Annotation of sys/kern/kern_exec.c, Revision 1.1.1.1
1.1 nbrk 1: /* $OpenBSD: kern_exec.c,v 1.102 2007/03/15 10:22:30 art Exp $ */
2: /* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */
3:
4: /*-
5: * Copyright (C) 1993, 1994 Christopher G. Demetriou
6: * Copyright (C) 1992 Wolfgang Solfrank.
7: * Copyright (C) 1992 TooLs GmbH.
8: * All rights reserved.
9: *
10: * Redistribution and use in source and binary forms, with or without
11: * modification, are permitted provided that the following conditions
12: * are met:
13: * 1. Redistributions of source code must retain the above copyright
14: * notice, this list of conditions and the following disclaimer.
15: * 2. Redistributions in binary form must reproduce the above copyright
16: * notice, this list of conditions and the following disclaimer in the
17: * documentation and/or other materials provided with the distribution.
18: * 3. All advertising materials mentioning features or use of this software
19: * must display the following acknowledgement:
20: * This product includes software developed by TooLs GmbH.
21: * 4. The name of TooLs GmbH may not be used to endorse or promote products
22: * derived from this software without specific prior written permission.
23: *
24: * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR
25: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27: * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
29: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
30: * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
31: * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
32: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
33: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34: */
35:
36: #include <sys/param.h>
37: #include <sys/systm.h>
38: #include <sys/filedesc.h>
39: #include <sys/kernel.h>
40: #include <sys/proc.h>
41: #include <sys/mount.h>
42: #include <sys/malloc.h>
43: #include <sys/pool.h>
44: #include <sys/namei.h>
45: #include <sys/vnode.h>
46: #include <sys/file.h>
47: #include <sys/acct.h>
48: #include <sys/exec.h>
49: #include <sys/ktrace.h>
50: #include <sys/resourcevar.h>
51: #include <sys/wait.h>
52: #include <sys/mman.h>
53: #include <sys/signalvar.h>
54: #include <sys/stat.h>
55: #include <sys/conf.h>
56: #ifdef SYSVSHM
57: #include <sys/shm.h>
58: #endif
59:
60: #include <sys/syscallargs.h>
61:
62: #include <uvm/uvm_extern.h>
63:
64: #include <machine/cpu.h>
65: #include <machine/reg.h>
66:
67: #include <dev/rndvar.h>
68:
69: #include "systrace.h"
70:
71: #if NSYSTRACE > 0
72: #include <dev/systrace.h>
73: #endif
74:
75: /*
76: * Map the shared signal code.
77: */
78: int exec_sigcode_map(struct proc *, struct emul *);
79:
80: /*
81: * stackgap_random specifies if the stackgap should have a random size added
82: * to it. Must be a n^2. If non-zero, the stack gap will be calculated as:
83: * (arc4random() * ALIGNBYTES) & (stackgap_random - 1) + STACKGAPLEN.
84: */
85: int stackgap_random = STACKGAP_RANDOM;
86:
87: /*
88: * check exec:
89: * given an "executable" described in the exec package's namei info,
90: * see what we can do with it.
91: *
92: * ON ENTRY:
93: * exec package with appropriate namei info
94: * proc pointer of exec'ing proc
95: * NO SELF-LOCKED VNODES
96: *
97: * ON EXIT:
98: * error: nothing held, etc. exec header still allocated.
99: * ok: filled exec package, one locked vnode.
100: *
101: * EXEC SWITCH ENTRY:
102: * Locked vnode to check, exec package, proc.
103: *
104: * EXEC SWITCH EXIT:
105: * ok: return 0, filled exec package, one locked vnode.
106: * error: destructive:
107: * everything deallocated execept exec header.
