diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2011-02-02 18:38:57 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2011-02-02 18:38:57 +0100 |
| commit | b72baeb00328576df415f9a4b4f3d5f202e3be11 (patch) | |
| tree | c6863cb112e6e33908e17f298d541c1b0c3aa418 /docs | |
| parent | c71b469f5daceb717e31cc9ce46b0e058e2c57b6 (diff) | |
| download | busybox-w32-b72baeb00328576df415f9a4b4f3d5f202e3be11.tar.gz busybox-w32-b72baeb00328576df415f9a4b4f3d5f202e3be11.tar.bz2 busybox-w32-b72baeb00328576df415f9a4b4f3d5f202e3be11.zip | |
hush: use FEATURE_SH_NOFORK to enable NOFORK trick
Also expands docs
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/nofork_noexec.txt | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/docs/nofork_noexec.txt b/docs/nofork_noexec.txt index 06c789aff..c58f5a83f 100644 --- a/docs/nofork_noexec.txt +++ b/docs/nofork_noexec.txt | |||
| @@ -44,9 +44,11 @@ NOEXEC trick is disabled for NOMMU build. | |||
| 44 | NOFORK | 44 | NOFORK |
| 45 | 45 | ||
| 46 | NOFORK applet should work correctly if another applet simply runs | 46 | NOFORK applet should work correctly if another applet simply runs |
| 47 | <applet>_main(argc,argv) and then continues with its business (xargs, | 47 | <applet>_main(argc,argv) and then continues with its business. |
| 48 | find, shells can do it). This poses much more serious limitations | 48 | xargs, find, shells do it (grep for "spawn_and_wait" and |
| 49 | on what applet can/cannot do: | 49 | "run_nofork_applet" to find more users). |
| 50 | |||
| 51 | This poses much more serious limitations on what applet can do: | ||
| 50 | 52 | ||
| 51 | * all NOEXEC limitations apply. | 53 | * all NOEXEC limitations apply. |
| 52 | * do not ever exit() or exec(). | 54 | * do not ever exit() or exec(). |
| @@ -56,7 +58,7 @@ on what applet can/cannot do: | |||
| 56 | is taken from xfunc_error_retval. | 58 | is taken from xfunc_error_retval. |
| 57 | - fflush_stdout_and_exit(n) is ok to use. | 59 | - fflush_stdout_and_exit(n) is ok to use. |
| 58 | * do not use shared global data, or save/restore shared global data | 60 | * do not use shared global data, or save/restore shared global data |
| 59 | prior to returning. (e.g. bb_common_bufsiz1 is off-limits). | 61 | (e.g. bb_common_bufsiz1) prior to returning. |
| 60 | - getopt32() is ok to use. You do not need to save/restore option_mask32, | 62 | - getopt32() is ok to use. You do not need to save/restore option_mask32, |
| 61 | it is already done by core code. | 63 | it is already done by core code. |
| 62 | * if you allocate memory, you can use xmalloc() only on the very first | 64 | * if you allocate memory, you can use xmalloc() only on the very first |
| @@ -77,3 +79,20 @@ script loops. Applets which mess with signal handlers, termios etc | |||
| 77 | are probably not worth the effort. | 79 | are probably not worth the effort. |
| 78 | 80 | ||
| 79 | Any NOFORK applet is also a NOEXEC applet. | 81 | Any NOFORK applet is also a NOEXEC applet. |
| 82 | |||
| 83 | |||
| 84 | Relevant CONFIG options | ||
| 85 | |||
| 86 | FEATURE_PREFER_APPLETS | ||
| 87 | BB_EXECVP(cmd, argv) will try to exec /proc/self/exe | ||
| 88 | if command's name matches some applet name | ||
| 89 | applet tables will contain NOFORK/NOEXEC bits | ||
| 90 | spawn_and_wait(argv) will do NOFORK/NOEXEC tricks | ||
| 91 | |||
| 92 | FEATURE_SH_STANDALONE (needs FEATURE_PREFER_APPLETS=y) | ||
| 93 | shells will try to exec /proc/self/exe if command's name matches | ||
| 94 | some applet name | ||
| 95 | shells will do NOEXEC trick on NOEXEC applets | ||
| 96 | |||
| 97 | FEATURE_SH_NOFORK (needs FEATURE_PREFER_APPLETS=y) | ||
| 98 | shells will do NOFORK trick on NOFORK applets | ||