1 /* switch_root.c - Switch from rootfs/initramfs to another filesystem
2 *
3 * Copyright 2005 Rob Landley <rob@landley.net>
4
5 USE_SWITCH_ROOT(NEWTOY(switch_root, "<2c:h", TOYFLAG_SBIN))
6
7 config SWITCH_ROOT
8 bool "switch_root"
9 default y
10 help
11 usage: switch_root [-c /dev/console] NEW_ROOT NEW_INIT...
12
13 Use from PID 1 under initramfs to free initramfs, chroot to NEW_ROOT,
14 and exec NEW_INIT.
15
16 -c Redirect console to device in NEW_ROOT
17 -h Hang instead of exiting on failure (avoids kernel panic)
18 */
19
20 #define FOR_switch_root
21 #include "toys.h"
22
GLOBALS(char * c;struct stat new;dev_t rootdev;)23 GLOBALS(
24 char *c;
25
26 struct stat new;
27 dev_t rootdev;
28 )
29
30 static int del_node(struct dirtree *node)
31 {
32 int flag = 0;
33
34 if (same_file(&TT.new, &node->st) || !dirtree_notdotdot(node)) return 0;
35
36 if (node->st.st_dev != TT.rootdev) {
37 char *s = dirtree_path(node, 0);
38
39 if (mount(s, s+1, "", MS_MOVE, "")) perror_msg("Failed to move %s", s);
40 // TODO: handle undermounts
41 rmdir(s);
42 free(s);
43
44 return 0;
45 }
46
47 if (S_ISDIR(node->st.st_mode)) {
48 if (!node->again) return DIRTREE_COMEAGAIN;
49 flag = AT_REMOVEDIR;
50 }
51 unlinkat(dirtree_parentfd(node), node->name, flag);
52
53 return 0;
54 }
55
switch_root_main(void)56 void switch_root_main(void)
57 {
58 char *newroot = *toys.optargs, **cmdline = toys.optargs+1;
59 struct stat st;
60 struct statfs stfs;
61 int ii, console QUIET;
62
63 // Must be root on a ramfs or tmpfs instance
64 if (getpid() != 1) error_exit("not pid 1");
65 if (statfs("/", &stfs) ||
66 (stfs.f_type != 0x858458f6 && stfs.f_type != 0x01021994))
67 {
68 error_msg("not ramfs");
69 goto panic;
70 }
71
72 // New directory must be different filesystem instance
73 if (chdir(newroot) || stat(".", &TT.new) || stat("/", &st) ||
74 same_file(&TT.new, &st))
75 {
76 error_msg("bad newroot '%s'", newroot);
77 goto panic;
78 }
79 TT.rootdev = st.st_dev;
80
81 // trim any / characters from the init cmdline, as we want to test it with
82 // stat(), relative to newroot. *cmdline is also used below, but by that
83 // point we are in the chroot, so a relative path is still OK.
84 while (**cmdline == '/') (*cmdline)++;
85
86 // init program must exist and be an executable file
87 if (stat(*cmdline, &st) || !S_ISREG(st.st_mode) || !(st.st_mode&0100)) {
88 error_msg("bad init");
89 goto panic;
90 }
91
92 if (TT.c && -1 == (console = open(TT.c, O_RDWR))) {
93 perror_msg("bad console '%s'", TT.c);
94 goto panic;
95 }
96
97 // Ok, enough safety checks: wipe root partition.
98 dirtree_read("/", del_node);
99
100 // Enter the new root before starting init
101 if (chroot(".")) {
102 perror_msg("chroot");
103 goto panic;
104 }
105
106 // Make sure cwd does not point outside of the chroot
107 if (chdir("/")) {
108 perror_msg("chdir");
109 goto panic;
110 }
111
112 if (TT.c) {
113 for (ii = 0; ii<3; ii++) dup2(console, ii);
114 if (console>2) close(console);
115 }
116 execv(*cmdline, cmdline);
117 perror_msg("Failed to exec '%s'", *cmdline);
118 panic:
119 if (FLAG(h)) for (;;) wait(NULL);
120 }
121