3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 #include <sys/kmem.h>
26 #include <sys/errno.h>
27 #include <sys/systm.h>
28 #include <sys/cmn_err.h>
29 #include <sys/brand.h>
30 #include <sys/machbrand.h>
31 #include <sys/modctl.h>
32 #include <sys/rwlock.h>
33 #include <sys/zone.h>
34 #include <sys/pathname.h>
35
36 #define SUPPORTED_BRAND_VERSION BRAND_VER_1
37
38 #if defined(__sparcv9)
39 /* sparcv9 uses system wide brand interposition hooks */
40 static void brand_plat_interposition_enable(void);
41 static void brand_plat_interposition_disable(void);
42
43 struct brand_mach_ops native_mach_ops = {
44 NULL, NULL
45 };
46 #else /* !__sparcv9 */
47 struct brand_mach_ops native_mach_ops = {
48 NULL, NULL, NULL, NULL
49 };
50 #endif /* !__sparcv9 */
51
52 brand_t native_brand = {
53 BRAND_VER_1,
54 "native",
55 NULL,
56 &native_mach_ops
57 };
58
59 /*
60 * Used to maintain a list of all the brands currently loaded into the
61 * kernel.
62 */
63 struct brand_list {
64 int bl_refcnt;
65 struct brand_list *bl_next;
66 brand_t *bl_brand;
67 };
68
69 static struct brand_list *brand_list = NULL;
70
71 /*
72 * This lock protects the integrity of the brand list.
73 */
74 static kmutex_t brand_list_lock;
75
76 void
293
294 return (cnt);
295 }
296
297 void
298 brand_unregister_zone(struct brand *bp)
299 {
300 struct brand_list *list;
301
302 mutex_enter(&brand_list_lock);
303 for (list = brand_list; list != NULL; list = list->bl_next) {
304 if (list->bl_brand == bp) {
305 ASSERT(list->bl_refcnt > 0);
306 list->bl_refcnt--;
307 break;
308 }
309 }
310 mutex_exit(&brand_list_lock);
311 }
312
313 void
314 brand_setbrand(proc_t *p)
315 {
316 brand_t *bp = p->p_zone->zone_brand;
317
318 ASSERT(bp != NULL);
319 ASSERT(p->p_brand == &native_brand);
320
321 /*
322 * We should only be called from exec(), when we know the process
323 * is single-threaded.
324 */
325 ASSERT(p->p_tlist == p->p_tlist->t_forw);
326
327 p->p_brand = bp;
328 ASSERT(PROC_IS_BRANDED(p));
329 BROP(p)->b_setbrand(p);
330 }
331
332 void
333 brand_clearbrand(proc_t *p, boolean_t no_lwps)
334 {
335 brand_t *bp = p->p_zone->zone_brand;
336 klwp_t *lwp = NULL;
337 ASSERT(bp != NULL);
338 ASSERT(!no_lwps || (p->p_tlist == NULL));
339
340 /*
341 * If called from exec_common() or proc_exit(),
342 * we know the process is single-threaded.
343 * If called from fork_fail, p_tlist is NULL.
344 */
345 if (!no_lwps) {
346 ASSERT(p->p_tlist == p->p_tlist->t_forw);
347 lwp = p->p_tlist->t_lwp;
348 }
349
350 ASSERT(PROC_IS_BRANDED(p));
351 BROP(p)->b_proc_exit(p, lwp);
352 p->p_brand = &native_brand;
353 }
354
355 #if defined(__sparcv9)
356 /*
357 * Currently, only sparc has system level brand syscall interposition.
358 * On x86 we're able to enable syscall interposition on a per-cpu basis
359 * when a branded thread is scheduled to run on a cpu.
360 */
361
362 /* Local variables needed for dynamic syscall interposition support */
363 static uint32_t syscall_trap_patch_instr_orig;
364 static uint32_t syscall_trap32_patch_instr_orig;
365
366 /* Trap Table syscall entry hot patch points */
367 extern void syscall_trap_patch_point(void);
368 extern void syscall_trap32_patch_point(void);
369
370 /* Alternate syscall entry handlers used when branded zones are running */
371 extern void syscall_wrapper(void);
372 extern void syscall_wrapper32(void);
466 int
467 brand_solaris_cmd(int cmd, uintptr_t arg1, uintptr_t arg2, uintptr_t arg3,
468 struct brand *pbrand, int brandvers)
469 {
470 brand_proc_data_t *spd;
471 brand_proc_reg_t reg;
472 proc_t *p = curproc;
473 int err;
474
475 /*
476 * There is one operation that is supported for a native
477 * process; B_EXEC_BRAND. This brand operaion is redundant
478 * since the kernel assumes a native process doing an exec
479 * in a branded zone is going to run a branded processes.
480 * hence we don't support this operation.
