blob: c192829b55fca8388f3f356a94c15d2314dd6e03
1 | /* vi: set sw=4 ts=4: */ |
2 | /* |
3 | * Rexec program for system have fork() as vfork() with foreground option |
4 | * |
5 | * Copyright (C) Vladimir N. Oleynik <dzo@simtreas.ru> |
6 | * Copyright (C) 2003 Russ Dill <Russ.Dill@asu.edu> |
7 | * |
8 | * daemon() portion taken from uClibc: |
9 | * |
10 | * Copyright (c) 1991, 1993 |
11 | * The Regents of the University of California. All rights reserved. |
12 | * |
13 | * Modified for uClibc by Erik Andersen <andersee@debian.org> |
14 | * |
15 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. |
16 | */ |
17 | |
18 | #include "busybox.h" /* uses applet tables */ |
19 | |
20 | /* This does a fork/exec in one call, using vfork(). Returns PID of new child, |
21 | * -1 for failure. Runs argv[0], searching path if that has no / in it. */ |
22 | pid_t FAST_FUNC spawn(char **argv) |
23 | { |
24 | /* Compiler should not optimize stores here */ |
25 | volatile int failed; |
26 | pid_t pid; |
27 | |
28 | fflush_all(); |
29 | |
30 | /* Be nice to nommu machines. */ |
31 | failed = 0; |
32 | pid = vfork(); |
33 | if (pid < 0) /* error */ |
34 | return pid; |
35 | if (!pid) { /* child */ |
36 | /* This macro is ok - it doesn't do NOEXEC/NOFORK tricks */ |
37 | BB_EXECVP(argv[0], argv); |
38 | |
39 | /* We are (maybe) sharing a stack with blocked parent, |
40 | * let parent know we failed and then exit to unblock parent |
41 | * (but don't run atexit() stuff, which would screw up parent.) |
42 | */ |
43 | failed = errno; |
44 | /* mount, for example, does not want the message */ |
45 | /*bb_perror_msg("can't execute '%s'", argv[0]);*/ |
46 | _exit(111); |
47 | } |
48 | /* parent */ |
49 | /* Unfortunately, this is not reliable: according to standards |
50 | * vfork() can be equivalent to fork() and we won't see value |
51 | * of 'failed'. |
52 | * Interested party can wait on pid and learn exit code. |
53 | * If 111 - then it (most probably) failed to exec */ |
54 | if (failed) { |
55 | safe_waitpid(pid, NULL, 0); /* prevent zombie */ |
56 | errno = failed; |
57 | return -1; |
58 | } |
59 | return pid; |
60 | } |
61 | |
62 | /* Die with an error message if we can't spawn a child process. */ |
63 | pid_t FAST_FUNC xspawn(char **argv) |
64 | { |
65 | pid_t pid = spawn(argv); |
66 | if (pid < 0) |
67 | bb_simple_perror_msg_and_die(*argv); |
68 | return pid; |
69 | } |
70 | |
71 | #if ENABLE_FEATURE_PREFER_APPLETS \ |
72 | || ENABLE_FEATURE_SH_NOFORK |
73 | static jmp_buf die_jmp; |
74 | static void jump(void) |
75 | { |
76 | /* Special case. We arrive here if NOFORK applet |
77 | * calls xfunc, which then decides to die. |
78 | * We don't die, but jump instead back to caller. |
79 | * NOFORK applets still cannot carelessly call xfuncs: |
80 | * p = xmalloc(10); |
81 | * q = xmalloc(10); // BUG! if this dies, we leak p! |
82 | */ |
83 | /* | 0x100 allows to pass zero exitcode (longjmp can't pass 0). |
84 | * This works because exitcodes are bytes, |
85 | * run_nofork_applet() ensures that by "& 0xff" */ |
86 | longjmp(die_jmp, xfunc_error_retval | 0x100); |
87 | } |
88 | |
89 | struct nofork_save_area { |
90 | jmp_buf die_jmp; |
91 | void (*die_func)(void); |
92 | const char *applet_name; |
93 | uint32_t option_mask32; |
94 | uint8_t xfunc_error_retval; |
