Update the ELF image activator to use some of the exec resources rather

than rolling it's own.  This means that it now uses the "safe"
exec_map_first_page() to get the ld.so headers rather than risking a panic
on a page fault failure (eg: NFS server goes down).
Since all the ELF tools go to a lot of trouble to make sure everything
lives in the first page for executables, this is a win.  I have not seen
any ELF executable on any system where all the headers didn't fit in the
first page with lots of room to spare.
I have been running variations of this code for some time on my pure ELF
systems.
This commit is contained in:
Peter Wemm 1998-03-02 05:47:58 +00:00
parent 95163bd37f
commit c8a7999933
6 changed files with 65 additions and 163 deletions

View File

@ -35,7 +35,7 @@
* SUCH DAMAGE.
*
* from: @(#)machdep.c 7.4 (Berkeley) 6/3/91
* $Id: machdep.c,v 1.288 1998/02/06 12:13:08 eivind Exp $
* $Id: machdep.c,v 1.289 1998/02/09 04:45:53 eivind Exp $
*/
#include "apm.h"
@ -354,7 +354,7 @@ cpu_startup(dummy)
(nswbuf*MAXPHYS) + pager_map_size);
pager_map->system_map = 1;
exec_map = kmem_suballoc(kernel_map, &minaddr, &maxaddr,
(16*(ARG_MAX+PAGE_SIZE)));
(16*(ARG_MAX+(PAGE_SIZE*3))));
/*
* Finally, allocate mbuf pool. Since mclrefcnt is an off-size

View File

@ -35,7 +35,7 @@
* SUCH DAMAGE.
*
* from: @(#)machdep.c 7.4 (Berkeley) 6/3/91
* $Id: machdep.c,v 1.288 1998/02/06 12:13:08 eivind Exp $
* $Id: machdep.c,v 1.289 1998/02/09 04:45:53 eivind Exp $
*/
#include "apm.h"
@ -354,7 +354,7 @@ cpu_startup(dummy)
(nswbuf*MAXPHYS) + pager_map_size);
pager_map->system_map = 1;
exec_map = kmem_suballoc(kernel_map, &minaddr, &maxaddr,
(16*(ARG_MAX+PAGE_SIZE)));
(16*(ARG_MAX+(PAGE_SIZE*3))));
/*
* Finally, allocate mbuf pool. Since mclrefcnt is an off-size

