1 /* $NetBSD: kern_exec.c,v 1.209 2005/08/19 02:04:03 christos Exp $ */ 2 3 /*- 4 * Copyright (C) 1993, 1994, 1996 Christopher G. Demetriou 5 * Copyright (C) 1992 Wolfgang Solfrank. 6 * Copyright (C) 1992 TooLs GmbH. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by TooLs GmbH. 20 * 4. The name of TooLs GmbH may not be used to endorse or promote products 21 * derived from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 28 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 29 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 30 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 31 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 32 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 __KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.209 2005/08/19 02:04:03 christos Exp $"); 37 38 #include "opt_ktrace.h" 39 #include "opt_syscall_debug.h" 40 #include "opt_compat_netbsd.h" 41 #include "opt_verified_exec.h" 42 43 #include <sys/param.h> 44 #include <sys/systm.h> 45 #include <sys/filedesc.h> 46 #include <sys/kernel.h> 47 #include <sys/proc.h> 48 #include <sys/mount.h> 49 #include <sys/malloc.h> 50 #include <sys/namei.h> 51 #include <sys/vnode.h> 52 #include <sys/file.h> 53 #include <sys/acct.h> 54 #include <sys/exec.h> 55 #include <sys/ktrace.h> 56 #include <sys/resourcevar.h> 57 #include <sys/wait.h> 58 #include <sys/mman.h> 59 #include <sys/ras.h> 60 #include <sys/signalvar.h> 61 #include <sys/stat.h> 62 #include <sys/syscall.h> 63 64 #include <sys/sa.h> 65 #include <sys/savar.h> 66 #include <sys/syscallargs.h> 67 #ifdef VERIFIED_EXEC 68 #include <sys/verified_exec.h> 69 #endif 70 71 #ifdef SYSTRACE 72 #include <sys/systrace.h> 73 #endif /* SYSTRACE */ 74 75 #include <uvm/uvm_extern.h> 76 77 #include <machine/cpu.h> 78 #include <machine/reg.h> 79 80 static int exec_sigcode_map(struct proc *, const struct emul *); 81 82 #ifdef DEBUG_EXEC 83 #define DPRINTF(a) uprintf a 84 #else 85 #define DPRINTF(a) 86 #endif /* DEBUG_EXEC */ 87 88 MALLOC_DEFINE(M_EXEC, "exec", "argument lists & other mem used by exec"); 89 90 /* 91 * Exec function switch: 92 * 93 * Note that each makecmds function is responsible for loading the 94 * exec package with the necessary functions for any exec-type-specific 95 * handling. 96 * 97 * Functions for specific exec types should be defined in their own 98 * header file. 99 */ 100 extern const struct execsw execsw_builtin[]; 101 extern int nexecs_builtin; 102 static const struct execsw **execsw = NULL; 103 static int nexecs; 104 105 u_int exec_maxhdrsz; /* must not be static - netbsd32 needs it */ 106 107 #ifdef LKM 108 /* list of supported emulations */ 109 static 110 LIST_HEAD(emlist_head, emul_entry) el_head = LIST_HEAD_INITIALIZER(el_head); 111 struct emul_entry { 112 LIST_ENTRY(emul_entry) el_list; 113 const struct emul *el_emul; 114 int ro_entry; 115 }; 116 117 /* list of dynamically loaded execsw entries */ 118 static 119 LIST_HEAD(execlist_head, exec_entry) ex_head = LIST_HEAD_INITIALIZER(ex_head); 120 struct exec_entry { 121 LIST_ENTRY(exec_entry) ex_list; 122 const struct execsw *es; 123 }; 124 125 /* structure used for building execw[] */ 126 struct execsw_entry { 127 struct execsw_entry *next; 128 const struct execsw *es; 129 }; 130 #endif /* LKM */ 131 132 #ifdef SYSCALL_DEBUG 133 extern const char * const syscallnames[]; 134 #endif 135 136 #ifdef COMPAT_16 137 extern char sigcode[], esigcode[]; 138 struct uvm_object *emul_netbsd_object; 139 #endif 140 141 #ifndef __HAVE_SYSCALL_INTERN 142 void syscall(void); 143 #endif 144 145 /* NetBSD emul struct */ 146 const struct emul emul_netbsd = { 147 "netbsd", 148 NULL, /* emulation path */ 149 #ifndef __HAVE_MINIMAL_EMUL 150 EMUL_HAS_SYS___syscall, 151 NULL, 152 SYS_syscall, 153 SYS_NSYSENT, 154 #endif 155 sysent, 156 #ifdef SYSCALL_DEBUG 157 syscallnames, 158 #else 159 NULL, 160 #endif 161 sendsig, 162 trapsignal, 163 NULL, 164 #ifdef COMPAT_16 165 sigcode, 166 esigcode, 167 &emul_netbsd_object, 168 #else 169 NULL, 170 NULL, 171 NULL, 172 #endif 173 setregs, 174 NULL, 175 NULL, 176 NULL, 177 NULL, 178 NULL, 179 #ifdef __HAVE_SYSCALL_INTERN 180 syscall_intern, 181 #else 182 syscall, 183 #endif 184 NULL, 185 NULL, 186 187 uvm_default_mapaddr, 188 }; 189 190 #ifdef LKM 191 /* 192 * Exec lock. Used to control access to execsw[] structures. 193 * This must not be static so that netbsd32 can access it, too. 194 */ 195 struct lock exec_lock; 196 197 static void link_es(struct execsw_entry **, const struct execsw *); 198 #endif /* LKM */ 199 200 /* 201 * check exec: 202 * given an "executable" described in the exec package's namei info, 203 * see what we can do with it. 204 * 205 * ON ENTRY: 206 * exec package with appropriate namei info 207 * proc pointer of exec'ing proc 208 * if verified exec enabled then flag indicating a direct exec or 209 * an indirect exec (i.e. for a shell script interpreter) 210 * NO SELF-LOCKED VNODES 211 * 212 * ON EXIT: 213 * error: nothing held, etc. exec header still allocated. 