[git commit] pstree: make it NOEXEC

Denys Vlasenko vda.linux at googlemail.com
Sat Aug 5 20:25:00 UTC 2017


commit: https://git.busybox.net/busybox/commit/?id=00c1811d87ea9019c2beda0d182150792c6bb053
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master

While at it, documet why ps can't be NOEXEC.

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 NOFORK_NOEXEC.lst |  4 ++--
 procps/ps.c       | 24 +++++++++++++-----------
 procps/pstree.c   |  3 +--
 3 files changed, 16 insertions(+), 15 deletions(-)

diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst
index 0b6528d..fbba3ad 100644
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -269,9 +269,9 @@ poweroff - rare
 powertop - interactive, longterm
 printenv - NOFORK
 printf - NOFORK
-ps - noexec candidate
+ps - looks for AT_CLKTCK elf aux vector, therefore can't be noexec
 pscan - longterm
-pstree
+pstree - noexec
 pwd - NOFORK
 pwdx - NOFORK
 raidautorun
diff --git a/procps/ps.c b/procps/ps.c
index 081479b..afd9813 100644
--- a/procps/ps.c
+++ b/procps/ps.c
@@ -15,7 +15,7 @@
 //config:	ps gives a snapshot of the current processes.
 //config:
 //config:config FEATURE_PS_WIDE
-//config:	bool "Enable wide output option (-w)"
+//config:	bool "Enable wide output (-w)"
 //config:	default y
 //config:	depends on PS && !DESKTOP
 //config:	help
@@ -24,7 +24,7 @@
 //config:	than once, the length is unlimited.
 //config:
 //config:config FEATURE_PS_LONG
-//config:	bool "Enable long output option (-l)"
+//config:	bool "Enable long output (-l)"
 //config:	default y
 //config:	depends on PS && !DESKTOP
 //config:	help
@@ -32,11 +32,16 @@
 //config:	Adds fields PPID, RSS, START, TIME & TTY
 //config:
 //config:config FEATURE_PS_TIME
-//config:	bool "Support -o time and -o etime output specifiers"
+//config:	bool "Enable -o time and -o etime specifiers"
 //config:	default y
 //config:	depends on PS && DESKTOP
 //config:	select PLATFORM_LINUX
 //config:
+//config:config FEATURE_PS_ADDITIONAL_COLUMNS
+//config:	bool "Enable -o rgroup, -o ruser, -o nice specifiers"
+//config:	default y
+//config:	depends on PS && DESKTOP
+//config:
 //config:config FEATURE_PS_UNUSUAL_SYSTEMS
 //config:	bool "Support Linux prior to 2.4.0 and non-ELF systems"
 //config:	default n
@@ -44,13 +49,9 @@
 //config:	help
 //config:	Include support for measuring HZ on old kernels and non-ELF systems
 //config:	(if you are on Linux 2.4.0+ and use ELF, you don't need this)
-//config:
-//config:config FEATURE_PS_ADDITIONAL_COLUMNS
-//config:	bool "Support -o rgroup, -o ruser, -o nice specifiers"
-//config:	default y
-//config:	depends on PS && DESKTOP
 
 //applet:IF_PS(APPLET(ps, BB_DIR_BIN, BB_SUID_DROP))
+/* can't be NOEXEC: uses ELF aux vector. To have it, we must be a normal, execed process */
 
 //kbuild:lib-$(CONFIG_PS) += ps.o
 
@@ -202,6 +203,7 @@ struct globals {
 
 #if ENABLE_FEATURE_PS_TIME
 /* for ELF executables, notes are pushed before environment and args */
+/* try "LD_SHOW_AUXV=1 /bin/true" */
 static uintptr_t find_elf_note(uintptr_t findme)
 {
 	uintptr_t *ep = (uintptr_t *) environ;
@@ -217,7 +219,7 @@ static uintptr_t find_elf_note(uintptr_t findme)
 	return -1;
 }
 
-#if ENABLE_FEATURE_PS_UNUSUAL_SYSTEMS
+# if ENABLE_FEATURE_PS_UNUSUAL_SYSTEMS
 static unsigned get_HZ_by_waiting(void)
 {
 	struct timeval tv1, tv2;
@@ -260,13 +262,13 @@ static unsigned get_HZ_by_waiting(void)
 
 	return r;
 }
-#else
+# else
 static inline unsigned get_HZ_by_waiting(void)
 {
 	/* Better method? */
 	return 100;
 }
-#endif
+# endif
 
 static unsigned get_kernel_HZ(void)
 {
diff --git a/procps/pstree.c b/procps/pstree.c
index 212cda2..8249079 100644
--- a/procps/pstree.c
+++ b/procps/pstree.c
@@ -9,14 +9,13 @@
  *
  * Licensed under GPLv2, see file LICENSE in this source tree.
  */
-
 //config:config PSTREE
 //config:	bool "pstree (9.4 kb)"
 //config:	default y
 //config:	help
 //config:	Display a tree of processes.
 
-//applet:IF_PSTREE(APPLET(pstree, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_PSTREE(APPLET_NOEXEC(pstree, pstree, BB_DIR_USR_BIN, BB_SUID_DROP, pstree))
 
 //kbuild:lib-$(CONFIG_PSTREE) += pstree.o
 


More information about the busybox-cvs mailing list