aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStefan K. Berg <stefan.k.berg@ericsson.com>2016-04-22 12:48:25 +0200
committerStefan Berg <stefan.k.berg@ericsson.com>2016-04-22 21:08:01 +0000
commitf544e413ecbbaa25d36f2336bb703565afc8fb38 (patch)
treec537bc2598e9573c734322d69f56b483a6815215
parentc6e6a032ce80f6b8a781383ebe72f3ca9572b268 (diff)
Correction due to changed cpio behavior
As part of a security fix for cpio, its behavior has changed in terms of how symlinks are handled. This is affecting the Fuel build process, for which this commit is a fix (reverting cpio back to its original behavior by adding the argument "--extract-over-symlinks" in those instances where this is needed). For details, see https://jira.opnfv.org/browse/FUEL-125 Change-Id: I455b11a16ad52d8dd09165165447e4c4a661b45a Signed-off-by: Stefan K. Berg <stefan.k.berg@ericsson.com> (cherry picked from commit 2b419db5c9325c6a87f1ea160c42235a1e8ec083)
-rw-r--r--build/Makefile2
-rw-r--r--build/fuel-main_cpio.patch36
2 files changed, 38 insertions, 0 deletions
diff --git a/build/Makefile b/build/Makefile
index a76c44e..ca704c0 100644
--- a/build/Makefile
+++ b/build/Makefile
@@ -109,6 +109,8 @@ $(ISOCACHE):
cd /tmp/fuel-main && patch -f -p0 < $(TOPDIR)/fuel-main_5.patch
# Patch for using the Czech Fuel mirror
# cd /tmp/fuel-main && patch -p0 < $(TOPDIR)/fuel-main_7.patch
+ # Patch to counteract new cpio behavior
+ cd /tmp/fuel-main && patch -p0 < $(TOPDIR)/fuel-main_cpio.patch
# Remove Docker optimizations, otherwise multistrap will fail during
# Fuel build.
sudo rm -f /etc/apt/apt.conf.d/docker*
diff --git a/build/fuel-main_cpio.patch b/build/fuel-main_cpio.patch
new file mode 100644
index 0000000..37bc10f
--- /dev/null
+++ b/build/fuel-main_cpio.patch
@@ -0,0 +1,36 @@
+*** bootstrap/module.mk.orig 2016-04-22 15:30:34.872016256 +0200
+--- bootstrap/module.mk 2016-04-22 15:31:32.241993497 +0200
+***************
+*** 1,3 ****
+--- 1,6 ----
++ CPIOARGS = $(shell cpio --extract-over-symlinks -o </dev/null \
++ >/dev/null 2>&1 && echo "--extract-over-symlinks")
++
+ .PHONY: bootstrap clean clean-bootstrap
+
+ bootstrap: $(ARTS_DIR)/$(BOOTSTRAP_ART_NAME)
+***************
+*** 231,241 ****
+
+ # Installing kernel modules
+ find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_PATTERN)' | xargs rpm2cpio | \
+! ( cd $(INITRAMROOT); sudo cpio -idm './lib/modules/*' './boot/vmlinuz*' )
+ find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_FIRMWARE_PATTERN)' | xargs rpm2cpio | \
+! ( cd $(INITRAMROOT); sudo cpio -idm './lib/firmware/*' )
+ find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name 'libmlx4*' | xargs rpm2cpio | \
+! ( cd $(INITRAMROOT); sudo cpio -idm './etc/*' './usr/lib64/*' )
+ for version in `ls -1 $(INITRAMROOT)/lib/modules`; do \
+ sudo depmod -b $(INITRAMROOT) $$version; \
+ done
+--- 234,244 ----
+
+ # Installing kernel modules
+ find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_PATTERN)' | xargs rpm2cpio | \
+! ( cd $(INITRAMROOT); sudo cpio $(CPIOARGS) -idm './lib/modules/*' './boot/vmlinuz*' )
+ find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name '$(KERNEL_FIRMWARE_PATTERN)' | xargs rpm2cpio | \
+! ( cd $(INITRAMROOT); sudo cpio $(CPIOARGS) -idm './lib/firmware/*' )
+ find $(LOCAL_MIRROR_CENTOS_OS_BASEURL) -name 'libmlx4*' | xargs rpm2cpio | \
+! ( cd $(INITRAMROOT); sudo cpio $(CPIOARGS) -idm './etc/*' './usr/lib64/*' )
+ for version in `ls -1 $(INITRAMROOT)/lib/modules`; do \
+ sudo depmod -b $(INITRAMROOT) $$version; \
+ done