[gentoo-commits] repo/gentoo:master commit in: sys-apps/busybox/, sys-apps/busybox/files/

["Sam James" <sam@gentoo.org>]

commit:     0d7891fb673467a8f74f7aec5a5bc166b078e2ae
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Apr 12 07:33:00 2023 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Apr 12 07:35:04 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0d7891fb

sys-apps/busybox: backport FORTIFY_SOURCE=3 (build) fix; ed UB fix

Closes: https://bugs.gentoo.org/893776
Thanks-to: Arsen Arsenović <arsen <AT> gentoo.org>
Signed-off-by: Sam James <sam <AT> gentoo.org>

 sys-apps/busybox/busybox-1.34.1-r2.ebuild          | 367 ++++++++++++++++++++
 sys-apps/busybox/busybox-1.35.0-r2.ebuild          | 368 +++++++++++++++++++++
 .../busybox-1.36.0-ed-memcpy-overlapping.patch     |  38 +++
 .../busybox-1.36.0-fortify-source-3-fixdep.patch   |  32 ++
 4 files changed, 805 insertions(+)

diff --git a/sys-apps/busybox/busybox-1.34.1-r2.ebuild b/sys-apps/busybox/busybox-1.34.1-r2.ebuild
new file mode 100644
index 000000000000..d9a0625448df
--- /dev/null
+++ b/sys-apps/busybox/busybox-1.34.1-r2.ebuild
@@ -0,0 +1,367 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# See `man savedconfig.eclass` for info on how to use USE=savedconfig.
+
+EAPI=7
+
+inherit eapi8-dosym flag-o-matic savedconfig toolchain-funcs
+
+DESCRIPTION="Utilities for rescue and embedded systems"
+HOMEPAGE="https://www.busybox.net/"
+if [[ ${PV} == "9999" ]] ; then
+	MY_P="${P}"
+	EGIT_REPO_URI="https://git.busybox.net/busybox"
+	inherit git-r3
+else
+	MY_P="${PN}-${PV/_/-}"
+	SRC_URI="https://www.busybox.net/downloads/${MY_P}.tar.bz2"
+	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+fi
+
+LICENSE="GPL-2" # GPL-2 only
+SLOT="0"
+IUSE="debug ipv6 livecd make-symlinks math mdev pam selinux sep-usr static syslog systemd"
+REQUIRED_USE="pam? ( !static )"
+RESTRICT="test"
+
+# TODO: Could make pkgconfig conditional on selinux? bug #782829
+RDEPEND="
+	!static? (
+		virtual/libc
+		virtual/libcrypt:=
+		selinux? ( sys-libs/libselinux )
+	)
+	pam? ( sys-libs/pam )
+"
+DEPEND="${RDEPEND}
+	static? (
+		virtual/libcrypt[static-libs]
+		selinux? ( sys-libs/libselinux[static-libs(+)] )
+	)
+	sys-kernel/linux-headers"
+BDEPEND="virtual/pkgconfig"
+
+S="${WORKDIR}/${MY_P}"
+
+busybox_config_option() {
+	local flag=$1 ; shift
+	if [[ ${flag} != [yn] && ${flag} != \"* ]] ; then
+		busybox_config_option $(usex ${flag} y n) "$@"
+		return
+	fi
+	local expr
+	while [[ $# -gt 0 ]] ; do
+		case ${flag} in
+		y) expr="s:.*\<CONFIG_$1\>.*set:CONFIG_$1=y:g" ;;
+		n) expr="s:CONFIG_$1=y:# CONFIG_$1 is not set:g" ;;
+		*) expr="s:.*\<CONFIG_$1\>.*:CONFIG_$1=${flag}:g" ;;
+		esac
+		sed -i -e "${expr}" .config || die
+		einfo "$(grep "CONFIG_$1[= ]" .config || echo "Could not find CONFIG_$1 ...")"
+		shift
+	done
+}
+
+busybox_config_enabled() {
+	local val=$(sed -n "/^CONFIG_$1=/s:^[^=]*=::p" .config)
+	case ${val} in
+	"") return 1 ;;
+	y)  return 0 ;;
+	*)  echo "${val}" | sed -r 's:^"(.*)"$:\1:' ;;
+	esac
+}
+
+# patches go here!
