mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-13 10:02:38 +00:00
All:
Changed vnodep -> vp for consistency with the rest of the kernel, and changed iparams -> imgp for brevity. kern_exec.c: Explicitly initialized some additional parts of the image_params struct to avoid bzeroing it. Rewrote the set-id code to reduce the number of logical tests. The rewrite exposed a mostly benign bug in the algorithm: traced set-id images would get ktracing disabled even if the set-id didn't happen for other reasons.
This commit is contained in:
parent
593ecf888e
commit
c52007c2cc
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=12130
@ -25,7 +25,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $Id: linux_misc.c,v 1.1 1995/06/25 17:32:37 sos Exp $
|
||||
* $Id: linux_misc.c,v 1.2 1995/10/04 07:08:04 julian Exp $
|
||||
*/
|
||||
|
||||
#include <i386/linux/linux.h>
|
||||
@ -162,7 +162,7 @@ int
|
||||
linux_uselib(struct proc *p, struct linux_uselib_args *args, int *retval)
|
||||
{
|
||||
struct nameidata ni;
|
||||
struct vnode *vnodep;
|
||||
struct vnode *vp;
|
||||
struct exec *a_out = 0;
|
||||
struct vattr attr;
|
||||
unsigned long vmaddr, virtual_offset, file_offset;
|
||||
@ -192,46 +192,46 @@ linux_uselib(struct proc *p, struct linux_uselib_args *args, int *retval)
|
||||
if (error = namei(&ni))
|
||||
return error;
|
||||
|
||||
vnodep = ni.ni_vp;
|
||||
if (vnodep == NULL)
|
||||
vp = ni.ni_vp;
|
||||
if (vp == NULL)
|
||||
return ENOEXEC;
|
||||
|
||||
if (vnodep->v_writecount) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (vp->v_writecount) {
|
||||
VOP_UNLOCK(vp);
|
||||
return ETXTBSY;
|
||||
}
|
||||
|
||||
if (error = VOP_GETATTR(vnodep, &attr, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (error = VOP_GETATTR(vp, &attr, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vp);
|
||||
return error;
|
||||
}
|
||||
|
||||
if ((vnodep->v_mount->mnt_flag & MNT_NOEXEC)
|
||||
if ((vp->v_mount->mnt_flag & MNT_NOEXEC)
|
||||
|| ((attr.va_mode & 0111) == 0)
|
||||
|| (attr.va_type != VREG)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
VOP_UNLOCK(vp);
|
||||
return ENOEXEC;
|
||||
}
|
||||
|
||||
if (attr.va_size == 0) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
VOP_UNLOCK(vp);
|
||||
return ENOEXEC;
|
||||
}
|
||||
|
||||
if (error = VOP_ACCESS(vnodep, VEXEC, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vp);
|
||||
return error;
|
||||
}
|
||||
|
||||
if (error = VOP_OPEN(vnodep, FREAD, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vp);
|
||||
return error;
|
||||
}
|
||||
|
||||
VOP_UNLOCK(vnodep); /* lock no longer needed */
|
||||
VOP_UNLOCK(vp); /* lock no longer needed */
|
||||
|
||||
error = vm_mmap(kernel_map, (vm_offset_t *)&a_out, 1024,
|
||||
VM_PROT_READ, VM_PROT_READ, 0, (caddr_t)vnodep, 0);
|
||||
VM_PROT_READ, VM_PROT_READ, 0, (caddr_t)vp, 0);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
@ -257,7 +257,7 @@ linux_uselib(struct proc *p, struct linux_uselib_args *args, int *retval)
|
||||
return ENOEXEC;
|
||||
}
|
||||
|
||||
vnodep->v_flag |= VTEXT;
|
||||
vp->v_flag |= VTEXT;
|
||||
bss_size = round_page(a_out->a_bss);
|
||||
/*
|
||||
* Check if file_offset page aligned,.
|
||||
@ -280,7 +280,7 @@ printf("uselib: Non page aligned binary %d\n", file_offset);
|
||||
error = vm_mmap(kernel_map, &buffer,
|
||||
round_page(a_out->a_text + a_out->a_data + file_offset),
|
||||
VM_PROT_READ, VM_PROT_READ, MAP_FILE,
|
||||
(caddr_t)vnodep, trunc_page(file_offset));
|
||||
(caddr_t)vp, trunc_page(file_offset));
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
@ -306,7 +306,7 @@ printf("uselib: Page aligned binary %d\n", file_offset);
|
||||
error = vm_mmap(&p->p_vmspace->vm_map, &vmaddr,
|
||||
a_out->a_text + a_out->a_data,
|
||||
VM_PROT_ALL, VM_PROT_ALL, MAP_PRIVATE | MAP_FIXED,
|
||||
(caddr_t)vnodep, file_offset);
|
||||
(caddr_t)vp, file_offset);
|
||||
if (error)
|
||||
return (error);
|
||||
}
|
||||
|
@ -26,7 +26,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $Id: imgact_coff.c,v 1.7 1995/09/13 02:12:51 sef Exp $
|
||||
* $Id: imgact_coff.c,v 1.9 1995/10/10 17:33:19 swallace Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -49,7 +49,7 @@
|
||||
extern struct sysentvec ibcs2_svr3_sysvec;
|
||||
|
||||
extern int coff_load_file __P((struct proc *p, char *name));
|
||||
extern int exec_coff_imgact __P((struct image_params *iparams));
|
||||
extern int exec_coff_imgact __P((struct image_params *imgp));
|
||||
|
||||
static int load_coff_section __P((struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset, caddr_t vmaddr, size_t memsz, size_t filsz, vm_prot_t prot));
|
||||
|
||||
@ -154,7 +154,7 @@ coff_load_file(struct proc *p, char *name)
|
||||
struct vmspace *vmspace = p->p_vmspace;
|
||||
int error;
|
||||
struct nameidata nd;
|
||||
struct vnode *vnodep;
|
||||
struct vnode *vp;
|
||||
struct vattr attr;
|
||||
struct filehdr *fhdr;
|
||||
struct aouthdr *ahdr;
|
||||
@ -173,19 +173,19 @@ coff_load_file(struct proc *p, char *name)
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
vnodep = nd.ni_vp;
|
||||
if (vnodep == NULL)
|
||||
vp = nd.ni_vp;
|
||||
if (vp == NULL)
|
||||
return ENOEXEC;
|
||||
|
||||
if (vnodep->v_writecount) {
|
||||
if (vp->v_writecount) {
|
||||
error = ETXTBSY;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (error = VOP_GETATTR(vnodep, &attr, p->p_ucred, p))
|
||||
if (error = VOP_GETATTR(vp, &attr, p->p_ucred, p))
|
||||
goto fail;
|
||||
|
||||
if ((vnodep->v_mount->mnt_flag & MNT_NOEXEC)
|
||||
if ((vp->v_mount->mnt_flag & MNT_NOEXEC)
|
||||
|| ((attr.va_mode & 0111) == 0)
|
||||
|| (attr.va_type != VREG))
|
||||
goto fail;
|
||||
@ -195,17 +195,17 @@ coff_load_file(struct proc *p, char *name)
|
||||
goto fail;
|
||||
}
|
||||
|
||||
if (error = VOP_ACCESS(vnodep, VEXEC, p->p_ucred, p))
|
||||
if (error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p))
|
||||
goto fail;
|
||||
|
||||
if (error = VOP_OPEN(vnodep, FREAD, p->p_ucred, p))
|
||||
if (error = VOP_OPEN(vp, FREAD, p->p_ucred, p))
|
||||
goto fail;
|
||||
|
||||
/*
|
||||
* Lose the lock on the vnode. It's no longer needed, and must not
|
||||
* exist for the pagefault paging to work below.
