The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"
text data bss dec hex filename
829901 4086 1904 835891 cc133 busybox_before
829665 4086 1904 835655 cc047 busybox
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The loop
for (j = ARRAY_SIZE(applet_nameofs)-1; j >= 0; j--) {
was intended to terminate when j goes negative, so j needs to be signed.
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The array applet_nameofs consumes two bytes per applet. It encodes
nofork/noexec flags
suid flags
the offset of the applet name in the applet_name string
Change the applet_table build tool to store the flags in two separate
arrays (applet_flags and applet_suid). Replace applet_nameofs[] with a
smaller version that only stores a limited number of offsets.
This requires changes to the macros APPLET_IS_NOFORK, APPLET_IS_NOEXEC
and APPLET_SUID.
According to Valgrind the original find_applet_by_name required
353 cycles per call, averaged over all names. Adjusting the number
of known offsets allows space to be traded off against execution time:
KNOWN_OFFSETS cycles bytes (wrt KNOWN_OFFSETS = 0)
0 9057 -
2 4604 32
4 2407 75
8 1342 98
16 908 130
32 884 194
This patch uses KNOWN_OFFSETS = 8.
v2:
Remove some dead code from the applet_table tool;
Treat the applet in the middle of the table as a special case.
v3:
Use the middle applet to adjust the start of the linear search as
well as the last applet found.
v4:
Use an augmented linear search in find_applet_by_name.
Drop the special treatment of the middle name from get_applet_name:
most of the advantage now derives from the last stored value.
v5:
Don't store index in applet_nameofs, it can be calculated.
v6:
Tweaks by Denys
function old new delta
find_applet_by_name 25 125 +100
applet_suid - 92 +92
run_applet_no_and_exit 452 460 +8
run_applet_and_exit 695 697 +2
applet_name_compare 31 - -31
applet_nameofs 734 14 -720
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 3/1 up/down: 202/-751) Total: -549 bytes
text data bss dec hex filename
925464 906 17160 943530 e65aa busybox_old
924915 906 17160 942981 e6385 busybox_unstripped
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In standalone shell mode search the applet table as well as PATH
when tab completing a command.
Use a stupid linear search: we're also about to read all the
directories on PATH so efficiency isn't a big concern.
function old new delta
add_match - 53 +53
complete_cmd_dir_file 687 724 +37
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/0 up/down: 90/0) Total: 90 bytes
Signed-off-by: Ron Yorston <rmy@frippery.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
MONOTONIC_SYSCALL=y by default
FEATURE_LAST_SMALL is gone: now FEATURE_LAST_FANCY is a "bool", not a "choice".
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
systemd people are not willing to play nice with the rest of the world.
Therefore there is no reason for the rest of the world to cooperate with them.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
invarg(a,b) - "invalid argument", but how a and b enter the message?
invarg_1_to_2(a,b) is somewhat easier to read: "invalid argument 'a' to 'b'"
Audit of usage revealed a number of bad uses, with too long messages.
text data bss dec hex filename
938848 932 17448 957228 e9b2c busybox_old
938788 932 17448 957168 e9af0 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
For CONFIG_MD5_SMALL=1:
function old new delta
md5_process_block64 925 881 -44
For CONFIG_MD5_SMALL=0:
function old new delta
md5_process_block64 1603 1586 -17
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Test corner cases too like looking for an empty prefix etc.
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Since there is no interest in merging a config option for WANT_TIMING,
remove the parts of code depending on it altogether.
While we're at it: add some newlines to improve readability.
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In the initial submission struct bbunit_listelem was manipulated by
custom list functions implemented in bbunit.c. Since the tests are now
added to the list by llist_add_to_end(), which allocates the llist_t
objects behind the scenes, there's no need for the *next field.
function old new delta
unit_main 142 141 -1
bbunit_strrstr_elem 24 16 -8
bbunit_obscure_weak_pass_elem 24 16 -8
bbunit_obscure_strong_pass_elem 24 16 -8
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-25) Total: -25 bytes
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Introduce a library routine to package the idiom:
p = xmalloc(b, n);
memcpy(p, b, n);
and use it where possible. The example in traceroute used xzalloc
but it didn't need to.
function old new delta
xmemdup - 32 +32
last_main 834 826 -8
make_device 2321 2311 -10
common_traceroute_main 3698 3685 -13
readtoken1 3182 3168 -14
procps_scan 1222 1206 -16
forkchild 655 638 -17
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/6 up/down: 32/-78) Total: -46 bytes
Signed-off-by: Ron Yorston <rmy@frippery.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Linux recently gained a new config option, CONFIG_MULTIUSER, that makes
support for non-root users optional. This results in a number of syscalls
being disabled: setuid, setregid, setgid, setreuid, setresuid, getresuid,
setresgid, getresgid, setgroups, getgroups, setfsuid, setfsgid, capget,
capset.
Currently a number of busybox applets, including login, struggle to run
when CONFIG_MULTIUSER is disabled. Even the root user is unable to login:
login: can't set groups: Functi
This patch adds code to make change_identity() a nop on single user
systems. It works by recognising the signature errno value (ENOSYS, due
to the system calls being disabled) and, to avoid security risks, only
deploys when the current uid and target uid is the same.
After the patch is applied any attempt to switch to a non-root user will
fail. Thus a badly configured userspace (for example, one that tries to
start a daemon as a non-root user when the kernel cannot support this)
will report errors as one would expect.
Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
