Gitiles
Code Review Sign In
gerrit.openbmc.org / mdmillerii / openbmc / b74a158fa89ffb582d9c07deb577ce0ba3b5f786
commitb74a158fa89ffb582d9c07deb577ce0ba3b5f786[log] [tgz]
authorMilton Miller <miltonm@us.ibm.com>Thu Jun 16 16:58:21 2016 -0500
committerMilton Miller <miltonm@us.ibm.com>Wed Jun 22 17:56:45 2016 -0500
tree7c6aec2dee8092e2c0d87d4281adcaa65197179d
parent3773b57422037a7facf674f6bc1cd530ef71a038 [diff]
initfs: update: Sanitze whitelist directory entries

Repeatedly strip trailing / and /. from whitelist entries and
fail if an entry includes /../ or ends with /.. or doesn't start
with a /.  Also use the entries quoted to avoid any glob.

It was noticed the save code was saving directories that ended in /
into a subdirectory of the last component name.  This was traced
the the code creating the directory just stripping the last /
and then copying to the directory.

Choose to sanitize the entry where possible for ease of use verses
a small performance penality.

Signed-off-by: Milton Miller <miltonm@us.ibm.com>
1 file changed
tree: 7c6aec2dee8092e2c0d87d4281adcaa65197179d
  1. meta-openbmc-bsp/
  2. meta-openbmc-machines/
  3. meta-phosphor/
  4. yocto-poky/
  5. bitbakeyocto-poky/bitbake
  6. documentationyocto-poky/documentation
  7. LICENSEyocto-poky/LICENSE
  8. metayocto-poky/meta
  9. meta-selftestyocto-poky/meta-selftest
  10. meta-skeletonyocto-poky/meta-skeleton
  11. meta-yoctoyocto-poky/meta-yocto
  12. meta-yocto-bspyocto-poky/meta-yocto-bsp
  13. oe-init-build-envyocto-poky/oe-init-build-env
  14. oe-init-build-env-memresyocto-poky/oe-init-build-env-memres
  15. scriptsyocto-poky/scripts
  16. .gitignore
  17. .templateconf
  18. openbmc-env
  19. README.md
README.md

OpenBMC

Build Status

Building

OpenBMC uses Yocto/Open-Embedded for a build system, which supports an out-of-tree build. It is recommended that you create an empty directory somewhere to hold the build. This directory will get big.

On Ubuntu 14.04 the following packages are required to build the default target

sudo apt-get install -y git build-essential libsdl1.2-dev texinfo gawk chrpath diffstat

On Fedora 23 the following packages are required to build the default target:

sudo dnf install -y git patch diffstat texinfo chrpath SDL-devel bitbake
sudo dnf groupinstall "C Development Tools and Libraries"

To start a build:

cd <builddir>
. <repodir>/openbmc-env
bitbake obmc-phosphor-image