From patchwork Tue Jul 14 20:20:26 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
X-Patchwork-Id: 495244
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
	by ozlabs.org (Postfix) with ESMTP id 0BEDD1402AC
	for <incoming@patchwork.ozlabs.org>;
	Wed, 15 Jul 2015 06:21:43 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 592BFA4373;
	Tue, 14 Jul 2015 20:21:42 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id jZ5J5A3kGMi0; Tue, 14 Jul 2015 20:21:39 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by fraxinus.osuosl.org (Postfix) with ESMTP id CA6EDA43CD;
	Tue, 14 Jul 2015 20:21:08 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id 52D571C1FCC
	for <buildroot@lists.busybox.net>;
	Tue, 14 Jul 2015 20:21:00 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id 4EC2392094
	for <buildroot@lists.busybox.net>;
	Tue, 14 Jul 2015 20:21:00 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id NVt-bGF4xIop for <buildroot@lists.busybox.net>;
	Tue, 14 Jul 2015 20:20:59 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from secvs01.rockwellcollins.com (secvs01.rockwellcollins.com
	[205.175.225.240])
	by whitealder.osuosl.org (Postfix) with ESMTPS id 478FA92045
	for <buildroot@buildroot.org>; Tue, 14 Jul 2015 20:20:59 +0000 (UTC)
Received: from unknown (HELO crulimr02.rockwellcollins.com)
	([131.198.26.125])
	by secvs01.rockwellcollins.com with ESMTP; 14 Jul 2015 15:20:58 -0500
X-Received: from thehammer.rockwellcollins.com (unknown [192.168.141.197])
	by crulimr02.rockwellcollins.com (Postfix) with ESMTP id A0A4460186;
	Tue, 14 Jul 2015 15:20:58 -0500 (CDT)
From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
To: buildroot@buildroot.org
Date: Tue, 14 Jul 2015 15:20:26 -0500
Message-Id: 
 <1436905227-26937-15-git-send-email-clayton.shotwell@rockwellcollins.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: 
 <1436905227-26937-1-git-send-email-clayton.shotwell@rockwellcollins.com>
References: 
 <1436905227-26937-1-git-send-email-clayton.shotwell@rockwellcollins.com>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Subject: [Buildroot] [PATCH v9 14/15] cpio: new package
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Adding the cpio archive utility for the target and host. Patches have
been pulled from ArchLinux and Gentoo to fix CVE issues and compile
issues.

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
---
Changes v8 -> v9:
  - Fixed commit message to say patches came from Gentoo and not Debian
    (Suggested by Samuel)

Changes v7 -> v8:
  - Corrected the license to be GPLv3+ (Suggested by Thomas P.)
  - Changed all of the patches to pull from the various source locations
    since they were not being modified at all (Suggested by Thomas P.)

Changes v6 -> v7:
  - Added dependency on argp-standalone package for uclibc toolchains
    to fix build error (Clayton S.)
  - Added hash file (Clayton S.)

Changes v5 -> v6:
  - No changes
---
 package/Config.in           |  1 +
 package/Config.in.host      |  1 +
 package/cpio/Config.in      |  8 ++++++++
 package/cpio/Config.in.host |  6 ++++++
 package/cpio/cpio.hash      |  9 +++++++++
 package/cpio/cpio.mk        | 27 +++++++++++++++++++++++++++
 6 files changed, 52 insertions(+)
 create mode 100644 package/cpio/Config.in
 create mode 100644 package/cpio/Config.in.host
 create mode 100644 package/cpio/cpio.hash
 create mode 100644 package/cpio/cpio.mk

diff --git a/package/Config.in b/package/Config.in
index 1fe7850..ed40064 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -151,6 +151,7 @@ endmenu
 menu "Filesystem and flash utilities"
 	source "package/btrfs-progs/Config.in"
 	source "package/cifs-utils/Config.in"
+	source "package/cpio/Config.in"
 	source "package/cramfs/Config.in"
 	source "package/curlftpfs/Config.in"
 	source "package/dosfstools/Config.in"
diff --git a/package/Config.in.host b/package/Config.in.host
index 1e047aa..9a4f176 100644
--- a/package/Config.in.host
+++ b/package/Config.in.host
@@ -1,6 +1,7 @@
 menu "Host utilities"
 
