1 /* $NetBSD: kern_exec.c,v 1.232 2006/11/22 02:02:51 elad Exp $ */ 2 3 /*- 4 * Copyright (C) 1993, 1994, 1996 Christopher G. Demetriou 5 * Copyright (C) 1992 Wolfgang Solfrank. 6 * Copyright (C) 1992 TooLs GmbH. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by TooLs GmbH. 20 * 4. The name of TooLs GmbH may not be used to endorse or promote products 21 * derived from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 28 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 29 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 30 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 31 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 32 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 __KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.232 2006/11/22 02:02:51 elad Exp $"); 37 38 #include "opt_ktrace.h" 39 #include "opt_syscall_debug.h" 40 #include "opt_compat_netbsd.h" 41 #include "veriexec.h" 42 #include "opt_pax.h" 43 44 #include <sys/param.h> 45 #include <sys/systm.h> 46 #include <sys/filedesc.h> 47 #include <sys/kernel.h> 48 #include <sys/proc.h> 49 #include <sys/mount.h> 50 #include <sys/malloc.h> 51 #include <sys/namei.h> 52 #include <sys/vnode.h> 53 #include <sys/file.h> 54 #include <sys/acct.h> 55 #include <sys/exec.h> 56 #include <sys/ktrace.h> 57 #include <sys/resourcevar.h> 58 #include <sys/wait.h> 59 #include <sys/mman.h> 60 #include <sys/ras.h> 61 #include <sys/signalvar.h> 62 #include <sys/stat.h> 63 #include <sys/syscall.h> 64 #include <sys/kauth.h> 65 66 #include <sys/sa.h> 67 #include <sys/savar.h> 68 #include <sys/syscallargs.h> 69 #if NVERIEXEC > 0 70 #include <sys/verified_exec.h> 71 #endif /* NVERIEXEC > 0 */ 72 73 #ifdef SYSTRACE 74 #include <sys/systrace.h> 75 #endif /* SYSTRACE */ 76 77 #ifdef PAX_SEGVGUARD 78 #include <sys/pax.h> 79 #endif /* PAX_SEGVGUARD */ 80 81 #include <uvm/uvm_extern.h> 82 83 #include <machine/cpu.h> 84 #include <machine/reg.h> 85 86 static int exec_sigcode_map(struct proc *, const struct emul *); 87 88 #ifdef DEBUG_EXEC 89 #define DPRINTF(a) uprintf a 90 #else 91 #define DPRINTF(a) 92 #endif /* DEBUG_EXEC */ 93 94 MALLOC_DEFINE(M_EXEC, "exec", "argument lists & other mem used by exec"); 95 96 /* 97 * Exec function switch: 98 * 99 * Note that each makecmds function is responsible for loading the 100 * exec package with the necessary functions for any exec-type-specific 101 * handling. 102 * 103 * Functions for specific exec types should be defined in their own 104 * header file. 105 */ 106 extern const struct execsw execsw_builtin[]; 107 extern int nexecs_builtin; 108 static const struct execsw **execsw = NULL; 109 static int nexecs; 110 111 u_int exec_maxhdrsz; /* must not be static - netbsd32 needs it */ 112 113 #ifdef LKM 114 /* list of supported emulations */ 115 static 116 LIST_HEAD(emlist_head, emul_entry) el_head = LIST_HEAD_INITIALIZER(el_head); 117 struct emul_entry { 118 LIST_ENTRY(emul_entry) el_list; 119 const struct emul *el_emul; 120 int ro_entry; 121 }; 122 123 /* list of dynamically loaded execsw entries */ 124 static 125 LIST_HEAD(execlist_head, exec_entry) ex_head = LIST_HEAD_INITIALIZER(ex_head); 126 struct exec_entry { 127 LIST_ENTRY(exec_entry) ex_list; 128 const struct execsw *es; 129 }; 130 131 /* structure used for building execw[] */ 132 struct execsw_entry { 133 struct execsw_entry *next; 134 const struct execsw *es; 135 }; 136 #endif /* LKM */ 137 138 #ifdef SYSCALL_DEBUG 139 extern const char * const syscallnames[]; 140 #endif 141 142 #ifdef COMPAT_16 143 extern char sigcode[], esigcode[]; 144 struct uvm_object *emul_netbsd_object; 145 #endif 146 147 #ifndef __HAVE_SYSCALL_INTERN 148 void syscall(void); 149 #endif 150 151 static const struct sa_emul saemul_netbsd = { 152 sizeof(ucontext_t), 153 sizeof(struct sa_t), 154 sizeof(struct sa_t *), 155 NULL, 156 NULL, 157 cpu_upcall, 158 (void (*)(struct lwp *, void *))getucontext, 159 sa_ucsp 160 }; 161 162 /* NetBSD emul struct */ 163 const struct emul emul_netbsd = { 164 "netbsd", 165 NULL, /* emulation path */ 166 #ifndef __HAVE_MINIMAL_EMUL 167 EMUL_HAS_SYS___syscall, 168 NULL, 169 SYS_syscall, 170 SYS_NSYSENT, 171 #endif 172 sysent, 173 #ifdef SYSCALL_DEBUG 174 syscallnames, 175 #else 176 NULL, 177 #endif 178 sendsig, 179 trapsignal, 180 NULL, 181 #ifdef COMPAT_16 182 sigcode, 183 esigcode, 184 &emul_netbsd_object, 185 #else 186 NULL, 187 NULL, 188 NULL, 189 #endif 190 setregs, 191 NULL, 192 NULL, 193 NULL, 194 NULL, 195 NULL, 196 #ifdef __HAVE_SYSCALL_INTERN 197 syscall_intern, 198 #else 199 syscall, 200 #endif 201 NULL, 202 NULL, 203 204 uvm_default_mapaddr, 205 NULL, 206 &saemul_netbsd, 207 }; 208 209 #ifdef LKM 210 /* 211 * Exec lock. Used to control access to execsw[] structures. 