[klibc] [PATCH 1/8] switch_root: rename from run-init
maximilian attems
max at stro.at
Wed Jul 13 06:48:26 PDT 2011
This seems the name people have settled in.
This is the first step to enhance switch_root()
(No code changes itself).
Signed-off-by: maximilian attems <max at stro.at>
---
usr/kinit/Kbuild | 6 +-
usr/kinit/kinit.c | 6 +-
usr/kinit/nfsmount/README.locking | 2 +-
usr/kinit/run-init/Kbuild | 29 -----
usr/kinit/run-init/run-init.c | 93 --------------
usr/kinit/run-init/run-init.h | 34 -----
usr/kinit/run-init/runinitlib.c | 209 --------------------------------
usr/kinit/switch_root/Kbuild | 29 +++++
usr/kinit/switch_root/switch_root.c | 93 ++++++++++++++
usr/kinit/switch_root/switch_root.h | 34 +++++
usr/kinit/switch_root/switch_rootlib.c | 209 ++++++++++++++++++++++++++++++++
11 files changed, 372 insertions(+), 372 deletions(-)
delete mode 100644 usr/kinit/run-init/Kbuild
delete mode 100644 usr/kinit/run-init/run-init.c
delete mode 100644 usr/kinit/run-init/run-init.h
delete mode 100644 usr/kinit/run-init/runinitlib.c
create mode 100644 usr/kinit/switch_root/Kbuild
create mode 100644 usr/kinit/switch_root/switch_root.c
create mode 100644 usr/kinit/switch_root/switch_root.h
create mode 100644 usr/kinit/switch_root/switch_rootlib.c
diff --git a/usr/kinit/Kbuild b/usr/kinit/Kbuild
index ff1d449..4b2b2fe 100644
--- a/usr/kinit/Kbuild
+++ b/usr/kinit/Kbuild
@@ -13,7 +13,7 @@ kinit-y += do_mounts_md.o do_mounts_mtd.o nfsroot.o
kinit-y += ipconfig/
kinit-y += nfsmount/
-kinit-y += run-init/
+kinit-y += switch_root/
kinit-y += fstype/
kinit-y += resume/
@@ -26,11 +26,11 @@ KLIBCCFLAGS += -I$(srctree)/$(src)/fstype \
-I$(srctree)/$(src)/ipconfig \
-I$(srctree)/$(src)/nfsmount \
-I$(srctree)/$(src)/resume \
- -I$(srctree)/$(src)/run-init
+ -I$(srctree)/$(src)/switch_root
# Cleaning
targets += kinit kinit.g kinit.shared kinit.shared.g
-subdir- := fstype ipconfig nfsmount resume run-init
+subdir- := fstype ipconfig nfsmount resume switch_root
# install binary
diff --git a/usr/kinit/kinit.c b/usr/kinit/kinit.c
index 4a1f40b..9495d89 100644
--- a/usr/kinit/kinit.c
+++ b/usr/kinit/kinit.c
@@ -12,7 +12,7 @@
#include "kinit.h"
#include "ipconfig.h"
-#include "run-init.h"
+#include "switch_root.h"
#include "resume.h"
const char *progname = "kinit";
@@ -307,9 +307,9 @@ int main(int argc, char *argv[])
init_argv[0] = strrchr(init_path, '/') + 1;
- errmsg = run_init("/root", "/dev/console", init_path, init_argv);
+ errmsg = switch_root("/root", "/dev/console", init_path, init_argv);
- /* If run_init returned, something went bad */
+ /* If switch_root returned, something went bad */
fprintf(stderr, "%s: %s: %s\n", progname, errmsg, strerror(errno));
ret = 2;
goto bail;
diff --git a/usr/kinit/nfsmount/README.locking b/usr/kinit/nfsmount/README.locking
index bf2e8e7..4576195 100644
--- a/usr/kinit/nfsmount/README.locking
+++ b/usr/kinit/nfsmount/README.locking
@@ -14,7 +14,7 @@ pmap_file can be /dev/null.
b) Allow the kernel to bind to any port and use the file produced by
nfsroot to feed to pmap_set (it should be directly compatible); this
means the file needs to be transferred to a place where the "real
-root" can find it before run-init.
