Denys Vlasenko [Wed, 9 Aug 2017 17:51:17 +0000 (19:51 +0200)]
Update NOFORK_NOEXEC.lst
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 17:27:01 +0000 (19:27 +0200)]
ipcs: tweak output orer to match util-linux 2.28
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 17:24:19 +0000 (19:24 +0200)]
ipcrm,ipcs: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 17:20:08 +0000 (19:20 +0200)]
ipcrm: code shrink
function old new delta
ipcrm_main 698 663 -35
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 16:52:19 +0000 (18:52 +0200)]
vconfig: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 16:20:01 +0000 (18:20 +0200)]
rpm: code shrink
function old new delta
rpm_getstr0 - 7 +7
rpm_getstr 112 110 -2
rpm_getint 120 118 -2
bsearch_rpmtag 15 13 -2
shell_builtin_read 1334 1320 -14
rpm_main 1548 1474 -74
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/5 up/down: 7/-94) Total: -87 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 12:04:07 +0000 (14:04 +0200)]
shell: more efficient check for EOL in read
function old new delta
shell_builtin_read 1334 1320 -14
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 9 Aug 2017 11:52:36 +0000 (13:52 +0200)]
hush: implement -d DELIM option for 'read'
The POSIX standard only requires the 'read' builtin to handle '-r':
http://pubs.opengroup.org/onlinepubs/
9699919799/utilities/read.html
However, Bash introduced the option '-d <DELIM>' to override IFS for
just one invocation, and it is quite useful.
We already support this in ash, let's add it to hush, too.
function old new delta
builtin_read 263 284 +21
.rodata 163587 163589 +2
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 23/0) Total: 23 bytes
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Johannes Schindelin [Tue, 8 Aug 2017 14:46:39 +0000 (16:46 +0200)]
ash: implement -d DELIM option for read
The POSIX standard only requires the read builtin to handle -r:
http://pubs.opengroup.org/onlinepubs/
9699919799/utilities/read.html
However, Bash introduced the option -d <DELIM> to override IFS for
just one invocation, and it is quite useful.
It is also super easy to implement in BusyBox' ash, so let's do that.
The motivation: This option is used by Git's test suite.
function old new delta
.rodata 163505 163587 +82
shell_builtin_read 1244 1289 +45
readcmd 233 259 +26
builtin_read 258 263 +5
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 158/0) Total: 158 bytes
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Xabier Oneca [Wed, 9 Aug 2017 10:18:36 +0000 (12:18 +0200)]
chcon: show '--reference' in help text only if LONG_OPTS=y
Signed-off-by: Xabier Oneca <xoneca@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 8 Aug 2017 21:18:05 +0000 (23:18 +0200)]
start-stop-daemon: show only short options in --help text
function old new delta
packed_usage 31675 31607 -68
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 8 Aug 2017 20:33:02 +0000 (22:33 +0200)]
ftpgetput: show only short options in --help text
function old new delta
packed_usage 31687 31675 -12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 8 Aug 2017 19:55:02 +0000 (21:55 +0200)]
getopt32: remove opt_complementary
function old new delta
vgetopt32 1318 1392 +74
runsvdir_main 703 713 +10
bb_make_directory 423 425 +2
collect_cpu 546 545 -1
opt_chars 3 - -3
opt_complementary 4 - -4
tftpd_main 567 562 -5
ntp_init 476 471 -5
zcip_main 1266 1256 -10
xxd_main 428 418 -10
whois_main 140 130 -10
who_main 463 453 -10
which_main 212 202 -10
wget_main 2535 2525 -10
watchdog_main 291 281 -10
watch_main 222 212 -10
vlock_main 399 389 -10
uuencode_main 332 322 -10
uudecode_main 316 306 -10
unlink_main 45 35 -10
udhcpd_main 1482 1472 -10
udhcpc_main 2762 2752 -10
tune2fs_main 290 280 -10