|
||||
*/
|
||||
VOP_UNLOCK(vnodep);
|
||||
VOP_UNLOCK(vp);
|
||||
|
||||
if (error = vm_mmap(kernel_map,
|
||||
(vm_offset_t *) &ptr,
|
||||
@ -213,7 +213,7 @@ coff_load_file(struct proc *p, char *name)
|
||||
VM_PROT_READ,
|
||||
VM_PROT_READ,
|
||||
MAP_FILE,
|
||||
(caddr_t) vnodep,
|
||||
(caddr_t) vp,
|
||||
0))
|
||||
goto fail;
|
||||
|
||||
@ -256,13 +256,13 @@ coff_load_file(struct proc *p, char *name)
|
||||
}
|
||||
}
|
||||
|
||||
if (error = load_coff_section(vmspace, vnodep, text_offset,
|
||||
if (error = load_coff_section(vmspace, vp, text_offset,
|
||||
(caddr_t)text_address,
|
||||
text_size, text_size,
|
||||
VM_PROT_READ | VM_PROT_EXECUTE)) {
|
||||
goto dealloc_and_fail;
|
||||
}
|
||||
if (error = load_coff_section(vmspace, vnodep, data_offset,
|
||||
if (error = load_coff_section(vmspace, vp, data_offset,
|
||||
(caddr_t)data_address,
|
||||
data_size + bss_size, data_size,
|
||||
VM_PROT_ALL)) {
|
||||
@ -284,14 +284,14 @@ coff_load_file(struct proc *p, char *name)
|
||||
}
|
||||
|
||||
int
|
||||
exec_coff_imgact(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_coff_imgact(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
struct filehdr *fhdr = (struct filehdr*)iparams->image_header;
|
||||
struct filehdr *fhdr = (struct filehdr*)imgp->image_header;
|
||||
struct aouthdr *ahdr;
|
||||
struct scnhdr *scns;
|
||||
int i;
|
||||
struct vmspace *vmspace = iparams->proc->p_vmspace;
|
||||
struct vmspace *vmspace = imgp->proc->p_vmspace;
|
||||
unsigned long vmaddr;
|
||||
int nscns;
|
||||
int error, len;
|
||||
@ -323,20 +323,20 @@ exec_coff_imgact(iparams)
|
||||
return -1;
|
||||
}
|
||||
|
||||
ahdr = (struct aouthdr*)((char*)(iparams->image_header) +
|
||||
ahdr = (struct aouthdr*)((char*)(imgp->image_header) +
|
||||
sizeof(struct filehdr));
|
||||
iparams->entry_addr = ahdr->entry;
|
||||
imgp->entry_addr = ahdr->entry;
|
||||
|
||||
scns = (struct scnhdr*)((char*)(iparams->image_header) +
|
||||
scns = (struct scnhdr*)((char*)(imgp->image_header) +
|
||||
sizeof(struct filehdr) +
|
||||
sizeof(struct aouthdr));
|
||||
|
||||
if (error = exec_extract_strings(iparams)) {
|
||||
if (error = exec_extract_strings(imgp)) {
|
||||
DPRINTF(("%s(%d): return %d\n", __FILE__, __LINE__, error));
|
||||
return error;
|
||||
}
|
||||
|
||||
exec_new_vmspace(iparams);
|
||||
exec_new_vmspace(imgp);
|
||||
|
||||
for (i = 0; i < nscns; i++) {
|
||||
|
||||
@ -375,7 +375,7 @@ exec_coff_imgact(iparams)
|
||||
VM_PROT_READ,
|
||||
VM_PROT_READ,
|
||||
MAP_FILE,
|
||||
(caddr_t) iparams->vnodep,
|
||||
(caddr_t) imgp->vp,
|
||||
foff)) {
|
||||
return ENOEXEC;
|
||||
}
|
||||
@ -396,9 +396,9 @@ exec_coff_imgact(iparams)
|
||||
DPRINTF(("%s(%d): shared library %s\n",
|
||||
__FILE__, __LINE__, libname));
|
||||
strcpy(&libbuf[emul_path_len], libname);
|
||||
error = coff_load_file(iparams->proc, libbuf);
|
||||
error = coff_load_file(imgp->proc, libbuf);
|
||||
if (error)
|
||||
error = coff_load_file(iparams->proc,
|
||||
error = coff_load_file(imgp->proc,
|
||||
libname);
|
||||
if (error)
|
||||
break;
|
||||
@ -418,10 +418,10 @@ exec_coff_imgact(iparams)
|
||||
*/
|
||||
|
||||
DPRINTF(("%s(%d): load_coff_section(vmspace, "
|
||||
"iparams->vnodep, %08lx, %08lx, 0x%x, 0x%x, 0x%x)\n",
|
||||
"imgp->vp, %08lx, %08lx, 0x%x, 0x%x, 0x%x)\n",
|
||||
__FILE__, __LINE__, text_offset, text_address,
|
||||
text_size, text_size, VM_PROT_READ | VM_PROT_EXECUTE));
|
||||
if (error = load_coff_section(vmspace, iparams->vnodep,
|
||||
if (error = load_coff_section(vmspace, imgp->vp,
|
||||
text_offset, (caddr_t)text_address,
|
||||
text_size, text_size,
|
||||
VM_PROT_READ | VM_PROT_EXECUTE)) {
|
||||
@ -434,10 +434,10 @@ exec_coff_imgact(iparams)
|
||||
|
||||
|
||||
DPRINTF(("%s(%d): load_coff_section(vmspace, "
|
||||
"iparams->vnodep, 0x%08lx, 0x%08lx, 0x%x, 0x%x, 0x%x)\n",
|
||||
"imgp->vp, 0x%08lx, 0x%08lx, 0x%x, 0x%x, 0x%x)\n",
|
||||
__FILE__, __LINE__, data_offset, data_address,
|
||||
data_size + bss_size, data_size, VM_PROT_ALL));
|
||||
if (error = load_coff_section(vmspace, iparams->vnodep,
|
||||
if (error = load_coff_section(vmspace, imgp->vp,
|
||||
data_offset, (caddr_t)data_address,
|
||||
data_size + bss_size, data_size,
|
||||
VM_PROT_ALL)) {
|
||||
@ -446,8 +446,8 @@ exec_coff_imgact(iparams)
|
||||
return error;
|
||||
}
|
||||
|
||||
iparams->interpreted = 0;
|
||||
iparams->proc->p_sysent = &ibcs2_svr3_sysvec;
|
||||
imgp->interpreted = 0;
|
||||
imgp->proc->p_sysent = &ibcs2_svr3_sysvec;
|
||||
|
||||
vmspace->vm_tsize = round_page(text_size) >> PAGE_SHIFT;
|
||||
vmspace->vm_dsize = round_page(data_size + bss_size) >> PAGE_SHIFT;
|
||||
@ -470,7 +470,7 @@ exec_coff_imgact(iparams)
|
||||
DPRINTF(("%s(%d): returning successfully!\n", __FILE__, __LINE__));
|
||||
|
||||
/* Indicate that this file should not be modified */
|
||||
iparams->vnodep->v_flag |= VTEXT;
|
||||
imgp->vp->v_flag |= VTEXT;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -28,7 +28,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $Id: imgact_linux.c,v 1.1 1995/06/25 17:32:32 sos Exp $
|
||||
* $Id: imgact_linux.c,v 1.2 1995/08/24 10:32:27 davidg Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -45,11 +45,11 @@
|
||||
#include <vm/vm_kern.h>
|
||||
|
||||
int
|
||||
exec_linux_imgact(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_linux_imgact(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
struct exec *a_out = (struct exec *) iparams->image_header;
|
||||
struct vmspace *vmspace = iparams->proc->p_vmspace;
|
||||
struct exec *a_out = (struct exec *) imgp->image_header;
|
||||
struct vmspace *vmspace = imgp->proc->p_vmspace;
|
||||
unsigned long vmaddr, virtual_offset, file_offset;
|
||||
unsigned long buffer, bss_size;
|
||||
int error;
|
||||
@ -84,24 +84,24 @@ exec_linux_imgact(iparams)