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.26.2-bb.patch
+	"${FILESDIR}"/${PN}-1.34.1-skip-selinux-search.patch
+
+	"${FILESDIR}"/${PN}-1.36.0-ed-memcpy-overlapping.patch
+	"${FILESDIR}"/${PN}-1.36.0-fortify-source-3-fixdep.patch
+
+	# "${FILESDIR}"/${P}-*.patch
+)
+
+src_prepare() {
+	default
+	unset KBUILD_OUTPUT #88088
+	append-flags -fno-strict-aliasing #310413
+	use ppc64 && append-flags -mminimal-toc #130943
+
+	cp "${FILESDIR}"/ginit.c init/ || die
+
+	# flag cleanup
+	sed -i -r \
+		-e 's:[[:space:]]?-(Werror|Os|falign-(functions|jumps|loops|labels)=1|fomit-frame-pointer)\>::g' \
+		Makefile.flags || die
+	#sed -i '/bbsh/s:^//::' include/applets.h
+	sed -i '/^#error Aborting compilation./d' applets/applets.c || die
+	use elibc_glibc && sed -i 's:-Wl,--gc-sections::' Makefile
+	sed -i \
+		-e "/^CROSS_COMPILE/s:=.*:= ${CHOST}-:" \
+		-e "/^AR\>/s:=.*:= $(tc-getAR):" \
+		-e "/^CC\>/s:=.*:= $(tc-getCC):" \
+		-e "/^HOSTCC/s:=.*:= $(tc-getBUILD_CC):" \
+		-e "/^PKG_CONFIG\>/s:=.*:= $(tc-getPKG_CONFIG):" \
+		Makefile || die
+	sed -i \
+		-e 's:-static-libgcc::' \
+		Makefile.flags || die
+}
+
+src_configure() {
+	# check for a busybox config before making one of our own.
+	# if one exist lets return and use it.
+
+	restore_config .config
+	if [ -f .config ]; then
+		yes "" | emake -j1 -s oldconfig >/dev/null
+		return 0
+	else
+		ewarn "Could not locate user configfile, so we will save a default one"
+	fi
+
+	# setting SKIP_SELINUX skips searching for selinux at this stage. We don't
+	# need to search now in case we end up not needing it after all.
+	# setup the config file
+	emake -j1 -s allyesconfig SKIP_SELINUX=$(usex selinux n y) >/dev/null #620918
+	# nommu forces a bunch of things off which we want on #387555
+	busybox_config_option n NOMMU
+	sed -i '/^#/d' .config
+	yes "" | emake -j1 -s oldconfig SKIP_SELINUX=$(usex selinux n y) >/dev/null #620918
+
+	# now turn off stuff we really don't want
+	busybox_config_option n DMALLOC
+	busybox_config_option n FEATURE_2_4_MODULES #607548
+	busybox_config_option n FEATURE_SUID_CONFIG
+	busybox_config_option n BUILD_AT_ONCE
+	busybox_config_option n BUILD_LIBBUSYBOX
+	busybox_config_option n FEATURE_CLEAN_UP
+	busybox_config_option n MONOTONIC_SYSCALL
+	busybox_config_option n USE_PORTABLE_CODE
+	busybox_config_option n WERROR
+	# CONFIG_MODPROBE_SMALL=y disables depmod.c and uses a smaller one that
+	# does not support -b. Setting this to no creates slightly larger and
+	# slightly more useful modutils
+	busybox_config_option n MODPROBE_SMALL #472464
+	# triming the BSS size may be dangerous
+	busybox_config_option n FEATURE_USE_BSS_TAIL
+
+	# These cause trouble with musl.
+	if use elibc_musl; then
+		busybox_config_option n FEATURE_UTMP
+		busybox_config_option n EXTRA_COMPAT
+		busybox_config_option n FEATURE_VI_REGEX_SEARCH
+	fi
+
+	# Disable standalone shell mode when using make-symlinks, else Busybox calls its
+	# applets by default without looking up in PATH.
+	# This also enables users to disable a builtin by deleting the corresponding symlink.
+	if use make-symlinks; then
+		busybox_config_option n FEATURE_PREFER_APPLETS
+		busybox_config_option n FEATURE_SH_STANDALONE
+	fi
+
+	# If these are not set and we are using a busybox setup
+	# all calls to system() will fail.
