vfork_daemon_rexec.c 9.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339
  1. /* vi: set sw=4 ts=4: */
  2. /*
  3. * Rexec program for system have fork() as vfork() with foreground option
  4. *
  5. * Copyright (C) Vladimir N. Oleynik <dzo@simtreas.ru>
  6. * Copyright (C) 2003 Russ Dill <Russ.Dill@asu.edu>
  7. *
  8. * daemon() portion taken from uClibc:
  9. *
  10. * Copyright (c) 1991, 1993
  11. * The Regents of the University of California. All rights reserved.
  12. *
  13. * Modified for uClibc by Erik Andersen <andersee@debian.org>
  14. *
  15. * Licensed under GPLv2 or later, see file LICENSE in this source tree.
  16. */
  17. #include "busybox.h" /* uses applet tables */
  18. #include "NUM_APPLETS.h"
  19. #define NOFORK_SUPPORT ((NUM_APPLETS > 1) && (ENABLE_FEATURE_PREFER_APPLETS || ENABLE_FEATURE_SH_NOFORK))
  20. #define NOEXEC_SUPPORT ((NUM_APPLETS > 1) && (ENABLE_FEATURE_PREFER_APPLETS || ENABLE_FEATURE_SH_STANDALONE))
  21. #if defined(__linux__) && (NUM_APPLETS > 1)
  22. # include <sys/prctl.h>
  23. # ifndef PR_SET_NAME
  24. # define PR_SET_NAME 15
  25. # endif
  26. # ifndef PR_GET_NAME
  27. # define PR_GET_NAME 16
  28. # endif
  29. # if ENABLE_FEATURE_SH_STANDALONE || ENABLE_FEATURE_PREFER_APPLETS || !BB_MMU
  30. int FAST_FUNC re_execed_comm(void)
  31. {
  32. const char *e, *expected_comm;
  33. char comm[16];
  34. BUILD_BUG_ON(CONFIG_BUSYBOX_EXEC_PATH[0] != '/');
  35. e = CONFIG_BUSYBOX_EXEC_PATH;
  36. /* Hopefully (strrchr(e) - e) evaluates to constant at compile time: */
  37. expected_comm = bb_busybox_exec_path + (strrchr(e, '/') - e) + 1;
  38. prctl(PR_GET_NAME, (long)comm, 0, 0, 0);
  39. //bb_error_msg("comm:'%.*s' expected:'%s'", 16, comm, expected_comm);
  40. return strcmp(comm, expected_comm) == 0;
  41. }
  42. # endif
  43. void FAST_FUNC set_task_comm(const char *comm)
  44. {
  45. /* okay if too long (truncates) */
  46. prctl(PR_SET_NAME, (long)comm, 0, 0, 0);
  47. }
  48. #endif
  49. /*
  50. * NOFORK/NOEXEC support
  51. */
  52. #if NOFORK_SUPPORT
  53. static jmp_buf die_jmp;
  54. static void jump(void)
  55. {
  56. /* Special case. We arrive here if NOFORK applet
  57. * calls xfunc, which then decides to die.
  58. * We don't die, but instead jump back to caller.
  59. * NOFORK applets still cannot carelessly call xfuncs:
  60. * p = xmalloc(10);
  61. * q = xmalloc(10); // BUG! if this dies, we leak p!
  62. */
  63. /* | 0x100 allows to pass zero exitcode (longjmp can't pass 0).
  64. * This works because exitcodes are bytes,
  65. * run_nofork_applet() ensures that by "& 0xff"
  66. */
  67. longjmp(die_jmp, xfunc_error_retval | 0x100);
  68. }
  69. struct nofork_save_area {
  70. jmp_buf die_jmp;
  71. void (*die_func)(void);
  72. const char *applet_name;
  73. uint32_t option_mask32;
  74. smallint logmode;
  75. uint8_t xfunc_error_retval;
  76. };
  77. static void save_nofork_data(struct nofork_save_area *save)
  78. {
  79. memcpy(&save->die_jmp, &die_jmp, sizeof(die_jmp));
  80. save->die_func = die_func;
  81. save->applet_name = applet_name;
  82. save->option_mask32 = option_mask32;
  83. save->logmode = logmode;
  84. save->xfunc_error_retval = xfunc_error_retval;
  85. }
  86. static void restore_nofork_data(struct nofork_save_area *save)
  87. {
  88. memcpy(&die_jmp, &save->die_jmp, sizeof(die_jmp));
  89. die_func = save->die_func;
  90. applet_name = save->applet_name;
  91. option_mask32 = save->option_mask32;
  92. logmode = save->logmode;
  93. xfunc_error_retval = save->xfunc_error_retval;
  94. }
  95. int FAST_FUNC run_nofork_applet(int applet_no, char **argv)
  96. {
  97. int rc, argc;
  98. struct nofork_save_area old;
  99. save_nofork_data(&old);
  100. logmode = LOGMODE_STDIO;
  101. xfunc_error_retval = EXIT_FAILURE;
  102. /* In case getopt() was already called:
  103. * reset the libc getopt() function, which keeps internal state.
  104. * (getopt32() does it itself, but getopt() doesn't (and can't))
  105. */
  106. GETOPT_RESET();
  107. argc = string_array_len(argv);
  108. /* If xfunc "dies" in NOFORK applet, die_func longjmp's here instead */
  109. die_func = jump;
  110. rc = setjmp(die_jmp);
  111. if (!rc) {
  112. /* Some callers (xargs)
  113. * need argv untouched because they free argv[i]! */
  114. char *tmp_argv[argc+1];
  115. memcpy(tmp_argv, argv, (argc+1) * sizeof(tmp_argv[0]));
  116. applet_name = tmp_argv[0];
  117. /* longjmp's (instead of returning) if --help is seen */
  118. show_usage_if_dash_dash_help(applet_no, argv);
  119. /* Finally we can call NOFORK applet's main() */
  120. rc = applet_main[applet_no](argc, tmp_argv);
  121. /* Important for shells: `which CMD` was failing */
  122. fflush_all();
  123. } else {
  124. /* xfunc died in NOFORK applet */
  125. }
  126. /* Restoring some globals */
  127. restore_nofork_data(&old);
  128. /* Other globals can be simply reset to defaults */
  129. GETOPT_RESET();
  130. return rc & 0xff; /* don't confuse people with "exitcodes" >255 */
  131. }
  132. #endif
  133. #if NOEXEC_SUPPORT
  134. void FAST_FUNC run_noexec_applet_and_exit(int a, const char *name, char **argv)
  135. {
  136. /* reset some state and run without execing */
  137. /* msg_eol = "\n"; - no caller needs this reinited yet */
  138. logmode = LOGMODE_STDIO;
  139. xfunc_error_retval = EXIT_FAILURE;
  140. die_func = NULL;
  141. GETOPT_RESET();
  142. //TODO: think pidof, pgrep, pkill!
  143. //set_task_comm() makes our pidof find NOEXECs (e.g. "yes >/dev/null"),
  144. //but one from procps-ng-3.3.10 needs more!
  145. //Rewrite /proc/PID/cmdline? (need to save argv0 and length at init for this to work!)
  146. set_task_comm(name);
  147. /* applet_name is set by this function: */
  148. run_applet_no_and_exit(a, name, argv);
  149. }
  150. #endif
  151. /*
  152. * Higher-level code, hiding optional NOFORK/NOEXEC trickery.
  153. */
  154. /* This does a fork/exec in one call, using vfork(). Returns PID of new child,
  155. * -1 for failure. Runs argv[0], searching path if that has no / in it. */
  156. pid_t FAST_FUNC spawn(char **argv)
  157. {
  158. /* Compiler should not optimize stores here */
  159. volatile int failed;
  160. pid_t pid;
  161. fflush_all();
  162. /* Be nice to nommu machines. */
  163. failed = 0;
  164. pid = vfork();
  165. if (pid < 0) /* error */
  166. return pid;
  167. if (!pid) { /* child */
  168. /* This macro is ok - it doesn't do NOEXEC/NOFORK tricks */
  169. BB_EXECVP(argv[0], argv);
  170. /* We are (maybe) sharing a stack with blocked parent,
  171. * let parent know we failed and then exit to unblock parent
  172. * (but don't run atexit() stuff, which would screw up parent.)
  173. */
  174. failed = errno;
  175. /* mount, for example, does not want the message */
  176. /*bb_perror_msg("can't execute '%s'", argv[0]);*/
  177. _exit(111);
  178. }
  179. /* parent */
  180. /* Unfortunately, this is not reliable: according to standards
  181. * vfork() can be equivalent to fork() and we won't see value
  182. * of 'failed'.
  183. * Interested party can wait on pid and learn exit code.