212 * This must not be static so that netbsd32 can access it, too. 213 */ 214 struct lock exec_lock; 215 216 static void link_es(struct execsw_entry **, const struct execsw *); 217 #endif /* LKM */ 218 219 /* 220 * check exec: 221 * given an "executable" described in the exec package's namei info, 222 * see what we can do with it. 223 * 224 * ON ENTRY: 225 * exec package with appropriate namei info 226 * lwp pointer of exec'ing lwp 227 * if verified exec enabled then flag indicating a direct exec or 228 * an indirect exec (i.e. for a shell script interpreter) 229 * NO SELF-LOCKED VNODES 230 * 231 * ON EXIT: 232 * error: nothing held, etc. exec header still allocated. 233 * ok: filled exec package, executable's vnode (unlocked). 234 * 235 * EXEC SWITCH ENTRY: 236 * Locked vnode to check, exec package, proc. 237 * 238 * EXEC SWITCH EXIT: 239 * ok: return 0, filled exec package, executable's vnode (unlocked). 240 * error: destructive: 241 * everything deallocated execept exec header. 242 * non-destructive: 243 * error code, executable's vnode (unlocked), 244 * exec header unmodified. 245 */ 246 int 247 /*ARGSUSED*/ 248 check_exec(struct lwp *l, struct exec_package *epp, int flag) 249 { 250 int error, i; 251 struct vnode *vp; 252 struct nameidata *ndp; 253 size_t resid; 254 255 ndp = epp->ep_ndp; 256 ndp->ni_cnd.cn_nameiop = LOOKUP; 257 ndp->ni_cnd.cn_flags = FOLLOW | LOCKLEAF | SAVENAME; 258 /* first get the vnode */ 259 if ((error = namei(ndp)) != 0) 260 return error; 261 epp->ep_vp = vp = ndp->ni_vp; 262 263 /* check access and type */ 264 if (vp->v_type != VREG) { 265 error = EACCES; 266 goto bad1; 267 } 268 if ((error = VOP_ACCESS(vp, VEXEC, l->l_cred, l)) != 0) 269 goto bad1; 270 271 /* get attributes */ 272 if ((error = VOP_GETATTR(vp, epp->ep_vap, l->l_cred, l)) != 0) 273 goto bad1; 274 275 /* Check mount point */ 276 if (vp->v_mount->mnt_flag & MNT_NOEXEC) { 277 error = EACCES; 278 goto bad1; 279 } 280 if (vp->v_mount->mnt_flag & MNT_NOSUID) 281 epp->ep_vap->va_mode &= ~(S_ISUID | S_ISGID); 282 283 /* try to open it */ 284 if ((error = VOP_OPEN(vp, FREAD, l->l_cred, l)) != 0) 285 goto bad1; 286 287 /* unlock vp, since we need it unlocked from here on out. */ 288 VOP_UNLOCK(vp, 0); 289 290 #if NVERIEXEC > 0 291 if ((error = veriexec_verify(l, vp, epp->ep_ndp->ni_dirp, flag, 292 NULL)) != 0) 293 goto bad2; 294 #endif /* NVERIEXEC > 0 */ 295 296 #ifdef PAX_SEGVGUARD 297 if (pax_segvguard(l, vp, epp->ep_ndp->ni_dirp, FALSE)) 298 return (EPERM); 299 #endif /* PAX_SEGVGUARD */ 300 301 /* now we have the file, get the exec header */ 302 uvn_attach(vp, VM_PROT_READ); 303 error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0, 304 UIO_SYSSPACE, 0, l->l_cred, &resid, NULL); 305 if (error) 306 goto bad2; 307 epp->ep_hdrvalid = epp->ep_hdrlen - resid; 308 309 /* 310 * Set up default address space limits. Can be overridden 311 * by individual exec packages. 312 * 313 * XXX probably should be all done in the exec pakages. 314 */ 315 epp->ep_vm_minaddr = VM_MIN_ADDRESS; 316 epp->ep_vm_maxaddr = VM_MAXUSER_ADDRESS; 317 /* 318 * set up the vmcmds for creation of the process 319 * address space 320 */ 321 error = ENOEXEC; 322 for (i = 0; i < nexecs && error != 0; i++) { 323 int newerror; 324 325 epp->ep_esch = execsw[i]; 326 newerror = (*execsw[i]->es_makecmds)(l, epp); 327 /* make sure the first "interesting" error code is saved. */ 328 if (!newerror || error == ENOEXEC) 329 error = newerror; 330 331 /* if es_makecmds call was successful, update epp->ep_es */ 332 if (!newerror && (epp->ep_flags & EXEC_HASES) == 0) 333 epp->ep_es = execsw[i]; 334 335 if (epp->ep_flags & EXEC_DESTR && error != 0) 336 return error; 337 } 338 if (!error) { 339 /* check that entry point is sane */ 340 if (epp->ep_entry > VM_MAXUSER_ADDRESS) 341 error = ENOEXEC; 342 343 /* check limits */ 344 if ((epp->ep_tsize > MAXTSIZ) || 345 (epp->ep_dsize > 346 (u_quad_t)l->l_proc->p_rlimit[RLIMIT_DATA].rlim_cur)) 347 error = ENOMEM; 348 349 if (!error) 350 return (0); 351 } 352 353 /* 354 * free any vmspace-creation commands, 355 * and release their references 356 */ 357 kill_vmcmds(&epp->ep_vmcmds); 358 359 bad2: 360 /* 361 * close and release the vnode, restore the old one, free the 362 * pathname buf, and punt. 363 */ 364 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 365 VOP_CLOSE(vp, FREAD, l->l_cred, l); 366 vput(vp); 367 PNBUF_PUT(ndp->ni_cnd.cn_pnbuf); 368 return error; 369 370 bad1: 371 /* 372 * free the namei pathname buffer, and put the vnode 373 * (which we don't yet have open). 