95 | }; |
96 | static void save_nofork_data(struct nofork_save_area *save) |
97 | { |
98 | memcpy(&save->die_jmp, &die_jmp, sizeof(die_jmp)); |
99 | save->die_func = die_func; |
100 | save->applet_name = applet_name; |
101 | save->option_mask32 = option_mask32; |
102 | save->xfunc_error_retval = xfunc_error_retval; |
103 | } |
104 | static void restore_nofork_data(struct nofork_save_area *save) |
105 | { |
106 | memcpy(&die_jmp, &save->die_jmp, sizeof(die_jmp)); |
107 | die_func = save->die_func; |
108 | applet_name = save->applet_name; |
109 | option_mask32 = save->option_mask32; |
110 | xfunc_error_retval = save->xfunc_error_retval; |
111 | } |
112 | |
113 | int FAST_FUNC run_nofork_applet(int applet_no, char **argv) |
114 | { |
115 | int rc, argc; |
116 | struct nofork_save_area old; |
117 | |
118 | save_nofork_data(&old); |
119 | |
120 | xfunc_error_retval = EXIT_FAILURE; |
121 | |
122 | /* In case getopt() or getopt32() was already called: |
123 | * reset the libc getopt() function, which keeps internal state. |
124 | * |
125 | * BSD-derived getopt() functions require that optind be set to 1 in |
126 | * order to reset getopt() state. This used to be generally accepted |
127 | * way of resetting getopt(). However, glibc's getopt() |
128 | * has additional getopt() state beyond optind, and requires that |
129 | * optind be set to zero to reset its state. So the unfortunate state of |
130 | * affairs is that BSD-derived versions of getopt() misbehave if |
131 | * optind is set to 0 in order to reset getopt(), and glibc's getopt() |
132 | * will core dump if optind is set 1 in order to reset getopt(). |
133 | * |
134 | * More modern versions of BSD require that optreset be set to 1 in |
135 | * order to reset getopt(). Sigh. Standards, anyone? |
136 | */ |
137 | #ifdef __GLIBC__ |
138 | optind = 0; |
139 | #else /* BSD style */ |
140 | optind = 1; |
141 | /* optreset = 1; */ |
142 | #endif |
143 | /* optarg = NULL; opterr = 1; optopt = 63; - do we need this too? */ |
144 | /* (values above are what they initialized to in glibc and uclibc) */ |
145 | /* option_mask32 = 0; - not needed, no applet depends on it being 0 */ |
146 | |
147 | argc = 1; |
148 | while (argv[argc]) |
149 | argc++; |
150 | |
151 | /* If xfunc "dies" in NOFORK applet, die_func longjmp's here instead */ |
152 | die_func = jump; |
153 | rc = setjmp(die_jmp); |
154 | if (!rc) { |
155 | /* Some callers (xargs) |
156 | * need argv untouched because they free argv[i]! */ |
157 | char *tmp_argv[argc+1]; |
158 | memcpy(tmp_argv, argv, (argc+1) * sizeof(tmp_argv[0])); |
159 | applet_name = tmp_argv[0]; |
160 | /* Finally we can call NOFORK applet's main() */ |
161 | rc = applet_main[applet_no](argc, tmp_argv); |
162 | } else { |
163 | /* xfunc died in NOFORK applet */ |
164 | } |
165 | |
166 | /* Restoring some globals */ |
167 | restore_nofork_data(&old); |
168 | |
169 | /* Other globals can be simply reset to defaults */ |
170 | #ifdef __GLIBC__ |
171 | optind = 0; |
172 | #else /* BSD style */ |
173 | optind = 1; |
174 | #endif |
175 | |
176 | return rc & 0xff; /* don't confuse people with "exitcodes" >255 */ |
177 | } |
178 | #endif /* FEATURE_PREFER_APPLETS || FEATURE_SH_NOFORK */ |
179 | |
180 | int FAST_FUNC spawn_and_wait(char **argv) |
181 | { |
182 | int rc; |
