1 /* $NetBSD: kern_exec.c,v 1.207 2005/07/29 22:57:34 elad Exp $ */ 2 3 /*- 4 * Copyright (C) 1993, 1994, 1996 Christopher G. Demetriou 5 * Copyright (C) 1992 Wolfgang Solfrank. 6 * Copyright (C) 1992 TooLs GmbH. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by TooLs GmbH. 20 * 4. The name of TooLs GmbH may not be used to endorse or promote products 21 * derived from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 28 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 29 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 30 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 31 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 32 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 __KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.207 2005/07/29 22:57:34 elad Exp $"); 37 38 #include "opt_ktrace.h" 39 #include "opt_syscall_debug.h" 40 #include "opt_compat_netbsd.h" 41 #include "opt_verified_exec.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/filedesc.h> 46 #include <sys/kernel.h> 47 #include <sys/proc.h> 48 #include <sys/mount.h> 49 #include <sys/malloc.h> 50 #include <sys/namei.h> 51 #include <sys/vnode.h> 52 #include <sys/file.h> 53 #include <sys/acct.h> 54 #include <sys/exec.h> 55 #include <sys/ktrace.h> 56 #include <sys/resourcevar.h> 57 #include <sys/wait.h> 58 #include <sys/mman.h> 59 #include <sys/ras.h> 60 #include <sys/signalvar.h> 61 #include <sys/stat.h> 62 #include <sys/syscall.h> 63 64 #include <sys/sa.h> 65 #include <sys/savar.h> 66 #include <sys/syscallargs.h> 67 #ifdef VERIFIED_EXEC 68 #include <sys/verified_exec.h> 69 #endif 70 71 #ifdef SYSTRACE 72 #include <sys/systrace.h> 73 #endif /* SYSTRACE */ 74 75 #include <uvm/uvm_extern.h> 76 77 #include <machine/cpu.h> 78 #include <machine/reg.h> 79 80 static int exec_sigcode_map(struct proc *, const struct emul *); 81 82 #ifdef DEBUG_EXEC 83 #define DPRINTF(a) uprintf a 84 #else 85 #define DPRINTF(a) 86 #endif /* DEBUG_EXEC */ 87 88 MALLOC_DEFINE(M_EXEC, "exec", "argument lists & other mem used by exec"); 89 90 /* 91 * Exec function switch: 92 * 93 * Note that each makecmds function is responsible for loading the 94 * exec package with the necessary functions for any exec-type-specific 95 * handling. 96 * 97 * Functions for specific exec types should be defined in their own 98 * header file. 99 */ 100 extern const struct execsw execsw_builtin[]; 101 extern int nexecs_builtin; 102 static const struct execsw **execsw = NULL; 103 static int nexecs; 104 105 u_int exec_maxhdrsz; /* must not be static - netbsd32 needs it */ 106 107 #ifdef LKM 108 /* list of supported emulations */ 109 static 110 LIST_HEAD(emlist_head, emul_entry) el_head = LIST_HEAD_INITIALIZER(el_head); 111 struct emul_entry { 112 LIST_ENTRY(emul_entry) el_list; 113 const struct emul *el_emul; 114 int ro_entry; 115 }; 116 117 /* list of dynamically loaded execsw entries */ 118 static 119 LIST_HEAD(execlist_head, exec_entry) ex_head = LIST_HEAD_INITIALIZER(ex_head); 120 struct exec_entry { 121 LIST_ENTRY(exec_entry) ex_list; 122 const struct execsw *es; 123 }; 124 125 /* structure used for building execw[] */ 126 struct execsw_entry { 127 struct execsw_entry *next; 128 const struct execsw *es; 129 }; 130 #endif /* LKM */ 131 132 #ifdef SYSCALL_DEBUG 133 extern const char * const syscallnames[]; 134 #endif 135 136 #ifdef COMPAT_16 137 extern char sigcode[], esigcode[]; 138 struct uvm_object *emul_netbsd_object; 139 #endif 140 141 #ifndef __HAVE_SYSCALL_INTERN 142 void syscall(void); 143 #endif 144 145 /* NetBSD emul struct */ 146 const struct emul emul_netbsd = { 147 "netbsd", 148 NULL, /* emulation path */ 149 #ifndef __HAVE_MINIMAL_EMUL 150 EMUL_HAS_SYS___syscall, 151 NULL, 152 SYS_syscall, 153 SYS_NSYSENT, 154 #endif 155 sysent, 156 #ifdef SYSCALL_DEBUG 157 syscallnames, 158 #else 159 NULL, 160 #endif 161 sendsig, 162 trapsignal, 163 NULL, 164 #ifdef COMPAT_16 165 sigcode, 166 esigcode, 167 &emul_netbsd_object, 168 #else 169 NULL, 170 NULL, 171 NULL, 172 #endif 173 setregs, 174 NULL, 175 NULL, 176 NULL, 177 NULL, 178 NULL, 179 #ifdef __HAVE_SYSCALL_INTERN 180 syscall_intern, 181 #else 182 syscall, 183 #endif 184 NULL, 185 NULL, 186 187 uvm_default_mapaddr, 188 }; 189 190 #ifdef LKM 191 /* 192 * Exec lock. Used to control access to execsw[] structures. 193 * This must not be static so that netbsd32 can access it, too. 194 */ 195 struct lock exec_lock; 196 197 static void link_es(struct execsw_entry **, const struct execsw *); 198 #endif /* LKM */ 199 200 /* 201 * check exec: 202 * given an "executable" described in the exec package's namei info, 203 * see what we can do with it. 204 * 205 * ON ENTRY: 206 * exec package with appropriate namei info 207 * proc pointer of exec'ing proc 208 * if verified exec enabled then flag indicating a direct exec or 209 * an indirect exec (i.e. for a shell script interpreter) 210 * NO SELF-LOCKED VNODES 211 * 212 * ON EXIT: 213 * error: nothing held, etc. exec header still allocated. 