blkdiscard: make it NOEXEC

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 9735e756adbeadeed45e54f579a72f9ed851e4d9..ab58df50d16b88fb8437e9e06a33060cba3aac2b 100644 (file)
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -49,7 +49,7 @@ awk - noexec. runner
 base64 - runner
 basename - NOFORK
 beep
-blkdiscard
+blkdiscard - noexec. leaks: open+xioctl
 blkid - noexec
 blockdev - noexec. leaks fd
 bootchartd - daemon

diff --git a/util-linux/blkdiscard.c b/util-linux/blkdiscard.c
index 8f6a4ab6cb5f1fe1c2fcf4a77d6100621b20e8c2..048d39e83693ab89f59a36761cb088555ca8e0bc 100644 (file)
--- a/util-linux/blkdiscard.c
+++ b/util-linux/blkdiscard.c
@@ -11,8 +11,9 @@
 //config:      help
 //config:      blkdiscard discards sectors on a given device.
 
+//applet:IF_BLKDISCARD(APPLET_NOEXEC(blkdiscard, blkdiscard, BB_DIR_USR_BIN, BB_SUID_DROP, blkdiscard))
+
 //kbuild:lib-$(CONFIG_BLKDISCARD) += blkdiscard.o
-//applet:IF_BLKDISCARD(APPLET(blkdiscard, BB_DIR_USR_BIN, BB_SUID_DROP))
 
 //usage:#define blkdiscard_trivial_usage
 //usage:       "[-o OFS] [-l LEN] [-s] DEVICE"
@@ -44,7 +45,6 @@ int blkdiscard_main(int argc UNUSED_PARAM, char **argv)
        uint64_t offset; /* Leaving these two variables out does not  */
        uint64_t length; /* shrink code size and hampers readability. */
        uint64_t range[2];
-//     struct stat st;
        int fd;
 
        enum {