108: * non-destructive:
109: * error code, locked vnode, exec header unmodified
110: */
111: int
112: check_exec(struct proc *p, struct exec_package *epp)
113: {
114: int error, i;
115: struct vnode *vp;
116: struct nameidata *ndp;
117: size_t resid;
118:
119: ndp = epp->ep_ndp;
120: ndp->ni_cnd.cn_nameiop = LOOKUP;
121: ndp->ni_cnd.cn_flags = FOLLOW | LOCKLEAF | SAVENAME;
122: /* first get the vnode */
123: if ((error = namei(ndp)) != 0)
124: return (error);
125: epp->ep_vp = vp = ndp->ni_vp;
126:
127: /* check for regular file */
128: if (vp->v_type == VDIR) {
129: error = EISDIR;
130: goto bad1;
131: }
132: if (vp->v_type != VREG) {
133: error = EACCES;
134: goto bad1;
135: }
136:
137: /* get attributes */
138: if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, p)) != 0)
139: goto bad1;
140:
141: /* Check mount point */
142: if (vp->v_mount->mnt_flag & MNT_NOEXEC) {
143: error = EACCES;
144: goto bad1;
145: }
146:
147: if ((vp->v_mount->mnt_flag & MNT_NOSUID))
148: epp->ep_vap->va_mode &= ~(VSUID | VSGID);
149:
150: /* check access. for root we have to see if any exec bit on */
151: if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0)
152: goto bad1;
153: if ((epp->ep_vap->va_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) {
154: error = EACCES;
155: goto bad1;
156: }
157:
158: /* try to open it */
159: if ((error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) != 0)
160: goto bad1;
161:
162: /* unlock vp, we need it unlocked from here */
163: VOP_UNLOCK(vp, 0, p);
164:
165: /* now we have the file, get the exec header */
166: error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0,
167: UIO_SYSSPACE, 0, p->p_ucred, &resid, p);
168: if (error)
169: goto bad2;
170: epp->ep_hdrvalid = epp->ep_hdrlen - resid;
171:
172: /*
173: * set up the vmcmds for creation of the process
174: * address space
175: */
176: error = ENOEXEC;
177: for (i = 0; i < nexecs && error != 0; i++) {
178: int newerror;
179:
180: if (execsw[i].es_check == NULL)
181: continue;
182: newerror = (*execsw[i].es_check)(p, epp);
183: if (!newerror && !(epp->ep_emul->e_flags & EMUL_ENABLED))
184: newerror = EPERM;
185: /* make sure the first "interesting" error code is saved. */
186: if (!newerror || error == ENOEXEC)
187: error = newerror;
188: if (epp->ep_flags & EXEC_DESTR && error != 0)
189: return (error);
190: }
191: if (!error) {
192: /* check that entry point is sane */
193: if (epp->ep_entry > VM_MAXUSER_ADDRESS) {
194: error = ENOEXEC;
195: }
196:
197: /* check limits */
198: if ((epp->ep_tsize > MAXTSIZ) ||
199: (epp->ep_dsize > p->p_rlimit[RLIMIT_DATA].rlim_cur))
200: error = ENOMEM;
201:
202: if (!error)
203: return (0);
204: }
205:
206: /*
207: * free any vmspace-creation commands,
208: * and release their references
209: */
210: kill_vmcmds(&epp->ep_vmcmds);
211:
212: bad2:
213: /*
214: * close the vnode, free the pathname buf, and punt.
215: */
216: vn_close(vp, FREAD, p->p_ucred, p);
217: pool_put(&namei_pool, ndp->ni_cnd.cn_pnbuf);
218: return (error);
219:
220: bad1:
221: /*
222: * free the namei pathname buffer, and put the vnode
223: * (which we don't yet have open).
224: */
225: pool_put(&namei_pool, ndp->ni_cnd.cn_pnbuf);
226: vput(vp);
227: return (error);
228: }
229:
230: /*
231: * exec system call
232: */
233: /* ARGSUSED */
234: int
235: sys_execve(struct proc *p, void *v, register_t *retval)
236: {
237: struct sys_execve_args /* {
238: syscallarg(const char *) path;
239: syscallarg(char *const *) argp;
240: syscallarg(char *const *) envp;
241: } */ *uap = v;
242: int error;
243: struct exec_package pack;
244: struct nameidata nid;
245: struct vattr attr;
246: struct ucred *cred = p->p_ucred;
247: char *argp;
248: char * const *cpp, *dp, *sp;
249: long argc, envc;
250: size_t len, sgap;
251: #ifdef MACHINE_STACK_GROWS_UP
252: size_t slen;
253: #endif
254: char *stack;
255: struct ps_strings arginfo;
256: struct vmspace *vm = p->p_vmspace;
257: char **tmpfap;
258: extern struct emul emul_native;
259: #if NSYSTRACE > 0
260: int wassugid =
261: ISSET(p->p_flag, P_SUGID) || ISSET(p->p_flag, P_SUGIDEXEC);
262: size_t pathbuflen;
263: #endif
264: char *pathbuf = NULL;
265:
266: /*
267: * Cheap solution to complicated problems.