214 * ok: filled exec package, executable's vnode (unlocked). 215 * 216 * EXEC SWITCH ENTRY: 217 * Locked vnode to check, exec package, proc. 218 * 219 * EXEC SWITCH EXIT: 220 * ok: return 0, filled exec package, executable's vnode (unlocked). 221 * error: destructive: 222 * everything deallocated execept exec header. 223 * non-destructive: 224 * error code, executable's vnode (unlocked), 225 * exec header unmodified. 226 */ 227 int 228 /*ARGSUSED*/ 229 check_exec(struct proc *p, struct exec_package *epp, int flag) 230 { 231 int error, i; 232 struct vnode *vp; 233 struct nameidata *ndp; 234 size_t resid; 235 236 ndp = epp->ep_ndp; 237 ndp->ni_cnd.cn_nameiop = LOOKUP; 238 ndp->ni_cnd.cn_flags = FOLLOW | LOCKLEAF | SAVENAME; 239 /* first get the vnode */ 240 if ((error = namei(ndp)) != 0) 241 return error; 242 epp->ep_vp = vp = ndp->ni_vp; 243 244 /* check access and type */ 245 if (vp->v_type != VREG) { 246 error = EACCES; 247 goto bad1; 248 } 249 if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0) 250 goto bad1; 251 252 /* get attributes */ 253 if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, p)) != 0) 254 goto bad1; 255 256 /* Check mount point */ 257 if (vp->v_mount->mnt_flag & MNT_NOEXEC) { 258 error = EACCES; 259 goto bad1; 260 } 261 if (vp->v_mount->mnt_flag & MNT_NOSUID) 262 epp->ep_vap->va_mode &= ~(S_ISUID | S_ISGID); 263 264 /* try to open it */ 265 if ((error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) != 0) 266 goto bad1; 267 268 /* unlock vp, since we need it unlocked from here on out. */ 269 VOP_UNLOCK(vp, 0); 270 271 272 #ifdef VERIFIED_EXEC 273 if ((error = veriexec_verify(p, vp, epp->ep_vap, epp->ep_ndp->ni_dirp, 274 flag, NULL)) != 0) 275 goto bad2; 276 #endif 277 278 /* now we have the file, get the exec header */ 279 uvn_attach(vp, VM_PROT_READ); 280 error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0, 281 UIO_SYSSPACE, 0, p->p_ucred, &resid, NULL); 282 if (error) 283 goto bad2; 284 epp->ep_hdrvalid = epp->ep_hdrlen - resid; 285 286 /* 287 * Set up default address space limits. Can be overridden 288 * by individual exec packages. 289 * 290 * XXX probably should be all done in the exec pakages. 291 */ 292 epp->ep_vm_minaddr = VM_MIN_ADDRESS; 293 epp->ep_vm_maxaddr = VM_MAXUSER_ADDRESS; 294 /* 295 * set up the vmcmds for creation of the process 296 * address space 297 */ 298 error = ENOEXEC; 299 for (i = 0; i < nexecs && error != 0; i++) { 300 int newerror; 301 302 epp->ep_esch = execsw[i]; 303 newerror = (*execsw[i]->es_makecmds)(p, epp); 304 /* make sure the first "interesting" error code is saved. */ 305 if (!newerror || error == ENOEXEC) 306 error = newerror; 307 308 /* if es_makecmds call was successful, update epp->ep_es */ 309 if (!newerror && (epp->ep_flags & EXEC_HASES) == 0) 310 epp->ep_es = execsw[i]; 311 312 if (epp->ep_flags & EXEC_DESTR && error != 0) 313 return error; 314 } 315 if (!error) { 316 /* check that entry point is sane */ 317 if (epp->ep_entry > VM_MAXUSER_ADDRESS) 318 error = ENOEXEC; 319 320 /* check limits */ 321 if ((epp->ep_tsize > MAXTSIZ) || 322 (epp->ep_dsize > 323 (u_quad_t)p->p_rlimit[RLIMIT_DATA].rlim_cur)) 324 error = ENOMEM; 325 326 if (!error) 327 return (0); 328 } 329 330 /* 331 * free any vmspace-creation commands, 332 * and release their references 333 */ 334 kill_vmcmds(&epp->ep_vmcmds); 335 336 bad2: 337 /* 338 * close and release the vnode, restore the old one, free the 339 * pathname buf, and punt. 340 */ 341 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 342 VOP_CLOSE(vp, FREAD, p->p_ucred, p); 343 vput(vp); 344 PNBUF_PUT(ndp->ni_cnd.cn_pnbuf); 345 return error; 346 347 bad1: 348 /* 349 * free the namei pathname buffer, and put the vnode 350 * (which we don't yet have open). 351 */ 352 vput(vp); /* was still locked */ 353 PNBUF_PUT(ndp->ni_cnd.cn_pnbuf); 354 return error; 355 } 356 357 #ifdef __MACHINE_STACK_GROWS_UP 358 #define STACK_PTHREADSPACE NBPG 359 #else 360 #define STACK_PTHREADSPACE 0 361 #endif 362 363 static int 364 execve_fetch_element(char * const *array, size_t index, char **value) 365 { 366 return copyin(array + index, value, sizeof(*value)); 367 } 368 369 /* 370 * exec system call 371 */ 372 /* ARGSUSED */ 373 int 374 sys_execve(struct lwp *l, void *v, register_t *retval) 375 { 376 struct sys_execve_args /* { 377 syscallarg(const char *) path; 378 syscallarg(char * const *) argp; 379 syscallarg(char * const *) envp; 380 } */ *uap = v; 381 382 return execve1(l, SCARG(uap, path), SCARG(uap, argp), 