183 | #if ENABLE_FEATURE_PREFER_APPLETS |
184 | int a = find_applet_by_name(argv[0]); |
185 | |
186 | if (a >= 0 && (APPLET_IS_NOFORK(a) |
187 | # if BB_MMU |
188 | || APPLET_IS_NOEXEC(a) /* NOEXEC trick needs fork() */ |
189 | # endif |
190 | )) { |
191 | # if BB_MMU |
192 | if (APPLET_IS_NOFORK(a)) |
193 | # endif |
194 | { |
195 | return run_nofork_applet(a, argv); |
196 | } |
197 | # if BB_MMU |
198 | /* MMU only */ |
199 | /* a->noexec is true */ |
200 | rc = fork(); |
201 | if (rc) /* parent or error */ |
202 | return wait4pid(rc); |
203 | /* child */ |
204 | xfunc_error_retval = EXIT_FAILURE; |
205 | run_applet_no_and_exit(a, argv); |
206 | # endif |
207 | } |
208 | #endif /* FEATURE_PREFER_APPLETS */ |
209 | rc = spawn(argv); |
210 | return wait4pid(rc); |
211 | } |
212 | |
213 | #if !BB_MMU |
214 | void FAST_FUNC re_exec(char **argv) |
215 | { |
216 | /* high-order bit of first char in argv[0] is a hidden |
217 | * "we have (already) re-execed, don't do it again" flag */ |
218 | argv[0][0] |= 0x80; |
219 | execv(bb_busybox_exec_path, argv); |
220 | bb_perror_msg_and_die("can't execute '%s'", bb_busybox_exec_path); |
221 | } |
222 | |
223 | pid_t FAST_FUNC fork_or_rexec(char **argv) |
224 | { |
225 | pid_t pid; |
226 | /* Maybe we are already re-execed and come here again? */ |
227 | if (re_execed) |
228 | return 0; |
229 | pid = xvfork(); |
230 | if (pid) /* parent */ |
231 | return pid; |
232 | /* child - re-exec ourself */ |
233 | re_exec(argv); |
234 | } |
235 | #endif |
236 | |
237 | /* Due to a #define in libbb.h on MMU systems we actually have 1 argument - |
238 | * char **argv "vanishes" */ |
239 | void FAST_FUNC bb_daemonize_or_rexec(int flags, char **argv) |
240 | { |
241 | int fd; |
242 | |
243 | if (flags & DAEMON_CHDIR_ROOT) |
244 | xchdir("/"); |
245 | |
246 | if (flags & DAEMON_DEVNULL_STDIO) { |
247 | close(0); |
248 | close(1); |
249 | close(2); |
250 | } |
251 | |
252 | fd = open(bb_dev_null, O_RDWR); |
253 | if (fd < 0) { |
254 | /* NB: we can be called as bb_sanitize_stdio() from init |
255 | * or mdev, and there /dev/null may legitimately not (yet) exist! |
256 | * Do not use xopen above, but obtain _ANY_ open descriptor, |
257 | * even bogus one as below. */ |
258 | fd = xopen("/", O_RDONLY); /* don't believe this can fail */ |
259 | } |
260 | |
261 | while ((unsigned)fd < 2) |
262 | fd = dup(fd); /* have 0,1,2 open at least to /dev/null */ |
263 | |
264 | if (!(flags & DAEMON_ONLY_SANITIZE)) { |
265 | if (fork_or_rexec(argv)) |
266 | exit(EXIT_SUCCESS); /* parent */ |
267 | /* if daemonizing, detach from stdio & ctty */ |
268 | setsid(); |
269 | dup2(fd, 0); |
270 | dup2(fd, 1); |
271 | dup2(fd, 2); |
272 | if (flags & DAEMON_DOUBLE_FORK) { |
273 | /* On Linux, session leader can acquire ctty |
274 | * unknowingly, by opening a tty. |
275 | * Prevent this: stop being a session leader. |
276 | */ |
277 | if (fork_or_rexec(argv)) |
278 | exit(EXIT_SUCCESS); /* parent */ |
279 | } |
280 | } |
281 | while (fd > 2) { |
282 | close(fd--); |
283 | if (!(flags & DAEMON_CLOSE_EXTRA_FDS)) |
284 | return; |
285 | /* else close everything after fd#2 */ |
286 | } |
287 | } |
288 | |
289 | void FAST_FUNC bb_sanitize_stdio(void) |
290 | { |
291 | bb_daemonize_or_rexec(DAEMON_ONLY_SANITIZE, NULL); |
292 | } |
293 |