tunctl_main 366 356 -10
truncate_main 218 208 -10
tr_main 518 508 -10
time_main 1134 1124 -10
tftp_main 286 276 -10
telnetd_main 1873 1863 -10
tcpudpsvd_main 1785 1775 -10
taskset_main 521 511 -10
tar_main 1009 999 -10
tail_main 1644 1634 -10
syslogd_main 1967 1957 -10
switch_root_main 368 358 -10
svlogd_main 1454 1444 -10
sv 1296 1286 -10
stat_main 104 94 -10
start_stop_daemon_main 1028 1018 -10
split_main 542 532 -10
sort_main 796 786 -10
slattach_main 624 614 -10
shuf_main 504 494 -10
setsid_main 96 86 -10
setserial_main 1132 1122 -10
setfont_main 388 378 -10
setconsole_main 78 68 -10
sendmail_main 1209 1199 -10
sed_main 677 667 -10
script_main 1077 1067 -10
run_parts_main 325 315 -10
rtcwake_main 454 444 -10
rm_main 175 165 -10
reformime_main 119 109 -10
readlink_main 123 113 -10
rdate_main 246 236 -10
pwdx_main 189 179 -10
pstree_main 317 307 -10
pscan_main 663 653 -10
popmaildir_main 818 808 -10
pmap_main 80 70 -10
nc_main 1042 1032 -10
mv_main 558 548 -10
mountpoint_main 477 467 -10
mount_main 1264 1254 -10
modprobe_main 768 758 -10
modinfo_main 333 323 -10
mktemp_main 200 190 -10
mkswap_main 324 314 -10
mkfs_vfat_main 1489 1479 -10
microcom_main 715 705 -10
md5_sha1_sum_main 521 511 -10
man_main 867 857 -10
makedevs_main 1052 1042 -10
ls_main 563 553 -10
losetup_main 432 422 -10
loadfont_main 89 79 -10
ln_main 524 514 -10
link_main 75 65 -10
ipcalc_main 544 534 -10
iostat_main 2397 2387 -10
install_main 768 758 -10
id_main 480 470 -10
i2cset_main 1239 1229 -10
i2cget_main 380 370 -10
i2cdump_main 1482 1472 -10
i2cdetect_main 682 672 -10
hwclock_main 406 396 -10
httpd_main 741 731 -10
grep_main 837 827 -10
getty_main 1559 1549 -10
fuser_main 297 287 -10
ftpgetput_main 345 335 -10
ftpd_main 2232 2222 -10
fstrim_main 251 241 -10
fsfreeze_main 77 67 -10
fsck_minix_main 2921 2911 -10
flock_main 314 304 -10
flashcp_main 740 730 -10
flash_eraseall_main 833 823 -10
fdformat_main 532 522 -10
expand_main 680 670 -10
eject_main 335 325 -10
dumpleases_main 630 620 -10
du_main 314 304 -10
dos2unix_main 441 431 -10
diff_main 1350 1340 -10
df_main 1064 1054 -10
date_main 1095 1085 -10
cut_main 961 951 -10
cryptpw_main 228 218 -10
crontab_main 575 565 -10
crond_main 1149 1139 -10
cp_main 370 360 -10
common_traceroute_main 3834 3824 -10
common_ping_main 1767 1757 -10
comm_main 239 229 -10
cmp_main 655 645 -10
chrt_main 379 369 -10
chpst_main 704 694 -10
chpasswd_main 308 298 -10
chown_main 171 161 -10
chmod_main 158 148 -10
cat_main 428 418 -10
bzip2_main 120 110 -10
blkdiscard_main 264 254 -10
base64_main 221 211 -10
arping_main 1665 1655 -10
ar_main 556 546 -10
adjtimex_main 406 396 -10
adduser_main 882 872 -10
addgroup_main 411 401 -10
acpid_main 1198 1188 -10
optstring 11 - -11
opt_string 18 - -18
OPT_STR 25 - -25
ubi_tools_main 1288 1258 -30
ls_options 31 - -31
------------------------------------------------------------------------------
(add/remove: 0/6 grow/shrink: 3/129 up/down: 86/-1383) Total: -1297 bytes
text data bss dec hex filename
915428 485 6876 922789 e14a5 busybox_old
914629 485 6872 921986 e1182 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 8 Aug 2017 14:38:18 +0000 (16:38 +0200)]
getopt32: remove applet_long_options
FEATURE_GETOPT_LONG made dependent on LONG_OPTS.
The folloving options are removed, now LONG_OPTS enables long options
for affected applets:
FEATURE_ENV_LONG_OPTIONS FEATURE_EXPAND_LONG_OPTIONS
FEATURE_UNEXPAND_LONG_OPTIONS FEATURE_MKDIR_LONG_OPTIONS
FEATURE_MV_LONG_OPTIONS FEATURE_RMDIR_LONG_OPTIONS
FEATURE_ADDGROUP_LONG_OPTIONS FEATURE_ADDUSER_LONG_OPTIONS
FEATURE_HWCLOCK_LONG_OPTIONS FEATURE_NSENTER_LONG_OPTS
FEATURE_CHCON_LONG_OPTIONS FEATURE_RUNCON_LONG_OPTIONS
They either had a small number of long options, or their long options are
essential.