383 SCARG(uap, envp), execve_fetch_element); 384 } 385 386 int 387 execve1(struct lwp *l, const char *path, char * const *args, 388 char * const *envs, execve_fetch_element_t fetch_element) 389 { 390 int error; 391 u_int i; 392 struct exec_package pack; 393 struct nameidata nid; 394 struct vattr attr; 395 struct proc *p; 396 struct ucred *cred; 397 char *argp; 398 char *dp, *sp; 399 long argc, envc; 400 size_t len; 401 char *stack; 402 struct ps_strings arginfo; 403 struct vmspace *vm; 404 char **tmpfap; 405 int szsigcode; 406 struct exec_vmcmd *base_vcp; 407 int oldlwpflags; 408 #ifdef SYSTRACE 409 int wassugid = ISSET(p->p_flag, P_SUGID); 410 char pathbuf[MAXPATHLEN]; 411 size_t pathbuflen; 412 #endif /* SYSTRACE */ 413 414 /* Disable scheduler activation upcalls. */ 415 oldlwpflags = l->l_flag & (L_SA | L_SA_UPCALL); 416 if (l->l_flag & L_SA) 417 l->l_flag &= ~(L_SA | L_SA_UPCALL); 418 419 p = l->l_proc; 420 /* 421 * Lock the process and set the P_INEXEC flag to indicate that 422 * it should be left alone until we're done here. This is 423 * necessary to avoid race conditions - e.g. in ptrace() - 424 * that might allow a local user to illicitly obtain elevated 425 * privileges. 426 */ 427 p->p_flag |= P_INEXEC; 428 429 cred = p->p_ucred; 430 base_vcp = NULL; 431 /* 432 * Init the namei data to point the file user's program name. 433 * This is done here rather than in check_exec(), so that it's 434 * possible to override this settings if any of makecmd/probe 435 * functions call check_exec() recursively - for example, 436 * see exec_script_makecmds(). 437 */ 438 #ifdef SYSTRACE 439 if (ISSET(p->p_flag, P_SYSTRACE)) 440 systrace_execve0(p); 441 442 error = copyinstr(path, pathbuf, sizeof(pathbuf), 443 &pathbuflen); 444 if (error) 445 goto clrflg; 446 447 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_SYSSPACE, pathbuf, p); 448 #else 449 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE, path, p); 450 #endif /* SYSTRACE */ 451 452 /* 453 * initialize the fields of the exec package. 454 */ 455 #ifdef SYSTRACE 456 pack.ep_name = pathbuf; 457 #else 458 pack.ep_name = path; 459 #endif /* SYSTRACE */ 460 pack.ep_hdr = malloc(exec_maxhdrsz, M_EXEC, M_WAITOK); 461 pack.ep_hdrlen = exec_maxhdrsz; 462 pack.ep_hdrvalid = 0; 463 pack.ep_ndp = &nid; 464 pack.ep_emul_arg = NULL; 465 pack.ep_vmcmds.evs_cnt = 0; 466 pack.ep_vmcmds.evs_used = 0; 467 pack.ep_vap = &attr; 468 pack.ep_flags = 0; 469 470 #ifdef LKM 471 lockmgr(&exec_lock, LK_SHARED, NULL); 472 #endif 473 474 /* see if we can run it. */ 475 #ifdef VERIFIED_EXEC 476 if ((error = check_exec(p, &pack, VERIEXEC_DIRECT)) != 0) 477 #else 478 if ((error = check_exec(p, &pack, 0)) != 0) 479 #endif 480 goto freehdr; 481 482 /* XXX -- THE FOLLOWING SECTION NEEDS MAJOR CLEANUP */ 483 484 /* allocate an argument buffer */ 485 argp = (char *) uvm_km_alloc(exec_map, NCARGS, 0, 486 UVM_KMF_PAGEABLE|UVM_KMF_WAITVA); 487 #ifdef DIAGNOSTIC 488 if (argp == NULL) 489 panic("execve: argp == NULL"); 490 #endif 491 dp = argp; 492 argc = 0; 493 494 /* copy the fake args list, if there's one, freeing it as we go */ 495 if (pack.ep_flags & EXEC_HASARGL) { 496 tmpfap = pack.ep_fa; 497 while (*tmpfap != NULL) { 498 char *cp; 499 500 cp = *tmpfap; 501 while (*cp) 502 *dp++ = *cp++; 503 dp++; 504 505 FREE(*tmpfap, M_EXEC); 506 tmpfap++; argc++; 507 } 508 FREE(pack.ep_fa, M_EXEC); 509 pack.ep_flags &= ~EXEC_HASARGL; 510 } 511 512 /* Now get argv & environment */ 513 if (args == NULL) { 514 error = EINVAL; 515 goto bad; 516 } 517 /* 'i' will index the argp/envp element to be retrieved */ 518 i = 0; 519 if (pack.ep_flags & EXEC_SKIPARG) 520 i++; 521 522 while (1) { 523 len = argp + ARG_MAX - dp; 524 if ((error = (*fetch_element)(args, i, &sp)) != 0) 525 goto bad; 526 if (!sp) 527 break; 528 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 529 if (error == ENAMETOOLONG) 530 error = E2BIG; 531 goto bad; 532 } 533 #ifdef KTRACE 534 if (KTRPOINT(p, KTR_EXEC_ARG)) 535 ktrkmem(p, KTR_EXEC_ARG, dp, len - 1); 536 #endif 537 dp += len; 538 i++; 539 argc++; 540 } 541 542 envc = 0; 543 /* environment need not be there */ 544 if (envs != NULL) { 545 i = 0; 546 while (1) { 547 len = argp + ARG_MAX - dp; 548 if ((error = (*fetch_element)(envs, i, &sp)) != 0) 549 goto bad; 550 if (!sp) 551 break; 552 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 553 if (error == ENAMETOOLONG) 554 error = E2BIG; 555 goto bad; 556 } 557 #ifdef KTRACE 558 if (KTRPOINT(p, KTR_EXEC_ENV)) 559 ktrkmem(p, KTR_EXEC_ENV, dp, len - 1); 560 #endif 561 dp += len; 562 i++; 563 envc++; 564 } 565 } 566 567 dp = (char *) ALIGN(dp); 568 569 szsigcode = pack.ep_es->es_emul->e_esigcode - 570 pack.ep_es->es_emul->e_sigcode; 571 572 /* Now check if