15 files changed, 92 insertions, 174 deletions
diff --git a/meta/recipes-core/busybox/busybox-inittab_1.35.0.bb b/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
index 868d7a230f..6904a91930 100644
--- a/meta/recipes-core/busybox/busybox-inittab_1.35.0.bb
+++ b/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
@@ -15,14 +15,17 @@ do_compile() {
 do_install() {
 	install -d ${D}${sysconfdir}
 	install -D -m 0644 ${WORKDIR}/inittab ${D}${sysconfdir}/inittab
-	tmp="${SERIAL_CONSOLES}"
-	[ -n "$tmp" ] && echo >> ${D}${sysconfdir}/inittab
-	for i in $tmp
-	do
-		j=`echo ${i} | sed s/\;/\ /g`
-		id=`echo ${i} | sed -e 's/^.*;//' -e 's/;.*//'`
-		echo "$id::respawn:${base_sbindir}/getty ${j}" >> ${D}${sysconfdir}/inittab
-	done
+
+    CONSOLES="${SERIAL_CONSOLES}"
+    for s in $CONSOLES
+    do
+        speed=$(echo $s | cut -d\; -f 1)
+        device=$(echo $s | cut -d\; -f 2)
+        label=$(echo $device | sed -e 's/tty//' | tail --bytes=5)
+
+        echo "$device::respawn:${sbindir}/ttyrun $device ${base_sbindir}/getty $speed $device" >> ${D}${sysconfdir}/inittab
+    done
+
 	if [ "${USE_VT}" = "1" ]; then
 		cat <<EOF >>${D}${sysconfdir}/inittab
 # ${base_sbindir}/getty invocations for the runlevels.
@@ -45,32 +48,6 @@ EOF
 
 }
 
-pkg_postinst:${PN} () {
-# run this on host and on target
-if [ "${SERIAL_CONSOLES_CHECK}" = "" ]; then
-       exit 0
-fi
-}
-
-pkg_postinst_ontarget:${PN} () {
-# run this on the target
-if [ -e /proc/consoles ]; then
-        tmp="${SERIAL_CONSOLES_CHECK}"
-        for i in $tmp
-        do
-                j=`echo ${i} | sed -e s/^.*\;//g -e s/\:.*//g`
-                k=`echo ${i} | sed s/^.*\://g`
-                if [ -z "`grep ${j} /proc/consoles`" ]; then
-                        if [ -z "${k}" ] || [ -z "`grep ${k} /proc/consoles`" ] || [ ! -e /dev/${j} ]; then
-                                sed -i -e /^.*${j}\ /d -e /^.*${j}$/d /etc/inittab
-                        fi
-                fi
-        done
-        kill -HUP 1
-else
-        exit 1
-fi
-}
 
 # SERIAL_CONSOLES is generally defined by the MACHINE .conf.
 # Set PACKAGE_ARCH appropriately.
@@ -79,6 +56,7 @@ PACKAGE_ARCH = "${MACHINE_ARCH}"
 FILES:${PN} = "${sysconfdir}/inittab"
 CONFFILES:${PN} = "${sysconfdir}/inittab"
 
+RDEPENDS:${PN} = "ttyrun"
 RCONFLICTS:${PN} = "sysvinit-inittab"
 
 USE_VT ?= "1"
diff --git a/meta/recipes-core/busybox/busybox.inc b/meta/recipes-core/busybox/busybox.inc
index 5f1c473d5e..f5d7c3f9c8 100644
--- a/meta/recipes-core/busybox/busybox.inc
+++ b/meta/recipes-core/busybox/busybox.inc
@@ -34,6 +34,7 @@ INITSCRIPT_PACKAGES = "${PN}-httpd ${PN}-syslog ${PN}-udhcpd ${PN}-mdev ${PN}-hw
 