+	busybox_config_option y ASH
+	busybox_config_option y SH_IS_ASH
+	busybox_config_option n HUSH
+	busybox_config_option n SH_IS_HUSH
+
+	busybox_config_option '"/run"' PID_FILE_PATH
+	busybox_config_option '"/run/ifstate"' IFUPDOWN_IFSTATE_PATH
+
+	# disable ipv6 applets
+	if ! use ipv6; then
+		busybox_config_option n FEATURE_IPV6
+		busybox_config_option n TRACEROUTE6
+		busybox_config_option n PING6
+		busybox_config_option n UDHCPC6
+	fi
+
+	busybox_config_option pam PAM
+	busybox_config_option static STATIC
+	busybox_config_option syslog {K,SYS}LOGD LOGGER
+	busybox_config_option systemd FEATURE_SYSTEMD
+	busybox_config_option math FEATURE_AWK_LIBM
+
+	# all the debug options are compiler related, so punt them
+	busybox_config_option n DEBUG_SANITIZE
+	busybox_config_option n DEBUG
+	busybox_config_option y NO_DEBUG_LIB
+	busybox_config_option n DMALLOC
+	busybox_config_option n EFENCE
+	busybox_config_option $(usex debug y n) TFTP_DEBUG
+
+	busybox_config_option selinux SELINUX
+
+	# this opt only controls mounting with <linux-2.6.23
+	busybox_config_option n FEATURE_MOUNT_NFS
+
+	# glibc-2.26 and later does not ship RPC implientation
+	busybox_config_option n FEATURE_HAVE_RPC
+	busybox_config_option n FEATURE_INETD_RPC
+
+	# default a bunch of uncommon options to off
+	local opt
+	for opt in \
+		ADD_SHELL \
+		BEEP BOOTCHARTD \
+		CRONTAB \
+		DC DEVFSD DNSD DPKG{,_DEB} \
+		FAKEIDENTD FBSPLASH FOLD FSCK_MINIX FTP{GET,PUT} \
+		FEATURE_DEVFS \
+		HOSTID HUSH \
+		INETD INOTIFYD IPCALC \
+		LOCALE_SUPPORT LOGNAME LPD \
+		MAKEMIME MKFS_MINIX MSH \
+		OD \
+		RDEV READPROFILE REFORMIME REMOVE_SHELL RFKILL RUN_PARTS RUNSV{,DIR} \
+		SLATTACH SMEMCAP SULOGIN SV{,LOGD} \
+		TASKSET TCPSVD \
+		RPM RPM2CPIO \
+		UDPSVD UUDECODE UUENCODE
+	do
+		busybox_config_option n ${opt}
+	done
+
+	emake -j1 oldconfig > /dev/null
+}
+
+src_compile() {
+	unset KBUILD_OUTPUT #88088
+	export SKIP_STRIP=y
+
+	emake V=1 busybox
+
+	# bug #701512
+	emake V=1 doc
+}
+
+src_install() {
+	unset KBUILD_OUTPUT #88088
+	save_config .config
+
+	into /
+	dodir /bin
+	if use sep-usr ; then
+		# install /ginit to take care of mounting stuff
+		exeinto /
+		newexe busybox_unstripped ginit
+		dosym /ginit /bin/bb
+		dosym bb /bin/busybox
+	else
+		newbin busybox_unstripped busybox
+		dosym busybox /bin/bb
+	fi
+	if use mdev ; then
+		dodir /$(get_libdir)/mdev/
+		use make-symlinks || dosym /bin/bb /sbin/mdev
+		cp "${S}"/examples/mdev_fat.conf "${ED}"/etc/mdev.conf || die
+		if [[ ! "$(get_libdir)" == "lib" ]]; then
+			sed -i -e "s:/lib/:/$(get_libdir)/:g" "${ED}"/etc/mdev.conf || die #831251 - replace lib with lib64 where appropriate
+		fi
+
+		exeinto /$(get_libdir)/mdev/
+		doexe "${FILESDIR}"/mdev/*
+
+		newinitd "${FILESDIR}"/mdev.initd mdev
+	fi
+	if use livecd ; then
+		dosym busybox /bin/vi
+	fi
+
+	# add busybox daemon's, bug #444718
+	if busybox_config_enabled FEATURE_NTPD_SERVER; then
+		newconfd "${FILESDIR}"/ntpd.confd busybox-ntpd