|
||||
return (-1);
|
||||
|
||||
/* text + data can't exceed file size */
|
||||
if (a_out->a_data + a_out->a_text > iparams->attr->va_size)
|
||||
if (a_out->a_data + a_out->a_text > imgp->attr->va_size)
|
||||
return (EFAULT);
|
||||
/*
|
||||
* text/data/bss must not exceed limits
|
||||
*/
|
||||
if (a_out->a_text > MAXTSIZ || a_out->a_data + bss_size > MAXDSIZ ||
|
||||
a_out->a_data+bss_size > iparams->proc->p_rlimit[RLIMIT_DATA].rlim_cur)
|
||||
a_out->a_data+bss_size > imgp->proc->p_rlimit[RLIMIT_DATA].rlim_cur)
|
||||
return (ENOMEM);
|
||||
|
||||
/* copy in arguments and/or environment from old process */
|
||||
error = exec_extract_strings(iparams);
|
||||
error = exec_extract_strings(imgp);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
/*
|
||||
* Destroy old process VM and create a new one (with a new stack)
|
||||
*/
|
||||
exec_new_vmspace(iparams);
|
||||
exec_new_vmspace(imgp);
|
||||
|
||||
/*
|
||||
* Check if file_offset page aligned,.
|
||||
@ -124,7 +124,7 @@ exec_linux_imgact(iparams)
|
||||
error = vm_mmap(kernel_map, &buffer,
|
||||
round_page(a_out->a_text + file_offset),
|
||||
VM_PROT_READ, VM_PROT_READ, MAP_FILE,
|
||||
(caddr_t) iparams->vnodep, trunc_page(file_offset));
|
||||
(caddr_t) imgp->vp, trunc_page(file_offset));
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
@ -153,7 +153,7 @@ exec_linux_imgact(iparams)
|
||||
error = vm_mmap(kernel_map, &buffer,
|
||||
round_page(a_out->a_data + file_offset),
|
||||
VM_PROT_READ, VM_PROT_READ, MAP_FILE,
|
||||
(caddr_t) iparams->vnodep,
|
||||
(caddr_t) imgp->vp,
|
||||
trunc_page(a_out->a_text + file_offset));
|
||||
if (error)
|
||||
return error;
|
||||
@ -185,7 +185,7 @@ exec_linux_imgact(iparams)
|
||||
VM_PROT_READ | VM_PROT_EXECUTE,
|
||||
VM_PROT_READ | VM_PROT_EXECUTE | VM_PROT_WRITE,
|
||||
MAP_PRIVATE | MAP_FIXED,
|
||||
(caddr_t)iparams->vnodep, file_offset);
|
||||
(caddr_t)imgp->vp, file_offset);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
@ -196,7 +196,7 @@ exec_linux_imgact(iparams)
|
||||
error = vm_mmap(&vmspace->vm_map, &vmaddr, a_out->a_data,
|
||||
VM_PROT_READ | VM_PROT_WRITE,
|
||||
VM_PROT_ALL, MAP_PRIVATE | MAP_FIXED,
|
||||
(caddr_t)iparams->vnodep, file_offset + a_out->a_text);
|
||||
(caddr_t)imgp->vp, file_offset + a_out->a_text);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
@ -211,7 +211,7 @@ exec_linux_imgact(iparams)
|
||||
return (error);
|
||||
}
|
||||
/* Indicate that this file should not be modified */
|
||||
iparams->vnodep->v_flag |= VTEXT;
|
||||
imgp->vp->v_flag |= VTEXT;
|
||||
}
|
||||
/* Fill in process VM information */
|
||||
vmspace->vm_tsize = round_page(a_out->a_text) >> PAGE_SHIFT;
|
||||
@ -220,10 +220,10 @@ exec_linux_imgact(iparams)
|
||||
vmspace->vm_daddr = (caddr_t)virtual_offset + a_out->a_text;
|
||||
|
||||
/* Fill in image_params */
|
||||
iparams->interpreted = 0;
|
||||
iparams->entry_addr = a_out->a_entry;
|
||||
imgp->interpreted = 0;
|
||||
imgp->entry_addr = a_out->a_entry;
|
||||
|
||||
iparams->proc->p_sysent = &linux_sysvec;
|
||||
imgp->proc->p_sysent = &linux_sysvec;
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
@ -25,7 +25,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $Id: linux_misc.c,v 1.1 1995/06/25 17:32:37 sos Exp $
|
||||
* $Id: linux_misc.c,v 1.2 1995/10/04 07:08:04 julian Exp $
|
||||
*/
|
||||
|
||||
#include <i386/linux/linux.h>
|
||||
@ -162,7 +162,7 @@ int
|
||||
linux_uselib(struct proc *p, struct linux_uselib_args *args, int *retval)
|
||||
{
|
||||
struct nameidata ni;
|
||||
struct vnode *vnodep;
|
||||
struct vnode *vp;
|
||||
struct exec *a_out = 0;
|
||||
struct vattr attr;
|
||||
unsigned long vmaddr, virtual_offset, file_offset;
|
||||
@ -192,46 +192,46 @@ linux_uselib(struct proc *p, struct linux_uselib_args *args, int *retval)
|
||||
if (error = namei(&ni))
|
||||
return error;
|
||||
|
||||
vnodep = ni.ni_vp;
|
||||
if (vnodep == NULL)
|
||||
vp = ni.ni_vp;
|
||||
if (vp == NULL)
|
||||
return ENOEXEC;
|
||||
|
||||
if (vnodep->v_writecount) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (vp->v_writecount) {
|
||||
VOP_UNLOCK(vp);
|
||||
return ETXTBSY;
|
||||
}
|
||||
|
||||
if (error = VOP_GETATTR(vnodep, &attr, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (error = VOP_GETATTR(vp, &attr, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vp);
|
||||
return error;
|
||||
}
|
||||
|
||||
if ((vnodep->v_mount->mnt_flag & MNT_NOEXEC)
|
||||
if ((vp->v_mount->mnt_flag & MNT_NOEXEC)
|
||||
|| ((attr.va_mode & 0111) == 0)
|
||||
|| (attr.va_type != VREG)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
VOP_UNLOCK(vp);
|
||||
return ENOEXEC;
|
||||
}
|
||||
|
||||
if (attr.va_size == 0) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
VOP_UNLOCK(vp);
|
||||
return ENOEXEC;
|
||||
}
|
||||
|
||||
if (error = VOP_ACCESS(vnodep, VEXEC, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vp);
|
||||
return error;
|
||||
}
|
||||
|
||||
if (error = VOP_OPEN(vnodep, FREAD, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vnodep);
|
||||
if (error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) {
|
||||
VOP_UNLOCK(vp);
|
||||
return error;
|
||||
}
|
||||
|
||||
VOP_UNLOCK(vnodep); /* lock no longer needed */
|
||||
VOP_UNLOCK(vp); /* lock no longer needed */
|
||||
|
||||
error = vm_mmap(kernel_map, (vm_offset_t *)&a_out, 1024,
|
||||
VM_PROT_READ, VM_PROT_READ, 0, (caddr_t)vnodep, 0);
|
||||
VM_PROT_READ, VM_PROT_READ, 0, (caddr_t)vp, 0);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
@ -257,7 +257,7 @@ linux_uselib(struct proc *p, struct linux_uselib_args *args, int *retval)
|
||||
return ENOEXEC;
|
||||
}
|
||||
|
||||
vnodep->v_flag |= VTEXT;
|
||||
vp->v_flag |= VTEXT;
|
||||
bss_size = round_page(a_out->a_bss);
|
||||
/*
|
||||
* Check if file_offset page aligned,.
