1 /* $OpenBSD: kern_exec.c,v 1.92 2005/04/11 20:05:51 deraadt Exp $ */
2 /* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */
3
4 /*-
5 * Copyright (C) 1993, 1994 Christopher G. Demetriou
6 * Copyright (C) 1992 Wolfgang Solfrank.
7 * Copyright (C) 1992 TooLs GmbH.
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed by TooLs GmbH.
21 * 4. The name of TooLs GmbH may not be used to endorse or promote products
22 * derived from this software without specific prior written permission.
23 *
24 * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR
25 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27 * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
29 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
30 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
31 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
32 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35
36 #include <sys/param.h>
37 #include <sys/systm.h>
38 #include <sys/filedesc.h>
39 #include <sys/kernel.h>
40 #include <sys/proc.h>
41 #include <sys/mount.h>
42 #include <sys/malloc.h>
43 #include <sys/pool.h>
44 #include <sys/namei.h>
45 #include <sys/vnode.h>
46 #include <sys/file.h>
47 #include <sys/acct.h>
48 #include <sys/exec.h>
49 #include <sys/ktrace.h>
50 #include <sys/resourcevar.h>
51 #include <sys/wait.h>
52 #include <sys/mman.h>
53 #include <sys/signalvar.h>
54 #include <sys/stat.h>
55 #include <sys/conf.h>
56 #ifdef SYSVSHM
57 #include <sys/shm.h>
58 #endif
59
60 #include <sys/syscallargs.h>
61
62 #include <uvm/uvm_extern.h>
63
64 #include <machine/cpu.h>
65 #include <machine/reg.h>
66
67 #include <dev/rndvar.h>
68
69 #include "systrace.h"
70
71 #if NSYSTRACE > 0
72 #include <dev/systrace.h>
73 #endif
74
75 /*
76 * Map the shared signal code.
77 */
78 int exec_sigcode_map(struct proc *, struct emul *);
79
80 /*
81 * stackgap_random specifies if the stackgap should have a random size added
82 * to it. Must be a n^2. If non-zero, the stack gap will be calculated as:
83 * (arc4random() * ALIGNBYTES) & (stackgap_random - 1) + STACKGAPLEN.
84 */
85 int stackgap_random = 64*1024;
86
87 /*
88 * check exec:
89 * given an "executable" described in the exec package's namei info,
90 * see what we can do with it.
91 *
92 * ON ENTRY:
93 * exec package with appropriate namei info
94 * proc pointer of exec'ing proc
95 * NO SELF-LOCKED VNODES
96 *
97 * ON EXIT:
98 * error: nothing held, etc. exec header still allocated.
99 * ok: filled exec package, one locked vnode.
100 *
101 * EXEC SWITCH ENTRY:
102 * Locked vnode to check, exec package, proc.
103 *
104 * EXEC SWITCH EXIT:
105 * ok: return 0, filled exec package, one locked vnode.
106 * error: destructive:
107 * everything deallocated execept exec header.
