/src/utils/Makefile.in
--- ecryptfs-utils-111-orig/src/utils/Makefile.in 2019-12-26 15:14:16.656146065 +0100
+++ ecryptfs-utils-111/src/utils/Makefile.in 2019-12-26 17:36:07.108496164 +0100
@@ -1522,7 +1522,7 @@
.PRECIOUS: Makefile
-install-exec-hook: install-rootsbinPROGRAMS
+install-exec-hook:
-rm -f "$(DESTDIR)/$(rootsbindir)/umount.ecryptfs_private"
$(LN_S) "mount.ecryptfs_private" "$(DESTDIR)/$(rootsbindir)/umount.ecryptfs_private"
+35
View File
@@ -0,0 +1,35 @@
config BR2_PACKAGE_ECRYPTFS_UTILS
bool "ecryptfs-utils"
depends on BR2_USE_WCHAR # gettext
depends on BR2_USE_MMU # keyutils
depends on BR2_TOOLCHAIN_HAS_THREADS # libnss -> libnspr
depends on BR2_PACKAGE_LIBNSPR_ARCH_SUPPORT # libnss -> libnspr
depends on !BR2_MIPS_NABI32 # libnss
depends on !BR2_STATIC_LIBS # libnss, keyutils
select BR2_PACKAGE_KEYUTILS
select BR2_PACKAGE_LIBNSS
# runtime dependency only, some scripts are using the
# 'gettext' program to get translations
select BR2_PACKAGE_GETTEXT
# runtime dependency only
select BR2_PACKAGE_GETENT
help
eCryptfs is a POSIX-compliant enterprise cryptographic
filesystem for Linux. It is stacked on top of any other
Linux filesystem, it stores cryptographic metadata in the
header of each file written.
The eCryptfs kernel module is available in all Linux kernels
since version 2.6.19. This package provides userspace
utilities needed to mount eCryptfs.
Files are encrypted using a passphrase. Consider building
openssl for another method.
http://ecryptfs.org
comment "ecryptfs-utils needs a toolchain w/ threads, wchar, dynamic library"
depends on BR2_PACKAGE_LIBNSPR_ARCH_SUPPORT
depends on BR2_USE_MMU
depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_USE_WCHAR || \
BR2_STATIC_LIBS
@@ -0,0 +1,5 @@
# From https://launchpad.net/ecryptfs/trunk/111/+download/ecryptfs-utils_111.orig.tar.gz/+md5
md5 83513228984f671930752c3518cac6fd ecryptfs-utils_111.orig.tar.gz
# Locally computed
sha256 112cb3e37e81a1ecd8e39516725dec0ce55c5f3df6284e0f4cc0f118750a987f ecryptfs-utils_111.orig.tar.gz
sha256 91df39d1816bfb17a4dda2d3d2c83b1f6f2d38d53e53e41e8f97ad5ac46a0cad COPYING
+37
View File
@@ -0,0 +1,37 @@
################################################################################
#
# ecryptfs-utils
#
################################################################################
ECRYPTFS_UTILS_VERSION = 111
ECRYPTFS_UTILS_SOURCE = ecryptfs-utils_$(ECRYPTFS_UTILS_VERSION).orig.tar.gz
ECRYPTFS_UTILS_SITE = https://launchpad.net/ecryptfs/trunk/$(ECRYPTFS_UTILS_VERSION)/+download
ECRYPTFS_UTILS_LICENSE = GPL-2.0+
ECRYPTFS_UTILS_LICENSE_FILES = COPYING
ECRYPTFS_UTILS_CPE_ID_VENDOR = ecryptfs
ECRYPTFS_UTILS_DEPENDENCIES = keyutils libnss host-intltool
ECRYPTFS_UTILS_CONF_OPTS = --disable-pywrap
#Needed for build system to find pk11func.h and libnss3.so
ECRYPTFS_UTILS_CONF_ENV = \
ac_cv_path_POD2MAN=true \
NSS_CFLAGS="-I$(STAGING_DIR)/usr/include/nss -I$(STAGING_DIR)/usr/include/nspr" \
NSS_LIBS="-lnss3"
ifeq ($(BR2_PACKAGE_LINUX_PAM),y)
ECRYPTFS_UTILS_CONF_OPTS += --enable-pam
ECRYPTFS_UTILS_DEPENDENCIES += linux-pam
else
ECRYPTFS_UTILS_CONF_OPTS += --disable-pam
endif
ifeq ($(BR2_PACKAGE_OPENSSL),y)
ECRYPTFS_UTILS_CONF_OPTS += --enable-openssl
ECRYPTFS_UTILS_DEPENDENCIES += openssl
else
ECRYPTFS_UTILS_CONF_OPTS += --disable-openssl
endif
$(eval $(autotools-package))