214 * ok: filled exec package, executable's vnode (unlocked). 215 * 216 * EXEC SWITCH ENTRY: 217 * Locked vnode to check, exec package, proc. 218 * 219 * EXEC SWITCH EXIT: 220 * ok: return 0, filled exec package, executable's vnode (unlocked). 221 * error: destructive: 222 * everything deallocated execept exec header. 223 * non-destructive: 224 * error code, executable's vnode (unlocked), 225 * exec header unmodified. 226 */ 227 int 228 /*ARGSUSED*/ 229 check_exec(struct proc *p, struct exec_package *epp, int flag) 230 { 231 int error, i; 232 struct vnode *vp; 233 struct nameidata *ndp; 234 size_t resid; 235 236 ndp = epp->ep_ndp; 237 ndp->ni_cnd.cn_nameiop = LOOKUP; 238 ndp->ni_cnd.cn_flags = FOLLOW | LOCKLEAF | SAVENAME; 239 /* first get the vnode */ 240 if ((error = namei(ndp)) != 0) 241 return error; 242 epp->ep_vp = vp = ndp->ni_vp; 243 244 /* check access and type */ 245 if (vp->v_type != VREG) { 246 error = EACCES; 247 goto bad1; 248 } 249 if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0) 250 goto bad1; 251 252 /* get attributes */ 253 if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, p)) != 0) 254 goto bad1; 255 256 /* Check mount point */ 257 if (vp->v_mount->mnt_flag & MNT_NOEXEC) { 258 error = EACCES; 259 goto bad1; 260 } 261 if (vp->v_mount->mnt_flag & MNT_NOSUID) 262 epp->ep_vap->va_mode &= ~(S_ISUID | S_ISGID); 263 264 /* try to open it */ 265 if ((error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) != 0) 266 goto bad1; 267 268 /* unlock vp, since we need it unlocked from here on out. */ 269 VOP_UNLOCK(vp, 0); 270 271 272 #ifdef VERIFIED_EXEC 273 if ((error = veriexec_verify(p, vp, epp->ep_vap, epp->ep_ndp->ni_dirp, 274 flag, NULL)) != 0) 275 goto bad2; 276 #endif 277 278 /* now we have the file, get the exec header */ 279 uvn_attach(vp, VM_PROT_READ); 280 error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0, 281 UIO_SYSSPACE, 0, p->p_ucred, &resid, NULL); 282 if (error) 283 goto bad2; 284 epp->ep_hdrvalid = epp->ep_hdrlen - resid; 285 286 /* 287 * Set up default address space limits. Can be overridden 288 * by individual exec packages. 289 * 290 * XXX probably should be all done in the exec pakages. 291 */ 292 epp->ep_vm_minaddr = VM_MIN_ADDRESS; 293 epp->ep_vm_maxaddr = VM_MAXUSER_ADDRESS; 294 /* 295 * set up the vmcmds for creation of the process 296 * address space 297 */ 298 error = ENOEXEC; 299 for (i = 0; i < nexecs && error != 0; i++) { 300 int newerror; 301 302 epp->ep_esch = execsw[i]; 303 newerror = (*execsw[i]->es_makecmds)(p, epp); 304 /* make sure the first "interesting" error code is saved. */ 305 if (!newerror || error == ENOEXEC) 306 error = newerror; 307 308 /* if es_makecmds call was successful, update epp->ep_es */ 309 if (!newerror && (epp->ep_flags & EXEC_HASES) == 0) 310 epp->ep_es = execsw[i]; 311 312 if (epp->ep_flags & EXEC_DESTR && error != 0) 313 return error; 314 } 315 if (!error) { 316 /* check that entry point is sane */ 317 if (epp->ep_entry > VM_MAXUSER_ADDRESS) 318 error = ENOEXEC; 319 320 /* check limits */ 321 if ((epp->ep_tsize > MAXTSIZ) || 322 (epp->ep_dsize > 323 (u_quad_t)p->p_rlimit[RLIMIT_DATA].rlim_cur)) 324 error = ENOMEM; 325 326 if (!error) 327 return (0); 328 } 329 330 /* 331 * free any vmspace-creation commands, 332 * and release their references 333 */ 334 kill_vmcmds(&epp->ep_vmcmds); 335 336 bad2: 337 /* 338 * close and release the vnode, restore the old one, free the 339 * pathname buf, and punt. 340 */ 341 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 342 VOP_CLOSE(vp, FREAD, p->p_ucred, p); 343 vput(vp); 344 PNBUF_PUT(ndp->ni_cnd.cn_pnbuf); 345 return error; 346 347 bad1: 348 /* 349 * free the namei pathname buffer, and put the vnode 350 * (which we don't yet have open). 351 */ 352 vput(vp); /* was still locked */ 353 PNBUF_PUT(ndp->ni_cnd.cn_pnbuf); 354 return error; 355 } 356 357 #ifdef __MACHINE_STACK_GROWS_UP 358 #define STACK_PTHREADSPACE NBPG 359 #else 360 #define STACK_PTHREADSPACE 0 361 #endif 362 363 static int 364 execve_fetch_element(char * const *array, size_t index, char **value) 365 { 366 return copyin(array + index, value, sizeof(*value)); 367 } 368 369 /* 370 * exec system call 371 */ 372 /* ARGSUSED */ 373 int 374 sys_execve(struct lwp *l, void *v, register_t *retval) 375 { 376 struct sys_execve_args /* { 377 syscallarg(const char *) path; 378 syscallarg(char * const *) argp; 379 syscallarg(char * const *) envp; 380 } */ *uap = v; 381 382 return