+root" can find it before switch_root.
In either case, it is imperative that the real portmapper is launched
before any program actually tries to create locks!
diff --git a/usr/kinit/run-init/Kbuild b/usr/kinit/run-init/Kbuild
deleted file mode 100644
index bf6e140..0000000
--- a/usr/kinit/run-init/Kbuild
+++ /dev/null
@@ -1,29 +0,0 @@
-#
-# Kbuild file for run-init
-#
-
-static-y := static/run-init
-shared-y := shared/run-init
-
-# common .o files
-objs := run-init.o runinitlib.o
-
-# TODO - do we want a stripped version
-# TODO - do we want the static.g + shared.g directories?
-
-# Create built-in.o with all object files (used by kinit)
-lib-y := $(objs)
-
-# force run-init to not have an executable stack (to keep READ_IMPLIES_EXEC
-# personality(2) flag from getting set and passed to init).
-EXTRA_KLIBCLDFLAGS += -z noexecstack
-
-# .o files used to built executables
-static/run-init-y := $(objs)
-shared/run-init-y := $(objs)
-
-# Cleaning
-clean-dirs := static shared
-
-# install binary
-install-y := $(shared-y)
diff --git a/usr/kinit/run-init/run-init.c b/usr/kinit/run-init/run-init.c
deleted file mode 100644
index 0f150dd..0000000
--- a/usr/kinit/run-init/run-init.c
+++ /dev/null
@@ -1,93 +0,0 @@
-/* ----------------------------------------------------------------------- *
- *
- * Copyright 2004-2006 H. Peter Anvin - All Rights Reserved
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use,
- * copy, modify, merge, publish, distribute, sublicense, and/or
- * sell copies of the Software, and to permit persons to whom
- * the Software is furnished to do so, subject to the following
- * conditions:
- *
- * The above copyright notice and this permission notice shall
- * be included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- *
- * ----------------------------------------------------------------------- */
-
-/*
- * Usage: exec run-init [-c /dev/console] /real-root /sbin/init "$@"
- *
- * This program should be called as the last thing in a shell script
- * acting as /init in an initramfs; it does the following:
- *
- * - Delete all files in the initramfs;
- * - Remounts /real-root onto the root filesystem;
- * - Chroots;
- * - Opens /dev/console;
- * - Spawns the specified init program (with arguments.)
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <string.h>
-#include <errno.h>
-#include "run-init.h"
-
-static const char *program;
-
-static void __attribute__ ((noreturn)) usage(void)
-{
- fprintf(stderr,
- "Usage: exec %s [-c consoledev] /real-root /sbin/init [args]\n",
- program);
- exit(1);
-}
-
-int main(int argc, char *argv[])
-{
- /* Command-line options and defaults */
- const char *console = "/dev/console";
- const char *realroot;
- const char *init;
- const char *error;
- char **initargs;
-
- /* Variables... */
- int o;
-
- /* Parse the command line */
- program = argv[0];
-
- while ((o = getopt(argc, argv, "c:")) != -1) {
- if (o == 'c') {
- console = optarg;
- } else {
- usage();
- }
- }
-
- if (argc - optind < 2)
- usage();
-
- realroot = argv[optind];
- init = argv[optind + 1];
- initargs = argv + optind + 1;
-
- error = run_init(realroot, console, init, initargs);
-
- /* If run_init returns, something went wrong */
- fprintf(stderr, "%s: %s: %s\n", program, error, strerror(errno));
- return 1;
-}
diff --git a/usr/kinit/run-init/run-init.h b/usr/kinit/run-init/run-init.h
deleted file mode 100644
index a95328e..0000000
--- a/usr/kinit/run-init/run-init.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/* ----------------------------------------------------------------------- *
- *
- * Copyright 2004-2006 H. Peter Anvin - All Rights Reserved
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use,
- * copy, modify, merge, publish, distribute, sublicense, and/or
- * sell copies of the Software, and to permit persons to whom
- * the Software is furnished to do so, subject to the following
- * conditions:
- *
- * The above copyright notice and this permission notice shall
- * be included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- *
- * ----------------------------------------------------------------------- */
-
-#ifndef RUN_INIT_H
-#define RUN_INIT_H
-
-const char *run_init(const char *realroot, const char *console,
- const char *init, char **initargs);
-
-#endif
diff --git a/usr/kinit/run-init/runinitlib.c b/usr/kinit/run-init/runinitlib.c
deleted file mode 100644
index 8f1562f..0000000
--- a/usr/kinit/run-init/runinitlib.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/* ----------------------------------------------------------------------- *
- *
- * Copyright 2004-2006 H. Peter Anvin - All Rights Reserved
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without
- * restriction, including without limitation the rights to use,
- * copy, modify, merge, publish, distribute, sublicense, and/or
- * sell copies of the Software, and to permit persons to whom
- * the Software is furnished to do so, subject to the following
- * conditions:
- *
- * The above copyright notice and this permission notice shall
- * be included in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
- * OTHER DEALINGS IN THE SOFTWARE.