108 * non-destructive:
109 * error code, locked vnode, exec header unmodified
110 */
111 int
check_exec(p,epp)112 check_exec(p, epp)
113 struct proc *p;
114 struct exec_package *epp;
115 {
116 int error, i;
117 struct vnode *vp;
118 struct nameidata *ndp;
119 size_t resid;
120
121 ndp = epp->ep_ndp;
122 ndp->ni_cnd.cn_nameiop = LOOKUP;
123 ndp->ni_cnd.cn_flags = FOLLOW | LOCKLEAF | SAVENAME;
124 /* first get the vnode */
125 if ((error = namei(ndp)) != 0)
126 return (error);
127 epp->ep_vp = vp = ndp->ni_vp;
128
129 /* check for regular file */
130 if (vp->v_type == VDIR) {
131 error = EISDIR;
132 goto bad1;
133 }
134 if (vp->v_type != VREG) {
135 error = EACCES;
136 goto bad1;
137 }
138
139 /* get attributes */
140 if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, p)) != 0)
141 goto bad1;
142
143 /* Check mount point */
144 if (vp->v_mount->mnt_flag & MNT_NOEXEC) {
145 error = EACCES;
146 goto bad1;
147 }
148
149 if ((vp->v_mount->mnt_flag & MNT_NOSUID))
150 epp->ep_vap->va_mode &= ~(VSUID | VSGID);
151
152 /* check access. for root we have to see if any exec bit on */
153 if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0)
154 goto bad1;
155 if ((epp->ep_vap->va_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) {
156 error = EACCES;
157 goto bad1;
158 }
159
160 /* try to open it */
161 if ((error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) != 0)
162 goto bad1;
163
164 /* unlock vp, we need it unlocked from here */
165 VOP_UNLOCK(vp, 0, p);
166
167 /* now we have the file, get the exec header */
168 error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0,
169 UIO_SYSSPACE, 0, p->p_ucred, &resid, p);
170 if (error)
171 goto bad2;
172 epp->ep_hdrvalid = epp->ep_hdrlen - resid;
173
174 /*
175 * set up the vmcmds for creation of the process
176 * address space
177 */
178 error = ENOEXEC;
179 for (i = 0; i < nexecs && error != 0; i++) {
180 int newerror;
181
182 if (execsw[i].es_check == NULL)
183 continue;
184 newerror = (*execsw[i].es_check)(p, epp);
185 if (!newerror && !(epp->ep_emul->e_flags & EMUL_ENABLED))
186 newerror = EPERM;
187 /* make sure the first "interesting" error code is saved. */
188 if (!newerror || error == ENOEXEC)
189 error = newerror;
190 if (epp->ep_flags & EXEC_DESTR && error != 0)
191 return (error);
192 }
193 if (!error) {
194 /* check that entry point is sane */
195 if (epp->ep_entry > VM_MAXUSER_ADDRESS) {
196 error = ENOEXEC;
197 }
198
199 /* check limits */
200 if ((epp->ep_tsize > MAXTSIZ) ||
201 (epp->ep_dsize > p->p_rlimit[RLIMIT_DATA].rlim_cur))
202 error = ENOMEM;
203
204 if (!error)
205 return (0);
206 }
207
208 /*
209 * free any vmspace-creation commands,
210 * and release their references
211 */
212 kill_vmcmds(&epp->ep_vmcmds);
213
214 bad2:
215 /*
216 * close the vnode, free the pathname buf, and punt.
217 */
218 vn_close(vp, FREAD, p->p_ucred, p);
219 pool_put(&namei_pool, ndp->ni_cnd.cn_pnbuf);
220 return (error);
221
222 bad1:
223 /*
224 * free the namei pathname buffer, and put the vnode
225 * (which we don't yet have open).
226 */
227 pool_put(&namei_pool, ndp->ni_cnd.cn_pnbuf);
228 vput(vp);
229 return (error);
230 }
231
232 /*
233 * exec system call
234 */
235 /* ARGSUSED */
236 int
sys_execve(p,v,retval)237 sys_execve(p, v, retval)
238 register struct proc *p;
239 void *v;
240 register_t *retval;
241 {
242 struct sys_execve_args /* {
243 syscallarg(const char *) path;
244 syscallarg(char *const *) argp;
245 syscallarg(char *const *) envp;
246 } */ *uap = v;
247 int error;
248 struct exec_package pack;
249 struct nameidata nid;
250 struct vattr attr;
251 struct ucred *cred = p->p_ucred;
252 char *argp;
253 char * const *cpp, *dp, *sp;
254 long argc, envc;
255 size_t len, sgap;
256 #ifdef MACHINE_STACK_GROWS_UP
257 size_t slen;
258 #endif
259 char *stack;
260 struct ps_strings arginfo;
261 struct vmspace *vm = p->p_vmspace;
262 char **tmpfap;
263 extern struct emul emul_native;
264 #if NSYSTRACE > 0
265 int wassugid =
266 ISSET(p->p_flag, P_SUGID) || ISSET(p->p_flag, P_SUGIDEXEC);
267 char pathbuf[MAXPATHLEN];
268 size_t pathbuflen;
269 #endif
270
271 /*
272 * Cheap solution to complicated problems.
273 * Mark this process as "leave me alone, I'm execing".