Example: upstream addgroup and adduser have ONLY longopts,
we should probably go further and get rid
of non-standard short options.
To this end, make addgroup and adduser "select LONG_OPTS".
We had this breakage caused by us even in our own package!
#if ENABLE_LONG_OPTS || !ENABLE_ADDGROUP
/* We try to use --gid, not -g, because "standard" addgroup
* has no short option -g, it has only long --gid.
*/
argv[1] = (char*)"--gid";
#else
/* Breaks if system in fact does NOT use busybox addgroup */
argv[1] = (char*)"-g";
#endif
xargs: its lone longopt no longer depends on DESKTOP, only on LONG_OPTS.
hwclock TODO: get rid of incompatible -t, -l aliases to --systz, --localtime
Shorten help texts by omitting long option when short opt alternative exists.
Reduction of size comes from the fact that store of an immediate
(an address of longopts) to a fixed address (global variable)
is a longer insn than pushing that immediate or passing it in a register.
This effect is CPU-agnostic.
function old new delta
getopt32 1350 22 -1328
vgetopt32 - 1318 +1318
getopt32long - 24 +24
tftpd_main 562 567 +5
scan_recursive 376 380 +4
collect_cpu 545 546 +1
date_main 1096 1095 -1
hostname_main 262 259 -3
uname_main 259 255 -4
setpriv_main 362 358 -4
rmdir_main 191 187 -4
mv_main 562 558 -4
ipcalc_main 548 544 -4
ifenslave_main 641 637 -4
gzip_main 192 188 -4
gunzip_main 77 73 -4
fsfreeze_main 81 77 -4
flock_main 318 314 -4
deluser_main 337 333 -4
cp_main 374 370 -4
chown_main 175 171 -4
applet_long_options 4 - -4
xargs_main 894 889 -5
wget_main 2540 2535 -5
udhcpc_main 2767 2762 -5
touch_main 436 431 -5
tar_main 1014 1009 -5
start_stop_daemon_main 1033 1028 -5
sed_main 682 677 -5
script_main 1082 1077 -5
run_parts_main 330 325 -5
rtcwake_main 459 454 -5
od_main 2169 2164 -5
nl_main 201 196 -5
modprobe_main 773 768 -5
mkdir_main 160 155 -5
ls_main 568 563 -5
install_main 773 768 -5
hwclock_main 411 406 -5
getopt_main 622 617 -5
fstrim_main 256 251 -5
env_main 198 193 -5
dumpleases_main 635 630 -5
dpkg_main 3991 3986 -5
diff_main 1355 1350 -5
cryptpw_main 233 228 -5
cpio_main 593 588 -5
conspy_main 1135 1130 -5
chpasswd_main 313 308 -5
adduser_main 887 882 -5
addgroup_main 416 411 -5
ftpgetput_main 351 345 -6
get_terminal_width_height 242 234 -8
expand_main 690 680 -10
static.expand_longopts 18 - -18
static.unexpand_longopts 27 - -27
mkdir_longopts 28 - -28
env_longopts 30 - -30
static.ifenslave_longopts 34 - -34
mv_longopts 46 - -46
static.rmdir_longopts 48 - -48
packed_usage 31739 31687 -52
------------------------------------------------------------------------------
(add/remove: 2/8 grow/shrink: 3/49 up/down: 1352/-1840) Total: -488 bytes
text data bss dec hex filename
915681 485 6880 923046 e15a6 busybox_old
915428 485 6876 922789 e14a5 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 8 Aug 2017 12:59:35 +0000 (14:59 +0200)]
*: fix up use of "getopt_longopts" for longopts not in getopt applet
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 8 Aug 2017 12:09:23 +0000 (14:09 +0200)]
libbb: simplify NOFORK/NOEXEC defines, move set_task_comm to libbb
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 23:21:49 +0000 (01:21 +0200)]
libbb: rearrange NOFORK/NOEXEC code, logic is not changed
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 22:49:48 +0000 (00:49 +0200)]
ipcalc: trim help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 22:42:15 +0000 (00:42 +0200)]
ipcalc,rdev: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 21:30:22 +0000 (23:30 +0200)]
dumpleases: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 21:23:18 +0000 (23:23 +0200)]
expr: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 21:17:14 +0000 (23:17 +0200)]
freeramdisk: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 21:14:49 +0000 (23:14 +0200)]
losetup: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 20:31:51 +0000 (22:31 +0200)]
ifenslave: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 20:30:59 +0000 (22:30 +0200)]
ifenslave: remove longopts from --help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 20:21:54 +0000 (22:21 +0200)]
fatattr: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 20:19:17 +0000 (22:19 +0200)]
df: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 18:56:54 +0000 (20:56 +0200)]
unxz: get_le32 macro is obviously wrong
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 18:34:26 +0000 (20:34 +0200)]
dnsdomainname,hostname: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 17:24:57 +0000 (19:24 +0200)]
noexec: consolidate code
function old new delta
run_noexec_applet_and_exit - 61 +61
find_applet_by_name 128 124 -4
run_applet_no_and_exit 441 434 -7
tryexec 169 152 -17
pseudo_exec_argv 338 321 -17
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/6 up/down: 61/-48) Total: 13 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 16:59:35 +0000 (18:59 +0200)]
noexec: do GETOPT_RESET() before entering APPLET_main()
hush -c 'yes | head -1' was not happy.
