1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 1989, 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ 27 /* All Rights Reserved */ 28 29 #include <sys/types.h> 30 #include <sys/param.h> 31 #include <sys/thread.h> 32 #include <sys/sysmacros.h> 33 #include <sys/signal.h> 34 #include <sys/cred.h> 35 #include <sys/user.h> 36 #include <sys/errno.h> 37 #include <sys/vnode.h> 38 #include <sys/mman.h> 39 #include <sys/kmem.h> 40 #include <sys/proc.h> 41 #include <sys/pathname.h> 42 #include <sys/cmn_err.h> 43 #include <sys/systm.h> 44 #include <sys/elf.h> 45 #include <sys/vmsystm.h> 46 #include <sys/debug.h> 47 #include <sys/auxv.h> 48 #include <sys/exec.h> 49 #include <sys/prsystm.h> 50 #include <vm/as.h> 51 #include <vm/rm.h> 52 #include <vm/seg.h> 53 #include <vm/seg_vn.h> 54 #include <sys/modctl.h> 55 #include <sys/systeminfo.h> 56 #include <sys/vmparam.h> 57 #include <sys/machelf.h> 58 #include <sys/shm_impl.h> 59 #include <sys/archsystm.h> 60 #include <sys/fasttrap.h> 61 #include <sys/brand.h> 62 #include "elf_impl.h" 63 #include <sys/sdt.h> 64 65 extern int at_flags; 66 67 #define ORIGIN_STR "ORIGIN" 68 #define ORIGIN_STR_SIZE 6 69 70 static int getelfhead(vnode_t *, cred_t *, Ehdr *, int *, int *, int *); 71 static int getelfphdr(vnode_t *, cred_t *, const Ehdr *, int, caddr_t *, 72 ssize_t *); 73 static int getelfshdr(vnode_t *, cred_t *, const Ehdr *, int, int, caddr_t *, 74 ssize_t *, caddr_t *, ssize_t *); 75 static size_t elfsize(Ehdr *, int, caddr_t, uintptr_t *); 76 static int mapelfexec(vnode_t *, Ehdr *, int, caddr_t, 77 Phdr **, Phdr **, Phdr **, Phdr **, Phdr *, 78 caddr_t *, caddr_t *, intptr_t *, intptr_t *, size_t, long *, size_t *); 79 80 typedef enum { 81 STR_CTF, 82 STR_SYMTAB, 83 STR_DYNSYM, 84 STR_STRTAB, 85 STR_DYNSTR, 86 STR_SHSTRTAB, 87 STR_NUM 88 } shstrtype_t; 89 90 static const char *shstrtab_data[] = { 91 ".SUNW_ctf", 92 ".symtab", 93 ".dynsym", 94 ".strtab", 95 ".dynstr", 96 ".shstrtab" 97 }; 98 99 typedef struct shstrtab { 100 int sst_ndx[STR_NUM]; 101 int sst_cur; 102 } shstrtab_t; 103 104 static void 105 shstrtab_init(shstrtab_t *s) 106 { 107 bzero(&s->sst_ndx, sizeof (s->sst_ndx)); 108 s->sst_cur = 1; 109 } 110 111 static int 112 shstrtab_ndx(shstrtab_t *s, shstrtype_t type) 113 { 114 int ret; 115 116 if ((ret = s->sst_ndx[type]) != 0) 117 return (ret); 118 119 ret = s->sst_ndx[type] = s->sst_cur; 120 s->sst_cur += strlen(shstrtab_data[type]) + 1; 121 122 return (ret); 123 } 124 125 static size_t 126 shstrtab_size(const shstrtab_t *s) 127 { 128 return (s->sst_cur); 129 } 130 131 static void 132 shstrtab_dump(const shstrtab_t *s, char *buf) 133 { 134 int i, ndx; 135 136 *buf = '\0'; 137 for (i = 0; i < STR_NUM; i++) { 138 if ((ndx = s->sst_ndx[i]) != 0) 139 (void) strcpy(buf + ndx, shstrtab_data[i]); 140 } 141 } 142 143 static int 144 dtrace_safe_phdr(Phdr *phdrp, struct uarg *args, uintptr_t base) 145 { 146 ASSERT(phdrp->p_type == PT_SUNWDTRACE); 147 148 /* 149 * See the comment in fasttrap.h for information on how to safely 150 * update this program header. 151 */ 152 if (phdrp->p_memsz < PT_SUNWDTRACE_SIZE || 153 (phdrp->p_flags & (PF_R | PF_W | PF_X)) != (PF_R | PF_W | PF_X)) 154 return (-1); 155 156 args->thrptr = phdrp->p_vaddr + base; 157 158 return (0); 159 } 160 161 /* 162 * Map in the executable pointed to by vp. Returns 0 on success. 163 */ 164 int 165 mapexec_brand(vnode_t *vp, uarg_t *args, Ehdr *ehdr, Addr *uphdr_vaddr, 166 intptr_t *voffset, caddr_t exec_file, int *interp, caddr_t *bssbase, 167 caddr_t *brkbase, size_t *brksize, uintptr_t *lddatap) 168 { 169 size_t len; 170 struct vattr vat; 171 caddr_t phdrbase = NULL; 172 ssize_t phdrsize; 173 int nshdrs, shstrndx, nphdrs; 174 int error = 0; 175 Phdr *uphdr = NULL; 176 Phdr *junk = NULL; 177 Phdr *dynphdr = NULL; 178 Phdr *dtrphdr = NULL; 179 uintptr_t lddata; 180 long execsz; 181 intptr_t minaddr; 182 183 if (lddatap != NULL) 184 *lddatap = NULL; 185 186 if (error = execpermissions(vp, &vat, args)) { 187 uprintf("%s: Cannot execute %s\n", exec_file, args->pathname); 188 return (error); 189 } 190 191 if ((error = getelfhead(vp, CRED(), ehdr, &nshdrs, &shstrndx, 192 &nphdrs)) != 0 || 193 (error = getelfphdr(vp, CRED(), ehdr, nphdrs, &phdrbase, 194 &phdrsize)) != 0) { 195 uprintf("%s: Cannot read %s\n", exec_file, args->pathname); 196 return (error); 197 } 198 199 if ((len = elfsize(ehdr, nphdrs, phdrbase, &lddata)) == 0) { 200 uprintf("%s: Nothing to load in %s", exec_file, args->pathname); 201 kmem_free(phdrbase, phdrsize); 202 return (ENOEXEC); 203 } 204 if (lddatap != NULL) 205 *lddatap = lddata; 206 207 if (error = mapelfexec(vp, ehdr, nphdrs, phdrbase, &uphdr, &dynphdr, 208 &junk, &dtrphdr, NULL, bssbase, brkbase, voffset, &minaddr, 209 len, &execsz, brksize)) { 210 uprintf("%s: Cannot map %s\n", exec_file, args->pathname); 211 kmem_free(phdrbase, phdrsize); 212 return (error); 213 } 214 215 /* 216 * Inform our caller if the executable needs an interpreter. 217 */ 218 *interp = (dynphdr == NULL) ? 0 : 1; 219 220 /* 221 * If this is a statically linked executable, voffset should indicate 222 * the address of the executable itself (it normally holds the address 223 * of the interpreter). 224 */ 225 if (ehdr->e_type == ET_EXEC && *interp == 0) 226 *voffset = minaddr; 227 228 if (uphdr != NULL) { 229 *uphdr_vaddr = uphdr->p_vaddr; 230 } else { 231 *uphdr_vaddr = (Addr)-1; 232 } 233 234 kmem_free(phdrbase, phdrsize); 235 return (error); 236 } 237 238 /*ARGSUSED*/ 239 int 240 elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, 241 int level, long *execsz, int setid, caddr_t exec_file, cred_t *cred, 242 int brand_action) 243 { 244 caddr_t phdrbase = NULL; 245 caddr_t bssbase = 0; 246 caddr_t brkbase = 0; 247 size_t brksize = 0; 248 ssize_t dlnsize; 249 aux_entry_t *aux; 250 int error; 251 ssize_t resid; 252 int fd = -1; 253 intptr_t voffset; 254 Phdr *dyphdr = NULL; 255 Phdr *stphdr = NULL; 256 Phdr *uphdr = NULL; 257 Phdr *junk = NULL; 258 size_t len; 259 ssize_t phdrsize; 260 int postfixsize = 0; 261 int i, hsize; 262 Phdr *phdrp; 263 Phdr *dataphdrp = NULL; 264 Phdr *dtrphdr; 265 Phdr *capphdr = NULL; 266 Cap *cap = NULL; 267 ssize_t capsize; 268 int hasu = 0; 269 int hasauxv = 0; 270 int hasdy = 0; 271 int branded = 0; 272 273 struct proc *p = ttoproc(curthread); 274 struct user *up = PTOU(p); 275 struct bigwad { 276 Ehdr ehdr; 277 aux_entry_t elfargs[__KERN_NAUXV_IMPL]; 278 char dl_name[MAXPATHLEN]; 279 char pathbuf[MAXPATHLEN]; 280 struct vattr vattr; 281 struct execenv exenv; 282 } *bigwad; /* kmem_alloc this behemoth so we don't blow stack */ 283 Ehdr *ehdrp; 284 int nshdrs, shstrndx, nphdrs; 285 char *dlnp; 286 char *pathbufp; 287 rlim64_t limit; 288 rlim64_t roundlimit; 289 290 ASSERT(p->p_model == DATAMODEL_ILP32 || p->p_model == DATAMODEL_LP64); 291 292 bigwad = kmem_alloc(sizeof (struct bigwad), KM_SLEEP); 293 ehdrp = &bigwad->ehdr; 294 dlnp = bigwad->dl_name; 295 pathbufp = bigwad->pathbuf; 296 297 /* 298 * Obtain ELF and program header information. 