274 */
275 p->p_flag |= P_INEXEC;
276
277 #if NSYSTRACE > 0
278 if (ISSET(p->p_flag, P_SYSTRACE))
279 systrace_execve0(p);
280
281 error = copyinstr(SCARG(uap, path), pathbuf, MAXPATHLEN, &pathbuflen);
282 if (error != 0)
283 goto clrflag;
284
285 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_SYSSPACE, pathbuf, p);
286 #else
287 /* init the namei data to point the file user's program name */
288 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), p);
289 #endif
290
291 /*
292 * initialize the fields of the exec package.
293 */
294 #if NSYSTRACE > 0
295 pack.ep_name = pathbuf;
296 #else
297 pack.ep_name = (char *)SCARG(uap, path);
298 #endif
299 pack.ep_hdr = malloc(exec_maxhdrsz, M_EXEC, M_WAITOK);
300 pack.ep_hdrlen = exec_maxhdrsz;
301 pack.ep_hdrvalid = 0;
302 pack.ep_ndp = &nid;
303 pack.ep_interp = NULL;
304 pack.ep_emul_arg = NULL;
305 VMCMDSET_INIT(&pack.ep_vmcmds);
306 pack.ep_vap = &attr;
307 pack.ep_emul = &emul_native;
308 pack.ep_flags = 0;
309
310 /* see if we can run it. */
311 if ((error = check_exec(p, &pack)) != 0) {
312 goto freehdr;
313 }
314
315 /* XXX -- THE FOLLOWING SECTION NEEDS MAJOR CLEANUP */
316
317 /* allocate an argument buffer */
318 argp = (char *) uvm_km_valloc_wait(exec_map, NCARGS);
319 #ifdef DIAGNOSTIC
320 if (argp == NULL)
321 panic("execve: argp == NULL");
322 #endif
323 dp = argp;
324 argc = 0;
325
326 /* copy the fake args list, if there's one, freeing it as we go */
327 if (pack.ep_flags & EXEC_HASARGL) {
328 tmpfap = pack.ep_fa;
329 while (*tmpfap != NULL) {
330 char *cp;
331
332 cp = *tmpfap;
333 while (*cp)
334 *dp++ = *cp++;
335 dp++;
336
337 free(*tmpfap, M_EXEC);
338 tmpfap++; argc++;
339 }
340 FREE(pack.ep_fa, M_EXEC);
341 pack.ep_flags &= ~EXEC_HASARGL;
342 }
343
344 /* Now get argv & environment */
345 if (!(cpp = SCARG(uap, argp))) {
346 error = EFAULT;
347 goto bad;
348 }
349
350 if (pack.ep_flags & EXEC_SKIPARG)
351 cpp++;
352
353 while (1) {
354 len = argp + ARG_MAX - dp;
355 if ((error = copyin(cpp, &sp, sizeof(sp))) != 0)
356 goto bad;
357 if (!sp)
358 break;
359 if ((error = copyinstr(sp, dp, len, &len)) != 0) {
360 if (error == ENAMETOOLONG)
361 error = E2BIG;
362 goto bad;
363 }
364 dp += len;
365 cpp++;
366 argc++;
367 }
368
369 envc = 0;
370 /* environment does not need to be there */
371 if ((cpp = SCARG(uap, envp)) != NULL ) {
372 while (1) {
373 len = argp + ARG_MAX - dp;
374 if ((error = copyin(cpp, &sp, sizeof(sp))) != 0)
375 goto bad;
376 if (!sp)
377 break;
378 if ((error = copyinstr(sp, dp, len, &len)) != 0) {
379 if (error == ENAMETOOLONG)
380 error = E2BIG;
381 goto bad;
382 }
383 dp += len;
384 cpp++;
385 envc++;
386 }
387 }
388
389 rnd_lopool_addh(argp, dp - argp);
390 dp = (char *)ALIGN(dp);
391
392 sgap = STACKGAPLEN;
393 if (stackgap_random != 0)
394 sgap += (arc4random() * ALIGNBYTES) & (stackgap_random - 1);
395 /* Now check if args & environ fit into new stack */
396 len = ((argc + envc + 2 + pack.ep_emul->e_arglen) * sizeof(char *) +
397 sizeof(long) + dp + sgap + sizeof(struct ps_strings)) - argp;
398
399 len = ALIGN(len); /* make the stack "safely" aligned */
400
401 if (len > pack.ep_ssize) { /* in effect, compare to initial limit */
402 error = ENOMEM;
403 goto bad;
404 }
405
406 /* adjust "active stack depth" for process VSZ */
407 pack.ep_ssize = len; /* maybe should go elsewhere, but... */
408
409 /*
410 * Prepare vmspace for remapping. Note that uvmspace_exec can replace
411 * p_vmspace!