481 */
482 if (cmd == B_EXEC_BRAND)
483 return (ENOSYS);
484
485 /* For all other operations this must be a branded process. */
486 if (p->p_brand == &native_brand)
487 return (ENOSYS);
488
489 ASSERT(p->p_brand == pbrand);
490 ASSERT(p->p_brand_data != NULL);
491
492 spd = (brand_proc_data_t *)p->p_brand_data;
493
494 switch ((cmd)) {
495 case B_EXEC_NATIVE:
496 err = exec_common((char *)arg1, (const char **)arg2,
497 (const char **)arg3, EBA_NATIVE);
498 return (err);
499
500 /*
501 * Get the address of the user-space system call handler from
502 * the user process and attach it to the proc structure.
503 */
504 case B_REGISTER:
505 if (p->p_model == DATAMODEL_NATIVE) {
506 if (copyin((void *)arg1, ®, sizeof (reg)) != 0)
584 spd = kmem_alloc(sizeof (brand_proc_data_t), KM_SLEEP);
585 bcopy(parent->p_brand_data, spd, sizeof (brand_proc_data_t));
586 child->p_brand_data = spd;
587 }
588
589 static void
590 restoreexecenv(struct execenv *ep, stack_t *sp)
591 {
592 klwp_t *lwp = ttolwp(curthread);
593
594 setexecenv(ep);
595 lwp->lwp_sigaltstack.ss_sp = sp->ss_sp;
596 lwp->lwp_sigaltstack.ss_size = sp->ss_size;
597 lwp->lwp_sigaltstack.ss_flags = sp->ss_flags;
598 }
599
600 /*ARGSUSED*/
601 int
602 brand_solaris_elfexec(vnode_t *vp, execa_t *uap, uarg_t *args,
603 intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file,
604 cred_t *cred, int brand_action, struct brand *pbrand, char *bname,
605 char *brandlib, char *brandlib32, char *brandlinker, char *brandlinker32)
606 {
607
608 vnode_t *nvp;
609 Ehdr ehdr;
610 Addr uphdr_vaddr;
611 intptr_t voffset;
612 int interp;
613 int i, err;
614 struct execenv env;
615 struct execenv origenv;
616 stack_t orig_sigaltstack;
617 struct user *up = PTOU(curproc);
618 proc_t *p = ttoproc(curthread);
619 klwp_t *lwp = ttolwp(curthread);
620 brand_proc_data_t *spd;
621 brand_elf_data_t sed, *sedp;
622 char *linker;
623 uintptr_t lddata; /* lddata of executable's linker */
624
625 ASSERT(curproc->p_brand == pbrand);
626 ASSERT(curproc->p_brand_data != NULL);
627
628 spd = (brand_proc_data_t *)curproc->p_brand_data;
629 sedp = &spd->spd_elf_data;
630
631 args->brandname = bname;
632
633 /*
634 * We will exec the brand library and then map in the target
635 * application and (optionally) the brand's default linker.
636 */
637 if (args->to_model == DATAMODEL_NATIVE) {
638 args->emulator = brandlib;
639 linker = brandlinker;
640 }
641 #if defined(_LP64)
642 else {
643 args->emulator = brandlib32;
644 linker = brandlinker32;
645 }
646 #endif /* _LP64 */
647
648 if ((err = lookupname(args->emulator, UIO_SYSSPACE, FOLLOW,
649 NULLVPP, &nvp)) != 0) {
650 uprintf("%s: not found.", args->emulator);
651 return (err);
652 }
653
654 /*
655 * The following elf{32}exec call changes the execenv in the proc
656 * struct which includes changing the p_exec member to be the vnode
657 * for the brand library (e.g. /.SUNWnative/usr/lib/s10_brand.so.1).
658 * We will eventually set the p_exec member to be the vnode for the new
659 * executable when we call setexecenv(). However, if we get an error
660 * before that call we need to restore the execenv to its original
661 * values so that when we return to the caller fop_close() works
662 * properly while cleaning up from the failed exec(). Restoring the
663 * original value will also properly decrement the 2nd VN_RELE that we
664 * took on the brand library.