299 */ 300 if ((error = getelfhead(vp, CRED(), ehdrp, &nshdrs, &shstrndx, 301 &nphdrs)) != 0 || 302 (error = getelfphdr(vp, CRED(), ehdrp, nphdrs, &phdrbase, 303 &phdrsize)) != 0) 304 goto out; 305 306 /* 307 * Prevent executing an ELF file that has no entry point. 308 */ 309 if (ehdrp->e_entry == 0) { 310 uprintf("%s: Bad entry point\n", exec_file); 311 goto bad; 312 } 313 314 /* 315 * Put data model that we're exec-ing to into the args passed to 316 * exec_args(), so it will know what it is copying to on new stack. 317 * Now that we know whether we are exec-ing a 32-bit or 64-bit 318 * executable, we can set execsz with the appropriate NCARGS. 319 */ 320 #ifdef _LP64 321 if (ehdrp->e_ident[EI_CLASS] == ELFCLASS32) { 322 args->to_model = DATAMODEL_ILP32; 323 *execsz = btopr(SINCR) + btopr(SSIZE) + btopr(NCARGS32-1); 324 } else { 325 args->to_model = DATAMODEL_LP64; 326 args->stk_prot &= ~PROT_EXEC; 327 #if defined(__i386) || defined(__amd64) 328 args->dat_prot &= ~PROT_EXEC; 329 #endif 330 *execsz = btopr(SINCR) + btopr(SSIZE) + btopr(NCARGS64-1); 331 } 332 #else /* _LP64 */ 333 args->to_model = DATAMODEL_ILP32; 334 *execsz = btopr(SINCR) + btopr(SSIZE) + btopr(NCARGS-1); 335 #endif /* _LP64 */ 336 337 /* 338 * We delay invoking the brand callback until we've figured out 339 * what kind of elf binary we're trying to run, 32-bit or 64-bit. 340 * We do this because now the brand library can just check 341 * args->to_model to see if the target is 32-bit or 64-bit without 342 * having do duplicate all the code above. 343 */ 344 if ((level < 2) && 345 (brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { 346 error = BROP(p)->b_elfexec(vp, uap, args, 347 idatap, level + 1, execsz, setid, exec_file, cred, 348 brand_action); 349 goto out; 350 } 351 352 /* 353 * Determine aux size now so that stack can be built 354 * in one shot (except actual copyout of aux image), 355 * determine any non-default stack protections, 356 * and still have this code be machine independent. 357 */ 358 hsize = ehdrp->e_phentsize; 359 phdrp = (Phdr *)phdrbase; 360 for (i = nphdrs; i > 0; i--) { 361 switch (phdrp->p_type) { 362 case PT_INTERP: 363 hasauxv = hasdy = 1; 364 break; 365 case PT_PHDR: 366 hasu = 1; 367 break; 368 case PT_SUNWSTACK: 369 args->stk_prot = PROT_USER; 370 if (phdrp->p_flags & PF_R) 371 args->stk_prot |= PROT_READ; 372 if (phdrp->p_flags & PF_W) 373 args->stk_prot |= PROT_WRITE; 374 if (phdrp->p_flags & PF_X) 375 args->stk_prot |= PROT_EXEC; 376 break; 377 case PT_LOAD: 378 dataphdrp = phdrp; 379 break; 380 case PT_SUNWCAP: 381 capphdr = phdrp; 382 break; 383 } 384 phdrp = (Phdr *)((caddr_t)phdrp + hsize); 385 } 386 387 if (ehdrp->e_type != ET_EXEC) { 388 dataphdrp = NULL; 389 hasauxv = 1; 390 } 391 392 /* Copy BSS permissions to args->dat_prot */ 393 if (dataphdrp != NULL) { 394 args->dat_prot = PROT_USER; 395 if (dataphdrp->p_flags & PF_R) 396 args->dat_prot |= PROT_READ; 397 if (dataphdrp->p_flags & PF_W) 398 args->dat_prot |= PROT_WRITE; 399 if (dataphdrp->p_flags & PF_X) 400 args->dat_prot |= PROT_EXEC; 401 } 402 403 /* 404 * If a auxvector will be required - reserve the space for 405 * it now. This may be increased by exec_args if there are 406 * ISA-specific types (included in __KERN_NAUXV_IMPL). 407 */ 408 if (hasauxv) { 409 /* 410 * If a AUX vector is being built - the base AUX 411 * entries are: 412 * 413 * AT_BASE 414 * AT_FLAGS 415 * AT_PAGESZ 416 * AT_SUN_LDSECURE 417 * AT_SUN_HWCAP 418 * AT_SUN_PLATFORM 419 * AT_SUN_EXECNAME 420 * AT_NULL 421 * 422 * total == 8 423 */ 424 if (hasdy && hasu) { 425 /* 426 * Has PT_INTERP & PT_PHDR - the auxvectors that 427 * will be built are: 428 * 429 * AT_PHDR 430 * AT_PHENT 431 * AT_PHNUM 432 * AT_ENTRY 433 * AT_LDDATA 434 * 435 * total = 5 436 */ 437 args->auxsize = (8 + 5) * sizeof (aux_entry_t); 438 } else if (hasdy) { 439 /* 440 * Has PT_INTERP but no PT_PHDR 441 * 442 * AT_EXECFD 443 * AT_LDDATA 444 * 445 * total = 2 446 */ 447 args->auxsize = (8 + 2) * sizeof (aux_entry_t); 448 } else { 449 args->auxsize = 8 * sizeof (aux_entry_t); 450 } 451 } else { 452 args->auxsize = 0; 453 } 454 455 /* 456 * If this binary is using an emulator, we need to add an 457 * AT_SUN_EMULATOR aux entry. 458 */ 459 if (args->emulator != NULL) 460 args->auxsize += sizeof (aux_entry_t); 461 462 if ((brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { 463 branded = 1; 464 /* 465 * We will be adding 4 entries to the aux vectors. One for 466 * the the brandname and 3 for the brand specific aux vectors. 467 */ 468 args->auxsize += 4 * sizeof (aux_entry_t); 469 } 470 471 /* Hardware/Software capabilities */ 472 if (capphdr != NULL && 473 (capsize = capphdr->p_filesz) > 0 && 474 capsize <= 16 * sizeof (*cap)) { 475 int ncaps = capsize / sizeof (*cap); 476 Cap *cp; 477 478 cap = kmem_alloc(capsize, KM_SLEEP); 479 if ((error = vn_rdwr(UIO_READ, vp, (caddr_t)cap, 480 capsize, (offset_t)capphdr->p_offset, 481 UIO_SYSSPACE, 0, (rlim64_t)0, CRED(), &resid)) != 0) { 482 uprintf("%s: Cannot read capabilities section\n", 483 exec_file); 484 goto out; 485 } 486 for (cp = cap; cp < cap + ncaps; cp++) { 487 if (cp->c_tag == CA_SUNW_SF_1 && 488 (cp->c_un.c_val & SF1_SUNW_ADDR32)) { 489 if (args->to_model == DATAMODEL_LP64) 490 args->addr32 = 1; 491 break; 492 } 493 } 494 } 495 496 aux = bigwad->elfargs; 497 /* 498 * Move args to the user's stack. 499 */ 500 if ((error = exec_args(uap, args, idatap, (void **)&aux)) != 0) { 501 if (error == -1) { 502 error = ENOEXEC; 503 goto bad; 504 } 505 goto out; 506 } 507 /* we're single threaded after this point */ 508 509 /* 510 * If this is an ET_DYN executable (shared object), 511 * determine its memory size so that mapelfexec() can load it. 512 */ 513 if (ehdrp->e_type == ET_DYN) 514 len = elfsize(ehdrp, nphdrs, phdrbase, NULL); 515 else 516 len = 0; 517 518 dtrphdr = NULL; 519 520 if ((error = mapelfexec(vp, ehdrp, nphdrs, phdrbase, &uphdr, &dyphdr, 521 &stphdr, &dtrphdr, dataphdrp, &bssbase, &brkbase, &voffset, NULL, 522 len, execsz, &brksize)) != 0) 523 goto bad; 524 525 if (uphdr != NULL && dyphdr == NULL) 526 goto bad; 527 528 if (dtrphdr != NULL && dtrace_safe_phdr(dtrphdr, args, voffset) != 0) { 529 uprintf("%s: Bad DTrace phdr in %s\n", exec_file, exec_file); 530 goto bad; 531 } 532 533 if (dyphdr != NULL) { 534 size_t len; 535 uintptr_t lddata; 536 char *p; 537 struct vnode *nvp; 538 539 dlnsize = dyphdr->p_filesz; 540 541 if (dlnsize > MAXPATHLEN || dlnsize <= 0) 542 goto bad; 543 544 /* 545 * Read in "interpreter" pathname. 546 */ 547 if ((error = vn_rdwr(UIO_READ, vp, dlnp, dyphdr->p_filesz, 548 (offset_t)dyphdr->p_offset, UIO_SYSSPACE, 0, (rlim64_t)0, 549 CRED(), &resid)) != 0) { 550 uprintf("%s: Cannot obtain interpreter pathname\n", 551 exec_file); 552 goto bad; 553 } 554 555 if (resid != 0 || dlnp[dlnsize - 1] != '\0') 556 goto bad; 557 558 /* 559 * Search for '$ORIGIN' token in interpreter path. 560 * If found, expand it. 561 */ 562 for (p = dlnp; p = strchr(p, '$'); ) { 563 uint_t len, curlen; 564 char *_ptr; 565 566 if (strncmp(++p, ORIGIN_STR, ORIGIN_STR_SIZE)) 567 continue; 568 569 curlen = 0; 570 len = p - dlnp - 1; 571 if (len) { 572 bcopy(dlnp, pathbufp, len); 573 curlen += len; 574 } 575 if (_ptr = strrchr(args->pathname, '/')) { 576 len = _ptr - args->pathname; 577 if ((curlen + len) > MAXPATHLEN) 578 break; 579 580 bcopy(args->pathname, &pathbufp[curlen], len); 581 curlen += len; 582 } else { 583 /* 584 * executable is a basename found in the 585 * current directory. So - just substitue 586 * '.' for ORIGIN. 