execve1(l, SCARG(uap, path), SCARG(uap, argp), 383 SCARG(uap, envp), execve_fetch_element); 384 } 385 386 int 387 execve1(struct lwp *l, const char *path, char * const *args, 388 char * const *envs, execve_fetch_element_t fetch_element) 389 { 390 int error; 391 u_int i; 392 struct exec_package pack; 393 struct nameidata nid; 394 struct vattr attr; 395 struct proc *p; 396 struct ucred *cred; 397 char *argp; 398 char *dp, *sp; 399 long argc, envc; 400 size_t len; 401 char *stack; 402 struct ps_strings arginfo; 403 struct vmspace *vm; 404 char **tmpfap; 405 int szsigcode; 406 struct exec_vmcmd *base_vcp; 407 int oldlwpflags; 408 #ifdef SYSTRACE 409 int wassugid = ISSET(p->p_flag, P_SUGID); 410 char pathbuf[MAXPATHLEN]; 411 size_t pathbuflen; 412 #endif /* SYSTRACE */ 413 414 /* Disable scheduler activation upcalls. */ 415 oldlwpflags = l->l_flag & (L_SA | L_SA_UPCALL); 416 if (l->l_flag & L_SA) 417 l->l_flag &= ~(L_SA | L_SA_UPCALL); 418 419 p = l->l_proc; 420 /* 421 * Lock the process and set the P_INEXEC flag to indicate that 422 * it should be left alone until we're done here. This is 423 * necessary to avoid race conditions - e.g. in ptrace() - 424 * that might allow a local user to illicitly obtain elevated 425 * privileges. 426 */ 427 p->p_flag |= P_INEXEC; 428 429 cred = p->p_ucred; 430 base_vcp = NULL; 431 /* 432 * Init the namei data to point the file user's program name. 433 * This is done here rather than in check_exec(), so that it's 434 * possible to override this settings if any of makecmd/probe 435 * functions call check_exec() recursively - for example, 436 * see exec_script_makecmds(). 437 */ 438 #ifdef SYSTRACE 439 if (ISSET(p->p_flag, P_SYSTRACE)) 440 systrace_execve0(p); 441 442 error = copyinstr(path, pathbuf, sizeof(pathbuf), 443 &pathbuflen); 444 if (error) 445 goto clrflg; 446 447 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_SYSSPACE, pathbuf, p); 448 #else 449 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE, path, p); 450 #endif /* SYSTRACE */ 451 452 /* 453 * initialize the fields of the exec package. 454 */ 455 #ifdef SYSTRACE 456 pack.ep_name = pathbuf; 457 #else 458 pack.ep_name = path; 459 #endif /* SYSTRACE */ 460 pack.ep_hdr = malloc(exec_maxhdrsz, M_EXEC, M_WAITOK); 461 pack.ep_hdrlen = exec_maxhdrsz; 462 pack.ep_hdrvalid = 0; 463 pack.ep_ndp = &nid; 464 pack.ep_emul_arg = NULL; 465 pack.ep_vmcmds.evs_cnt = 0; 466 pack.ep_vmcmds.evs_used = 0; 467 pack.ep_vap = &attr; 468 pack.ep_flags = 0; 469 470 #ifdef LKM 471 lockmgr(&exec_lock, LK_SHARED, NULL); 472 #endif 473 474 /* see if we can run it. */ 475 #ifdef VERIFIED_EXEC 476 if ((error = check_exec(p, &pack, VERIEXEC_DIRECT)) != 0) 477 #else 478 if ((error = check_exec(p, &pack, 0)) != 0) 479 #endif 480 goto freehdr; 481 482 /* XXX -- THE FOLLOWING SECTION NEEDS MAJOR CLEANUP */ 483 484 /* allocate an argument buffer */ 485 argp = (char *) uvm_km_alloc(exec_map, NCARGS, 0, 486 UVM_KMF_PAGEABLE|UVM_KMF_WAITVA); 487 #ifdef DIAGNOSTIC 488 if (argp == (vaddr_t) 0) 489 panic("execve: argp == NULL"); 490 #endif 491 dp = argp; 492 argc = 0; 493 494 /* copy the fake args list, if there's one, freeing it as we go */ 495 if (pack.ep_flags & EXEC_HASARGL) { 496 tmpfap = pack.ep_fa; 497 while (*tmpfap != NULL) { 498 char *cp; 499 500 cp = *tmpfap; 501 while (*cp) 502 *dp++ = *cp++; 503 dp++; 504 505 FREE(*tmpfap, M_EXEC); 506 tmpfap++; argc++; 507 } 508 FREE(pack.ep_fa, M_EXEC); 509 pack.ep_flags &= ~EXEC_HASARGL; 510 } 511 512 /* Now get argv & environment */ 513 if (args == NULL) { 514 error = EINVAL; 515 goto bad; 516 } 517 /* 'i' will index the argp/envp element to be retrieved */ 518 i = 0; 519 if (pack.ep_flags & EXEC_SKIPARG) 520 i++; 521 522 while (1) { 523 len = argp + ARG_MAX - dp; 524 if ((error = (*fetch_element)(args, i, &sp)) != 0) 525 goto bad; 526 if (!sp) 527 break; 528 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 529 if (error == ENAMETOOLONG) 530 error = E2BIG; 531 goto bad; 532 } 533 #ifdef KTRACE 534 if (KTRPOINT(p, KTR_EXEC_ARG)) 535 ktrkmem(p, KTR_EXEC_ARG, dp, len - 1); 536 #endif 537 dp += len; 538 i++; 539 argc++; 540 } 541 542 envc = 0; 543 /* environment need not be there */ 544 if (envs != NULL) { 545 i = 0; 546 while (1) { 547 len = argp + ARG_MAX - dp; 548 if ((error = (*fetch_element)(envs, i, &sp)) != 0) 549 goto bad; 550 if (!sp) 551 break; 552 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 553 if (error == ENAMETOOLONG) 554 error = E2BIG; 555 goto bad; 556 } 557 #ifdef KTRACE 558 if (KTRPOINT(p, KTR_EXEC_ENV)) 559 ktrkmem(p, KTR_EXEC_ENV, dp, len - 1); 560 #endif 561 dp += len; 562 i++; 563 envc++; 564 } 565 } 566 567 dp = (char *) ALIGN(dp); 568 569 szsigcode = pack.ep_es->es_emul->e_esigcode - 570 pack.ep_es->es_emul->e_sigcode; 