 INITSCRIPT_NAME:${PN}-httpd = "busybox-httpd"
 INITSCRIPT_NAME:${PN}-hwclock = "hwclock.sh"
+INITSCRIPT_PARAMS:${PN}-hwclock = "start 40 S . stop 20 0 1 6 ."
 INITSCRIPT_NAME:${PN}-mdev = "mdev"
 INITSCRIPT_PARAMS:${PN}-mdev = "start 04 S ."
 INITSCRIPT_NAME:${PN}-syslog = "syslog"
@@ -138,19 +139,26 @@ do_configure () {
 	do_prepare_config
 	merge_config.sh -m .config ${@" ".join(find_cfgs(d))}
 	cml1_do_configure
+
+	# Save a copy of .config and autoconf.h.
+	cp .config .config.orig
+	cp include/autoconf.h include/autoconf.h.orig
 }
 
 do_compile() {
 	unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS
 	export KCONFIG_NOTIMESTAMP=1
 
+	# Ensure we start do_compile with the original .config and autoconf.h.
+	# These files should always have matching timestamps.
+	cp .config.orig .config
+	cp include/autoconf.h.orig include/autoconf.h
+
 	if [ "${BUSYBOX_SPLIT_SUID}" = "1" -a x`grep "CONFIG_FEATURE_INDIVIDUAL=y" .config` = x ]; then
+		# Guard againt interrupted do_compile: clean temporary files.
+		rm -f .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
+
 		# split the .config into two parts, and make two busybox binaries
-		if [ -e .config.orig ]; then
-			# Need to guard again an interrupted do_compile - restore any backup
-			cp .config.orig .config
-		fi
-		cp .config .config.orig
 		oe_runmake busybox.cfg.suid
 		oe_runmake busybox.cfg.nosuid
 
@@ -187,15 +195,18 @@ do_compile() {
 			bbfatal "busybox suid binary incorrectly provides /bin/sh"
 		fi
 
-		# copy .config.orig back to .config, because the install process may check this file
-		cp .config.orig .config
 		# cleanup
-		rm .config.orig .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
+		rm .config.app.suid .config.app.nosuid .config.disable.apps .config.nonapps
 	else
 		oe_runmake busybox_unstripped
 		cp busybox_unstripped busybox
 		oe_runmake busybox.links
 	fi
+
+	# restore original .config and autoconf.h, because the install process
+	# may check these files
+	cp .config.orig .config
+	cp include/autoconf.h.orig include/autoconf.h
 }
 
 do_install () {
diff --git a/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch b/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch
index 354f83a4a5..d76118f85b 100644
--- a/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch
+++ b/meta/recipes-core/busybox/busybox/0001-depmod-Ignore-.debug-directories.patch
@@ -21,7 +21,7 @@ index bb42bbe..aa5a2de 100644
  	/* Arbitrary. Was sb->st_size, but that breaks .gz etc */
  	size_t len = (64*1024*1024 - 4096);
  
-+	if (strstr(fname, ".debug") == NULL)
++	if (strstr(fname, ".debug") != NULL)
 +		return TRUE;
 +
  	if (strrstr(fname, ".ko") == NULL)
diff --git a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
index 4635250170..ceb3ad7250 100644
--- a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
+++ b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -5,7 +5,7 @@ Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
  returned for the hostname part
 
 CVE: CVE-2022-28391
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001]
 Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
 Signed-off-by: Steve Sakoman <steve@sakoman.com>
 ---
diff --git a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
index 0d7409ddc3..1dbc3388a4 100644
--- a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
+++ b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -8,7 +8,7 @@ Otherwise, terminal sequences can be injected, which enables various terminal in
 attacks from DNS results.
 