|
||||
@ -280,7 +280,7 @@ printf("uselib: Non page aligned binary %d\n", file_offset);
|
||||
error = vm_mmap(kernel_map, &buffer,
|
||||
round_page(a_out->a_text + a_out->a_data + file_offset),
|
||||
VM_PROT_READ, VM_PROT_READ, MAP_FILE,
|
||||
(caddr_t)vnodep, trunc_page(file_offset));
|
||||
(caddr_t)vp, trunc_page(file_offset));
|
||||
if (error)
|
||||
return error;
|
||||
|
||||
@ -306,7 +306,7 @@ printf("uselib: Page aligned binary %d\n", file_offset);
|
||||
error = vm_mmap(&p->p_vmspace->vm_map, &vmaddr,
|
||||
a_out->a_text + a_out->a_data,
|
||||
VM_PROT_ALL, VM_PROT_ALL, MAP_PRIVATE | MAP_FIXED,
|
||||
(caddr_t)vnodep, file_offset);
|
||||
(caddr_t)vp, file_offset);
|
||||
if (error)
|
||||
return (error);
|
||||
}
|
||||
|
@ -25,7 +25,7 @@
|
||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*
|
||||
* $Id: linux_sysent.c,v 1.3 1995/06/08 13:50:52 sos Exp $
|
||||
* $Id: linux_sysent.c,v 1.1 1995/06/25 17:32:43 sos Exp $
|
||||
*/
|
||||
|
||||
#include <i386/linux/linux.h>
|
||||
@ -341,18 +341,18 @@ int linux_to_bsd_signal[LINUX_NSIG] = {
|
||||
SIGXCPU, SIGXFSZ, SIGVTALRM, SIGPROF, SIGWINCH, SIGURG, SIGURG, 0
|
||||
};
|
||||
|
||||
int linux_fixup(int **stack_base, struct image_params *iparams)
|
||||
int linux_fixup(int **stack_base, struct image_params *imgp)
|
||||
{
|
||||
int *argv, *envp;
|
||||
|
||||
argv = *stack_base;
|
||||
envp = *stack_base + (iparams->argc + 1);
|
||||
envp = *stack_base + (imgp->argc + 1);
|
||||
(*stack_base)--;
|
||||
**stack_base = (int)envp;
|
||||
(*stack_base)--;
|
||||
**stack_base = (int)argv;
|
||||
(*stack_base)--;
|
||||
**stack_base = (int)iparams->argc;
|
||||
**stack_base = (int)imgp->argc;
|
||||
}
|
||||
|
||||
struct sysentvec linux_sysvec = {
|
||||
|
@ -28,7 +28,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: imgact_aout.c,v 1.15 1995/08/24 10:32:36 davidg Exp $
|
||||
* $Id: imgact_aout.c,v 1.16 1995/09/08 13:24:32 davidg Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -44,11 +44,11 @@
|
||||
#include <vm/vm.h>
|
||||
|
||||
int
|
||||
exec_aout_imgact(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_aout_imgact(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
struct exec *a_out = (struct exec *) iparams->image_header;
|
||||
struct vmspace *vmspace = iparams->proc->p_vmspace;
|
||||
struct exec *a_out = (struct exec *) imgp->image_header;
|
||||
struct vmspace *vmspace = imgp->proc->p_vmspace;
|
||||
unsigned long vmaddr, virtual_offset, file_offset;
|
||||
unsigned long bss_size;
|
||||
int error;
|
||||
@ -111,7 +111,7 @@ exec_aout_imgact(iparams)
|
||||
return (-1);
|
||||
|
||||
/* text + data can't exceed file size */
|
||||
if (a_out->a_data + a_out->a_text > iparams->attr->va_size)
|
||||
if (a_out->a_data + a_out->a_text > imgp->attr->va_size)
|
||||
return (EFAULT);
|
||||
|
||||
/*
|
||||
@ -125,18 +125,18 @@ exec_aout_imgact(iparams)
|
||||
|
||||
/* data + bss can't exceed rlimit */
|
||||
a_out->a_data + bss_size >
|
||||
iparams->proc->p_rlimit[RLIMIT_DATA].rlim_cur)
|
||||
imgp->proc->p_rlimit[RLIMIT_DATA].rlim_cur)
|
||||
return (ENOMEM);
|
||||
|
||||
/* copy in arguments and/or environment from old process */
|
||||
error = exec_extract_strings(iparams);
|
||||
error = exec_extract_strings(imgp);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
/*
|
||||
* Destroy old process VM and create a new one (with a new stack)
|
||||
*/
|
||||
exec_new_vmspace(iparams);
|
||||
exec_new_vmspace(imgp);
|
||||
|
||||
/*
|
||||
* Map text read/execute
|
||||
@ -149,7 +149,7 @@ exec_aout_imgact(iparams)
|
||||
VM_PROT_READ | VM_PROT_EXECUTE, /* protection */
|
||||
VM_PROT_READ | VM_PROT_EXECUTE | VM_PROT_WRITE, /* max protection */
|
||||
MAP_PRIVATE | MAP_FIXED, /* flags */
|
||||
(caddr_t)iparams->vnodep, /* vnode */
|
||||
(caddr_t)imgp->vp, /* vnode */
|
||||
file_offset); /* offset */
|
||||
if (error)
|
||||
return (error);
|
||||
@ -165,7 +165,7 @@ exec_aout_imgact(iparams)
|
||||
a_out->a_data,
|
||||
VM_PROT_READ | VM_PROT_WRITE | (a_out->a_text ? 0 : VM_PROT_EXECUTE),
|
||||
VM_PROT_ALL, MAP_PRIVATE | MAP_FIXED,
|
||||
(caddr_t) iparams->vnodep,
|
||||
(caddr_t) imgp->vp,
|
||||
file_offset + a_out->a_text);
|
||||
if (error)
|
||||
return (error);
|
||||
@ -189,13 +189,13 @@ exec_aout_imgact(iparams)
|
||||
vmspace->vm_daddr = (caddr_t) virtual_offset + a_out->a_text;
|
||||
|
||||
/* Fill in image_params */
|
||||
iparams->interpreted = 0;
|
||||
iparams->entry_addr = a_out->a_entry;
|
||||
imgp->interpreted = 0;
|
||||
imgp->entry_addr = a_out->a_entry;
|
||||
|
||||
iparams->proc->p_sysent = &aout_sysvec;
|
||||
imgp->proc->p_sysent = &aout_sysvec;
|
||||
|
||||
/* Indicate that this file should not be modified */
|
||||
iparams->vnodep->v_flag |= VTEXT;
|
||||
imgp->vp->v_flag |= VTEXT;
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
@ -6,7 +6,7 @@
|
||||
* this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
|
||||
* ----------------------------------------------------------------------------
|
||||
*
|
||||
* $Id: imgact_gzip.c,v 1.13 1995/03/16 18:12:27 bde Exp $
|
||||
* $Id: imgact_gzip.c,v 1.14 1995/05/30 08:05:18 rgrimes Exp $
|
||||
*
|
||||
* This module handles execution of a.out files which have been run through
|
||||
* "gzip". This saves diskspace, but wastes cpu-cycles and VM.