571 572 /* Now check if args & environ fit into new stack */ 573 if (pack.ep_flags & EXEC_32) 574 len = ((argc + envc + 2 + pack.ep_es->es_arglen) * 575 sizeof(int) + sizeof(int) + dp + STACKGAPLEN + 576 szsigcode + sizeof(struct ps_strings) + STACK_PTHREADSPACE) 577 - argp; 578 else 579 len = ((argc + envc + 2 + pack.ep_es->es_arglen) * 580 sizeof(char *) + sizeof(int) + dp + STACKGAPLEN + 581 szsigcode + sizeof(struct ps_strings) + STACK_PTHREADSPACE) 582 - argp; 583 584 len = ALIGN(len); /* make the stack "safely" aligned */ 585 586 if (len > pack.ep_ssize) { /* in effect, compare to initial limit */ 587 error = ENOMEM; 588 goto bad; 589 } 590 591 /* Get rid of other LWPs/ */ 592 p->p_flag |= P_WEXIT; /* XXX hack. lwp-exit stuff wants to see it. */ 593 exit_lwps(l); 594 p->p_flag &= ~P_WEXIT; 595 KDASSERT(p->p_nlwps == 1); 596 597 /* This is now LWP 1 */ 598 l->l_lid = 1; 599 p->p_nlwpid = 1; 600 601 /* Release any SA state. */ 602 if (p->p_sa) 603 sa_release(p); 604 605 /* Remove POSIX timers */ 606 timers_free(p, TIMERS_POSIX); 607 608 /* adjust "active stack depth" for process VSZ */ 609 pack.ep_ssize = len; /* maybe should go elsewhere, but... */ 610 611 /* 612 * Do whatever is necessary to prepare the address space 613 * for remapping. Note that this might replace the current 614 * vmspace with another! 615 */ 616 uvmspace_exec(l, pack.ep_vm_minaddr, pack.ep_vm_maxaddr); 617 618 /* record proc's vnode, for use by procfs and others */ 619 if (p->p_textvp) 620 vrele(p->p_textvp); 621 VREF(pack.ep_vp); 622 p->p_textvp = pack.ep_vp; 623 624 /* Now map address space */ 625 vm = p->p_vmspace; 626 vm->vm_taddr = (caddr_t) pack.ep_taddr; 627 vm->vm_tsize = btoc(pack.ep_tsize); 628 vm->vm_daddr = (caddr_t) pack.ep_daddr; 629 vm->vm_dsize = btoc(pack.ep_dsize); 630 vm->vm_ssize = btoc(pack.ep_ssize); 631 vm->vm_maxsaddr = (caddr_t) pack.ep_maxsaddr; 632 vm->vm_minsaddr = (caddr_t) pack.ep_minsaddr; 633 634 /* create the new process's VM space by running the vmcmds */ 635 #ifdef DIAGNOSTIC 636 if (pack.ep_vmcmds.evs_used == 0) 637 panic("execve: no vmcmds"); 638 #endif 639 for (i = 0; i < pack.ep_vmcmds.evs_used && !error; i++) { 640 struct exec_vmcmd *vcp; 641 642 vcp = &pack.ep_vmcmds.evs_cmds[i]; 643 if (vcp->ev_flags & VMCMD_RELATIVE) { 644 #ifdef DIAGNOSTIC 645 if (base_vcp == NULL) 646 panic("execve: relative vmcmd with no base"); 647 if (vcp->ev_flags & VMCMD_BASE) 648 panic("execve: illegal base & relative vmcmd"); 649 #endif 650 vcp->ev_addr += base_vcp->ev_addr; 651 } 652 error = (*vcp->ev_proc)(p, vcp); 653 #ifdef DEBUG_EXEC 654 if (error) { 655 int j; 656 struct exec_vmcmd *vp = &pack.ep_vmcmds.evs_cmds[0]; 657 for (j = 0; j <= i; j++) 658 uprintf( 659 "vmcmd[%d] = %#lx/%#lx fd@%#lx prot=0%o flags=%d\n", 660 j, vp[j].ev_addr, vp[j].ev_len, 661 vp[j].ev_offset, vp[j].ev_prot, 662 vp[j].ev_flags); 663 } 664 #endif /* DEBUG_EXEC */ 665 if (vcp->ev_flags & VMCMD_BASE) 666 base_vcp = vcp; 667 } 668 669 /* free the vmspace-creation commands, and release their references */ 670 kill_vmcmds(&pack.ep_vmcmds); 671 672 vn_lock(pack.ep_vp, LK_EXCLUSIVE | LK_RETRY); 673 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 674 vput(pack.ep_vp); 675 676 /* if an error happened, deallocate and punt */ 677 if (error) { 678 DPRINTF(("execve: vmcmd %i failed: %d\n", i - 1, error)); 679 goto exec_abort; 680 } 681 682 /* remember information about the process */ 683 arginfo.ps_nargvstr = argc; 684 arginfo.ps_nenvstr = envc; 685 686 stack = (char *)STACK_ALLOC(STACK_GROW(vm->vm_minsaddr, 687 STACK_PTHREADSPACE + sizeof(struct ps_strings) + szsigcode), 688 len - (sizeof(struct ps_strings) + szsigcode)); 689 #ifdef __MACHINE_STACK_GROWS_UP 690 /* 691 * The copyargs call always copies into lower addresses 692 * first, moving towards higher addresses, starting with 693 * the stack pointer that we give. When the stack grows 694 * down, this puts argc/argv/envp very shallow on the 695 * stack, right at the first user stack pointer, and puts 696 * STACKGAPLEN very deep in the stack. When the stack 697 * grows up, the situation is reversed. 698 * 699 * Normally, this is no big deal. But the ld_elf.so _rtld() 700 * function expects to be called with a single pointer to 701 * a region that has a few words it can stash values into, 702 * followed by argc/argv/envp. When the stack grows down, 703 * it's easy to decrement the stack pointer a little bit to 704 * allocate the space for these few words and pass the new 705 * stack pointer to _rtld. When the stack grows up, however, 706 * a few words before argc is part of the signal trampoline, XXX 707 * so we have a problem. 