- *
- * ----------------------------------------------------------------------- */
-
-/*
- * run_init(consoledev, realroot, init, initargs)
- *
- * This function should be called as the last thing in kinit,
- * from initramfs, it does the following:
- *
- * - Delete all files in the initramfs;
- * - Remounts /real-root onto the root filesystem;
- * - Chroots;
- * - Opens /dev/console;
- * - Spawns the specified init program (with arguments.)
- *
- * On failure, returns a human-readable error message.
- */
-
-#include <assert.h>
-#include <dirent.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <unistd.h>
-#include <sys/mount.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/vfs.h>
-#include "run-init.h"
-
-/* Make it possible to compile on glibc by including constants that the
- always-behind shipped glibc headers may not include. Classic example
- on why the lack of ABI headers screw us up. */
-#ifndef TMPFS_MAGIC
-# define TMPFS_MAGIC 0x01021994
-#endif
-#ifndef RAMFS_MAGIC
-# define RAMFS_MAGIC 0x858458f6
-#endif
-#ifndef MS_MOVE
-# define MS_MOVE 8192
-#endif
-
-static int nuke(const char *what);
-
-static int nuke_dirent(int len, const char *dir, const char *name, dev_t me)
-{
- int bytes = len + strlen(name) + 2;
- char path[bytes];
- int xlen;
- struct stat st;
-
- xlen = snprintf(path, bytes, "%s/%s", dir, name);
- assert(xlen < bytes);
-
- if (lstat(path, &st))
- return ENOENT; /* Return 0 since already gone? */
-
- if (st.st_dev != me)
- return 0; /* DO NOT recurse down mount points!!!!! */
-
- return nuke(path);
-}
-
-/* Wipe the contents of a directory, but not the directory itself */
-static int nuke_dir(const char *what)
-{
- int len = strlen(what);
- DIR *dir;
- struct dirent *d;
- int err = 0;
- struct stat st;
-
- if (lstat(what, &st))
- return errno;
-
- if (!S_ISDIR(st.st_mode))
- return ENOTDIR;
-
- if (!(dir = opendir(what))) {
- /* EACCES means we can't read it. Might be empty and removable;
- if not, the rmdir() in nuke() will trigger an error. */
- return (errno == EACCES) ? 0 : errno;
- }
-
- while ((d = readdir(dir))) {
- /* Skip . and .. */
- if (d->d_name[0] == '.' &&
- (d->d_name[1] == '\0' ||
- (d->d_name[1] == '.' && d->d_name[2] == '\0')))
- continue;
-
- err = nuke_dirent(len, what, d->d_name, st.st_dev);
- if (err) {
- closedir(dir);
- return err;
- }
- }
-
- closedir(dir);
-
- return 0;
-}
-
-static int nuke(const char *what)
-{
- int rv;
- int err = 0;
-
- rv = unlink(what);
- if (rv < 0) {
- if (errno == EISDIR) {
- /* It's a directory. */
- err = nuke_dir(what);
- if (!err)
- err = rmdir(what) ? errno : err;
- } else {
- err = errno;
- }
- }
-
- if (err) {
- errno = err;
- return err;
- } else {
- return 0;
- }
-}
-
-const char *run_init(const char *realroot, const char *console,
- const char *init, char **initargs)
-{
- struct stat rst, cst;
- struct statfs sfs;
- int confd;
-
- /* First, change to the new root directory */
- if (chdir(realroot))
- return "chdir to new root";
-
- /* This is a potentially highly destructive program. Take some
- extra precautions. */
-
- /* Make sure the current directory is not on the same filesystem
