Print this page
OS-4119 lxbrand panic when running native perl inside lx zone
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/exec/shbin/shbin.c
+++ new/usr/src/uts/common/exec/shbin/shbin.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
|
↓ open down ↓ |
14 lines elided |
↑ open up ↑ |
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 + * Copyright 2015, Joyent, Inc.
25 26 */
26 27
27 28 #include <sys/types.h>
28 29 #include <sys/param.h>
29 30 #include <sys/sysmacros.h>
30 31 #include <sys/signal.h>
31 32 #include <sys/cred.h>
32 33 #include <sys/user.h>
33 34 #include <sys/errno.h>
34 35 #include <sys/vnode.h>
35 36 #include <sys/proc.h>
36 37 #include <sys/cmn_err.h>
37 38 #include <sys/debug.h>
38 39 #include <sys/pathname.h>
39 40 #include <sys/disp.h>
40 41 #include <sys/exec.h>
41 42 #include <sys/kmem.h>
42 43 #include <sys/note.h>
43 44
44 45 /*
45 46 * This is the loadable module wrapper.
46 47 */
47 48 #include <sys/modctl.h>
48 49
49 50 /* Local prototypes */
50 51 static int
|
↓ open down ↓ |
16 lines elided |
↑ open up ↑ |
51 52 shbinexec(
52 53 struct vnode *vp,
53 54 struct execa *uap,
54 55 struct uarg *args,
55 56 struct intpdata *idatap,
56 57 int level,
57 58 long *execsz,
58 59 int setid,
59 60 caddr_t exec_file,
60 61 struct cred *cred,
61 - int brand_action);
62 + int *brand_action);
62 63
63 64 #define SHBIN_CNTL(x) ((x)&037)
64 65 #define SHBINMAGIC_LEN 4
65 66 extern char shbinmagicstr[];
66 67
67 68 /*
68 69 * Our list where we may find a copy of ksh93. The ordering is:
69 70 * 1. 64bit (may not be installed or not supported in hardware)
70 71 * 2. 32bit
71 72 * 3. Use /sbin/ksh93 when /usr is not available
72 73 *
73 74 * ([1] and [2] explicitly bypass /usr/bin/ksh93 to avoid the
74 75 * isaexec overhead).
75 76 */
76 77 static char *shell_list[] =
77 78 {
78 79 /* Bypass /usr/bin/ksh93 (which is "isaexec") for performance */
79 80 #if defined(__sparc)
80 81 "/usr/bin/sparcv9/ksh93",
81 82 "/usr/bin/sparcv7/ksh93",
82 83 #elif defined(__amd64)
83 84 "/usr/bin/amd64/ksh93",
84 85 "/usr/bin/i86/ksh93",
85 86 #elif defined(__i386)
86 87 "/usr/bin/i86/ksh93",
87 88 #else
88 89 #error "Unrecognized platform/CPU (use /usr/bin/ksh93 when in doubt)."
89 90 #endif
90 91 "/sbin/ksh93",
91 92 NULL
92 93 };
93 94
94 95 static struct execsw esw = {
95 96 shbinmagicstr,
96 97 0,
97 98 SHBINMAGIC_LEN,
98 99 shbinexec,
99 100 NULL
100 101 };
101 102
102 103 /*
103 104 * Module linkage information for the kernel.
104 105 */
105 106 extern struct mod_ops mod_execops;
106 107
107 108 static struct modlexec modlexec = {
108 109 &mod_execops, "exec mod for shell binaries (ksh93)", &esw
109 110 };
110 111
111 112 static struct modlinkage modlinkage = {
112 113 MODREV_1, (void *)&modlexec, NULL
113 114 };
114 115
115 116 int
116 117 _init(void)
117 118 {
118 119 return (mod_install(&modlinkage));
119 120 }
120 121
121 122 int
122 123 _fini(void)
123 124 {
124 125 return (mod_remove(&modlinkage));
125 126 }
126 127
127 128 int
128 129 _info(struct modinfo *modinfop)
129 130 {
130 131 return (mod_info(&modlinkage, modinfop));
131 132 }
132 133
133 134 static int
134 135 checkshbinmagic(struct vnode *vp)
135 136 {
136 137 int error;
137 138 char linep[SHBINMAGIC_LEN];
138 139 ssize_t resid;
139 140
140 141 /*
141 142 * Read the entire line and confirm that it starts with the magic
142 143 * sequence for compiled ksh93 shell scripts.