374 */ 375 vput(vp); /* was still locked */ 376 PNBUF_PUT(ndp->ni_cnd.cn_pnbuf); 377 return error; 378 } 379 380 #ifdef __MACHINE_STACK_GROWS_UP 381 #define STACK_PTHREADSPACE NBPG 382 #else 383 #define STACK_PTHREADSPACE 0 384 #endif 385 386 static int 387 execve_fetch_element(char * const *array, size_t index, char **value) 388 { 389 return copyin(array + index, value, sizeof(*value)); 390 } 391 392 /* 393 * exec system call 394 */ 395 /* ARGSUSED */ 396 int 397 sys_execve(struct lwp *l, void *v, register_t *retval) 398 { 399 struct sys_execve_args /* { 400 syscallarg(const char *) path; 401 syscallarg(char * const *) argp; 402 syscallarg(char * const *) envp; 403 } */ *uap = v; 404 405 return execve1(l, SCARG(uap, path), SCARG(uap, argp), 406 SCARG(uap, envp), execve_fetch_element); 407 } 408 409 int 410 execve1(struct lwp *l, const char *path, char * const *args, 411 char * const *envs, execve_fetch_element_t fetch_element) 412 { 413 int error; 414 u_int i; 415 struct exec_package pack; 416 struct nameidata nid; 417 struct vattr attr; 418 struct proc *p; 419 char *argp; 420 char *dp, *sp; 421 long argc, envc; 422 size_t len; 423 char *stack; 424 struct ps_strings arginfo; 425 struct ps_strings *aip = &arginfo; 426 struct vmspace *vm; 427 char **tmpfap; 428 int szsigcode; 429 struct exec_vmcmd *base_vcp; 430 int oldlwpflags; 431 #ifdef SYSTRACE 432 int wassugid = ISSET(p->p_flag, P_SUGID); 433 char pathbuf[MAXPATHLEN]; 434 size_t pathbuflen; 435 #endif /* SYSTRACE */ 436 437 /* Disable scheduler activation upcalls. */ 438 oldlwpflags = l->l_flag & (L_SA | L_SA_UPCALL); 439 if (l->l_flag & L_SA) 440 l->l_flag &= ~(L_SA | L_SA_UPCALL); 441 442 p = l->l_proc; 443 /* 444 * Lock the process and set the P_INEXEC flag to indicate that 445 * it should be left alone until we're done here. This is 446 * necessary to avoid race conditions - e.g. in ptrace() - 447 * that might allow a local user to illicitly obtain elevated 448 * privileges. 449 */ 450 p->p_flag |= P_INEXEC; 451 452 base_vcp = NULL; 453 /* 454 * Init the namei data to point the file user's program name. 455 * This is done here rather than in check_exec(), so that it's 456 * possible to override this settings if any of makecmd/probe 457 * functions call check_exec() recursively - for example, 458 * see exec_script_makecmds(). 459 */ 460 #ifdef SYSTRACE 461 if (ISSET(p->p_flag, P_SYSTRACE)) 462 systrace_execve0(p); 463 464 error = copyinstr(path, pathbuf, sizeof(pathbuf), 465 &pathbuflen); 466 if (error) 467 goto clrflg; 468 469 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_SYSSPACE, pathbuf, l); 470 #else 471 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE, path, l); 472 #endif /* SYSTRACE */ 473 474 /* 475 * initialize the fields of the exec package. 476 */ 477 #ifdef SYSTRACE 478 pack.ep_name = pathbuf; 479 #else 480 pack.ep_name = path; 481 #endif /* SYSTRACE */ 482 pack.ep_hdr = malloc(exec_maxhdrsz, M_EXEC, M_WAITOK); 483 pack.ep_hdrlen = exec_maxhdrsz; 484 pack.ep_hdrvalid = 0; 485 pack.ep_ndp = &nid; 486 pack.ep_emul_arg = NULL; 487 pack.ep_vmcmds.evs_cnt = 0; 488 pack.ep_vmcmds.evs_used = 0; 489 pack.ep_vap = &attr; 490 pack.ep_flags = 0; 491 492 #ifdef LKM 493 lockmgr(&exec_lock, LK_SHARED, NULL); 494 #endif 495 496 /* see if we can run it. */ 497 #if NVERIEXEC > 0 498 if ((error = check_exec(l, &pack, VERIEXEC_DIRECT)) != 0) 499 #else 500 if ((error = check_exec(l, &pack, 0)) != 0) 501 #endif /* NVERIEXEC > 0 */ 502 goto freehdr; 503 504 /* XXX -- THE FOLLOWING SECTION NEEDS MAJOR CLEANUP */ 505 506 /* allocate an argument buffer */ 507 argp = (char *) uvm_km_alloc(exec_map, NCARGS, 0, 508 UVM_KMF_PAGEABLE|UVM_KMF_WAITVA); 509 #ifdef DIAGNOSTIC 510 if (argp == NULL) 511 panic("execve: argp == NULL"); 512 #endif 513 dp = argp; 514 argc = 0; 515 516 /* copy the fake args list, if there's one, freeing it as we go */ 517 if (pack.ep_flags & EXEC_HASARGL) { 518 tmpfap = pack.ep_fa; 519 while (*tmpfap != NULL) { 520 char *cp; 521 522 cp = *tmpfap; 523 while (*cp) 524 *dp++ = *cp++; 525 dp++; 526 527 FREE(*tmpfap, M_EXEC); 528 tmpfap++; argc++; 529 } 530 FREE(pack.ep_fa, M_EXEC); 531 pack.ep_flags &= ~EXEC_HASARGL; 532 } 533 534 /* Now get argv & environment */ 535 if (args == NULL) { 536 error = EINVAL; 537 goto bad; 538 } 539 /* 'i' will index the argp/envp element to be retrieved */ 540 i = 0; 541 if (pack.ep_flags & EXEC_SKIPARG) 542 i++; 543 544 while (1) { 545 len = argp + ARG_MAX - dp; 546 if ((error = (*fetch_element)(args, i, &sp)) != 0) 547 goto bad; 548 if (!sp) 549 break; 550 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 551 if (error == ENAMETOOLONG) 552 error = E2BIG; 553 goto bad; 554 } 555 #ifdef KTRACE 556 if (KTRPOINT(p, KTR_EXEC_ARG)) 557 ktrkmem(l, KTR_EXEC_ARG, dp, len - 1); 558 #endif 559 dp += len; 560 i++; 561 argc++; 562 } 563 564 envc = 0; 565 /* environment need not be there */ 566 if (envs != NULL) { 567 i = 0; 568 while (1) { 569 len = argp + ARG_MAX - dp; 570 if ((error = (*fetch_element)(envs, i, &sp)) != 0) 571 goto bad; 572 if (!sp) 573 break; 574 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 575 if (error == ENAMETOOLONG) 576 error = E2BIG; 577 goto bad; 578 } 579 #ifdef KTRACE 580 if (KTRPOINT(p, KTR_EXEC_ENV)) 581 ktrkmem(l, KTR_EXEC_ENV, dp, len - 1); 582 #endif 583 dp += len; 584 i++; 585 envc++; 586 } 587 } 588 589 dp = (char *) ALIGN(dp); 590 591 szsigcode = pack.ep_es->es_emul->e_esigcode - 592 pack.ep_es->es_emul->e_sigcode; 593 594 /* Now check if args & environ fit into new stack */ 595 if (pack.ep_flags & EXEC_32) 596 len = ((argc + envc + 2 + pack.ep_es->es_arglen) * 597 sizeof(int) + sizeof(int) + dp + STACKGAPLEN + 598 szsigcode + sizeof(struct ps_strings) + STACK_PTHREADSPACE) 599 - argp; 600 else 601 len = ((argc + envc + 2 + pack.ep_es->es_arglen) * 602 sizeof(char *) + sizeof(int) + dp + STACKGAPLEN + 603 szsigcode + sizeof(struct ps_strings) + STACK_PTHREADSPACE) 604 - argp; 605 606 len = ALIGN(len); /* make the stack "safely" aligned */ 607 608 if (len > pack.ep_ssize) { /* in effect, compare to initial limit */ 609 error = ENOMEM; 610 goto bad; 611 } 612 613 /* Get rid of other LWPs/ */ 614 p->p_flag |= P_WEXIT; /* XXX hack. lwp-exit stuff wants to see it. */ 615 exit_lwps(l); 616 p->p_flag &= ~P_WEXIT; 617 KDASSERT(p->p_nlwps == 1); 618 619 /* This is now LWP 1 */ 620 l->l_lid = 1; 621 p->p_nlwpid = 1; 622 623 /* Release any SA state. */ 624 if (p->p_sa) 625 sa_release(p); 626 627 /* Remove POSIX timers */ 628 timers_free(p, TIMERS_POSIX); 629 630 /* adjust "active stack depth" for process VSZ */ 631 pack.ep_ssize = len; /* maybe should go elsewhere, but... */ 632 633 /* 634 * Do whatever is necessary to prepare the address space 635 * for remapping. Note that this might replace the current 636 * vmspace with another! 637 */ 638 uvmspace_exec(l, pack.ep_vm_minaddr, pack.ep_vm_maxaddr); 639 640 /* record proc's vnode, for use by procfs and others */ 641 if (p->p_textvp) 642 vrele(p->p_textvp); 643 VREF(pack.ep_vp); 644 p->p_textvp = pack.ep_vp; 645 646 /* Now map address space */ 647 vm = p->p_vmspace; 648 vm->vm_taddr = (caddr_t) pack.ep_taddr; 649 vm->vm_tsize = btoc(pack.ep_tsize); 650 vm->vm_daddr = (caddr_t) pack.ep_daddr; 651 vm->vm_dsize = btoc(pack.ep_dsize); 652 vm->vm_ssize = btoc(pack.ep_ssize); 653 vm->vm_maxsaddr = (caddr_t) pack.ep_maxsaddr; 654 vm->vm_minsaddr = (caddr_t) pack.ep_minsaddr; 655 656 /* create the new process's VM space by running the vmcmds */ 657 #ifdef DIAGNOSTIC 658 if (pack.ep_vmcmds.evs_used == 0) 659 panic("execve: no vmcmds"); 660 #endif 661 for (i = 0; i < pack.ep_vmcmds.evs_used && !error; i++) { 662 struct exec_vmcmd *vcp; 663 664 vcp = &pack.ep_vmcmds.evs_cmds[i]; 665 if (vcp->ev_flags & VMCMD_RELATIVE) { 666 #ifdef DIAGNOSTIC 667 if (base_vcp == NULL) 668 panic("execve: relative vmcmd with no base"); 669 if (vcp->ev_flags & VMCMD_BASE) 670 panic("execve: illegal base & relative vmcmd"); 671 #endif 672 vcp->ev_addr += base_vcp->ev_addr; 673 } 674 error = (*vcp->ev_proc)(l, vcp); 675 #ifdef DEBUG_EXEC 676 if (error) { 677 int j; 678 struct exec_vmcmd *vp = &pack.ep_vmcmds.evs_cmds[0]; 679 for (j = 0; j <= i; j++) 680 uprintf( 681 "vmcmd[%d] = %#lx/%#lx fd@%#lx prot=0%o flags=%d\n", 682 j, vp[j].ev_addr, vp[j].ev_len, 683 vp[j].ev_offset, vp[j].ev_prot, 684 vp[j].ev_flags); 685 } 686 #endif /* DEBUG_EXEC */ 687 if (vcp->ev_flags & VMCMD_BASE) 688 base_vcp = vcp; 689 } 690 691 /* free the vmspace-creation commands, and release their references */ 692 kill_vmcmds(&pack.ep_vmcmds); 693 694 vn_lock(pack.ep_vp, LK_EXCLUSIVE | LK_RETRY); 695 VOP_CLOSE(pack.ep_vp, FREAD, l->l_cred, l); 696 vput(pack.ep_vp); 697 698 /* if an error happened, deallocate and punt */ 699 if (error) { 700 DPRINTF(("execve: vmcmd %i failed: %d\n", i - 1, error)); 701 goto exec_abort; 702 } 703 704 /* remember information about the process */ 705 arginfo.ps_nargvstr = argc; 706 arginfo.ps_nenvstr = envc; 707 708 stack = (char *)STACK_ALLOC(STACK_GROW(vm->vm_minsaddr, 709 STACK_PTHREADSPACE + sizeof(struct ps_strings) + szsigcode), 710 len - (sizeof(struct ps_strings) + szsigcode)); 711 #ifdef __MACHINE_STACK_GROWS_UP 712 /* 713 * The copyargs call always copies into lower addresses 714 * first, moving towards higher addresses, starting with 715 * the stack pointer that we give. When the stack grows 716 * down, this puts argc/argv/envp very shallow on the 717 * stack, right at the first user stack pointer, and puts 718 * STACKGAPLEN very deep in the stack. When the stack 719 * grows up, the situation is reversed. 720 * 721 * Normally, this is no big deal. But the ld_elf.so _rtld() 722 * function expects to be called with a single pointer to 723 * a region that has a few words it can stash values into, 724 * followed by argc/argv/envp. When the stack grows down, 725 * it's easy to decrement the stack pointer a little bit to 726 * allocate the space for these few words and pass the new 727 * stack pointer to _rtld. When the stack grows up, however, 728 * a few words before argc is part of the signal trampoline, XXX 729 * so we have a problem. 730 * 731 * Instead of changing how _rtld works, we take the easy way 732 * out and steal 32 bytes before we call copyargs. This 733 * space is effectively stolen from STACKGAPLEN. 