- as the root directory */
- if (stat("/", &rst) || stat(".", &cst))
- return "stat";
-
- if (rst.st_dev == cst.st_dev)
- return "current directory on the same filesystem as the root";
-
- /* Make sure we're on a ramfs */
- if (statfs("/", &sfs))
- return "statfs /";
- if (sfs.f_type != RAMFS_MAGIC && sfs.f_type != TMPFS_MAGIC)
- return "rootfs not a ramfs or tmpfs";
-
- /* Okay, I think we should be safe... */
-
- /* Delete rootfs contents */
- if (nuke_dir("/"))
- return "nuking initramfs contents";
-
- /* Overmount the root */
- if (mount(".", "/", NULL, MS_MOVE, NULL))
- return "overmounting root";
-
- /* chroot, chdir */
- if (chroot(".") || chdir("/"))
- return "chroot";
-
- /* Open /dev/console */
- if ((confd = open(console, O_RDWR)) < 0)
- return "opening console";
- dup2(confd, 0);
- dup2(confd, 1);
- dup2(confd, 2);
- close(confd);
-
- /* Spawn init */
- execv(init, initargs);
- return init; /* Failed to spawn init */
-}
diff --git a/usr/kinit/switch_root/Kbuild b/usr/kinit/switch_root/Kbuild
new file mode 100644
index 0000000..13f0a2a
--- /dev/null
+++ b/usr/kinit/switch_root/Kbuild
@@ -0,0 +1,29 @@
+#
+# Kbuild file for switch_root
+#
+
+static-y := static/switch_root
+shared-y := shared/switch_root
+
+# common .o files
+objs := switch_root.o switch_rootlib.o
+
+# TODO - do we want a stripped version
+# TODO - do we want the static.g + shared.g directories?
+
+# Create built-in.o with all object files (used by kinit)
+lib-y := $(objs)
+
+# force switch_root to not have an executable stack (to keep READ_IMPLIES_EXEC
+# personality(2) flag from getting set and passed to init).
+EXTRA_KLIBCLDFLAGS += -z noexecstack
+
+# .o files used to built executables
+static/switch_root-y := $(objs)
+shared/switch_root-y := $(objs)
+
+# Cleaning
+clean-dirs := static shared
+
+# install binary
+install-y := $(shared-y)
diff --git a/usr/kinit/switch_root/switch_root.c b/usr/kinit/switch_root/switch_root.c
new file mode 100644
index 0000000..dbbbd9a
--- /dev/null
+++ b/usr/kinit/switch_root/switch_root.c
@@ -0,0 +1,93 @@
+/* ----------------------------------------------------------------------- *
+ *
+ * Copyright 2004-2006 H. Peter Anvin - All Rights Reserved
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use,
+ * copy, modify, merge, publish, distribute, sublicense, and/or
+ * sell copies of the Software, and to permit persons to whom
+ * the Software is furnished to do so, subject to the following
+ * conditions:
+ *
+ * The above copyright notice and this permission notice shall
+ * be included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * ----------------------------------------------------------------------- */
+
+/*
+ * Usage: exec switch_root [-c /dev/console] /real-root /sbin/init "$@"
+ *
+ * This program should be called as the last thing in a shell script
+ * acting as /init in an initramfs; it does the following:
+ *
+ * - Delete all files in the initramfs;
+ * - Remounts /real-root onto the root filesystem;
+ * - Chroots;
+ * - Opens /dev/console;
+ * - Spawns the specified init program (with arguments.)
