On 01/19/2016 12:28 PM, enh wrote: > runcon works by saying "when i exec, switch to this context" and then > calling exec. unfortunately, xexec is too clever and will avoid > actually exec'ing if it recognizes that it would just be a call back > into toybox. > > so "runcon blah /system/bin/id" would work, because toybox would > actually exec, but "runcon blah id" wouldn't, because toybox would > just toy_exec "id". this was subtle enough to go unnoticed for some > time. > > i've "fixed" it for now by just setting CONFIG_TOYBOX_NORECURSE=y > (https://android-review.googlesource.com/#/c/196953/) but i wondered > whether we should have a #error or something in runcon.c to make it > clear if you're building a broken configuration?
That disables recursing globally. If you want to disable recursing locally, set toys.stacktop = 0. (Or just call execvp() yourself, but xexec() has error handling code you'd have to duplicate, so...) I'll commit a fix. Thanks, Rob (P.S. In THEORY they may someday be a future exit handling path via the longjmp rebound stuff that does things like free toys.optargs, in which case incrementing toys.optargs would screw it up. Not a problem here, just a general "thing I have in mind to maybe attempt someday". That's why I usually snapshot toys.optargs into a temp before looping over it, and so on.) (P.P.S. I'm sure that kind of cleanup code would make the valgrind people happy, but do you know WHY the valgrind people care? Who's running valigrind here? A number of commands don't even have _attempts_ at TOYBOX_FREE exit cleanup code yet. For example I'm implementing top right now and noticing that iotop (which I'm mergeing with it) doesn't free its process arrays on exit. If you run run iotop from within a bootloader, it would have to. Right now, that's a blue sky todo item, but is it important to somebody...? I got a "please prioritize xz decompress" email last week, but haven't had anybody ping me about bootloaders. Then again I didn't even know the cyanogenmod guys had switched to toybox until I stumbled accross it in an unrelated google search, and they've got a whole tree of changes for building on macosx. Why? I dunno. Not sure how to ask them...) _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
