From b9be78070569e69960ba2b3c4098c3dc3316b9bd Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Sun, 6 Aug 2017 21:23:03 +0200
Subject: [PATCH] sv,svc: fix NOEXEC fallout

function                                             old     new   delta
svc_main                                             145     162     +17
sv                                                  1280    1297     +17
status                                               139     133      -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 34/-6)              Total: 28 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
 console-tools/dumpkmap.c | 19 +++----------------
 console-tools/resize.c   |  2 ++
 coreutils/cksum.c        |  1 +
 coreutils/date.c         |  1 +
 coreutils/stty.c         |  1 +
 runit/sv.c               | 10 ++++++++--
 util-linux/umount.c      |  2 ++
 7 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/console-tools/dumpkmap.c b/console-tools/dumpkmap.c
index 5ffb0cddb..b803e579a 100644
--- a/console-tools/dumpkmap.c
+++ b/console-tools/dumpkmap.c
@@ -16,6 +16,7 @@
 //config:	stdout, in binary format. You can then use loadkmap to load it.
 
 //applet:IF_DUMPKMAP(APPLET_NOEXEC(dumpkmap, dumpkmap, BB_DIR_BIN, BB_SUID_DROP, dumpkmap))
+/* bb_common_bufsiz1 usage here is safe wrt NOEXEC: not expecting it to be zeroed. */
 
 //kbuild:lib-$(CONFIG_DUMPKMAP) += dumpkmap.o
 
@@ -47,8 +48,6 @@ int dumpkmap_main(int argc UNUSED_PARAM, char **argv)
 {
 	struct kbentry ke;
 	int i, j, fd;
-#define flags bb_common_bufsiz1
-	setup_common_bufsiz();
 
 	/* When user accidentally runs "dumpkmap FILE"
 	 * instead of "dumpkmap >FILE", we'd dump binary stuff to tty.
@@ -60,19 +59,8 @@ int dumpkmap_main(int argc UNUSED_PARAM, char **argv)
 
 	fd = get_console_fd_or_die();
 
-#if 0
-	write(STDOUT_FILENO, "bkeymap", 7);
-	/* Here we want to set everything to 0 except for indexes:
-	 * [0-2] [4-6] [8-10] [12]
-	 */
-	/*memset(flags, 0x00, MAX_NR_KEYMAPS); - already is */
-	memset(flags, 0x01, 13);
-	flags[3] = flags[7] = flags[11] = 0;
-	/* dump flags */
-	write(STDOUT_FILENO, flags, MAX_NR_KEYMAPS);
-#define flags7 flags
-#else
-	/* Same effect */
+#define flags bb_common_bufsiz1
+	setup_common_bufsiz();
 	/*                     0 1 2 3 4 5 6 7 8 9 a b c=12 */
 	memcpy(flags, "bkeymap\1\1\1\0\1\1\1\0\1\1\1\0\1",
 	/* Can use sizeof, or sizeof-1. sizeof is even, using that */
@@ -80,7 +68,6 @@ int dumpkmap_main(int argc UNUSED_PARAM, char **argv)
 	);
 	write(STDOUT_FILENO, flags, 7 + MAX_NR_KEYMAPS);
 #define flags7 (flags + 7)
-#endif
 
 	for (i = 0; i < 13; i++) {
 		if (flags7[i]) {
diff --git a/console-tools/resize.c b/console-tools/resize.c
index 97866673a..8aa487c41 100644
--- a/console-tools/resize.c
+++ b/console-tools/resize.c
@@ -24,6 +24,7 @@
 //config:	COLUMNS=80;LINES=44;export COLUMNS LINES;
 
 //applet:IF_RESIZE(APPLET_NOEXEC(resize, resize, BB_DIR_USR_BIN, BB_SUID_DROP, resize))
+/* bb_common_bufsiz1 usage here is safe wrt NOEXEC: not expecting it to be zeroed. */
 