|
||||
@ -53,11 +53,11 @@ static int do_aout_hdr __P((struct imgact_gzip *));
|
||||
static int Flush __P((void *vp, u_char *, u_long siz));
|
||||
|
||||
int
|
||||
exec_gzip_imgact(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_gzip_imgact(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
int error, error2 = 0;
|
||||
u_char *p = (u_char *) iparams->image_header;
|
||||
u_char *p = (u_char *) imgp->image_header;
|
||||
struct imgact_gzip igz;
|
||||
struct inflate infl;
|
||||
|
||||
@ -88,7 +88,7 @@ exec_gzip_imgact(iparams)
|
||||
infl.gz_input = NextByte;
|
||||
infl.gz_output = Flush;
|
||||
|
||||
igz.ip = iparams;
|
||||
igz.ip = imgp;
|
||||
igz.idx = 10;
|
||||
|
||||
if (p[3] & 0x08) { /* skip a filename */
|
||||
@ -299,7 +299,7 @@ NextByte(void *vp)
|
||||
VM_PROT_READ, /* protection */
|
||||
VM_PROT_READ, /* max protection */
|
||||
0, /* flags */
|
||||
(caddr_t) igz->ip->vnodep, /* vnode */
|
||||
(caddr_t) igz->ip->vp, /* vnode */
|
||||
igz->offset); /* offset */
|
||||
if (error) {
|
||||
igz->where = __LINE__;
|
||||
|
@ -28,7 +28,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: imgact_shell.c,v 1.7 1995/09/08 13:24:33 davidg Exp $
|
||||
* $Id: imgact_shell.c,v 1.8 1995/10/08 00:05:58 swallace Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -50,13 +50,13 @@
|
||||
|
||||
/*
|
||||
* Shell interpreter image activator. A interpreter name beginning
|
||||
* at iparams->stringbase is the minimal successful exit requirement.
|
||||
* at imgp->stringbase is the minimal successful exit requirement.
|
||||
*/
|
||||
int
|
||||
exec_shell_imgact(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_shell_imgact(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
const char *image_header = iparams->image_header;
|
||||
const char *image_header = imgp->image_header;
|
||||
const char *ihp, *line_endp;
|
||||
char *interp;
|
||||
|
||||
@ -68,10 +68,10 @@ exec_shell_imgact(iparams)
|
||||
* Don't allow a shell script to be the shell for a shell
|
||||
* script. :-)
|
||||
*/
|
||||
if (iparams->interpreted)
|
||||
if (imgp->interpreted)
|
||||
return(ENOEXEC);
|
||||
|
||||
iparams->interpreted = 1;
|
||||
imgp->interpreted = 1;
|
||||
|
||||
/*
|
||||
* Copy shell name and arguments from image_header into string
|
||||
@ -94,13 +94,13 @@ exec_shell_imgact(iparams)
|
||||
while ((*ihp == ' ') || (*ihp == '\t')) ihp++;
|
||||
|
||||
/* copy the interpreter name */
|
||||
interp = iparams->interpreter_name;
|
||||
interp = imgp->interpreter_name;
|
||||
while ((ihp < line_endp) && (*ihp != ' ') && (*ihp != '\t'))
|
||||
*interp++ = *ihp++;
|
||||
*interp = '\0';
|
||||
|
||||
/* Disallow a null interpreter filename */
|
||||
if (*iparams->interpreter_name == '\0')
|
||||
if (*imgp->interpreter_name == '\0')
|
||||
return(ENOEXEC);
|
||||
|
||||
/* reset for another pass */
|
||||
@ -118,19 +118,19 @@ exec_shell_imgact(iparams)
|
||||
* and the maximum shell command length is tiny.
