Update the ELF image activator to use some of the exec resources rather

than rolling it's own. This means that it now uses the "safe" exec_map_first_page() to get the ld.so headers rather than risking a panic on a page fault failure (eg: NFS server goes down). Since all the ELF tools go to a lot of trouble to make sure everything lives in the first page for executables, this is a win. I have not seen any ELF executable on any system where all the headers didn't fit in the first page with lots of room to spare. I have been running variations of this code for some time on my pure ELF systems.
svn path=/head/; revision=33983
2024-09-23 18:25:19 +00:00 · 1998-03-02 05:47:58 +00:00 · 1998-03-02 05:47:58 +00:00 · c8a7999933 · 2020-12-20 02:59:44 +00:00
parent 95163bd37f
commit c8a7999933
6 changed files with 65 additions and 163 deletions
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@ -35,7 +35,7 @@
 * SUCH DAMAGE.
 *
 *	from: @(#)machdep.c	7.4 (Berkeley) 6/3/91
- *	$Id: machdep.c,v 1.288 1998/02/06 12:13:08 eivind Exp $
+ *	$Id: machdep.c,v 1.289 1998/02/09 04:45:53 eivind Exp $
 */
 #include "apm.h"
@ -354,7 +354,7 @@ cpu_startup(dummy)
 				(nswbuf*MAXPHYS) + pager_map_size);
 	pager_map->system_map = 1;
 	exec_map = kmem_suballoc(kernel_map, &minaddr, &maxaddr,
-				(16*(ARG_MAX+PAGE_SIZE)));
+				(16*(ARG_MAX+(PAGE_SIZE*3))));
 	/*
 	 * Finally, allocate mbuf pool.  Since mclrefcnt is an off-size
--- a/sys/i386/i386/machdep.c
+++ b/sys/i386/i386/machdep.c
@ -35,7 +35,7 @@
 * SUCH DAMAGE.
 *
 *	from: @(#)machdep.c	7.4 (Berkeley) 6/3/91
- *	$Id: machdep.c,v 1.288 1998/02/06 12:13:08 eivind Exp $
+ *	$Id: machdep.c,v 1.289 1998/02/09 04:45:53 eivind Exp $
 */
 #include "apm.h"
@ -354,7 +354,7 @@ cpu_startup(dummy)
 				(nswbuf*MAXPHYS) + pager_map_size);
 	pager_map->system_map = 1;
 	exec_map = kmem_suballoc(kernel_map, &minaddr, &maxaddr,
-				(16*(ARG_MAX+PAGE_SIZE)));
+				(16*(ARG_MAX+(PAGE_SIZE*3))));
 	/*
 	 * Finally, allocate mbuf pool.  Since mclrefcnt is an off-size
--- a/sys/kern/imgact_elf.c
+++ b/sys/kern/imgact_elf.c
@ -26,7 +26,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
- *	$Id: imgact_elf.c,v 1.20 1997/09/21 03:13:21 peter Exp $
+ *	$Id: imgact_elf.c,v 1.21 1998/02/09 06:09:21 eivind Exp $
 */
 #include "opt_rlimit.h"
@ -62,9 +62,6 @@
 #define MAX_PHDR	32	/* XXX enough ? */
 static int map_pages __P((struct vnode *vp, vm_offset_t offset, vm_offset_t *buf, vm_size_t size));
 static void unmap_pages __P((vm_offset_t buf, vm_size_t size));
 static int elf_check_permissions __P((struct proc *p, struct vnode *vp));
 static int elf_check_header __P((const Elf32_Ehdr *hdr, int type));
 static int elf_load_section __P((struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset, caddr_t vmaddr, size_t memsz, size_t filsz, vm_prot_t prot));
 static int elf_load_file __P((struct proc *p, char *file, u_long *addr, u_long *entry));
@ -135,106 +132,6 @@ elf_remove_brand_entry(Elf32_Brandinfo *entry)
 	return 0;
 }
 static int
 map_pages(struct vnode *vp, vm_offset_t offset, 
 	     vm_offset_t *buf, vm_size_t size)
 {
 	int error;
 	vm_offset_t kern_buf;
 	vm_size_t pageoff;
 	/*
 	 * The request may not be aligned, and may even cross several
 	 * page boundaries in the file...