708 sed.sed_phdr = up->u_auxv[i].a_un.a_val;
709 break;
710 case AT_PHENT:
711 sed.sed_phent = up->u_auxv[i].a_un.a_val;
712 break;
713 case AT_PHNUM:
714 sed.sed_phnum = up->u_auxv[i].a_un.a_val;
715 break;
716 default:
717 break;
718 }
719 }
720 /* Make sure the emulator has an entry point */
721 ASSERT(sed.sed_entry != NULL);
722 ASSERT(sed.sed_phdr != NULL);
723
724 bzero(&env, sizeof (env));
725 if (args->to_model == DATAMODEL_NATIVE) {
726 err = mapexec_brand(vp, args, &ehdr, &uphdr_vaddr,
727 &voffset, exec_file, &interp, &env.ex_bssbase,
728 &env.ex_brkbase, &env.ex_brksize, NULL);
729 }
730 #if defined(_LP64)
731 else {
732 Elf32_Ehdr ehdr32;
733 Elf32_Addr uphdr_vaddr32;
734 err = mapexec32_brand(vp, args, &ehdr32, &uphdr_vaddr32,
735 &voffset, exec_file, &interp, &env.ex_bssbase,
736 &env.ex_brkbase, &env.ex_brksize, NULL);
737 Ehdr32to64(&ehdr32, &ehdr);
738
739 if (uphdr_vaddr32 == (Elf32_Addr)-1)
740 uphdr_vaddr = (Addr)-1;
741 else
742 uphdr_vaddr = uphdr_vaddr32;
743 }
744 #endif /* _LP64 */
745 if (err != 0) {
746 restoreexecenv(&origenv, &orig_sigaltstack);
747 return (err);
748 }
749
750 /*
751 * Save off the important properties of the executable. The
752 * brand library will ask us for this data later, when it is
753 * initializing and getting ready to transfer control to the
754 * brand application.
755 */
756 if (uphdr_vaddr == (Addr)-1)
757 sedp->sed_phdr = voffset + ehdr.e_phoff;
758 else
759 sedp->sed_phdr = voffset + uphdr_vaddr;
760 sedp->sed_entry = voffset + ehdr.e_entry;
761 sedp->sed_phent = ehdr.e_phentsize;
762 sedp->sed_phnum = ehdr.e_phnum;
763
764 if (interp) {
765 if (ehdr.e_type == ET_DYN) {
766 /*
767 * This is a shared object executable, so we
768 * need to pick a reasonable place to put the
769 * heap. Just don't use the first page.
770 */
771 env.ex_brkbase = (caddr_t)PAGESIZE;
772 env.ex_bssbase = (caddr_t)PAGESIZE;
773 }
774
775 /*
776 * If the program needs an interpreter (most do), map
777 * it in and store relevant information about it in the
778 * aux vector, where the brand library can find it.
779 */
780 if ((err = lookupname(linker, UIO_SYSSPACE,
781 FOLLOW, NULLVPP, &nvp)) != 0) {
782 uprintf("%s: not found.", brandlinker);
783 restoreexecenv(&origenv, &orig_sigaltstack);
784 return (err);
785 }
786 if (args->to_model == DATAMODEL_NATIVE) {
787 err = mapexec_brand(nvp, args, &ehdr,
788 &uphdr_vaddr, &voffset, exec_file, &interp,
789 NULL, NULL, NULL, &lddata);
790 }
791 #if defined(_LP64)
792 else {
793 Elf32_Ehdr ehdr32;
794 Elf32_Addr uphdr_vaddr32;
795 err = mapexec32_brand(nvp, args, &ehdr32,
796 &uphdr_vaddr32, &voffset, exec_file, &interp,
797 NULL, NULL, NULL, &lddata);
798 Ehdr32to64(&ehdr32, &ehdr);
799
800 if (uphdr_vaddr32 == (Elf32_Addr)-1)
801 uphdr_vaddr = (Addr)-1;
802 else
803 uphdr_vaddr = uphdr_vaddr32;
804 }
805 #endif /* _LP64 */
806 VN_RELE(nvp);
807 if (err != 0) {
808 restoreexecenv(&origenv, &orig_sigaltstack);
809 return (err);
810 }
811
812 /*
813 * Now that we know the base address of the brand's
814 * linker, place it in the aux vector.
815 */
816 sedp->sed_base = voffset;
817 sedp->sed_ldentry = voffset + ehdr.e_entry;
917 return (EFAULT);
918 }
919 #if defined(_LP64)
920 else {
921 auxv32_t brand_auxv32[] = {
922 { AT_SUN_BRAND_AUX1, 0 },
923 { AT_SUN_BRAND_AUX2, 0 },
924 { AT_SUN_BRAND_AUX3, 0 }
925 };
926
927 ASSERT(brand_auxv32[0].a_type == AT_SUN_BRAND_COMMON_LDDATA);
928 brand_auxv32[0].a_un.a_val = (uint32_t)sed.sed_lddata;
929 if (copyout(&brand_auxv32, args->auxp_brand,
930 sizeof (brand_auxv32)) != 0)
931 return (EFAULT);
932 }
933 #endif /* _LP64 */
934
935 /*
936 * Third, the /proc aux vectors set up by elfexec() point to
937 * brand emulation library and it's linker. Copy these to the
938 * /proc brand specific aux vector, and update the regular
939 * /proc aux vectors to point to the executable (and it's
940 * linker). This will enable debuggers to access the
941 * executable via the usual /proc or elf notes aux vectors.
942 *
943 * The brand emulation library's linker will get it's aux
944 * vectors off the stack, and then update the stack with the
945 * executable's aux vectors before jumping to the executable's
946 * linker.
