[OLPC-devel] Re: OLPC buildsystem cleanups

Jordan Crouse jordan.crouse at amd.com
Mon Aug 21 13:41:09 EDT 2006


On 21/08/06 19:16 +0200, Carl-Daniel U. Hailfinger wrote:
> Hi,
> 
> the attached patches change the OLPC build system to use relative payload paths instead of using a hardcoded file in /tmp which will sooner or later cause security problems. Additionally, a check for config file correctness has been added so you can't accidentially generate the wrong payload for a given LinuxBIOS config.

> -	payload /tmp/olpcpayload.elf
> +	payload ../../../../../../../../deploy/olpc-payload

I agree that using /tmp is a problem, but this is definitely not the way to
fix it.  First of all, it breaks LinuxBIOS only builds, and secondly, it 
is dependent on how buildrom works, which may or may not change on a 
moment's notice.  it would be smarter to use sed to modify the configuration
on the fly, as the attached patch indicates.

Jordan

-------------- next part --------------
LINUXBIOS:  Update the payload string to be more secure

From: Jordan Crouse <jordan.crouse at amd.com>


---

 packages/linuxbios/linuxbios.mk |    8 +++-----
 1 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/packages/linuxbios/linuxbios.mk b/packages/linuxbios/linuxbios.mk
index 8b2ffc2..2e35c30 100644
--- a/packages/linuxbios/linuxbios.mk
+++ b/packages/linuxbios/linuxbios.mk
@@ -47,16 +47,14 @@ endif
 	$(LINUXBIOS_VER) > $(LINUXBIOS_FETCH_LOG) 2>&1
 	@ touch $@
 
-# fix me sooner or later!
-/tmp/olpcpayload.elf: $(PAYLOAD_TARGET)
-	@ cp $< $@
-
 $(LINUXBIOS_STAMP_DIR)/.configured: $(LINUXBIOS_STAMP_DIR)/.unpacked_$(LINUXBIOS_VER)
+	@ cp -f $(LINUXBIOS_TARGET_DIR)/$(LINUXBIOS_CONFIG_NAME) $(LINUXBIOS_TARGET_DIR)/$(LINUXBIOS_CONFIG_NAME).orig
+	cat $(LINUXBIOS_TARGET_DIR)/$(LINUXBIOS_CONFIG_NAME).orig | sed -e 's:payload .*$$:payload $(PAYLOAD_TARGET):' > $(LINUXBIOS_TARGET_DIR)/$(LINUXBIOS_CONFIG_NAME)
 	@( cd $(LINUXBIOS_TARGET_DIR); \
 	./buildtarget $(LINUXBIOS_CONFIG_NAME) > $(LINUXBIOS_CONFIG_LOG) 2>&1)
 	@ touch $@
 
-$(LINUXBIOS_BUILD_DIR)/linuxbios.rom:  $(LINUXBIOS_STAMP_DIR)/.configured /tmp/olpcpayload.elf
+$(LINUXBIOS_BUILD_DIR)/linuxbios.rom:  $(LINUXBIOS_STAMP_DIR)/.configured $(PAYLOAD_TARGET) 
 	@ echo "Building linuxbios..."
 	@ make -C $(LINUXBIOS_BUILD_DIR) > $(LINUXBIOS_BUILD_LOG) 2>&1
 


More information about the Devel mailing list