412 */
413 uvmspace_exec(p, VM_MIN_ADDRESS, VM_MAXUSER_ADDRESS);
414
415 vm = p->p_vmspace;
416 /* Now map address space */
417 vm->vm_taddr = (char *)pack.ep_taddr;
418 vm->vm_tsize = btoc(pack.ep_tsize);
419 vm->vm_daddr = (char *)pack.ep_daddr;
420 vm->vm_dsize = btoc(pack.ep_dsize);
421 vm->vm_ssize = btoc(pack.ep_ssize);
422 vm->vm_maxsaddr = (char *)pack.ep_maxsaddr;
423 vm->vm_minsaddr = (char *)pack.ep_minsaddr;
424
425 /* create the new process's VM space by running the vmcmds */
426 #ifdef DIAGNOSTIC
427 if (pack.ep_vmcmds.evs_used == 0)
428 panic("execve: no vmcmds");
429 #endif
430 error = exec_process_vmcmds(p, &pack);
431
432 /* if an error happened, deallocate and punt */
433 if (error)
434 goto exec_abort;
435
436 /* remember information about the process */
437 arginfo.ps_nargvstr = argc;
438 arginfo.ps_nenvstr = envc;
439
440 #ifdef MACHINE_STACK_GROWS_UP
441 stack = (char *)USRSTACK + sizeof(arginfo);
442 slen = len - sizeof(arginfo);
443 #else
444 stack = (char *)(USRSTACK - len);
445 #endif
446 /* Now copy argc, args & environ to new stack */
447 if (!(*pack.ep_emul->e_copyargs)(&pack, &arginfo, stack, argp))
448 goto exec_abort;
449
450 /* copy out the process's ps_strings structure */
451 if (copyout(&arginfo, (char *)PS_STRINGS, sizeof(arginfo)))
452 goto exec_abort;
453
454 stopprofclock(p); /* stop profiling */
455 fdcloseexec(p); /* handle close on exec */
456 execsigs(p); /* reset catched signals */
457
458 /* set command name & other accounting info */
459 len = min(nid.ni_cnd.cn_namelen, MAXCOMLEN);
460 bcopy(nid.ni_cnd.cn_nameptr, p->p_comm, len);
461 p->p_comm[len] = 0;
462 p->p_acflag &= ~AFORK;
463
464 /* record proc's vnode, for use by procfs and others */
465 if (p->p_textvp)
466 vrele(p->p_textvp);
467 VREF(pack.ep_vp);
468 p->p_textvp = pack.ep_vp;
469
470 p->p_flag |= P_EXEC;
471 if (p->p_flag & P_PPWAIT) {
472 p->p_flag &= ~P_PPWAIT;
473 wakeup((caddr_t)p->p_pptr);
474 }
475
476 /*
477 * If process does execve() while it has a mismatched real,
478 * effective, or saved uid/gid, we set P_SUGIDEXEC.
479 */
480 if (p->p_ucred->cr_uid != p->p_cred->p_ruid ||
481 p->p_ucred->cr_uid != p->p_cred->p_svuid ||
482 p->p_ucred->cr_gid != p->p_cred->p_rgid ||
483 p->p_ucred->cr_gid != p->p_cred->p_svgid)
484 p->p_flag |= P_SUGIDEXEC;
485 else
486 p->p_flag &= ~P_SUGIDEXEC;
487
488 /*
489 * deal with set[ug]id.
490 * MNT_NOEXEC has already been used to disable s[ug]id.
491 */
492 if ((attr.va_mode & (VSUID | VSGID)) && proc_cansugid(p)) {
493 int i;
494
495 p->p_flag |= P_SUGID;
496 p->p_flag |= P_SUGIDEXEC;
497
498 #ifdef KTRACE
499 /*
500 * If process is being ktraced, turn off - unless
501 * root set it.