947 *
948 * Debugging the brand emulation library must be done from
949 * the global zone, where the librtld_db module knows how to
950 * fetch the brand specific aux vectors to access the brand
951 * emulation libraries linker.
952 */
953 for (i = 0; i < __KERN_NAUXV_IMPL; i++) {
954 ulong_t val;
955
956 switch (up->u_auxv[i].a_type) {
957 case AT_SUN_BRAND_COMMON_LDDATA:
958 up->u_auxv[i].a_un.a_val = sed.sed_lddata;
959 continue;
1061
1062 /*
1063 * Both LWPs have already had been initialized via
1064 * brand_solaris_initlwp().
1065 */
1066 ASSERT(p->lwp_brand != NULL);
1067 ASSERT(c->lwp_brand != NULL);
1068 }
1069
1070 /*ARGSUSED*/
1071 void
1072 brand_solaris_freelwp(klwp_t *l, struct brand *pbrand)
1073 {
1074 ASSERT(l->lwp_procp->p_brand == pbrand);
1075 ASSERT(l->lwp_procp->p_brand_data != NULL);
1076 ASSERT(l->lwp_brand != NULL);
1077 l->lwp_brand = NULL;
1078 }
1079
1080 /*ARGSUSED*/
1081 int
1082 brand_solaris_initlwp(klwp_t *l, struct brand *pbrand)
1083 {
1084 ASSERT(l->lwp_procp->p_brand == pbrand);
1085 ASSERT(l->lwp_procp->p_brand_data != NULL);
1086 ASSERT(l->lwp_brand == NULL);
1087 l->lwp_brand = (void *)-1;
1088 return (0);
1089 }
1090
1091 /*ARGSUSED*/
1092 void
1093 brand_solaris_lwpexit(klwp_t *l, struct brand *pbrand)
1094 {
1095 proc_t *p = l->lwp_procp;
1096
1097 ASSERT(l->lwp_procp->p_brand == pbrand);
1098 ASSERT(l->lwp_procp->p_brand_data != NULL);
1099 ASSERT(l->lwp_brand != NULL);
1100
1101 /*
1102 * We should never be called for the last thread in a process.
1103 * (That case is handled by brand_solaris_proc_exit().)
1104 * Therefore this lwp must be exiting from a multi-threaded
1105 * process.
1106 */
1107 ASSERT(p->p_tlist != p->p_tlist->t_forw);
1108
1109 l->lwp_brand = NULL;
1110 }
1111
1112 /*ARGSUSED*/
1113 void
1114 brand_solaris_proc_exit(struct proc *p, klwp_t *l, struct brand *pbrand)
1115 {
1116 ASSERT(p->p_brand == pbrand);
1117 ASSERT(p->p_brand_data != NULL);
1118
1119 /*
1120 * When called from proc_exit(), we know that process is
1121 * single-threaded and free our lwp brand data.
1122 * otherwise just free p_brand_data and return.
1123 */
1124 if (l != NULL) {
1125 ASSERT(p->p_tlist == p->p_tlist->t_forw);
1126 ASSERT(p->p_tlist->t_lwp == l);
1127 (void) brand_solaris_freelwp(l, pbrand);
1128 }
1129
1130 /* upon exit, free our proc brand data */
1131 kmem_free(p->p_brand_data, sizeof (brand_proc_data_t));
1132 p->p_brand_data = NULL;
1133 }
1134
1135 void
1136 brand_solaris_setbrand(proc_t *p, struct brand *pbrand)
1137 {
1138 ASSERT(p->p_brand == pbrand);
1139 ASSERT(p->p_brand_data == NULL);
1140
1141 /*
1142 * We should only be called from exec(), when we know the process
1143 * is single-threaded.
1144 */
1145 ASSERT(p->p_tlist == p->p_tlist->t_forw);
1146
1147 p->p_brand_data = kmem_zalloc(sizeof (brand_proc_data_t), KM_SLEEP);
1148 (void) brand_solaris_initlwp(p->p_tlist->t_lwp, pbrand);
1149 }
|
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright (c) 2015, Joyent, Inc. All rights reserved.
24 */
25
26 #include <sys/kmem.h>
27 #include <sys/errno.h>
28 #include <sys/systm.h>
29 #include <sys/cmn_err.h>
30 #include <sys/brand.h>
31 #include <sys/machbrand.h>
32 #include <sys/modctl.h>
33 #include <sys/rwlock.h>
34 #include <sys/zone.h>
35 #include <sys/pathname.h>
36
37 #define SUPPORTED_BRAND_VERSION BRAND_VER_1
38
39 #if defined(__sparcv9)
40 /* sparcv9 uses system wide brand interposition hooks */
41 static void brand_plat_interposition_enable(void);
42 static void brand_plat_interposition_disable(void);
43
44 struct brand_mach_ops native_mach_ops = {
45 NULL, NULL
46 };
47 #else /* !__sparcv9 */
48 struct brand_mach_ops native_mach_ops = {
49 NULL, NULL, NULL, NULL, NULL, NULL, NULL
50 };
51 #endif /* !__sparcv9 */
52
53 brand_t native_brand = {
54 BRAND_VER_1,
55 "native",
56 NULL,
57 &native_mach_ops,
58 0
59 };
60
61 /*
62 * Used to maintain a list of all the brands currently loaded into the
63 * kernel.