587 */ 588 pathbufp[curlen] = '.'; 589 curlen++; 590 } 591 p += ORIGIN_STR_SIZE; 592 len = strlen(p); 593 594 if ((curlen + len) > MAXPATHLEN) 595 break; 596 bcopy(p, &pathbufp[curlen], len); 597 curlen += len; 598 pathbufp[curlen++] = '\0'; 599 bcopy(pathbufp, dlnp, curlen); 600 } 601 602 /* 603 * /usr/lib/ld.so.1 is known to be a symlink to /lib/ld.so.1 604 * (and /usr/lib/64/ld.so.1 is a symlink to /lib/64/ld.so.1). 605 * Just in case /usr is not mounted, change it now. 606 */ 607 if (strcmp(dlnp, USR_LIB_RTLD) == 0) 608 dlnp += 4; 609 error = lookupname(dlnp, UIO_SYSSPACE, FOLLOW, NULLVPP, &nvp); 610 if (error && dlnp != bigwad->dl_name) { 611 /* new kernel, old user-level */ 612 error = lookupname(dlnp -= 4, UIO_SYSSPACE, FOLLOW, 613 NULLVPP, &nvp); 614 } 615 if (error) { 616 uprintf("%s: Cannot find %s\n", exec_file, dlnp); 617 goto bad; 618 } 619 620 /* 621 * Setup the "aux" vector. 622 */ 623 if (uphdr) { 624 if (ehdrp->e_type == ET_DYN) { 625 /* don't use the first page */ 626 bigwad->exenv.ex_brkbase = (caddr_t)PAGESIZE; 627 bigwad->exenv.ex_bssbase = (caddr_t)PAGESIZE; 628 } else { 629 bigwad->exenv.ex_bssbase = bssbase; 630 bigwad->exenv.ex_brkbase = brkbase; 631 } 632 bigwad->exenv.ex_brksize = brksize; 633 bigwad->exenv.ex_magic = elfmagic; 634 bigwad->exenv.ex_vp = vp; 635 setexecenv(&bigwad->exenv); 636 637 ADDAUX(aux, AT_PHDR, uphdr->p_vaddr + voffset) 638 ADDAUX(aux, AT_PHENT, ehdrp->e_phentsize) 639 ADDAUX(aux, AT_PHNUM, nphdrs) 640 ADDAUX(aux, AT_ENTRY, ehdrp->e_entry + voffset) 641 } else { 642 if ((error = execopen(&vp, &fd)) != 0) { 643 VN_RELE(nvp); 644 goto bad; 645 } 646 647 ADDAUX(aux, AT_EXECFD, fd) 648 } 649 650 if ((error = execpermissions(nvp, &bigwad->vattr, args)) != 0) { 651 VN_RELE(nvp); 652 uprintf("%s: Cannot execute %s\n", exec_file, dlnp); 653 goto bad; 654 } 655 656 /* 657 * Now obtain the ELF header along with the entire program 658 * header contained in "nvp". 659 */ 660 kmem_free(phdrbase, phdrsize); 661 phdrbase = NULL; 662 if ((error = getelfhead(nvp, CRED(), ehdrp, &nshdrs, 663 &shstrndx, &nphdrs)) != 0 || 664 (error = getelfphdr(nvp, CRED(), ehdrp, nphdrs, &phdrbase, 665 &phdrsize)) != 0) { 666 VN_RELE(nvp); 667 uprintf("%s: Cannot read %s\n", exec_file, dlnp); 668 goto bad; 669 } 670 671 /* 672 * Determine memory size of the "interpreter's" loadable 673 * sections. This size is then used to obtain the virtual 674 * address of a hole, in the user's address space, large 675 * enough to map the "interpreter". 676 */ 677 if ((len = elfsize(ehdrp, nphdrs, phdrbase, &lddata)) == 0) { 678 VN_RELE(nvp); 679 uprintf("%s: Nothing to load in %s\n", exec_file, dlnp); 680 goto bad; 681 } 682 683 dtrphdr = NULL; 684 685 error = mapelfexec(nvp, ehdrp, nphdrs, phdrbase, &junk, &junk, 686 &junk, &dtrphdr, NULL, NULL, NULL, &voffset, NULL, len, 687 execsz, NULL); 688 if (error || junk != NULL) { 689 VN_RELE(nvp); 690 uprintf("%s: Cannot map %s\n", exec_file, dlnp); 691 goto bad; 692 } 693 694 /* 695 * We use the DTrace program header to initialize the 696 * architecture-specific user per-LWP location. The dtrace 697 * fasttrap provider requires ready access to per-LWP scratch 698 * space. We assume that there is only one such program header 699 * in the interpreter. 700 */ 701 if (dtrphdr != NULL && 702 dtrace_safe_phdr(dtrphdr, args, voffset) != 0) { 703 VN_RELE(nvp); 704 uprintf("%s: Bad DTrace phdr in %s\n", exec_file, dlnp); 705 goto bad; 706 } 707 708 VN_RELE(nvp); 709 ADDAUX(aux, AT_SUN_LDDATA, voffset + lddata) 710 } 711 712 if (hasauxv) { 713 int auxf = AF_SUN_HWCAPVERIFY; 714 /* 715 * Note: AT_SUN_PLATFORM was filled in via exec_args() 716 */ 717 ADDAUX(aux, AT_BASE, voffset) 718 ADDAUX(aux, AT_FLAGS, at_flags) 719 ADDAUX(aux, AT_PAGESZ, PAGESIZE) 720 /* 721 * Linker flags. (security) 722 * p_flag not yet set at this time. 723 * We rely on gexec() to provide us with the information. 724 * If the application is set-uid but this is not reflected 725 * in a mismatch between real/effective uids/gids, then 726 * don't treat this as a set-uid exec. So we care about 727 * the EXECSETID_UGIDS flag but not the ...SETID flag. 728 */ 729 if ((setid &= ~EXECSETID_SETID) != 0) 730 auxf |= AF_SUN_SETUGID; 731 732 /* 733 * If we're running a native process from within a branded 734 * zone under pfexec then we clear the AF_SUN_SETUGID flag so 735 * that the native ld.so.1 is able to link with the native 736 * libraries instead of using the brand libraries that are 737 * installed in the zone. We only do this for processes 738 * which we trust because we see they are already running 739 * under pfexec (where uid != euid). This prevents a 740 * malicious user within the zone from crafting a wrapper to 741 * run native suid commands with unsecure libraries interposed. 742 */ 743 if ((brand_action == EBA_NATIVE) && (PROC_IS_BRANDED(p) && 744 (setid &= ~EXECSETID_SETID) != 0)) 745 auxf &= ~AF_SUN_SETUGID; 746 747 /* 748 * Record the user addr of the auxflags aux vector entry 749 * since brands may optionally want to manipulate this field. 750 */ 751 args->auxp_auxflags = 752 (char *)((char *)args->stackend + 753 ((char *)&aux->a_type - 754 (char *)bigwad->elfargs)); 755 ADDAUX(aux, AT_SUN_AUXFLAGS, auxf); 756 /* 757 * Hardware capability flag word (performance hints) 758 * Used for choosing faster library routines. 759 * (Potentially different between 32-bit and 64-bit ABIs) 760 */ 761 #if defined(_LP64) 762 if (args->to_model == DATAMODEL_NATIVE) 763 ADDAUX(aux, AT_SUN_HWCAP, auxv_hwcap) 764 else 765 ADDAUX(aux, AT_SUN_HWCAP, auxv_hwcap32) 766 #else 767 ADDAUX(aux, AT_SUN_HWCAP, auxv_hwcap) 768 #endif 769 if (branded) { 770 /* 771 * Reserve space for the brand-private aux vectors, 772 * and record the user addr of that space. 773 */ 774 args->auxp_brand = 775 (char *)((char *)args->stackend + 776 ((char *)&aux->a_type - 777 (char *)bigwad->elfargs)); 778 ADDAUX(aux, AT_SUN_BRAND_AUX1, 0) 779 ADDAUX(aux, AT_SUN_BRAND_AUX2, 0) 780 ADDAUX(aux, AT_SUN_BRAND_AUX3, 0) 781 } 782 783 ADDAUX(aux, AT_NULL, 0) 784 postfixsize = (char *)aux - (char *)bigwad->elfargs; 785 ASSERT(postfixsize == args->auxsize); 786 ASSERT(postfixsize <= __KERN_NAUXV_IMPL * sizeof (aux_entry_t)); 787 } 788 789 /* 790 * For the 64-bit kernel, the limit is big enough that rounding it up 791 * to a page can overflow the 64-bit limit, so we check for btopr() 792 * overflowing here by comparing it with the unrounded limit in pages. 793 * If it hasn't overflowed, compare the exec size with the rounded up 794 * limit in pages. Otherwise, just compare with the unrounded limit. 