args & environ fit into new stack */ 573 if (pack.ep_flags & EXEC_32) 574 len = ((argc + envc + 2 + pack.ep_es->es_arglen) * 575 sizeof(int) + sizeof(int) + dp + STACKGAPLEN + 576 szsigcode + sizeof(struct ps_strings) + STACK_PTHREADSPACE) 577 - argp; 578 else 579 len = ((argc + envc + 2 + pack.ep_es->es_arglen) * 580 sizeof(char *) + sizeof(int) + dp + STACKGAPLEN + 581 szsigcode + sizeof(struct ps_strings) + STACK_PTHREADSPACE) 582 - argp; 583 584 len = ALIGN(len); /* make the stack "safely" aligned */ 585 586 if (len > pack.ep_ssize) { /* in effect, compare to initial limit */ 587 error = ENOMEM; 588 goto bad; 589 } 590 591 /* Get rid of other LWPs/ */ 592 p->p_flag |= P_WEXIT; /* XXX hack. lwp-exit stuff wants to see it. */ 593 exit_lwps(l); 594 p->p_flag &= ~P_WEXIT; 595 KDASSERT(p->p_nlwps == 1); 596 597 /* This is now LWP 1 */ 598 l->l_lid = 1; 599 p->p_nlwpid = 1; 600 601 /* Release any SA state. */ 602 if (p->p_sa) 603 sa_release(p); 604 605 /* Remove POSIX timers */ 606 timers_free(p, TIMERS_POSIX); 607 608 /* adjust "active stack depth" for process VSZ */ 609 pack.ep_ssize = len; /* maybe should go elsewhere, but... */ 610 611 /* 612 * Do whatever is necessary to prepare the address space 613 * for remapping. Note that this might replace the current 614 * vmspace with another! 615 */ 616 uvmspace_exec(l, pack.ep_vm_minaddr, pack.ep_vm_maxaddr); 617 618 /* record proc's vnode, for use by procfs and others */ 619 if (p->p_textvp) 620 vrele(p->p_textvp); 621 VREF(pack.ep_vp); 622 p->p_textvp = pack.ep_vp; 623 624 /* Now map address space */ 625 vm = p->p_vmspace; 626 vm->vm_taddr = (caddr_t) pack.ep_taddr; 627 vm->vm_tsize = btoc(pack.ep_tsize); 628 vm->vm_daddr = (caddr_t) pack.ep_daddr; 629 vm->vm_dsize = btoc(pack.ep_dsize); 630 vm->vm_ssize = btoc(pack.ep_ssize); 631 vm->vm_maxsaddr = (caddr_t) pack.ep_maxsaddr; 632 vm->vm_minsaddr = (caddr_t) pack.ep_minsaddr; 633 634 /* create the new process's VM space by running the vmcmds */ 635 #ifdef DIAGNOSTIC 636 if (pack.ep_vmcmds.evs_used == 0) 637 panic("execve: no vmcmds"); 638 #endif 639 for (i = 0; i < pack.ep_vmcmds.evs_used && !error; i++) { 640 struct exec_vmcmd *vcp; 641 642 vcp = &pack.ep_vmcmds.evs_cmds[i]; 643 if (vcp->ev_flags & VMCMD_RELATIVE) { 644 #ifdef DIAGNOSTIC 645 if (base_vcp == NULL) 646 panic("execve: relative vmcmd with no base"); 647 if (vcp->ev_flags & VMCMD_BASE) 648 panic("execve: illegal base & relative vmcmd"); 649 #endif 650 vcp->ev_addr += base_vcp->ev_addr; 651 } 652 error = (*vcp->ev_proc)(p, vcp); 653 #ifdef DEBUG_EXEC 654 if (error) { 655 int j; 656 struct exec_vmcmd *vp = &pack.ep_vmcmds.evs_cmds[0]; 657 for (j = 0; j <= i; j++) 658 uprintf( 659 "vmcmd[%d] = %#lx/%#lx fd@%#lx prot=0%o flags=%d\n", 660 j, vp[j].ev_addr, vp[j].ev_len, 661 vp[j].ev_offset, vp[j].ev_prot, 662 vp[j].ev_flags); 663 } 664 #endif /* DEBUG_EXEC */ 665 if (vcp->ev_flags & VMCMD_BASE) 666 base_vcp = vcp; 667 } 668 669 /* free the vmspace-creation commands, and release their references */ 670 kill_vmcmds(&pack.ep_vmcmds); 671 672 vn_lock(pack.ep_vp, LK_EXCLUSIVE | LK_RETRY); 673 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 674 vput(pack.ep_vp); 675 676 /* if an error happened, deallocate and punt */ 677 if (error) { 678 DPRINTF(("execve: vmcmd %i failed: %d\n", i - 1, error)); 679 goto exec_abort; 680 } 681 682 /* remember information about the process */ 683 arginfo.ps_nargvstr = argc; 684 arginfo.ps_nenvstr = envc; 685 686 stack = (char *)STACK_ALLOC(STACK_GROW(vm->vm_minsaddr, 687 STACK_PTHREADSPACE + sizeof(struct ps_strings) + szsigcode), 688 len - (sizeof(struct ps_strings) + szsigcode)); 689 #ifdef __MACHINE_STACK_GROWS_UP 690 /* 691 * The copyargs call always copies into lower addresses 692 * first, moving towards higher addresses, starting with 693 * the stack pointer that we give. When the stack grows 694 * down, this puts argc/argv/envp very shallow on the 695 * stack, right at the first user stack pointer, and puts 696 * STACKGAPLEN very deep in the stack. When the stack 697 * grows up, the situation is reversed. 698 * 699 * Normally, this is no big deal. But the ld_elf.so _rtld() 700 * function expects to be called with a single pointer to 701 * a region that has a few words it can stash values into, 702 * followed by argc/argv/envp. When the stack grows down, 703 * it's easy to decrement the stack pointer a little bit to 704 * allocate the space for these few words and pass the new 705 * stack pointer to _rtld. When the stack grows up, however, 706 * a few words before argc is part of the signal trampoline, XXX 707 * so we have a problem. 708 * 709 * Instead of changing how _rtld works, we take the easy way 710 * out and steal 32 bytes before we call copyargs. This 711 * space is effectively stolen from STACKGAPLEN. 