734 */ 735 stack += 32; 736 #endif /* __MACHINE_STACK_GROWS_UP */ 737 738 /* Now copy argc, args & environ to new stack */ 739 error = (*pack.ep_es->es_copyargs)(l, &pack, &arginfo, &stack, argp); 740 if (error) { 741 DPRINTF(("execve: copyargs failed %d\n", error)); 742 goto exec_abort; 743 } 744 /* Move the stack back to original point */ 745 stack = (char *)STACK_GROW(vm->vm_minsaddr, len); 746 747 /* fill process ps_strings info */ 748 p->p_psstr = (struct ps_strings *) 749 STACK_ALLOC(STACK_GROW(vm->vm_minsaddr, STACK_PTHREADSPACE), 750 sizeof(struct ps_strings)); 751 p->p_psargv = offsetof(struct ps_strings, ps_argvstr); 752 p->p_psnargv = offsetof(struct ps_strings, ps_nargvstr); 753 p->p_psenv = offsetof(struct ps_strings, ps_envstr); 754 p->p_psnenv = offsetof(struct ps_strings, ps_nenvstr); 755 756 /* copy out the process's ps_strings structure */ 757 if ((error = copyout(aip, (char *)p->p_psstr, 758 sizeof(arginfo))) != 0) { 759 DPRINTF(("execve: ps_strings copyout %p->%p size %ld failed\n", 760 aip, (char *)p->p_psstr, (long)sizeof(arginfo))); 761 goto exec_abort; 762 } 763 764 stopprofclock(p); /* stop profiling */ 765 fdcloseexec(l); /* handle close on exec */ 766 execsigs(p); /* reset catched signals */ 767 768 l->l_ctxlink = NULL; /* reset ucontext link */ 769 770 /* set command name & other accounting info */ 771 len = min(nid.ni_cnd.cn_namelen, MAXCOMLEN); 772 memcpy(p->p_comm, nid.ni_cnd.cn_nameptr, len); 773 p->p_comm[len] = 0; 774 p->p_acflag &= ~AFORK; 775 776 p->p_flag |= P_EXEC; 777 if (p->p_flag & P_PPWAIT) { 778 p->p_flag &= ~P_PPWAIT; 779 wakeup((caddr_t) p->p_pptr); 780 } 781 782 /* 783 * deal with set[ug]id. 784 * MNT_NOSUID has already been used to disable s[ug]id. 785 */ 786 if ((p->p_flag & P_TRACED) == 0 && 787 788 (((attr.va_mode & S_ISUID) != 0 && 789 kauth_cred_geteuid(l->l_cred) != attr.va_uid) || 790 791 ((attr.va_mode & S_ISGID) != 0 && 792 kauth_cred_getegid(l->l_cred) != attr.va_gid))) { 793 /* 794 * Mark the process as SUGID before we do 795 * anything that might block. 796 */ 797 p_sugid(p); 798 799 /* Make sure file descriptors 0..2 are in use. */ 800 if ((error = fdcheckstd(l)) != 0) { 801 DPRINTF(("execve: fdcheckstd failed %d\n", error)); 802 goto exec_abort; 803 } 804 805 /* 806 * Copy the credential so other references don't see our 807 * changes. 808 */ 809 l->l_cred = kauth_cred_copy(l->l_cred); 810 #ifdef KTRACE 811 /* 812 * If process is being ktraced, turn off - unless 813 * root set it. 814 */ 815 if (p->p_tracep && !(p->p_traceflag & KTRFAC_ROOT)) 816 ktrderef(p); 817 #endif 818 if (attr.va_mode & S_ISUID) 819 kauth_cred_seteuid(l->l_cred, attr.va_uid); 820 if (attr.va_mode & S_ISGID) 821 kauth_cred_setegid(l->l_cred, attr.va_gid); 822 } else { 823 if (kauth_cred_geteuid(l->l_cred) == 824 kauth_cred_getuid(l->l_cred) && 825 kauth_cred_getegid(l->l_cred) == 826 kauth_cred_getgid(l->l_cred)) 827 p->p_flag &= ~P_SUGID; 828 } 829 830 /* 831 * Copy the credential so other references don't see our changes. 832 * Test to see if this is necessary first, since in the common case 833 * we won't need a private reference. 834 */ 835 if (kauth_cred_geteuid(l->l_cred) != kauth_cred_getsvuid(l->l_cred) || 836 kauth_cred_getegid(l->l_cred) != kauth_cred_getsvgid(l->l_cred)) { 837 l->l_cred = kauth_cred_copy(l->l_cred); 838 kauth_cred_setsvuid(l->l_cred, kauth_cred_geteuid(l->l_cred)); 839 kauth_cred_setsvgid(l->l_cred, kauth_cred_getegid(l->l_cred)); 840 } 841 842 /* Update the master credentials. */ 843 if (l->l_cred != p->p_cred) { 844 kauth_cred_t ocred; 845 846 kauth_cred_hold(l->l_cred); 847 simple_lock(&p->p_lock); 848 ocred = p->p_cred; 849 p->p_cred = l->l_cred; 850 simple_unlock(&p->p_lock); 851 kauth_cred_free(ocred); 852 } 853 854 #if defined(__HAVE_RAS) 855 /* 856 * Remove all RASs from the address space. 857 */ 858 ras_purgeall(p); 859 #endif 860 861 doexechooks(p); 862 863 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 864 865 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 866 867 /* notify others that we exec'd */ 868 KNOTE(&p->p_klist, NOTE_EXEC); 869 870 /* setup new registers and do misc. setup. */ 871 (*pack.ep_es->es_emul->e_setregs)(l, &pack, (u_long) stack); 872 if (pack.ep_es->es_setregs) 873 (*pack.ep_es->es_setregs)(l, &pack, (u_long) stack); 874 875 /* map the process's signal trampoline code */ 876 if (exec_sigcode_map(p, pack.ep_es->es_emul)) { 877 DPRINTF(("execve: map sigcode failed %d\n", error)); 878 goto exec_abort; 879 } 880 881 if ((p->p_flag & (P_TRACED|P_SYSCALL)) == P_TRACED) 882 psignal(p, SIGTRAP); 883 884 free(pack.ep_hdr, M_EXEC); 885 886 /* 887 * Call emulation specific exec hook. This can setup per-process 888 * p->p_emuldata or do any other per-process stuff an emulation needs. 889 * 890 * If we are executing process of different emulation than the 891 * original forked process, call e_proc_exit() of the old emulation 892 * first, then e_proc_exec() of new emulation. If the emulation is 893 * same, the exec hook code should deallocate any old emulation 894 * resources held previously by this process. 