 	 */
 	pageoff = (offset & PAGE_MASK);
 	offset -= pageoff;		/* start of first aligned page to map */
 	size += pageoff;
 	size = round_page(size);	/* size of aligned pages to map */
 	if (error = vm_mmap(kernel_map,
 			    &kern_buf,
 			    size,
 			    VM_PROT_READ,
 			    VM_PROT_READ,
 			    0,
 			    (caddr_t)vp,
 			    offset))
 		return error;
 	*buf = kern_buf + pageoff;
 	return 0;
 }
 static void
 unmap_pages(vm_offset_t buf, vm_size_t size)
 {
 	vm_size_t pageoff;
 	pageoff = (buf & PAGE_MASK);
 	buf -= pageoff;		/* start of first aligned page to map */
 	size += pageoff;
 	size = round_page(size);/* size of aligned pages to map */
      	vm_map_remove(kernel_map, buf, buf + size);
 }
 static int
 elf_check_permissions(struct proc *p, struct vnode *vp)
 {
 	struct vattr attr;
 	int error;
 	/*
 	 * Check number of open-for-writes on the file and deny execution
 	 *	if there are any.
 	 */
 	if (vp->v_writecount) {
 		return (ETXTBSY);
 	}
 	/* Get file attributes */
 	error = VOP_GETATTR(vp, &attr, p->p_ucred, p);
 	if (error)
 		return (error);
 	/*
 	 * 1) Check if file execution is disabled for the filesystem that this
 	 *	file resides on.
 	 * 2) Insure that at least one execute bit is on - otherwise root
 	 *	will always succeed, and we don't want to happen unless the
 	 *	file really is executable.
 	 * 3) Insure that the file is a regular file.
 	 */
 	if ((vp->v_mount->mnt_flag & MNT_NOEXEC) ||
 	    ((attr.va_mode & 0111) == 0) ||
 	    (attr.va_type != VREG)) {
 		return (EACCES);
 	}
 	/*
 	 * Zero length files can't be exec'd
 	 */
 	if (attr.va_size == 0)
 		return (ENOEXEC);
 	/*
 	 *  Check for execute permission to file based on current credentials.
 	 *	Then call filesystem specific open routine (which does nothing
 	 *	in the general case).
 	 */
 	error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p);
 	if (error)
 		return (error);
 	error = VOP_OPEN(vp, FREAD, p->p_ucred, p);
 	if (error)
 		return (error);
 	return (0);
 }
 static int
 elf_check_header(const Elf32_Ehdr *hdr, int type)
 {
@ -298,7 +195,7 @@ elf_load_section(struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset,
 			return error; 
 	}
-	if (error = vm_mmap(kernel_map,
+	if (error = vm_mmap(exec_map,
 			    (vm_offset_t *)&data_buf,
 			    PAGE_SIZE,
 			    VM_PROT_READ,
@ -310,7 +207,7 @@ elf_load_section(struct vmspace *vmspace, struct vnode *vp, vm_offset_t offset,
 	error = copyout(data_buf, (caddr_t)map_addr, copy_len);
-        vm_map_remove(kernel_map, (vm_offset_t)data_buf, 
+        vm_map_remove(exec_map, (vm_offset_t)data_buf, 
 		      (vm_offset_t)data_buf + PAGE_SIZE);
 	/*
@ -330,12 +227,30 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
 	Elf32_Phdr *phdr = NULL;
 	struct nameidata nd;
 	struct vmspace *vmspace = p->p_vmspace;
 	struct vattr attr;
 	struct image_params image_params, *imgp;
 	vm_prot_t prot = 0;
 	unsigned long text_size = 0, data_size = 0;
 	unsigned long text_addr = 0, data_addr = 0;
 	int header_size = 0;
        int error, i;
 	imgp = &image_params;
 	/*
 	 * Initialize part of the common data
 	 */
 	imgp->proc = p;
 	imgp->uap = NULL;
 	imgp->attr = &attr;
 	imgp->firstpage = NULL;
 	imgp->image_header = (char *)kmem_alloc_wait(exec_map, PAGE_SIZE);
 	if (imgp->image_header == NULL) {
 		nd.ni_vp = NULL;
 		error = ENOMEM;
 		goto fail;
 	}
        NDINIT(&nd, LOOKUP, LOCKLEAF|FOLLOW, UIO_SYSSPACE, file, p);   
 	if (error = namei(&nd)) {
@ -343,28 +258,23 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
 		goto fail;
 	}
 	imgp->vp = nd.ni_vp;
 	/*
 	 * Check permissions, modes, uid, etc on the file, and "open" it.