 //kbuild:lib-$(CONFIG_RESIZE) += resize.o
 
@@ -63,6 +64,7 @@ int resize_main(int argc UNUSED_PARAM, char **argv UNUSED_PARAM)
 	 */
 
 	tcgetattr(STDERR_FILENO, old_termios_p); /* fiddle echo */
+//TODO: die if the above fails?
 	memcpy(&new, old_termios_p, sizeof(new));
 	new.c_cflag |= (CLOCAL | CREAD);
 	new.c_lflag &= ~(ICANON | ECHO | ECHOE | ISIG);
diff --git a/coreutils/cksum.c b/coreutils/cksum.c
index c0cf65d2a..059a33310 100644
--- a/coreutils/cksum.c
+++ b/coreutils/cksum.c
@@ -13,6 +13,7 @@
 //config:	cksum is used to calculate the CRC32 checksum of a file.
 
 //applet:IF_CKSUM(APPLET_NOEXEC(cksum, cksum, BB_DIR_USR_BIN, BB_SUID_DROP, cksum))
+/* bb_common_bufsiz1 usage here is safe wrt NOEXEC: not expecting it to be zeroed. */
 
 //kbuild:lib-$(CONFIG_CKSUM) += cksum.o
 
diff --git a/coreutils/date.c b/coreutils/date.c
index 89b281646..5a4ad5fe5 100644
--- a/coreutils/date.c
+++ b/coreutils/date.c
@@ -59,6 +59,7 @@
 //config:	MMDDhhmm[[YY]YY][.ss] format.
 
 //applet:IF_DATE(APPLET_NOEXEC(date, date, BB_DIR_BIN, BB_SUID_DROP, date))
+/* bb_common_bufsiz1 usage here is safe wrt NOEXEC: not expecting it to be zeroed. */
 
 //kbuild:lib-$(CONFIG_DATE) += date.o
 
diff --git a/coreutils/stty.c b/coreutils/stty.c
index 2292fa5ee..57e2cc30d 100644
--- a/coreutils/stty.c
+++ b/coreutils/stty.c
@@ -785,6 +785,7 @@ struct globals {
 } FIX_ALIASING;
 #define G (*(struct globals*)bb_common_bufsiz1)
 #define INIT_G() do { \
+	setup_common_bufsiz(); \
 	G.device_name = bb_msg_standard_input; \
 	G.max_col = 80; \
 	G.current_col = 0; /* we are noexec, must clear */ \
diff --git a/runit/sv.c b/runit/sv.c
index 0817ab472..630f1f37e 100644
--- a/runit/sv.c
+++ b/runit/sv.c
@@ -193,7 +193,7 @@ struct globals {
 /* "Bernstein" time format: unix + 0x400000000000000aULL */
 	uint64_t tstart, tnow;
 	svstatus_t svstatus;
-	unsigned islog;
+	smallint islog;
 } FIX_ALIASING;
 #define G (*(struct globals*)bb_common_bufsiz1)
 #define acts         (G.acts        )
@@ -203,7 +203,13 @@ struct globals {
 #define tnow         (G.tnow        )
 #define svstatus     (G.svstatus    )
 #define islog        (G.islog       )
-#define INIT_G() do { setup_common_bufsiz(); } while (0)
+#define INIT_G() do { \
+	setup_common_bufsiz(); \
+	/* need to zero out, we are NOEXEC */ \
+	rc = EXIT_SUCCESS; \
+	islog = 0; \
+	/* other fields need not be zero */ \
+} while (0)
 
 
 #define str_equal(s,t) (strcmp((s), (t)) == 0)
diff --git a/util-linux/umount.c b/util-linux/umount.c
index 33667b13c..a6405dfcc 100644
--- a/util-linux/umount.c
+++ b/util-linux/umount.c
@@ -35,6 +35,8 @@
  * In this case, you might be actually happy if your standalone bbox shell
  * does not fork+exec, but only forks and calls umount_main() which it already has!
  * Let's go with NOEXEC.
+ *
+ * bb_common_bufsiz1 usage here is safe wrt NOEXEC: not expecting it to be zeroed.
  */
 
 //kbuild:lib-$(CONFIG_UMOUNT) += umount.o