268: * Mark this process as "leave me alone, I'm execing".
269: */
270: atomic_setbits_int(&p->p_flag, P_INEXEC);
271:
272: #if NSYSTRACE > 0
273: if (ISSET(p->p_flag, P_SYSTRACE)) {
274: systrace_execve0(p);
275: pathbuf = pool_get(&namei_pool, PR_WAITOK);
276: error = copyinstr(SCARG(uap, path), pathbuf, MAXPATHLEN,
277: &pathbuflen);
278: if (error != 0)
279: goto clrflag;
280: }
281: #endif
282: if (pathbuf != NULL) {
283: NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_SYSSPACE, pathbuf, p);
284: } else {
285: NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE,
286: SCARG(uap, path), p);
287: }
288:
289: /*
290: * initialize the fields of the exec package.
291: */
292: if (pathbuf != NULL)
293: pack.ep_name = pathbuf;
294: else
295: pack.ep_name = (char *)SCARG(uap, path);
296: pack.ep_hdr = malloc(exec_maxhdrsz, M_EXEC, M_WAITOK);
297: pack.ep_hdrlen = exec_maxhdrsz;
298: pack.ep_hdrvalid = 0;
299: pack.ep_ndp = &nid;
300: pack.ep_interp = NULL;
301: pack.ep_emul_arg = NULL;
302: VMCMDSET_INIT(&pack.ep_vmcmds);
303: pack.ep_vap = &attr;
304: pack.ep_emul = &emul_native;
305: pack.ep_flags = 0;
306:
307: /* see if we can run it. */
308: if ((error = check_exec(p, &pack)) != 0) {
309: goto freehdr;
310: }
311:
312: /* XXX -- THE FOLLOWING SECTION NEEDS MAJOR CLEANUP */
313:
314: /* allocate an argument buffer */
315: argp = (char *) uvm_km_valloc_wait(exec_map, NCARGS);
316: #ifdef DIAGNOSTIC
317: if (argp == NULL)
318: panic("execve: argp == NULL");
319: #endif
320: dp = argp;
321: argc = 0;
322:
323: /* copy the fake args list, if there's one, freeing it as we go */
324: if (pack.ep_flags & EXEC_HASARGL) {
325: tmpfap = pack.ep_fa;
326: while (*tmpfap != NULL) {
327: char *cp;
328:
329: cp = *tmpfap;
330: while (*cp)
331: *dp++ = *cp++;
332: dp++;
333:
334: free(*tmpfap, M_EXEC);
335: tmpfap++; argc++;
336: }
337: FREE(pack.ep_fa, M_EXEC);
338: pack.ep_flags &= ~EXEC_HASARGL;
339: }
340:
341: /* Now get argv & environment */
342: if (!(cpp = SCARG(uap, argp))) {
343: error = EFAULT;
344: goto bad;
345: }
346:
347: if (pack.ep_flags & EXEC_SKIPARG)
348: cpp++;
349:
350: while (1) {
351: len = argp + ARG_MAX - dp;
352: if ((error = copyin(cpp, &sp, sizeof(sp))) != 0)
353: goto bad;
354: if (!sp)
355: break;
356: if ((error = copyinstr(sp, dp, len, &len)) != 0) {
357: if (error == ENAMETOOLONG)
358: error = E2BIG;
359: goto bad;
360: }
361: dp += len;
362: cpp++;
363: argc++;
364: }
365:
366: envc = 0;
367: /* environment does not need to be there */
368: if ((cpp = SCARG(uap, envp)) != NULL ) {
369: while (1) {
370: len = argp + ARG_MAX - dp;
371: if ((error = copyin(cpp, &sp, sizeof(sp))) != 0)
372: goto bad;
373: if (!sp)
374: break;
375: if ((error = copyinstr(sp, dp, len, &len)) != 0) {
376: if (error == ENAMETOOLONG)
377: error = E2BIG;
378: goto bad;
379: }
380: dp += len;
381: cpp++;
382: envc++;
383: }
384: }
385:
386: dp = (char *)ALIGN(dp);
387:
388: sgap = STACKGAPLEN;
389: if (stackgap_random != 0)
390: sgap += (arc4random() * ALIGNBYTES) & (stackgap_random - 1);
391: /* Now check if args & environ fit into new stack */
392: len = ((argc + envc + 2 + pack.ep_emul->e_arglen) * sizeof(char *) +
393: sizeof(long) + dp + sgap + sizeof(struct ps_strings)) - argp;
394:
395: len = ALIGN(len); /* make the stack "safely" aligned */
396:
397: if (len > pack.ep_ssize) { /* in effect, compare to initial limit */
398: error = ENOMEM;
399: goto bad;
400: }
401:
402: /* adjust "active stack depth" for process VSZ */
403: pack.ep_ssize = len; /* maybe should go elsewhere, but... */
404:
405: /*
406: * Prepare vmspace for remapping. Note that uvmspace_exec can replace
407: * p_vmspace!