712 */ 713 stack += 32; 714 #endif /* __MACHINE_STACK_GROWS_UP */ 715 716 /* Now copy argc, args & environ to new stack */ 717 error = (*pack.ep_es->es_copyargs)(p, &pack, &arginfo, &stack, argp); 718 if (error) { 719 DPRINTF(("execve: copyargs failed %d\n", error)); 720 goto exec_abort; 721 } 722 /* Move the stack back to original point */ 723 stack = (char *)STACK_GROW(vm->vm_minsaddr, len); 724 725 /* fill process ps_strings info */ 726 p->p_psstr = (struct ps_strings *) 727 STACK_ALLOC(STACK_GROW(vm->vm_minsaddr, STACK_PTHREADSPACE), 728 sizeof(struct ps_strings)); 729 p->p_psargv = offsetof(struct ps_strings, ps_argvstr); 730 p->p_psnargv = offsetof(struct ps_strings, ps_nargvstr); 731 p->p_psenv = offsetof(struct ps_strings, ps_envstr); 732 p->p_psnenv = offsetof(struct ps_strings, ps_nenvstr); 733 734 /* copy out the process's ps_strings structure */ 735 if ((error = copyout(&arginfo, (char *)p->p_psstr, 736 sizeof(arginfo))) != 0) { 737 DPRINTF(("execve: ps_strings copyout %p->%p size %ld failed\n", 738 &arginfo, (char *)p->p_psstr, (long)sizeof(arginfo))); 739 goto exec_abort; 740 } 741 742 stopprofclock(p); /* stop profiling */ 743 fdcloseexec(p); /* handle close on exec */ 744 execsigs(p); /* reset catched signals */ 745 746 l->l_ctxlink = NULL; /* reset ucontext link */ 747 748 /* set command name & other accounting info */ 749 len = min(nid.ni_cnd.cn_namelen, MAXCOMLEN); 750 memcpy(p->p_comm, nid.ni_cnd.cn_nameptr, len); 751 p->p_comm[len] = 0; 752 p->p_acflag &= ~AFORK; 753 754 p->p_flag |= P_EXEC; 755 if (p->p_flag & P_PPWAIT) { 756 p->p_flag &= ~P_PPWAIT; 757 wakeup((caddr_t) p->p_pptr); 758 } 759 760 /* 761 * deal with set[ug]id. 762 * MNT_NOSUID has already been used to disable s[ug]id. 763 */ 764 if ((p->p_flag & P_TRACED) == 0 && 765 766 (((attr.va_mode & S_ISUID) != 0 && 767 p->p_ucred->cr_uid != attr.va_uid) || 768 769 ((attr.va_mode & S_ISGID) != 0 && 770 p->p_ucred->cr_gid != attr.va_gid))) { 771 /* 772 * Mark the process as SUGID before we do 773 * anything that might block. 774 */ 775 p_sugid(p); 776 777 /* Make sure file descriptors 0..2 are in use. */ 778 if ((error = fdcheckstd(p)) != 0) { 779 DPRINTF(("execve: fdcheckstd failed %d\n", error)); 780 goto exec_abort; 781 } 782 783 p->p_ucred = crcopy(cred); 784 #ifdef KTRACE 785 /* 786 * If process is being ktraced, turn off - unless 787 * root set it. 788 */ 789 if (p->p_tracep && !(p->p_traceflag & KTRFAC_ROOT)) 790 ktrderef(p); 791 #endif 792 if (attr.va_mode & S_ISUID) 793 p->p_ucred->cr_uid = attr.va_uid; 794 if (attr.va_mode & S_ISGID) 795 p->p_ucred->cr_gid = attr.va_gid; 796 } else 797 p->p_flag &= ~P_SUGID; 798 p->p_cred->p_svuid = p->p_ucred->cr_uid; 799 p->p_cred->p_svgid = p->p_ucred->cr_gid; 800 801 #if defined(__HAVE_RAS) 802 /* 803 * Remove all RASs from the address space. 804 */ 805 ras_purgeall(p); 806 #endif 807 808 doexechooks(p); 809 810 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 811 812 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 813 814 /* notify others that we exec'd */ 815 KNOTE(&p->p_klist, NOTE_EXEC); 816 817 /* setup new registers and do misc. setup. */ 818 (*pack.ep_es->es_emul->e_setregs)(l, &pack, (u_long) stack); 819 if (pack.ep_es->es_setregs) 820 (*pack.ep_es->es_setregs)(l, &pack, (u_long) stack); 821 822 /* map the process's signal trampoline code */ 823 if (exec_sigcode_map(p, pack.ep_es->es_emul)) { 824 DPRINTF(("execve: map sigcode failed %d\n", error)); 825 goto exec_abort; 826 } 827 828 if (p->p_flag & P_TRACED) 829 psignal(p, SIGTRAP); 830 831 free(pack.ep_hdr, M_EXEC); 832 833 /* 834 * Call emulation specific exec hook. This can setup per-process 835 * p->p_emuldata or do any other per-process stuff an emulation needs. 836 * 837 * If we are executing process of different emulation than the 838 * original forked process, call e_proc_exit() of the old emulation 839 * first, then e_proc_exec() of new emulation. If the emulation is 840 * same, the exec hook code should deallocate any old emulation 841 * resources held previously by this process. 