Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/kern - Add support for fexecve
details: https://anonhg.NetBSD.org/src/rev/c79e84938e55
branches: trunk
changeset: 1003448:c79e84938e55
user: christos <christos%NetBSD.org@localhost>
date: Sun Sep 15 20:23:50 2019 +0000
description:
- Add support for fexecve
- get the vnode from the fd passed instead of calling namei() on the
path
- try to reverse resolve the vnode to extract the pathname
- deal with not having a resolved path available
- rename variable that was not a pathbuf
diffstat:
sys/kern/kern_exec.c | 146 +++++++++++++++++++++++++++++++++++---------------
1 files changed, 103 insertions(+), 43 deletions(-)
diffs (270 lines):
diff -r fe60d1727e7a -r c79e84938e55 sys/kern/kern_exec.c
--- a/sys/kern/kern_exec.c Sun Sep 15 20:21:12 2019 +0000
+++ b/sys/kern/kern_exec.c Sun Sep 15 20:23:50 2019 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_exec.c,v 1.479 2019/09/07 15:34:44 christos Exp $ */
+/* $NetBSD: kern_exec.c,v 1.480 2019/09/15 20:23:50 christos Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -59,7 +59,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.479 2019/09/07 15:34:44 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.480 2019/09/15 20:23:50 christos Exp $");
#include "opt_exec.h"
#include "opt_execfmt.h"
@@ -257,7 +257,7 @@
struct ps_strings ed_arginfo;
char *ed_argp;
const char *ed_pathstring;
- char *ed_resolvedpathbuf;
+ char *ed_resolvedname;
size_t ed_ps_strings_sz;
int ed_szsigcode;
size_t ed_argslen;
@@ -309,9 +309,32 @@
{
pathbuf_stringcopy_put(data->ed_pathbuf, data->ed_pathstring);
pathbuf_destroy(data->ed_pathbuf);
- PNBUF_PUT(data->ed_resolvedpathbuf);
+ if (data->ed_resolvedname)
+ PNBUF_PUT(data->ed_resolvedname);
}
+static void
+exec_resolvename(struct lwp *l, struct exec_package *epp, struct vnode *vp,
+ char **rpath)
+{
+ int error;
+ char *p;
+
+ KASSERT(rpath != NULL);
+
+ *rpath = PNBUF_GET();
+ error = vnode_to_path(*rpath, MAXPATHLEN, vp, l, l->l_proc);
+ if (error) {
+ PNBUF_PUT(*rpath);
+ *rpath = NULL;
+ return;
+ }
+ epp->ep_resolvedname = *rpath;
+ if ((p = strrchr(*rpath, '/')) != NULL)
+ epp->ep_kname = p + 1;
+}
+
+
/*
* check exec:
* given an "executable" described in the exec package's namei info,
@@ -339,26 +362,40 @@
*/
int
/*ARGSUSED*/
-check_exec(struct lwp *l, struct exec_package *epp, struct pathbuf *pb)
+check_exec(struct lwp *l, struct exec_package *epp, struct pathbuf *pb,
+ char **rpath)
{
int error, i;
struct vnode *vp;
- struct nameidata nd;
size_t resid;
- // grab the absolute pathbuf here before namei() trashes it.
- pathbuf_copystring(pb, epp->ep_resolvedname, PATH_MAX);
- NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | TRYEMULROOT, pb);
-
- /* first get the vnode */
- if ((error = namei(&nd)) != 0)
- return error;
- epp->ep_vp = vp = nd.ni_vp;
-
+ if (epp->ep_resolvedname) {
+ struct nameidata nd;
+
+ // grab the absolute pathbuf here before namei() trashes it.
+ pathbuf_copystring(pb, epp->ep_resolvedname, PATH_MAX);
+ NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | TRYEMULROOT, pb);
+
+ /* first get the vnode */
+ if ((error = namei(&nd)) != 0)
+ return error;
+
+ epp->ep_vp = vp = nd.ni_vp;
#ifdef DIAGNOSTIC
- /* paranoia (take this out once namei stuff stabilizes) */
- memset(nd.ni_pnbuf, '~', PATH_MAX);
+ /* paranoia (take this out once namei stuff stabilizes) */
+ memset(nd.ni_pnbuf, '~', PATH_MAX);
#endif
+ } else {
+ struct file *fp;
+
+ if ((error = fd_getvnode(epp->ep_xfd, &fp)) != 0)
+ return error;
+ epp->ep_vp = vp = fp->f_vnode;
+ vref(vp);
+ fd_putfile(epp->ep_xfd);
+ exec_resolvename(l, epp, vp, rpath);
+ vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
+ }
/* check access and type */
if (vp->v_type != VREG) {
@@ -388,7 +425,8 @@
VOP_UNLOCK(vp);
#if NVERIEXEC > 0
- error = veriexec_verify(l, vp, epp->ep_resolvedname,
+ error = veriexec_verify(l, vp,
+ epp->ep_resolvedname ? epp->ep_resolvedname : epp->ep_kname,
epp->ep_flags & EXEC_INDIR ? VERIEXEC_INDIRECT : VERIEXEC_DIRECT,
NULL);
if (error)
@@ -545,7 +583,7 @@
syscallarg(char * const *) envp;
} */
- return execve1(l, SCARG(uap, path), SCARG(uap, argp),
+ return execve1(l, SCARG(uap, path), -1, SCARG(uap, argp),
SCARG(uap, envp), execve_fetch_element);
}
@@ -559,7 +597,8 @@
syscallarg(char * const *) envp;
} */
- return ENOSYS;
+ return execve1(l, NULL, SCARG(uap, fd), SCARG(uap, argp),
+ SCARG(uap, envp), execve_fetch_element);
}
/*
@@ -680,7 +719,7 @@
}
static int
-execve_loadvm(struct lwp *l, const char *path, char * const *args,
+execve_loadvm(struct lwp *l, const char *path, int fd, char * const *args,
char * const *envs, execve_fetch_element_t fetch_element,
struct execve_data * restrict data)
{
@@ -689,7 +728,6 @@
struct proc *p;
char *dp;
u_int modgen;
- size_t offs;
KASSERT(data != NULL);
@@ -732,24 +770,36 @@
*/
rw_enter(&p->p_reflock, RW_WRITER);
- /*
- * Init the namei data to point the file user's program name.