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+#include "switch_root.h"
+
+static const char *program;
+
+static void __attribute__ ((noreturn)) usage(void)
+{
+ fprintf(stderr,
+ "Usage: exec %s [-c consoledev] /real-root /sbin/init [args]\n",
+ program);
+ exit(1);
+}
+
+int main(int argc, char *argv[])
+{
+ /* Command-line options and defaults */
+ const char *console = "/dev/console";
+ const char *realroot;
+ const char *init;
+ const char *error;
+ char **initargs;
+
+ /* Variables... */
+ int o;
+
+ /* Parse the command line */
+ program = argv[0];
+
+ while ((o = getopt(argc, argv, "c:")) != -1) {
+ if (o == 'c') {
+ console = optarg;
+ } else {
+ usage();
+ }
+ }
+
+ if (argc - optind < 2)
+ usage();
+
+ realroot = argv[optind];
+ init = argv[optind + 1];
+ initargs = argv + optind + 1;
+
+ error = switch_root(realroot, console, init, initargs);
+
+ /* If switch_root returns, something went wrong */
+ fprintf(stderr, "%s: %s: %s\n", program, error, strerror(errno));
+ return 1;
+}
diff --git a/usr/kinit/switch_root/switch_root.h b/usr/kinit/switch_root/switch_root.h
new file mode 100644
index 0000000..dfac8ac
--- /dev/null
+++ b/usr/kinit/switch_root/switch_root.h
@@ -0,0 +1,34 @@
+/* ----------------------------------------------------------------------- *
+ *
+ * Copyright 2004-2006 H. Peter Anvin - All Rights Reserved
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use,
+ * copy, modify, merge, publish, distribute, sublicense, and/or
+ * sell copies of the Software, and to permit persons to whom
+ * the Software is furnished to do so, subject to the following
+ * conditions:
+ *
+ * The above copyright notice and this permission notice shall
+ * be included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * ----------------------------------------------------------------------- */
+
+#ifndef SWITCH_ROOT_H
+#define SWITCH_ROOT_H
+
+const char *switch_root(const char *realroot, const char *console,
+ const char *init, char **initargs);
+
+#endif /* SWITCH_ROOT_H */
diff --git a/usr/kinit/switch_root/switch_rootlib.c b/usr/kinit/switch_root/switch_rootlib.c
new file mode 100644
index 0000000..23ce41f
--- /dev/null
+++ b/usr/kinit/switch_root/switch_rootlib.c
@@ -0,0 +1,209 @@
+/* ----------------------------------------------------------------------- *
+ *
+ * Copyright 2004-2006 H. Peter Anvin - All Rights Reserved
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use,
+ * copy, modify, merge, publish, distribute, sublicense, and/or
+ * sell copies of the Software, and to permit persons to whom
+ * the Software is furnished to do so, subject to the following
+ * conditions:
+ *
+ * The above copyright notice and this permission notice shall
+ * be included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * ----------------------------------------------------------------------- */
+
+/*
+ * switch_root(consoledev, realroot, init, initargs)
+ *
+ * This function should be called as the last thing in kinit,
+ * from initramfs, it does the following:
+ *
+ * - Delete all files in the initramfs;
+ * - Remounts /real-root onto the root filesystem;
+ * - Chroots;
+ * - Opens /dev/console;
+ * - Spawns the specified init program (with arguments.)
+ *
+ * On failure, returns a human-readable error message.