 CVE: CVE-2022-28391
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001]
 Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
 Signed-off-by: Steve Sakoman <steve@sakoman.com>
 ---
diff --git a/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch b/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch
deleted file mode 100644
index 25ad653b25..0000000000
--- a/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Fix use-after-free in awk.
-
-CVE: CVE-2022-30065
-Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2022-June/089768.html]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
-fixes https://bugs.busybox.net/show_bug.cgi?id=14781
-
-Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
----
- editors/awk.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index 079d0bde5..728ee8685 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -3128,6 +3128,9 @@ static var *evaluate(node *op, var *res)
- 
- 		case XC( OC_MOVE ):
- 			debug_printf_eval("MOVE\n");
-+			/* make sure that we never return a temp var */
-+			if (L.v == TMPVAR0)
-+				L.v = res;
- 			/* if source is a temporary string, jusk relink it to dest */
- 			if (R.v == TMPVAR1
- 			 && !(R.v->type & VF_NUMBER)
--- 
-2.36.1
diff --git a/meta/recipes-core/busybox/busybox/busybox-udhcpc-no_deconfig.patch b/meta/recipes-core/busybox/busybox/busybox-udhcpc-no_deconfig.patch
deleted file mode 100644
index 948932a3e8..0000000000
--- a/meta/recipes-core/busybox/busybox/busybox-udhcpc-no_deconfig.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 53626cd06a3ef05ed847daea802ef0aa9661caa7 Mon Sep 17 00:00:00 2001
-From: Anders Darander <anders@chargestorm.se>
-Date: Thu, 3 Nov 2011 08:51:31 +0100
-Subject: [PATCH] busybox-udhcpc-no_deconfig.patch
-
-Upstream-Status: Pending
-
-Add a new option -D to the udhcpc client that allows for
-dhcp renewal to occur without having to down the interface
-in the process.
-
-Signed-off-by: Greg Moffatt <greg.moffatt@windriver.com>
-
-Updated to latest Busybox 1.17.3
-
-Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
-
-Updated to Busybox 1.18.4
-option spec is changed
-
-Signed-off-by: Qing He <qing.he@intel.com>
-
-Updated to Busybox 1.19.3
-
-Signed-off-by: Anders Darander <anders@chargestorm.se>
-
-Fixed options -b, -a and -P.
-
-Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
----
- networking/udhcp/dhcpc.c                       | 29 ++++++++++++++++------
- 1 file changed, 21 insertions(+), 8 deletions(-)
-
-Index: busybox-1.34.0/networking/udhcp/dhcpc.c
-===================================================================
---- busybox-1.34.0.orig/networking/udhcp/dhcpc.c
-+++ busybox-1.34.0/networking/udhcp/dhcpc.c
-@@ -48,6 +48,8 @@
- };
- #endif
- 
-+/* option whether to down the interface when reconfiguring */
-+static int allow_deconfig = 1;
- 
- /* "struct client_data_t client_data" is in bb_common_bufsiz1 */
- 
-@@ -100,8 +102,10 @@
- 	OPT_x = 1 << 16,
- 	OPT_f = 1 << 17,
- 	OPT_B = 1 << 18,
-+	OPT_D = 1 << 19,
- /* The rest has variable bit positions, need to be clever */
- 	OPTBIT_B = 18,
-+	OPTBIT_D = 19,
- 	USE_FOR_MMU(             OPTBIT_b,)
- 	IF_FEATURE_UDHCPC_ARPING(OPTBIT_a,)
- 	IF_FEATURE_UDHCP_PORT(   OPTBIT_P,)
-@@ -587,7 +591,8 @@
- 
- static void d4_run_script_deconfig(void)
- {
--	d4_run_script(NULL, "deconfig");
-+	if (allow_deconfig)
-+		d4_run_script(NULL, "deconfig");
- }
- 
- /*** Sending/receiving packets ***/
-@@ -1244,7 +1249,7 @@
- 	/* Parse command line */
- 	opt = getopt32long(argv, "^"
- 		/* O,x: list; -T,-t,-A take numeric param */
--		"CV:F:i:np:qRr:s:T:+t:+SA:+O:*ox:*fB"
-+		"CV:F:i:np:qRr:s:T:+t:+SA:+O:*ox:*fBD"
- 		USE_FOR_MMU("b")
- 		IF_FEATURE_UDHCPC_ARPING("a::")
- 		IF_FEATURE_UDHCP_PORT("P:")
-@@ -1361,6 +1366,10 @@
- 		logmode |= LOGMODE_SYSLOG;
- 	}
- 
-+	if (opt & OPT_D) {
-+		allow_deconfig = 0;
-+	}
-+
- 	/* Create pidfile */
- 	write_pidfile(client_data.pidfile);
- 	/* Goes to stdout (unless NOMMU) and possibly syslog */
diff --git a/meta/recipes-core/busybox/busybox/defconfig b/meta/recipes-core/busybox/busybox/defconfig
index 5e1e1f5638..f3d545dc3f 100644
--- a/meta/recipes-core/busybox/busybox/defconfig
+++ b/meta/recipes-core/busybox/busybox/defconfig
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
-# Busybox version: 1.35.0
-# Sun Dec 26 16:55:55 2021
+# Busybox version: 1.36.0
+# Tue Jan  3 14:17:01 2023
 #
 CONFIG_HAVE_DOT_CONFIG=y
 