795 */ 796 limit = btop(p->p_vmem_ctl); 797 roundlimit = btopr(p->p_vmem_ctl); 798 if ((roundlimit > limit && *execsz > roundlimit) || 799 (roundlimit < limit && *execsz > limit)) { 800 mutex_enter(&p->p_lock); 801 (void) rctl_action(rctlproc_legacy[RLIMIT_VMEM], p->p_rctls, p, 802 RCA_SAFE); 803 mutex_exit(&p->p_lock); 804 error = ENOMEM; 805 goto bad; 806 } 807 808 bzero(up->u_auxv, sizeof (up->u_auxv)); 809 if (postfixsize) { 810 int num_auxv; 811 812 /* 813 * Copy the aux vector to the user stack. 814 */ 815 error = execpoststack(args, bigwad->elfargs, postfixsize); 816 if (error) 817 goto bad; 818 819 /* 820 * Copy auxv to the process's user structure for use by /proc. 821 * If this is a branded process, the brand's exec routine will 822 * copy it's private entries to the user structure later. It 823 * relies on the fact that the blank entries are at the end. 824 */ 825 num_auxv = postfixsize / sizeof (aux_entry_t); 826 ASSERT(num_auxv <= sizeof (up->u_auxv) / sizeof (auxv_t)); 827 aux = bigwad->elfargs; 828 for (i = 0; i < num_auxv; i++) { 829 up->u_auxv[i].a_type = aux[i].a_type; 830 up->u_auxv[i].a_un.a_val = (aux_val_t)aux[i].a_un.a_val; 831 } 832 } 833 834 /* 835 * Pass back the starting address so we can set the program counter. 836 */ 837 args->entry = (uintptr_t)(ehdrp->e_entry + voffset); 838 839 if (!uphdr) { 840 if (ehdrp->e_type == ET_DYN) { 841 /* 842 * If we are executing a shared library which doesn't 843 * have a interpreter (probably ld.so.1) then 844 * we don't set the brkbase now. Instead we 845 * delay it's setting until the first call 846 * via grow.c::brk(). This permits ld.so.1 to 847 * initialize brkbase to the tail of the executable it 848 * loads (which is where it needs to be). 849 */ 850 bigwad->exenv.ex_brkbase = (caddr_t)0; 851 bigwad->exenv.ex_bssbase = (caddr_t)0; 852 bigwad->exenv.ex_brksize = 0; 853 } else { 854 bigwad->exenv.ex_brkbase = brkbase; 855 bigwad->exenv.ex_bssbase = bssbase; 856 bigwad->exenv.ex_brksize = brksize; 857 } 858 bigwad->exenv.ex_magic = elfmagic; 859 bigwad->exenv.ex_vp = vp; 860 setexecenv(&bigwad->exenv); 861 } 862 863 ASSERT(error == 0); 864 goto out; 865 866 bad: 867 if (fd != -1) /* did we open the a.out yet */ 868 (void) execclose(fd); 869 870 psignal(p, SIGKILL); 871 872 if (error == 0) 873 error = ENOEXEC; 874 out: 875 if (phdrbase != NULL) 876 kmem_free(phdrbase, phdrsize); 877 if (cap != NULL) 878 kmem_free(cap, capsize); 879 kmem_free(bigwad, sizeof (struct bigwad)); 880 return (error); 881 } 882 883 /* 884 * Compute the memory size requirement for the ELF file. 885 */ 886 static size_t 887 elfsize(Ehdr *ehdrp, int nphdrs, caddr_t phdrbase, uintptr_t *lddata) 888 { 889 size_t len; 890 Phdr *phdrp = (Phdr *)phdrbase; 891 int hsize = ehdrp->e_phentsize; 892 int first = 1; 893 int dfirst = 1; /* first data segment */ 894 uintptr_t loaddr = 0; 895 uintptr_t hiaddr = 0; 896 uintptr_t lo, hi; 897 int i; 898 899 for (i = nphdrs; i > 0; i--) { 900 if (phdrp->p_type == PT_LOAD) { 901 lo = phdrp->p_vaddr; 902 hi = lo + phdrp->p_memsz; 903 if (first) { 904 loaddr = lo; 905 hiaddr = hi; 906 first = 0; 907 } else { 908 if (loaddr > lo) 909 loaddr = lo; 910 if (hiaddr < hi) 911 hiaddr = hi; 912 } 913 914 /* 915 * save the address of the first data segment 916 * of a object - used for the AT_SUNW_LDDATA 917 * aux entry. 918 */ 919 if ((lddata != NULL) && dfirst && 920 (phdrp->p_flags & PF_W)) { 921 *lddata = lo; 922 dfirst = 0; 923 } 924 } 925 phdrp = (Phdr *)((caddr_t)phdrp + hsize); 926 } 927 928 len = hiaddr - (loaddr & PAGEMASK); 929 len = roundup(len, PAGESIZE); 930 931 return (len); 932 } 933 934 /* 935 * Read in the ELF header and program header table. 936 * SUSV3 requires: 937 * ENOEXEC File format is not recognized 938 * EINVAL Format recognized but execution not supported 939 */ 940 static int 941 getelfhead(vnode_t *vp, cred_t *credp, Ehdr *ehdr, int *nshdrs, int *shstrndx, 942 int *nphdrs) 943 { 944 int error; 945 ssize_t resid; 946 947 /* 948 * We got here by the first two bytes in ident, 949 * now read the entire ELF header. 950 */ 951 if ((error = vn_rdwr(UIO_READ, vp, (caddr_t)ehdr, 952 sizeof (Ehdr), (offset_t)0, UIO_SYSSPACE, 0, 953 (rlim64_t)0, credp, &resid)) != 0) 954 return (error); 955 956 /* 957 * Since a separate version is compiled for handling 32-bit and 958 * 64-bit ELF executables on a 64-bit kernel, the 64-bit version 959 * doesn't need to be able to deal with 32-bit ELF files. 960 */ 961 if (resid != 0 || 962 ehdr->e_ident[EI_MAG2] != ELFMAG2 || 963 ehdr->e_ident[EI_MAG3] != ELFMAG3) 964 return (ENOEXEC); 965 966 if ((ehdr->e_type != ET_EXEC && ehdr->e_type != ET_DYN) || 967 #if defined(_ILP32) || defined(_ELF32_COMPAT) 968 ehdr->e_ident[EI_CLASS] != ELFCLASS32 || 969 #else 970 ehdr->e_ident[EI_CLASS] != ELFCLASS64 || 971 #endif 972 !elfheadcheck(ehdr->e_ident[EI_DATA], ehdr->e_machine, 973 ehdr->e_flags)) 974 return (EINVAL); 975 976 *nshdrs = ehdr->e_shnum; 977 *shstrndx = ehdr->e_shstrndx; 978 *nphdrs = ehdr->e_phnum; 979 980 /* 981 * If e_shnum, e_shstrndx, or e_phnum is its sentinel value, we need 982 * to read in the section header at index zero to acces the true 983 * values for those fields. 984 */ 985 if ((*nshdrs == 0 && ehdr->e_shoff != 0) || 986 *shstrndx == SHN_XINDEX || *nphdrs == PN_XNUM) { 987 Shdr shdr; 988 989 if (ehdr->e_shoff == 0) 990 return (EINVAL); 991 992 if ((error = vn_rdwr(UIO_READ, vp, (caddr_t)&shdr, 993 sizeof (shdr), (offset_t)ehdr->e_shoff, UIO_SYSSPACE, 0, 994 (rlim64_t)0, credp, &resid)) != 0) 995 return (error); 996 997 if (*nshdrs == 0) 998 *nshdrs = shdr.sh_size; 999 if (*shstrndx == SHN_XINDEX) 1000 *shstrndx = shdr.sh_link; 1001 if (*nphdrs == PN_XNUM && shdr.sh_info != 0) 1002 *nphdrs = shdr.sh_info; 1003 } 1004 1005 return (0); 1006 } 1007 1008 #ifdef _ELF32_COMPAT 1009 extern size_t elf_nphdr_max; 1010 #else 1011 size_t elf_nphdr_max = 1000; 1012 #endif 1013 1014 static int 1015 getelfphdr(vnode_t *vp, cred_t *credp, const Ehdr *ehdr, int nphdrs, 1016 caddr_t *phbasep, ssize_t *phsizep) 1017 { 1018 ssize_t resid, minsize; 1019 int err; 1020 1021 /* 1022 * Since we're going to be using e_phentsize to iterate down the 1023 * array of program headers, it must be 8-byte aligned or else 1024 * a we might cause a misaligned access. We use all members through 1025 * p_flags on 32-bit ELF files and p_memsz on 64-bit ELF files so 1026 * e_phentsize must be at least large enough to include those 1027 * members. 