708 * 709 * Instead of changing how _rtld works, we take the easy way 710 * out and steal 32 bytes before we call copyargs. This 711 * space is effectively stolen from STACKGAPLEN. 712 */ 713 stack += 32; 714 #endif /* __MACHINE_STACK_GROWS_UP */ 715 716 /* Now copy argc, args & environ to new stack */ 717 error = (*pack.ep_es->es_copyargs)(p, &pack, &arginfo, &stack, argp); 718 if (error) { 719 DPRINTF(("execve: copyargs failed %d\n", error)); 720 goto exec_abort; 721 } 722 /* Move the stack back to original point */ 723 stack = (char *)STACK_GROW(vm->vm_minsaddr, len); 724 725 /* fill process ps_strings info */ 726 p->p_psstr = (struct ps_strings *) 727 STACK_ALLOC(STACK_GROW(vm->vm_minsaddr, STACK_PTHREADSPACE), 728 sizeof(struct ps_strings)); 729 p->p_psargv = offsetof(struct ps_strings, ps_argvstr); 730 p->p_psnargv = offsetof(struct ps_strings, ps_nargvstr); 731 p->p_psenv = offsetof(struct ps_strings, ps_envstr); 732 p->p_psnenv = offsetof(struct ps_strings, ps_nenvstr); 733 734 /* copy out the process's ps_strings structure */ 735 if ((error = copyout(&arginfo, (char *)p->p_psstr, 736 sizeof(arginfo))) != 0) { 737 DPRINTF(("execve: ps_strings copyout %p->%p size %ld failed\n", 738 &arginfo, (char *)p->p_psstr, (long)sizeof(arginfo))); 739 goto exec_abort; 740 } 741 742 stopprofclock(p); /* stop profiling */ 743 fdcloseexec(p); /* handle close on exec */ 744 execsigs(p); /* reset catched signals */ 745 746 l->l_ctxlink = NULL; /* reset ucontext link */ 747 748 /* set command name & other accounting info */ 749 len = min(nid.ni_cnd.cn_namelen, MAXCOMLEN); 750 memcpy(p->p_comm, nid.ni_cnd.cn_nameptr, len); 751 p->p_comm[len] = 0; 752 p->p_acflag &= ~AFORK; 753 754 p->p_flag |= P_EXEC; 755 if (p->p_flag & P_PPWAIT) { 756 p->p_flag &= ~P_PPWAIT; 757 wakeup((caddr_t) p->p_pptr); 758 } 759 760 /* 761 * deal with set[ug]id. 762 * MNT_NOSUID has already been used to disable s[ug]id. 763 */ 764 if ((p->p_flag & P_TRACED) == 0 && 765 766 (((attr.va_mode & S_ISUID) != 0 && 767 p->p_ucred->cr_uid != attr.va_uid) || 768 769 ((attr.va_mode & S_ISGID) != 0 && 770 p->p_ucred->cr_gid != attr.va_gid))) { 771 /* 772 * Mark the process as SUGID before we do 773 * anything that might block. 774 */ 775 p_sugid(p); 776 777 /* Make sure file descriptors 0..2 are in use. */ 778 if ((error = fdcheckstd(p)) != 0) 779 goto exec_abort; 780 781 p->p_ucred = crcopy(cred); 782 #ifdef KTRACE 783 /* 784 * If process is being ktraced, turn off - unless 785 * root set it. 786 */ 787 if (p->p_tracep && !(p->p_traceflag & KTRFAC_ROOT)) 788 ktrderef(p); 789 #endif 790 if (attr.va_mode & S_ISUID) 791 p->p_ucred->cr_uid = attr.va_uid; 792 if (attr.va_mode & S_ISGID) 793 p->p_ucred->cr_gid = attr.va_gid; 794 } else 795 p->p_flag &= ~P_SUGID; 796 p->p_cred->p_svuid = p->p_ucred->cr_uid; 797 p->p_cred->p_svgid = p->p_ucred->cr_gid; 798 799 #if defined(__HAVE_RAS) 800 /* 801 * Remove all RASs from the address space. 802 */ 803 ras_purgeall(p); 804 #endif 805 806 doexechooks(p); 807 808 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 809 810 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 811 812 /* notify others that we exec'd */ 813 KNOTE(&p->p_klist, NOTE_EXEC); 814 815 /* setup new registers and do misc. setup. */ 816 (*pack.ep_es->es_emul->e_setregs)(l, &pack, (u_long) stack); 817 if (pack.ep_es->es_setregs) 818 (*pack.ep_es->es_setregs)(l, &pack, (u_long) stack); 819 820 /* map the process's signal trampoline code */ 821 if (exec_sigcode_map(p, pack.ep_es->es_emul)) 822 goto exec_abort; 823 824 if (p->p_flag & P_TRACED) 825 psignal(p, SIGTRAP); 826 827 free(pack.ep_hdr, M_EXEC); 828 829 /* 830 * Call emulation specific exec hook. This can setup per-process 831 * p->p_emuldata or do any other per-process stuff an emulation needs. 832 * 833 * If we are executing process of different emulation than the 834 * original forked process, call e_proc_exit() of the old emulation 835 * first, then e_proc_exec() of new emulation. If the emulation is 836 * same, the exec hook code should deallocate any old emulation 837 * resources held previously by this process. 