Home | History | Annotate | Download | only in common
History log of /src/sys/compat/linux32/common/linux32_exec_elf32.c
RevisionDateAuthorComments
 1.23  26-Nov-2021  ryo - LINUX_GO_RT0_SIGNATURE for compat_linux is no longer enabled by default.
it is now defined in each arch same as the other *_SIGNATURE definitions.
- add new LINUX32_GO_RT0_SIGNATURE for compat_linux32, and is defined in amd64 and aarch64.
 1.22  25-Nov-2021  ryo add support COMPAT_LINUX32 for aarch64
 1.21  25-Nov-2021  ryo Extra arguments for AT_HWCAP and AT_PLATFORM are now passed when executing linux32 binaries.

AT_SYSINFO (vsyscall) feature seems to be broken, so leave it commented out.
 1.20  07-Sep-2021  riastradh sys/compat: Memset zero before copyout.

Just in case of uninitialized padding which would lead to kernel
stack disclosure. If the compiler can prove the memset redundant
then it can optimize it away; otherwise better safe than sorry.
 1.19  06-Aug-2016  maxv branches: 1.19.8; 1.19.20;
The way the kernel tries to prevent a userland process from allocating page
zero is hugely flawed. It is easy to demonstrate that one can trick UVM
into chosing a NULL hint after the user_va0_disable check from uvm_map.
Such a bypass allows kernel NULL pointer dereferences to be exploitable on
architectures with a shared userland<->kernel VA, like amd64.

Fix this by increasing the limit of the vm space made available for
userland processes. This way, UVM will never chose a NULL hint, since it
would be outside of the vm space.

The user_va0_disable sysctl still controls this feature.
 1.18  20-Mar-2015  maxv Zero-fill the ELF auxiliary vectors. Otherwise, on 64bit systems, the
padding between a_v and a_type contains kernel garbage, therefore
exposed to userland.

Original report by uebayasi@
 1.17  23-Feb-2014  njoly branches: 1.17.4; 1.17.6;
Use Aux32Info not AuxInfo. Noticed by Maxime Villard.
 1.16  23-Feb-2014  njoly Fix wrong KASSERTs. Do not compare size vs. entries count.
 1.15  21-Feb-2014  maxv Increase LINUX32_ELF_AUX_ENTRIES to avoid overrun in linux32/. Also,
add comments and KASSERTs to make sure people don't forget to increase
XX_AUX_ENTRIES's when adding vectors.

Reported by martin@ (CV), with suggestions from chs@.

ok martin@ chs@
 1.14  09-Feb-2014  chs account for the 16 bytes of AT_RANDOM data in the stack setup. fixes PR 48518.
use cprng_strong32() instead of random(). add AT_RANDOM support for linux32.
 1.13  03-Feb-2012  matt branches: 1.13.6; 1.13.10;
Add a hook for freeing an ep_emul_arg. Add a wrapper routine
(exec_free_emul_arg) to call the hook and then clear the ep_emul_arg
and ep_emul_arg_free members in the exec_package.
Change users/accessors to use these routines.
Approved by releng.
 1.12  11-Sep-2010  chs branches: 1.12.8; 1.12.12;
always supply an auxiliary vector for linux ELF processes.
static executables (such as newer versions of /sbin/ldconfig)
require this to work properly. since static executables
also don't have a PT_PHDR entry, use the same heuristic as
linux does to provide a value for AT_PHDR in this case.
 1.11  07-Jul-2010  chs many changes for COMPAT_LINUX:
- update the linux syscall table for each platform.
- support new-style (NPTL) linux pthreads on all platforms.
clone() with CLONE_THREAD uses 1 process with many LWPs
instead of separate processes.
- move the contents of sys__lwp_setprivate() into a new
lwp_setprivate() and use that everywhere.
- update linux_release[] and linux32_release[] to "2.6.18".
- adjust placement of emul fork/exec/exit hooks as needed
and adjust other emul code to match.
- convert all struct emul definitions to use named initializers.
- change the pid allocator to allow multiple pids to refer to the same proc.
- remove a few fields from struct proc that are no longer needed.
- disable the non-functional "vdso" code in linux32/amd64,
glibc works fine without it.
- fix a race in the futex code where we could miss a wakeup after
a requeue operation.
- redo futex locking to be a little more efficient.
 1.10  18-Apr-2010  jym This patch fixes the NX regression issue observed on amd64 kernels, where
per-page execution right was disabled (therefore leading to the inability
of the kernel to detect fraudulent use of memory mappings marked as not
being executable).

