1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2016, Joyent, Inc.
25 */
26
27 #ifndef _SYS_BRAND_H
28 #define _SYS_BRAND_H
29
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33
34 #include <sys/proc.h>
35 #include <sys/exec.h>
36 #include <sys/modctl.h>
37 #include <sys/types.h>
38
39 /*
40 * All Brands supported by this kernel must use BRAND_VER_1.
41 */
42 #define BRAND_VER_1 1
43
44 /*
45 * sub-commands to brandsys.
46 * 1 - 128 are for common commands
47 * 128+ are available for brand-specific commands.
48 */
49 #define B_REGISTER 1
50 #define B_TTYMODES 2
51 #define B_ELFDATA 3
52 #define B_EXEC_NATIVE 4
53 #define B_EXEC_BRAND 5
54 #define B_TRUSS_POINT 6
55
56 /*
57 * Structure used by zoneadmd to communicate the name of a brand and the
58 * supporting brand module into the kernel.
59 */
60 struct brand_attr {
61 char ba_brandname[MAXNAMELEN];
62 char ba_modname[MAXPATHLEN];
63 };
64
65 /* What we call the native brand. */
66 #define NATIVE_BRAND_NAME "native"
67
68 /* What we call the labeled brand. */
69 #define LABELED_BRAND_NAME "labeled"
70
71 /*
72 * Aux vector containing lddata pointer of brand library linkmap.
73 * Used by common {brand}_librtld_db.
74 */
75 #define AT_SUN_BRAND_COMMON_LDDATA AT_SUN_BRAND_AUX1
76
77 /*
78 * Information needed by the brand library to launch an executable.
79 */
80 typedef struct brand_elf_data {
81 ulong_t sed_phdr;
82 ulong_t sed_phent;
83 ulong_t sed_phnum;
84 ulong_t sed_entry;
85 ulong_t sed_base;
86 ulong_t sed_ldentry;
87 ulong_t sed_lddata;
88 } brand_elf_data_t;
89
90 /*
91 * Common structure used to register a branded processes
92 */
93 typedef struct brand_proc_reg {
94 uint_t sbr_version; /* version number */
95 caddr_t sbr_handler; /* base address of handler */
96 } brand_proc_reg_t;
97
98 #ifdef _KERNEL
99
100 struct proc;
101 struct uarg;
102 struct brand_mach_ops;
103 struct intpdata;
104 struct execa;
105
106 /*
107 * Common structure to define hooks for brand operation.
108 *
109 * Required Fields:
110 * b_init_brand_data - Setup zone brand data during zone_setbrand
111 * b_free_brand_data - Free zone brand data during zone_destroy
112 * b_brandsys - Syscall handler for brandsys
113 * b_setbrand - Initialize process brand data
114 * b_getattr - Get brand-custom zone attribute
115 * b_setattr - Set brand-custom zone attribute
116 * b_copy_procdata - Copy process brand data during fork
117 * b_proc_exit - Perform process brand exit processing
118 * b_exec - Reset branded process state on exec
119 * b_lwp_setrval - Set return code for forked child
120 * b_initlwp - Initialize lwp brand data (cannot drop p->p_lock)
121 * b_forklwp - Copy lwp brand data during fork
122 * b_freelwp - Free lwp brand data
123 * b_lwpexit - Perform lwp-specific brand exit processing
124 * b_elfexec - Load and execute ELF binary
125 * b_sigset_native_to_brand - Convert sigset native->brand
126 * b_sigset_brand_to_native - Convert sigset brand->native
127 * b_nsig - Maxiumum signal number
128 * b_sendsig - Update process state after sendsig
129 *
130 * Optional Fields:
131 * b_lwpdata_alloc - Speculatively allocate data for use in b_initlwp
132 * b_lwpdata_free - Free data from allocated by b_lwpdata_alloc if errors occur
133 * during lwp creation before b_initlwp could be called.
