diff options
author | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-05 22:25:00 +0200 |
---|---|---|
committer | Denys Vlasenko <vda.linux@googlemail.com> | 2017-08-05 22:25:00 +0200 |
commit | 00c1811d87ea9019c2beda0d182150792c6bb053 (patch) | |
tree | 43f1af035419b1d197e24fa25486ccbfad3eb26a | |
parent | 99125c04950a7ba2ac90dc21c3d924fe9dd95651 (diff) |
pstree: make it NOEXEC
While at it, documet why ps can't be NOEXEC.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r-- | NOFORK_NOEXEC.lst | 4 | ||||
-rw-r--r-- | procps/ps.c | 24 | ||||
-rw-r--r-- | procps/pstree.c | 3 |
3 files changed, 16 insertions, 15 deletions
diff --git a/NOFORK_NOEXEC.lst b/NOFORK_NOEXEC.lst index 0b6528d94..fbba3adb3 100644 --- a/NOFORK_NOEXEC.lst +++ b/NOFORK_NOEXEC.lst @@ -269,9 +269,9 @@ poweroff - rare powertop - interactive, longterm printenv - NOFORK printf - NOFORK -ps - noexec candidate +ps - looks for AT_CLKTCK elf aux vector, therefore can't be noexec pscan - longterm -pstree +pstree - noexec pwd - NOFORK pwdx - NOFORK raidautorun diff --git a/procps/ps.c b/procps/ps.c index 081479b33..afd981313 100644 --- a/procps/ps.c +++ b/procps/ps.c @@ -15,7 +15,7 @@ //config: ps gives a snapshot of the current processes. //config: //config:config FEATURE_PS_WIDE -//config: bool "Enable wide output option (-w)" +//config: bool "Enable wide output (-w)" //config: default y //config: depends on PS && !DESKTOP //config: help @@ -24,7 +24,7 @@ //config: than once, the length is unlimited. //config: //config:config FEATURE_PS_LONG -//config: bool "Enable long output option (-l)" +//config: bool "Enable long output (-l)" //config: default y //config: depends on PS && !DESKTOP //config: help @@ -32,11 +32,16 @@ //config: Adds fields PPID, RSS, START, TIME & TTY //config: //config:config FEATURE_PS_TIME -//config: bool "Support -o time and -o etime output specifiers" +//config: bool "Enable -o time and -o etime specifiers" //config: default y //config: depends on PS && DESKTOP //config: select PLATFORM_LINUX //config: +//config:config FEATURE_PS_ADDITIONAL_COLUMNS +//config: bool "Enable -o rgroup, -o ruser, -o nice specifiers" +//config: default y +//config: depends on PS && DESKTOP +//config: //config:config FEATURE_PS_UNUSUAL_SYSTEMS //config: bool "Support Linux prior to 2.4.0 and non-ELF systems" //config: default n @@ -44,13 +49,9 @@ //config: help //config: Include support for measuring HZ on old kernels and non-ELF systems //config: (if you are on Linux 2.4.0+ and use ELF, you don't need this) -//config: -//config:config FEATURE_PS_ADDITIONAL_COLUMNS -//config: bool "Support -o rgroup, -o ruser, -o nice specifiers" -//config: default y -//config: depends on PS && DESKTOP //applet:IF_PS(APPLET(ps, BB_DIR_BIN, BB_SUID_DROP)) +/* can't be NOEXEC: uses ELF aux vector. To have it, we must be a normal, execed process */ //kbuild:lib-$(CONFIG_PS) += ps.o @@ -202,6 +203,7 @@ struct globals { #if ENABLE_FEATURE_PS_TIME /* for ELF executables, notes are pushed before environment and args */ +/* try "LD_SHOW_AUXV=1 /bin/true" */ static uintptr_t find_elf_note(uintptr_t findme) { uintptr_t *ep = (uintptr_t *) environ; @@ -217,7 +219,7 @@ static uintptr_t find_elf_note(uintptr_t findme) return -1; } -#if ENABLE_FEATURE_PS_UNUSUAL_SYSTEMS +# if ENABLE_FEATURE_PS_UNUSUAL_SYSTEMS static unsigned get_HZ_by_waiting(void) { struct timeval tv1, tv2; @@ -260,13 +262,13 @@ static unsigned get_HZ_by_waiting(void) return r; } -#else +# else static inline unsigned get_HZ_by_waiting(void) { /* Better method? */ return 100; } -#endif +# endif static unsigned get_kernel_HZ(void) { diff --git a/procps/pstree.c b/procps/pstree.c index 212cda23c..824907997 100644 --- a/procps/pstree.c +++ b/procps/pstree.c @@ -9,14 +9,13 @@ * * Licensed under GPLv2, see file LICENSE in this source tree. */ - //config:config PSTREE //config: bool "pstree (9.4 kb)" //config: default y //config: help //config: Display a tree of processes. -//applet:IF_PSTREE(APPLET(pstree, BB_DIR_USR_BIN, BB_SUID_DROP)) +//applet:IF_PSTREE(APPLET_NOEXEC(pstree, pstree, BB_DIR_USR_BIN, BB_SUID_DROP, pstree)) //kbuild:lib-$(CONFIG_PSTREE) += pstree.o |