function old new delta
tryexec 159 169 +10
pseudo_exec_argv 328 338 +10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 16:45:33 +0000 (18:45 +0200)]
noexec: set comm field for noexecs
function old new delta
set_task_comm - 18 +18
tryexec 152 159 +7
pseudo_exec_argv 321 328 +7
main 106 97 -9
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 3/2 up/down: 34/-13) Total: 23 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 16:18:09 +0000 (18:18 +0200)]
free,stat: make NOEXEC
pkill/pgrep/pidof uncovered another quirk: what about noexec's _process names_?
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 15:36:41 +0000 (17:36 +0200)]
setconsole: much better help text
Was:
Usage: setconsole [-r] [DEVICE]
Redirect system console output to DEVICE (default: /dev/tty)
-r Reset output to /dev/console
Now:
Usage: setconsole [-r] [DEVICE]
Make writes to /dev/console appear on DEVICE (default: /dev/tty).
Does not redirect kernel log output or reads from /dev/console.
-r Reset: writes to /dev/console go to kernel log tty(s)
function old new delta
packed_usage 31766 31777 +11
setconsole_main 84 78 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 14:47:34 +0000 (16:47 +0200)]
users,w,who,uptime,renice: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 14:00:25 +0000 (16:00 +0200)]
ubi tools: ubiupdatevol supports "-" input and actually respects -s SIZE
Decided to not make any flash applets NOEXEC.
Minor robustifications here and there. Better error messages. Save on strings:
function old new delta
ubi_tools_main 1235 1288 +53
ubi_get_volid_by_name 125 133 +8
ubirename_main 198 204 +6
get_num_from_file 90 94 +4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 71/0) Total: 71 bytes
text data bss dec hex filename
915696 485 6880 923061 e15b5 busybox_old
915670 485 6880 923035 e159b busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 01:24:29 +0000 (03:24 +0200)]
ubiupdatevol: fix bug with -sSIZE: was ignoring IMAGE_FILE
While at it, fix help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 00:55:33 +0000 (02:55 +0200)]
ubi_tools: a bit smaller applet resolution code
function old new delta
ubi_tools_main 1241 1235 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 00:21:34 +0000 (02:21 +0200)]
script: -f means "flush", not "fsync"
function old new delta
packed_usage 31765 31768 +3
script_main 1102 1082 -20
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 7 Aug 2017 00:12:36 +0000 (02:12 +0200)]
script: make -t[FILE] compatible with util-linux
function old new delta
script_main 1056 1102 +46
packed_usage 31736 31765 +29
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 75/0) Total: 75 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 23:53:17 +0000 (01:53 +0200)]
script: make -t independent of scriptreplay
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 22:28:15 +0000 (00:28 +0200)]
add/remove-shell,add/deluser,add/delgroup: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 19:53:39 +0000 (21:53 +0200)]
nbd-client: make it NOEXEC, stop using argc
function old new delta
nbdclient_main 484 492 +8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 19:47:07 +0000 (21:47 +0200)]
makedevs: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 19:29:51 +0000 (21:29 +0200)]
svc: remove superfluout INIT_G()
function old new delta
sv 1297 1296 -1
svc_main 162 145 -17
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 19:23:03 +0000 (21:23 +0200)]
sv,svc: fix NOEXEC fallout
function old new delta
svc_main 145 162 +17
sv 1280 1297 +17
status 139 133 -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 34/-6) Total: 28 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:55:56 +0000 (20:55 +0200)]
stty: fix bb_common_bufsiz1 use in NOEXEC
function old new delta
stty_main 1211 1221 +10
do_display 379 370 -9
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:39:27 +0000 (20:39 +0200)]
readprofile: do not close/free just before exiting
function old new delta
readprofile_main 1784 1762 -22
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:20:47 +0000 (20:20 +0200)]
blkdiscard: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:16:28 +0000 (20:16 +0200)]
blkid: make it NOEXEC, make FEATURE_BLKID_TYPE=y default
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:14:02 +0000 (20:14 +0200)]
brctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:06:19 +0000 (20:06 +0200)]
ash: do not set a signal to SIG_DFL if it already is
function old new delta
setsignal 312 338 +26
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 18:00:21 +0000 (20:00 +0200)]
adjtimex: make it NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 17:46:21 +0000 (19:46 +0200)]
adjtimex: zero-fill whole structure, to be on the safe side
function old new delta
adjtimex_main 395 406 +11
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 17:08:46 +0000 (19:08 +0200)]
raidautorun: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 17:05:45 +0000 (19:05 +0200)]
loadfont,setfont: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 16:56:25 +0000 (18:56 +0200)]
setconsole: make it NOEXEC
BTW, I failed to make it do what it meant to do.