1028 */ 1029 #if !defined(_LP64) || defined(_ELF32_COMPAT) 1030 minsize = offsetof(Phdr, p_flags) + sizeof (((Phdr *)NULL)->p_flags); 1031 #else 1032 minsize = offsetof(Phdr, p_memsz) + sizeof (((Phdr *)NULL)->p_memsz); 1033 #endif 1034 if (ehdr->e_phentsize < minsize || (ehdr->e_phentsize & 3)) 1035 return (EINVAL); 1036 1037 *phsizep = nphdrs * ehdr->e_phentsize; 1038 1039 if (*phsizep > sizeof (Phdr) * elf_nphdr_max) { 1040 if ((*phbasep = kmem_alloc(*phsizep, KM_NOSLEEP)) == NULL) 1041 return (ENOMEM); 1042 } else { 1043 *phbasep = kmem_alloc(*phsizep, KM_SLEEP); 1044 } 1045 1046 if ((err = vn_rdwr(UIO_READ, vp, *phbasep, *phsizep, 1047 (offset_t)ehdr->e_phoff, UIO_SYSSPACE, 0, (rlim64_t)0, 1048 credp, &resid)) != 0) { 1049 kmem_free(*phbasep, *phsizep); 1050 *phbasep = NULL; 1051 return (err); 1052 } 1053 1054 return (0); 1055 } 1056 1057 #ifdef _ELF32_COMPAT 1058 extern size_t elf_nshdr_max; 1059 extern size_t elf_shstrtab_max; 1060 #else 1061 size_t elf_nshdr_max = 10000; 1062 size_t elf_shstrtab_max = 100 * 1024; 1063 #endif 1064 1065 1066 static int 1067 getelfshdr(vnode_t *vp, cred_t *credp, const Ehdr *ehdr, 1068 int nshdrs, int shstrndx, caddr_t *shbasep, ssize_t *shsizep, 1069 char **shstrbasep, ssize_t *shstrsizep) 1070 { 1071 ssize_t resid, minsize; 1072 int err; 1073 Shdr *shdr; 1074 1075 /* 1076 * Since we're going to be using e_shentsize to iterate down the 1077 * array of section headers, it must be 8-byte aligned or else 1078 * a we might cause a misaligned access. We use all members through 1079 * sh_entsize (on both 32- and 64-bit ELF files) so e_shentsize 1080 * must be at least large enough to include that member. The index 1081 * of the string table section must also be valid. 1082 */ 1083 minsize = offsetof(Shdr, sh_entsize) + sizeof (shdr->sh_entsize); 1084 if (ehdr->e_shentsize < minsize || (ehdr->e_shentsize & 3) || 1085 shstrndx >= nshdrs) 1086 return (EINVAL); 1087 1088 *shsizep = nshdrs * ehdr->e_shentsize; 1089 1090 if (*shsizep > sizeof (Shdr) * elf_nshdr_max) { 1091 if ((*shbasep = kmem_alloc(*shsizep, KM_NOSLEEP)) == NULL) 1092 return (ENOMEM); 1093 } else { 1094 *shbasep = kmem_alloc(*shsizep, KM_SLEEP); 1095 } 1096 1097 if ((err = vn_rdwr(UIO_READ, vp, *shbasep, *shsizep, 1098 (offset_t)ehdr->e_shoff, UIO_SYSSPACE, 0, (rlim64_t)0, 1099 credp, &resid)) != 0) { 1100 kmem_free(*shbasep, *shsizep); 1101 return (err); 1102 } 1103 1104 /* 1105 * Pull the section string table out of the vnode; fail if the size 1106 * is zero. 1107 */ 1108 shdr = (Shdr *)(*shbasep + shstrndx * ehdr->e_shentsize); 1109 if ((*shstrsizep = shdr->sh_size) == 0) { 1110 kmem_free(*shbasep, *shsizep); 1111 return (EINVAL); 1112 } 1113 1114 if (*shstrsizep > elf_shstrtab_max) { 1115 if ((*shstrbasep = kmem_alloc(*shstrsizep, 1116 KM_NOSLEEP)) == NULL) { 1117 kmem_free(*shbasep, *shsizep); 1118 return (ENOMEM); 1119 } 1120 } else { 1121 *shstrbasep = kmem_alloc(*shstrsizep, KM_SLEEP); 1122 } 1123 1124 if ((err = vn_rdwr(UIO_READ, vp, *shstrbasep, *shstrsizep, 1125 (offset_t)shdr->sh_offset, UIO_SYSSPACE, 0, (rlim64_t)0, 1126 credp, &resid)) != 0) { 1127 kmem_free(*shbasep, *shsizep); 1128 kmem_free(*shstrbasep, *shstrsizep); 1129 return (err); 1130 } 1131 1132 /* 1133 * Make sure the strtab is null-terminated to make sure we 1134 * don't run off the end of the table. 1135 */ 1136 (*shstrbasep)[*shstrsizep - 1] = '\0'; 1137 1138 return (0); 1139 } 1140 1141 static int 1142 mapelfexec( 1143 vnode_t *vp, 1144 Ehdr *ehdr, 1145 int nphdrs, 1146 caddr_t phdrbase, 1147 Phdr **uphdr, 1148 Phdr **dyphdr, 1149 Phdr **stphdr, 1150 Phdr **dtphdr, 1151 Phdr *dataphdrp, 1152 caddr_t *bssbase, 1153 caddr_t *brkbase, 1154 intptr_t *voffset, 1155 intptr_t *minaddr, 1156 size_t len, 1157 long *execsz, 1158 size_t *brksize) 1159 { 1160 Phdr *phdr; 1161 int i, prot, error; 1162 caddr_t addr = NULL; 1163 size_t zfodsz; 1164 int ptload = 0; 1165 int page; 1166 off_t offset; 1167 int hsize = ehdr->e_phentsize; 1168 caddr_t mintmp = (caddr_t)-1; 1169 extern int use_brk_lpg; 1170 1171 if (ehdr->e_type == ET_DYN) { 1172 /* 1173 * Obtain the virtual address of a hole in the 1174 * address space to map the "interpreter". 1175 */ 1176 map_addr(&addr, len, (offset_t)0, 1, 0); 1177 if (addr == NULL) 1178 return (ENOMEM); 1179 *voffset = (intptr_t)addr; 1180 1181 /* 1182 * Calculate the minimum vaddr so it can be subtracted out. 1183 * According to the ELF specification, since PT_LOAD sections 1184 * must be sorted by increasing p_vaddr values, this is 1185 * guaranteed to be the first PT_LOAD section. 1186 */ 1187 phdr = (Phdr *)phdrbase; 1188 for (i = nphdrs; i > 0; i--) { 1189 if (phdr->p_type == PT_LOAD) { 1190 *voffset -= (uintptr_t)phdr->p_vaddr; 1191 break; 1192 } 1193 phdr = (Phdr *)((caddr_t)phdr + hsize); 1194 } 1195 1196 } else { 1197 *voffset = 0; 1198 } 1199 phdr = (Phdr *)phdrbase; 1200 for (i = nphdrs; i > 0; i--) { 1201 switch (phdr->p_type) { 1202 case PT_LOAD: 1203 if ((*dyphdr != NULL) && (*uphdr == NULL)) 1204 return (0); 1205 1206 ptload = 1; 1207 prot = PROT_USER; 1208 if (phdr->p_flags & PF_R) 1209 prot |= PROT_READ; 1210 if (phdr->p_flags & PF_W) 1211 prot |= PROT_WRITE; 1212 if (phdr->p_flags & PF_X) 1213 prot |= PROT_EXEC; 1214 1215 addr = (caddr_t)((uintptr_t)phdr->p_vaddr + *voffset); 1216 1217 /* 1218 * Keep track of the segment with the lowest starting 1219 * address. 1220 */ 1221 if (addr < mintmp) 1222 mintmp = addr; 1223 1224 zfodsz = (size_t)phdr->p_memsz - phdr->p_filesz; 1225 1226 offset = phdr->p_offset; 1227 if (((uintptr_t)offset & PAGEOFFSET) == 1228 ((uintptr_t)addr & PAGEOFFSET) && 1229 (!(vp->v_flag & VNOMAP))) { 1230 page = 1; 1231 } else { 1232 page = 0; 1233 } 1234 1235 /* 1236 * Set the heap pagesize for OOB when the bss size 1237 * is known and use_brk_lpg is not 0. 1238 */ 1239 if (brksize != NULL && use_brk_lpg && 1240 zfodsz != 0 && phdr == dataphdrp && 1241 (prot & PROT_WRITE)) { 1242 size_t tlen = P2NPHASE((uintptr_t)addr + 1243 phdr->p_filesz, PAGESIZE); 1244 1245 if (zfodsz > tlen) { 1246 curproc->p_brkpageszc = 1247 page_szc(map_pgsz(MAPPGSZ_HEAP, 1248 curproc, addr + phdr->p_filesz + 1249 tlen, zfodsz - tlen, 0)); 1250 } 1251 } 1252 1253 if (curproc->p_brkpageszc != 0 && phdr == dataphdrp && 1254 (prot & PROT_WRITE)) { 1255 uint_t szc = curproc->p_brkpageszc; 1256 size_t pgsz = page_get_pagesize(szc); 1257 caddr_t ebss = addr + phdr->p_memsz; 1258 size_t extra_zfodsz; 1259 1260 ASSERT(pgsz > PAGESIZE); 1261 1262 extra_zfodsz = P2NPHASE((uintptr_t)ebss, pgsz); 1263 1264 if (error = execmap(vp, addr, phdr->p_filesz, 1265 zfodsz + extra_zfodsz, phdr->p_offset, 1266 prot, page, szc)) 1267 goto bad; 1268 if (brksize != NULL) 1269 *brksize = extra_zfodsz; 1270 } else { 1271 if (error = execmap(vp, addr, phdr->p_filesz, 1272 zfodsz, phdr->p_offset, prot, page, 0)) 1273 goto bad; 1274 } 1275 1276 if (bssbase != NULL && addr >= *bssbase && 1277 phdr == dataphdrp) { 1278 *bssbase = addr + phdr->p_filesz; 1279 } 1280 if (brkbase != NULL && addr >= *brkbase) { 1281 *brkbase = addr + phdr->p_memsz; 1282 } 1283 1284 *execsz += btopr(phdr->p_memsz); 1285 break; 1286 1287 case PT_INTERP: 1288 if (ptload) 1289 goto bad; 1290 *dyphdr = phdr; 1291 break; 1292 1293 case PT_SHLIB: 1294 *stphdr = phdr; 1295 break; 1296 1297 case PT_PHDR: 1298 if (ptload) 1299 goto bad; 1300 *uphdr = phdr; 1301 break; 1302 1303 case PT_NULL: 1304 case PT_DYNAMIC: 1305 case PT_NOTE: 1306 break; 1307 1308 case PT_SUNWDTRACE: 1309 if (dtphdr != NULL) 1310 *dtphdr = phdr; 1311 break; 1312 1313 default: 1314 break; 1315 } 1316 phdr = (Phdr *)((caddr_t)phdr + hsize); 1317 } 1318 1319 if (minaddr != NULL) { 1320 ASSERT(mintmp != (caddr_t)-1); 1321 *minaddr = (intptr_t)mintmp; 1322 } 1323 1324 return (0); 1325 bad: 1326 if (error == 0) 1327 error = EINVAL; 1328 return (error); 1329 } 1330 1331 int 1332 elfnote(vnode_t *vp, offset_t *offsetp, int type, int descsz, void *desc, 1333 rlim64_t rlimit, cred_t *credp) 1334 { 1335 Note note; 1336 int error; 1337 1338 bzero(¬e, sizeof (note)); 1339 bcopy("CORE", note.name, 4); 1340 note.nhdr.n_type = type; 1341 /* 1342 * The System V ABI states that n_namesz must be the length of the 1343 * string that follows the Nhdr structure including the terminating 1344 * null. The ABI also specifies that sufficient padding should be 1345 * included so that the description that follows the name string 1346 * begins on a 4- or 8-byte boundary for 32- and 64-bit binaries 1347 * respectively. However, since this change was not made correctly 1348 * at the time of the 64-bit port, both 32- and 64-bit binaries 1349 * descriptions are only guaranteed to begin on a 4-byte boundary. 