kern_exec.c revision 1.74
1 /* $NetBSD: kern_exec.c,v 1.74 1996/02/04 02:15:20 christos Exp $ */ 2 3 /*- 4 * Copyright (C) 1993, 1994 Christopher G. Demetriou 5 * Copyright (C) 1992 Wolfgang Solfrank. 6 * Copyright (C) 1992 TooLs GmbH. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. All advertising materials mentioning features or use of this software 18 * must display the following acknowledgement: 19 * This product includes software developed by TooLs GmbH. 20 * 4. The name of TooLs GmbH may not be used to endorse or promote products 21 * derived from this software without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY TOOLS GMBH ``AS IS'' AND ANY EXPRESS OR 24 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 25 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 26 * IN NO EVENT SHALL TOOLS GMBH BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 27 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 28 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 29 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 30 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 31 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 32 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include <sys/param.h> 36 #include <sys/systm.h> 37 #include <sys/filedesc.h> 38 #include <sys/kernel.h> 39 #include <sys/proc.h> 40 #include <sys/mount.h> 41 #include <sys/malloc.h> 42 #include <sys/namei.h> 43 #include <sys/vnode.h> 44 #include <sys/file.h> 45 #include <sys/acct.h> 46 #include <sys/exec.h> 47 #include <sys/ktrace.h> 48 #include <sys/resourcevar.h> 49 #include <sys/wait.h> 50 #include <sys/mman.h> 51 #include <sys/signalvar.h> 52 #include <sys/stat.h> 53 54 #include <sys/syscallargs.h> 55 56 #include <vm/vm.h> 57 #include <vm/vm_kern.h> 58 59 #include <kern/kern_extern.h> 60 61 #include <machine/cpu.h> 62 #include <machine/reg.h> 63 64 /* 65 * check exec: 66 * given an "executable" described in the exec package's namei info, 67 * see what we can do with it. 68 * 69 * ON ENTRY: 70 * exec package with appropriate namei info 71 * proc pointer of exec'ing proc 72 * NO SELF-LOCKED VNODES 73 * 74 * ON EXIT: 75 * error: nothing held, etc. exec header still allocated. 76 * ok: filled exec package, one locked vnode. 77 * 78 * EXEC SWITCH ENTRY: 79 * Locked vnode to check, exec package, proc. 80 * 81 * EXEC SWITCH EXIT: 82 * ok: return 0, filled exec package, one locked vnode. 83 * error: destructive: 84 * everything deallocated execept exec header. 85 * non-descructive: 86 * error code, locked vnode, exec header unmodified 87 */ 88 int 89 check_exec(p, epp) 90 struct proc *p; 91 struct exec_package *epp; 92 { 93 int error, i; 94 struct vnode *vp; 95 struct nameidata *ndp; 96 int resid; 97 98 ndp = epp->ep_ndp; 99 ndp->ni_cnd.cn_nameiop = LOOKUP; 100 ndp->ni_cnd.cn_flags = FOLLOW | LOCKLEAF | SAVENAME; 101 /* first get the vnode */ 102 if ((error = namei(ndp)) != 0) 103 return error; 104 epp->ep_vp = vp = ndp->ni_vp; 105 106 /* check for regular file */ 107 if (vp->v_type != VREG) { 108 error = EACCES; 109 goto bad1; 110 } 111 112 /* get attributes */ 113 if ((error = VOP_GETATTR(vp, epp->ep_vap, p->p_ucred, p)) != 0) 114 goto bad1; 115 116 /* Check mount point */ 117 if (vp->v_mount->mnt_flag & MNT_NOEXEC) { 118 error = EACCES; 119 goto bad1; 120 } 121 if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED)) 122 epp->ep_vap->va_mode &= ~(VSUID | VSGID); 123 124 /* check access. for root we have to see if any exec bit on */ 125 if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0) 126 goto bad1; 127 if ((epp->ep_vap->va_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) { 128 error = EACCES; 129 goto bad1; 130 } 131 132 /* try to open it */ 133 if ((error = VOP_OPEN(vp, FREAD, p->p_ucred, p)) != 0) 134 goto bad1; 135 136 /* now we have the file, get the exec header */ 137 error = vn_rdwr(UIO_READ, vp, epp->ep_hdr, epp->ep_hdrlen, 0, 138 UIO_SYSSPACE, IO_NODELOCKED, p->p_ucred, &resid, p); 139 if (error) 140 goto bad2; 141 epp->ep_hdrvalid = epp->ep_hdrlen - resid; 142 143 /* 144 * set up the vmcmds for creation of the process 145 * address space 146 */ 147 error = ENOEXEC; 148 for (i = 0; i < nexecs && error != 0; i++) { 149 int newerror; 150 151 if (execsw[i].es_check == NULL) 152 continue; 153 154 newerror = (*execsw[i].es_check)(p, epp); 155 /* make sure the first "interesting" error code is saved. */ 156 if (!newerror || error == ENOEXEC) 157 error = newerror; 158 if (epp->ep_flags & EXEC_DESTR && error != 0) 159 return error; 160 } 161 if (!error) { 162 /* check that entry point is sane */ 163 if (epp->ep_entry > VM_MAXUSER_ADDRESS) 164 error = ENOEXEC; 165 166 /* check limits */ 167 if ((epp->ep_tsize > MAXTSIZ) || 168 (epp->ep_dsize > p->p_rlimit[RLIMIT_DATA].rlim_cur)) 169 error = ENOMEM; 170 171 if (!error) 172 return (0); 173 } 174 175 /* 176 * free any vmspace-creation commands, 177 * and release their references 178 */ 179 kill_vmcmds(&epp->ep_vmcmds); 180 181 bad2: 182 /* 183 * unlock and close the vnode, restore the old one, free the 184 * pathname buf, and punt. 185 */ 186 VOP_UNLOCK(vp); 187 vn_close(vp, FREAD, p->p_ucred, p); 188 FREE(ndp->ni_cnd.cn_pnbuf, M_NAMEI); 189 return error; 190 191 bad1: 192 /* 193 * free the namei pathname buffer, and put the vnode 194 * (which we don't yet have open). 195 */ 196 FREE(ndp->ni_cnd.cn_pnbuf, M_NAMEI); 197 vput(vp); 198 return error; 199 } 200 201 /* 202 * exec system call 203 */ 204 /* ARGSUSED */ 205 sys_execve(p, v, retval) 206 register struct proc *p; 207 void *v; 208 register_t *retval; 209 { 210 register struct sys_execve_args /* { 211 syscallarg(char *) path; 212 syscallarg(char * *) argp; 213 syscallarg(char * *) envp; 214 } */ *uap = v; 215 int error, i; 216 struct exec_package pack; 217 struct nameidata nid; 218 struct vattr attr; 219 struct ucred *cred = p->p_ucred; 220 char *argp; 221 char **cpp, *dp, *sp; 222 long argc, envc; 223 size_t len; 224 char *stack; 225 struct ps_strings arginfo; 226 struct vmspace *vm = p->p_vmspace; 227 char **tmpfap; 228 int szsigcode; 229 extern struct emul emul_netbsd; 230 231 /* 232 * figure out the maximum size of an exec header, if necessary. 