838 */ 839 if (p->p_emul && p->p_emul->e_proc_exit 840 && p->p_emul != pack.ep_es->es_emul) 841 (*p->p_emul->e_proc_exit)(p); 842 843 /* 844 * Call exec hook. Emulation code may NOT store reference to anything 845 * from &pack. 846 */ 847 if (pack.ep_es->es_emul->e_proc_exec) 848 (*pack.ep_es->es_emul->e_proc_exec)(p, &pack); 849 850 /* update p_emul, the old value is no longer needed */ 851 p->p_emul = pack.ep_es->es_emul; 852 853 /* ...and the same for p_execsw */ 854 p->p_execsw = pack.ep_es; 855 856 #ifdef __HAVE_SYSCALL_INTERN 857 (*p->p_emul->e_syscall_intern)(p); 858 #endif 859 #ifdef KTRACE 860 if (KTRPOINT(p, KTR_EMUL)) 861 ktremul(p); 862 #endif 863 864 #ifdef LKM 865 lockmgr(&exec_lock, LK_RELEASE, NULL); 866 #endif 867 p->p_flag &= ~P_INEXEC; 868 869 if (p->p_flag & P_STOPEXEC) { 870 int s; 871 872 sigminusset(&contsigmask, &p->p_sigctx.ps_siglist); 873 SCHED_LOCK(s); 874 p->p_pptr->p_nstopchild++; 875 p->p_stat = SSTOP; 876 l->l_stat = LSSTOP; 877 p->p_nrlwps--; 878 mi_switch(l, NULL); 879 SCHED_ASSERT_UNLOCKED(); 880 splx(s); 881 } 882 883 #ifdef SYSTRACE 884 if (ISSET(p->p_flag, P_SYSTRACE) && 885 wassugid && !ISSET(p->p_flag, P_SUGID)) 886 systrace_execve1(pathbuf, p); 887 #endif /* SYSTRACE */ 888 889 return (EJUSTRETURN); 890 891 bad: 892 p->p_flag &= ~P_INEXEC; 893 /* free the vmspace-creation commands, and release their references */ 894 kill_vmcmds(&pack.ep_vmcmds); 895 /* kill any opened file descriptor, if necessary */ 896 if (pack.ep_flags & EXEC_HASFD) { 897 pack.ep_flags &= ~EXEC_HASFD; 898 (void) fdrelease(p, pack.ep_fd); 899 } 900 /* close and put the exec'd file */ 901 vn_lock(pack.ep_vp, LK_EXCLUSIVE | LK_RETRY); 902 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 903 vput(pack.ep_vp); 904 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 905 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 906 907 freehdr: 908 free(pack.ep_hdr, M_EXEC); 909 910 #ifdef SYSTRACE 911 clrflg: 912 #endif /* SYSTRACE */ 913 l->l_flag |= oldlwpflags; 914 p->p_flag &= ~P_INEXEC; 915 #ifdef LKM 916 lockmgr(&exec_lock, LK_RELEASE, NULL); 917 #endif 918 919 return error; 920 921 exec_abort: 922 p->p_flag &= ~P_INEXEC; 923 #ifdef LKM 924 lockmgr(&exec_lock, LK_RELEASE, NULL); 925 #endif 926 927 /* 928 * the old process doesn't exist anymore. exit gracefully. 929 * get rid of the (new) address space we have created, if any, get rid 930 * of our namei data and vnode, and exit noting failure 931 */ 932 uvm_deallocate(&vm->vm_map, VM_MIN_ADDRESS, 933 VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS); 934 if (pack.ep_emul_arg) 935 FREE(pack.ep_emul_arg, M_TEMP); 936 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 937 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 938 free(pack.ep_hdr, M_EXEC); 939 exit1(l, W_EXITCODE(error, SIGABRT)); 940 941 /* NOTREACHED */ 942 return 0; 943 } 944 945 946 int 947 copyargs(struct proc *p, struct exec_package *pack, struct ps_strings *arginfo, 948 char **stackp, void *argp) 949 { 950 char **cpp, *dp, *sp; 951 size_t len; 952 void *nullp; 953 long argc, envc; 954 int error; 955 956 cpp = (char **)*stackp; 957 nullp = NULL; 958 argc = arginfo->ps_nargvstr; 959 envc = arginfo->ps_nenvstr; 960 if ((error = copyout(&argc, cpp++, sizeof(argc))) != 0) 961 return error; 962 963 dp = (char *) (cpp + argc + envc + 2 + pack->ep_es->es_arglen); 964 sp = argp; 965 966 /* XXX don't copy them out, remap them! */ 967 arginfo->ps_argvstr = cpp; /* remember location of argv for later */ 968 969 for (; --argc >= 0; sp += len, dp += len) 970 if ((error = copyout(&dp, cpp++, sizeof(dp))) != 0 || 971 (error = copyoutstr(sp, dp, ARG_MAX, &len)) != 0) 972 return error; 973 974 if ((error = copyout(&nullp, cpp++, sizeof(nullp))) != 0) 975 return error; 976 977 arginfo->ps_envstr = cpp; /* remember location of envp for later */ 978 979 for (; --envc >= 0; sp += len, dp += len) 980 if ((error = copyout(&dp, cpp++, sizeof(dp))) != 0 || 981 (error = copyoutstr(sp, dp, ARG_MAX, &len)) != 0) 982 return error; 983 984 if ((error = copyout(&nullp, cpp++, sizeof(nullp))) != 0) 985 return error; 986 987 *stackp = (char *)cpp; 988 return 0; 989 } 990 991 #ifdef LKM 992 /* 993 * Find an emulation of given name in list of emulations. 994 * Needs to be called with the exec_lock held. 995 */ 996 const struct emul * 997 emul_search(const char *name) 998 { 999 struct emul_entry *it; 1000 1001 LIST_FOREACH(it, &el_head, el_list) { 1002 if (strcmp(name, it->el_emul->e_name) == 0) 1003 return it->el_emul; 1004 } 1005 1006 return NULL; 1007 } 1008 1009 /* 1010 * Add an emulation to list, if it's not there already. 1011 */ 1012 int 1013 emul_register(const struct emul *emul, int ro_entry) 1014 { 1015 struct emul_entry *ee; 1016 int error; 1017 1018 error = 0; 1019 lockmgr(&exec_lock, LK_SHARED, NULL); 1020 1021 if (emul_search(emul->e_name)) { 1022 error = EEXIST; 1023 goto out; 1024 } 1025 1026 MALLOC(ee, struct emul_entry *, sizeof(struct emul_entry), 1027 M_EXEC, M_WAITOK); 1028 ee->el_emul = emul; 1029 ee->ro_entry = ro_entry; 1030 LIST_INSERT_HEAD(&el_head, ee, el_list); 1031 1032 out: 1033 lockmgr(&exec_lock, LK_RELEASE, NULL); 1034 return error; 1035 } 1036 1037 /* 1038 * Remove emulation with name 'name' from list of supported emulations. 