408: */
409: uvmspace_exec(p, VM_MIN_ADDRESS, VM_MAXUSER_ADDRESS);
410:
411: vm = p->p_vmspace;
412: /* Now map address space */
413: vm->vm_taddr = (char *)pack.ep_taddr;
414: vm->vm_tsize = btoc(pack.ep_tsize);
415: vm->vm_daddr = (char *)pack.ep_daddr;
416: vm->vm_dsize = btoc(pack.ep_dsize);
417: vm->vm_dused = 0;
418: vm->vm_ssize = btoc(pack.ep_ssize);
419: vm->vm_maxsaddr = (char *)pack.ep_maxsaddr;
420: vm->vm_minsaddr = (char *)pack.ep_minsaddr;
421:
422: /* create the new process's VM space by running the vmcmds */
423: #ifdef DIAGNOSTIC
424: if (pack.ep_vmcmds.evs_used == 0)
425: panic("execve: no vmcmds");
426: #endif
427: error = exec_process_vmcmds(p, &pack);
428:
429: /* if an error happened, deallocate and punt */
430: if (error)
431: goto exec_abort;
432:
433: /* remember information about the process */
434: arginfo.ps_nargvstr = argc;
435: arginfo.ps_nenvstr = envc;
436:
437: #ifdef MACHINE_STACK_GROWS_UP
438: stack = (char *)USRSTACK + sizeof(arginfo);
439: slen = len - sizeof(arginfo);
440: #else
441: stack = (char *)(USRSTACK - len);
442: #endif
443: /* Now copy argc, args & environ to new stack */
444: if (!(*pack.ep_emul->e_copyargs)(&pack, &arginfo, stack, argp))
445: goto exec_abort;
446:
447: /* copy out the process's ps_strings structure */
448: if (copyout(&arginfo, (char *)PS_STRINGS, sizeof(arginfo)))
449: goto exec_abort;
450:
451: stopprofclock(p); /* stop profiling */
452: fdcloseexec(p); /* handle close on exec */
453: execsigs(p); /* reset caught signals */
454:
455: /* set command name & other accounting info */
456: len = min(nid.ni_cnd.cn_namelen, MAXCOMLEN);
457: bcopy(nid.ni_cnd.cn_nameptr, p->p_comm, len);
458: p->p_comm[len] = 0;
459: p->p_acflag &= ~AFORK;
460:
461: /* record proc's vnode, for use by procfs and others */
462: if (p->p_textvp)
463: vrele(p->p_textvp);
464: VREF(pack.ep_vp);
465: p->p_textvp = pack.ep_vp;
466:
467: atomic_setbits_int(&p->p_flag, P_EXEC);
468: if (p->p_flag & P_PPWAIT) {
469: atomic_clearbits_int(&p->p_flag, P_PPWAIT);
470: wakeup((caddr_t)p->p_pptr);
471: }
472:
473: /*
474: * If process does execve() while it has a mismatched real,
475: * effective, or saved uid/gid, we set P_SUGIDEXEC.
476: */
477: if (p->p_ucred->cr_uid != p->p_cred->p_ruid ||
478: p->p_ucred->cr_uid != p->p_cred->p_svuid ||
479: p->p_ucred->cr_gid != p->p_cred->p_rgid ||
480: p->p_ucred->cr_gid != p->p_cred->p_svgid)
481: atomic_setbits_int(&p->p_flag, P_SUGIDEXEC);
482: else
483: atomic_clearbits_int(&p->p_flag, P_SUGIDEXEC);
484:
485: /*
486: * deal with set[ug]id.
487: * MNT_NOEXEC has already been used to disable s[ug]id.
