357 execve_nosetid(struct image_params *imgp)
359 	imgp->credential_setid = false;
360 	if (imgp->newcred != NULL) {
361 		crfree(imgp->newcred);
362 		imgp->newcred = NULL;
379 	struct image_params image_params, *imgp;
400 	imgp = &image_params;
421 	bzero(imgp, sizeof(*imgp));
422 	imgp->proc = p;
423 	imgp->attr = &attr;
424 	imgp->args = args;
430 	error = mac_execve_enter(imgp, mac_p);
468 		imgp->vp = newtextvp;
479 		imgp->vp = newtextvp;
486 	error = exec_check_permissions(imgp);
490 	imgp->object = imgp->vp->v_object;
491 	if (imgp->object != NULL)
492 		vm_object_reference(imgp->object);
494 	error = exec_map_first_page(imgp);
498 	imgp->proc->p_osrel = 0;
499 	imgp->proc->p_fctl0 = 0;
527 	will_transition = mac_vnode_execve_will_transition(oldcred, imgp->vp,
528 	    interpvplabel, imgp);
534 		imgp->proc->p_pdeathsig = 0;
540 	    (imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 &&
542 		imgp->credential_setid = true;
543 		VOP_UNLOCK(imgp->vp);
544 		imgp->newcred = crdup(oldcred);
547 			change_euid(imgp->newcred, euip);
549 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
551 			change_egid(imgp->newcred, attr.va_gid);
559 		change_svuid(imgp->newcred, imgp->newcred->cr_uid);
560 		change_svgid(imgp->newcred, imgp->newcred->cr_gid);
576 			VOP_UNLOCK(imgp->vp);
577 			imgp->newcred = crdup(oldcred);
578 			vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
579 			change_svuid(imgp->newcred, imgp->newcred->cr_uid);
580 			change_svgid(imgp->newcred, imgp->newcred->cr_gid);
589 		imgp->execpath = args->fname;
591 		VOP_UNLOCK(imgp->vp);
592 		if (vn_fullpath(imgp->vp, &imgp->execpath, &imgp->freepath) != 0)
593 			imgp->execpath = args->fname;
594 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
603 	if ((img_first = imgp->proc->p_sysent->sv_imgact_try) != NULL)
604 		error = img_first(imgp);
616 		error = (*execsw[i]->ex_imgact)(imgp);
629 	if (imgp->interpreted) {
630 		exec_unmap_first_page(imgp);
638 		MPASS(imgp->textset);
640 		imgp->textset = false;
647 		if (imgp->opened) {
649 			imgp->opened = 0;
652 		vm_object_deallocate(imgp->object);
653 		imgp->object = NULL;
654 		execve_nosetid(imgp);
655 		imgp->execpath = NULL;
656 		free(imgp->freepath, M_TEMP);
657 		imgp->freepath = NULL;
660 		    SAVENAME, UIO_SYSSPACE, imgp->interpreter_name, td);
661 		args->fname = imgp->interpreter_name;
669 	VOP_UNLOCK(imgp->vp);
675 		    imgp->execpath != NULL ? imgp->execpath : "<unresolved>");
676 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
687 	error = (*p->p_sysent->sv_copyout_strings)(imgp, &stack_base);
689 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
696 	error = (*p->p_sysent->sv_fixup)(&stack_base, imgp);
698 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
721 	i = exec_args_get_begin_envv(imgp->args) - imgp->args->begin_argv;
725 		bcopy(imgp->args->begin_argv, newargs->ar_args, i);
740 	vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
779 	if (imgp->sysent->sv_setid_allowed != NULL &&
780 	    !(*imgp->sysent->sv_setid_allowed)(td, imgp))
781 		execve_nosetid(imgp);
786 	if (imgp->credential_setid) {
804 		VOP_UNLOCK(imgp->vp);
807 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
813 			mac_vnode_execve_transition(oldcred, imgp->newcred,
814 			    imgp->vp, interpvplabel, imgp);
825 	if (imgp->newcred != NULL) {
826 		proc_set_cred(p, imgp->newcred);
875 		VOP_UNLOCK(imgp->vp);