- replace cpu_feature and ci_feature_flags variables by cpu_feature and
ci_feat_val arrays. This makes it cleaner and brings kernel code closer
to the design of cpuctl(8). A warning will be raised for each CPU that
does not expose the same features as the Boot Processor (BP).

- the blacklist of CPU features is now a macro defined in the
specialreg.h header, instead of hardcoding it inside MD initialization
code; fix comments.

- replace checks against CPUID_TSC with the cpu_hascounter() function.

- clean up the code in init_x86_64(), as cpu_feature variables are set
inside cpu_probe().

- use cpu_init_msrs() for i386. It will be eventually used later for NX
feature under i386 PAE kernels.

- remove code that checks for CPUID_NOX in amd64 mptramp.S, this is already
performed by cpu_hatch() through cpu_init_msrs().

- remove cpu_signature and feature_flags members from struct mpbios_proc
(they were never used).

This patch was tested with i386 MONOLITHIC, XEN3PAE_DOM0 and XEN3_DOM0 under
a native i386 host, and amd64 GENERIC, XEN3_DOM0 via QEMU virtual machines.

XXX Should kernel rev be bumped?

XXX A similar patch should be pulled-up for NetBSD-5, hopefully tomorrow.
 1.9  15-Mar-2009  cegger branches: 1.9.2; 1.9.4;
ansify function definitions
 1.8  28-Apr-2008  martin branches: 1.8.8; 1.8.14;
Remove clause 3 and 4 from TNF licenses
 1.7  22-Apr-2007  dsl branches: 1.7.28; 1.7.30; 1.7.32;
Change the way that emulations locate files within the emulation root to
avoid having to allocate space in the 'stackgap'
- which is very LWP unfriendly.
The additional code for non-emulation namei() is trivial, the reduction for
the emulations is massive.
The vnode for a processes emulation root is saved in the cwdi structure
during process exec.
If the emulation root the TRYEMULROOT flag are set, namei() will do an initial
search for absolute pathnames in the emulation root, if that fails it will
retry from the normal root.
".." at the emulation root will always go to the real root, even in the middle
of paths and when expanding symlinks.
Absolute symlinks found using absolute paths in the emulation root will be
relative to the emulation root (so /usr/lib/xxx.so -> /lib/xxx.so links
inside the emulation root don't need changing).
If the root of the emulation would be returned (for an emulation lookup), then
the real root is returned instead (matching the behaviour of emul_lookup,
but being a cheap comparison here) so that programs that scan "../.."
looking for the root dircetory don't loop forever.
The target for symbolic links is no longer mangled (it used to get the
CHECK_ALT_xxx() treatment, so could get /emul/xxx prepended).
CHECK_ALT_xxx() are no more. Most of the change is deleting them, and adding
TRYEMULROOT to the flags to NDINIT().
A lot of the emulation system call stubs could now be deleted.
 1.6  16-Mar-2007  dsl remove all the double (and triple) casts used to convert 32bit userspace
pointers to and from 64bit kernel pointers. Instead use the defines
NETBSD32PTR64(p32) to read a 32bit pointer and (the new) NETBSD32PTR32(p32,p64)
to write a 32bit pointer throughout.
The 32bit pointer is now a struct to enforce the above.
amd64 (with linux emul) and sparc64 will both compile (when the arch stuff
goes in soon), and amd64 still runs some i386 binaries.
 1.5  07-Aug-2006  manu branches: 1.5.6; 1.5.12; 1.5.16; 1.5.18; 1.5.20;
Add a new signature test for linux probe function. We look for a .debuglink
section, which is specific to the Linux dynamic interpeter (yes, Linux
can execute it as a stand alone program)
 1.4  23-Jul-2006  ad Use the LWP cached credentials where sane.
 1.3  13-Jun-2006  skd branches: 1.3.4;
include kauth.h
workaround a gcc4 warning.
 1.2  14-May-2006  elad branches: 1.2.2;
integrate kauth.
 1.1  09-Feb-2006  manu branches: 1.1.2; 1.1.4; 1.1.6; 1.1.8; 1.1.10;
Add initial (but unfinished) COMPAT_LINUX32 for amd64. This is good enough so
that the i386 license manager part of amd64 version of Fluent works.