64 */
65 struct brand_list {
66 int bl_refcnt;
67 struct brand_list *bl_next;
68 brand_t *bl_brand;
69 };
70
71 static struct brand_list *brand_list = NULL;
72
73 /*
74 * This lock protects the integrity of the brand list.
75 */
76 static kmutex_t brand_list_lock;
77
78 void
295
296 return (cnt);
297 }
298
299 void
300 brand_unregister_zone(struct brand *bp)
301 {
302 struct brand_list *list;
303
304 mutex_enter(&brand_list_lock);
305 for (list = brand_list; list != NULL; list = list->bl_next) {
306 if (list->bl_brand == bp) {
307 ASSERT(list->bl_refcnt > 0);
308 list->bl_refcnt--;
309 break;
310 }
311 }
312 mutex_exit(&brand_list_lock);
313 }
314
315 int
316 brand_setbrand(proc_t *p, boolean_t lwps_ok)
317 {
318 brand_t *bp = p->p_zone->zone_brand;
319 void *brand_data = NULL;
320
321 VERIFY(MUTEX_NOT_HELD(&p->p_lock));
322 VERIFY(bp != NULL);
323
324 /*
325 * Process branding occurs during fork() and exec(). When it happens
326 * during fork(), the LWP count will always be 0 since branding is
327 * performed as part of getproc(), before LWPs have been associated.
328 * The same is not true during exec(), where a multi-LWP process may
329 * undergo branding just prior to gexec(). This is to ensure
330 * exec-related brand hooks are available. While it may seem
331 * complicated to brand a multi-LWP process, the two possible outcomes
332 * simplify things:
333 *
334 * 1. The exec() succeeds: LWPs besides the caller will be killed and
335 * any further branding will occur in a single-LWP context.
336 * 2. The exec() fails: The process will be promptly unbranded since
337 * the hooks are no longer needed.
338 *
339 * To prevent inconsistent brand state from being encountered during
340 * the exec(), LWPs beyond the caller which are associated with this
341 * process must be held temporarily. They will be released either when
342 * they are killed in the exec() success, or when the brand is cleared
343 * after exec() failure.
344 */
345 if (lwps_ok) {
346 /*
347 * We've been called from a exec() context tolerating the
348 * existence of multiple LWPs during branding is necessary.
349 */
350 VERIFY(p == curproc);
351 VERIFY(p->p_tlist != NULL);
352
353 if (p->p_tlist != p->p_tlist->t_forw) {
354 /*
355 * Multiple LWPs are present. Hold all but the caller.
356 */
357 if (!holdlwps(SHOLDFORK1)) {
358 return (-1);
359 }
360 }
361 } else {
362 /*
363 * Processes branded during fork() should not have LWPs at all.
364 */
365 VERIFY(p->p_tlist == NULL);
366 }
367
368 if (bp->b_data_size > 0) {
369 brand_data = kmem_zalloc(bp->b_data_size, KM_SLEEP);
370 }
371
372 mutex_enter(&p->p_lock);
373 ASSERT(!PROC_IS_BRANDED(p));
374 p->p_brand = bp;
375 p->p_brand_data = brand_data;
376 ASSERT(PROC_IS_BRANDED(p));
377 BROP(p)->b_setbrand(p);
378 mutex_exit(&p->p_lock);
379 return (0);
380 }
381
382 void
383 brand_clearbrand(proc_t *p, boolean_t lwps_ok)
384 {
385 brand_t *bp = p->p_zone->zone_brand;
386 void *brand_data;
387
388 VERIFY(MUTEX_NOT_HELD(&p->p_lock));
389 VERIFY(bp != NULL);
390 VERIFY(PROC_IS_BRANDED(p));
391
392 mutex_enter(&p->p_lock);
393 p->p_brand = &native_brand;
394 brand_data = p->p_brand_data;
395 p->p_brand_data = NULL;
396
397 if (lwps_ok) {
398 VERIFY(p == curproc);
399 /*
400 * A process with multiple LWPs is being de-branded after
401 * failing an exec. The other LWPs were held as part of the
402 * procedure, so they must be resumed now.
403 */
404 if (p->p_tlist != NULL && p->p_tlist != p->p_tlist->t_forw) {
405 continuelwps(p);
406 }
407 } else {
408 /*
409 * While clearing the brand, it's ok for one LWP to be present.
410 * This happens when a native binary is executed inside a
411 * branded zone, since the brand will be removed during the
412 * course of a successful exec.
