10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*2712Snn35248 * Common Development and Distribution License (the "License"). 6*2712Snn35248 * You may not use this file except in compliance with the License. 70Sstevel@tonic-gate * 80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 100Sstevel@tonic-gate * See the License for the specific language governing permissions 110Sstevel@tonic-gate * and limitations under the License. 120Sstevel@tonic-gate * 130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 180Sstevel@tonic-gate * 190Sstevel@tonic-gate * CDDL HEADER END 200Sstevel@tonic-gate */ 210Sstevel@tonic-gate /* 22*2712Snn35248 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 230Sstevel@tonic-gate * Use is subject to license terms. 240Sstevel@tonic-gate */ 250Sstevel@tonic-gate 260Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 270Sstevel@tonic-gate 280Sstevel@tonic-gate /* 290Sstevel@tonic-gate * Launch Java executables via exec(2). 300Sstevel@tonic-gate * 310Sstevel@tonic-gate * Java executables are platform-independent executable files 320Sstevel@tonic-gate * based on the JAR file format. Executable JAR files contain a 330Sstevel@tonic-gate * special 'extra field' header in the first file of the archive 340Sstevel@tonic-gate * that marks the file as a true executable. The data in that field 350Sstevel@tonic-gate * is used to pass additional run-time information to the Java VM. 360Sstevel@tonic-gate * 370Sstevel@tonic-gate * This handler looks for the appropriate magic number on the 380Sstevel@tonic-gate * front of the file, checks that the JAR file is executable, then 390Sstevel@tonic-gate * invokes the Java runtime environment to do the rest of the work. 400Sstevel@tonic-gate */ 410Sstevel@tonic-gate 420Sstevel@tonic-gate #include <sys/types.h> 430Sstevel@tonic-gate #include <sys/proc.h> 440Sstevel@tonic-gate #include <sys/vnode.h> 450Sstevel@tonic-gate #include <sys/exec.h> 460Sstevel@tonic-gate #include <sys/modctl.h> 470Sstevel@tonic-gate #include <sys/cmn_err.h> 480Sstevel@tonic-gate #include <sys/pathname.h> 490Sstevel@tonic-gate 500Sstevel@tonic-gate /* 510Sstevel@tonic-gate * These variables can be tweaked via /etc/system to allow prototyping 520Sstevel@tonic-gate * and debugging. See PSARC/1997/123. 530Sstevel@tonic-gate * 540Sstevel@tonic-gate * Modified by PSARC/1999/012 to be Contract Private between Solaris and 550Sstevel@tonic-gate * the Java Technology Group. It is expected that any future change to 560Sstevel@tonic-gate * these variables be coordinated between the consolidations. 570Sstevel@tonic-gate */ 580Sstevel@tonic-gate #if defined(__sparc) 590Sstevel@tonic-gate char *jexec = "/usr/java/jre/lib/sparc/jexec"; 600Sstevel@tonic-gate #elif defined(__i386) || defined(__i386_COMPAT) 610Sstevel@tonic-gate char *jexec = "/usr/java/jre/lib/i386/jexec"; 620Sstevel@tonic-gate #else 630Sstevel@tonic-gate #error "Unknown ISA" 640Sstevel@tonic-gate #endif 650Sstevel@tonic-gate char *jexec_arg = "-jar"; 660Sstevel@tonic-gate 670Sstevel@tonic-gate /* 680Sstevel@tonic-gate * ZIP/JAR file header information 690Sstevel@tonic-gate */ 700Sstevel@tonic-gate #define SIGSIZ 4 710Sstevel@tonic-gate #define LOCSIG "PK\003\004" 720Sstevel@tonic-gate #define LOCHDRSIZ 30 730Sstevel@tonic-gate 740Sstevel@tonic-gate #define CH(b, n) (((unsigned char *)(b))[n]) 750Sstevel@tonic-gate #define SH(b, n) (CH(b, n) | (CH(b, n+1) << 8)) 760Sstevel@tonic-gate #define LG(b, n) (SH(b, n) | (SH(b, n+2) << 16)) 770Sstevel@tonic-gate 780Sstevel@tonic-gate #define LOCNAM(b) (SH(b, 26)) /* filename size */ 790Sstevel@tonic-gate #define LOCEXT(b) (SH(b, 28)) /* extra field size */ 800Sstevel@tonic-gate 810Sstevel@tonic-gate #define XFHSIZ 4 /* header id, data size */ 820Sstevel@tonic-gate #define XFHID(b) (SH(b, 0)) /* extract field header id */ 830Sstevel@tonic-gate #define XFDATASIZ(b) (SH(b, 2)) /* extract field data size */ 840Sstevel@tonic-gate #define XFJAVASIG 0xcafe /* java executables */ 850Sstevel@tonic-gate 860Sstevel@tonic-gate /*ARGSUSED3*/ 870Sstevel@tonic-gate static int 880Sstevel@tonic-gate javaexec(vnode_t *vp, struct execa *uap, struct uarg *args, 890Sstevel@tonic-gate struct intpdata *idatap, int level, long *execsz, int setid, 90*2712Snn35248 caddr_t execfile, cred_t *cred, int brand_action) 910Sstevel@tonic-gate { 920Sstevel@tonic-gate struct intpdata idata; 930Sstevel@tonic-gate int error; 940Sstevel@tonic-gate ssize_t resid; 950Sstevel@tonic-gate vnode_t *nvp; 960Sstevel@tonic-gate off_t xoff, xoff_end; 970Sstevel@tonic-gate char lochdr[LOCHDRSIZ]; 980Sstevel@tonic-gate struct pathname lookpn; 990Sstevel@tonic-gate struct pathname resolvepn; 1000Sstevel@tonic-gate char *opath; 1010Sstevel@tonic-gate 1020Sstevel@tonic-gate if (level) 1030Sstevel@tonic-gate return (ENOEXEC); /* no recursion */ 1040Sstevel@tonic-gate 1050Sstevel@tonic-gate /* 1060Sstevel@tonic-gate * Read in the full local file header, and validate 1070Sstevel@tonic-gate * the initial signature. 1080Sstevel@tonic-gate */ 1090Sstevel@tonic-gate if ((error = vn_rdwr(UIO_READ, vp, lochdr, sizeof (lochdr), 1100Sstevel@tonic-gate 0, UIO_SYSSPACE, 0, (rlim64_t)0, cred, &resid)) != 0) 1110Sstevel@tonic-gate return (error); 1120Sstevel@tonic-gate if (resid != 0 || strncmp(lochdr, LOCSIG, SIGSIZ) != 0) 1130Sstevel@tonic-gate return (ENOEXEC); 1140Sstevel@tonic-gate 1150Sstevel@tonic-gate /* 1160Sstevel@tonic-gate * Ok, so this -is- a ZIP file, and might even be a JAR file. 1170Sstevel@tonic-gate * Is it a Java executable? 1180Sstevel@tonic-gate */ 1190Sstevel@tonic-gate xoff = sizeof (lochdr) + LOCNAM(lochdr); 1200Sstevel@tonic-gate xoff_end = xoff + LOCEXT(lochdr); 1210Sstevel@tonic-gate 1220Sstevel@tonic-gate while (xoff < xoff_end) { 1230Sstevel@tonic-gate char xfhdr[XFHSIZ]; 1240Sstevel@tonic-gate 1250Sstevel@tonic-gate if ((error = vn_rdwr(UIO_READ, vp, xfhdr, sizeof (xfhdr), 1260Sstevel@tonic-gate xoff, UIO_SYSSPACE, 0, (rlim64_t)0, cred, &resid)) != 0) 1270Sstevel@tonic-gate return (error); 1280Sstevel@tonic-gate if (resid != 0) 1290Sstevel@tonic-gate return (ENOEXEC); 1300Sstevel@tonic-gate if (XFHID(xfhdr) == XFJAVASIG) 1310Sstevel@tonic-gate break; 1320Sstevel@tonic-gate xoff += sizeof (xfhdr) + XFDATASIZ(xfhdr); 1330Sstevel@tonic-gate } 1340Sstevel@tonic-gate 1350Sstevel@tonic-gate if (xoff >= xoff_end) 1360Sstevel@tonic-gate return (ENOEXEC); 1370Sstevel@tonic-gate 1380Sstevel@tonic-gate /* 1390Sstevel@tonic-gate * Note: If we ever make setid execution work, we need to ensure 1400Sstevel@tonic-gate * that we use /dev/fd to avoid the classic setuid shell script 1410Sstevel@tonic-gate * security hole. 1420Sstevel@tonic-gate */ 1430Sstevel@tonic-gate if (setid) 1440Sstevel@tonic-gate return (EACCES); 1450Sstevel@tonic-gate 1460Sstevel@tonic-gate /* 1470Sstevel@tonic-gate * Find and invoke the Java runtime environment on the file 1480Sstevel@tonic-gate */ 1490Sstevel@tonic-gate idata.intp = NULL; 1500Sstevel@tonic-gate idata.intp_name = jexec; 1510Sstevel@tonic-gate idata.intp_arg = jexec_arg; 1520Sstevel@tonic-gate if (error = pn_get(idata.intp_name, UIO_SYSSPACE, &lookpn)) 1530Sstevel@tonic-gate return (error); 1540Sstevel@tonic-gate pn_alloc(&resolvepn); 1550Sstevel@tonic-gate if (error = lookuppn(&lookpn, &resolvepn, FOLLOW, NULLVPP, &nvp)) { 1560Sstevel@tonic-gate pn_free(&resolvepn); 1570Sstevel@tonic-gate pn_free(&lookpn); 1580Sstevel@tonic-gate return (ENOEXEC); 1590Sstevel@tonic-gate } 1600Sstevel@tonic-gate opath = args->pathname; 1610Sstevel@tonic-gate args->pathname = resolvepn.pn_path; 1620Sstevel@tonic-gate /* don't free resolvepn until we are done with args */ 1630Sstevel@tonic-gate pn_free(&lookpn); 164*2712Snn35248 error = gexec(&nvp, uap, args, &idata, level + 1, execsz, execfile, 165*2712Snn35248 cred, EBA_NONE); 1660Sstevel@tonic-gate VN_RELE(nvp); 1670Sstevel@tonic-gate args->pathname = opath; 1680Sstevel@tonic-gate pn_free(&resolvepn); 1690Sstevel@tonic-gate return (error); 1700Sstevel@tonic-gate } 1710Sstevel@tonic-gate 1720Sstevel@tonic-gate static struct execsw jexecsw = { 1730Sstevel@tonic-gate javamagicstr, 1740Sstevel@tonic-gate 0, 1750Sstevel@tonic-gate 4, 1760Sstevel@tonic-gate javaexec, 1770Sstevel@tonic-gate NULL 1780Sstevel@tonic-gate }; 1790Sstevel@tonic-gate 1800Sstevel@tonic-gate static struct modlexec jmodlexec = { 1810Sstevel@tonic-gate &mod_execops, "exec for Java", &jexecsw 1820Sstevel@tonic-gate }; 1830Sstevel@tonic-gate 1840Sstevel@tonic-gate static struct modlinkage jmodlinkage = { 1850Sstevel@tonic-gate MODREV_1, &jmodlexec, NULL 1860Sstevel@tonic-gate }; 1870Sstevel@tonic-gate 1880Sstevel@tonic-gate int 1890Sstevel@tonic-gate _init(void) 1900Sstevel@tonic-gate { 1910Sstevel@tonic-gate return (mod_install(&jmodlinkage)); 1920Sstevel@tonic-gate } 1930Sstevel@tonic-gate 1940Sstevel@tonic-gate int 1950Sstevel@tonic-gate _fini(void) 1960Sstevel@tonic-gate { 1970Sstevel@tonic-gate return (mod_remove(&jmodlinkage)); 1980Sstevel@tonic-gate } 1990Sstevel@tonic-gate 2000Sstevel@tonic-gate int 2010Sstevel@tonic-gate _info(struct modinfo *modinfop) 2020Sstevel@tonic-gate { 2030Sstevel@tonic-gate return (mod_info(&jmodlinkage, modinfop)); 2040Sstevel@tonic-gate } 205