|
||||
*/
|
||||
while ((ihp < line_endp) && (*ihp != ' ') && (*ihp != '\t')) {
|
||||
*iparams->stringp++ = *ihp++;
|
||||
iparams->stringspace--;
|
||||
*imgp->stringp++ = *ihp++;
|
||||
imgp->stringspace--;
|
||||
}
|
||||
|
||||
*iparams->stringp++ = 0;
|
||||
iparams->stringspace--;
|
||||
*imgp->stringp++ = 0;
|
||||
imgp->stringspace--;
|
||||
|
||||
iparams->argc++;
|
||||
imgp->argc++;
|
||||
}
|
||||
}
|
||||
|
||||
/* set argv[0] to point to original file name */
|
||||
suword(iparams->uap->argv, (int)iparams->uap->fname);
|
||||
suword(imgp->uap->argv, (int)imgp->uap->fname);
|
||||
|
||||
return(0);
|
||||
}
|
||||
|
@ -28,7 +28,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: kern_exec.c,v 1.23 1995/10/08 00:06:01 swallace Exp $
|
||||
* $Id: kern_exec.c,v 1.24 1995/10/21 08:38:11 davidg Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -80,40 +80,42 @@ execve(p, uap, retval)
|
||||
struct nameidata nd, *ndp;
|
||||
int *stack_base;
|
||||
int error, len, i;
|
||||
struct image_params image_params, *iparams;
|
||||
struct vnode *vnodep;
|
||||
struct image_params image_params, *imgp;
|
||||
struct vattr attr;
|
||||
char *image_header;
|
||||
|
||||
iparams = &image_params;
|
||||
bzero((caddr_t)iparams, sizeof(struct image_params));
|
||||
image_header = (char *)0;
|
||||
imgp = &image_params;
|
||||
|
||||
/*
|
||||
* Initialize a few constants in the common area
|
||||
* Initialize part of the common data
|
||||
*/
|
||||
iparams->proc = p;
|
||||
iparams->uap = uap;
|
||||
iparams->attr = &attr;
|
||||
imgp->proc = p;
|
||||
imgp->uap = uap;
|
||||
imgp->attr = &attr;
|
||||
imgp->image_header = NULL;
|
||||
imgp->argc = imgp->envc = 0;
|
||||
imgp->entry_addr = 0;
|
||||
imgp->vmspace_destroyed = 0;
|
||||
imgp->interpreted = 0;
|
||||
imgp->interpreter_name[0] = '\0';
|
||||
|
||||
/*
|
||||
* Allocate temporary demand zeroed space for argument and
|
||||
* environment strings
|
||||
*/
|
||||
iparams->stringbase = (char *)vm_map_min(exec_map);
|
||||
error = vm_map_find(exec_map, NULL, 0, (vm_offset_t *)&iparams->stringbase,
|
||||
imgp->stringbase = (char *)vm_map_min(exec_map);
|
||||
error = vm_map_find(exec_map, NULL, 0, (vm_offset_t *)&imgp->stringbase,
|
||||
ARG_MAX, TRUE);
|
||||
if (error) {
|
||||
log(LOG_WARNING, "execve: failed to allocate string space\n");
|
||||
return (error);
|
||||
}
|
||||
|
||||
if (!iparams->stringbase) {
|
||||
if (!imgp->stringbase) {
|
||||
error = ENOMEM;
|
||||
goto exec_fail;
|
||||
}
|
||||
iparams->stringp = iparams->stringbase;
|
||||
iparams->stringspace = ARG_MAX;
|
||||
imgp->stringp = imgp->stringbase;
|
||||
imgp->stringspace = ARG_MAX;
|
||||
|
||||
/*
|
||||
* Translate the file name. namei() returns a vnode pointer
|
||||
@ -127,14 +129,13 @@ execve(p, uap, retval)
|
||||
|
||||
error = namei(ndp);
|
||||
if (error) {
|
||||
vm_map_remove(exec_map, (vm_offset_t)iparams->stringbase,
|
||||
(vm_offset_t)iparams->stringbase + ARG_MAX);
|
||||
vm_map_remove(exec_map, (vm_offset_t)imgp->stringbase,
|
||||
(vm_offset_t)imgp->stringbase + ARG_MAX);
|
||||
goto exec_fail;
|
||||
}
|
||||
|
||||
iparams->vnodep = vnodep = ndp->ni_vp;
|
||||
|
||||
if (vnodep == NULL) {
|
||||
imgp->vp = ndp->ni_vp;
|
||||
if (imgp->vp == NULL) {
|
||||
error = ENOEXEC;
|
||||
goto exec_fail_dealloc;
|
||||
}
|
||||
@ -142,13 +143,13 @@ execve(p, uap, retval)
|
||||
/*
|
||||
* Check file permissions (also 'opens' file)
|
||||
*/
|
||||
error = exec_check_permissions(iparams);
|
||||
error = exec_check_permissions(imgp);
|
||||
|
||||
/*
|
||||
* Lose the lock on the vnode. It's no longer needed, and must not
|
||||
* exist for the pagefault paging to work below.
|
||||
*/
|
||||
VOP_UNLOCK(vnodep);
|
||||
VOP_UNLOCK(imgp->vp);
|
||||
|
||||
if (error)
|
||||
goto exec_fail_dealloc;
|
||||
@ -158,18 +159,17 @@ execve(p, uap, retval)
|
||||
* kernel address space
|
||||
*/
|
||||
error = vm_mmap(kernel_map, /* map */
|
||||
(vm_offset_t *)&image_header, /* address */
|
||||
(vm_offset_t *)&imgp->image_header, /* address */
|
||||
PAGE_SIZE, /* size */
|
||||
VM_PROT_READ, /* protection */
|
||||
VM_PROT_READ, /* max protection */
|
||||
0, /* flags */
|
||||
(caddr_t)vnodep, /* vnode */
|
||||
(caddr_t)imgp->vp, /* vnode */
|
||||
0); /* offset */
|
||||
if (error) {
|
||||
uprintf("mmap failed: %d\n",error);
|
||||
goto exec_fail_dealloc;
|
||||
}
|
||||
iparams->image_header = image_header;
|
||||
|
||||
/*
|
||||
* Loop through list of image activators, calling each one.
|
||||
@ -181,7 +181,7 @@ execve(p, uap, retval)
|
||||
*/
|
||||
for (i = 0; execsw[i]; ++i) {
|
||||
if (execsw[i]->ex_imgact)
|
||||
error = (*execsw[i]->ex_imgact)(iparams);
|
||||
error = (*execsw[i]->ex_imgact)(imgp);
|
||||
else
|
||||
continue;
|
||||
|
||||
@ -189,17 +189,17 @@ execve(p, uap, retval)
|
||||
continue;
|
||||
if (error)
|
||||
goto exec_fail_dealloc;
|
||||
if (iparams->interpreted) {
|
||||
if (imgp->interpreted) {
|
||||
/* free old vnode and name buffer */
|
||||
vrele(ndp->ni_vp);
|
||||
FREE(ndp->ni_cnd.cn_pnbuf, M_NAMEI);
|
||||
if (vm_map_remove(kernel_map, (vm_offset_t)image_header,
|
||||
(vm_offset_t)image_header + PAGE_SIZE))
|
||||
if (vm_map_remove(kernel_map, (vm_offset_t)imgp->image_header,
|
||||
(vm_offset_t)imgp->image_header + PAGE_SIZE))
|
||||
panic("execve: header dealloc failed (1)");
|
||||
|
||||
/* set new name to that of the interpreter */
|
||||
NDINIT(ndp, LOOKUP, LOCKLEAF | FOLLOW | SAVENAME,
|
||||
UIO_SYSSPACE, iparams->interpreter_name, p);
|
||||
UIO_SYSSPACE, imgp->interpreter_name, p);
|
||||
goto interpret;
|
||||
}
|
||||
break;
|
||||
@ -213,7 +213,7 @@ execve(p, uap, retval)
|
||||
/*
|
||||
* Copy out strings (args and env) and initialize stack base
|
||||
*/
|
||||
stack_base = exec_copyout_strings(iparams);
|
||||
stack_base = exec_copyout_strings(imgp);
|
||||
p->p_vmspace->vm_minsaddr = (char *)stack_base;
|
||||
|
||||
/*
|
||||
@ -222,9 +222,9 @@ execve(p, uap, retval)
|
||||
* Else stuff argument count as first item on stack
|
||||
*/
|
||||
if (p->p_sysent->sv_fixup)
|
||||
(*p->p_sysent->sv_fixup)(&stack_base, iparams);
|
||||
(*p->p_sysent->sv_fixup)(&stack_base, imgp);
|
||||
else
|
||||
suword(--stack_base, iparams->argc);
|
||||
suword(--stack_base, imgp->argc);
|
||||
|
||||
/* close files on exec */
|
||||
fdcloseexec(p);
|
||||
@ -247,32 +247,36 @@ execve(p, uap, retval)
|
||||
wakeup((caddr_t)p->p_pptr);
|
||||
}
|
||||
|
||||
/* implement set userid/groupid */
|
||||
p->p_flag &= ~P_SUGID;
|
||||
|
||||
/*
|
||||
* Turn off kernel tracing for set-id programs, except for
|
||||
* root.