1350 */ 1351 note.nhdr.n_namesz = 5; 1352 note.nhdr.n_descsz = roundup(descsz, sizeof (Word)); 1353 1354 if (error = core_write(vp, UIO_SYSSPACE, *offsetp, ¬e, 1355 sizeof (note), rlimit, credp)) 1356 return (error); 1357 1358 *offsetp += sizeof (note); 1359 1360 if (error = core_write(vp, UIO_SYSSPACE, *offsetp, desc, 1361 note.nhdr.n_descsz, rlimit, credp)) 1362 return (error); 1363 1364 *offsetp += note.nhdr.n_descsz; 1365 return (0); 1366 } 1367 1368 /* 1369 * Copy the section data from one vnode to the section of another vnode. 1370 */ 1371 static void 1372 copy_scn(Shdr *src, vnode_t *src_vp, Shdr *dst, vnode_t *dst_vp, Off *doffset, 1373 void *buf, size_t size, cred_t *credp, rlim64_t rlimit) 1374 { 1375 ssize_t resid; 1376 size_t len, n = src->sh_size; 1377 offset_t off = 0; 1378 1379 while (n != 0) { 1380 len = MIN(size, n); 1381 if (vn_rdwr(UIO_READ, src_vp, buf, len, src->sh_offset + off, 1382 UIO_SYSSPACE, 0, (rlim64_t)0, credp, &resid) != 0 || 1383 resid >= len || 1384 core_write(dst_vp, UIO_SYSSPACE, *doffset + off, 1385 buf, len - resid, rlimit, credp) != 0) { 1386 dst->sh_size = 0; 1387 dst->sh_offset = 0; 1388 return; 1389 } 1390 1391 ASSERT(n >= len - resid); 1392 1393 n -= len - resid; 1394 off += len - resid; 1395 } 1396 1397 *doffset += src->sh_size; 1398 } 1399 1400 #ifdef _ELF32_COMPAT 1401 extern size_t elf_datasz_max; 1402 #else 1403 size_t elf_datasz_max = 1 * 1024 * 1024; 1404 #endif 1405 1406 /* 1407 * This function processes mappings that correspond to load objects to 1408 * examine their respective sections for elfcore(). It's called once with 1409 * v set to NULL to count the number of sections that we're going to need 1410 * and then again with v set to some allocated buffer that we fill in with 1411 * all the section data. 1412 */ 1413 static int 1414 process_scns(core_content_t content, proc_t *p, cred_t *credp, vnode_t *vp, 1415 Shdr *v, int nv, rlim64_t rlimit, Off *doffsetp, int *nshdrsp) 1416 { 1417 vnode_t *lastvp = NULL; 1418 struct seg *seg; 1419 int i, j; 1420 void *data = NULL; 1421 size_t datasz = 0; 1422 shstrtab_t shstrtab; 1423 struct as *as = p->p_as; 1424 int error = 0; 1425 1426 if (v != NULL) 1427 shstrtab_init(&shstrtab); 1428 1429 i = 1; 1430 for (seg = AS_SEGFIRST(as); seg != NULL; seg = AS_SEGNEXT(as, seg)) { 1431 uint_t prot; 1432 vnode_t *mvp; 1433 void *tmp = NULL; 1434 caddr_t saddr = seg->s_base; 1435 caddr_t naddr; 1436 caddr_t eaddr; 1437 size_t segsize; 1438 1439 Ehdr ehdr; 1440 int nshdrs, shstrndx, nphdrs; 1441 caddr_t shbase; 1442 ssize_t shsize; 1443 char *shstrbase; 1444 ssize_t shstrsize; 1445 1446 Shdr *shdr; 1447 const char *name; 1448 size_t sz; 1449 uintptr_t off; 1450 1451 int ctf_ndx = 0; 1452 int symtab_ndx = 0; 1453 1454 /* 1455 * Since we're just looking for text segments of load 1456 * objects, we only care about the protection bits; we don't 1457 * care about the actual size of the segment so we use the 1458 * reserved size. If the segment's size is zero, there's 1459 * something fishy going on so we ignore this segment. 1460 */ 1461 if (seg->s_ops != &segvn_ops || 1462 SEGOP_GETVP(seg, seg->s_base, &mvp) != 0 || 1463 mvp == lastvp || mvp == NULL || mvp->v_type != VREG || 1464 (segsize = pr_getsegsize(seg, 1)) == 0) 1465 continue; 1466 1467 eaddr = saddr + segsize; 1468 prot = pr_getprot(seg, 1, &tmp, &saddr, &naddr, eaddr); 1469 pr_getprot_done(&tmp); 1470 1471 /* 1472 * Skip this segment unless the protection bits look like 1473 * what we'd expect for a text segment. 1474 */ 1475 if ((prot & (PROT_WRITE | PROT_EXEC)) != PROT_EXEC) 1476 continue; 1477 1478 if (getelfhead(mvp, credp, &ehdr, &nshdrs, &shstrndx, 1479 &nphdrs) != 0 || 1480 getelfshdr(mvp, credp, &ehdr, nshdrs, shstrndx, 1481 &shbase, &shsize, &shstrbase, &shstrsize) != 0) 1482 continue; 1483 1484 off = ehdr.e_shentsize; 1485 for (j = 1; j < nshdrs; j++, off += ehdr.e_shentsize) { 1486 Shdr *symtab = NULL, *strtab; 1487 1488 shdr = (Shdr *)(shbase + off); 1489 1490 if (shdr->sh_name >= shstrsize) 1491 continue; 1492 1493 name = shstrbase + shdr->sh_name; 1494 1495 if (strcmp(name, shstrtab_data[STR_CTF]) == 0) { 1496 if ((content & CC_CONTENT_CTF) == 0 || 1497 ctf_ndx != 0) 1498 continue; 1499 1500 if (shdr->sh_link > 0 && 1501 shdr->sh_link < nshdrs) { 1502 symtab = (Shdr *)(shbase + 1503 shdr->sh_link * ehdr.e_shentsize); 1504 } 1505 1506 if (v != NULL && i < nv - 1) { 1507 if (shdr->sh_size > datasz && 1508 shdr->sh_size <= elf_datasz_max) { 1509 if (data != NULL) 1510 kmem_free(data, datasz); 1511 1512 datasz = shdr->sh_size; 1513 data = kmem_alloc(datasz, 1514 KM_SLEEP); 1515 } 1516 1517 v[i].sh_name = shstrtab_ndx(&shstrtab, 1518 STR_CTF); 1519 v[i].sh_addr = (Addr)(uintptr_t)saddr; 1520 v[i].sh_type = SHT_PROGBITS; 1521 v[i].sh_addralign = 4; 1522 *doffsetp = roundup(*doffsetp, 1523 v[i].sh_addralign); 1524 v[i].sh_offset = *doffsetp; 1525 v[i].sh_size = shdr->sh_size; 1526 if (symtab == NULL) { 1527 v[i].sh_link = 0; 1528 } else if (symtab->sh_type == 1529 SHT_SYMTAB && 1530 symtab_ndx != 0) { 1531 v[i].sh_link = 1532 symtab_ndx; 1533 } else { 1534 v[i].sh_link = i + 1; 1535 } 1536 1537 copy_scn(shdr, mvp, &v[i], vp, 1538 doffsetp, data, datasz, credp, 1539 rlimit); 1540 } 1541 1542 ctf_ndx = i++; 1543 1544 /* 1545 * We've already dumped the symtab. 