233 * XXX should be able to keep LKM code from modifying exec switch 234 * when we're still using it, but... 235 */ 236 if (exec_maxhdrsz == 0) { 237 for (i = 0; i < nexecs; i++) 238 if (execsw[i].es_check != NULL 239 && execsw[i].es_hdrsz > exec_maxhdrsz) 240 exec_maxhdrsz = execsw[i].es_hdrsz; 241 } 242 243 /* init the namei data to point the file user's program name */ 244 NDINIT(&nid, LOOKUP, NOFOLLOW, UIO_USERSPACE, SCARG(uap, path), p); 245 246 /* 247 * initialize the fields of the exec package. 248 */ 249 pack.ep_name = SCARG(uap, path); 250 MALLOC(pack.ep_hdr, void *, exec_maxhdrsz, M_EXEC, M_WAITOK); 251 pack.ep_hdrlen = exec_maxhdrsz; 252 pack.ep_hdrvalid = 0; 253 pack.ep_ndp = &nid; 254 pack.ep_emul_arg = NULL; 255 pack.ep_vmcmds.evs_cnt = 0; 256 pack.ep_vmcmds.evs_used = 0; 257 pack.ep_vap = &attr; 258 pack.ep_emul = &emul_netbsd; 259 pack.ep_flags = 0; 260 261 /* see if we can run it. */ 262 if ((error = check_exec(p, &pack)) != 0) 263 goto freehdr; 264 265 /* XXX -- THE FOLLOWING SECTION NEEDS MAJOR CLEANUP */ 266 267 /* allocate an argument buffer */ 268 argp = (char *) kmem_alloc_wait(exec_map, NCARGS); 269 #ifdef DIAGNOSTIC 270 if (argp == (vm_offset_t) 0) 271 panic("execve: argp == NULL"); 272 #endif 273 dp = argp; 274 argc = 0; 275 276 /* copy the fake args list, if there's one, freeing it as we go */ 277 if (pack.ep_flags & EXEC_HASARGL) { 278 tmpfap = pack.ep_fa; 279 while (*tmpfap != NULL) { 280 char *cp; 281 282 cp = *tmpfap; 283 while (*cp) 284 *dp++ = *cp++; 285 dp++; 286 287 FREE(*tmpfap, M_EXEC); 288 tmpfap++; argc++; 289 } 290 FREE(pack.ep_fa, M_EXEC); 291 pack.ep_flags &= ~EXEC_HASARGL; 292 } 293 294 /* Now get argv & environment */ 295 if (!(cpp = SCARG(uap, argp))) { 296 error = EINVAL; 297 goto bad; 298 } 299 300 if (pack.ep_flags & EXEC_SKIPARG) 301 cpp++; 302 303 while (1) { 304 len = argp + ARG_MAX - dp; 305 if ((error = copyin(cpp, &sp, sizeof(sp))) != 0) 306 goto bad; 307 if (!sp) 308 break; 309 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 310 if (error == ENAMETOOLONG) 311 error = E2BIG; 312 goto bad; 313 } 314 dp += len; 315 cpp++; 316 argc++; 317 } 318 319 envc = 0; 320 /* environment need not be there */ 321 if ((cpp = SCARG(uap, envp)) != NULL ) { 322 while (1) { 323 len = argp + ARG_MAX - dp; 324 if ((error = copyin(cpp, &sp, sizeof(sp))) != 0) 325 goto bad; 326 if (!sp) 327 break; 328 if ((error = copyinstr(sp, dp, len, &len)) != 0) { 329 if (error == ENAMETOOLONG) 330 error = E2BIG; 331 goto bad; 332 } 333 dp += len; 334 cpp++; 335 envc++; 336 } 337 } 338 339 dp = (char *) ALIGN(dp); 340 341 szsigcode = pack.ep_emul->e_esigcode - pack.ep_emul->e_sigcode; 342 343 /* Now check if args & environ fit into new stack */ 344 len = ((argc + envc + 2 + pack.ep_emul->e_arglen) * sizeof(char *) + 345 sizeof(long) + dp + STACKGAPLEN + szsigcode + 346 sizeof(struct ps_strings)) - argp; 347 348 len = ALIGN(len); /* make the stack "safely" aligned */ 349 350 if (len > pack.ep_ssize) { /* in effect, compare to initial limit */ 351 error = ENOMEM; 352 goto bad; 353 } 354 355 /* adjust "active stack depth" for process VSZ */ 356 pack.ep_ssize = len; /* maybe should go elsewhere, but... */ 357 358 /* Unmap old program */ 359 #ifdef sparc 360 kill_user_windows(p); /* before stack addresses go away */ 361 #endif 362 /* Kill shared memory and unmap old program */ 363 #ifdef SYSVSHM 364 if (vm->vm_shm) 365 shmexit(p); 366 #endif 367 vm_deallocate(&vm->vm_map, VM_MIN_ADDRESS, 368 VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS); 369 370 /* Now map address space */ 371 vm->vm_taddr = (char *) pack.ep_taddr; 372 vm->vm_tsize = btoc(pack.ep_tsize); 373 vm->vm_daddr = (char *) pack.ep_daddr; 374 vm->vm_dsize = btoc(pack.ep_dsize); 375 vm->vm_ssize = btoc(pack.ep_ssize); 376 vm->vm_maxsaddr = (char *) pack.ep_maxsaddr; 377 378 /* create the new process's VM space by running the vmcmds */ 379 #ifdef DIAGNOSTIC 380 if (pack.ep_vmcmds.evs_used == 0) 381 panic("execve: no vmcmds"); 382 #endif 383 for (i = 0; i < pack.ep_vmcmds.evs_used && !error; i++) { 384 struct exec_vmcmd *vcp; 385 386 vcp = &pack.ep_vmcmds.evs_cmds[i]; 387 error = (*vcp->ev_proc)(p, vcp); 388 } 389 390 /* free the vmspace-creation commands, and release their references */ 391 kill_vmcmds(&pack.ep_vmcmds); 392 393 /* if an error happened, deallocate and punt */ 394 if (error) 395 goto exec_abort; 396 397 /* remember information about the process */ 398 arginfo.ps_nargvstr = argc; 399 arginfo.ps_nenvstr = envc; 400 401 stack = (char *) (USRSTACK - len); 402 /* Now copy argc, args & environ to new stack */ 403 if (!(*pack.ep_emul->e_copyargs)(&pack, &arginfo, stack, argp)) 404 goto exec_abort; 405 406 /* copy out the process's ps_strings structure */ 407 if (copyout(&arginfo, (char *) PS_STRINGS, sizeof(arginfo))) 408 goto exec_abort; 409 410 /* copy out the process's signal trapoline code */ 411 if (szsigcode && copyout((char *) pack.ep_emul->e_sigcode, 412 ((char *) PS_STRINGS) - szsigcode, 413 szsigcode)) 414 goto exec_abort; 415 416 fdcloseexec(p); /* handle close on exec */ 417 execsigs(p); /* reset catched signals */ 418 419 /* set command name & other accounting info */ 420 len = min(nid.ni_cnd.cn_namelen, MAXCOMLEN); 421 bcopy(nid.ni_cnd.cn_nameptr, p->p_comm, len); 422 p->p_comm[len] = 0; 423 p->p_acflag &= ~AFORK; 424 425 /* record proc's vnode, for use by procfs and others */ 426 if (p->p_textvp) 427 vrele(p->p_textvp); 428 VREF(pack.ep_vp); 429 p->p_textvp = pack.ep_vp; 430 431 p->p_flag |= P_EXEC; 432 if (p->p_flag & P_PPWAIT) { 433 p->p_flag &= ~P_PPWAIT; 434 wakeup((caddr_t) p->p_pptr); 435 } 436 437 /* 438 * deal with set[ug]id. 439 * MNT_NOEXEC and P_TRACED have already been used to disable s[ug]id. 440 */ 441 p->p_flag &= ~P_SUGID; 442 if (((attr.va_mode & VSUID) != 0 && p->p_ucred->cr_uid != attr.va_uid) 443 || ((attr.va_mode & VSGID) != 0 && p->p_ucred->cr_gid != attr.va_gid)){ 444 p->p_ucred = crcopy(cred); 445 #ifdef KTRACE 446 /* 447 * If process is being ktraced, turn off - unless 448 * root set it. 449 */ 450 if (p->p_tracep && !