143 144 */
144 145 if (error = vn_rdwr(UIO_READ, vp, linep, sizeof (linep), (offset_t)0,
145 146 UIO_SYSSPACE, 0, (rlim64_t)0, CRED(), &resid))
146 147 return (error);
147 148
148 149 if (memcmp(linep, shbinmagicstr, SHBINMAGIC_LEN) != 0)
149 150 return (ENOEXEC);
150 151
151 152 return (0);
152 153 }
153 154
154 155 static int
|
↓ open down ↓ |
83 lines elided |
↑ open up ↑ |
155 156 shbinexec(
156 157 struct vnode *vp,
157 158 struct execa *uap,
158 159 struct uarg *args,
159 160 struct intpdata *idatap,
160 161 int level,
161 162 long *execsz,
162 163 int setid,
163 164 caddr_t exec_file,
164 165 struct cred *cred,
165 - int brand_action)
166 + int *brand_action)
166 167 {
167 168 _NOTE(ARGUNUSED(brand_action))
168 169 vnode_t *nvp;
169 170 int error = 0;
170 171 struct intpdata idata;
171 172 struct pathname intppn;
172 173 struct pathname resolvepn;
173 174 char *opath;
174 175 char devfd[19]; /* 32-bit int fits in 10 digits + 8 for "/dev/fd/" */
175 176 int fd = -1;
176 177 int i;
177 178
178 179 if (level) { /* Can't recurse */
179 180 error = ENOEXEC;
180 181 goto bad;
181 182 }
182 183
183 184 ASSERT(idatap == (struct intpdata *)NULL);
184 185
185 186 /*
186 187 * Check whether the executable has the correct magic value.
187 188 */
188 189 if (error = checkshbinmagic(vp))
189 190 goto fail;
190 191
191 192 pn_alloc(&resolvepn);
192 193
193 194 /*
194 195 * Travel the list of shells and look for one which is available...
195 196 */
196 197 for (i = 0; shell_list[i] != NULL; i++) {
197 198 error = pn_get(shell_list[i], UIO_SYSSPACE, &intppn);
198 199 if (error != 0) {
199 200 break;
200 201 }
201 202
202 203 error = lookuppn(&intppn, &resolvepn, FOLLOW, NULLVPP, &nvp);
203 204 if (!error) {
204 205 /* Found match */
205 206 break;
206 207 }
207 208
208 209 /* No match found ? Then continue with the next item... */
209 210 pn_free(&intppn);
210 211 }
211 212
212 213 if (error) {
213 214 pn_free(&resolvepn);
214 215 goto fail;
215 216 }
216 217
217 218 /*
218 219 * Setup interpreter data
219 220 * "--" is passed to mark the end-of-arguments before adding
220 221 * the scripts file name, preventing problems when a
221 222 * a script's name starts with a '-' character.
222 223 */
223 224 idata.intp = NULL;
224 225 idata.intp_name[0] = shell_list[i];
225 226 idata.intp_arg[0] = "--";
226 227
227 228 opath = args->pathname;
228 229 args->pathname = resolvepn.pn_path;
229 230 /* don't free resolvepn until we are done with args */
230 231 pn_free(&intppn);
231 232
232 233 /*
233 234 * When we're executing a set-uid script resulting in uids
234 235 * mismatching or when we execute with additional privileges,
235 236 * we close the "replace script between exec and open by shell"
236 237 * hole by passing the script as /dev/fd parameter.
237 238 */
238 239 if ((setid & EXECSETID_PRIVS) != 0 ||
239 240 (setid & (EXECSETID_UGIDS|EXECSETID_SETID)) ==
240 241 (EXECSETID_UGIDS|EXECSETID_SETID)) {
241 242 (void) strcpy(devfd, "/dev/fd/");
242 243 if (error = execopen(&vp, &fd))
243 244 goto done;
244 245 numtos(fd, &devfd[8]);
245 246 args->fname = devfd;
246 247 }
247 248
248 249 error = gexec(&nvp, uap, args, &idata, ++level, execsz, exec_file, cred,
249 250 EBA_NONE);
250 251
251 252 if (!error) {
252 253 /*
253 254 * Close this script as the sh interpreter
254 255 * will open and close it later on.
255 256 */
256 257 (void) VOP_CLOSE(vp, FREAD, 1, (offset_t)0, cred, NULL);
257 258 }
258 259 done:
259 260 VN_RELE(nvp);
260 261 args->pathname = opath;
261 262 pn_free(&resolvepn);
262 263 fail:
263 264 if (error && fd != -1)
264 265 (void) execclose(fd);
265 266 bad:
266 267 return (error);
267 268 }
|
↓ open down ↓ |
92 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX