Print this page
7127 remove -Wno-missing-braces from Makefile.uts
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/exec/shbin/shbin.c
+++ new/usr/src/uts/common/exec/shbin/shbin.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 25 */
26 26
27 27 #include <sys/types.h>
28 28 #include <sys/param.h>
29 29 #include <sys/sysmacros.h>
30 30 #include <sys/signal.h>
31 31 #include <sys/cred.h>
32 32 #include <sys/user.h>
33 33 #include <sys/errno.h>
34 34 #include <sys/vnode.h>
35 35 #include <sys/proc.h>
36 36 #include <sys/cmn_err.h>
37 37 #include <sys/debug.h>
38 38 #include <sys/pathname.h>
39 39 #include <sys/disp.h>
40 40 #include <sys/exec.h>
41 41 #include <sys/kmem.h>
42 42 #include <sys/note.h>
43 43
44 44 /*
45 45 * This is the loadable module wrapper.
46 46 */
47 47 #include <sys/modctl.h>
48 48
49 49 /* Local prototypes */
50 50 static int
51 51 shbinexec(
52 52 struct vnode *vp,
53 53 struct execa *uap,
54 54 struct uarg *args,
55 55 struct intpdata *idatap,
56 56 int level,
57 57 long *execsz,
58 58 int setid,
59 59 caddr_t exec_file,
60 60 struct cred *cred,
61 61 int brand_action);
62 62
63 63 #define SHBIN_CNTL(x) ((x)&037)
64 64 #define SHBINMAGIC_LEN 4
65 65 extern char shbinmagicstr[];
66 66
67 67 /*
68 68 * Our list where we may find a copy of ksh93. The ordering is:
69 69 * 1. 64bit (may not be installed or not supported in hardware)
70 70 * 2. 32bit
71 71 * 3. Use /sbin/ksh93 when /usr is not available
72 72 *
73 73 * ([1] and [2] explicitly bypass /usr/bin/ksh93 to avoid the
74 74 * isaexec overhead).
75 75 */
76 76 static char *shell_list[] =
77 77 {
78 78 /* Bypass /usr/bin/ksh93 (which is "isaexec") for performance */
79 79 #if defined(__sparc)
80 80 "/usr/bin/sparcv9/ksh93",
81 81 "/usr/bin/sparcv7/ksh93",
82 82 #elif defined(__amd64)
83 83 "/usr/bin/amd64/ksh93",
84 84 "/usr/bin/i86/ksh93",
85 85 #elif defined(__i386)
86 86 "/usr/bin/i86/ksh93",
87 87 #else
88 88 #error "Unrecognized platform/CPU (use /usr/bin/ksh93 when in doubt)."
89 89 #endif
90 90 "/sbin/ksh93",
91 91 NULL
92 92 };
93 93
94 94 static struct execsw esw = {
95 95 shbinmagicstr,
96 96 0,
97 97 SHBINMAGIC_LEN,
98 98 shbinexec,
99 99 NULL
100 100 };
101 101
|
↓ open down ↓ |
101 lines elided |
↑ open up ↑ |
102 102 /*
103 103 * Module linkage information for the kernel.
104 104 */
105 105 extern struct mod_ops mod_execops;
106 106
107 107 static struct modlexec modlexec = {
108 108 &mod_execops, "exec mod for shell binaries (ksh93)", &esw
109 109 };
110 110
111 111 static struct modlinkage modlinkage = {
112 - MODREV_1, (void *)&modlexec, NULL
112 + MODREV_1, { (void *)&modlexec, NULL }
113 113 };
114 114
115 115 int
116 116 _init(void)
117 117 {
118 118 return (mod_install(&modlinkage));
119 119 }
120 120
121 121 int
122 122 _fini(void)
123 123 {
124 124 return (mod_remove(&modlinkage));
125 125 }
126 126
127 127 int
128 128 _info(struct modinfo *modinfop)
129 129 {
130 130 return (mod_info(&modlinkage, modinfop));
131 131 }
132 132
133 133 static int
134 134 checkshbinmagic(struct vnode *vp)
135 135 {
136 136 int error;
137 137 char linep[SHBINMAGIC_LEN];
138 138 ssize_t resid;
139 139
140 140 /*
141 141 * Read the entire line and confirm that it starts with the magic
142 142 * sequence for compiled ksh93 shell scripts.
143 143 */
144 144 if (error = vn_rdwr(UIO_READ, vp, linep, sizeof (linep), (offset_t)0,
145 145 UIO_SYSSPACE, 0, (rlim64_t)0, CRED(), &resid))
146 146 return (error);
147 147
148 148 if (memcmp(linep, shbinmagicstr, SHBINMAGIC_LEN) != 0)
149 149 return (ENOEXEC);
150 150
151 151 return (0);
152 152 }
153 153
154 154 static int
155 155 shbinexec(
156 156 struct vnode *vp,
157 157 struct execa *uap,
158 158 struct uarg *args,
159 159 struct intpdata *idatap,
160 160 int level,
161 161 long *execsz,
162 162 int setid,
163 163 caddr_t exec_file,
164 164 struct cred *cred,
165 165 int brand_action)
166 166 {
167 167 _NOTE(ARGUNUSED(brand_action))
168 168 vnode_t *nvp;
169 169 int error = 0;
170 170 struct intpdata idata;
171 171 struct pathname intppn;
172 172 struct pathname resolvepn;
173 173 char *opath;
174 174 char devfd[19]; /* 32-bit int fits in 10 digits + 8 for "/dev/fd/" */
175 175 int fd = -1;
176 176 int i;
177 177
178 178 if (level) { /* Can't recurse */
179 179 error = ENOEXEC;
180 180 goto bad;
181 181 }
182 182
183 183 ASSERT(idatap == (struct intpdata *)NULL);
184 184
185 185 /*
186 186 * Check whether the executable has the correct magic value.
187 187 */
188 188 if (error = checkshbinmagic(vp))
189 189 goto fail;
190 190
191 191 pn_alloc(&resolvepn);
192 192
193 193 /*
194 194 * Travel the list of shells and look for one which is available...
195 195 */
196 196 for (i = 0; shell_list[i] != NULL; i++) {
197 197 error = pn_get(shell_list[i], UIO_SYSSPACE, &intppn);
198 198 if (error != 0) {
199 199 break;
200 200 }
201 201
202 202 error = lookuppn(&intppn, &resolvepn, FOLLOW, NULLVPP, &nvp);
203 203 if (!error) {
204 204 /* Found match */
205 205 break;
206 206 }
207 207
208 208 /* No match found ? Then continue with the next item... */
209 209 pn_free(&intppn);
210 210 }
211 211
212 212 if (error) {
213 213 pn_free(&resolvepn);
214 214 goto fail;
215 215 }
216 216
217 217 /*
218 218 * Setup interpreter data
219 219 * "--" is passed to mark the end-of-arguments before adding
220 220 * the scripts file name, preventing problems when a
221 221 * a script's name starts with a '-' character.
222 222 */
223 223 idata.intp = NULL;
224 224 idata.intp_name[0] = shell_list[i];
225 225 idata.intp_arg[0] = "--";
226 226
227 227 opath = args->pathname;
228 228 args->pathname = resolvepn.pn_path;
229 229 /* don't free resolvepn until we are done with args */
230 230 pn_free(&intppn);
231 231
232 232 /*
233 233 * When we're executing a set-uid script resulting in uids
234 234 * mismatching or when we execute with additional privileges,
235 235 * we close the "replace script between exec and open by shell"
236 236 * hole by passing the script as /dev/fd parameter.
237 237 */
238 238 if ((setid & EXECSETID_PRIVS) != 0 ||
239 239 (setid & (EXECSETID_UGIDS|EXECSETID_SETID)) ==
240 240 (EXECSETID_UGIDS|EXECSETID_SETID)) {
241 241 (void) strcpy(devfd, "/dev/fd/");
242 242 if (error = execopen(&vp, &fd))
243 243 goto done;
244 244 numtos(fd, &devfd[8]);
245 245 args->fname = devfd;
246 246 }
247 247
248 248 error = gexec(&nvp, uap, args, &idata, ++level, execsz, exec_file, cred,
249 249 EBA_NONE);
250 250
251 251 if (!error) {
252 252 /*
253 253 * Close this script as the sh interpreter
254 254 * will open and close it later on.
255 255 */
256 256 (void) VOP_CLOSE(vp, FREAD, 1, (offset_t)0, cred, NULL);
257 257 }
258 258 done:
259 259 VN_RELE(nvp);
260 260 args->pathname = opath;
261 261 pn_free(&resolvepn);
262 262 fail:
263 263 if (error && fd != -1)
264 264 (void) execclose(fd);
265 265 bad:
266 266 return (error);
267 267 }
|
↓ open down ↓ |
145 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX