diff options
author | Dave Cobbley <david.j.cobbley@linux.intel.com> | 2018-08-14 20:05:37 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-08-23 04:26:31 +0300 |
commit | eb8dc40360f0cfef56fb6947cc817a547d6d9bc6 (patch) | |
tree | de291a73dc37168da6370e2cf16c347d1eba9df8 /meta-openembedded/meta-oe/recipes-support/vim | |
parent | 9c3cf826d853102535ead04cebc2d6023eff3032 (diff) | |
download | openbmc-eb8dc40360f0cfef56fb6947cc817a547d6d9bc6.tar.xz |
[Subtree] Removing import-layers directory
As part of the move to subtrees, need to bring all the import layers
content to the top level.
Change-Id: I4a163d10898cbc6e11c27f776f60e1a470049d8f
Signed-off-by: Dave Cobbley <david.j.cobbley@linux.intel.com>
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-support/vim')
5 files changed, 262 insertions, 0 deletions
diff --git a/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch b/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch new file mode 100644 index 0000000000..937b9ba317 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/vim/files/CVE-2017-17087.patch @@ -0,0 +1,70 @@ +From 9c11f80339372b7aa2f43153d574f2b5abb79708 Mon Sep 17 00:00:00 2001 +From: Li Zhou <li.zhou@windriver.com> +Date: Sun, 17 Dec 2017 23:09:35 -0800 +Subject: [PATCH] vim: patch 8.0.1263: others can read the swap file if a user + is careless + +Problem: Others can read the swap file if a user is careless with his + primary group. +Solution: If the group permission allows for reading but the world + permissions doesn't, make sure the group is right. + +Upstream-Status: Backport +CVE: CVE-2017-17087 +Signed-off-by: Li Zhou <li.zhou@windriver.com> +--- + src/fileio.c | 24 +++++++++++++++++++++++- + src/version.c | 2 ++ + 2 files changed, 25 insertions(+), 1 deletion(-) + +diff --git a/src/fileio.c b/src/fileio.c +index f54fb8465..2c7740af9 100644 +--- a/src/fileio.c ++++ b/src/fileio.c +@@ -716,7 +716,29 @@ readfile( + /* Set swap file protection bits after creating it. */ + if (swap_mode > 0 && curbuf->b_ml.ml_mfp != NULL + && curbuf->b_ml.ml_mfp->mf_fname != NULL) +- (void)mch_setperm(curbuf->b_ml.ml_mfp->mf_fname, (long)swap_mode); ++ { ++ char_u *swap_fname = curbuf->b_ml.ml_mfp->mf_fname; ++ ++ /* ++ * If the group-read bit is set but not the world-read bit, then ++ * the group must be equal to the group of the original file. If ++ * we can't make that happen then reset the group-read bit. This ++ * avoids making the swap file readable to more users when the ++ * primary group of the user is too permissive. ++ */ ++ if ((swap_mode & 044) == 040) ++ { ++ stat_T swap_st; ++ ++ if (mch_stat((char *)swap_fname, &swap_st) >= 0 ++ && st.st_gid != swap_st.st_gid ++ && fchown(curbuf->b_ml.ml_mfp->mf_fd, -1, st.st_gid) ++ == -1) ++ swap_mode &= 0600; ++ } ++ ++ (void)mch_setperm(swap_fname, (long)swap_mode); ++ } + #endif + } + +diff --git a/src/version.c b/src/version.c +index a5cb078f0..5c0df475f 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -770,6 +770,8 @@ static char *(features[]) = + static int included_patches[] = + { /* Add new patch number below this line */ + /**/ ++ 1263, ++/**/ + 983, + /**/ + 982, +-- +2.11.0 + diff --git a/meta-openembedded/meta-oe/recipes-support/vim/files/disable_acl_header_check.patch b/meta-openembedded/meta-oe/recipes-support/vim/files/disable_acl_header_check.patch new file mode 100644 index 0000000000..65e5f58c61 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/vim/files/disable_acl_header_check.patch @@ -0,0 +1,27 @@ +Upstream-Status: pending + +Don't check 'sys/acl.h' if acl support disabled for vim/vim-tiny. + +Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> +================================================ +diff --git a/src/configure.ac b/src/configure.ac +index fb965e5..d734064 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -2511,7 +2511,7 @@ AC_CHECK_HEADERS(stdarg.h stdint.h stdlib.h string.h \ + sys/systeminfo.h locale.h sys/stream.h termios.h \ + libc.h sys/statfs.h poll.h sys/poll.h pwd.h \ + utime.h sys/param.h libintl.h libgen.h \ +- util/debug.h util/msg18n.h frame.h sys/acl.h \ ++ util/debug.h util/msg18n.h frame.h \ + sys/access.h sys/sysinfo.h wchar.h wctype.h) + + dnl sys/ptem.h depends on sys/stream.h on Solaris +@@ -3112,6 +3112,7 @@ AC_ARG_ENABLE(acl, + , [enable_acl="yes"]) + if test "$enable_acl" = "yes"; then + AC_MSG_RESULT(no) ++AC_CHECK_HEADERS(sys/acl.h) + AC_CHECK_LIB(posix1e, acl_get_file, [LIBS="$LIBS -lposix1e"], + AC_CHECK_LIB(acl, acl_get_file, [LIBS="$LIBS -lacl" + AC_CHECK_LIB(attr, fgetxattr, LIBS="$LIBS -lattr",,)],,),) diff --git a/meta-openembedded/meta-oe/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch b/meta-openembedded/meta-oe/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch new file mode 100644 index 0000000000..6c620f9f27 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch @@ -0,0 +1,38 @@ +vim: add knob whether elf.h are checked + +Previously, it still was checked when there was no elf library in sysroots directory. +Add knob to decide whether elf.h are checked or not. + +Upstream-status: Pending + +Signed-off-by: Chong Lu <Chong.Lu@windriver.com> +--- + src/configure.ac | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/configure.ac b/src/configure.ac +index d734064..f504fa6 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -2483,11 +2483,18 @@ AC_TRY_COMPILE([#include <stdio.h>], [int x __attribute__((unused));], + AC_MSG_RESULT(no)) + + dnl Checks for header files. ++AC_MSG_CHECKING(whether or not to look for elf.h) ++AC_ARG_ENABLE(elf-check, ++ [ --enable-elf-check If elfutils, check for elf.h [default=no]], ++ , enable_elf_check="no") ++AC_MSG_RESULT($enable_elf_check) ++if test "x$enable_elf_check" != "xno"; then + AC_CHECK_HEADER(elf.h, HAS_ELF=1) + dnl AC_CHECK_HEADER(dwarf.h, SVR4=1) + if test "$HAS_ELF" = 1; then + AC_CHECK_LIB(elf, main) + fi ++fi + + AC_HEADER_DIRENT + +-- +1.7.9.5 + diff --git a/meta-openembedded/meta-oe/recipes-support/vim/vim-tiny_8.0.0983.bb b/meta-openembedded/meta-oe/recipes-support/vim/vim-tiny_8.0.0983.bb new file mode 100644 index 0000000000..bb8f2b7eae --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/vim/vim-tiny_8.0.0983.bb @@ -0,0 +1,13 @@ +require vim_${PV}.bb + +SUMMARY += " (with tiny features)" + +PACKAGECONFIG += "tiny" + +do_install() { + install -d ${D}/${bindir} + install -m 0755 ${S}/vim ${D}/${bindir}/vim.tiny +} + +ALTERNATIVE_PRIORITY = "90" +ALTERNATIVE_TARGET = "${bindir}/vim.tiny" diff --git a/meta-openembedded/meta-oe/recipes-support/vim/vim_8.0.0983.bb b/meta-openembedded/meta-oe/recipes-support/vim/vim_8.0.0983.bb new file mode 100644 index 0000000000..44c868c74a --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/vim/vim_8.0.0983.bb @@ -0,0 +1,114 @@ +SUMMARY = "Vi IMproved - enhanced vi editor" +SECTION = "console/utils" +DEPENDS = "ncurses gettext-native" +# vimdiff doesn't like busybox diff +RSUGGESTS_${PN} = "diffutils" +LICENSE = "vim" +LIC_FILES_CHKSUM = "file://../runtime/doc/uganda.txt;md5=eea32ac1424bba14096736a494ae9045" + +SRC_URI = "git://github.com/vim/vim.git \ + file://disable_acl_header_check.patch;patchdir=.. \ + file://vim-add-knob-whether-elf.h-are-checked.patch;patchdir=.. \ + file://CVE-2017-17087.patch;patchdir=.. \ +" +SRCREV = "3f9a1ff141412e9e85f7dff47d02946cb9be9228" + +S = "${WORKDIR}/git/src" + +VIMDIR = "vim${@d.getVar('PV').split('.')[0]}${@d.getVar('PV').split('.')[1]}" + +inherit autotools-brokensep update-alternatives + +CLEANBROKEN = "1" + +# vim configure.in contains functions which got 'dropped' by autotools.bbclass +do_configure () { + rm -f auto/* + touch auto/config.mk + aclocal + autoconf + oe_runconf + touch auto/configure + touch auto/config.mk auto/config.h +} + +#Available PACKAGECONFIG options are gtkgui, acl, x11, tiny +PACKAGECONFIG ??= "" +PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'acl selinux', d)}" + +PACKAGECONFIG[gtkgui] = "--enable-gtk2-test --enable-gui=gtk2,--enable-gui=no,gtk+," +PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl," +PACKAGECONFIG[x11] = "--with-x,--without-x,xt," +PACKAGECONFIG[tiny] = "--with-features=tiny,--with-features=big,," +PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux," +PACKAGECONFIG[elfutils] = "--enable-elf-check,,elfutils," + +EXTRA_OECONF = " \ + --disable-gpm \ + --disable-gtktest \ + --disable-xim \ + --disable-netbeans \ + --with-tlib=ncurses \ + ac_cv_small_wchar_t=no \ + vim_cv_getcwd_broken=no \ + vim_cv_memmove_handles_overlap=yes \ + vim_cv_stat_ignores_slash=no \ + vim_cv_terminfo=yes \ + vim_cv_tgent=non-zero \ + vim_cv_toupper_broken=no \ + vim_cv_tty_group=world \ + STRIP=/bin/true \ +" + +do_install() { + autotools_do_install + + # Work around file-rdeps picking up csh, awk, perl or python as a dep + chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/vim132 + chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/mve.awk + chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/*.pl + chmod -x ${D}${datadir}/${BPN}/${VIMDIR}/tools/*.py + + # Install example vimrc from runtime files + install -m 0644 ../runtime/vimrc_example.vim ${D}/${datadir}/${BPN}/vimrc + + # we use --with-features=big as default + mv ${D}${bindir}/${BPN} ${D}${bindir}/${BPN}.${BPN} +} + +PARALLEL_MAKEINST = "" + +PACKAGES =+ "${PN}-common ${PN}-syntax ${PN}-help ${PN}-tutor ${PN}-vimrc ${PN}-tools" +FILES_${PN}-syntax = "${datadir}/${BPN}/${VIMDIR}/syntax" +FILES_${PN}-help = "${datadir}/${BPN}/${VIMDIR}/doc" +FILES_${PN}-tutor = "${datadir}/${BPN}/${VIMDIR}/tutor ${bindir}/${BPN}tutor" +FILES_${PN}-vimrc = "${datadir}/${BPN}/vimrc" +FILES_${PN}-data = "${datadir}/${BPN}" +FILES_${PN}-tools = "${datadir}/${BPN}/${VIMDIR}/tools" +FILES_${PN}-common = " \ + ${datadir}/${BPN}/${VIMDIR}/*.vim \ + ${datadir}/${BPN}/${VIMDIR}/autoload \ + ${datadir}/${BPN}/${VIMDIR}/colors \ + ${datadir}/${BPN}/${VIMDIR}/compiler \ + ${datadir}/${BPN}/${VIMDIR}/ftplugin \ + ${datadir}/${BPN}/${VIMDIR}/indent \ + ${datadir}/${BPN}/${VIMDIR}/keymap \ + ${datadir}/${BPN}/${VIMDIR}/lang \ + ${datadir}/${BPN}/${VIMDIR}/macros \ + ${datadir}/${BPN}/${VIMDIR}/plugin \ + ${datadir}/${BPN}/${VIMDIR}/print \ + ${datadir}/${BPN}/${VIMDIR}/spell \ + ${datadir}/icons \ +" + +RDEPENDS_${BPN} = "ncurses-terminfo-base" +# Recommend that runtime data is installed along with vim +RRECOMMENDS_${BPN} = "${PN}-syntax ${PN}-help ${PN}-tutor ${PN}-vimrc ${PN}-common" + +ALTERNATIVE_${PN} = "vi vim" +ALTERNATIVE_TARGET = "${bindir}/${BPN}.${BPN}" +ALTERNATIVE_LINK_NAME[vi] = "${base_bindir}/vi" +ALTERNATIVE_LINK_NAME[vim] = "${bindir}/vim" +ALTERNATIVE_PRIORITY = "100" + +BBCLASSEXTEND = "native" |