502 */
503 if (p->p_tracep && !(p->p_traceflag & KTRFAC_ROOT)) {
504 p->p_traceflag = 0;
505 ktrsettracevnode(p, NULL);
506 }
507 #endif
508 p->p_ucred = crcopy(cred);
509 if (attr.va_mode & VSUID)
510 p->p_ucred->cr_uid = attr.va_uid;
511 if (attr.va_mode & VSGID)
512 p->p_ucred->cr_gid = attr.va_gid;
513
514 /*
515 * For set[ug]id processes, a few caveats apply to
516 * stdin, stdout, and stderr.
517 */
518 for (i = 0; i < 3; i++) {
519 struct file *fp = NULL;
520
521 /*
522 * NOTE - This will never return NULL because of
523 * unmature fds. The file descriptor table is not
524 * shared because we're suid.
525 */
526 fp = fd_getfile(p->p_fd, i);
527 #ifdef PROCFS
528 /*
529 * Close descriptors that are writing to procfs.
530 */
531 if (fp && fp->f_type == DTYPE_VNODE &&
532 ((struct vnode *)(fp->f_data))->v_tag == VT_PROCFS &&
533 (fp->f_flag & FWRITE)) {
534 fdrelease(p, i);
535 fp = NULL;
536 }
537 #endif
538
539 /*
540 * Ensure that stdin, stdout, and stderr are already
541 * allocated. We do not want userland to accidentally
542 * allocate descriptors in this range which has implied
543 * meaning to libc.
544 */
545 if (fp == NULL) {
546 short flags = FREAD | (i == 0 ? 0 : FWRITE);
547 struct vnode *vp;
548 int indx;
549
550 if ((error = falloc(p, &fp, &indx)) != 0)
551 goto exec_abort;
552 #ifdef DIAGNOSTIC
553 if (indx != i)
554 panic("sys_execve: falloc indx != i");
555 #endif
556 if ((error = cdevvp(getnulldev(), &vp)) != 0) {
557 fdremove(p->p_fd, indx);
558 closef(fp, p);
559 goto exec_abort;
560 }
561 if ((error = VOP_OPEN(vp, flags, p->p_ucred, p)) != 0) {
562 fdremove(p->p_fd, indx);
563 closef(fp, p);
564 vrele(vp);
565 goto exec_abort;
566 }
567 if (flags & FWRITE)
568 vp->v_writecount++;
569 fp->f_flag = flags;
570 fp->f_type = DTYPE_VNODE;
571 fp->f_ops = &vnops;
572 fp->f_data = (caddr_t)vp;
573 FILE_SET_MATURE(fp);
574 }
575 }
576 } else
577 p->p_flag &= ~P_SUGID;
578 p->p_cred->p_svuid = p->p_ucred->cr_uid;
579 p->p_cred->p_svgid = p->p_ucred->cr_gid;
580
581 if (p->p_flag & P_SUGIDEXEC) {
582 int i, s = splclock();
583
584 timeout_del(&p->p_realit_to);
585 timerclear(&p->p_realtimer.it_interval);
586 timerclear(&p->p_realtimer.it_value);
587 for (i = 0; i < sizeof(p->p_stats->p_timer) /
588 sizeof(p->p_stats->p_timer[0]); i++) {
589 timerclear(&p->p_stats->p_timer[i].it_interval);
590 timerclear(&p->p_stats->p_timer[i].it_value);
591 }
592 splx(s);
593 }
594
595 uvm_km_free_wakeup(exec_map, (vaddr_t) argp, NCARGS);
596
597 pool_put(&namei_pool, nid.ni_cnd.cn_pnbuf);
598 vn_close(pack.ep_vp, FREAD, cred, p);
599
600 /*
601 * notify others that we exec'd
602 */
603 KNOTE(&p->p_klist, NOTE_EXEC);
604
605 /* setup new registers and do misc. setup. */
606 if (pack.ep_emul->e_fixup != NULL) {
607 if ((*pack.ep_emul->e_fixup)(p, &pack) != 0)
608 goto free_pack_abort;
609 }
610 #ifdef MACHINE_STACK_GROWS_UP
611 (*pack.ep_emul->e_setregs)(p, &pack, (u_long)stack + slen, retval);
612 #else
613 (*pack.ep_emul->e_setregs)(p, &pack, (u_long)stack, retval);
614 #endif
615
616 /* map the process's signal trampoline code */
617 if (exec_sigcode_map(p, pack.ep_emul))
618 goto free_pack_abort;
619
620 if (p->p_flag & P_TRACED)
621 psignal(p, SIGTRAP);
622
623 free(pack.ep_hdr, M_EXEC);
624
625 /*
626 * Call emulation specific exec hook. This can setup per-process
627 * p->p_emuldata or do any other per-process stuff an emulation needs.