View File

@ -26,7 +26,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
* $Id: imgact_elf.c,v 1.20 1997/09/21 03:13:21 peter Exp $
* $Id: imgact_elf.c,v 1.21 1998/02/09 06:09:21 eivind Exp $
*/
#include "opt_rlimit.h"
@ -62,9 +62,6 @@
#define MAX_PHDR 32 /* XXX enough ? */
static int map_pages __P((struct vnode *vp, vm_offset_t offset, vm_offset_t *buf, vm_size_t size));
static void unmap_pages __P((vm_offset_t buf, vm_size_t size));
static int elf_check_permissions __P((struct proc *p, struct vnode *vp));
static int elf_check_header __P((const Elf32_Ehdr *hdr, int type));
static int elf_load_section __P((struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset, caddr_t vmaddr, size_t memsz, size_t filsz, vm_prot_t prot));
static int elf_load_file __P((struct proc *p, char *file, u_long *addr, u_long *entry));
@ -135,106 +132,6 @@ elf_remove_brand_entry(Elf32_Brandinfo *entry)
return 0;
}
static int
map_pages(struct vnode *vp, vm_offset_t offset,
vm_offset_t *buf, vm_size_t size)
{
int error;
vm_offset_t kern_buf;
vm_size_t pageoff;
/*
* The request may not be aligned, and may even cross several
* page boundaries in the file...
*/
pageoff = (offset & PAGE_MASK);
offset -= pageoff; /* start of first aligned page to map */
size += pageoff;
size = round_page(size); /* size of aligned pages to map */
if (error = vm_mmap(kernel_map,
&kern_buf,
size,
VM_PROT_READ,
VM_PROT_READ,
0,
(caddr_t)vp,
offset))
return error;
*buf = kern_buf + pageoff;
return 0;
}
static void
unmap_pages(vm_offset_t buf, vm_size_t size)
{
vm_size_t pageoff;
pageoff = (buf & PAGE_MASK);
buf -= pageoff; /* start of first aligned page to map */
size += pageoff;
size = round_page(size);/* size of aligned pages to map */
vm_map_remove(kernel_map, buf, buf + size);
}
static int
elf_check_permissions(struct proc *p, struct vnode *vp)
{
struct vattr attr;
int error;
/*
* Check number of open-for-writes on the file and deny execution
* if there are any.
*/
if (vp->v_writecount) {
return (ETXTBSY);
}
/* Get file attributes */
error = VOP_GETATTR(vp, &attr, p->p_ucred, p);
if (error)
return (error);
/*
* 1) Check if file execution is disabled for the filesystem that this
* file resides on.
* 2) Insure that at least one execute bit is on - otherwise root
* will always succeed, and we don't want to happen unless the
* file really is executable.
* 3) Insure that the file is a regular file.
*/
if ((vp->v_mount->mnt_flag & MNT_NOEXEC) ||
((attr.va_mode & 0111) == 0) ||
(attr.va_type != VREG)) {
return (EACCES);
}
/*
* Zero length files can't be exec'd
*/
if (attr.va_size == 0)
return (ENOEXEC);
/*
* Check for execute permission to file based on current credentials.
* Then call filesystem specific open routine (which does nothing
* in the general case).
*/
error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p);
if (error)
return (error);
error = VOP_OPEN(vp, FREAD, p->p_ucred, p);
if (error)
return (error);
return (0);
}
static int
elf_check_header(const Elf32_Ehdr *hdr, int type)
{
@ -298,7 +195,7 @@ elf_load_section(struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset,
return error;
}
if (error = vm_mmap(kernel_map,
if (error = vm_mmap(exec_map,
(vm_offset_t *)&data_buf,
PAGE_SIZE,
VM_PROT_READ,
@ -310,7 +207,7 @@ elf_load_section(struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset,
error = copyout(data_buf, (caddr_t)map_addr, copy_len);
vm_map_remove(kernel_map, (vm_offset_t)data_buf,
vm_map_remove(exec_map, (vm_offset_t)data_buf,
(vm_offset_t)data_buf + PAGE_SIZE);
/*
@ -330,12 +227,30 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
Elf32_Phdr *phdr = NULL;
struct nameidata nd;
struct vmspace *vmspace = p->p_vmspace;
struct vattr attr;
struct image_params image_params, *imgp;
vm_prot_t prot = 0;
unsigned long text_size = 0, data_size = 0;
unsigned long text_addr = 0, data_addr = 0;
int header_size = 0;
int error, i;
imgp = &image_params;
/*
* Initialize part of the common data
*/
imgp->proc = p;
imgp->uap = NULL;
imgp->attr = &attr;
imgp->firstpage = NULL;
imgp->image_header = (char *)kmem_alloc_wait(exec_map, PAGE_SIZE);
if (imgp->image_header == NULL) {
nd.ni_vp = NULL;
error = ENOMEM;
goto fail;
}
NDINIT(&nd, LOOKUP, LOCKLEAF|FOLLOW, UIO_SYSSPACE, file, p);
if (error = namei(&nd)) {
@ -343,28 +258,23 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
goto fail;
}
imgp->vp = nd.ni_vp;
/*
* Check permissions, modes, uid, etc on the file, and "open" it.
*/
error = elf_check_permissions(p, nd.ni_vp);
error = exec_check_permissions(imgp);
if (error) {
VOP_UNLOCK(nd.ni_vp, 0, p);
goto fail;
}
/*
* No longer need this, and it prevents demand paging.
*/
error = exec_map_first_page(imgp);
VOP_UNLOCK(nd.ni_vp, 0, p);
if (error)
goto fail;
/*
* Map in the header
*/
if (error = map_pages(nd.ni_vp, 0, (vm_offset_t *)&hdr, sizeof(hdr)))
goto fail;
/*
* Do we have a valid ELF header ?
*/
hdr = (Elf32_Ehdr *)imgp->image_header;
if (error = elf_check_header(hdr, ET_DYN))
goto fail;
@ -379,9 +289,13 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
header_size = hdr->e_phentsize * hdr->e_phnum;
if (error = map_pages(nd.ni_vp, hdr->e_phoff, (vm_offset_t *)&phdr,
header_size))
goto fail;
/* Only support headers that fit within first page for now */
if (header_size + hdr->e_phoff > PAGE_SIZE) {
error = ENOEXEC;
goto fail;
}
phdr = (Elf32_Phdr *)(imgp->image_header + hdr->e_phoff);
for (i = 0; i < hdr->e_phnum; i++) {
switch(phdr[i].p_type) {
@ -453,10 +367,11 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
}
fail:
if (phdr)
unmap_pages((vm_offset_t)phdr, header_size);
if (hdr)
unmap_pages((vm_offset_t)hdr, sizeof(hdr));
if (imgp->firstpage)
exec_unmap_first_page(imgp);
if (imgp->image_header)
kmem_free_wakeup(exec_map, (vm_offset_t)imgp->image_header,
PAGE_SIZE);
if (nd.ni_vp)
vrele(nd.ni_vp);
@ -474,8 +389,8 @@ exec_elf_imgact(struct image_params *imgp)
u_long text_size = 0, data_size = 0;
u_long text_addr = 0, data_addr = 0;
u_long addr, entry = 0, proghdr = 0;
int error, i, header_size = 0, interp_len = 0;
char *interp = NULL;
int error, i, header_size = 0;
const char *interp = NULL;
char *brand = NULL;
char path[MAXPATHLEN];
@ -502,17 +417,8 @@ exec_elf_imgact(struct image_params *imgp)
if ((hdr->e_phoff > PAGE_SIZE) ||
(hdr->e_phoff + header_size) > PAGE_SIZE) {
/*
* Ouch ! we only get one page full of header...
* Try to map it in ourselves, and see how we go.
*/
if (error = map_pages(imgp->vp, hdr->e_phoff,
(vm_offset_t *)&mapped_phdr, header_size))
return (error);
/*
* Save manual mapping for cleanup
*/
phdr = mapped_phdr;
/* Only support headers in first page for now */
return ENOEXEC;
} else {
phdr = (const Elf32_Phdr*)
((const char *)imgp->image_header + hdr->e_phoff);
@ -581,14 +487,12 @@ exec_elf_imgact(struct image_params *imgp)
break;
case PT_INTERP: /* Path to interpreter */
UPRINTF ("ELF PT_INTERP section ");
if (phdr[i].p_filesz > MAXPATHLEN) {
if (phdr[i].p_filesz > MAXPATHLEN ||
phdr[i].p_offset + phdr[i].p_filesz > PAGE_SIZE) {
error = ENOEXEC;
goto fail;
}
interp_len = MAXPATHLEN;
if (error = map_pages(imgp->vp, phdr[i].p_offset,
(vm_offset_t *)&interp, interp_len))
goto fail;
interp = imgp->image_header + phdr[i].p_offset;
UPRINTF("<%s>\n", interp);
break;
case PT_NOTE: /* Note section */
@ -697,11 +601,6 @@ exec_elf_imgact(struct image_params *imgp)
imgp->vp->v_flag |= VTEXT;
fail:
if (mapped_phdr)
unmap_pages((vm_offset_t)mapped_phdr, header_size);
if (interp)
unmap_pages((vm_offset_t)interp, interp_len);
return error;
}