895 */ 896 if (p->p_emul && p->p_emul->e_proc_exit 897 && p->p_emul != pack.ep_es->es_emul) 898 (*p->p_emul->e_proc_exit)(p); 899 900 /* 901 * Call exec hook. Emulation code may NOT store reference to anything 902 * from &pack. 903 */ 904 if (pack.ep_es->es_emul->e_proc_exec) 905 (*pack.ep_es->es_emul->e_proc_exec)(p, &pack); 906 907 /* update p_emul, the old value is no longer needed */ 908 p->p_emul = pack.ep_es->es_emul; 909 910 /* ...and the same for p_execsw */ 911 p->p_execsw = pack.ep_es; 912 913 #ifdef __HAVE_SYSCALL_INTERN 914 (*p->p_emul->e_syscall_intern)(p); 915 #endif 916 #ifdef KTRACE 917 if (KTRPOINT(p, KTR_EMUL)) 918 ktremul(l); 919 #endif 920 921 #ifdef LKM 922 lockmgr(&exec_lock, LK_RELEASE, NULL); 923 #endif 924 p->p_flag &= ~P_INEXEC; 925 926 if (p->p_flag & P_STOPEXEC) { 927 int s; 928 929 sigminusset(&contsigmask, &p->p_sigctx.ps_siglist); 930 SCHED_LOCK(s); 931 p->p_pptr->p_nstopchild++; 932 p->p_stat = SSTOP; 933 l->l_stat = LSSTOP; 934 p->p_nrlwps--; 935 mi_switch(l, NULL); 936 SCHED_ASSERT_UNLOCKED(); 937 splx(s); 938 } 939 940 #ifdef SYSTRACE 941 if (ISSET(p->p_flag, P_SYSTRACE) && 942 wassugid && !ISSET(p->p_flag, P_SUGID)) 943 systrace_execve1(pathbuf, p); 944 #endif /* SYSTRACE */ 945 946 return (EJUSTRETURN); 947 948 bad: 949 p->p_flag &= ~P_INEXEC; 950 /* free the vmspace-creation commands, and release their references */ 951 kill_vmcmds(&pack.ep_vmcmds); 952 /* kill any opened file descriptor, if necessary */ 953 if (pack.ep_flags & EXEC_HASFD) { 954 pack.ep_flags &= ~EXEC_HASFD; 955 (void) fdrelease(l, pack.ep_fd); 956 } 957 /* close and put the exec'd file */ 958 vn_lock(pack.ep_vp, LK_EXCLUSIVE | LK_RETRY); 959 VOP_CLOSE(pack.ep_vp, FREAD, l->l_cred, l); 960 vput(pack.ep_vp); 961 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 962 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 963 964 freehdr: 965 free(pack.ep_hdr, M_EXEC); 966 967 #ifdef SYSTRACE 968 clrflg: 969 #endif /* SYSTRACE */ 970 l->l_flag |= oldlwpflags; 971 p->p_flag &= ~P_INEXEC; 972 #ifdef LKM 973 lockmgr(&exec_lock, LK_RELEASE, NULL); 974 #endif 975 976 return error; 977 978 exec_abort: 979 p->p_flag &= ~P_INEXEC; 980 #ifdef LKM 981 lockmgr(&exec_lock, LK_RELEASE, NULL); 982 #endif 983 984 /* 985 * the old process doesn't exist anymore. exit gracefully. 986 * get rid of the (new) address space we have created, if any, get rid 987 * of our namei data and vnode, and exit noting failure 988 */ 989 uvm_deallocate(&vm->vm_map, VM_MIN_ADDRESS, 990 VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS); 991 if (pack.ep_emul_arg) 992 FREE(pack.ep_emul_arg, M_TEMP); 993 PNBUF_PUT(nid.ni_cnd.cn_pnbuf); 994 uvm_km_free(exec_map, (vaddr_t) argp, NCARGS, UVM_KMF_PAGEABLE); 995 free(pack.ep_hdr, M_EXEC); 996 exit1(l, W_EXITCODE(error, SIGABRT)); 997 998 /* NOTREACHED */ 999 return 0; 1000 } 1001 1002 1003 int 1004 copyargs(struct lwp *l, struct exec_package *pack, struct ps_strings *arginfo, 1005 char **stackp, void *argp) 1006 { 1007 char **cpp, *dp, *sp; 1008 size_t len; 1009 void *nullp; 1010 long argc, envc; 1011 int error; 1012 1013 cpp = (char **)*stackp; 1014 nullp = NULL; 1015 argc = arginfo->ps_nargvstr; 1016 envc = arginfo->ps_nenvstr; 1017 if ((error = copyout(&argc, cpp++, sizeof(argc))) != 0) 1018 return error; 1019 1020 dp = (char *) (cpp + argc + envc + 2 + pack->ep_es->es_arglen); 1021 sp = argp; 1022 1023 /* XXX don't copy them out, remap them! */ 1024 arginfo->ps_argvstr = cpp; /* remember location of argv for later */ 1025 1026 for (; --argc >= 0; sp += len, dp += len) 1027 if ((error = copyout(&dp, cpp++, sizeof(dp))) != 0 || 1028 (error = copyoutstr(sp, dp, ARG_MAX, &len)) != 0) 1029 return error; 1030 1031 if ((error = copyout(&nullp, cpp++, sizeof(nullp))) != 0) 1032 return error; 1033 1034 arginfo->ps_envstr = cpp; /* remember location of envp for later */ 1035 1036 for (; --envc >= 0; sp += len, dp += len) 1037 if ((error = copyout(&dp, cpp++, sizeof(dp))) != 0 || 1038 (error = copyoutstr(sp, dp, ARG_MAX, &len)) != 0) 1039 return error; 1040 1041 if ((error = copyout(&nullp, cpp++, sizeof(nullp))) != 0) 1042 return error; 1043 1044 *stackp = (char *)cpp; 1045 return 0; 1046 } 1047 1048 #ifdef LKM 1049 /* 1050 * Find an emulation of given name in list of emulations. 1051 * Needs to be called with the exec_lock held. 1052 */ 1053 const struct emul * 1054 emul_search(const char *name) 1055 { 1056 struct emul_entry *it; 1057 1058 LIST_FOREACH(it, &el_head, el_list) { 1059 if (strcmp(name, it->el_emul->e_name) == 0) 1060 return it->el_emul; 1061 } 1062 1063 return NULL; 1064 } 1065 1066 /* 1067 * Add an emulation to list, if it's not there already. 1068 */ 1069 int 1070 emul_register(const struct emul *emul, int ro_entry) 1071 { 1072 struct emul_entry *ee; 1073 int error; 1074 1075 error = 0; 1076 lockmgr(&exec_lock, LK_SHARED, NULL); 1077 1078 if (emul_search(emul->e_name)) { 1079 error = EEXIST; 1080 goto out; 1081 } 1082 1083 MALLOC(ee, struct emul_entry *, sizeof(struct emul_entry), 1084 M_EXEC, M_WAITOK); 1085 ee->el_emul = emul; 1086 ee->ro_entry = ro_entry; 1087 LIST_INSERT_HEAD(&el_head, ee, el_list); 1088 1089 out: 1090 lockmgr(&exec_lock, LK_RELEASE, NULL); 1091 return error; 1092 } 1093 1094 /* 1095 * Remove emulation with name 'name' from list of supported emulations. 