 	 */
-	error = elf_check_permissions(p, nd.ni_vp);
+	error = exec_check_permissions(imgp);
-
+	if (error) {
 	/*
 	 * No longer need this, and it prevents demand paging.
 	 */
 		VOP_UNLOCK(nd.ni_vp, 0, p);
 		goto fail;
 	}
 	error = exec_map_first_page(imgp);
 	VOP_UNLOCK(nd.ni_vp, 0, p);
 	if (error)
                goto fail;
-	/*
+	hdr = (Elf32_Ehdr *)imgp->image_header;
 	 * Map in the header
 	 */
 	if (error = map_pages(nd.ni_vp, 0, (vm_offset_t *)&hdr, sizeof(hdr)))
                goto fail;
 	/*
 	 * Do we have a valid ELF header ?
 	 */
 	if (error = elf_check_header(hdr, ET_DYN))
 		goto fail;
@ -379,9 +289,13 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
 	header_size = hdr->e_phentsize * hdr->e_phnum;
-	if (error = map_pages(nd.ni_vp, hdr->e_phoff, (vm_offset_t *)&phdr, 
+	/* Only support headers that fit within first page for now */
-			         header_size))
+	if (header_size + hdr->e_phoff > PAGE_SIZE) {
 		error = ENOEXEC;
 		goto fail;
 	}
 	phdr = (Elf32_Phdr *)(imgp->image_header + hdr->e_phoff);
 	for (i = 0; i < hdr->e_phnum; i++) {
 		switch(phdr[i].p_type) {
@ -453,10 +367,11 @@ elf_load_file(struct proc *p, char *file, u_long *addr, u_long *entry)
 	}
 fail:
-	if (phdr)
+	if (imgp->firstpage)
-		unmap_pages((vm_offset_t)phdr, header_size);
+		exec_unmap_first_page(imgp);
-	if (hdr)
+	if (imgp->image_header)
-		unmap_pages((vm_offset_t)hdr, sizeof(hdr));
+		kmem_free_wakeup(exec_map, (vm_offset_t)imgp->image_header,
 			PAGE_SIZE);
 	if (nd.ni_vp)
 		vrele(nd.ni_vp);
@ -474,8 +389,8 @@ exec_elf_imgact(struct image_params *imgp)
 	u_long text_size = 0, data_size = 0;
 	u_long text_addr = 0, data_addr = 0;
 	u_long addr, entry = 0, proghdr = 0;
-	int error, i, header_size = 0, interp_len = 0;
+	int error, i, header_size = 0;
-	char *interp = NULL;
+	const char *interp = NULL;
 	char *brand = NULL;
 	char path[MAXPATHLEN];
@ -502,17 +417,8 @@ exec_elf_imgact(struct image_params *imgp)
 	if ((hdr->e_phoff > PAGE_SIZE) ||
 	    (hdr->e_phoff + header_size) > PAGE_SIZE) {
-	  	/*
+		/* Only support headers in first page for now */
-		 * Ouch ! we only get one page full of header...
+		return ENOEXEC;
 		 * Try to map it in ourselves, and see how we go.