413 */
414 VERIFY(p->p_tlist == NULL || p->p_tlist == p->p_tlist->t_forw);
415 }
416 mutex_exit(&p->p_lock);
417
418 if (brand_data != NULL) {
419 kmem_free(brand_data, bp->b_data_size);
420 }
421 }
422
423 #if defined(__sparcv9)
424 /*
425 * Currently, only sparc has system level brand syscall interposition.
426 * On x86 we're able to enable syscall interposition on a per-cpu basis
427 * when a branded thread is scheduled to run on a cpu.
428 */
429
430 /* Local variables needed for dynamic syscall interposition support */
431 static uint32_t syscall_trap_patch_instr_orig;
432 static uint32_t syscall_trap32_patch_instr_orig;
433
434 /* Trap Table syscall entry hot patch points */
435 extern void syscall_trap_patch_point(void);
436 extern void syscall_trap32_patch_point(void);
437
438 /* Alternate syscall entry handlers used when branded zones are running */
439 extern void syscall_wrapper(void);
440 extern void syscall_wrapper32(void);
534 int
535 brand_solaris_cmd(int cmd, uintptr_t arg1, uintptr_t arg2, uintptr_t arg3,
536 struct brand *pbrand, int brandvers)
537 {
538 brand_proc_data_t *spd;
539 brand_proc_reg_t reg;
540 proc_t *p = curproc;
541 int err;
542
543 /*
544 * There is one operation that is supported for a native
545 * process; B_EXEC_BRAND. This brand operaion is redundant
546 * since the kernel assumes a native process doing an exec
547 * in a branded zone is going to run a branded processes.
548 * hence we don't support this operation.
549 */
550 if (cmd == B_EXEC_BRAND)
551 return (ENOSYS);
552
553 /* For all other operations this must be a branded process. */
554 if (!PROC_IS_BRANDED(p))
555 return (ENOSYS);
556
557 ASSERT(p->p_brand == pbrand);
558 ASSERT(p->p_brand_data != NULL);
559
560 spd = (brand_proc_data_t *)p->p_brand_data;
561
562 switch ((cmd)) {
563 case B_EXEC_NATIVE:
564 err = exec_common((char *)arg1, (const char **)arg2,
565 (const char **)arg3, EBA_NATIVE);
566 return (err);
567
568 /*
569 * Get the address of the user-space system call handler from
570 * the user process and attach it to the proc structure.
571 */
572 case B_REGISTER:
573 if (p->p_model == DATAMODEL_NATIVE) {
574 if (copyin((void *)arg1, ®, sizeof (reg)) != 0)
652 spd = kmem_alloc(sizeof (brand_proc_data_t), KM_SLEEP);
653 bcopy(parent->p_brand_data, spd, sizeof (brand_proc_data_t));
654 child->p_brand_data = spd;
655 }
656
657 static void
658 restoreexecenv(struct execenv *ep, stack_t *sp)
659 {
660 klwp_t *lwp = ttolwp(curthread);
661
662 setexecenv(ep);
663 lwp->lwp_sigaltstack.ss_sp = sp->ss_sp;
664 lwp->lwp_sigaltstack.ss_size = sp->ss_size;
665 lwp->lwp_sigaltstack.ss_flags = sp->ss_flags;
666 }
667
668 /*ARGSUSED*/
669 int
670 brand_solaris_elfexec(vnode_t *vp, execa_t *uap, uarg_t *args,
671 intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file,
672 cred_t *cred, int *brand_action, struct brand *pbrand, char *bname,
673 char *brandlib, char *brandlib32)
674 {
675
676 vnode_t *nvp;
677 Ehdr ehdr;
678 Addr uphdr_vaddr;
679 intptr_t voffset;
680 char *interp;
681 int i, err;
682 struct execenv env;
683 struct execenv origenv;
684 stack_t orig_sigaltstack;
685 struct user *up = PTOU(curproc);
686 proc_t *p = ttoproc(curthread);
687 klwp_t *lwp = ttolwp(curthread);
688 brand_proc_data_t *spd;
689 brand_elf_data_t sed, *sedp;
690 uintptr_t lddata; /* lddata of executable's linker */
691
692 ASSERT(curproc->p_brand == pbrand);
693 ASSERT(curproc->p_brand_data != NULL);
694
695 spd = (brand_proc_data_t *)curproc->p_brand_data;
696 sedp = &spd->spd_elf_data;
697
698 args->brandname = bname;
699
700 /*
701 * We will exec the brand library and then map in the target
702 * application and (optionally) the brand's default linker.
703 */
704 if (args->to_model == DATAMODEL_NATIVE) {
705 args->emulator = brandlib;
706 }
707 #if defined(_LP64)
708 else {
709 args->emulator = brandlib32;
710 }
711 #endif /* _LP64 */
712
713 if ((err = lookupname(args->emulator, UIO_SYSSPACE, FOLLOW,
714 NULLVPP, &nvp)) != 0) {
715 uprintf("%s: not found.", args->emulator);
716 return (err);
717 }
718
719 /*
720 * The following elf{32}exec call changes the execenv in the proc
721 * struct which includes changing the p_exec member to be the vnode
722 * for the brand library (e.g. /.SUNWnative/usr/lib/s10_brand.so.1).