1096 */ 1097 int 1098 emul_unregister(const char *name) 1099 { 1100 const struct proclist_desc *pd; 1101 struct emul_entry *it; 1102 int i, error; 1103 struct proc *ptmp; 1104 1105 error = 0; 1106 lockmgr(&exec_lock, LK_SHARED, NULL); 1107 1108 LIST_FOREACH(it, &el_head, el_list) { 1109 if (strcmp(it->el_emul->e_name, name) == 0) 1110 break; 1111 } 1112 1113 if (!it) { 1114 error = ENOENT; 1115 goto out; 1116 } 1117 1118 if (it->ro_entry) { 1119 error = EBUSY; 1120 goto out; 1121 } 1122 1123 /* test if any execw[] entry is still using this */ 1124 for(i=0; i < nexecs; i++) { 1125 if (execsw[i]->es_emul == it->el_emul) { 1126 error = EBUSY; 1127 goto out; 1128 } 1129 } 1130 1131 /* 1132 * Test if any process is running under this emulation - since 1133 * emul_unregister() is running quite sendomly, it's better 1134 * to do expensive check here than to use any locking. 1135 */ 1136 proclist_lock_read(); 1137 for (pd = proclists; pd->pd_list != NULL && !error; pd++) { 1138 PROCLIST_FOREACH(ptmp, pd->pd_list) { 1139 if (ptmp->p_emul == it->el_emul) { 1140 error = EBUSY; 1141 break; 1142 } 1143 } 1144 } 1145 proclist_unlock_read(); 1146 1147 if (error) 1148 goto out; 1149 1150 1151 /* entry is not used, remove it */ 1152 LIST_REMOVE(it, el_list); 1153 FREE(it, M_EXEC); 1154 1155 out: 1156 lockmgr(&exec_lock, LK_RELEASE, NULL); 1157 return error; 1158 } 1159 1160 /* 1161 * Add execsw[] entry. 1162 */ 1163 int 1164 exec_add(struct execsw *esp, const char *e_name) 1165 { 1166 struct exec_entry *it; 1167 int error; 1168 1169 error = 0; 1170 lockmgr(&exec_lock, LK_EXCLUSIVE, NULL); 1171 1172 if (!esp->es_emul) { 1173 esp->es_emul = emul_search(e_name); 1174 if (!esp->es_emul) { 1175 error = ENOENT; 1176 goto out; 1177 } 1178 } 1179 1180 LIST_FOREACH(it, &ex_head, ex_list) { 1181 /* assume tuple (makecmds, probe_func, emulation) is unique */ 1182 if (it->es->es_makecmds == esp->es_makecmds 1183 && it->es->u.elf_probe_func == esp->u.elf_probe_func 1184 && it->es->es_emul == esp->es_emul) { 1185 error = EEXIST; 1186 goto out; 1187 } 1188 } 1189 1190 /* if we got here, the entry doesn't exist yet */ 1191 MALLOC(it, struct exec_entry *, sizeof(struct exec_entry), 1192 M_EXEC, M_WAITOK); 1193 it->es = esp; 1194 LIST_INSERT_HEAD(&ex_head, it, ex_list); 1195 1196 /* update execsw[] */ 1197 exec_init(0); 1198 1199 out: 1200 lockmgr(&exec_lock, LK_RELEASE, NULL); 1201 return error; 1202 } 1203 1204 /* 1205 * Remove execsw[] entry. 1206 */ 1207 int 1208 exec_remove(const struct execsw *esp) 1209 { 1210 struct exec_entry *it; 1211 int error; 1212 1213 error = 0; 1214 lockmgr(&exec_lock, LK_EXCLUSIVE, NULL); 1215 1216 LIST_FOREACH(it, &ex_head, ex_list) { 1217 /* assume tuple (makecmds, probe_func, emulation) is unique */ 1218 if (it->es->es_makecmds == esp->es_makecmds 1219 && it->es->u.elf_probe_func == esp->u.elf_probe_func 1220 && it->es->es_emul == esp->es_emul) 1221 break; 1222 } 1223 if (!it) { 1224 error = ENOENT; 1225 goto out; 1226 } 1227 1228 /* remove item from list and free resources */ 1229 LIST_REMOVE(it, ex_list); 1230 FREE(it, M_EXEC); 1231 1232 /* update execsw[] */ 1233 exec_init(0); 1234 1235 out: 1236 lockmgr(&exec_lock, LK_RELEASE, NULL); 1237 return error; 1238 } 1239 1240 static void 1241 link_es(struct execsw_entry **listp, const struct execsw *esp) 1242 { 1243 struct execsw_entry *et, *e1; 1244 1245 et = (struct execsw_entry *) malloc(sizeof(struct execsw_entry), 1246 M_TEMP, M_WAITOK); 1247 et->next = NULL; 1248 et->es = esp; 1249 if (*listp == NULL) { 1250 *listp = et; 1251 return; 1252 } 1253 1254 switch(et->es->es_prio) { 1255 case EXECSW_PRIO_FIRST: 1256 /* put new entry as the first */ 1257 et->next = *listp; 1258 *listp = et; 1259 break; 1260 case EXECSW_PRIO_ANY: 1261 /* put new entry after all *_FIRST and *_ANY entries */ 1262 for(e1 = *listp; e1->next 1263 && e1->next->es->es_prio != EXECSW_PRIO_LAST; 1264 e1 = e1->next); 1265 et->next = e1->next; 1266 e1->next = et; 1267 break; 1268 case EXECSW_PRIO_LAST: 1269 /* put new entry as the last one */ 1270 for(e1 = *listp; e1->next; e1 = e1->next); 1271 e1->next = et; 1272 break; 1273 default: 1274 #ifdef DIAGNOSTIC 1275 panic("execw[] entry with unknown priority %d found", 1276 et->es->es_prio); 1277 #else 1278 free(et, M_TEMP); 1279 #endif 1280 break; 1281 } 1282 } 1283 1284 /* 1285 * Initialize exec structures. If init_boot is true, also does necessary 1286 * one-time initialization (it's called from main() that way). 1287 * Once system is multiuser, this should be called with exec_lock held, 1288 * i.e. via exec_{add|remove}(). 1289 */ 1290 int 1291 exec_init(int init_boot) 1292 { 1293 const struct execsw **new_es, * const *old_es; 1294 struct execsw_entry *list, *e1; 1295 struct exec_entry *e2; 1296 int i, es_sz; 1297 1298 if (init_boot) { 1299 /* do one-time initializations */ 1300 lockinit(&exec_lock, PWAIT, "execlck", 0, 0); 1301 1302 /* register compiled-in emulations */ 1303 for(i=0; i < nexecs_builtin; i++) { 1304 if (execsw_builtin[i].es_emul) 1305 emul_register(execsw_builtin[i].es_emul, 1); 1306 } 1307 #ifdef DIAGNOSTIC 1308 if (i == 0) 1309 panic("no emulations found in execsw_builtin[]"); 1310 #endif 1311 } 1312 1313 /* 1314 * Build execsw[] array from builtin entries and entries added 1315 * at runtime. 1316 */ 1317 list = NULL; 1318 for(i=0; i < nexecs_builtin; i++) 1319 link_es(&list, &execsw_builtin[i]); 1320 1321 /* Add dynamically loaded entries */ 1322 es_sz = nexecs_builtin; 1323 LIST_FOREACH(e2, &ex_head, ex_list) { 1324 link_es(&list, e2->es); 1325 es_sz++; 1326 } 1327 1328 /* 1329 * Now that we have sorted all execw entries, create new execsw[] 1330 * and free no longer needed memory in the process. 1331 */ 1332 new_es = malloc(es_sz * sizeof(struct execsw *), M_EXEC, M_WAITOK); 1333 for(i=0; list; i++) { 1334 new_es[i] = list->es; 1335 e1 = list->next; 1336 free(list, M_TEMP); 1337 list = e1; 1338 } 1339 1340 /* 1341 * New execsw[] array built, now replace old execsw[] and free 1342 * used memory. 1343 */ 1344 old_es = execsw; 1345 execsw = new_es; 1346 nexecs = es_sz; 1347 if (old_es) 1348 /*XXXUNCONST*/ 1349 free(__UNCONST(old_es), M_EXEC); 1350 1351 /* 1352 * Figure out the maximum size of an exec header. 1353 */ 1354 exec_maxhdrsz = 0; 1355 for (i = 0; i < nexecs; i++) { 1356 if (execsw[i]->es_hdrsz > exec_maxhdrsz) 1357 exec_maxhdrsz = execsw[i]->es_hdrsz; 1358 } 1359 1360 return 0; 1361 } 1362 #endif 1363 1364 #ifndef LKM 1365 /* 1366 * Simplified exec_init() for kernels without LKMs. Only initialize 1367 * exec_maxhdrsz and execsw[]. 1368 */ 1369 int 1370 exec_init(int init_boot) 1371 { 1372 int i; 1373 1374 #ifdef DIAGNOSTIC 1375 if (!init_boot) 1376 panic("exec_init(): called with init_boot == 0"); 1377 #endif 1378 1379 /* do one-time initializations */ 1380 nexecs = nexecs_builtin; 1381 execsw = malloc(nexecs*sizeof(struct execsw *), M_EXEC, M_WAITOK); 1382 1383 /* 1384 * Fill in execsw[] and figure out the maximum size of an exec header. 1385 */ 1386 exec_maxhdrsz = 0; 1387 for(i=0; i < nexecs; i++) { 1388 execsw[i] = &execsw_builtin[i]; 1389 if (execsw_builtin[i].es_hdrsz > exec_maxhdrsz) 1390 exec_maxhdrsz = execsw_builtin[i].es_hdrsz; 1391 } 1392 1393 return 0; 1394 1395 } 1396 #endif /* !LKM */ 1397 1398 static int 1399 exec_sigcode_map(struct proc *p, const struct emul *e) 1400 { 1401 vaddr_t va; 1402 vsize_t sz; 1403 int error; 1404 struct uvm_object *uobj; 1405 1406 sz = (vaddr_t)e->e_esigcode - (vaddr_t)e->e_sigcode; 1407 1408 if (e->e_sigobject == NULL || sz == 0) { 1409 return 0; 1410 } 1411 1412 /* 1413 * If we don't have a sigobject for this emulation, create one. 1414 * 1415 * sigobject is an anonymous memory object (just like SYSV shared 1416 * memory) that we keep a permanent reference to and that we map 1417 * in all processes that need this sigcode. The creation is simple, 1418 * we create an object, add a permanent reference to it, map it in 1419 * kernel space, copy out the sigcode to it and unmap it. 1420 * We map it with PROT_READ|PROT_EXEC into the process just 1421 * the way sys_mmap() would map it. 1422 */ 1423 1424 uobj = *e->e_sigobject; 1425 if (uobj == NULL) { 1426 uobj = uao_create(sz, 0); 1427 (*uobj->pgops->pgo_reference)(uobj); 1428 va = vm_map_min(kernel_map); 1429 if ((error = uvm_map(kernel_map, &va, round_page(sz), 1430 uobj, 0, 0, 1431 UVM_MAPFLAG(UVM_PROT_RW, UVM_PROT_RW, 1432 UVM_INH_SHARE, UVM_ADV_RANDOM, 0)))) { 1433 printf("kernel mapping failed %d\n", error); 1434 (*uobj->pgops->pgo_detach)(uobj); 1435 return (error); 1436 } 1437 memcpy((void *)va, e->e_sigcode, sz); 1438 #ifdef PMAP_NEED_PROCWR 1439 pmap_procwr(&proc0, va, sz); 1440 #endif 1441 uvm_unmap(kernel_map, va, va + round_page(sz)); 1442 *e->e_sigobject = uobj; 1443 } 1444 1445 /* Just a hint to uvm_map where to put it. */ 1446 va = e->e_vm_default_addr(p, (vaddr_t)p->p_vmspace->vm_daddr, 1447 round_page(sz)); 1448 1449 #ifdef __alpha__ 1450 /* 1451 * Tru64 puts /sbin/loader at the end of user virtual memory, 1452 * which causes the above calculation to put the sigcode at 1453 * an invalid address. Put it just below the text instead. 1454 */ 1455 if (va == (vaddr_t)vm_map_max(&p->p_vmspace->vm_map)) { 1456 va = (vaddr_t)p->p_vmspace->vm_taddr - round_page(sz); 1457 } 1458 #endif 1459 1460 (*uobj->pgops->pgo_reference)(uobj); 1461 error = uvm_map(&p->p_vmspace->vm_map, &va, round_page(sz), 1462 uobj, 0, 0, 1463 UVM_MAPFLAG(UVM_PROT_RX, UVM_PROT_RX, UVM_INH_SHARE, 1464 UVM_ADV_RANDOM, 0)); 1465 if (error) { 1466 (*uobj->pgops->pgo_detach)(uobj); 1467 return (error); 1468 } 1469 p->p_sigctx.ps_sigcode = (void *)va; 1470 return (0); 1471 } 1472