877 		pe.pm_entryaddr = imgp->entry_addr;
880 		vn_lock(imgp->vp, LK_SHARED | LK_RETRY);
885 	(*p->p_sysent->sv_setregs)(td, imgp, stack_base);
887 	VOP_MMAPPED(imgp->vp);
897 	if (imgp->firstpage != NULL)
898 		exec_unmap_first_page(imgp);
900 	if (imgp->vp != NULL) {
903 		if (imgp->opened)
904 			VOP_CLOSE(imgp->vp, FREAD, td->td_ucred, td);
905 		if (imgp->textset)
906 			VOP_UNSET_TEXT_CHECKED(imgp->vp);
908 			vput(imgp->vp);
910 			VOP_UNLOCK(imgp->vp);
913 	if (imgp->object != NULL)
914 		vm_object_deallocate(imgp->object);
916 	free(imgp->freepath, M_TEMP);
935 	if (imgp->newcred != NULL && oldcred != NULL)
936 		crfree(imgp->newcred);
939 	mac_execve_exit(imgp);
959 	if (error && imgp->vmspace_destroyed) {
992 exec_map_first_page(struct image_params *imgp)
998 	if (imgp->firstpage != NULL)
999 		exec_unmap_first_page(imgp);
1001 	object = imgp->vp->v_object;
1017 	imgp->firstpage = sf_buf_alloc(m, 0);
1018 	imgp->image_header = (char *)sf_buf_kva(imgp->firstpage);
1024 exec_unmap_first_page(struct image_params *imgp)
1028 	if (imgp->firstpage != NULL) {
1029 		m = sf_buf_page(imgp->firstpage);
1030 		sf_buf_free(imgp->firstpage);
1031 		imgp->firstpage = NULL;
1042 exec_new_vmspace(struct image_params *imgp, struct sysentvec *sv)
1045 	struct proc *p = imgp->proc;
1055 	imgp->vmspace_destroyed = 1;
1056 	imgp->sysent = sv;
1062 		sv->sv_onexec(p, imgp);
1064 	EVENTHANDLER_DIRECT_INVOKE(process_exec, p, imgp);
1098 	map->flags |= imgp->map_flags;
1116 	if (imgp->stack_sz != 0) {
1117 		ssiz = trunc_page(imgp->stack_sz);
1132 	imgp->eff_stack_sz = lim_cur(curthread, RLIMIT_STACK);
1133 	if (ssiz < imgp->eff_stack_sz)
1134 		imgp->eff_stack_sz = ssiz;
1136 	stack_prot = obj != NULL && imgp->stack_prot != 0 ?
1137 	    imgp->stack_prot : sv->sv_stackprot;
1550 exec_stackgap(struct image_params *imgp, uintptr_t *dp)
1552 	if (imgp->sysent->sv_stackgap == NULL ||
1553 	    (imgp->proc->p_fctl0 & (NT_FREEBSD_FCTL_ASLR_DISABLE |
1555 	    (imgp->map_flags & MAP_ASLR) == 0)
1557 	imgp->sysent->sv_stackgap(imgp, dp);
1566 exec_copyout_strings(struct image_params *imgp, uintptr_t *stack_base)
1583 	if (imgp->execpath != NULL && imgp->auxargs != NULL)
1584 		execpath_len = strlen(imgp->execpath) + 1;
1587 	p = imgp->proc;
1590 	imgp->ps_strings = arginfo;
1615 		imgp->execpathp = (void *)destp;
1616 		error = copyout(imgp->execpath, imgp->execpathp, execpath_len);
1626 	imgp->canary = (void *)destp;
1627 	error = copyout(canary, imgp->canary, sizeof(canary));
1630 	imgp->canarylen = sizeof(canary);
1637 	imgp->pagesizes = (void *)destp;
1638 	error = copyout(pagesizes, imgp->pagesizes, szps);
1641 	imgp->pagesizeslen = szps;
1646 	destp -= ARG_MAX - imgp->args->stringspace;
1650 	exec_stackgap(imgp, &destp);
1652 	if (imgp->auxargs) {
1667 	vectp -= imgp->args->argc + 1 + imgp->args->envc + 1;
1674 	stringp = imgp->args->begin_argv;
1675 	argc = imgp->args->argc;
1676 	envc = imgp->args->envc;
1682 	    ARG_MAX - imgp->args->stringspace);
1689 	imgp->argv = vectp;
1709 	imgp->envv = vectp;
1729 	if (imgp->auxargs) {
1731 		error = imgp->sysent->sv_copyout_auxargs(imgp,
1742  *	Called with imgp->vp locked.
1746 exec_check_permissions(struct image_params *imgp)
1748 	struct vnode *vp = imgp->vp;
1749 	struct vattr *attr = imgp->attr;
1761 	error = mac_vnode_check_exec(td->td_ucred, imgp->vp, imgp);
1805 	imgp->textset = true;
1813 		imgp->opened = 1;

Indexes created Sun Jul 07 21:00:45 MDT 2024