- * This is done here rather than in check_exec(), so that it's
- * possible to override this settings if any of makecmd/probe
- * functions call check_exec() recursively - for example,
- * see exec_script_makecmds().
- */
- if ((error = exec_makepathbuf(l, path, UIO_USERSPACE,
- &data->ed_pathbuf, &offs)) != 0)
- goto clrflg;
- data->ed_pathstring = pathbuf_stringcopy_get(data->ed_pathbuf);
- data->ed_resolvedpathbuf = PNBUF_GET();
+ if (path == NULL) {
+ data->ed_pathbuf = pathbuf_assimilate(strcpy(PNBUF_GET(), "/"));
+ data->ed_pathstring = pathbuf_stringcopy_get(data->ed_pathbuf);
+ epp->ep_kname = "*fexecve*";
+ data->ed_resolvedname = NULL;
+ epp->ep_resolvedname = NULL;
+ epp->ep_xfd = fd;
+ } else {
+ size_t offs;
+ /*
+ * Init the namei data to point the file user's program name.
+ * This is done here rather than in check_exec(), so that it's
+ * possible to override this settings if any of makecmd/probe
+ * functions call check_exec() recursively - for example,
+ * see exec_script_makecmds().
+ */
+ if ((error = exec_makepathbuf(l, path, UIO_USERSPACE,
+ &data->ed_pathbuf, &offs)) != 0)
+ goto clrflg;
+ data->ed_pathstring = pathbuf_stringcopy_get(data->ed_pathbuf);
+ epp->ep_kname = data->ed_pathstring + offs;
+ data->ed_resolvedname = PNBUF_GET();
+ epp->ep_resolvedname = data->ed_resolvedname;
+ epp->ep_xfd = -1;
+ }
+
/*
* initialize the fields of the exec package.
*/
- epp->ep_kname = data->ed_pathstring + offs;
- epp->ep_resolvedname = data->ed_resolvedpathbuf;
epp->ep_hdr = kmem_alloc(exec_maxhdrsz, KM_SLEEP);
epp->ep_hdrlen = exec_maxhdrsz;
epp->ep_hdrvalid = 0;
@@ -768,7 +818,8 @@
rw_enter(&exec_lock, RW_READER);
/* see if we can run it. */
- if ((error = check_exec(l, epp, data->ed_pathbuf)) != 0) {
+ if ((error = check_exec(l, epp, data->ed_pathbuf,
+ &data->ed_resolvedname)) != 0) {
if (error != ENOENT && error != EACCES && error != ENOEXEC) {
DPRINTF(("%s: check exec failed for %s, error %d\n",
__func__, epp->ep_kname, error));
@@ -942,10 +993,19 @@
static void
pathexec(struct proc *p, const char *resolvedname)
{
- KASSERT(resolvedname[0] == '/');
-
/* set command name & other accounting info */
- strlcpy(p->p_comm, strrchr(resolvedname, '/') + 1, sizeof(p->p_comm));
+ const char *cmdname;
+
+ if (resolvedname == NULL) {
+ cmdname = "*fexecve*";
+ resolvedname = "/";
+ } else {
+ cmdname = strrchr(resolvedname, '/') + 1;
+ }
+ KASSERTMSG(resolvedname[0] == '/', "bad resolvedname `%s'",
+ resolvedname);
+
+ strlcpy(p->p_comm, cmdname, sizeof(p->p_comm));
kmem_strfree(p->p_path);
p->p_path = kmem_strdupsize(resolvedname, NULL, KM_SLEEP);
@@ -1346,13 +1406,13 @@
}
int
-execve1(struct lwp *l, const char *path, char * const *args,
+execve1(struct lwp *l, const char *path, int fd, char * const *args,
char * const *envs, execve_fetch_element_t fetch_element)
{
struct execve_data data;
int error;
- error = execve_loadvm(l, path, args, envs, fetch_element, &data);
+ error = execve_loadvm(l, path, fd, args, envs, fetch_element, &data);
if (error)
return error;
error = execve_runproc(l, &data, false, false);
@@ -2376,7 +2436,7 @@
* Do the first part of the exec now, collect state
* in spawn_data.
*/
- error = execve_loadvm(l1, path, argv,
+ error = execve_loadvm(l1, path, -1, argv,
envp, fetch, &spawn_data->sed_exec);
if (error == EJUSTRETURN)
error = 0;
Home |
Main Index |
Thread Index |
Old Index