  184. * If 111 - then it (most probably) failed to exec */
  185. if (failed) {
  186. safe_waitpid(pid, NULL, 0); /* prevent zombie */
  187. errno = failed;
  188. return -1;
  189. }
  190. return pid;
  191. }
  192. /* Die with an error message if we can't spawn a child process. */
  193. pid_t FAST_FUNC xspawn(char **argv)
  194. {
  195. pid_t pid = spawn(argv);
  196. if (pid < 0)
  197. bb_simple_perror_msg_and_die(*argv);
  198. return pid;
  199. }
  200. int FAST_FUNC spawn_and_wait(char **argv)
  201. {
  202. int rc;
  203. #if ENABLE_FEATURE_PREFER_APPLETS && (NUM_APPLETS > 1)
  204. int a = find_applet_by_name(argv[0]);
  205. if (a >= 0) {
  206. if (APPLET_IS_NOFORK(a))
  207. return run_nofork_applet(a, argv);
  208. # if BB_MMU /* NOEXEC needs fork(), thus this is done only on MMU machines: */
  209. if (APPLET_IS_NOEXEC(a)) {
  210. fflush_all();
  211. rc = fork();
  212. if (rc) /* parent or error */
  213. return wait4pid(rc);
  214. /* child */
  215. run_noexec_applet_and_exit(a, argv[0], argv);
  216. }
  217. # endif
  218. }
  219. #endif
  220. rc = spawn(argv);
  221. return wait4pid(rc);
  222. }
  223. #if !BB_MMU
  224. void FAST_FUNC re_exec(char **argv)
  225. {
  226. /* high-order bit of first char in argv[0] is a hidden
  227. * "we have (already) re-execed, don't do it again" flag */
  228. argv[0][0] |= 0x80;
  229. execv(bb_busybox_exec_path, argv);
  230. bb_perror_msg_and_die("can't execute '%s'", bb_busybox_exec_path);
  231. }
  232. pid_t FAST_FUNC fork_or_rexec(char **argv)
  233. {
  234. pid_t pid;
  235. /* Maybe we are already re-execed and come here again? */
  236. if (re_execed)
  237. return 0;
  238. /* fflush_all(); ? - so far all callers had no buffered output to flush */
  239. pid = xvfork();
  240. if (pid == 0) /* child - re-exec ourself */
  241. re_exec(argv); /* NORETURN */
  242. /* parent */
  243. argv[0][0] &= 0x7f; /* undo re_rexec() damage */
  244. return pid;
  245. }
  246. #endif
  247. /* Due to a #define in libbb.h on MMU systems we actually have 1 argument -
  248. * char **argv "vanishes" */
  249. void FAST_FUNC bb_daemonize_or_rexec(int flags, char **argv)
  250. {
  251. int fd;
  252. if (flags & DAEMON_CHDIR_ROOT)
  253. xchdir("/");
  254. fd = open(bb_dev_null, O_RDWR);
  255. if (fd < 0) {
  256. /* NB: we can be called as bb_sanitize_stdio() from init
  257. * or mdev, and there /dev/null may legitimately not (yet) exist!
  258. * Do not use xopen above, but obtain _ANY_ open descriptor,
  259. * even bogus one as below. */
  260. fd = xopen("/", O_RDONLY); /* don't believe this can fail */
  261. }
  262. if (flags & DAEMON_DEVNULL_STDIO) {
  263. xdup2(fd, 0);
  264. xdup2(fd, 1);
  265. xdup2(fd, 2);
  266. } else {
  267. /* have 0,1,2 open at least to /dev/null */
  268. while ((unsigned)fd < 2)
  269. fd = dup(fd);
  270. }
  271. if (!(flags & DAEMON_ONLY_SANITIZE)) {
  272. /* fflush_all(); - add it in fork_or_rexec() if necessary */
  273. if (fork_or_rexec(argv))
  274. _exit_SUCCESS(); /* parent */
  275. /* if daemonizing, detach from stdio & ctty */
  276. setsid();
  277. dup2(fd, 0);
  278. dup2(fd, 1);
  279. dup2(fd, 2);
  280. // if (flags & DAEMON_DOUBLE_FORK) {
  281. // /* On Linux, session leader can acquire ctty
  282. // * unknowingly, by opening a tty.
  283. // * Prevent this: stop being a session leader.
  284. // */
  285. // if (fork_or_rexec(argv))
  286. // _exit_SUCCESS(); /* parent */
  287. // }
  288. }
  289. while (fd > 2) {
  290. close(fd--);
  291. if (!(flags & DAEMON_CLOSE_EXTRA_FDS))
  292. return;
  293. /* else close everything after fd#2 */
  294. }
  295. }
  296. void FAST_FUNC bb_sanitize_stdio(void)
  297. {
  298. bb_daemonize_or_rexec(DAEMON_ONLY_SANITIZE, NULL);
  299. }