488: */
489: if ((attr.va_mode & (VSUID | VSGID)) && proc_cansugid(p)) {
490: int i;
491:
492: atomic_setbits_int(&p->p_flag, P_SUGID|P_SUGIDEXEC);
493:
494: #ifdef KTRACE
495: /*
496: * If process is being ktraced, turn off - unless
497: * root set it.
498: */
499: if (p->p_tracep && !(p->p_traceflag & KTRFAC_ROOT)) {
500: p->p_traceflag = 0;
501: ktrsettracevnode(p, NULL);
502: }
503: #endif
504: p->p_ucred = crcopy(cred);
505: if (attr.va_mode & VSUID)
506: p->p_ucred->cr_uid = attr.va_uid;
507: if (attr.va_mode & VSGID)
508: p->p_ucred->cr_gid = attr.va_gid;
509:
510: /*
511: * For set[ug]id processes, a few caveats apply to
512: * stdin, stdout, and stderr.
513: */
514: for (i = 0; i < 3; i++) {
515: struct file *fp = NULL;
516:
517: /*
518: * NOTE - This will never return NULL because of
519: * immature fds. The file descriptor table is not
520: * shared because we're suid.
521: */
522: fp = fd_getfile(p->p_fd, i);
523: #ifdef PROCFS
524: /*
525: * Close descriptors that are writing to procfs.
526: */
527: if (fp && fp->f_type == DTYPE_VNODE &&
528: ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS &&
529: (fp->f_flag & FWRITE)) {
530: fdrelease(p, i);
531: fp = NULL;
532: }
533: #endif
534:
535: /*
536: * Ensure that stdin, stdout, and stderr are already
537: * allocated. We do not want userland to accidentally
538: * allocate descriptors in this range which has implied
539: * meaning to libc.
540: */
541: if (fp == NULL) {
542: short flags = FREAD | (i == 0 ? 0 : FWRITE);
543: struct vnode *vp;
544: int indx;
545:
546: if ((error = falloc(p, &fp, &indx)) != 0)
547: goto exec_abort;
548: #ifdef DIAGNOSTIC
549: if (indx != i)
550: panic("sys_execve: falloc indx != i");
551: #endif
552: if ((error = cdevvp(getnulldev(), &vp)) != 0) {
553: fdremove(p->p_fd, indx);
554: closef(fp, p);
555: goto exec_abort;
556: }
557: if ((error = VOP_OPEN(vp, flags, p->p_ucred, p)) != 0) {
558: fdremove(p->p_fd, indx);
559: closef(fp, p);
560: vrele(vp);
561: goto exec_abort;
562: }
563: if (flags & FWRITE)
564: vp->v_writecount++;
565: fp->f_flag = flags;
566: fp->f_type = DTYPE_VNODE;
567: fp->f_ops = &vnops;
568: fp->f_data = (caddr_t)vp;
569: FILE_SET_MATURE(fp);
570: }
571: }
572: } else
573: atomic_clearbits_int(&p->p_flag, P_SUGID);
574: p->p_cred->p_svuid = p->p_ucred->cr_uid;
575: p->p_cred->p_svgid = p->p_ucred->cr_gid;
576:
577: if (p->p_flag & P_SUGIDEXEC) {
578: int i, s = splclock();
579:
580: timeout_del(&p->p_realit_to);
581: timerclear(&p->p_realtimer.it_interval);
582: timerclear(&p->p_realtimer.it_value);
583: for (i = 0; i < sizeof(p->p_stats->p_timer) /
584: sizeof(p->p_stats->p_timer[0]); i++) {
585: timerclear(&p->p_stats->p_timer[i].it_interval);
586: timerclear(&p->p_stats->p_timer[i].it_value);
587: }
588: splx(s);
589: }
590:
591: uvm_km_free_wakeup(exec_map, (vaddr_t) argp, NCARGS);
592:
593: pool_put(&namei_pool, nid.ni_cnd.cn_pnbuf);
594: vn_close(pack.ep_vp, FREAD, cred, p);
595:
596: /*
597: * notify others that we exec'd
598: */
599: KNOTE(&p->p_klist, NOTE_EXEC);
600:
601: /* setup new registers and do misc. setup. */
602: if (pack.ep_emul->e_fixup != NULL) {
603: if ((*pack.ep_emul->e_fixup)(p, &pack) != 0)
604: goto free_pack_abort;
605: }
606: #ifdef MACHINE_STACK_GROWS_UP
607: (*pack.ep_emul->e_setregs)(p, &pack, (u_long)stack + slen, retval);
608: #else
609: (*pack.ep_emul->e_setregs)(p, &pack, (u_long)stack, retval);
610: #endif
611:
612: /* map the process's signal trampoline code */
613: if (exec_sigcode_map(p, pack.ep_emul))
614: goto free_pack_abort;
615:
616: if (p->p_flag & P_TRACED)
617: psignal(p, SIGTRAP);
618:
619: free(pack.ep_hdr, M_EXEC);
620:
621: /*
622: * Call emulation specific exec hook. This can setup per-process
623: * p->p_emuldata or do any other per-process stuff an emulation needs.