+		newinitd "${FILESDIR}"/ntpd.initd busybox-ntpd
+	fi
+	if busybox_config_enabled SYSLOGD; then
+		newconfd "${FILESDIR}"/syslogd.confd busybox-syslogd
+		newinitd "${FILESDIR}"/syslogd.initd busybox-syslogd
+	fi
+	if busybox_config_enabled KLOGD; then
+		newconfd "${FILESDIR}"/klogd.confd busybox-klogd
+		newinitd "${FILESDIR}"/klogd.initd busybox-klogd
+	fi
+	if busybox_config_enabled WATCHDOG; then
+		newconfd "${FILESDIR}"/watchdog.confd busybox-watchdog
+		newinitd "${FILESDIR}"/watchdog.initd busybox-watchdog
+	fi
+	if busybox_config_enabled UDHCPC; then
+		sed -i 's:$((metric++)):$metric; metric=$((metric + 1)):' examples/udhcp/simple.script || die #801535
+		local path=$(busybox_config_enabled UDHCPC_DEFAULT_SCRIPT)
+		exeinto "${path%/*}"
+		newexe examples/udhcp/simple.script "${path##*/}"
+	fi
+	if busybox_config_enabled UDHCPD; then
+		insinto /etc
+		doins examples/udhcp/udhcpd.conf
+	fi
+	if busybox_config_enabled ASH && ! use make-symlinks; then
+		dosym8 -r /bin/busybox /bin/ash
+	fi
+	if busybox_config_enabled CROND; then
+		newconfd "${FILESDIR}"/crond.confd busybox-crond
+		newinitd "${FILESDIR}"/crond.initd busybox-crond
+	fi
+
+	# bundle up the symlink files for use later
+	emake DESTDIR="${ED}" install
+	rm _install/bin/busybox || die
+	# for compatibility, provide /usr/bin/env
+	mkdir -p _install/usr/bin || die
+	if [[ ! -e _install/usr/bin/env ]]; then
+		ln -s /bin/env _install/usr/bin/env || die
+	fi
+	tar cf busybox-links.tar -C _install . || : #;die
+	insinto /usr/share/${PN}
+	use make-symlinks && doins busybox-links.tar
+
+	dodoc AUTHORS README TODO
+
+	cd docs || die
+	doman busybox.1
+	docinto txt
+	dodoc *.txt
+	docinto pod
+	dodoc *.pod
+	docinto html
+	dodoc *.html
+
+	cd ../examples || die
+	docinto examples
+	dodoc inittab depmod.pl *.conf *.script undeb unrpm
+
+	cd ../networking || die
+	dodoc httpd_indexcgi.c httpd_post_upload.cgi
+}
+
+pkg_preinst() {
+	if use make-symlinks ; then
+		mv "${ED}"/usr/share/${PN}/busybox-links.tar "${T}"/ || die
+	fi
+}
+
+pkg_postinst() {
+	savedconfig_pkg_postinst
+
+	if use make-symlinks ; then
+		cd "${T}" || die
+		mkdir _install
+		tar xf busybox-links.tar -C _install || die
+		echo n | cp -ivpPR _install/* "${ROOT}"/ || die "copying links for ${x} failed"
+	fi
+
+	if use sep-usr ; then
+		elog "In order to use the sep-usr support, you have to update your"
+		elog "kernel command line.  Add the option:"
+		elog "     init=/ginit"
+		elog "To launch a different init than /sbin/init, use:"
+		elog "     init=/ginit /sbin/yourinit"
+		elog "To get a rescue shell, you may boot with:"
+		elog "     init=/ginit bb"
+	fi
+}

diff --git a/sys-apps/busybox/busybox-1.35.0-r2.ebuild b/sys-apps/busybox/busybox-1.35.0-r2.ebuild
new file mode 100644
index 000000000000..ba000099c692
--- /dev/null
+++ b/sys-apps/busybox/busybox-1.35.0-r2.ebuild
@@ -0,0 +1,368 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# See `man savedconfig.eclass` for info on how to use USE=savedconfig.
+
+EAPI=7
+
+inherit eapi8-dosym flag-o-matic savedconfig toolchain-funcs
+
+DESCRIPTION="Utilities for rescue and embedded systems"
+HOMEPAGE="https://www.busybox.net/"
+if [[ ${PV} == "9999" ]] ; then
+	MY_P="${P}"
+	EGIT_REPO_URI="https://git.busybox.net/busybox"
+	inherit git-r3
+else
+	MY_P="${PN}-${PV/_/-}"
+	SRC_URI="https://www.busybox.net/downloads/${MY_P}.tar.bz2"
+	# unstable release - no keywords
+	# KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+fi
+
+LICENSE="GPL-2" # GPL-2 only
+SLOT="0"
+IUSE="debug ipv6 livecd make-symlinks math mdev pam selinux sep-usr static syslog systemd"
+REQUIRED_USE="pam? ( !static )"
+RESTRICT="test"
+
+# TODO: Could make pkgconfig conditional on selinux? bug #782829
+RDEPEND="
+	!static? (
+		virtual/libc
+		virtual/libcrypt:=
+		selinux? ( sys-libs/libselinux )
+	)
+	pam? ( sys-libs/pam )
+"
+DEPEND="${RDEPEND}
+	static? (
+		virtual/libcrypt[static-libs]
+		selinux? ( sys-libs/libselinux[static-libs(+)] )
+	)
+	sys-kernel/linux-headers"
+BDEPEND="virtual/pkgconfig"
+
+S="${WORKDIR}/${MY_P}"
+
+busybox_config_option() {
+	local flag=$1 ; shift
+	if [[ ${flag} != [yn] && ${flag} != \"* ]] ; then
+		busybox_config_option $(usex ${flag} y n) "$@"
+		return
+	fi
+	local expr
+	while [[ $# -gt 0 ]] ; do
+		case ${flag} in
+		y) expr="s:.*\<CONFIG_$1\>.*set:CONFIG_$1=y:g" ;;
+		n) expr="s:CONFIG_$1=y:# CONFIG_$1 is not set:g" ;;
+		*) expr="s:.*\<CONFIG_$1\>.*:CONFIG_$1=${flag}:g" ;;
+		esac
+		sed -i -e "${expr}" .config || die
+		einfo "$(grep "CONFIG_$1[= ]" .config || echo "Could not find CONFIG_$1 ...")"
+		shift
+	done
+}
+
+busybox_config_enabled() {
+	local val=$(sed -n "/^CONFIG_$1=/s:^[^=]*=::p" .config)
+	case ${val} in
+	"") return 1 ;;
+	y)  return 0 ;;
+	*)  echo "${val}" | sed -r 's:^"(.*)"$:\1:' ;;
+	esac
+}
+
+# patches go here!
+PATCHES=(
+	"${FILESDIR}"/${PN}-1.26.2-bb.patch
+	"${FILESDIR}"/${PN}-1.34.1-skip-selinux-search.patch
+
+	"${FILESDIR}"/${PN}-1.36.0-ed-memcpy-overlapping.patch
+	"${FILESDIR}"/${PN}-1.36.0-fortify-source-3-fixdep.patch
+
+	# "${FILESDIR}"/${P}-*.patch
+)
+
+src_prepare() {
+	default
+	unset KBUILD_OUTPUT #88088
+	append-flags -fno-strict-aliasing #310413
+	use ppc64 && append-flags -mminimal-toc #130943
+
+	cp "${FILESDIR}"/ginit.c init/ || die
+
+	# flag cleanup
+	sed -i -r \
+		-e 's:[[:space:]]?-(Werror|Os|falign-(functions|jumps|loops|labels)=1|fomit-frame-pointer)\>::g' \
+		Makefile.flags || die
+	#sed -i '/bbsh/s:^//::' include/applets.h
+	sed -i '/^#error Aborting compilation./d' applets/applets.c || die
+	use elibc_glibc && sed -i 's:-Wl,--gc-sections::' Makefile
+	sed -i \
+		-e "/^CROSS_COMPILE/s:=.*:= ${CHOST}-:" \
+		-e "/^AR\>/s:=.*:= $(tc-getAR):" \
+		-e "/^CC\>/s:=.*:= $(tc-getCC):" \
+		-e "/^HOSTCC/s:=.*:= $(tc-getBUILD_CC):" \
+		-e "/^PKG_CONFIG\>/s:=.*:= $(tc-getPKG_CONFIG):" \
+		Makefile || die
+	sed -i \
+		-e 's:-static-libgcc::' \
+		Makefile.flags || die
+}
+
+src_configure() {
+	# check for a busybox config before making one of our own.
+	# if one exist lets return and use it.
+
+	restore_config .config
+	if [ -f .config ]; then
+		yes "" | emake -j1 -s oldconfig >/dev/null
+		return 0
+	else
+		ewarn "Could not locate user configfile, so we will save a default one"
+	fi
+
+	# setting SKIP_SELINUX skips searching for selinux at this stage. We don't
+	# need to search now in case we end up not needing it after all.
+	# setup the config file
+	emake -j1 -s allyesconfig SKIP_SELINUX=$(usex selinux n y) >/dev/null #620918
+	# nommu forces a bunch of things off which we want on #387555
+	busybox_config_option n NOMMU
+	sed -i '/^#/d' .config
+	yes "" | emake -j1 -s oldconfig SKIP_SELINUX=$(usex selinux n y) >/dev/null #620918
+
+	# now turn off stuff we really don't want
+	busybox_config_option n DMALLOC
+	busybox_config_option n FEATURE_2_4_MODULES #607548
+	busybox_config_option n FEATURE_SUID_CONFIG
+	busybox_config_option n BUILD_AT_ONCE
+	busybox_config_option n BUILD_LIBBUSYBOX
+	busybox_config_option n FEATURE_CLEAN_UP
+	busybox_config_option n MONOTONIC_SYSCALL
+	busybox_config_option n USE_PORTABLE_CODE
+	busybox_config_option n WERROR
+	# CONFIG_MODPROBE_SMALL=y disables depmod.c and uses a smaller one that
+	# does not support -b. Setting this to no creates slightly larger and
+	# slightly more useful modutils
+	busybox_config_option n MODPROBE_SMALL #472464
+	# triming the BSS size may be dangerous
+	busybox_config_option n FEATURE_USE_BSS_TAIL
+
+	# These cause trouble with musl.
+	if use elibc_musl; then
+		busybox_config_option n FEATURE_UTMP
+		busybox_config_option n EXTRA_COMPAT
+		busybox_config_option n FEATURE_VI_REGEX_SEARCH
+	fi
+
+	# Disable standalone shell mode when using make-symlinks, else Busybox calls its
+	# applets by default without looking up in PATH.
+	# This also enables users to disable a builtin by deleting the corresponding symlink.
+	if use make-symlinks; then
+		busybox_config_option n FEATURE_PREFER_APPLETS
+		busybox_config_option n FEATURE_SH_STANDALONE
+	fi
+
+	# If these are not set and we are using a busybox setup
+	# all calls to system() will fail.
+	busybox_config_option y ASH
+	busybox_config_option y SH_IS_ASH
+	busybox_config_option n HUSH
+	busybox_config_option n SH_IS_HUSH
+
+	busybox_config_option '"/run"' PID_FILE_PATH
+	busybox_config_option '"/run/ifstate"' IFUPDOWN_IFSTATE_PATH
+
+	# disable ipv6 applets
+	if ! use ipv6; then
+		busybox_config_option n FEATURE_IPV6
+		busybox_config_option n TRACEROUTE6
+		busybox_config_option n PING6
+		busybox_config_option n UDHCPC6
+	fi
+
+	busybox_config_option pam PAM
+	busybox_config_option static STATIC
+	busybox_config_option syslog {K,SYS}LOGD LOGGER
+	busybox_config_option systemd FEATURE_SYSTEMD
+	busybox_config_option math FEATURE_AWK_LIBM
+
+	# all the debug options are compiler related, so punt them
+	busybox_config_option n DEBUG_SANITIZE
+	busybox_config_option n DEBUG
+	busybox_config_option y NO_DEBUG_LIB
+	busybox_config_option n DMALLOC
+	busybox_config_option n EFENCE
+	busybox_config_option $(usex debug y n) TFTP_DEBUG
+
+	busybox_config_option selinux SELINUX
+
+	# this opt only controls mounting with <linux-2.6.23
+	busybox_config_option n FEATURE_MOUNT_NFS
+
+	# glibc-2.26 and later does not ship RPC implientation
+	busybox_config_option n FEATURE_HAVE_RPC
+	busybox_config_option n FEATURE_INETD_RPC
+
+	# default a bunch of uncommon options to off
+	local opt
+	for opt in \
+		ADD_SHELL \
+		BEEP BOOTCHARTD \
+		CRONTAB \
+		DC DEVFSD DNSD DPKG{,_DEB} \
+		FAKEIDENTD FBSPLASH FOLD FSCK_MINIX FTP{GET,PUT} \
+		FEATURE_DEVFS \
+		HOSTID HUSH \
+		INETD INOTIFYD IPCALC \
+		LOCALE_SUPPORT LOGNAME LPD \
+		MAKEMIME MKFS_MINIX MSH \
+		OD \
+		RDEV READPROFILE REFORMIME REMOVE_SHELL RFKILL RUN_PARTS RUNSV{,DIR} \
+		SLATTACH SMEMCAP SULOGIN SV{,LOGD} \
+		TASKSET TCPSVD \
+		RPM RPM2CPIO \
+		UDPSVD UUDECODE UUENCODE
+	do
+		busybox_config_option n ${opt}
+	done
+
+	emake -j1 oldconfig > /dev/null
+}
+
+src_compile() {
+	unset KBUILD_OUTPUT #88088
+	export SKIP_STRIP=y
+
+	emake V=1 busybox
+
+	# bug #701512
+	emake V=1 doc
+}
+
+src_install() {
+	unset KBUILD_OUTPUT #88088
+	save_config .config
+
+	into /
+	dodir /bin
+	if use sep-usr ; then
+		# install /ginit to take care of mounting stuff
+		exeinto /
+		newexe busybox_unstripped ginit
+		dosym /ginit /bin/bb
+		dosym bb /bin/busybox
+	else
+		newbin busybox_unstripped busybox
+		dosym busybox /bin/bb
+	fi
+	if use mdev ; then
+		dodir /$(get_libdir)/mdev/
+		use make-symlinks || dosym /bin/bb /sbin/mdev
+		cp "${S}"/examples/mdev_fat.conf "${ED}"/etc/mdev.conf || die
+		if [[ ! "$(get_libdir)" == "lib" ]]; then
+			sed -i -e "s:/lib/:/$(get_libdir)/:g" "${ED}"/etc/mdev.conf || die #831251 - replace lib with lib64 where appropriate
+		fi
+
+		exeinto /$(get_libdir)/mdev/
+		doexe "${FILESDIR}"/mdev/*
+
+		newinitd "${FILESDIR}"/mdev.initd mdev
+	fi
+	if use livecd ; then
+		dosym busybox /bin/vi
+	fi
+
+	# add busybox daemon's, bug #444718
+	if busybox_config_enabled FEATURE_NTPD_SERVER; then
+		newconfd "${FILESDIR}"/ntpd.confd busybox-ntpd
+		newinitd "${FILESDIR}"/ntpd.initd busybox-ntpd
+	fi
+	if busybox_config_enabled SYSLOGD; then
+		newconfd "${FILESDIR}"/syslogd.confd busybox-syslogd
+		newinitd "${FILESDIR}"/syslogd.initd busybox-syslogd
+	fi
+	if busybox_config_enabled KLOGD; then
+		newconfd "${FILESDIR}"/klogd.confd busybox-klogd
+		newinitd "${FILESDIR}"/klogd.initd busybox-klogd
+	fi
+	if busybox_config_enabled WATCHDOG; then
+		newconfd "${FILESDIR}"/watchdog.confd busybox-watchdog
+		newinitd "${FILESDIR}"/watchdog.initd busybox-watchdog
+	fi
+	if busybox_config_enabled UDHCPC; then
+		sed -i 's:$((metric++)):$metric; metric=$((metric + 1)):' examples/udhcp/simple.script || die #801535
+		local path=$(busybox_config_enabled UDHCPC_DEFAULT_SCRIPT)
+		exeinto "${path%/*}"
+		newexe examples/udhcp/simple.script "${path##*/}"
+	fi
+	if busybox_config_enabled UDHCPD; then
+		insinto /etc
+		doins examples/udhcp/udhcpd.conf
+	fi
+	if busybox_config_enabled ASH && ! use make-symlinks; then
+		dosym8 -r /bin/busybox /bin/ash
+	fi
+	if busybox_config_enabled CROND; then
+		newconfd "${FILESDIR}"/crond.confd busybox-crond
+		newinitd "${FILESDIR}"/crond.initd busybox-crond
+	fi
+
+	# bundle up the symlink files for use later
+	emake DESTDIR="${ED}" install
+	rm _install/bin/busybox || die
+	# for compatibility, provide /usr/bin/env
+	mkdir -p _install/usr/bin || die
+	if [[ ! -e _install/usr/bin/env ]]; then
+		ln -s /bin/env _install/usr/bin/env || die
+	fi
+	tar cf busybox-links.tar -C _install . || : #;die
+	insinto /usr/share/${PN}
+	use make-symlinks && doins busybox-links.tar
+
+	dodoc AUTHORS README TODO
+
+	cd docs || die
+	doman busybox.1
+	docinto txt
+	dodoc *.txt
+	docinto pod
+	dodoc *.pod
+	docinto html
+	dodoc *.html
+
+	cd ../examples || die
+	docinto examples
+	dodoc inittab depmod.pl *.conf *.script undeb unrpm
+
+	cd ../networking || die
+	dodoc httpd_indexcgi.c httpd_post_upload.cgi
+}
+
+pkg_preinst() {
+	if use make-symlinks ; then
+		mv "${ED}"/usr/share/${PN}/busybox-links.tar "${T}"/ || die
+	fi
+}
+
+pkg_postinst() {
+	savedconfig_pkg_postinst
+
+	if use make-symlinks ; then
+		cd "${T}" || die
+		mkdir _install
+		tar xf busybox-links.tar -C _install || die
+		echo n | cp -ivpPR _install/* "${ROOT}"/ || die "copying links for ${x} failed"
+	fi
+
+	if use sep-usr ; then
+		elog "In order to use the sep-usr support, you have to update your"
+		elog "kernel command line.  Add the option:"
+		elog "     init=/ginit"
+		elog "To launch a different init than /sbin/init, use:"
+		elog "     init=/ginit /sbin/yourinit"
+		elog "To get a rescue shell, you may boot with:"
+		elog "     init=/ginit bb"
+	fi
+}

diff --git a/sys-apps/busybox/files/busybox-1.36.0-ed-memcpy-overlapping.patch b/sys-apps/busybox/files/busybox-1.36.0-ed-memcpy-overlapping.patch
new file mode 100644
index 000000000000..e474391ccd4d
--- /dev/null
+++ b/sys-apps/busybox/files/busybox-1.36.0-ed-memcpy-overlapping.patch
@@ -0,0 +1,38 @@
+https://git.busybox.net/busybox/commit/?id=ca96022d6edaaf619324db5a481698231d74d1df
+
+From ca96022d6edaaf619324db5a481698231d74d1df Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net>
+Date: Tue, 8 Feb 2022 20:29:30 +0100
+Subject: ed: don't use memcpy with overlapping memory regions
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The memcpy invocations in the subCommand function, modified by this
+commit, previously used memcpy with overlapping memory regions. This is
+undefined behavior. On Alpine Linux, it causes BusyBox ed to crash since
+we compile BusyBox with -D_FORTIFY_SOURCE=2 and our fortify-headers
+implementation catches this source of undefined behavior [0]. The issue
+can only be triggered if the replacement string is the same size or
+shorter than the old string.
+
+Looking at the code, it seems to me that a memmove(3) is what was
+actually intended here, this commit modifies the code accordingly.
+
+[0]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13504
+
+Signed-off-by: Sören Tempel <soeren+git@soeren-tempel.net>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+--- a/editors/ed.c
++++ b/editors/ed.c
+@@ -720,7 +720,7 @@ static void subCommand(const char *cmd, int num1, int num2)
+ 		if (deltaLen <= 0) {
+ 			memcpy(&lp->data[offset], newStr, newLen);
+ 			if (deltaLen) {
+-				memcpy(&lp->data[offset + newLen],
++				memmove(&lp->data[offset + newLen],
+ 					&lp->data[offset + oldLen],
+ 					lp->len - offset - oldLen);
+ 
+-- 
+cgit v1.2.3

diff --git a/sys-apps/busybox/files/busybox-1.36.0-fortify-source-3-fixdep.patch b/sys-apps/busybox/files/busybox-1.36.0-fortify-source-3-fixdep.patch
new file mode 100644
index 000000000000..659c81180fb5
--- /dev/null
+++ b/sys-apps/busybox/files/busybox-1.36.0-fortify-source-3-fixdep.patch
@@ -0,0 +1,32 @@
+https://bugs.gentoo.org/893776
+https://bugs.busybox.net/show_bug.cgi?id=15326
+http://lists.busybox.net/pipermail/busybox/2023-February/090173.html
+
+From 2d4a3d9e6c1493a9520b907e07a41aca90cdfd94 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@gentoo.org>
+Date: Tue, 21 Feb 2023 20:20:31 +0100
+Subject: fixdep: avoid underflow when end of entry doesn't coincide with EOF
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Bug: https://bugs.gentoo.org/893776
+Closes: https://bugs.busybox.net/show_bug.cgi?id=15326
+Signed-off-by: Arsen Arsenović <arsen@gentoo.org>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+--- a/scripts/basic/fixdep.c
++++ b/scripts/basic/fixdep.c
+@@ -338,6 +338,11 @@ void parse_dep_file(void *map, size_t len)
+ 			do p--; while (!isalnum((unsigned char)*p));
+ 			p++;
+ 		}
++		if (p < m) {
++			/* we've consumed the last filename of this list
++			   already.  */
++			break;
++		}
+ 		memcpy(s, m, p-m); s[p-m] = 0;
+ 		if (strrcmp(s, "include/autoconf.h") &&
+ 		    strrcmp(s, "arch/um/include/uml-config.h") &&
+-- 
+cgit v1.2.3