1546 */ 1547 if (symtab != NULL && 1548 symtab->sh_type == SHT_SYMTAB && 1549 symtab_ndx != 0) 1550 continue; 1551 1552 } else if (strcmp(name, 1553 shstrtab_data[STR_SYMTAB]) == 0) { 1554 if ((content & CC_CONTENT_SYMTAB) == 0 || 1555 symtab != 0) 1556 continue; 1557 1558 symtab = shdr; 1559 } 1560 1561 if (symtab != NULL) { 1562 if ((symtab->sh_type != SHT_DYNSYM && 1563 symtab->sh_type != SHT_SYMTAB) || 1564 symtab->sh_link == 0 || 1565 symtab->sh_link >= nshdrs) 1566 continue; 1567 1568 strtab = (Shdr *)(shbase + 1569 symtab->sh_link * ehdr.e_shentsize); 1570 1571 if (strtab->sh_type != SHT_STRTAB) 1572 continue; 1573 1574 if (v != NULL && i < nv - 2) { 1575 sz = MAX(symtab->sh_size, 1576 strtab->sh_size); 1577 if (sz > datasz && 1578 sz <= elf_datasz_max) { 1579 if (data != NULL) 1580 kmem_free(data, datasz); 1581 1582 datasz = sz; 1583 data = kmem_alloc(datasz, 1584 KM_SLEEP); 1585 } 1586 1587 if (symtab->sh_type == SHT_DYNSYM) { 1588 v[i].sh_name = shstrtab_ndx( 1589 &shstrtab, STR_DYNSYM); 1590 v[i + 1].sh_name = shstrtab_ndx( 1591 &shstrtab, STR_DYNSTR); 1592 } else { 1593 v[i].sh_name = shstrtab_ndx( 1594 &shstrtab, STR_SYMTAB); 1595 v[i + 1].sh_name = shstrtab_ndx( 1596 &shstrtab, STR_STRTAB); 1597 } 1598 1599 v[i].sh_type = symtab->sh_type; 1600 v[i].sh_addr = symtab->sh_addr; 1601 if (ehdr.e_type == ET_DYN || 1602 v[i].sh_addr == 0) 1603 v[i].sh_addr += 1604 (Addr)(uintptr_t)saddr; 1605 v[i].sh_addralign = 1606 symtab->sh_addralign; 1607 *doffsetp = roundup(*doffsetp, 1608 v[i].sh_addralign); 1609 v[i].sh_offset = *doffsetp; 1610 v[i].sh_size = symtab->sh_size; 1611 v[i].sh_link = i + 1; 1612 v[i].sh_entsize = symtab->sh_entsize; 1613 v[i].sh_info = symtab->sh_info; 1614 1615 copy_scn(symtab, mvp, &v[i], vp, 1616 doffsetp, data, datasz, credp, 1617 rlimit); 1618 1619 v[i + 1].sh_type = SHT_STRTAB; 1620 v[i + 1].sh_flags = SHF_STRINGS; 1621 v[i + 1].sh_addr = symtab->sh_addr; 1622 if (ehdr.e_type == ET_DYN || 1623 v[i + 1].sh_addr == 0) 1624 v[i + 1].sh_addr += 1625 (Addr)(uintptr_t)saddr; 1626 v[i + 1].sh_addralign = 1627 strtab->sh_addralign; 1628 *doffsetp = roundup(*doffsetp, 1629 v[i + 1].sh_addralign); 1630 v[i + 1].sh_offset = *doffsetp; 1631 v[i + 1].sh_size = strtab->sh_size; 1632 1633 copy_scn(strtab, mvp, &v[i + 1], vp, 1634 doffsetp, data, datasz, credp, 1635 rlimit); 1636 } 1637 1638 if (symtab->sh_type == SHT_SYMTAB) 1639 symtab_ndx = i; 1640 i += 2; 1641 } 1642 } 1643 1644 kmem_free(shstrbase, shstrsize); 1645 kmem_free(shbase, shsize); 1646 1647 lastvp = mvp; 1648 } 1649 1650 if (v == NULL) { 1651 if (i == 1) 1652 *nshdrsp = 0; 1653 else 1654 *nshdrsp = i + 1; 1655 goto done; 1656 } 1657 1658 if (i != nv - 1) { 1659 cmn_err(CE_WARN, "elfcore: core dump failed for " 1660 "process %d; address space is changing", p->p_pid); 1661 error = EIO; 1662 goto done; 1663 } 1664 1665 v[i].sh_name = shstrtab_ndx(&shstrtab, STR_SHSTRTAB); 1666 v[i].sh_size = shstrtab_size(&shstrtab); 1667 v[i].sh_addralign = 1; 1668 *doffsetp = roundup(*doffsetp, v[i].sh_addralign); 1669 v[i].sh_offset = *doffsetp; 1670 v[i].sh_flags = SHF_STRINGS; 1671 v[i].sh_type = SHT_STRTAB; 1672 1673 if (v[i].sh_size > datasz) { 1674 if (data != NULL) 1675 kmem_free(data, datasz); 1676 1677 datasz = v[i].sh_size; 1678 data = kmem_alloc(datasz, 1679 KM_SLEEP); 1680 } 1681 1682 shstrtab_dump(&shstrtab, data); 1683 1684 if ((error = core_write(vp, UIO_SYSSPACE, *doffsetp, 1685 data, v[i].sh_size, rlimit, credp)) != 0) 1686 goto done; 1687 1688 *doffsetp += v[i].sh_size; 1689 1690 done: 1691 if (data != NULL) 1692 kmem_free(data, datasz); 1693 1694 return (error); 1695 } 1696 1697 int 1698 elfcore(vnode_t *vp, proc_t *p, cred_t *credp, rlim64_t rlimit, int sig, 1699 core_content_t content) 1700 { 1701 offset_t poffset, soffset; 1702 Off doffset; 1703 int error, i, nphdrs, nshdrs; 1704 int overflow = 0; 1705 struct seg *seg; 1706 struct as *as = p->p_as; 1707 union { 1708 Ehdr ehdr; 1709 Phdr phdr[1]; 1710 Shdr shdr[1]; 1711 } *bigwad; 1712 size_t bigsize; 1713 size_t phdrsz, shdrsz; 1714 Ehdr *ehdr; 1715 Phdr *v; 1716 caddr_t brkbase; 1717 size_t brksize; 1718 caddr_t stkbase; 1719 size_t stksize; 1720 int ntries = 0; 1721 1722 top: 1723 /* 1724 * Make sure we have everything we need (registers, etc.). 1725 * All other lwps have already stopped and are in an orderly state. 1726 */ 1727 ASSERT(p == ttoproc(curthread)); 1728 prstop(0, 0); 1729 1730 AS_LOCK_ENTER(as, &as->a_lock, RW_WRITER); 1731 nphdrs = prnsegs(as, 0) + 2; /* two CORE note sections */ 1732 1733 /* 1734 * Count the number of section headers we're going to need. 1735 */ 1736 nshdrs = 0; 1737 if (content & (CC_CONTENT_CTF | CC_CONTENT_SYMTAB)) { 1738 (void) process_scns(content, p, credp, NULL, NULL, NULL, 0, 1739 NULL, &nshdrs); 1740 } 1741 AS_LOCK_EXIT(as, &as->a_lock); 1742 1743 ASSERT(nshdrs == 0 || nshdrs > 1); 1744 1745 /* 1746 * The core file contents may required zero section headers, but if 1747 * we overflow the 16 bits allotted to the program header count in 1748 * the ELF header, we'll need that program header at index zero. 1749 */ 1750 if (nshdrs == 0 && nphdrs >= PN_XNUM) 1751 nshdrs = 1; 1752 1753 phdrsz = nphdrs * sizeof (Phdr); 1754 shdrsz = nshdrs * sizeof (Shdr); 1755 1756 bigsize = MAX(sizeof (*bigwad), MAX(phdrsz, shdrsz)); 1757 bigwad = kmem_alloc(bigsize, KM_SLEEP); 1758 1759 ehdr = &bigwad->ehdr; 1760 bzero(ehdr, sizeof (*ehdr)); 1761 1762 ehdr->e_ident[EI_MAG0] = ELFMAG0; 1763 ehdr->e_ident[EI_MAG1] = ELFMAG1; 1764 ehdr->e_ident[EI_MAG2] = ELFMAG2; 1765 ehdr->e_ident[EI_MAG3] = ELFMAG3; 1766 ehdr->e_ident[EI_CLASS] = ELFCLASS; 1767 ehdr->e_type = ET_CORE; 1768 1769 #if !defined(_LP64) || defined(_ELF32_COMPAT) 1770 1771 #if defined(__sparc) 1772 ehdr->e_ident[EI_DATA] = ELFDATA2MSB; 1773 ehdr->e_machine = EM_SPARC; 1774 #elif defined(__i386) || defined(__i386_COMPAT) 1775 ehdr->e_ident[EI_DATA] = ELFDATA2LSB; 1776 ehdr->e_machine = EM_386; 1777 #else 1778 #error "no recognized machine type is defined" 1779 #endif 1780 1781 #else /* !defined(_LP64) || defined(_ELF32_COMPAT) */ 1782 1783 #if defined(__sparc) 1784 ehdr->e_ident[EI_DATA] = ELFDATA2MSB; 1785 ehdr->e_machine = EM_SPARCV9; 1786 #elif defined(__amd64) 1787 ehdr->e_ident[EI_DATA] = ELFDATA2LSB; 1788 ehdr->e_machine = EM_AMD64; 1789 #else 1790 #error "no recognized 64-bit machine type is defined" 1791 #endif 1792 1793 #endif /* !defined(_LP64) || defined(_ELF32_COMPAT) */ 1794 1795 /* 1796 * If the count of program headers or section headers or the index 1797 * of the section string table can't fit in the mere 16 bits 1798 * shortsightedly allotted to them in the ELF header, we use the 1799 * extended formats and put the real values in the section header 1800 * as index 0. 1801 */ 1802 ehdr->e_version = EV_CURRENT; 1803 ehdr->e_ehsize = sizeof (Ehdr); 1804 1805 if (nphdrs >= PN_XNUM) 1806 ehdr->e_phnum = PN_XNUM; 1807 else 1808 ehdr->e_phnum = (unsigned short)nphdrs; 1809 1810 ehdr->e_phoff = sizeof (Ehdr); 1811 ehdr->e_phentsize = sizeof (Phdr); 1812 1813 if (nshdrs > 0) { 1814 if (nshdrs >= SHN_LORESERVE) 1815 ehdr->e_shnum = 0; 1816 else 1817 ehdr->e_shnum = (unsigned short)nshdrs; 1818 1819 if (nshdrs - 1 >= SHN_LORESERVE) 1820 ehdr->e_shstrndx = SHN_XINDEX; 1821 else 1822 ehdr->e_shstrndx = (unsigned short)(nshdrs - 1); 1823 1824 ehdr->e_shoff = ehdr->e_phoff + ehdr->e_phentsize * nphdrs; 1825 ehdr->e_shentsize = sizeof (Shdr); 1826 } 1827 1828 if (error = core_write(vp, UIO_SYSSPACE, (offset_t)0, ehdr, 1829 sizeof (Ehdr), rlimit, credp)) 1830 goto done; 1831 1832 poffset = sizeof (Ehdr); 1833 soffset = sizeof (Ehdr) + phdrsz; 1834 doffset = sizeof (Ehdr) + phdrsz + shdrsz; 1835 1836 v = &bigwad->phdr[0]; 1837 bzero(v, phdrsz); 1838 1839 setup_old_note_header(&v[0], p); 1840 v[0].p_offset = doffset = roundup(doffset, sizeof (Word)); 1841 doffset += v[0].p_filesz; 1842 1843 setup_note_header(&v[1], p); 1844 v[1].p_offset = doffset = roundup(doffset, sizeof (Word)); 1845 doffset += v[1].p_filesz; 1846 1847 mutex_enter(&p->p_lock); 1848 1849 brkbase = p->p_brkbase; 1850 brksize = p->p_brksize; 1851 1852 stkbase = p->p_usrstack - p->p_stksize; 1853 stksize = p->p_stksize; 1854 1855 mutex_exit(&p->p_lock); 1856 1857 AS_LOCK_ENTER(as, &as->a_lock, RW_WRITER); 1858 i = 2; 1859 for (seg = AS_SEGFIRST(as); seg != NULL; seg = AS_SEGNEXT(as, seg)) { 1860 caddr_t eaddr = seg->s_base + pr_getsegsize(seg, 0); 1861 caddr_t saddr, naddr; 1862 void *tmp = NULL; 1863 extern struct seg_ops segspt_shmops; 1864 1865 for (saddr = seg->s_base; saddr < eaddr; saddr = naddr) { 1866 uint_t prot; 1867 size_t size; 1868 int type; 1869 vnode_t *mvp; 1870 1871 prot = pr_getprot(seg, 0, &tmp, &saddr, &naddr, eaddr); 1872 prot &= PROT_READ | PROT_WRITE | PROT_EXEC; 1873 if ((size = (size_t)(naddr - saddr)) == 0) 1874 continue; 1875 if (i == nphdrs) { 1876 overflow++; 1877 continue; 1878 } 1879 v[i].p_type = PT_LOAD; 1880 v[i].p_vaddr = (Addr)(uintptr_t)saddr; 1881 v[i].p_memsz = size; 1882 if (prot & PROT_READ) 1883 v[i].p_flags |= PF_R; 1884 if (prot & PROT_WRITE) 1885 v[i].p_flags |= PF_W; 1886 if (prot & PROT_EXEC) 1887 v[i].p_flags |= PF_X; 1888 1889 /* 1890 * Figure out which mappings to include in the core. 1891 */ 1892 type = SEGOP_GETTYPE(seg, saddr); 1893 1894 if (saddr == stkbase && size == stksize) { 1895 if (!(content & CC_CONTENT_STACK)) 1896 goto exclude; 1897 1898 } else if (saddr == brkbase && size == brksize) { 1899 if (!(content & CC_CONTENT_HEAP)) 1900 goto exclude; 1901 1902 } else if (seg->s_ops == &segspt_shmops) { 1903 if (type & MAP_NORESERVE) { 1904 if (!(content & CC_CONTENT_DISM)) 1905 goto exclude; 1906 } else { 1907 if (!(content & CC_CONTENT_ISM)) 1908 goto exclude; 1909 } 1910 1911 } else if (seg->s_ops != &segvn_ops) { 1912 goto exclude; 1913 1914 } else if (type & MAP_SHARED) { 1915 if (shmgetid(p, saddr) != SHMID_NONE) { 1916 if (!(content & CC_CONTENT_SHM)) 1917 goto exclude; 1918 1919 } else if (SEGOP_GETVP(seg, seg->s_base, 1920 &mvp) != 0 || mvp == NULL || 1921 mvp->v_type != VREG) { 1922 if (!(content & CC_CONTENT_SHANON)) 1923 goto exclude; 1924 1925 } else { 1926 if (!(content & CC_CONTENT_SHFILE)) 1927 goto exclude; 1928 } 1929 1930 } else if (SEGOP_GETVP(seg, seg->s_base, &mvp) != 0 || 1931 mvp == NULL || mvp->v_type != VREG) { 1932 if (!(content & CC_CONTENT_ANON)) 1933 goto exclude; 1934 1935 } else if (prot == (PROT_READ | PROT_EXEC)) { 1936 if (!(content & CC_CONTENT_TEXT)) 1937 goto exclude; 1938 1939 } else if (prot == PROT_READ) { 1940 if (!(content & CC_CONTENT_RODATA)) 1941 goto exclude; 1942 1943 } else { 1944 if (!(content & CC_CONTENT_DATA)) 1945 goto exclude; 1946 } 1947 1948 doffset = roundup(doffset, sizeof (Word)); 1949 v[i].p_offset = doffset; 1950 v[i].p_filesz = size; 1951 doffset += size; 1952 exclude: 1953 i++; 1954 } 1955 ASSERT(tmp == NULL); 1956 } 1957 AS_LOCK_EXIT(as, &as->a_lock); 1958 1959 if (overflow || i != nphdrs) { 1960 if (ntries++ == 0) { 1961 kmem_free(bigwad, bigsize); 1962 overflow = 0; 1963 goto top; 1964 } 1965 cmn_err(CE_WARN, "elfcore: core dump failed for " 1966 "process %d; address space is changing", p->p_pid); 1967 error = EIO; 1968 goto done; 1969 } 1970 1971 if ((error = core_write(vp, UIO_SYSSPACE, poffset, 1972 v, phdrsz, rlimit, credp)) != 0) 1973 goto done; 1974 1975 if ((error = write_old_elfnotes(p, sig, vp, v[0].p_offset, rlimit, 1976 credp)) != 0) 1977 goto done; 1978 1979 if ((error = write_elfnotes(p, sig, vp, v[1].p_offset, rlimit, 1980 credp, content)) != 0) 1981 goto done; 1982 1983 for (i = 2; i < nphdrs; i++) { 1984 if (v[i].p_filesz == 0) 1985 continue; 1986 1987 /* 1988 * If dumping out this segment fails, rather than failing 1989 * the core dump entirely, we reset the size of the mapping 1990 * to zero to indicate that the data is absent from the core 1991 * file and or in the PF_SUNW_FAILURE flag to differentiate 1992 * this from mappings that were excluded due to the core file 1993 * content settings. 1994 */ 1995 if ((error = core_seg(p, vp, v[i].p_offset, 1996 (caddr_t)(uintptr_t)v[i].p_vaddr, v[i].p_filesz, 1997 rlimit, credp)) != 0) { 1998 1999 /* 2000 * Since the space reserved for the segment is now 2001 * unused, we stash the errno in the first four 2002 * bytes. This undocumented interface will let us 2003 * understand the nature of the failure. 2004 */ 2005 (void) core_write(vp, UIO_SYSSPACE, v[i].p_offset, 2006 &error, sizeof (error), rlimit, credp); 2007 2008 v[i].p_filesz = 0; 2009 v[i].p_flags |= PF_SUNW_FAILURE; 2010 if ((error = core_write(vp, UIO_SYSSPACE, 2011 poffset + sizeof (v[i]) * i, &v[i], sizeof (v[i]), 2012 rlimit, credp)) != 0) 2013 goto done; 2014 } 2015 } 2016 2017 if (nshdrs > 0) { 2018 bzero(&bigwad->shdr[0], shdrsz); 2019 2020 if (nshdrs >= SHN_LORESERVE) 2021 bigwad->shdr[0].sh_size = nshdrs; 2022 2023 if (nshdrs - 1 >= SHN_LORESERVE) 2024 bigwad->shdr[0].sh_link = nshdrs - 1; 2025 2026 if (nphdrs >= PN_XNUM) 2027 bigwad->shdr[0].sh_info = nphdrs; 2028 2029 if (nshdrs > 1) { 2030 AS_LOCK_ENTER(as, &as->a_lock, RW_WRITER); 2031 if ((error = process_scns(content, p, credp, vp, 2032 &bigwad->shdr[0], nshdrs, rlimit, &doffset, 2033 NULL)) != 0) { 2034 AS_LOCK_EXIT(as, &as->a_lock); 2035 goto done; 2036 } 2037 AS_LOCK_EXIT(as, &as->a_lock); 2038 } 2039 2040 if ((error = core_write(vp, UIO_SYSSPACE, soffset, 2041 &bigwad->shdr[0], shdrsz, rlimit, credp)) != 0) 2042 goto done; 2043 } 2044 2045 done: 2046 kmem_free(bigwad, bigsize); 2047 return (error); 2048 } 2049 2050 #ifndef _ELF32_COMPAT 2051 2052 static struct execsw esw = { 2053 #ifdef _LP64 2054 elf64magicstr, 2055 #else /* _LP64 */ 2056 elf32magicstr, 2057 #endif /* _LP64 */ 2058 0, 2059 5, 2060 elfexec, 2061 elfcore 2062 }; 2063 2064 static struct modlexec modlexec = { 2065 &mod_execops, "exec module for elf", &esw 2066 }; 2067 2068 #ifdef _LP64 2069 extern int elf32exec(vnode_t *vp, execa_t *uap, uarg_t *args, 2070 intpdata_t *idatap, int level, long *execsz, 2071 int setid, caddr_t exec_file, cred_t *cred, 2072 int brand_action); 2073 extern int elf32core(vnode_t *vp, proc_t *p, cred_t *credp, 2074 rlim64_t rlimit, int sig, core_content_t content); 2075 2076 static struct execsw esw32 = { 2077 elf32magicstr, 2078 0, 2079 5, 2080 elf32exec, 2081 elf32core 2082 }; 2083 2084 static struct modlexec modlexec32 = { 2085 &mod_execops, "32-bit exec module for elf", &esw32 2086 }; 2087 #endif /* _LP64 */ 2088 2089 static struct modlinkage modlinkage = { 2090 MODREV_1, 2091 (void *)&modlexec, 2092 #ifdef _LP64 2093 (void *)&modlexec32, 2094 #endif /* _LP64 */ 2095 NULL 2096 }; 2097 2098 int 2099 _init(void) 2100 { 2101 return (mod_install(&modlinkage)); 2102 } 2103 2104 int 2105 _fini(void) 2106 { 2107 return (mod_remove(&modlinkage)); 2108 } 2109 2110 int 2111 _info(struct modinfo *modinfop) 2112 { 2113 return (mod_info(&modlinkage, modinfop)); 2114 } 2115 2116 #endif /* !_ELF32_COMPAT */ 2117
Indexes created Thu May 17 00:40:56 UTC 2012
Terms of Use
|
Privacy
|
Trademarks
|
Copyright Policy
|
Site Guidelines
|
Site Map
|
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
© 2012, Oracle Corporation and/or its affiliates.