mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-11 15:11:26 +00:00
Code Issues Projects Releases Wiki Activity
Files
2b26d30fc7f478f5735d514f0c1bc28f6a4148b6
meta-openembedded/meta-oe/recipes-support/atop/atop_2.4.0.bb
Gyorgy Sarvari 2b26d30fc7 atop: patch CVE-2025-31160 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-31160

Backport the patch that's subject references the CVE id explicitly.

I was able to verify the patch with a reproducer[1] (which is mentioned
in a reference[2] in the nvd report). Without the patch atop crashed,
with the patch it worked fine (both with and without -k/-K flags).

[1]: https://blog.bismuth.sh/blog/bismuth-found-the-atop-bug
[2]: https://gist.github.com/kallsyms/3acdf857ccc5c9fbaae7ed823be0365e

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2025-12-30 07:08:16 +05:30

64 lines
2.6 KiB
BlitzBasic
Raw Blame History

SUMMARY = "Monitor for system resources and process activity"
DESCRIPTION = "Atop is an ASCII full-screen performance monitor for Linux that \
is capable of reporting the activity of all processes (even if processes have \
finished during the interval), daily logging of system and process activity for \
long-term analysis, highlighting overloaded system resources by using colors, \
etc. At regular intervals, it shows system-level activity related to the CPU, \
memory, swap, disks (including LVM) and network layers, and for every process \
(and thread) it shows e.g. the CPU utilization, memory growth, disk \
utilization, priority, username, state, and exit code."
HOMEPAGE = "http://www.atoptool.nl"
SECTION = "console/utils"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
DEPENDS = "ncurses zlib"
SRC_URI = "http://www.atoptool.nl/download/${BP}.tar.gz \
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'file://volatiles.atop.conf', 'file://volatiles.99_atop', d)} \
file://fix-permissions.patch \
file://sysvinit-implement-status.patch \
file://0001-atop.daily-atop.init-atop-pm.sh-Avoid-using-bash.patch \
file://CVE-2025-31160.patch \
"
SRC_URI[md5sum] = "1077da884ed94f2bc3c81ac3ab970436"
SRC_URI[sha256sum] = "be1c010a77086b7d98376fce96514afcd73c3f20a8d1fe01520899ff69a73d69"
CVE_STATUS[CVE-2011-3618] = "fixed-version: The CPE in the NVD database doesn't reflect correctly the vulnerable versions."
do_compile() {
oe_runmake all
}
do_install() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
make DESTDIR=${D} VERS=${PV} SYSDPATH=${systemd_system_unitdir} \
PMPATHD=${systemd_unitdir}/system-sleep systemdinstall
install -d ${D}${sysconfdir}/tmpfiles.d
install -m 644 ${WORKDIR}/volatiles.atop.conf ${D}${sysconfdir}/tmpfiles.d/atop.conf
rm -f ${D}${systemd_system_unitdir}/atopacct.service
else
make DESTDIR=${D} VERS=${PV} sysvinstall
install -d ${D}${sysconfdir}/default/volatiles
install -m 644 ${WORKDIR}/volatiles.99_atop ${D}${sysconfdir}/default/volatiles/99_atop
rm -f ${D}${sysconfdir}/init.d/atopacct
fi
# /var/log/atop will be created in runtime
rm -rf ${D}${localstatedir}/log
rmdir --ignore-fail-on-non-empty ${D}${localstatedir}
# remove atopacct related files
rm -rf ${D}${sbindir} ${D}${mandir}/man8
}
inherit systemd
SYSTEMD_SERVICE:${PN} = "atop.service atopgpu.service"
SYSTEMD_AUTO_ENABLE = "disable"
FILES:${PN} += "${systemd_unitdir}/system-sleep"
RDEPENDS:${PN} = "procps"
Reference in New Issue View Git Blame Copy Permalink