From fdb92359e47eee8ccd57092928cedccb28ce2f11 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sat, 5 Aug 2017 01:51:12 +0200 Subject: [PATCH] pivot_root: make it NOFORK Signed-off-by: Denys Vlasenko --- NOFORK_NOEXEC.lst | 2 +- util-linux/pivot_root.c | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 0e1fb1f55..2fc280596 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst @@ -261,7 +261,7 @@ pidof - nofork candidate(uses find_pid_by_name, is that ok?) ping - suid, runner ping6 - suid, runner pipe_progress - longterm -pivot_root - nofork candidate? the code is trivial +pivot_root - NOFORK pkill - nofork candidate(xregcomp, procps_scan - are they ok?) pmap - noexec candidate, leaks: open+xstrdup popmaildir - runner diff --git a/util-linux/pivot_root.c b/util-linux/pivot_root.c index 331038057..d6a26b912 100644 --- a/util-linux/pivot_root.c +++ b/util-linux/pivot_root.c @@ -21,7 +21,7 @@ //config: Note: This is for initrd in linux 2.4. Under initramfs (introduced //config: in linux 2.6) use switch_root instead. -//applet:IF_PIVOT_ROOT(APPLET(pivot_root, BB_DIR_SBIN, BB_SUID_DROP)) +//applet:IF_PIVOT_ROOT(APPLET_NOFORK(pivot_root, pivot_root, BB_DIR_SBIN, BB_SUID_DROP, pivot_root)) //kbuild:lib-$(CONFIG_PIVOT_ROOT) += pivot_root.o @@ -33,7 +33,7 @@ #include "libbb.h" -extern int pivot_root(const char * new_root,const char * put_old); +extern int pivot_root(const char *new_root, const char *put_old); int pivot_root_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; int pivot_root_main(int argc, char **argv) @@ -41,6 +41,8 @@ int pivot_root_main(int argc, char **argv) if (argc != 3) bb_show_usage(); + /* NOFORK applet. Hardly matters wrt performance, but code is trivial */ + if (pivot_root(argv[1], argv[2]) < 0) { /* prints "pivot_root: " */ bb_perror_nomsg_and_die();