(p->p_traceflag & KTRFAC_ROOT)) { 451 vrele(p->p_tracep); 452 p->p_tracep = NULL; 453 p->p_traceflag = 0; 454 } 455 #endif 456 if (attr.va_mode & VSUID) 457 p->p_ucred->cr_uid = attr.va_uid; 458 if (attr.va_mode & VSGID) 459 p->p_ucred->cr_gid = attr.va_gid; 460 p->p_flag |= P_SUGID; 461 } 462 p->p_cred->p_svuid = p->p_ucred->cr_uid; 463 p->p_cred->p_svgid = p->p_ucred->cr_gid; 464 465 kmem_free_wakeup(exec_map, (vm_offset_t) argp, NCARGS); 466 467 FREE(nid.ni_cnd.cn_pnbuf, M_NAMEI); 468 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 469 vput(pack.ep_vp); 470 471 /* setup new registers and do misc. setup. */ 472 (*pack.ep_emul->e_setregs)(p, &pack, (u_long) stack, retval); 473 474 if (p->p_flag & P_TRACED) 475 psignal(p, SIGTRAP); 476 477 p->p_emul = pack.ep_emul; 478 FREE(pack.ep_hdr, M_EXEC); 479 480 #ifdef KTRACE 481 if (KTRPOINT(p, KTR_EMUL)) 482 ktremul(p->p_tracep, p->p_emul->e_name); 483 #endif 484 return 0; 485 486 bad: 487 /* free the vmspace-creation commands, and release their references */ 488 kill_vmcmds(&pack.ep_vmcmds); 489 /* kill any opened file descriptor, if necessary */ 490 if (pack.ep_flags & EXEC_HASFD) { 491 pack.ep_flags &= ~EXEC_HASFD; 492 (void) fdrelease(p, pack.ep_fd); 493 } 494 /* close and put the exec'd file */ 495 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 496 vput(pack.ep_vp); 497 FREE(nid.ni_cnd.cn_pnbuf, M_NAMEI); 498 kmem_free_wakeup(exec_map, (vm_offset_t) argp, NCARGS); 499 500 freehdr: 501 FREE(pack.ep_hdr, M_EXEC); 502 return error; 503 504 exec_abort: 505 /* 506 * the old process doesn't exist anymore. exit gracefully. 507 * get rid of the (new) address space we have created, if any, get rid 508 * of our namei data and vnode, and exit noting failure 509 */ 510 vm_deallocate(&vm->vm_map, VM_MIN_ADDRESS, 511 VM_MAXUSER_ADDRESS - VM_MIN_ADDRESS); 512 if (pack.ep_emul_arg) 513 FREE(pack.ep_emul_arg, M_TEMP); 514 FREE(nid.ni_cnd.cn_pnbuf, M_NAMEI); 515 VOP_CLOSE(pack.ep_vp, FREAD, cred, p); 516 vput(pack.ep_vp); 517 kmem_free_wakeup(exec_map, (vm_offset_t) argp, NCARGS); 518 FREE(pack.ep_hdr, M_EXEC); 519 exit1(p, W_EXITCODE(0, SIGABRT)); 520 exit1(p, -1); 521 522 /* NOTREACHED */ 523 return 0; 524 } 525 526 527 void * 528 copyargs(pack, arginfo, stack, argp) 529 struct exec_package *pack; 530 struct ps_strings *arginfo; 531 void *stack; 532 void *argp; 533 { 534 char **cpp = stack; 535 char *dp, *sp; 536 size_t len; 537 void *nullp = NULL; 538 int argc = arginfo->ps_nargvstr; 539 int envc = arginfo->ps_nenvstr; 540 541 if (copyout(&argc, cpp++, sizeof(argc))) 542 return NULL; 543 544 dp = (char *) (cpp + argc + envc + 2 + pack->ep_emul->e_arglen); 545 sp = argp; 546 547 /* XXX don't copy them out, remap them! */ 548 arginfo->ps_argvstr = cpp; /* remember location of argv for later */ 549 550 for (; --argc >= 0; sp += len, dp += len) 551 if (copyout(&dp, cpp++, sizeof(dp)) || 552 copyoutstr(sp, dp, ARG_MAX, &len)) 553 return NULL; 554 555 if (copyout(&nullp, cpp++, sizeof(nullp))) 556 return NULL; 557 558 arginfo->ps_envstr = cpp; /* remember location of envp for later */ 559 560 for (; --envc >= 0; sp += len, dp += len) 561 if (copyout(&dp, cpp++, sizeof(dp)) || 562 copyoutstr(sp, dp, ARG_MAX, &len)) 563 return NULL; 564 565 if (copyout(&nullp, cpp++, sizeof(nullp))) 566 return NULL; 567 568 return cpp; 569 } 570
Indexes created Tue Sep 23 14:10:03 GMT 2025