 	   	 */
 		if (error = map_pages(imgp->vp, hdr->e_phoff,
 				(vm_offset_t *)&mapped_phdr, header_size))
 			return (error);
 		/*
 		 * Save manual mapping for cleanup
 		 */
 		phdr = mapped_phdr;
 	} else {
 		phdr = (const Elf32_Phdr*)
 		       ((const char *)imgp->image_header + hdr->e_phoff);
@ -581,14 +487,12 @@ exec_elf_imgact(struct image_params *imgp)
 			break;
 	  	case PT_INTERP:	/* Path to interpreter */
 	    		UPRINTF ("ELF PT_INTERP section ");
-			if (phdr[i].p_filesz > MAXPATHLEN) {
+			if (phdr[i].p_filesz > MAXPATHLEN ||
 			    phdr[i].p_offset + phdr[i].p_filesz > PAGE_SIZE) {
 				error = ENOEXEC;
 				goto fail;
 			}
-			interp_len = MAXPATHLEN;
+			interp = imgp->image_header + phdr[i].p_offset;
 			if (error = map_pages(imgp->vp, phdr[i].p_offset,
 					 (vm_offset_t *)&interp, interp_len))
 				goto fail;
 			UPRINTF("<%s>\n", interp);
 			break;
 	  	case PT_NOTE:	/* Note section */
@ -697,11 +601,6 @@ exec_elf_imgact(struct image_params *imgp)
 	imgp->vp->v_flag |= VTEXT;
 fail:
 	if (mapped_phdr)
 		unmap_pages((vm_offset_t)mapped_phdr, header_size);
 	if (interp)
 		unmap_pages((vm_offset_t)interp, interp_len);
 	return error;
 }
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@ -23,7 +23,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$Id: kern_exec.c,v 1.77 1998/02/06 12:13:23 eivind Exp $
+ *	$Id: kern_exec.c,v 1.78 1998/02/25 13:08:06 bde Exp $
 */
 #include <sys/param.h>
@ -65,10 +65,6 @@
 static int *exec_copyout_strings __P((struct image_params *));
 static int exec_check_permissions __P((struct image_params *));
 static int exec_map_first_page __P((struct image_params *));
 static void exec_unmap_first_page __P((struct image_params *));
 /*
 * XXX trouble here if sizeof(caddr_t) != sizeof(int), other parts
 * of the sysctl code also assumes this, and sizeof(int) == sizeof(long).
@ -107,7 +103,6 @@ execve(p, uap)
 	int error, len, i;
 	struct image_params image_params, *imgp;
 	struct vattr attr;
 	struct buf *bp = NULL;
 	imgp = &image_params;
@ -645,7 +640,7 @@ exec_copyout_strings(imgp)
 * Check permissions of file to execute.
 *	Return 0 for success or error code on failure.
 */
-static int
+int
 exec_check_permissions(imgp)
 	struct image_params *imgp;
 {
--- a/sys/sys/exec.h
+++ b/sys/sys/exec.h
@ -36,7 +36,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)exec.h	8.3 (Berkeley) 1/21/94
- * $Id: exec.h,v 1.16 1997/09/07 05:27:08 bde Exp $
+ * $Id: exec.h,v 1.17 1997/09/16 11:44:04 bde Exp $
 */
 #ifndef _SYS_EXEC_H_
@ -73,4 +73,11 @@ struct execsw {
 #include <machine/exec.h>
 #ifdef KERNEL
 #include <sys/cdefs.h>
 int exec_map_first_page __P((struct image_params *));        
 void exec_unmap_first_page __P((struct image_params *));       
 #endif
 #endif
--- a/sys/sys/imgact.h
+++ b/sys/sys/imgact.h
@ -30,7 +30,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$Id: imgact.h,v 1.15 1997/04/23 22:02:37 ache Exp $
+ *	$Id: imgact.h,v 1.16 1998/01/11 21:34:43 dyson Exp $
 */
 #ifndef _SYS_IMGACT_H_
@ -56,6 +56,7 @@ struct image_params {
 };
 #ifdef KERNEL
 int	exec_check_permissions __P((struct image_params *));
 int	exec_extract_strings __P((struct image_params *));
 int	exec_new_vmspace __P((struct image_params *));
 #endif