While I'm here, add SysV IPC to COMPAT_LINUX/amd64
 1.1.10.3  01-Jun-2006  kardel Sync with head.
 1.1.10.2  22-Apr-2006  simonb Sync with head.
 1.1.10.1  09-Feb-2006  simonb file linux32_exec_elf32.c was added on branch simonb-timecounters on 2006-04-22 11:38:14 +0000
 1.1.8.1  24-May-2006  tron Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.
 1.1.6.1  08-Mar-2006  elad Adapt to kernel authorization KPI.
 1.1.4.3  11-Aug-2006  yamt sync with head
 1.1.4.2  26-Jun-2006  yamt sync with head.
 1.1.4.1  24-May-2006  yamt sync with head.
 1.1.2.2  18-Feb-2006  yamt sync with head.
 1.1.2.1  09-Feb-2006  yamt file linux32_exec_elf32.c was added on branch yamt-uio_vmspace on 2006-02-18 15:39:02 +0000
 1.2.2.1  19-Jun-2006  chap Sync with head.
 1.3.4.4  03-Sep-2007  yamt sync with head.
 1.3.4.3  30-Dec-2006  yamt sync with head.
 1.3.4.2  21-Jun-2006  yamt sync with head.
 1.3.4.1  13-Jun-2006  yamt file linux32_exec_elf32.c was added on branch yamt-lazymbuf on 2006-06-21 14:59:27 +0000
 1.5.20.1  18-Mar-2007  reinoud First attempt to bring branch in sync with HEAD
 1.5.18.1  11-Jul-2007  mjf Sync with head.
 1.5.16.2  27-May-2007  ad Sync with head.
 1.5.16.1  10-Apr-2007  ad Sync with head.
 1.5.12.2  07-May-2007  yamt sync with head.
 1.5.12.1  24-Mar-2007  yamt sync with head.
 1.5.6.2  09-Sep-2006  rpaulo sync with head
 1.5.6.1  07-Aug-2006  rpaulo file linux32_exec_elf32.c was added on branch rpaulo-netinet-merge-pcb on 2006-09-09 02:46:03 +0000
 1.7.32.4  09-Oct-2010  yamt sync with head
 1.7.32.3  11-Aug-2010  yamt sync with head.
 1.7.32.2  04-May-2009  yamt sync with head.
 1.7.32.1  16-May-2008  yamt sync with head.
 1.7.30.1  18-May-2008  yamt sync with head.
 1.7.28.1  02-Jun-2008  mjf Sync with HEAD.
 1.8.14.1  13-May-2009  jym Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.
 1.8.8.1  28-Apr-2009  skrll Sync with HEAD.
 1.9.4.2  05-Mar-2011  rmind sync with head
 1.9.4.1  30-May-2010  rmind sync with head
 1.9.2.3  22-Oct-2010  uebayasi Sync with HEAD (-D20101022).
 1.9.2.2  17-Aug-2010  uebayasi Sync with HEAD.
 1.9.2.1  30-Apr-2010  uebayasi Sync with HEAD.
 1.12.12.1  18-Feb-2012  mrg merge to -current.
 1.12.8.2  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.12.8.1  17-Apr-2012  yamt sync with head
 1.13.10.1  18-May-2014  rmind sync with head
 1.13.6.2  03-Dec-2017  jdolecek update from HEAD
 1.13.6.1  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.17.6.2  05-Oct-2016  skrll Sync with HEAD
 1.17.6.1  06-Apr-2015  skrll Sync with HEAD
 1.17.4.1  29-Mar-2015  martin Pull up following revision(s) (requested by maxv in ticket #650):
sys/compat/netbsd32/netbsd32_exec_elf32.c: revision 1.39
sys/kern/exec_elf.c: revision 1.71
sys/compat/linux32/common/linux32_exec_elf32.c: revision 1.18
sys/compat/linux/common/linux_exec_elf32.c: revision 1.92
sys/compat/svr4_32/svr4_32_exec_elf32.c: revision 1.24
Zero-fill the ELF auxiliary vectors. Otherwise, on 64bit systems, the
padding between a_v and a_type contains kernel garbage, therefore
exposed to userland.
Original report by uebayasi@
 1.19.20.1  03-Aug-2022  martin Pull up following revision(s), all via patch
(requested by riastradh in ticket #1487):