View File

@ -23,7 +23,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: kern_exec.c,v 1.77 1998/02/06 12:13:23 eivind Exp $
* $Id: kern_exec.c,v 1.78 1998/02/25 13:08:06 bde Exp $
*/
#include <sys/param.h>
@ -65,10 +65,6 @@
static int *exec_copyout_strings __P((struct image_params *));
static int exec_check_permissions __P((struct image_params *));
static int exec_map_first_page __P((struct image_params *));
static void exec_unmap_first_page __P((struct image_params *));
/*
* XXX trouble here if sizeof(caddr_t) != sizeof(int), other parts
* of the sysctl code also assumes this, and sizeof(int) == sizeof(long).
@ -107,7 +103,6 @@ execve(p, uap)
int error, len, i;
struct image_params image_params, *imgp;
struct vattr attr;
struct buf *bp = NULL;
imgp = &image_params;
@ -645,7 +640,7 @@ exec_copyout_strings(imgp)
* Check permissions of file to execute.
* Return 0 for success or error code on failure.
*/
static int
int
exec_check_permissions(imgp)
struct image_params *imgp;
{

View File

@ -36,7 +36,7 @@
* SUCH DAMAGE.
*
* @(#)exec.h 8.3 (Berkeley) 1/21/94
* $Id: exec.h,v 1.16 1997/09/07 05:27:08 bde Exp $
* $Id: exec.h,v 1.17 1997/09/16 11:44:04 bde Exp $
*/
#ifndef _SYS_EXEC_H_
@ -73,4 +73,11 @@ struct execsw {
#include <machine/exec.h>
#ifdef KERNEL
#include <sys/cdefs.h>
int exec_map_first_page __P((struct image_params *));
void exec_unmap_first_page __P((struct image_params *));
#endif
#endif

View File

@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $Id: imgact.h,v 1.15 1997/04/23 22:02:37 ache Exp $
* $Id: imgact.h,v 1.16 1998/01/11 21:34:43 dyson Exp $
*/
#ifndef _SYS_IMGACT_H_
@ -56,6 +56,7 @@ struct image_params {
};
#ifdef KERNEL
int exec_check_permissions __P((struct image_params *));
int exec_extract_strings __P((struct image_params *));
int exec_new_vmspace __P((struct image_params *));
#endif