1039 */ 1040 int 1041 emul_unregister(const char *name) 1042 { 1043 const struct proclist_desc *pd; 1044 struct emul_entry *it; 1045 int i, error; 1046 struct proc *ptmp; 1047 1048 error = 0; 1049 lockmgr(&exec_lock, LK_SHARED, NULL); 1050 1051 LIST_FOREACH(it, &el_head, el_list) { 1052 if (strcmp(it->el_emul->e_name, name) == 0) 1053 break; 1054 } 1055 1056 if (!it) { 1057 error = ENOENT; 1058 goto out; 1059 } 1060 1061 if (it->ro_entry) { 1062 error = EBUSY; 1063 goto out; 1064 } 1065 1066 /* test if any execw[] entry is still using this */ 1067 for(i=0; i < nexecs; i++) { 1068 if (execsw[i]->es_emul == it->el_emul) { 1069 error = EBUSY; 1070 goto out; 1071 } 1072 } 1073 1074 /* 1075 * Test if any process is running under this emulation - since 1076 * emul_unregister() is running quite sendomly, it's better 1077 * to do expensive check here than to use any locking. 1078 */ 1079 proclist_lock_read(); 1080 for (pd = proclists; pd->pd_list != NULL && !error; pd++) { 1081 PROCLIST_FOREACH(ptmp, pd->pd_list) { 1082 if (ptmp->p_emul == it->el_emul) { 1083 error = EBUSY; 1084 break; 1085 } 1086 } 1087 } 1088 proclist_unlock_read(); 1089 1090 if (error) 1091 goto out; 1092 1093 1094 /* entry is not used, remove it */ 1095 LIST_REMOVE(it, el_list); 1096 FREE(it, M_EXEC); 1097 1098 out: 1099 lockmgr(&exec_lock, LK_RELEASE, NULL); 1100 return error; 1101 } 1102 1103 /* 1104 * Add execsw[] entry. 1105 */ 1106 int 1107 exec_add(struct execsw *esp, const char *e_name) 1108 { 1109 struct exec_entry *it; 1110 int error; 1111 1112 error = 0; 1113 lockmgr(&exec_lock, LK_EXCLUSIVE, NULL); 1114 1115 if (!esp->es_emul) { 1116 esp->es_emul = emul_search(e_name); 1117 if (!esp->es_emul) { 1118 error = ENOENT; 1119 goto out; 1120 } 1121 } 1122 1123 LIST_FOREACH(it, &ex_head, ex_list) { 1124 /* assume tuple (makecmds, probe_func, emulation) is unique */ 1125 if (it->es->es_makecmds == esp->es_makecmds 1126 && it->es->u.elf_probe_func == esp->u.elf_probe_func 1127 && it->es->es_emul == esp->es_emul) { 1128 error = EEXIST; 1129 goto out; 1130 } 1131 } 1132 1133 /* if we got here, the entry doesn't exist yet */ 1134 MALLOC(it, struct exec_entry *, sizeof(struct exec_entry), 1135 M_EXEC, M_WAITOK); 1136 it->es = esp; 1137 LIST_INSERT_HEAD(&ex_head, it, ex_list); 1138 1139 /* update execsw[] */ 1140 exec_init(0); 1141 1142 out: 1143 lockmgr(&exec_lock, LK_RELEASE, NULL); 1144 return error; 1145 } 1146 1147 /* 1148 * Remove execsw[] entry. 1149 */ 1150 int 1151 exec_remove(const struct execsw *esp) 1152 { 1153 struct exec_entry *it; 1154 int error; 1155 1156 error = 0; 1157 lockmgr(&exec_lock, LK_EXCLUSIVE, NULL); 1158 1159 LIST_FOREACH(it, &ex_head, ex_list) { 1160 /* assume tuple (makecmds, probe_func, emulation) is unique */ 1161 if (it->es->es_makecmds == esp->es_makecmds 1162 && it->es->u.elf_probe_func == esp->u.elf_probe_func 1163 && it->es->es_emul == esp->es_emul) 1164 break; 1165 } 1166 if (!it) { 1167 error = ENOENT; 1168 goto out; 1169 } 1170 1171 /* remove item from list and free resources */ 1172 LIST_REMOVE(it, ex_list); 1173 FREE(it, M_EXEC); 1174 1175 /* update execsw[] */ 1176 exec_init(0); 1177 1178 out: 1179 lockmgr(&exec_lock, LK_RELEASE, NULL); 1180 return error; 1181 } 1182 1183 static void 1184 link_es(struct execsw_entry **listp, const struct execsw *esp) 1185 { 1186 struct execsw_entry *et, *e1; 1187 1188 MALLOC(et, struct execsw_entry *, sizeof(struct execsw_entry), 1189 M_TEMP, M_WAITOK); 1190 et->next = NULL; 1191 et->es = esp; 1192 if (*listp == NULL) { 1193 *listp = et; 1194 return; 1195 } 1196 1197 switch(et->es->es_prio) { 1198 case EXECSW_PRIO_FIRST: 1199 /* put new entry as the first */ 1200 et->next = *listp; 1201 *listp = et; 1202 break; 1203 case EXECSW_PRIO_ANY: 1204 /* put new entry after all *_FIRST and *_ANY entries */ 1205 for(e1 = *listp; e1->next 1206 && e1->next->es->es_prio != EXECSW_PRIO_LAST; 1207 e1 = e1->next); 1208 et->next = e1->next; 1209 e1->next = et; 1210 break; 1211 case EXECSW_PRIO_LAST: 1212 /* put new entry as the last one */ 1213 for(e1 = *listp; e1->next; e1 = e1->next); 1214 e1->next = et; 1215 break; 1216 default: 1217 #ifdef DIAGNOSTIC 1218 panic("execw[] entry with unknown priority %d found", 1219 et->es->es_prio); 1220 #endif 1221 break; 1222 } 1223 } 1224 1225 /* 1226 * Initialize exec structures. If init_boot is true, also does necessary 1227 * one-time initialization (it's called from main() that way). 1228 * Once system is multiuser, this should be called with exec_lock held, 1229 * i.e. via exec_{add|remove}(). 