 	source "package/checkpolicy/Config.in.host"
+	source "package/cpio/Config.in.host"
 	source "package/cramfs/Config.in.host"
 	source "package/dfu-util/Config.in.host"
 	source "package/dos2unix/Config.in.host"
diff --git a/package/cpio/Config.in b/package/cpio/Config.in
new file mode 100644
index 0000000..1787f39
--- /dev/null
+++ b/package/cpio/Config.in
@@ -0,0 +1,8 @@
+config BR2_PACKAGE_CPIO
+	bool "cpio"
+	# Need argp.h support
+	select BR2_PACKAGE_ARGP_STANDALONE if BR2_TOOLCHAIN_USES_UCLIBC
+	help
+	  cpio archive utility for creation and extraction.
+
+	  https://www.gnu.org/software/cpio/
diff --git a/package/cpio/Config.in.host b/package/cpio/Config.in.host
new file mode 100644
index 0000000..e927952
--- /dev/null
+++ b/package/cpio/Config.in.host
@@ -0,0 +1,6 @@
+config BR2_PACKAGE_HOST_CPIO
+	bool "host cpio"
+	help
+	  cpio archive utility for creation and extraction.
+
+	  https://www.gnu.org/software/cpio/
diff --git a/package/cpio/cpio.hash b/package/cpio/cpio.hash
new file mode 100644
index 0000000..c52e86a
--- /dev/null
+++ b/package/cpio/cpio.hash
@@ -0,0 +1,9 @@
+# Locally calculated after checking pgp signature
+sha256	601b1d774cd6e4cd39416203c91ec59dbd65dd27d79d75e1a9b89497ea643978	cpio-2.11.tar.gz
+
+# Locally calculated
+sha256 903fb87e00813daf257be5d1680ad93770d320c707ab2ec345486958b2e8a21f cpio-2.11-stdio.in.patch
+sha256 6b6505a97dda75d24627d9ba461b45ab9ea4764e1a2788d6986eb2978434f25d cpio-2.11-CVE-2014-9112.patch
+sha256 0cf7c9749f1c1610aaf46e17eacd6614c5ef8c2114236bcdd08d53e929020ae5 cpio-2.11-testsuite-CVE-2014-9112.patch
+sha256 f1f587f70a38363691cbd4dfe89f962c8c57266277f0fbc781910c6a7065be7e cpio-2.11-check_for_symlinks-CVE-2015-1197.patch
+sha256 b3d317e3c5705d7f9e503f56540baf3cb6dd1d0e9be0261151a5b08378c2d98c cpio-2.11-stat.patch
diff --git a/package/cpio/cpio.mk b/package/cpio/cpio.mk
new file mode 100644
index 0000000..67871e2
--- /dev/null
+++ b/package/cpio/cpio.mk
@@ -0,0 +1,27 @@
+################################################################################
+#
+# cpio
+#
+################################################################################
+
+CPIO_VERSION = 2.11
+CPIO_SITE = http://ftp.gnu.org/gnu/cpio
+CPIO_LICENSE = GPLv3+
+CPIO_LICENSE_FILES = COPYING
+CPIO_PATCH = \
+	https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-stdio.in.patch \
+	https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-CVE-2014-9112.patch \
+	https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-testsuite-CVE-2014-9112.patch \
+	https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-check_for_symlinks-CVE-2015-1197.patch \
+	https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-arch/cpio/files/cpio-2.11-stat.patch
+
+# cpio uses argp.h which is not provided by uclibc by default.
+# Use the argp-standalone package to provide this but make sure
+# the host package does not try to use the host version.
+ifeq ($(BR2_TOOLCHAIN_USES_UCLIBC),y)
+CPIO_DEPENDENCIES += argp-standalone
+HOST_CPIO_DEPENDENCIES =
+endif
+
+$(eval $(autotools-package))
+$(eval $(host-autotools-package))