[PATCH v10 00/15] Making BusyBox self-contained
Nadav Tasher
tashernadav at gmail.com
Thu Apr 17 20:01:03 UTC 2025
The following patchset aims to implement the following features in
the simplest way possible:
1. Introduce a simple way to control exec calls by all applets.
2. Create a unified interface from which applets can execute
other applets using the no-exec feature (reducing duplicate code).
3. Allow blocking exec calls altogether using the exec proxy functions.
4. Adapt all applets to run with these modifications.
This revision introduces the required modifications to the hush applet.
These changes allow the creation of a self-contained system, powered
by BusyBox.
By bundling BusyBox into libbusybox.a (using a separate patch), this
provides the foundation for embedding BusyBox in other programs,
acting as a complete shell interpreter.
Previous versions of this patchset were partially reviewed by:
- Csókás Bence
- Ron Yorston
- David Leonard
- Kang-Che Sung
Nadav Tasher (15):
libbb: mask xvfork to xfork on MMU targets
libbb: implement clone_string_array
libbb: implement close_cloexec_fds
libbb: implement reset_all_signals
libbb: implement bb_execXX function family to handle applet executions
libbb: make spawn and spawn_and_wait use bb_execvp
libbb: implement bb_system using spawn_and_wait
applets: change system() calls to bb_system()
ash: use bb_execve to execute commands and applets in tryexec
hush: use bb_execvp to execute commands and applets in execvp_or_die
tar: replace execlp call with bb_execvp, disable xz compression
support when FEATURE_PREFER_APPLETS is enabled
applets: use bb_execXX functions instead of direct exec calls
httpd: replace execv call with bb_execv and disable FEATURE_HTTPD_CGI
when FEATURE_FORCE_APPLETS is enabled
libbb: allow forcing all applets to behave as NOEXEC applets
libbb: implement re_exec using bb_execv
Config.in | 22 ++++
archival/dpkg.c | 2 +-
archival/libarchive/data_extract_to_command.c | 9 +-
archival/libarchive/open_transformer.c | 3 +-
archival/tar.c | 28 ++++-
console-tools/openvt.c | 2 +-
console-tools/reset.c | 2 +-
coreutils/chroot.c | 2 +-
coreutils/env.c | 2 +-
coreutils/nice.c | 2 +-
coreutils/nohup.c | 2 +-
coreutils/timeout.c | 2 +-
debianutils/start_stop_daemon.c | 2 +-
docs/nofork_noexec.txt | 13 +-
editors/awk.c | 2 +-
editors/vi.c | 2 +-
include/libbb.h | 56 ++++++---
init/bootchartd.c | 21 +++-
init/halt.c | 9 +-
init/init.c | 4 +-
libbb/Kbuild.src | 1 +
libbb/clone_string_array.c | 29 +++++
libbb/executable.c | 111 ++++++++++++++++--
libbb/run_shell.c | 4 +-
libbb/signals.c | 26 ++++
libbb/vfork_daemon_rexec.c | 72 +++++++++---
libbb/xfuncs.c | 10 ++
loginutils/adduser.c | 7 +-
loginutils/getty.c | 19 ++-
mailutils/mail.c | 2 +-
mailutils/reformime.c | 2 +-
miscutils/conspy.c | 11 +-
miscutils/crond.c | 38 +++++-
miscutils/crontab.c | 13 +-
miscutils/man.c | 2 +-
miscutils/time.c | 2 +-
networking/ftpd.c | 3 +-
networking/httpd.c | 8 +-
networking/ifupdown.c | 17 ++-
networking/inetd.c | 6 +-
networking/nc.c | 3 +-
networking/nc_bloaty.c | 2 +-
networking/slattach.c | 2 +-
networking/tcpudp.c | 2 +-
networking/telnetd.c | 2 +-
networking/wget.c | 5 +-
printutils/lpd.c | 2 +-
procps/watch.c | 2 +-
runit/chpst.c | 2 +-
runit/runsv.c | 9 +-
runit/runsvdir.c | 13 +-
runit/svlogd.c | 15 ++-
selinux/runcon.c | 2 +-
shell/ash.c | 72 ++++--------
shell/cttyhack.c | 2 +-
shell/hush.c | 44 +------
util-linux/chrt.c | 2 +-
util-linux/ionice.c | 2 +-
util-linux/mdev.c | 2 +-
util-linux/script.c | 18 ++-
util-linux/setarch.c | 2 +-
util-linux/setpriv.c | 2 +-
util-linux/setsid.c | 2 +-
util-linux/switch_root.c | 2 +-
util-linux/taskset.c | 2 +-
65 files changed, 555 insertions(+), 228 deletions(-)
create mode 100644 libbb/clone_string_array.c
--
2.34.1
More information about the busybox
mailing list