723 * We will eventually set the p_exec member to be the vnode for the new
724 * executable when we call setexecenv(). However, if we get an error
725 * before that call we need to restore the execenv to its original
726 * values so that when we return to the caller fop_close() works
727 * properly while cleaning up from the failed exec(). Restoring the
728 * original value will also properly decrement the 2nd VN_RELE that we
729 * took on the brand library.
773 sed.sed_phdr = up->u_auxv[i].a_un.a_val;
774 break;
775 case AT_PHENT:
776 sed.sed_phent = up->u_auxv[i].a_un.a_val;
777 break;
778 case AT_PHNUM:
779 sed.sed_phnum = up->u_auxv[i].a_un.a_val;
780 break;
781 default:
782 break;
783 }
784 }
785 /* Make sure the emulator has an entry point */
786 ASSERT(sed.sed_entry != NULL);
787 ASSERT(sed.sed_phdr != NULL);
788
789 bzero(&env, sizeof (env));
790 if (args->to_model == DATAMODEL_NATIVE) {
791 err = mapexec_brand(vp, args, &ehdr, &uphdr_vaddr,
792 &voffset, exec_file, &interp, &env.ex_bssbase,
793 &env.ex_brkbase, &env.ex_brksize, NULL, NULL);
794 }
795 #if defined(_LP64)
796 else {
797 Elf32_Ehdr ehdr32;
798 Elf32_Addr uphdr_vaddr32;
799 err = mapexec32_brand(vp, args, &ehdr32, &uphdr_vaddr32,
800 &voffset, exec_file, &interp, &env.ex_bssbase,
801 &env.ex_brkbase, &env.ex_brksize, NULL, NULL);
802 Ehdr32to64(&ehdr32, &ehdr);
803
804 if (uphdr_vaddr32 == (Elf32_Addr)-1)
805 uphdr_vaddr = (Addr)-1;
806 else
807 uphdr_vaddr = uphdr_vaddr32;
808 }
809 #endif /* _LP64 */
810 if (err != 0) {
811 restoreexecenv(&origenv, &orig_sigaltstack);
812
813 if (interp != NULL)
814 kmem_free(interp, MAXPATHLEN);
815
816 return (err);
817 }
818
819 /*
820 * Save off the important properties of the executable. The
821 * brand library will ask us for this data later, when it is
822 * initializing and getting ready to transfer control to the
823 * brand application.
824 */
825 if (uphdr_vaddr == (Addr)-1)
826 sedp->sed_phdr = voffset + ehdr.e_phoff;
827 else
828 sedp->sed_phdr = voffset + uphdr_vaddr;
829 sedp->sed_entry = voffset + ehdr.e_entry;
830 sedp->sed_phent = ehdr.e_phentsize;
831 sedp->sed_phnum = ehdr.e_phnum;
832
833 if (interp != NULL) {
834 if (ehdr.e_type == ET_DYN) {
835 /*
836 * This is a shared object executable, so we
837 * need to pick a reasonable place to put the
838 * heap. Just don't use the first page.
839 */
840 env.ex_brkbase = (caddr_t)PAGESIZE;
841 env.ex_bssbase = (caddr_t)PAGESIZE;
842 }
843
844 /*
845 * If the program needs an interpreter (most do), map
846 * it in and store relevant information about it in the
847 * aux vector, where the brand library can find it.
848 */
849 if ((err = lookupname(interp, UIO_SYSSPACE,
850 FOLLOW, NULLVPP, &nvp)) != 0) {
851 uprintf("%s: not found.", interp);
852 restoreexecenv(&origenv, &orig_sigaltstack);
853 kmem_free(interp, MAXPATHLEN);
854 return (err);
855 }
856
857 kmem_free(interp, MAXPATHLEN);
858
859 if (args->to_model == DATAMODEL_NATIVE) {
860 err = mapexec_brand(nvp, args, &ehdr,
861 &uphdr_vaddr, &voffset, exec_file, &interp,
862 NULL, NULL, NULL, &lddata, NULL);
863 }
864 #if defined(_LP64)
865 else {
866 Elf32_Ehdr ehdr32;
867 Elf32_Addr uphdr_vaddr32;
868 err = mapexec32_brand(nvp, args, &ehdr32,
869 &uphdr_vaddr32, &voffset, exec_file, &interp,
870 NULL, NULL, NULL, &lddata, NULL);
871 Ehdr32to64(&ehdr32, &ehdr);
872
873 if (uphdr_vaddr32 == (Elf32_Addr)-1)
874 uphdr_vaddr = (Addr)-1;
875 else
876 uphdr_vaddr = uphdr_vaddr32;
877 }
878 #endif /* _LP64 */
879 VN_RELE(nvp);
880 if (err != 0) {
881 restoreexecenv(&origenv, &orig_sigaltstack);
882 return (err);
883 }
884
885 /*
886 * Now that we know the base address of the brand's
887 * linker, place it in the aux vector.