624: *
625: * If we are executing process of different emulation than the
626: * original forked process, call e_proc_exit() of the old emulation
627: * first, then e_proc_exec() of new emulation. If the emulation is
628: * same, the exec hook code should deallocate any old emulation
629: * resources held previously by this process.
630: */
631: if (p->p_emul && p->p_emul->e_proc_exit &&
632: p->p_emul != pack.ep_emul)
633: (*p->p_emul->e_proc_exit)(p);
634:
635: p->p_descfd = 255;
636: if ((pack.ep_flags & EXEC_HASFD) && pack.ep_fd < 255)
637: p->p_descfd = pack.ep_fd;
638:
639: /*
640: * Call exec hook. Emulation code may NOT store reference to anything
641: * from &pack.
642: */
643: if (pack.ep_emul->e_proc_exec)
644: (*pack.ep_emul->e_proc_exec)(p, &pack);
645:
646: /* update p_emul, the old value is no longer needed */
647: p->p_emul = pack.ep_emul;
648:
649: #ifdef KTRACE
650: if (KTRPOINT(p, KTR_EMUL))
651: ktremul(p, p->p_emul->e_name);
652: #endif
653:
654: atomic_clearbits_int(&p->p_flag, P_INEXEC);
655:
656: #if NSYSTRACE > 0
657: if (ISSET(p->p_flag, P_SYSTRACE) &&
658: wassugid && !ISSET(p->p_flag, P_SUGID) &&
659: !ISSET(p->p_flag, P_SUGIDEXEC))
660: systrace_execve1(pathbuf, p);
661: #endif
662:
663: if (pathbuf != NULL)
664: pool_put(&namei_pool, pathbuf);
665:
666: return (0);
667:
668: bad:
669: /* free the vmspace-creation commands, and release their references */
670: kill_vmcmds(&pack.ep_vmcmds);
671: /* kill any opened file descriptor, if necessary */
672: if (pack.ep_flags & EXEC_HASFD) {
673: pack.ep_flags &= ~EXEC_HASFD;
674: (void) fdrelease(p, pack.ep_fd);
675: }
676: if (pack.ep_interp != NULL)
677: pool_put(&namei_pool, pack.ep_interp);
678: if (pack.ep_emul_arg != NULL)
679: FREE(pack.ep_emul_arg, M_TEMP);
680: /* close and put the exec'd file */
681: vn_close(pack.ep_vp, FREAD, cred, p);
682: pool_put(&namei_pool, nid.ni_cnd.cn_pnbuf);
683: uvm_km_free_wakeup(exec_map, (vaddr_t) argp, NCARGS);
684:
685: freehdr:
686: free(pack.ep_hdr, M_EXEC);
687: #if NSYSTRACE > 0
688: clrflag:
689: #endif
690: atomic_clearbits_int(&p->p_flag, P_INEXEC);
691:
692: if (pathbuf != NULL)
693: pool_put(&namei_pool, pathbuf);
694:
695: return (error);
696:
697: exec_abort:
698: /*
699: * the old process doesn't exist anymore. exit gracefully.