@@ -123,6 +123,9 @@ CONFIG_UNICODE_WIDE_WCHARS=y
 # CONFIG_UNICODE_BIDI_SUPPORT is not set
 # CONFIG_UNICODE_NEUTRAL_TABLE is not set
 # CONFIG_UNICODE_PRESERVE_BROKEN is not set
+# CONFIG_LOOP_CONFIGURE is not set
+# CONFIG_NO_LOOP_CONFIGURE is not set
+CONFIG_TRY_LOOP_CONFIGURE=y
 
 #
 # Applets
@@ -338,6 +341,7 @@ CONFIG_FEATURE_TR_CLASSES=y
 # CONFIG_FEATURE_TR_EQUIV is not set
 CONFIG_TRUE=y
 # CONFIG_TRUNCATE is not set
+# CONFIG_TSORT is not set
 CONFIG_TTY=y
 CONFIG_UNAME=y
 CONFIG_UNAME_OSNAME="GNU/Linux"
@@ -831,10 +835,12 @@ CONFIG_MICROCOM=y
 CONFIG_RFKILL=y
 # CONFIG_RUNLEVEL is not set
 # CONFIG_RX is not set
+# CONFIG_SEEDRNG is not set
 # CONFIG_SETFATTR is not set
 # CONFIG_SETSERIAL is not set
 CONFIG_STRINGS=y
 CONFIG_TIME=y
+# CONFIG_TREE is not set
 CONFIG_TS=y
 # CONFIG_TTYSIZE is not set
 # CONFIG_UBIATTACH is not set
@@ -1184,7 +1190,7 @@ CONFIG_ASH_CMDCMD=y
 # Options common to all shells
 #
 CONFIG_FEATURE_SH_MATH=y
-# CONFIG_FEATURE_SH_MATH_64 is not set
+CONFIG_FEATURE_SH_MATH_64=y
 CONFIG_FEATURE_SH_MATH_BASE=y
 CONFIG_FEATURE_SH_EXTRA_QUIET=y
 # CONFIG_FEATURE_SH_STANDALONE is not set
diff --git a/meta/recipes-core/busybox/busybox/musl.cfg b/meta/recipes-core/busybox/busybox/musl.cfg
index 6fffc91098..ba63def1ba 100644
--- a/meta/recipes-core/busybox/busybox/musl.cfg
+++ b/meta/recipes-core/busybox/busybox/musl.cfg
@@ -7,5 +7,4 @@
 # CONFIG_FEATURE_INETD_RPC is not set
 # CONFIG_SELINUXENABLED is not set
 # CONFIG_FEATURE_MOUNT_NFS is not set
-# CONFIG_FEATURE_UTMP is not set
 
diff --git a/meta/recipes-core/busybox/busybox/recognize_connmand.patch b/meta/recipes-core/busybox/busybox/recognize_connmand.patch
index f42c74caad..4f28beb556 100644
--- a/meta/recipes-core/busybox/busybox/recognize_connmand.patch
+++ b/meta/recipes-core/busybox/busybox/recognize_connmand.patch
@@ -4,14 +4,14 @@ Upstream-Status: Inappropriate [OE-Core]
 
 Signed-off-by: Saul Wold <sgw@linux.intel.com>
 
-Index: busybox-1.22.1/networking/ifupdown.c
+Index: busybox-1.36.0/networking/ifupdown.c
 ===================================================================
---- busybox-1.22.1.orig/networking/ifupdown.c
-+++ busybox-1.22.1/networking/ifupdown.c
-@@ -521,6 +521,10 @@ struct dhcp_client_t {
+--- busybox-1.36.0.orig/networking/ifupdown.c
++++ busybox-1.36.0/networking/ifupdown.c
+@@ -628,6 +628,10 @@ struct dhcp_client_t {
  };
  