628 *
629 * If we are executing process of different emulation than the
630 * original forked process, call e_proc_exit() of the old emulation
631 * first, then e_proc_exec() of new emulation. If the emulation is
632 * same, the exec hook code should deallocate any old emulation
633 * resources held previously by this process.
634 */
635 if (p->p_emul && p->p_emul->e_proc_exit &&
636 p->p_emul != pack.ep_emul)
637 (*p->p_emul->e_proc_exit)(p);
638
639 p->p_descfd = 255;
640 if ((pack.ep_flags & EXEC_HASFD) && pack.ep_fd < 255)
641 p->p_descfd = pack.ep_fd;
642
643 /*
644 * Call exec hook. Emulation code may NOT store reference to anything
645 * from &pack.
646 */
647 if (pack.ep_emul->e_proc_exec)
648 (*pack.ep_emul->e_proc_exec)(p, &pack);
649
650 /* update p_emul, the old value is no longer needed */
651 p->p_emul = pack.ep_emul;
652
653 #ifdef KTRACE
654 if (KTRPOINT(p, KTR_EMUL))
655 ktremul(p, p->p_emul->e_name);
656 #endif
657
658 p->p_flag &= ~P_INEXEC;
659
660 #if NSYSTRACE > 0
661 if (ISSET(p->p_flag, P_SYSTRACE) &&
662 wassugid && !ISSET(p->p_flag, P_SUGID) &&
663 !ISSET(p->p_flag, P_SUGIDEXEC))
664 systrace_execve1(pathbuf, p);
665 #endif
666
667 return (0);
668
669 bad:
670 /* free the vmspace-creation commands, and release their references */
671 kill_vmcmds(&pack.ep_vmcmds);
672 /* kill any opened file descriptor, if necessary */
673 if (pack.ep_flags & EXEC_HASFD) {
674 pack.ep_flags &= ~EXEC_HASFD;
675 (void) fdrelease(p, pack.ep_fd);
676 }
677 if (pack.ep_interp != NULL)
678 FREE(pack.ep_interp, M_TEMP);
679 if (pack.ep_emul_arg != NULL)
680 FREE(pack.ep_emul_arg, M_TEMP);
681 /* close and put the exec'd file */
682 vn_close(pack.ep_vp, FREAD, cred, p);
683 pool_put(&namei_pool, nid.ni_cnd.cn_pnbuf);
684 uvm_km_free_wakeup(exec_map, (vaddr_t) argp, NCARGS);
685
686 freehdr:
687 free(pack.ep_hdr, M_EXEC);
688 #if NSYSTRACE > 0
689 clrflag:
690 #endif
691 p->p_flag &= ~P_INEXEC;
692 return (error);
693
694 exec_abort:
695 /*
696 * the old process doesn't exist anymore. exit gracefully.
697 * get rid of the (new) address space we have created, if any, get rid
698 * of our namei data and vnode, and exit noting failure
699 */
700 uvm_deallocate(&vm->vm_map, VM_MIN_ADDRESS,
701 VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS);
702 if (pack.ep_interp != NULL)
703 FREE(pack.ep_interp, M_TEMP);
704 if (pack.ep_emul_arg != NULL)
705 FREE(pack.ep_emul_arg, M_TEMP);
706 pool_put(&namei_pool, nid.ni_cnd.cn_pnbuf);
707 vn_close(pack.ep_vp, FREAD, cred, p);
708 uvm_km_free_wakeup(exec_map, (vaddr_t) argp, NCARGS);
709
710 free_pack_abort:
711 free(pack.ep_hdr, M_EXEC);
712 exit1(p, W_EXITCODE(0, SIGABRT));
713
714 /* NOTREACHED */
715 p->p_flag &= ~P_INEXEC;
716 return (0);
717 }
718
719
720 void *
copyargs(pack,arginfo,stack,argp)721 copyargs(pack, arginfo, stack, argp)
722 struct exec_package *pack;
723 struct ps_strings *arginfo;
724 void *stack;
725 void *argp;
726 {
727 char **cpp = stack;
728 char *dp, *sp;
729 size_t len;
730 void *nullp = NULL;
731 long argc = arginfo->ps_nargvstr;
732 int envc = arginfo->ps_nenvstr;
733
734 if (copyout(&argc, cpp++, sizeof(argc)))
735 return (NULL);
736
737 dp = (char *) (cpp + argc + envc + 2 + pack->ep_emul->e_arglen);
738 sp = argp;
739
740 /* XXX don't copy them out, remap them! */
741 arginfo->ps_argvstr = cpp; /* remember location of argv for later */
742
743 for (; --argc >= 0; sp += len, dp += len)
744 if (copyout(&dp, cpp++, sizeof(dp)) ||
745 copyoutstr(sp, dp, ARG_MAX, &len))
746 return (NULL);
747
748 if (copyout(&nullp, cpp++, sizeof(nullp)))
749 return (NULL);
750
751 arginfo->ps_envstr = cpp; /* remember location of envp for later */
752
753 for (; --envc >= 0; sp += len, dp += len)
754 if (copyout(&dp, cpp++, sizeof(dp)) ||
755 copyoutstr(sp, dp, ARG_MAX, &len))
756 return (NULL);
757
758 if (copyout(&nullp, cpp++, sizeof(nullp)))
759 return (NULL);
760
761 return (cpp);
762 }
763
764 int
exec_sigcode_map(struct proc * p,struct emul * e)765 exec_sigcode_map(struct proc *p, struct emul *e)
766 {
767 vsize_t sz;
768
769 sz = (vaddr_t)e->e_esigcode - (vaddr_t)e->e_sigcode;
770
771 /*
772 * If we don't have a sigobject for this emulation, create one.
773 *
774 * sigobject is an anonymous memory object (just like SYSV shared
775 * memory) that we keep a permanent reference to and that we map
776 * in all processes that need this sigcode. The creation is simple,
777 * we create an object, add a permanent reference to it, map it in
778 * kernel space, copy out the sigcode to it and unmap it.
779 * Then we map it with PROT_READ|PROT_EXEC into the process just
780 * the way sys_mmap would map it.
781 */
782 if (e->e_sigobject == NULL) {
783 vaddr_t va;
784 int r;
785
786 e->e_sigobject = uao_create(sz, 0);
787 uao_reference(e->e_sigobject); /* permanent reference */
788
789 va = vm_map_min(kernel_map); /* hint */
790 if ((r = uvm_map(kernel_map, &va, round_page(sz), e->e_sigobject,
791 0, 0, UVM_MAPFLAG(UVM_PROT_RW, UVM_PROT_RW,
792 UVM_INH_SHARE, UVM_ADV_RANDOM, 0)))) {
793 printf("kernel mapping failed %d\n", r);
794 uao_detach(e->e_sigobject);
795 return (ENOMEM);
796 }
797 memcpy((void *)va, e->e_sigcode, sz);
798 uvm_unmap(kernel_map, va, va + round_page(sz));
799 }
800
801 /* Just a hint to uvm_mmap where to put it. */
802 p->p_sigcode = uvm_map_hint(p, VM_PROT_READ|VM_PROT_EXECUTE);
803 uao_reference(e->e_sigobject);
804 if (uvm_map(&p->p_vmspace->vm_map, &p->p_sigcode, round_page(sz),
805 e->e_sigobject, 0, 0, UVM_MAPFLAG(UVM_PROT_RX, UVM_PROT_RX,
806 UVM_INH_SHARE, UVM_ADV_RANDOM, 0))) {
807 printf("user mapping failed\n");
808 uao_detach(e->e_sigobject);
809 return (ENOMEM);
810 }
811
812 return (0);
813 }
814