7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25 /*
26 * Copyright (c) 2013 by Delphix. All rights reserved.
27 */
28
29 #include <stdlib.h>
30 #include <libelf.h>
31 #include <libgen.h>
32 #include <string.h>
33 #include <strings.h>
34 #include <errno.h>
35 #include <sys/sysmacros.h>
36
37 #include "libproc.h"
38 #include "Pcontrol.h"
39
40 /*ARGSUSED*/
41 static ssize_t
42 Pread_idle(struct ps_prochandle *P, void *buf, size_t n, uintptr_t addr,
43 void *data)
44 {
45 size_t resid = n;
46
47 while (resid > 0) {
48 map_info_t *mp;
49 uintptr_t mapoff;
50 ssize_t len;
51 off64_t off;
52
53 if ((mp = Paddr2mptr(P, addr)) == NULL)
54 break;
55
56 mapoff = addr - mp->map_pmap.pr_vaddr;
57 len = MIN(resid, mp->map_pmap.pr_size - mapoff);
58 off = mp->map_offset + mapoff;
59
60 if ((len = pread64(P->asfd, buf, len, off)) <= 0)
61 break;
62
63 resid -= len;
64 addr += len;
65 buf = (char *)buf + len;
66 }
67
68 return (n - resid);
69 }
70
71 /*ARGSUSED*/
72 static ssize_t
73 Pwrite_idle(struct ps_prochandle *P, const void *buf, size_t n, uintptr_t addr,
74 void *data)
75 {
76 errno = EIO;
77 return (-1);
78 }
79
80 /*ARGSUSED*/
81 static int
82 Ppriv_idle(struct ps_prochandle *P, prpriv_t **pprv, void *data)
83 {
84 prpriv_t *pp;
85
86 pp = proc_get_priv(P->pid);
87 if (pp == NULL) {
88 return (-1);
89 }
90
91 *pprv = pp;
92 return (0);
93 }
94
95 /* Default operations for the idl ops vector. */
96 static void *
97 Pidle_voidp()
98 {
99 errno = ENODATA;
100 return (NULL);
101 }
102
103 static int
104 Pidle_int()
105 {
106 errno = ENODATA;
107 return (-1);
108 }
109
110 static const ps_ops_t P_idle_ops = {
111 .pop_pread = Pread_idle,
112 .pop_pwrite = Pwrite_idle,
113 .pop_cred = (pop_cred_t)Pidle_int,
114 .pop_priv = Ppriv_idle,
115 .pop_secflags = (pop_secflags_t)Pidle_int,
116 .pop_psinfo = (pop_psinfo_t)Pidle_voidp,
117 .pop_platform = (pop_platform_t)Pidle_voidp,
118 .pop_uname = (pop_uname_t)Pidle_int,
119 .pop_zonename = (pop_zonename_t)Pidle_voidp,
120 #if defined(__i386) || defined(__amd64)
121 .pop_ldt = (pop_ldt_t)Pidle_int
122 #endif
123 };
124
125 static int
126 idle_add_mapping(struct ps_prochandle *P, GElf_Phdr *php, file_info_t *fp)
127 {
128 prmap_t pmap;
129
130 dprintf("mapping base %llx filesz %llu memsz %llu offset %llu\n",
131 (u_longlong_t)php->p_vaddr, (u_longlong_t)php->p_filesz,
132 (u_longlong_t)php->p_memsz, (u_longlong_t)php->p_offset);
133
134 pmap.pr_vaddr = (uintptr_t)php->p_vaddr;
135 pmap.pr_size = php->p_filesz;
136 (void) strncpy(pmap.pr_mapname, fp->file_pname,
137 sizeof (pmap.pr_mapname));
138 pmap.pr_offset = php->p_offset;
139
140 pmap.pr_mflags = 0;
141 if (php->p_flags & PF_R)
142 pmap.pr_mflags |= MA_READ;
143 if (php->p_flags & PF_W)
144 pmap.pr_mflags |= MA_WRITE;
145 if (php->p_flags & PF_X)
146 pmap.pr_mflags |= MA_EXEC;
147
148 pmap.pr_pagesize = 0;
149 pmap.pr_shmid = -1;
150
151 return (Padd_mapping(P, php->p_offset, fp, &pmap));
152 }
153
154 struct ps_prochandle *
155 Pgrab_file(const char *fname, int *perr)
156 {
157 struct ps_prochandle *P = NULL;
158 char buf[PATH_MAX];
159 GElf_Ehdr ehdr;
160 Elf *elf = NULL;
161 size_t phnum;
162 file_info_t *fp = NULL;
163 int fd;
164 int i;
165
166 if ((fd = open64(fname, O_RDONLY)) < 0) {
167 dprintf("couldn't open file");
168 *perr = (errno == ENOENT) ? G_NOEXEC : G_STRANGE;
169 return (NULL);
170 }
171
172 if (elf_version(EV_CURRENT) == EV_NONE) {
173 dprintf("libproc ELF version is more recent than libelf");
174 *perr = G_ELF;
175 goto err;
176 }
177
178 if ((P = calloc(1, sizeof (struct ps_prochandle))) == NULL) {
179 *perr = G_STRANGE;
180 goto err;
181 }
182
183 (void) mutex_init(&P->proc_lock, USYNC_THREAD, NULL);
184 P->state = PS_IDLE;
185 P->pid = (pid_t)-1;
186 P->asfd = fd;
187 P->ctlfd = -1;
188 P->statfd = -1;
189 P->agentctlfd = -1;
190 P->agentstatfd = -1;
191 P->info_valid = -1;
192 Pinit_ops(&P->ops, &P_idle_ops);
193 Pinitsym(P);
194
195 if ((elf = elf_begin(fd, ELF_C_READ, NULL)) == NULL) {
196 *perr = G_ELF;
197 return (NULL);
198 }
199
200 /*
201 * Construct a file_info_t that corresponds to this file.
202 */
203 if ((fp = calloc(1, sizeof (file_info_t))) == NULL) {
204 *perr = G_STRANGE;
205 goto err;
206 }
207
208 if ((fp->file_lo = calloc(1, sizeof (rd_loadobj_t))) == NULL) {
209 *perr = G_STRANGE;
210 goto err;
211 }
212
213 if (*fname == '/') {
214 (void) strncpy(fp->file_pname, fname, sizeof (fp->file_pname));
215 } else {
216 size_t sz;
217
218 if (getcwd(fp->file_pname, sizeof (fp->file_pname) - 1) ==
219 NULL) {
220 *perr = G_STRANGE;
221 goto err;
222 }
223
224 sz = strlen(fp->file_pname);
225 (void) snprintf(&fp->file_pname[sz],
226 sizeof (fp->file_pname) - sz, "/%s", fname);
227 }
228
229 fp->file_fd = fd;
230 fp->file_lo->rl_lmident = LM_ID_BASE;
231 if ((fp->file_lname = strdup(fp->file_pname)) == NULL) {
232 *perr = G_STRANGE;
233 goto err;
234 }
235 fp->file_lbase = basename(fp->file_lname);
236
237 if ((P->execname = strdup(fp->file_pname)) == NULL) {
238 *perr = G_STRANGE;
239 goto err;
240 }
241
242 P->num_files++;
243 list_link(fp, &P->file_head);
244
245 if (gelf_getehdr(elf, &ehdr) == NULL) {
246 *perr = G_STRANGE;
247 goto err;
248 }
249
250 if (elf_getphdrnum(elf, &phnum) == -1) {
251 *perr = G_STRANGE;
252 goto err;
253 }
254
255 dprintf("Pgrab_file: program header count = %lu\n", (ulong_t)phnum);
256
257 /*
258 * Sift through the program headers making the relevant maps.
259 */
260 for (i = 0; i < phnum; i++) {
261 GElf_Phdr phdr, *php;
262
263 if ((php = gelf_getphdr(elf, i, &phdr)) == NULL) {
264 *perr = G_STRANGE;
265 goto err;
266 }
267
268 if (php->p_type != PT_LOAD)
269 continue;
270
271 if (idle_add_mapping(P, php, fp) != 0) {
272 *perr = G_STRANGE;
273 goto err;
274 }
275 }
276 Psort_mappings(P);
277
278 (void) elf_end(elf);
279
280 P->map_exec = fp->file_map;
281
282 P->status.pr_flags = PR_STOPPED;
283 P->status.pr_nlwp = 0;
284 P->status.pr_pid = (pid_t)-1;
285 P->status.pr_ppid = (pid_t)-1;
286 P->status.pr_pgid = (pid_t)-1;
287 P->status.pr_sid = (pid_t)-1;
288 P->status.pr_taskid = (taskid_t)-1;
289 P->status.pr_projid = (projid_t)-1;
290 P->status.pr_zoneid = (zoneid_t)-1;
291 switch (ehdr.e_ident[EI_CLASS]) {
292 case ELFCLASS32:
293 P->status.pr_dmodel = PR_MODEL_ILP32;
294 break;
295 case ELFCLASS64:
296 P->status.pr_dmodel = PR_MODEL_LP64;
297 break;
298 default:
299 *perr = G_FORMAT;
300 goto err;
301 }
302
303 /*
304 * Pfindobj() checks what zone a process is associated with, so
305 * we call it after initializing pr_zoneid to -1. This ensures
306 * we don't get associated with any zone on the system.
307 */
308 if (Pfindobj(P, fp->file_lname, buf, sizeof (buf)) != NULL) {
309 free(P->execname);
310 P->execname = strdup(buf);
311 if ((fp->file_rname = strdup(buf)) != NULL)
312 fp->file_rbase = basename(fp->file_rname);
313 }
314
315 /*
316 * The file and map lists are complete, and will never need to be
317 * adjusted.
318 */
319 P->info_valid = 1;
320
321 return (P);
322 err:
323 (void) close(fd);
324 if (P != NULL)
325 Pfree(P);
326 if (elf != NULL)
327 (void) elf_end(elf);
328 return (NULL);
329 }
--- EOF ---