ioctl appears to succeed, but kernel's output is not coming
to the specified console (tried on VT consoles too).
OTOH, setlogcons does work...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 16:54:16 +0000 (18:54 +0200)]
setconsole: since SUSE version has no -r, nuke our --reset longopt
Why we even bother inventing incompatible longopts?!
function old new delta
packed_usage 31734 31738 +4
static.setconsole_longopts 9 - -9
setconsole_main 94 84 -10
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 1/1 up/down: 4/-19) Total: -15 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 16:29:25 +0000 (18:29 +0200)]
setkeycodes: make it NOEXEC, better --help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 16:17:58 +0000 (18:17 +0200)]
setlogcons: make it NOEXEC, better --help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 16:06:46 +0000 (18:06 +0200)]
setserial: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 15:59:37 +0000 (17:59 +0200)]
setserial: code shrink, better --help text
function old new delta
packed_usage 31747 31749 +2
setserial_main 1152 1132 -20
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 15:14:09 +0000 (17:14 +0200)]
slattach: code shrink, better --help text
function old new delta
tcsetattr_serial_or_warn - 34 +34
static.int_N_SLIP - 4 +4
restore_state_and_exit 123 117 -6
packed_usage 31774 31747 -27
set_termios_state_or_warn 42 - -42
slattach_main 673 624 -49
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 0/3 up/down: 38/-124) Total: -86 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 12:15:24 +0000 (14:15 +0200)]
nameif: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 12:03:27 +0000 (14:03 +0200)]
Tweak outdated documentation and comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 10:28:00 +0000 (12:28 +0200)]
tunctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 10:23:04 +0000 (12:23 +0200)]
kbd_more: make it NOEXEC, remove redundant opt clearing
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 10:17:46 +0000 (12:17 +0200)]
kbd_mode: try harder to find console device if -C TTY is not given
Was (under X):
$ ./busybox_old kbd_mode
kbd_mode: ioctl 0x4b44 failed: Inappropriate ioctl for device
Now:
$ ./busybox kbd_mode
The keyboard is in off mode
function old new delta
kbd_mode_main 166 174 +8
packed_usage 31782 31764 -18
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-18) Total: -10 bytes
text data bss dec hex filename
915757 485 6880 923122 e15f2 busybox_old
915747 485 6880 923112 e15e8 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 6 Aug 2017 09:58:46 +0000 (11:58 +0200)]
kbd_mode: show "off" mode too
function old new delta
kbd_mode_main 156 166 +10
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 21:28:19 +0000 (23:28 +0200)]
lspci,lsscsi,lsusb: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 21:21:02 +0000 (23:21 +0200)]
umount: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 20:25:00 +0000 (22:25 +0200)]
pstree: make it NOEXEC
While at it, documet why ps can't be NOEXEC.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 18:38:04 +0000 (20:38 +0200)]
chattr,lsattr,tune2fs: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 18:33:48 +0000 (20:33 +0200)]
chattr: fix option parsing to accept more cryptic option combos
function old new delta
chattr_main 286 289 +3
packed_usage 31793 31761 -32
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 16:23:10 +0000 (18:23 +0200)]
sysctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 16:20:34 +0000 (18:20 +0200)]
sysctl: recognize ";comment" and "<whitespace>#comment" lines
function old new delta
config_read 639 699 +60
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 15:50:35 +0000 (17:50 +0200)]
libbb: make trim() return pointer to terminating NUL
function old new delta
trim 80 90 +10
angle_address 56 50 -6
sysctl_main 282 273 -9
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/3 up/down: +10/-15) Total: -5 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 11:45:22 +0000 (13:45 +0200)]
sysctl: fix file parsing, do not require -w for VAR=VAL
function old new delta
sysctl_act_on_setting - 451 +451
sysctl_main 222 282 +60
packed_usage 31744 31793 +49
config_read 604 639 +35
sysctl_act_recursive 612 163 -449