1230 */ 1231 int 1232 exec_init(int init_boot) 1233 { 1234 const struct execsw **new_es, * const *old_es; 1235 struct execsw_entry *list, *e1; 1236 struct exec_entry *e2; 1237 int i, es_sz; 1238 1239 if (init_boot) { 1240 /* do one-time initializations */ 1241 lockinit(&exec_lock, PWAIT, "execlck", 0, 0); 1242 1243 /* register compiled-in emulations */ 1244 for(i=0; i < nexecs_builtin; i++) { 1245 if (execsw_builtin[i].es_emul) 1246 emul_register(execsw_builtin[i].es_emul, 1); 1247 } 1248 #ifdef DIAGNOSTIC 1249 if (i == 0) 1250 panic("no emulations found in execsw_builtin[]"); 1251 #endif 1252 } 1253 1254 /* 1255 * Build execsw[] array from builtin entries and entries added 1256 * at runtime. 1257 */ 1258 list = NULL; 1259 for(i=0; i < nexecs_builtin; i++) 1260 link_es(&list, &execsw_builtin[i]); 1261 1262 /* Add dynamically loaded entries */ 1263 es_sz = nexecs_builtin; 1264 LIST_FOREACH(e2, &ex_head, ex_list) { 1265 link_es(&list, e2->es); 1266 es_sz++; 1267 } 1268 1269 /* 1270 * Now that we have sorted all execw entries, create new execsw[] 1271 * and free no longer needed memory in the process. 1272 */ 1273 new_es = malloc(es_sz * sizeof(struct execsw *), M_EXEC, M_WAITOK); 1274 for(i=0; list; i++) { 1275 new_es[i] = list->es; 1276 e1 = list->next; 1277 FREE(list, M_TEMP); 1278 list = e1; 1279 } 1280 1281 /* 1282 * New execsw[] array built, now replace old execsw[] and free 1283 * used memory. 1284 */ 1285 old_es = execsw; 1286 execsw = new_es; 1287 nexecs = es_sz; 1288 if (old_es) 1289 /*XXXUNCONST*/ 1290 free(__UNCONST(old_es), M_EXEC); 1291 1292 /* 1293 * Figure out the maximum size of an exec header. 1294 */ 1295 exec_maxhdrsz = 0; 1296 for (i = 0; i < nexecs; i++) { 1297 if (execsw[i]->es_hdrsz > exec_maxhdrsz) 1298 exec_maxhdrsz = execsw[i]->es_hdrsz; 1299 } 1300 1301 return 0; 1302 } 1303 #endif 1304 1305 #ifndef LKM 1306 /* 1307 * Simplified exec_init() for kernels without LKMs. Only initialize 1308 * exec_maxhdrsz and execsw[]. 1309 */ 1310 int 1311 exec_init(int init_boot) 1312 { 1313 int i; 1314 1315 #ifdef DIAGNOSTIC 1316 if (!init_boot) 1317 panic("exec_init(): called with init_boot == 0"); 1318 #endif 1319 1320 /* do one-time initializations */ 1321 nexecs = nexecs_builtin; 1322 execsw = malloc(nexecs*sizeof(struct execsw *), M_EXEC, M_WAITOK); 1323 1324 /* 1325 * Fill in execsw[] and figure out the maximum size of an exec header. 1326 */ 1327 exec_maxhdrsz = 0; 1328 for(i=0; i < nexecs; i++) { 1329 execsw[i] = &execsw_builtin[i]; 1330 if (execsw_builtin[i].es_hdrsz > exec_maxhdrsz) 1331 exec_maxhdrsz = execsw_builtin[i].es_hdrsz; 1332 } 1333 1334 return 0; 1335 1336 } 1337 #endif /* !LKM */ 1338 1339 static int 1340 exec_sigcode_map(struct proc *p, const struct emul *e) 1341 { 1342 vaddr_t va; 1343 vsize_t sz; 1344 int error; 1345 struct uvm_object *uobj; 1346 1347 sz = (vaddr_t)e->e_esigcode - (vaddr_t)e->e_sigcode; 1348 1349 if (e->e_sigobject == NULL || sz == 0) { 1350 return 0; 1351 } 1352 1353 /* 1354 * If we don't have a sigobject for this emulation, create one. 1355 * 1356 * sigobject is an anonymous memory object (just like SYSV shared 1357 * memory) that we keep a permanent reference to and that we map 1358 * in all processes that need this sigcode. The creation is simple, 1359 * we create an object, add a permanent reference to it, map it in 1360 * kernel space, copy out the sigcode to it and unmap it. 1361 * We map it with PROT_READ|PROT_EXEC into the process just 1362 * the way sys_mmap() would map it. 1363 */ 1364 1365 uobj = *e->e_sigobject; 1366 if (uobj == NULL) { 1367 uobj = uao_create(sz, 0); 1368 (*uobj->pgops->pgo_reference)(uobj); 1369 va = vm_map_min(kernel_map); 1370 if ((error = uvm_map(kernel_map, &va, round_page(sz), 1371 uobj, 0, 0, 1372 UVM_MAPFLAG(UVM_PROT_RW, UVM_PROT_RW, 1373 UVM_INH_SHARE, UVM_ADV_RANDOM, 0)))) { 1374 printf("kernel mapping failed %d\n", error); 1375 (*uobj->pgops->pgo_detach)(uobj); 1376 return (error); 1377 } 1378 memcpy((void *)va, e->e_sigcode, sz); 1379 #ifdef PMAP_NEED_PROCWR 1380 pmap_procwr(&proc0, va, sz); 1381 #endif 1382 uvm_unmap(kernel_map, va, va + round_page(sz)); 1383 *e->e_sigobject = uobj; 1384 } 1385 1386 /* Just a hint to uvm_map where to put it. */ 1387 va = e->e_vm_default_addr(p, (vaddr_t)p->p_vmspace->vm_daddr, 1388 round_page(sz)); 1389 1390 #ifdef __alpha__ 1391 /* 1392 * Tru64 puts /sbin/loader at the end of user virtual memory, 1393 * which causes the above calculation to put the sigcode at 1394 * an invalid address. Put it just below the text instead. 1395 */ 1396 if (va == (vaddr_t)vm_map_max(&p->p_vmspace->vm_map)) { 1397 va = (vaddr_t)p->p_vmspace->vm_taddr - round_page(sz); 1398 } 1399 #endif 1400 1401 (*uobj->pgops->pgo_reference)(uobj); 1402 error = uvm_map(&p->p_vmspace->vm_map, &va, round_page(sz), 1403 uobj, 0, 0, 1404 UVM_MAPFLAG(UVM_PROT_RX, UVM_PROT_RX, UVM_INH_SHARE, 1405 UVM_ADV_RANDOM, 0)); 1406 if (error) { 1407 (*uobj->pgops->pgo_detach)(uobj); 1408 return (error); 1409 } 1410 p->p_sigctx.ps_sigcode = (void *)va; 1411 return (0); 1412 } 1413