700: * get rid of the (new) address space we have created, if any, get rid
701: * of our namei data and vnode, and exit noting failure
702: */
703: uvm_deallocate(&vm->vm_map, VM_MIN_ADDRESS,
704: VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS);
705: if (pack.ep_interp != NULL)
706: pool_put(&namei_pool, pack.ep_interp);
707: if (pack.ep_emul_arg != NULL)
708: FREE(pack.ep_emul_arg, M_TEMP);
709: pool_put(&namei_pool, nid.ni_cnd.cn_pnbuf);
710: vn_close(pack.ep_vp, FREAD, cred, p);
711: uvm_km_free_wakeup(exec_map, (vaddr_t) argp, NCARGS);
712:
713: free_pack_abort:
714: free(pack.ep_hdr, M_EXEC);
715: exit1(p, W_EXITCODE(0, SIGABRT), EXIT_NORMAL);
716:
717: /* NOTREACHED */
718: atomic_clearbits_int(&p->p_flag, P_INEXEC);
719: if (pathbuf != NULL)
720: pool_put(&namei_pool, pathbuf);
721:
722: return (0);
723: }
724:
725:
726: void *
727: copyargs(struct exec_package *pack, struct ps_strings *arginfo, void *stack,
728: void *argp)
729: {
730: char **cpp = stack;
731: char *dp, *sp;
732: size_t len;
733: void *nullp = NULL;
734: long argc = arginfo->ps_nargvstr;
735: int envc = arginfo->ps_nenvstr;
736:
737: if (copyout(&argc, cpp++, sizeof(argc)))
738: return (NULL);
739:
740: dp = (char *) (cpp + argc + envc + 2 + pack->ep_emul->e_arglen);
741: sp = argp;
742:
743: /* XXX don't copy them out, remap them! */
744: arginfo->ps_argvstr = cpp; /* remember location of argv for later */
745:
746: for (; --argc >= 0; sp += len, dp += len)
747: if (copyout(&dp, cpp++, sizeof(dp)) ||
748: copyoutstr(sp, dp, ARG_MAX, &len))
749: return (NULL);
750:
751: if (copyout(&nullp, cpp++, sizeof(nullp)))
752: return (NULL);
753:
754: arginfo->ps_envstr = cpp; /* remember location of envp for later */
755:
756: for (; --envc >= 0; sp += len, dp += len)
757: if (copyout(&dp, cpp++, sizeof(dp)) ||
758: copyoutstr(sp, dp, ARG_MAX, &len))
759: return (NULL);
760:
761: if (copyout(&nullp, cpp++, sizeof(nullp)))
762: return (NULL);
763:
764: return (cpp);
765: }
766:
767: int
768: exec_sigcode_map(struct proc *p, struct emul *e)
769: {
770: vsize_t sz;
771:
772: sz = (vaddr_t)e->e_esigcode - (vaddr_t)e->e_sigcode;
773:
774: /*
775: * If we don't have a sigobject for this emulation, create one.
776: *
777: * sigobject is an anonymous memory object (just like SYSV shared
778: * memory) that we keep a permanent reference to and that we map
779: * in all processes that need this sigcode. The creation is simple,
780: * we create an object, add a permanent reference to it, map it in
781: * kernel space, copy out the sigcode to it and unmap it.
782: * Then we map it with PROT_READ|PROT_EXEC into the process just
783: * the way sys_mmap would map it.
784: */
785: if (e->e_sigobject == NULL) {
786: vaddr_t va;
787: int r;
788:
789: e->e_sigobject = uao_create(sz, 0);
790: uao_reference(e->e_sigobject); /* permanent reference */
791:
792: va = vm_map_min(kernel_map); /* hint */
793: if ((r = uvm_map(kernel_map, &va, round_page(sz), e->e_sigobject,
794: 0, 0, UVM_MAPFLAG(UVM_PROT_RW, UVM_PROT_RW,
795: UVM_INH_SHARE, UVM_ADV_RANDOM, 0)))) {
796: uao_detach(e->e_sigobject);
797: return (ENOMEM);
798: }
799: memcpy((void *)va, e->e_sigcode, sz);
800: uvm_unmap(kernel_map, va, va + round_page(sz));
801: }
802:
803: /* Just a hint to uvm_mmap where to put it. */
804: p->p_sigcode = uvm_map_hint(p, VM_PROT_READ|VM_PROT_EXECUTE);
805: uao_reference(e->e_sigobject);
806: if (uvm_map(&p->p_vmspace->vm_map, &p->p_sigcode, round_page(sz),
807: e->e_sigobject, 0, 0, UVM_MAPFLAG(UVM_PROT_RX, UVM_PROT_RX,
808: UVM_INH_SHARE, UVM_ADV_RANDOM, 0))) {
809: uao_detach(e->e_sigobject);
810: return (ENOMEM);
811: }
812:
813: return (0);
814: }
CVSweb