888 */
889 sedp->sed_base = voffset;
890 sedp->sed_ldentry = voffset + ehdr.e_entry;
990 return (EFAULT);
991 }
992 #if defined(_LP64)
993 else {
994 auxv32_t brand_auxv32[] = {
995 { AT_SUN_BRAND_AUX1, 0 },
996 { AT_SUN_BRAND_AUX2, 0 },
997 { AT_SUN_BRAND_AUX3, 0 }
998 };
999
1000 ASSERT(brand_auxv32[0].a_type == AT_SUN_BRAND_COMMON_LDDATA);
1001 brand_auxv32[0].a_un.a_val = (uint32_t)sed.sed_lddata;
1002 if (copyout(&brand_auxv32, args->auxp_brand,
1003 sizeof (brand_auxv32)) != 0)
1004 return (EFAULT);
1005 }
1006 #endif /* _LP64 */
1007
1008 /*
1009 * Third, the /proc aux vectors set up by elfexec() point to
1010 * brand emulation library and its linker. Copy these to the
1011 * /proc brand specific aux vector, and update the regular
1012 * /proc aux vectors to point to the executable (and its
1013 * linker). This will enable debuggers to access the
1014 * executable via the usual /proc or elf notes aux vectors.
1015 *
1016 * The brand emulation library's linker will get it's aux
1017 * vectors off the stack, and then update the stack with the
1018 * executable's aux vectors before jumping to the executable's
1019 * linker.
1020 *
1021 * Debugging the brand emulation library must be done from
1022 * the global zone, where the librtld_db module knows how to
1023 * fetch the brand specific aux vectors to access the brand
1024 * emulation libraries linker.
1025 */
1026 for (i = 0; i < __KERN_NAUXV_IMPL; i++) {
1027 ulong_t val;
1028
1029 switch (up->u_auxv[i].a_type) {
1030 case AT_SUN_BRAND_COMMON_LDDATA:
1031 up->u_auxv[i].a_un.a_val = sed.sed_lddata;
1032 continue;
1134
1135 /*
1136 * Both LWPs have already had been initialized via
1137 * brand_solaris_initlwp().
1138 */
1139 ASSERT(p->lwp_brand != NULL);
1140 ASSERT(c->lwp_brand != NULL);
1141 }
1142
1143 /*ARGSUSED*/
1144 void
1145 brand_solaris_freelwp(klwp_t *l, struct brand *pbrand)
1146 {
1147 ASSERT(l->lwp_procp->p_brand == pbrand);
1148 ASSERT(l->lwp_procp->p_brand_data != NULL);
1149 ASSERT(l->lwp_brand != NULL);
1150 l->lwp_brand = NULL;
1151 }
1152
1153 /*ARGSUSED*/
1154 void
1155 brand_solaris_initlwp(klwp_t *l, struct brand *pbrand)
1156 {
1157 ASSERT(l->lwp_procp->p_brand == pbrand);
1158 ASSERT(l->lwp_procp->p_brand_data != NULL);
1159 ASSERT(l->lwp_brand == NULL);
1160 l->lwp_brand = (void *)-1;
1161 }
1162
1163 /*ARGSUSED*/
1164 void
1165 brand_solaris_lwpexit(klwp_t *l, struct brand *pbrand)
1166 {
1167 ASSERT(l->lwp_procp->p_brand == pbrand);
1168 ASSERT(l->lwp_procp->p_brand_data != NULL);
1169 ASSERT(l->lwp_brand != NULL);
1170 }
1171
1172 /*ARGSUSED*/
1173 void
1174 brand_solaris_proc_exit(struct proc *p, struct brand *pbrand)
1175 {
1176 ASSERT(p->p_brand == pbrand);
1177 ASSERT(p->p_brand_data != NULL);
1178
1179 /* upon exit, free our proc brand data */
1180 kmem_free(p->p_brand_data, sizeof (brand_proc_data_t));
1181 p->p_brand_data = NULL;
1182 }
1183
1184 void
1185 brand_solaris_setbrand(proc_t *p, struct brand *pbrand)
1186 {
1187 ASSERT(p->p_brand == pbrand);
1188 ASSERT(p->p_brand_data == NULL);
1189
1190 /*
1191 * We should only be called from exec(), when we know the process
1192 * is single-threaded.
1193 */
1194 ASSERT(p->p_tlist == p->p_tlist->t_forw);
1195
1196 p->p_brand_data = kmem_zalloc(sizeof (brand_proc_data_t), KM_SLEEP);
1197 }
|