842 */ 843 if (p->p_emul && p->p_emul->e_proc_exit 844 && p->p_emul != pack.ep_es->es_emul) 845 (*p->p_emul->e_proc_exit)(p); 846 847 /* 848 * Call exec hook. Emulation code may NOT store reference to anything 849 * from &pack. 850 */ 851 if (pack.ep_es->es_emul->e_proc_exec) 852 (*pack.ep_es->es_emul->e_proc_exec)(p, &pack); 853 854 /* update p_emul, the old value is no longer needed */ 855 p->p_emul = pack.ep_es->es_emul; 856 857 /* ...and the same for p_execsw */ 858 p->p_execsw = pack.ep_es; 859 860 #ifdef __HAVE_SYSCALL_INTERN 861 (*p->p_emul->e_syscall_intern)(p); 862 #endif 863 #ifdef KTRACE 864 if (KTRPOINT(p, KTR_EMUL)) 865 ktremul(p); 866 #endif 867 868 #ifdef LKM 869 lockmgr(&exec_lock, LK_RELEASE, NULL); 870 #endif 871 p->p_flag &= ~P_INEXEC; 872 873 if (p->p_flag & P_STOPEXEC) { 874 int s; 875 876 sigminusset(&contsigmask, &p->p_sigctx.ps_siglist); 877 SCHED_LOCK(s); 878 p->p_pptr->p_nstopchild++; 879 p->p_stat = SSTOP; 880 l->l_stat = LSSTOP; 881 p->p_nrlwps--; 882 mi_switch(l, NULL); 883 SCHED_ASSERT_UNLOCKED(); 884 splx(s); 885 } 886 887 #ifdef SYSTRACE 888 if (ISSET(p->p_flag, P_SYSTRACE) && 889 wassugid && !ISSET(p->p_flag, P_SUGID)) 890 systrace_execve1(pathbuf, p); 891 #endif /* SYSTRACE */ 892 893 return (EJUSTRETURN); 894 895 bad: 896 p->p_flag &= ~P_INEXEC; 897 /* free the vmspace-creation commands, and release their references */ 898 kill_vmcmds(&pack.ep_vmcmds); 899 /* kill any opened file descriptor, if necessary */ 900 if (pack.ep_flags & EXEC_HASFD) { 901 pack.ep_flags &= ~EXEC_HASFD; 902 (void) fdrelease(p, pack.ep_fd); 903 } 904 /* close and put the exec'd file */ 905 vn_lock(pack.ep_vp, LK_EXCLUSIVE | LK_RETRY); 906 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 907 vput(pack.ep_vp); 908 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 909 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 910 911 freehdr: 912 free(pack.ep_hdr, M_EXEC); 913 914 #ifdef SYSTRACE 915 clrflg: 916 #endif /* SYSTRACE */ 917 l->l_flag |= oldlwpflags; 918 p->p_flag &= ~P_INEXEC; 919 #ifdef LKM 920 lockmgr(&exec_lock, LK_RELEASE, NULL); 921 #endif 922 923 return error; 924 925 exec_abort: 926 p->p_flag &= ~P_INEXEC; 927 #ifdef LKM 928 lockmgr(&exec_lock, LK_RELEASE, NULL); 929 #endif 930 931 /* 932 * the old process doesn't exist anymore. exit gracefully. 933 * get rid of the (new) address space we have created, if any, get rid 934 * of our namei data and vnode, and exit noting failure 935 */ 936 uvm_deallocate(&vm->vm_map, VM_MIN_ADDRESS, 937 VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS); 938 if (pack.ep_emul_arg) 939 FREE(pack.ep_emul_arg, M_TEMP); 940 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 941 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 942 free(pack.ep_hdr, M_EXEC); 943 exit1(l, W_EXITCODE(error, SIGABRT)); 944 945 /* NOTREACHED */ 946 return 0; 947 } 948 949 950 int 951 copyargs(struct proc *p, struct exec_package *pack, struct ps_strings *arginfo, 952 char **stackp, void *argp) 953 { 954 char **cpp, *dp, *sp; 955 size_t len; 956 void *nullp; 957 long argc, envc; 958 int error; 959 960 cpp = (char **)*stackp; 961 nullp = NULL; 962 argc = arginfo->ps_nargvstr; 963 envc = arginfo->ps_nenvstr; 964 if ((error = copyout(&argc, cpp++, sizeof(argc))) != 0) 965 return error; 966 967 dp = (char *) (cpp + argc + envc + 2 + pack->ep_es->es_arglen); 968 sp = argp; 969 970 /* XXX don't copy them out, remap them! */ 971 arginfo->ps_argvstr = cpp; /* remember location of argv for later */ 972 973 for (; --argc >= 0; sp += len, dp += len) 974 if ((error = copyout(&dp, cpp++, sizeof(dp))) != 0 || 975 (error = copyoutstr(sp, dp, ARG_MAX, &len)) != 0) 976 return error; 977 978 if ((error = copyout(&nullp, cpp++, sizeof(nullp))) != 0) 979 return error; 980 981 arginfo->ps_envstr = cpp; /* remember location of envp for later */ 982 983 for (; --envc >= 0; sp += len, dp += len) 984 if ((error = copyout(&dp, cpp++, sizeof(dp))) != 0 || 985 (error = copyoutstr(sp, dp, ARG_MAX, &len)) != 0) 986 return error; 987 988 if ((error = copyout(&nullp, cpp++, sizeof(nullp))) != 0) 989 return error; 990 991 *stackp = (char *)cpp; 992 return 0; 993 } 994 995 #ifdef LKM 996 /* 997 * Find an emulation of given name in list of emulations. 998 * Needs to be called with the exec_lock held. 999 */ 1000 const struct emul * 1001 emul_search(const char *name) 1002 { 1003 struct emul_entry *it; 1004 1005 LIST_FOREACH(it, &el_head, el_list) { 1006 if (strcmp(name, it->el_emul->e_name) == 0) 1007 return it->el_emul; 1008 } 1009 1010 return NULL; 1011 } 1012 1013 /* 1014 * Add an emulation to list, if it's not there already. 1015 */ 1016 int 1017 emul_register(const struct emul *emul, int ro_entry) 1018 { 1019 struct emul_entry *ee; 1020 int error; 1021 1022 error = 0; 1023 lockmgr(&exec_lock, LK_SHARED, NULL); 1024 1025 if (emul_search(emul->e_name)) { 1026 error = EEXIST; 1027 goto out; 1028 } 1029 1030 MALLOC(ee, struct emul_entry *, sizeof(struct emul_entry), 1031 M_EXEC, M_WAITOK); 1032 ee->el_emul = emul; 1033 ee->ro_entry = ro_entry; 1034 LIST_INSERT_HEAD(&el_head, ee, el_list); 1035 1036 out: 1037 lockmgr(&exec_lock, LK_RELEASE, NULL); 1038 return error; 1039 } 1040 1041 /* 1042 * Remove emulation with name 'name' from list of supported emulations. 1043 */ 1044 int 1045 emul_unregister(const char *name) 1046 { 1047 const struct proclist_desc *pd; 1048 struct emul_entry *it; 1049 int i, error; 1050 struct proc *ptmp; 1051 1052 error = 0; 1053 lockmgr(&exec_lock, LK_SHARED, NULL); 1054 1055 LIST_FOREACH(it, &el_head, el_list) { 1056 if (strcmp(it->el_emul->e_name, name) == 0) 1057 break; 1058 } 1059 1060 if (!it) { 1061 error = ENOENT; 1062 goto out; 1063 } 1064 1065 if (it->ro_entry) { 1066 error = EBUSY; 1067 goto out; 1068 } 1069 1070 /* test if any execw[] entry is still using this */ 1071 for(i=0; i < nexecs; i++) { 1072 if (execsw[i]->es_emul == it->el_emul) { 1073 error = EBUSY; 1074 goto out; 1075 } 1076 } 1077 1078 /* 1079 * Test if any process is running under this emulation - since 1080 * emul_unregister() is running quite sendomly, it's better 1081 * to do expensive check here than to use any locking. 1082 */ 1083 proclist_lock_read(); 1084 for (pd = proclists; pd->pd_list != NULL && !error; pd++) { 1085 PROCLIST_FOREACH(ptmp, pd->pd_list) { 1086 if (ptmp->p_emul == it->el_emul) { 1087 error = EBUSY; 1088 break; 1089 } 1090 } 1091 } 1092 proclist_unlock_read(); 1093 1094 if (error) 1095 goto out; 1096 1097 1098 /* entry is not used, remove it */ 1099 LIST_REMOVE(it, el_list); 1100 FREE(it, M_EXEC); 1101 1102 out: 1103 lockmgr(&exec_lock, LK_RELEASE, NULL); 1104 return error; 1105 } 1106 1107 /* 1108 * Add execsw[] entry. 1109 */ 1110 int 1111 exec_add(struct execsw *esp, const char *e_name) 1112 { 1113 struct exec_entry *it; 1114 int error; 1115 1116 error = 0; 1117 lockmgr(&exec_lock, LK_EXCLUSIVE, NULL); 1118 1119 if (!esp->es_emul) { 1120 esp->es_emul = emul_search(e_name); 1121 if (!esp->es_emul) { 1122 error = ENOENT; 1123 goto out; 1124 } 1125 } 1126 1127 LIST_FOREACH(it, &ex_head, ex_list) { 1128 /* assume tuple (makecmds, probe_func, emulation) is unique */ 1129 if (it->es->es_makecmds == esp->es_makecmds 1130 && it->es->u.elf_probe_func == esp->u.elf_probe_func 1131 && it->es->es_emul == esp->es_emul) { 1132 error = EEXIST; 1133 goto out; 1134 } 1135 } 1136 1137 /* if we got here, the entry doesn't exist yet */ 1138 MALLOC(it, struct exec_entry *, sizeof(struct exec_entry), 1139 M_EXEC, M_WAITOK); 1140 it->es = esp; 1141 LIST_INSERT_HEAD(&ex_head, it, ex_list); 1142 1143 /* update execsw[] */ 1144 exec_init(0); 1145 1146 out: 1147 lockmgr(&exec_lock, LK_RELEASE, NULL); 1148 return error; 1149 } 1150 1151 /* 1152 * Remove execsw[] entry. 1153 */ 1154 int 1155 exec_remove(const struct execsw *esp) 1156 { 1157 struct exec_entry *it; 1158 int error; 1159 1160 error = 0; 1161 lockmgr(&exec_lock, LK_EXCLUSIVE, NULL); 1162 1163 LIST_FOREACH(it, &ex_head, ex_list) { 1164 /* assume tuple (makecmds, probe_func, emulation) is unique */ 1165 if (it->es->es_makecmds == esp->es_makecmds 1166 && it->es->u.elf_probe_func == esp->u.elf_probe_func 1167 && it->es->es_emul == esp->es_emul) 1168 break; 1169 } 1170 if (!it) { 1171 error = ENOENT; 1172 goto out; 1173 } 1174 1175 /* remove item from list and free resources */ 1176 LIST_REMOVE(it, ex_list); 1177 FREE(it, M_EXEC); 1178 1179 /* update execsw[] */ 1180 exec_init(0); 1181 1182 out: 1183 lockmgr(&exec_lock, LK_RELEASE, NULL); 1184 return error; 1185 } 1186 1187 static void 1188 link_es(struct execsw_entry **listp, const struct execsw *esp) 1189 { 1190 struct execsw_entry *et, *e1; 1191 1192 MALLOC(et, struct execsw_entry *, sizeof(struct execsw_entry), 1193 M_TEMP, M_WAITOK); 1194 et->next = NULL; 1195 et->es = esp; 1196 if (*listp == NULL) { 1197 *listp = et; 1198 return; 1199 } 1200 1201 switch(et->es->es_prio) { 1202 case EXECSW_PRIO_FIRST: 1203 /* put new entry as the first */ 1204 et->next = *listp; 1205 *listp = et; 1206 break; 1207 case EXECSW_PRIO_ANY: 1208 /* put new entry after all *_FIRST and *_ANY entries */ 1209 for(e1 = *listp; e1->next 1210 && e1->next->es->es_prio != EXECSW_PRIO_LAST; 1211 e1 = e1->next); 1212 et->next = e1->next; 1213 e1->next = et; 1214 break; 1215 case EXECSW_PRIO_LAST: 1216 /* put new entry as the last one */ 1217 for(e1 = *listp; e1->next; e1 = e1->next); 1218 e1->next = et; 1219 break; 1220 default: 1221 #ifdef DIAGNOSTIC 1222 panic("execw[] entry with unknown priority %d found", 1223 et->es->es_prio); 1224 #endif 1225 break; 1226 } 1227 } 1228 1229 /* 1230 * Initialize exec structures. If init_boot is true, also does necessary 1231 * one-time initialization (it's called from main() that way). 1232 * Once system is multiuser, this should be called with exec_lock held, 1233 * i.e. via exec_{add|remove}(). 