134 * b_initlwp_post - Complete lwp branding (can temporarily drop p->p_lock)
135 * b_exit_with_sig - Instead of sending SIGCLD, exit with custom behavior
136 * b_psig_to_proc - Custom additional behavior during psig
137 * b_wait_filter - Filter processes from being matched by waitid
138 * b_native_exec - Provide interpreter path prefix for executables
139 * b_ptrace_exectrap - Custom behavior for legacy ptrace traps
140 * b_map32limit - Specify alternate limit for MAP_32BIT mappings
141 * b_stop_notify - Hook process stop events
142 * b_waitid_helper - Generate synthetic results for waitid
143 * b_sigcld_repost - Post synthetic SIGCLD signals
144 * b_issig_stop - Alter/suppress signal delivery during issig
145 * b_sig_ignorable - Disallow discarding of signals
146 * b_savecontext - Alter context during savecontext
147 * b_restorecontext - Alter context during restorecontext
148 * b_sendsig_stack - Override stack used for signal delivery
149 * b_setid_clear - Override setid_clear behavior
150 * b_pagefault - Trap pagefault events
151 * b_intp_parse_arg - Controls interpreter argument handling (allow 1 or all)
152 */
153 struct brand_ops {
154 void (*b_init_brand_data)(zone_t *, kmutex_t *);
155 void (*b_free_brand_data)(zone_t *);
156 int (*b_brandsys)(int, int64_t *, uintptr_t, uintptr_t, uintptr_t,
157 uintptr_t);
158 void (*b_setbrand)(struct proc *);
159 int (*b_getattr)(zone_t *, int, void *, size_t *);
160 int (*b_setattr)(zone_t *, int, void *, size_t);
161 void (*b_copy_procdata)(struct proc *, struct proc *);
162 void (*b_proc_exit)(struct proc *);
163 void (*b_exec)();
164 void (*b_lwp_setrval)(klwp_t *, int, int);
165 void *(*b_lwpdata_alloc)(struct proc *);
166 void (*b_lwpdata_free)(void *);
167 void (*b_initlwp)(klwp_t *, void *);
168 void (*b_initlwp_post)(klwp_t *);
169 void (*b_forklwp)(klwp_t *, klwp_t *);
170 void (*b_freelwp)(klwp_t *);
171 void (*b_lwpexit)(klwp_t *);
172 int (*b_elfexec)(struct vnode *vp, struct execa *uap,
173 struct uarg *args, struct intpdata *idata, int level,
174 long *execsz, int setid, caddr_t exec_file,
175 struct cred *cred, int *brand_action);
176 void (*b_sigset_native_to_brand)(sigset_t *);
177 void (*b_sigset_brand_to_native)(sigset_t *);
178 void (*b_sigfd_translate)(k_siginfo_t *);
179 int b_nsig;
180 void (*b_exit_with_sig)(proc_t *, sigqueue_t *);
181 boolean_t (*b_wait_filter)(proc_t *, proc_t *);
182 boolean_t (*b_native_exec)(uint8_t, const char **);
183 uint32_t (*b_map32limit)(proc_t *);
184 void (*b_stop_notify)(proc_t *, klwp_t *, ushort_t, ushort_t);
185 int (*b_waitid_helper)(idtype_t, id_t, k_siginfo_t *, int,
186 boolean_t *, int *);
187 int (*b_sigcld_repost)(proc_t *, sigqueue_t *);
188 int (*b_issig_stop)(proc_t *, klwp_t *);
189 boolean_t (*b_sig_ignorable)(proc_t *, klwp_t *, int);
190 void (*b_savecontext)(ucontext_t *);
191 #if defined(_SYSCALL32_IMPL)
192 void (*b_savecontext32)(ucontext32_t *);
193 #endif
194 void (*b_restorecontext)(ucontext_t *);
195 caddr_t (*b_sendsig_stack)(int);
196 void (*b_sendsig)(int);
197 int (*b_setid_clear)(vattr_t *vap, cred_t *cr);
198 int (*b_pagefault)(proc_t *, klwp_t *, caddr_t, enum fault_type,
199 enum seg_rw);
200 boolean_t b_intp_parse_arg;
201 };
202
203 /*
204 * The b_version field must always be the first entry in this struct.
205 */
206 typedef struct brand {
207 int b_version;
208 char *b_name;
209 struct brand_ops *b_ops;
210 struct brand_mach_ops *b_machops;
211 size_t b_data_size;
212 } brand_t;
213
214 extern brand_t native_brand;
215
216 /*
217 * Convenience macros
218 */
219 #define lwptolwpbrand(l) ((l)->lwp_brand)
220 #define ttolwpbrand(t) (lwptolwpbrand(ttolwp(t)))
221 #define PROC_IS_BRANDED(p) ((p)->p_brand != &native_brand)
222 #define ZONE_IS_BRANDED(z) ((z)->zone_brand != &native_brand)
223 #define BROP(p) ((p)->p_brand->b_ops)
224 #define ZBROP(z) ((z)->zone_brand->b_ops)
225 #define BRMOP(p) ((p)->p_brand->b_machops)
226 #define SIGSET_NATIVE_TO_BRAND(sigset) \
227 if (PROC_IS_BRANDED(curproc) && \
228 BROP(curproc)->b_sigset_native_to_brand) \
229 BROP(curproc)->b_sigset_native_to_brand(sigset)
230 #define SIGSET_BRAND_TO_NATIVE(sigset) \
231 if (PROC_IS_BRANDED(curproc) && \
232 BROP(curproc)->b_sigset_brand_to_native) \
233 BROP(curproc)->b_sigset_brand_to_native(sigset)
234
235 extern void brand_init();
236 extern int brand_register(brand_t *);
237 extern int brand_unregister(brand_t *);
238 extern brand_t *brand_register_zone(struct brand_attr *);
239 extern brand_t *brand_find_name(char *);
240 extern void brand_unregister_zone(brand_t *);
241 extern int brand_zone_count(brand_t *);
242 extern int brand_setbrand(proc_t *, boolean_t);
243 extern void brand_clearbrand(proc_t *, boolean_t);
244
245 /*
246 * The following functions can be shared among kernel brand modules which
247 * implement Solaris-derived brands, all of which need to do similar tasks to
248 * manage the brand.
249 */
250 extern int brand_solaris_cmd(int, uintptr_t, uintptr_t, uintptr_t,
251 struct brand *, int);
252 extern void brand_solaris_copy_procdata(proc_t *, proc_t *,
253 struct brand *);
254 extern int brand_solaris_elfexec(vnode_t *, execa_t *, uarg_t *,
255 intpdata_t *, int, long *, int, caddr_t, cred_t *, int *,
256 struct brand *, char *, char *, char *);
257 extern void brand_solaris_exec(struct brand *);
258 extern int brand_solaris_fini(char **, struct modlinkage *,
259 struct brand *);
260 extern void brand_solaris_forklwp(klwp_t *, klwp_t *, struct brand *);
261 extern void brand_solaris_freelwp(klwp_t *, struct brand *);
262 extern void brand_solaris_initlwp(klwp_t *, struct brand *);
263 extern void brand_solaris_lwpexit(klwp_t *, struct brand *);
264 extern void brand_solaris_proc_exit(struct proc *, struct brand *);
265 extern void brand_solaris_setbrand(proc_t *, struct brand *);
266
267 #if defined(_SYSCALL32)
268 typedef struct brand_elf_data32 {
269 uint32_t sed_phdr;
270 uint32_t sed_phent;
271 uint32_t sed_phnum;
272 uint32_t sed_entry;
273 uint32_t sed_base;
274 uint32_t sed_ldentry;
275 uint32_t sed_lddata;
276 } brand_elf_data32_t;
277
278 typedef struct brand_common_reg32 {
279 uint32_t sbr_version; /* version number */
280 caddr32_t sbr_handler; /* base address of handler */
281 } brand_common_reg32_t;
282 #endif /* _SYSCALL32 */
283
284 /*
285 * Common information associated with all branded processes
286 */
287 typedef struct brand_proc_data {
288 caddr_t spd_handler; /* address of user-space handler */
289 brand_elf_data_t spd_elf_data; /* common ELF data for branded app. */
290 } brand_proc_data_t;
291
292 #define BRAND_NATIVE_DIR "/.SUNWnative/"
293 #define BRAND_NATIVE_LINKER32 BRAND_NATIVE_DIR "lib/ld.so.1"
294 #define BRAND_NATIVE_LINKER64 BRAND_NATIVE_DIR "lib/64/ld.so.1"
295
296 #endif /* _KERNEL */
297
298 #ifdef __cplusplus
299 }
300 #endif
301
302 #endif /* _SYS_BRAND_H */