- static const struct dhcp_client_t ext_dhcp_clients[] = {
+ static const struct dhcp_client_t ext_dhcp_clients[] ALIGN_PTR = {
 +	{ "connmand",
 +		"true",
 +		"true",
diff --git a/meta/recipes-core/busybox/busybox/sha1sum.cfg b/meta/recipes-core/busybox/busybox/sha1sum.cfg
index 20e72d9263..afd4da4ea1 100644
--- a/meta/recipes-core/busybox/busybox/sha1sum.cfg
+++ b/meta/recipes-core/busybox/busybox/sha1sum.cfg
@@ -1 +1,2 @@
 CONFIG_SHA1SUM=y
+CONFIG_SHA1_SMALL=3
diff --git a/meta/recipes-core/busybox/busybox/sha_accel.cfg b/meta/recipes-core/busybox/busybox/sha_accel.cfg
new file mode 100644
index 0000000000..8900305a11
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/sha_accel.cfg
@@ -0,0 +1,2 @@
+# CONFIG_SHA256_HWACCEL is not set
+# CONFIG_SHA1_HWACCEL is not set
diff --git a/meta/recipes-core/busybox/busybox/start-stop-false.patch b/meta/recipes-core/busybox/busybox/start-stop-false.patch
new file mode 100644
index 0000000000..3aef68329c
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/start-stop-false.patch
@@ -0,0 +1,35 @@
+It's known that the final start-stop-daemon test fails if /bin/false is
+actually a busybox symlink.  Instead of failing, check if false is
+busybox and adapt the expected output to match.
+
+Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2023-August/090416.html]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+diff --git a/testsuite/start-stop-daemon.tests b/testsuite/start-stop-daemon.tests
+index 0757b1288..aa6e9cc41 100755
+--- a/testsuite/start-stop-daemon.tests
++++ b/testsuite/start-stop-daemon.tests
+@@ -27,10 +27,18 @@ testing "start-stop-daemon without -x and -a" \
+ # but at least it checks that pathname to exec() is correct
+ #
+ # NB: this fails if /bin/false is a busybox symlink:
+-# busybox looks at argv[0] and says "qwerty: applet not found"
+-testing "start-stop-daemon with both -x and -a" \
+-	'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
+-	"1\n" \
+-	"" ""
++# busybox looks at argv[0] and says "qwerty: applet not found", so
++# skip the test if false is busybox.
++case $(readlink /bin/false) in
++    *busybox*)
++        echo "SKIPPED: start-stop-daemon with both -x and -a (need non-busybox false)"
++        ;;
++    *)
++		testing "start-stop-daemon with both -x and -a" \
++			'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
++			"1\n" \
++			"" ""
++        ;;
++esac
+ 
+ exit $FAILCOUNT
diff --git a/meta/recipes-core/busybox/busybox_1.35.0.bb b/meta/recipes-core/busybox/busybox_1.36.1.bb
index edf896485e..373a6b7781 100644
--- a/meta/recipes-core/busybox/busybox_1.35.0.bb
+++ b/meta/recipes-core/busybox/busybox_1.36.1.bb
@@ -2,7 +2,6 @@ require busybox.inc
 
 SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://0001-depmod-Ignore-.debug-directories.patch \
-           file://busybox-udhcpc-no_deconfig.patch \
            file://find-touchscreen.sh \
            file://busybox-cron \
            file://busybox-httpd \
@@ -49,8 +48,9 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
            file://0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch \
            file://0002-nslookup-sanitize-all-printed-strings-with-printable.patch \
-           file://CVE-2022-30065.patch \
+           file://start-stop-false.patch \
            "
 SRC_URI:append:libc-musl = " file://musl.cfg "
-
-SRC_URI[tarball.sha256sum] = "faeeb244c35a348a334f4a59e44626ee870fb07b6884d68c10ae8bc19f83a694"
+# TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html
+SRC_URI:append:x86 = " file://sha_accel.cfg"
+SRC_URI[tarball.sha256sum] = "b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314"
diff --git a/meta/recipes-core/busybox/files/syslog b/meta/recipes-core/busybox/files/syslog
index 2208613e8c..a4fea30ab7 100644
--- a/meta/recipes-core/busybox/files/syslog
+++ b/meta/recipes-core/busybox/files/syslog
@@ -10,6 +10,8 @@
 
 set -e
 
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+
 if [ -f /etc/syslog-startup.conf ]; then
 	. /etc/syslog-startup.conf
 	LOG_LOCAL=0