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 3/1 up/down: 595/-449) Total: 146 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 00:08:23 +0000 (02:08 +0200)]
cryptpw, mkpasswd: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 5 Aug 2017 00:02:31 +0000 (02:02 +0200)]
chvt, deallocvt, dumpkmap, fgconsole, loadkmap: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 23:51:12 +0000 (01:51 +0200)]
pivot_root: make it NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 23:46:39 +0000 (01:46 +0200)]
partprobe: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 23:42:08 +0000 (01:42 +0200)]
sv, svc: make them NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 23:38:55 +0000 (01:38 +0200)]
svc: fix a case where with more than option, getopt() state is not reset
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 23:29:12 +0000 (01:29 +0200)]
blockdev, fsfreeze, fstrim, mountpoint: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 21:04:17 +0000 (23:04 +0200)]
libbb: use _exit, not exit, in bb_daemonize_or_rexec()
By the time we reach exit in parent, child already exited or execed.
We should not re-run libc cleanup code.
While at it, introduce bb_daemon_helper() and add a few comments.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 18:07:19 +0000 (20:07 +0200)]
stty: make in NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 17:55:01 +0000 (19:55 +0200)]
make 17 state-changing execing applets (ex: "nice PROG ARGS") noexec
The applets with "<applet> [opts] PROG ARGS" API very quickly exec
another program, noexec is okay for them:
chpst/envdir/envuidgid/softlimit/setuidgid
chroot
chrt
ionice
nice
nohup
setarch/linux32/linux64
taskset
cttyhack
"reset" and "sulogin" applets don't have this form, but also exec
another program at once, thus made noexec too.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 17:16:01 +0000 (19:16 +0200)]
mesg: make in NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 16:36:55 +0000 (18:36 +0200)]
pmap: tweak help text, show usage if no params are given
Noticed while auditing nofork/noexec status
function old new delta
pmap_main 70 80 +10
packed_usage 31747 31744 -3
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 15:59:46 +0000 (17:59 +0200)]
runlevel: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 15:39:05 +0000 (17:39 +0200)]
mktemp: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 15:36:16 +0000 (17:36 +0200)]
chat: trim help text
Noticed while auditing nofork/noexec status
function old new delta
packed_usage 31777 31747 -30
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 14:46:17 +0000 (16:46 +0200)]
getopt32: move support for "always treat first arg as option" to users (tar/ar)
Now getopt() never leaks (and never performs) any xmalloc's.
function old new delta
ar_main 522 556 +34
tar_main 986 1014 +28
getopt32 1458 1350 -108
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 62/-108) Total: -46 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 14:23:42 +0000 (16:23 +0200)]
getopt32: factor out code to treat all args as options
Working towards making getopt32() xmalloc-free
function old new delta
make_all_argv_opts - 58 +58
top_main 914 912 -2
getopt32 1517 1458 -59
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/2 up/down: 58/-61) Total: -3 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 14:01:39 +0000 (16:01 +0200)]
tweak NOFORK_NOEXEC.lst
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 13:24:49 +0000 (15:24 +0200)]
ash: BASH_XTRACEFD bashism
Based on patch by Johannes Schindelin <johannes.schindelin@gmx.de>
function old new delta
evalcommand 1447 1500 +53
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Johannes Schindelin [Fri, 4 Aug 2017 10:16:46 +0000 (12:16 +0200)]
ash: remove no-longer-used variable
As of
035486c75 (ash: significant overhaul of redirect saving logic,
2017-07-31), the sv_pos variable is no longer used (just assigned to,
with no further effect).
Let's just remove it.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 12:50:03 +0000 (14:50 +0200)]
ash: INT_OFF/INT_ON around run_nofork_applet()
function old new delta
evalcommand 1441 1447 +6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 4 Aug 2017 12:28:16 +0000 (14:28 +0200)]
sheel: improve comments on signal handling
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>