+ */
+
+#include <assert.h>
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/vfs.h>
+#include "switch_root.h"
+
+/* Make it possible to compile on glibc by including constants that the
+ always-behind shipped glibc headers may not include. Classic example
+ on why the lack of ABI headers screw us up. */
+#ifndef TMPFS_MAGIC
+# define TMPFS_MAGIC 0x01021994
+#endif
+#ifndef RAMFS_MAGIC
+# define RAMFS_MAGIC 0x858458f6
+#endif
+#ifndef MS_MOVE
+# define MS_MOVE 8192
+#endif
+
+static int nuke(const char *what);
+
+static int nuke_dirent(int len, const char *dir, const char *name, dev_t me)
+{
+ int bytes = len + strlen(name) + 2;
+ char path[bytes];
+ int xlen;
+ struct stat st;
+
+ xlen = snprintf(path, bytes, "%s/%s", dir, name);
+ assert(xlen < bytes);
+
+ if (lstat(path, &st))
+ return ENOENT; /* Return 0 since already gone? */
+
+ if (st.st_dev != me)
+ return 0; /* DO NOT recurse down mount points!!!!! */
+
+ return nuke(path);
+}
+
+/* Wipe the contents of a directory, but not the directory itself */
+static int nuke_dir(const char *what)
+{
+ int len = strlen(what);
+ DIR *dir;
+ struct dirent *d;
+ int err = 0;
+ struct stat st;
+
+ if (lstat(what, &st))
+ return errno;
+
+ if (!S_ISDIR(st.st_mode))
+ return ENOTDIR;
+
+ if (!(dir = opendir(what))) {
+ /* EACCES means we can't read it. Might be empty and removable;
+ if not, the rmdir() in nuke() will trigger an error. */
+ return (errno == EACCES) ? 0 : errno;
+ }
+
+ while ((d = readdir(dir))) {
+ /* Skip . and .. */
+ if (d->d_name[0] == '.' &&
+ (d->d_name[1] == '\0' ||
+ (d->d_name[1] == '.' && d->d_name[2] == '\0')))
+ continue;
+
+ err = nuke_dirent(len, what, d->d_name, st.st_dev);
+ if (err) {
+ closedir(dir);
+ return err;
+ }
+ }
+
+ closedir(dir);
+
+ return 0;
+}
+
+static int nuke(const char *what)
+{
+ int rv;
+ int err = 0;
+
+ rv = unlink(what);
+ if (rv < 0) {
+ if (errno == EISDIR) {
+ /* It's a directory. */
+ err = nuke_dir(what);
+ if (!err)
+ err = rmdir(what) ? errno : err;
+ } else {
+ err = errno;
+ }
+ }
+
+ if (err) {
+ errno = err;
+ return err;
+ } else {
+ return 0;
+ }
+}
+
+const char *switch_root(const char *realroot, const char *console,
+ const char *init, char **initargs)
+{
+ struct stat rst, cst;
+ struct statfs sfs;
+ int confd;
+
+ /* First, change to the new root directory */
+ if (chdir(realroot))
+ return "chdir to new root";
+
+ /* This is a potentially highly destructive program. Take some
+ extra precautions. */
+
+ /* Make sure the current directory is not on the same filesystem
+ as the root directory */
+ if (stat("/", &rst) || stat(".", &cst))
+ return "stat";
+
+ if (rst.st_dev == cst.st_dev)
+ return "current directory on the same filesystem as the root";
+
+ /* Make sure we're on a ramfs */
+ if (statfs("/", &sfs))
+ return "statfs /";
+ if (sfs.f_type != RAMFS_MAGIC && sfs.f_type != TMPFS_MAGIC)
+ return "rootfs not a ramfs or tmpfs";
+
+ /* Okay, I think we should be safe... */
+
+ /* Delete rootfs contents */
+ if (nuke_dir("/"))
+ return "nuking initramfs contents";
+
+ /* Overmount the root */
+ if (mount(".", "/", NULL, MS_MOVE, NULL))
+ return "overmounting root";
+
+ /* chroot, chdir */
+ if (chroot(".") || chdir("/"))
+ return "chroot";
+
+ /* Open /dev/console */
+ if ((confd = open(console, O_RDWR)) < 0)
+ return "opening console";
+ dup2(confd, 0);
+ dup2(confd, 1);
+ dup2(confd, 2);
+ close(confd);
+
+ /* Spawn init */
+ execv(init, initargs);
+ return init; /* Failed to spawn init */
+}
--
1.7.5.4
More information about the klibc
mailing list