|
||||
* Implement image setuid/setgid. Disallow if the process is
|
||||
* being traced.
|
||||
*/
|
||||
if (p->p_tracep && (attr.va_mode & (VSUID | VSGID)) &&
|
||||
suser(p->p_ucred, &p->p_acflag)) {
|
||||
p->p_traceflag = 0;
|
||||
vrele(p->p_tracep);
|
||||
p->p_tracep = 0;
|
||||
}
|
||||
if ((attr.va_mode & VSUID) && (p->p_flag & P_TRACED) == 0) {
|
||||
if ((attr.va_mode & (VSUID | VSGID)) &&
|
||||
(p->p_flag & P_TRACED) == 0) {
|
||||
/*
|
||||
* Turn off syscall tracing for set-id programs, except for
|
||||
* root.
|
||||
*/
|
||||
if (p->p_tracep && suser(p->p_ucred, &p->p_acflag)) {
|
||||
p->p_traceflag = 0;
|
||||
vrele(p->p_tracep);
|
||||
p->p_tracep = NULL;
|
||||
}
|
||||
/*
|
||||
* Set the new credentials.
|
||||
*/
|
||||
p->p_ucred = crcopy(p->p_ucred);
|
||||
p->p_ucred->cr_uid = attr.va_uid;
|
||||
p->p_flag |= P_SUGID;
|
||||
}
|
||||
if ((attr.va_mode & VSGID) && (p->p_flag & P_TRACED) == 0) {
|
||||
p->p_ucred = crcopy(p->p_ucred);
|
||||
p->p_ucred->cr_groups[0] = attr.va_gid;
|
||||
if (attr.va_mode & VSUID)
|
||||
p->p_ucred->cr_uid = attr.va_uid;
|
||||
if (attr.va_mode & VSGID)
|
||||
p->p_ucred->cr_groups[0] = attr.va_gid;
|
||||
p->p_flag |= P_SUGID;
|
||||
} else {
|
||||
p->p_flag &= ~P_SUGID;
|
||||
}
|
||||
|
||||
/*
|
||||
* Implement correct POSIX saved uid behavior.
|
||||
* Implement correct POSIX saved-id behavior.
|
||||
*/
|
||||
p->p_cred->p_svuid = p->p_ucred->cr_uid;
|
||||
p->p_cred->p_svgid = p->p_ucred->cr_gid;
|
||||
@ -296,16 +300,16 @@ execve(p, uap, retval)
|
||||
p->p_acflag &= ~AFORK;
|
||||
|
||||
/* Set entry address */
|
||||
setregs(p, iparams->entry_addr, (u_long)stack_base);
|
||||
setregs(p, imgp->entry_addr, (u_long)stack_base);
|
||||
|
||||
/*
|
||||
* free various allocated resources
|
||||
*/
|
||||
if (vm_map_remove(exec_map, (vm_offset_t)iparams->stringbase,
|
||||
(vm_offset_t)iparams->stringbase + ARG_MAX))
|
||||
if (vm_map_remove(exec_map, (vm_offset_t)imgp->stringbase,
|
||||
(vm_offset_t)imgp->stringbase + ARG_MAX))
|
||||
panic("execve: string buffer dealloc failed (1)");
|
||||
if (vm_map_remove(kernel_map, (vm_offset_t)image_header,
|
||||
(vm_offset_t)image_header + PAGE_SIZE))
|
||||
if (vm_map_remove(kernel_map, (vm_offset_t)imgp->image_header,
|
||||
(vm_offset_t)imgp->image_header + PAGE_SIZE))
|
||||
panic("execve: header dealloc failed (2)");
|
||||
vrele(ndp->ni_vp);
|
||||
FREE(ndp->ni_cnd.cn_pnbuf, M_NAMEI);
|
||||
@ -313,20 +317,20 @@ execve(p, uap, retval)
|
||||
return (0);
|
||||
|
||||
exec_fail_dealloc:
|
||||
if (iparams->stringbase && iparams->stringbase != (char *)-1)
|
||||
if (vm_map_remove(exec_map, (vm_offset_t)iparams->stringbase,
|
||||
(vm_offset_t)iparams->stringbase + ARG_MAX))
|
||||
if (imgp->stringbase && imgp->stringbase != (char *)-1)
|
||||
if (vm_map_remove(exec_map, (vm_offset_t)imgp->stringbase,
|
||||
(vm_offset_t)imgp->stringbase + ARG_MAX))
|
||||
panic("execve: string buffer dealloc failed (2)");
|
||||
if (iparams->image_header && iparams->image_header != (char *)-1)
|
||||
if (vm_map_remove(kernel_map, (vm_offset_t)image_header,
|
||||
(vm_offset_t)image_header + PAGE_SIZE))
|
||||
if (imgp->image_header && imgp->image_header != (char *)-1)
|
||||
if (vm_map_remove(kernel_map, (vm_offset_t)imgp->image_header,
|
||||
(vm_offset_t)imgp->image_header + PAGE_SIZE))
|
||||
panic("execve: header dealloc failed (3)");
|
||||
if (ndp->ni_vp)
|
||||
vrele(ndp->ni_vp);
|
||||
FREE(ndp->ni_cnd.cn_pnbuf, M_NAMEI);
|
||||
|
||||
exec_fail:
|
||||
if (iparams->vmspace_destroyed) {
|
||||
if (imgp->vmspace_destroyed) {
|
||||
/* sorry, no more process anymore. exit gracefully */
|
||||
exit1(p, W_EXITCODE(0, SIGABRT));
|
||||
/* NOT REACHED */
|
||||
@ -342,19 +346,19 @@ execve(p, uap, retval)
|
||||
* automatically in trap.c.
|
||||
*/
|
||||
int
|
||||
exec_new_vmspace(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_new_vmspace(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
int error;
|
||||
struct vmspace *vmspace = iparams->proc->p_vmspace;
|
||||
struct vmspace *vmspace = imgp->proc->p_vmspace;
|
||||
caddr_t stack_addr = (caddr_t) (USRSTACK - SGROWSIZ);
|
||||
|
||||
iparams->vmspace_destroyed = 1;
|
||||
imgp->vmspace_destroyed = 1;
|
||||
|
||||
/* Blow away entire process VM */
|
||||
#ifdef SYSVSHM
|
||||
if (vmspace->vm_shm)
|
||||
shmexit(iparams->proc);
|
||||
shmexit(imgp->proc);
|
||||
#endif
|
||||
vm_map_remove(&vmspace->vm_map, 0, USRSTACK);
|
||||
|
||||
@ -377,8 +381,8 @@ exec_new_vmspace(iparams)
|
||||
* address space into the temporary string buffer.