sys/compat/linux/arch/i386/linux_machdep.c: revision 1.168
sys/compat/sunos/sunos_misc.c: revision 1.177
sys/compat/netbsd32/netbsd32_compat_50.c: revision 1.52
sys/compat/common/kern_resource_43.c: revision 1.23
sys/compat/netbsd32/netbsd32_conv.h: revision 1.46
sys/compat/linux/arch/i386/linux_ptrace.c: revision 1.35
sys/compat/common/vfs_syscalls_12.c: revision 1.38
sys/compat/ultrix/ultrix_misc.c: revision 1.126
sys/compat/common/kern_sig_43.c: revision 1.37
sys/compat/linux/common/linux_mtio.c: revision 1.8
sys/compat/freebsd/freebsd_misc.c: revision 1.34
sys/compat/freebsd/freebsd_machdep.c: revision 1.5
sys/compat/linux/common/linux_olduname.c: revision 1.67
sys/compat/linux/arch/mips/linux_machdep.c: revision 1.44
sys/compat/freebsd/freebsd_sched.c: revision 1.23
sys/compat/ossaudio/ossaudio.c: revision 1.84
sys/compat/sys/time_types.h: revision 1.6
sys/compat/linux/arch/powerpc/linux_machdep.c: revision 1.51
sys/compat/common/ieee80211_20.c: revision 1.7
sys/compat/linux/common/linux_file.c: revision 1.119
sys/compat/linux/arch/arm/linux_machdep.c: revision 1.34
sys/compat/netbsd32/netbsd32_wait.c: revision 1.25
sys/compat/linux32/common/linux32_time.c: revision 1.38
sys/compat/linux/arch/powerpc/linux_ptrace.c: revision 1.33
sys/compat/linux/arch/alpha/linux_machdep.c: revision 1.52
sys/compat/linux32/arch/amd64/linux32_machdep.c: revision 1.46
sys/compat/netbsd32/netbsd32_compat_12.c: revision 1.36
sys/compat/ultrix/ultrix_ioctl.c: revision 1.39
sys/compat/linux/common/linux_misc.c: revision 1.252
sys/compat/linux/common/linux_hdio.c: revision 1.19
sys/compat/sunos/sunos_ioctl.c: revision 1.71
sys/compat/linux/common/linux_sched.c: revision 1.79
sys/compat/common/kern_info_43.c: revision 1.40
sys/compat/linux32/common/linux32_exec_elf32.c: revision 1.20
sys/compat/linux/common/linux_socket.c: revision 1.153
sys/compat/linux/arch/amd64/linux_machdep.c: revision 1.60
sys/compat/common/vfs_syscalls_43.c: revision 1.68
sys/compat/linux/arch/powerpc/linux_exec_powerpc.c: revision 1.25
sys/compat/netbsd32/netbsd32_ptrace.c: revision 1.9
sys/compat/common/kern_time_50.c: revision 1.37
sys/compat/netbsd32/netbsd32_compat_20.c: revision 1.42
sys/compat/linux/common/linux_cdrom.c: revision 1.28
sys/compat/linux/arch/m68k/linux_machdep.c: revision 1.43
sys/compat/common/kern_info_09.c: revision 1.22
sys/compat/linux32/common/linux32_resource.c: revision 1.12
sys/compat/linux/common/linux_oldolduname.c: revision 1.67
sys/compat/common/if_media_80.c: revision 1.4
sys/compat/linux/arch/alpha/linux_osf1.c: revision 1.5
sys/compat/netbsd32/netbsd32_nfssvc.c: revision 1.8
sys/compat/linux32/common/linux32_signal.c: revision 1.21
sys/compat/common/kern_sig_13.c: revision 1.22
sys/compat/sunos32/sunos32_ioctl.c: revision 1.36
sys/compat/netbsd32/netbsd32_compat_43.c: revision 1.62
sys/compat/linux/arch/arm/linux_ptrace.c: revision 1.23
sys/compat/netbsd32/netbsd32_time.c: revision 1.56
sys/compat/linux/common/linux_signal.c: revision 1.84
sys/compat/netbsd32/netbsd32_signal.c: revision 1.52
sys/compat/sunos32/sunos32_misc.c: revision 1.85
sys/compat/linux/common/linux_time.c: revision 1.40
sys/compat/linux/common/linux_fdio.c: revision 1.14
sys/compat/common/vfs_syscalls_30.c: revision 1.43

sys/compat: Memset zero before copyout.

Just in case of uninitialized padding which would lead to kernel
stack disclosure. If the compiler can prove the memset redundant
then it can optimize it away; otherwise better safe than sorry.
 1.19.8.1  21-Jun-2023  martin Pull up following revision(s) (requested by riastradh in ticket #1836):

sys/compat/linux/arch/i386/linux_machdep.c: revision 1.168
sys/compat/sunos/sunos_misc.c: revision 1.177
sys/compat/netbsd32/netbsd32_compat_50.c: revision 1.52
sys/compat/common/kern_resource_43.c: revision 1.23
sys/compat/netbsd32/netbsd32_conv.h: revision 1.46
sys/compat/linux/arch/i386/linux_ptrace.c: revision 1.35
sys/compat/common/vfs_syscalls_12.c: revision 1.38
sys/compat/ultrix/ultrix_misc.c: revision 1.126
sys/compat/common/kern_sig_43.c: revision 1.37
sys/compat/linux/common/linux_mtio.c: revision 1.8
sys/compat/freebsd/freebsd_misc.c: revision 1.34
sys/compat/linux/common/linux_olduname.c: revision 1.67
sys/compat/linux/arch/mips/linux_machdep.c: revision 1.44
sys/compat/freebsd/freebsd_sched.c: revision 1.23
sys/compat/ossaudio/ossaudio.c: revision 1.84
sys/compat/sys/time_types.h: revision 1.6
sys/compat/linux/arch/powerpc/linux_machdep.c: revision 1.51
sys/compat/linux/common/linux_file.c: revision 1.119
sys/compat/linux/arch/arm/linux_machdep.c: revision 1.34
sys/compat/netbsd32/netbsd32_wait.c: revision 1.25
sys/compat/linux32/common/linux32_time.c: revision 1.38
sys/compat/linux/arch/powerpc/linux_ptrace.c: revision 1.33
sys/compat/linux/arch/alpha/linux_machdep.c: revision 1.52
sys/compat/linux32/arch/amd64/linux32_machdep.c: revision 1.46
sys/compat/netbsd32/netbsd32_compat_12.c: revision 1.36
sys/compat/ultrix/ultrix_ioctl.c: revision 1.39
sys/compat/linux/common/linux_misc.c: revision 1.252
sys/compat/linux/common/linux_hdio.c: revision 1.19
sys/compat/sunos/sunos_ioctl.c: revision 1.71
sys/compat/linux/common/linux_sched.c: revision 1.79
sys/compat/common/kern_info_43.c: revision 1.40
sys/compat/linux32/common/linux32_exec_elf32.c: revision 1.20
sys/compat/linux/common/linux_socket.c: revision 1.153
sys/compat/linux/arch/amd64/linux_machdep.c: revision 1.60
sys/compat/common/vfs_syscalls_43.c: revision 1.68
sys/compat/linux/arch/powerpc/linux_exec_powerpc.c: revision 1.25
sys/compat/netbsd32/netbsd32_ptrace.c: revision 1.9
sys/compat/common/kern_time_50.c: revision 1.37
sys/compat/netbsd32/netbsd32_compat_20.c: revision 1.42
sys/compat/linux/common/linux_cdrom.c: revision 1.28
sys/compat/linux/arch/m68k/linux_machdep.c: revision 1.43
sys/compat/common/kern_info_09.c: revision 1.22
sys/compat/linux32/common/linux32_resource.c: revision 1.12
sys/compat/linux/common/linux_oldolduname.c: revision 1.67
sys/compat/netbsd32/netbsd32_nfssvc.c: revision 1.8
sys/compat/linux32/common/linux32_signal.c: revision 1.21
sys/compat/common/kern_sig_13.c: revision 1.22
sys/compat/sunos32/sunos32_ioctl.c: revision 1.36
sys/compat/netbsd32/netbsd32_compat_43.c: revision 1.62
sys/compat/linux/arch/arm/linux_ptrace.c: revision 1.23
sys/compat/netbsd32/netbsd32_time.c: revision 1.56
sys/compat/linux/common/linux_signal.c: revision 1.84
sys/compat/netbsd32/netbsd32_signal.c: revision 1.52
sys/compat/sunos32/sunos32_misc.c: revision 1.85
sys/compat/linux/common/linux_time.c: revision 1.40
sys/compat/linux/common/linux_fdio.c: revision 1.14
sys/compat/common/vfs_syscalls_30.c: revision 1.43

sys/compat: Memset zero before copyout.

Just in case of uninitialized padding which would lead to kernel
stack disclosure. If the compiler can prove the memset redundant
then it can optimize it away; otherwise better safe than sorry.

RSS XML Feed