1234 */ 1235 int 1236 exec_init(int init_boot) 1237 { 1238 const struct execsw **new_es, * const *old_es; 1239 struct execsw_entry *list, *e1; 1240 struct exec_entry *e2; 1241 int i, es_sz; 1242 1243 if (init_boot) { 1244 /* do one-time initializations */ 1245 lockinit(&exec_lock, PWAIT, "execlck", 0, 0); 1246 1247 /* register compiled-in emulations */ 1248 for(i=0; i < nexecs_builtin; i++) { 1249 if (execsw_builtin[i].es_emul) 1250 emul_register(execsw_builtin[i].es_emul, 1); 1251 } 1252 #ifdef DIAGNOSTIC 1253 if (i == 0) 1254 panic("no emulations found in execsw_builtin[]"); 1255 #endif 1256 } 1257 1258 /* 1259 * Build execsw[] array from builtin entries and entries added 1260 * at runtime. 1261 */ 1262 list = NULL; 1263 for(i=0; i < nexecs_builtin; i++) 1264 link_es(&list, &execsw_builtin[i]); 1265 1266 /* Add dynamically loaded entries */ 1267 es_sz = nexecs_builtin; 1268 LIST_FOREACH(e2, &ex_head, ex_list) { 1269 link_es(&list, e2->es); 1270 es_sz++; 1271 } 1272 1273 /* 1274 * Now that we have sorted all execw entries, create new execsw[] 1275 * and free no longer needed memory in the process. 1276 */ 1277 new_es = malloc(es_sz * sizeof(struct execsw *), M_EXEC, M_WAITOK); 1278 for(i=0; list; i++) { 1279 new_es[i] = list->es; 1280 e1 = list->next; 1281 FREE(list, M_TEMP); 1282 list = e1; 1283 } 1284 1285 /* 1286 * New execsw[] array built, now replace old execsw[] and free 1287 * used memory. 1288 */ 1289 old_es = execsw; 1290 execsw = new_es; 1291 nexecs = es_sz; 1292 if (old_es) 1293 /*XXXUNCONST*/ 1294 free(__UNCONST(old_es), M_EXEC); 1295 1296 /* 1297 * Figure out the maximum size of an exec header. 1298 */ 1299 exec_maxhdrsz = 0; 1300 for (i = 0; i < nexecs; i++) { 1301 if (execsw[i]->es_hdrsz > exec_maxhdrsz) 1302 exec_maxhdrsz = execsw[i]->es_hdrsz; 1303 } 1304 1305 return 0; 1306 } 1307 #endif 1308 1309 #ifndef LKM 1310 /* 1311 * Simplified exec_init() for kernels without LKMs. Only initialize 1312 * exec_maxhdrsz and execsw[]. 1313 */ 1314 int 1315 exec_init(int init_boot) 1316 { 1317 int i; 1318 1319 #ifdef DIAGNOSTIC 1320 if (!init_boot) 1321 panic("exec_init(): called with init_boot == 0"); 1322 #endif 1323 1324 /* do one-time initializations */ 1325 nexecs = nexecs_builtin; 1326 execsw = malloc(nexecs*sizeof(struct execsw *), M_EXEC, M_WAITOK); 1327 1328 /* 1329 * Fill in execsw[] and figure out the maximum size of an exec header. 1330 */ 1331 exec_maxhdrsz = 0; 1332 for(i=0; i < nexecs; i++) { 1333 execsw[i] = &execsw_builtin[i]; 1334 if (execsw_builtin[i].es_hdrsz > exec_maxhdrsz) 1335 exec_maxhdrsz = execsw_builtin[i].es_hdrsz; 1336 } 1337 1338 return 0; 1339 1340 } 1341 #endif /* !LKM */ 1342 1343 static int 1344 exec_sigcode_map(struct proc *p, const struct emul *e) 1345 { 1346 vaddr_t va; 1347 vsize_t sz; 1348 int error; 1349 struct uvm_object *uobj; 1350 1351 sz = (vaddr_t)e->e_esigcode - (vaddr_t)e->e_sigcode; 1352 1353 if (e->e_sigobject == NULL || sz == 0) { 1354 return 0; 1355 } 1356 1357 /* 1358 * If we don't have a sigobject for this emulation, create one. 1359 * 1360 * sigobject is an anonymous memory object (just like SYSV shared 1361 * memory) that we keep a permanent reference to and that we map 1362 * in all processes that need this sigcode. The creation is simple, 1363 * we create an object, add a permanent reference to it, map it in 1364 * kernel space, copy out the sigcode to it and unmap it. 1365 * We map it with PROT_READ|PROT_EXEC into the process just 1366 * the way sys_mmap() would map it. 1367 */ 1368 1369 uobj = *e->e_sigobject; 1370 if (uobj == NULL) { 1371 uobj = uao_create(sz, 0); 1372 (*uobj->pgops->pgo_reference)(uobj); 1373 va = vm_map_min(kernel_map); 1374 if ((error = uvm_map(kernel_map, &va, round_page(sz), 1375 uobj, 0, 0, 1376 UVM_MAPFLAG(UVM_PROT_RW, UVM_PROT_RW, 1377 UVM_INH_SHARE, UVM_ADV_RANDOM, 0)))) { 1378 printf("kernel mapping failed %d\n", error); 1379 (*uobj->pgops->pgo_detach)(uobj); 1380 return (error); 1381 } 1382 memcpy((void *)va, e->e_sigcode, sz); 1383 #ifdef PMAP_NEED_PROCWR 1384 pmap_procwr(&proc0, va, sz); 1385 #endif 1386 uvm_unmap(kernel_map, va, va + round_page(sz)); 1387 *e->e_sigobject = uobj; 1388 } 1389 1390 /* Just a hint to uvm_map where to put it. */ 1391 va = e->e_vm_default_addr(p, (vaddr_t)p->p_vmspace->vm_daddr, 1392 round_page(sz)); 1393 1394 #ifdef __alpha__ 1395 /* 1396 * Tru64 puts /sbin/loader at the end of user virtual memory, 1397 * which causes the above calculation to put the sigcode at 1398 * an invalid address. Put it just below the text instead. 1399 */ 1400 if (va == (vaddr_t)vm_map_max(&p->p_vmspace->vm_map)) { 1401 va = (vaddr_t)p->p_vmspace->vm_taddr - round_page(sz); 1402 } 1403 #endif 1404 1405 (*uobj->pgops->pgo_reference)(uobj); 1406 error = uvm_map(&p->p_vmspace->vm_map, &va, round_page(sz), 1407 uobj, 0, 0, 1408 UVM_MAPFLAG(UVM_PROT_RX, UVM_PROT_RX, UVM_INH_SHARE, 1409 UVM_ADV_RANDOM, 0)); 1410 if (error) { 1411 (*uobj->pgops->pgo_detach)(uobj); 1412 return (error); 1413 } 1414 p->p_sigctx.ps_sigcode = (void *)va; 1415 return (0); 1416 } 1417