Changeset View
Changeset View
Standalone View
Standalone View
sys/kern/kern_exec.c
Show First 20 Lines • Show All 347 Lines • ▼ Show 20 Lines | kern_execve(struct thread *td, struct image_args *args, struct mac *mac_p, | ||||
AUDIT_ARG_ARGV(args->begin_argv, args->argc, | AUDIT_ARG_ARGV(args->begin_argv, args->argc, | ||||
exec_args_get_begin_envv(args) - args->begin_argv); | exec_args_get_begin_envv(args) - args->begin_argv); | ||||
AUDIT_ARG_ENVV(exec_args_get_begin_envv(args), args->envc, | AUDIT_ARG_ENVV(exec_args_get_begin_envv(args), args->envc, | ||||
args->endp - exec_args_get_begin_envv(args)); | args->endp - exec_args_get_begin_envv(args)); | ||||
return (do_execve(td, args, mac_p, oldvmspace)); | return (do_execve(td, args, mac_p, oldvmspace)); | ||||
} | } | ||||
static void | |||||
execve_nosetid(struct image_params *imgp) | |||||
{ | |||||
imgp->credential_setid = false; | |||||
if (imgp->newcred != NULL) { | |||||
crfree(imgp->newcred); | |||||
imgp->newcred = NULL; | |||||
} | |||||
} | |||||
/* | /* | ||||
* In-kernel implementation of execve(). All arguments are assumed to be | * In-kernel implementation of execve(). All arguments are assumed to be | ||||
* userspace pointers from the passed thread. | * userspace pointers from the passed thread. | ||||
*/ | */ | ||||
static int | static int | ||||
do_execve(struct thread *td, struct image_args *args, struct mac *mac_p, | do_execve(struct thread *td, struct image_args *args, struct mac *mac_p, | ||||
struct vmspace *oldvmspace) | struct vmspace *oldvmspace) | ||||
{ | { | ||||
▲ Show 20 Lines • Show All 270 Lines • ▼ Show 20 Lines | |||||
#endif | #endif | ||||
if (imgp->opened) { | if (imgp->opened) { | ||||
VOP_CLOSE(newtextvp, FREAD, td->td_ucred, td); | VOP_CLOSE(newtextvp, FREAD, td->td_ucred, td); | ||||
imgp->opened = 0; | imgp->opened = 0; | ||||
} | } | ||||
vput(newtextvp); | vput(newtextvp); | ||||
vm_object_deallocate(imgp->object); | vm_object_deallocate(imgp->object); | ||||
imgp->object = NULL; | imgp->object = NULL; | ||||
imgp->credential_setid = false; | execve_nosetid(imgp); | ||||
if (imgp->newcred != NULL) { | |||||
crfree(imgp->newcred); | |||||
imgp->newcred = NULL; | |||||
} | |||||
imgp->execpath = NULL; | imgp->execpath = NULL; | ||||
free(imgp->freepath, M_TEMP); | free(imgp->freepath, M_TEMP); | ||||
imgp->freepath = NULL; | imgp->freepath = NULL; | ||||
/* set new name to that of the interpreter */ | /* set new name to that of the interpreter */ | ||||
NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | LOCKSHARED | FOLLOW | | NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | LOCKSHARED | FOLLOW | | ||||
SAVENAME, UIO_SYSSPACE, imgp->interpreter_name, td); | SAVENAME, UIO_SYSSPACE, imgp->interpreter_name, td); | ||||
args->fname = imgp->interpreter_name; | args->fname = imgp->interpreter_name; | ||||
goto interpret; | goto interpret; | ||||
▲ Show 20 Lines • Show All 107 Lines • ▼ Show 20 Lines | #endif | ||||
if ((p->p_flag2 & P2_STKGAP_DISABLE_EXEC) == 0) | if ((p->p_flag2 & P2_STKGAP_DISABLE_EXEC) == 0) | ||||
p->p_flag2 &= ~P2_STKGAP_DISABLE; | p->p_flag2 &= ~P2_STKGAP_DISABLE; | ||||
if (p->p_flag & P_PPWAIT) { | if (p->p_flag & P_PPWAIT) { | ||||
p->p_flag &= ~(P_PPWAIT | P_PPTRACE); | p->p_flag &= ~(P_PPWAIT | P_PPTRACE); | ||||
cv_broadcast(&p->p_pwait); | cv_broadcast(&p->p_pwait); | ||||
/* STOPs are no longer ignored, arrange for AST */ | /* STOPs are no longer ignored, arrange for AST */ | ||||
signotify(td); | signotify(td); | ||||
} | } | ||||
if (imgp->sysent->sv_setid_allowed != NULL && | |||||
!(*imgp->sysent->sv_setid_allowed)(td, imgp)) | |||||
execve_nosetid(imgp); | |||||
/* | /* | ||||
* Implement image setuid/setgid installation. | * Implement image setuid/setgid installation. | ||||
*/ | */ | ||||
if (imgp->credential_setid) { | if (imgp->credential_setid) { | ||||
/* | /* | ||||
* Turn off syscall tracing for set-id programs, except for | * Turn off syscall tracing for set-id programs, except for | ||||
* root. Record any set-id flags first to make sure that | * root. Record any set-id flags first to make sure that | ||||
▲ Show 20 Lines • Show All 1,087 Lines • Show Last 20 Lines |