pstree: make it NOEXEC

While at it, documet why ps can't be NOEXEC. Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-05 22:25:00 +02:00
parent 99125c0495
commit 00c1811d87
3 changed files with 16 additions and 15 deletions
--- a/NOFORK_NOEXEC.lst
+++ b/NOFORK_NOEXEC.lst
@@ -269,9 +269,9 @@ poweroff - rare
 powertop - interactive, longterm
 printenv - NOFORK
 printf - NOFORK
-ps - noexec candidate
+ps - looks for AT_CLKTCK elf aux vector, therefore can't be noexec
 pscan - longterm
-pstree
+pstree - noexec
 pwd - NOFORK
 pwdx - NOFORK
 raidautorun
--- a/procps/ps.c
+++ b/procps/ps.c
@@ -15,7 +15,7 @@
 //config:	ps gives a snapshot of the current processes.
 //config:
 //config:config FEATURE_PS_WIDE
-//config:	bool "Enable wide output option (-w)"
+//config:	bool "Enable wide output (-w)"
 //config:	default y
 //config:	depends on PS && !DESKTOP
 //config:	help
@@ -24,7 +24,7 @@
 //config:	than once, the length is unlimited.
 //config:
 //config:config FEATURE_PS_LONG
-//config:	bool "Enable long output option (-l)"
+//config:	bool "Enable long output (-l)"
 //config:	default y
 //config:	depends on PS && !DESKTOP
 //config:	help
@@ -32,11 +32,16 @@
 //config:	Adds fields PPID, RSS, START, TIME & TTY
 //config:
 //config:config FEATURE_PS_TIME
-//config:	bool "Support -o time and -o etime output specifiers"
+//config:	bool "Enable -o time and -o etime specifiers"
 //config:	default y
 //config:	depends on PS && DESKTOP
 //config:	select PLATFORM_LINUX
 //config:
+//config:config FEATURE_PS_ADDITIONAL_COLUMNS
+//config:	bool "Enable -o rgroup, -o ruser, -o nice specifiers"
+//config:	default y
+//config:	depends on PS && DESKTOP
+//config:
 //config:config FEATURE_PS_UNUSUAL_SYSTEMS
 //config:	bool "Support Linux prior to 2.4.0 and non-ELF systems"
 //config:	default n
@@ -44,13 +49,9 @@
 //config:	help
 //config:	Include support for measuring HZ on old kernels and non-ELF systems
 //config:	(if you are on Linux 2.4.0+ and use ELF, you don't need this)
-//config:
-//config:config FEATURE_PS_ADDITIONAL_COLUMNS
-//config:	bool "Support -o rgroup, -o ruser, -o nice specifiers"
-//config:	default y
-//config:	depends on PS && DESKTOP

 //applet:IF_PS(APPLET(ps, BB_DIR_BIN, BB_SUID_DROP))
+/* can't be NOEXEC: uses ELF aux vector. To have it, we must be a normal, execed process */

 //kbuild:lib-$(CONFIG_PS) += ps.o

@@ -202,6 +203,7 @@ struct globals {

 #if ENABLE_FEATURE_PS_TIME
 /* for ELF executables, notes are pushed before environment and args */
+/* try "LD_SHOW_AUXV=1 /bin/true" */
 static uintptr_t find_elf_note(uintptr_t findme)
 {
 	uintptr_t *ep = (uintptr_t *) environ;
@@ -217,7 +219,7 @@ static uintptr_t find_elf_note(uintptr_t findme)
 	return -1;
 }

-#if ENABLE_FEATURE_PS_UNUSUAL_SYSTEMS
+# if ENABLE_FEATURE_PS_UNUSUAL_SYSTEMS
 static unsigned get_HZ_by_waiting(void)
 {
 	struct timeval tv1, tv2;
@@ -260,13 +262,13 @@ static unsigned get_HZ_by_waiting(void)

 	return r;
 }
-#else
+# else
 static inline unsigned get_HZ_by_waiting(void)
 {
 	/* Better method? */
 	return 100;
 }
-#endif
+# endif

 static unsigned get_kernel_HZ(void)
 {
--- a/procps/pstree.c
+++ b/procps/pstree.c
@@ -9,14 +9,13 @@
 *
 * Licensed under GPLv2, see file LICENSE in this source tree.
 */
-
 //config:config PSTREE
 //config:	bool "pstree (9.4 kb)"
 //config:	default y
 //config:	help
 //config:	Display a tree of processes.

-//applet:IF_PSTREE(APPLET(pstree, BB_DIR_USR_BIN, BB_SUID_DROP))
+//applet:IF_PSTREE(APPLET_NOEXEC(pstree, pstree, BB_DIR_USR_BIN, BB_SUID_DROP, pstree))

 //kbuild:lib-$(CONFIG_PSTREE) += pstree.o