|
||||
*/
|
||||
int
|
||||
exec_extract_strings(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_extract_strings(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
char **argv, **envv;
|
||||
char *argp, *envp;
|
||||
@ -388,21 +392,21 @@ exec_extract_strings(iparams)
|
||||
* extract arguments first
|
||||
*/
|
||||
|
||||
argv = iparams->uap->argv;
|
||||
argv = imgp->uap->argv;
|
||||
|
||||
if (argv) {
|
||||
while ((argp = (caddr_t) fuword(argv++))) {
|
||||
if (argp == (caddr_t) -1)
|
||||
return (EFAULT);
|
||||
if ((error = copyinstr(argp, iparams->stringp,
|
||||
iparams->stringspace, &length))) {
|
||||
if ((error = copyinstr(argp, imgp->stringp,
|
||||
imgp->stringspace, &length))) {
|
||||
if (error == ENAMETOOLONG)
|
||||
return(E2BIG);
|
||||
return (error);
|
||||
}
|
||||
iparams->stringspace -= length;
|
||||
iparams->stringp += length;
|
||||
iparams->argc++;
|
||||
imgp->stringspace -= length;
|
||||
imgp->stringp += length;
|
||||
imgp->argc++;
|
||||
}
|
||||
}
|
||||
|
||||
@ -410,21 +414,21 @@ exec_extract_strings(iparams)
|
||||
* extract environment strings
|
||||
*/
|
||||
|
||||
envv = iparams->uap->envv;
|
||||
envv = imgp->uap->envv;
|
||||
|
||||
if (envv) {
|
||||
while ((envp = (caddr_t) fuword(envv++))) {
|
||||
if (envp == (caddr_t) -1)
|
||||
return (EFAULT);
|
||||
if ((error = copyinstr(envp, iparams->stringp,
|
||||
iparams->stringspace, &length))) {
|
||||
if ((error = copyinstr(envp, imgp->stringp,
|
||||
imgp->stringspace, &length))) {
|
||||
if (error == ENAMETOOLONG)
|
||||
return(E2BIG);
|
||||
return (error);
|
||||
}
|
||||
iparams->stringspace -= length;
|
||||
iparams->stringp += length;
|
||||
iparams->envc++;
|
||||
imgp->stringspace -= length;
|
||||
imgp->stringp += length;
|
||||
imgp->envc++;
|
||||
}
|
||||
}
|
||||
|
||||
@ -437,8 +441,8 @@ exec_extract_strings(iparams)
|
||||
* so that it can be used as the initial stack pointer.
|
||||
*/
|
||||
int *
|
||||
exec_copyout_strings(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_copyout_strings(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
int argc, envc;
|
||||
char **vectp;
|
||||
@ -450,27 +454,27 @@ exec_copyout_strings(iparams)
|
||||
* Calculate string base and vector table pointers.
|
||||
*/
|
||||
arginfo = PS_STRINGS;
|
||||
destp = (caddr_t)arginfo - roundup((ARG_MAX - iparams->stringspace), sizeof(char *));
|
||||
destp = (caddr_t)arginfo - roundup((ARG_MAX - imgp->stringspace), sizeof(char *));
|
||||
/*
|
||||
* The '+ 2' is for the null pointers at the end of each of the
|
||||
* arg and env vector sets
|
||||
*/
|
||||
vectp = (char **) (destp -
|
||||
(iparams->argc + iparams->envc + 2) * sizeof(char *));
|
||||
(imgp->argc + imgp->envc + 2) * sizeof(char *));
|
||||
|
||||
/*
|
||||
* vectp also becomes our initial stack base
|
||||
*/
|
||||
stack_base = (int *)vectp;
|
||||
|
||||
stringp = iparams->stringbase;
|
||||
argc = iparams->argc;
|
||||
envc = iparams->envc;
|
||||
stringp = imgp->stringbase;
|
||||
argc = imgp->argc;
|
||||
envc = imgp->envc;
|
||||
|
||||
/*
|
||||
* Copy out strings - arguments and environment.
|
||||
*/
|
||||
copyout(stringp, destp, ARG_MAX - iparams->stringspace);
|
||||
copyout(stringp, destp, ARG_MAX - imgp->stringspace);
|
||||
|
||||
/*
|
||||
* Fill in "ps_strings" struct for ps, w, etc.
|
||||
@ -515,24 +519,24 @@ exec_copyout_strings(iparams)
|
||||
* Return 0 for success or error code on failure.
|
||||
*/
|
||||
static int
|
||||
exec_check_permissions(iparams)
|
||||
struct image_params *iparams;
|
||||
exec_check_permissions(imgp)
|
||||
struct image_params *imgp;
|
||||
{
|
||||
struct proc *p = iparams->proc;
|
||||
struct vnode *vnodep = iparams->vnodep;
|
||||
struct vattr *attr = iparams->attr;
|
||||
struct proc *p = imgp->proc;
|
||||
struct vnode *vp = imgp->vp;
|
||||
struct vattr *attr = imgp->attr;
|
||||
int error;
|
||||
|
||||
/*
|
||||
* Check number of open-for-writes on the file and deny execution
|
||||
* if there are any.
|
||||
*/
|
||||
if (vnodep->v_writecount) {
|
||||
if (vp->v_writecount) {
|
||||
return (ETXTBSY);
|
||||
}
|
||||
|
||||
/* Get file attributes */
|
||||
error = VOP_GETATTR(vnodep, attr, p->p_ucred, p);
|
||||
error = VOP_GETATTR(vp, attr, p->p_ucred, p);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
@ -544,7 +548,7 @@ exec_check_permissions(iparams)
|
||||
* file really is executable.
|
||||
* 3) Insure that the file is a regular file.
|
||||
*/
|
||||
if ((vnodep->v_mount->mnt_flag & MNT_NOEXEC) ||
|
||||
if ((vp->v_mount->mnt_flag & MNT_NOEXEC) ||
|
||||
((attr->va_mode & 0111) == 0) ||
|
||||
(attr->va_type != VREG)) {
|
||||
return (EACCES);
|
||||
@ -560,7 +564,7 @@ exec_check_permissions(iparams)
|
||||
* Disable setuid/setgid if the filesystem prohibits it or if
|
||||
* the process is being traced.
|
||||
*/
|
||||
if ((vnodep->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED))
|
||||
if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED))
|
||||
attr->va_mode &= ~(VSUID | VSGID);
|
||||
|
||||
/*
|
||||
@ -568,11 +572,11 @@ exec_check_permissions(iparams)
|
||||
* Then call filesystem specific open routine (which does nothing
|
||||
* in the general case).
|
||||
*/
|
||||
error = VOP_ACCESS(vnodep, VEXEC, p->p_ucred, p);
|
||||
error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
error = VOP_OPEN(vnodep, FREAD, p->p_ucred, p);
|
||||
error = VOP_OPEN(vp, FREAD, p->p_ucred, p);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
|
@ -30,7 +30,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: imgact.h,v 1.8 1994/10/02 17:24:45 phk Exp $
|
||||
* $Id: imgact.h,v 1.9 1995/05/30 08:14:24 rgrimes Exp $
|
||||
*/
|
||||
|
||||
#ifndef _SYS_IMGACT_H_
|
||||
@ -43,7 +43,7 @@
|
||||
struct image_params {
|
||||
struct proc *proc; /* our process struct */
|
||||
struct execve_args *uap; /* syscall arguments */
|
||||
struct vnode *vnodep; /* pointer to vnode of file to exec */
|
||||
struct vnode *vp; /* pointer to vnode of file to exec */
|
||||
struct vattr *attr; /* attributes of file */
|
||||
const char *image_header; /* head of file to exec */
|
||||
char *stringbase; /* base address of tmp string storage */
|
||||
|
Loading…
Reference in New Issue
Block a user