author | susans |
Thu, 26 Oct 2006 16:44:53 -0700 | |
changeset 2991 | 4b13d6c49c6b |
parent 2712 | f74a135872bc |
child 4440 | 566ce8b5e131 |
permissions | -rw-r--r-- |
0 | 1 |
/* |
2 |
* CDDL HEADER START |
|
3 |
* |
|
4 |
* The contents of this file are subject to the terms of the |
|
1335
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
5 |
* Common Development and Distribution License (the "License"). |
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
6 |
* You may not use this file except in compliance with the License. |
0 | 7 |
* |
8 |
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
9 |
* or http://www.opensolaris.org/os/licensing. |
|
10 |
* See the License for the specific language governing permissions |
|
11 |
* and limitations under the License. |
|
12 |
* |
|
13 |
* When distributing Covered Code, include this CDDL HEADER in each |
|
14 |
* file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
15 |
* If applicable, add the following below this CDDL HEADER, with the |
|
16 |
* fields enclosed by brackets "[]" replaced with your own identifying |
|
17 |
* information: Portions Copyright [yyyy] [name of copyright owner] |
|
18 |
* |
|
19 |
* CDDL HEADER END |
|
20 |
*/ |
|
21 |
/* |
|
1335
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
22 |
* Copyright 2006 Sun Microsystems, Inc. All rights reserved. |
0 | 23 |
* Use is subject to license terms. |
24 |
*/ |
|
25 |
||
26 |
/* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */ |
|
27 |
/* All Rights Reserved */ |
|
28 |
||
29 |
||
30 |
#ifndef _SYS_EXEC_H |
|
31 |
#define _SYS_EXEC_H |
|
32 |
||
33 |
#pragma ident "%Z%%M% %I% %E% SMI" |
|
34 |
||
35 |
#include <sys/systm.h> |
|
36 |
#include <vm/seg.h> |
|
37 |
#include <vm/seg_vn.h> |
|
38 |
#include <sys/model.h> |
|
39 |
#include <sys/uio.h> |
|
40 |
#include <sys/corectl.h> |
|
41 |
||
42 |
#ifdef __cplusplus |
|
43 |
extern "C" { |
|
44 |
#endif |
|
45 |
||
46 |
/* |
|
47 |
* Number of bytes to read for magic string |
|
48 |
*/ |
|
49 |
#define MAGIC_BYTES 8 |
|
50 |
||
51 |
#define getexmag(x) (((x)[0] << 8) + (x)[1]) |
|
52 |
||
53 |
typedef struct execa { |
|
54 |
const char *fname; |
|
55 |
const char **argp; |
|
56 |
const char **envp; |
|
57 |
} execa_t; |
|
58 |
||
59 |
typedef struct execenv { |
|
60 |
caddr_t ex_bssbase; |
|
61 |
caddr_t ex_brkbase; |
|
62 |
size_t ex_brksize; |
|
63 |
vnode_t *ex_vp; |
|
64 |
short ex_magic; |
|
65 |
} execenv_t; |
|
66 |
||
67 |
#ifdef _KERNEL |
|
68 |
||
69 |
#define LOADABLE_EXEC(e) ((e)->exec_lock) |
|
70 |
#define LOADED_EXEC(e) ((e)->exec_func) |
|
71 |
||
72 |
extern int nexectype; /* number of elements in execsw */ |
|
73 |
extern struct execsw execsw[]; |
|
74 |
extern kmutex_t execsw_lock; |
|
75 |
||
76 |
/* |
|
77 |
* User argument structure for passing exec information around between the |
|
78 |
* common and machine-dependent portions of exec and the exec modules. |
|
79 |
*/ |
|
80 |
typedef struct uarg { |
|
81 |
ssize_t na; |
|
82 |
ssize_t ne; |
|
83 |
ssize_t nc; |
|
84 |
ssize_t arglen; |
|
85 |
char *fname; |
|
86 |
char *pathname; |
|
87 |
ssize_t auxsize; |
|
88 |
caddr_t stackend; |
|
89 |
size_t stk_align; |
|
90 |
size_t stk_size; |
|
91 |
char *stk_base; |
|
92 |
char *stk_strp; |
|
93 |
int *stk_offp; |
|
94 |
size_t usrstack_size; |
|
95 |
uint_t stk_prot; |
|
96 |
uint_t dat_prot; |
|
97 |
int traceinval; |
|
98 |
model_t to_model; |
|
99 |
model_t from_model; |
|
100 |
size_t to_ptrsize; |
|
101 |
size_t from_ptrsize; |
|
102 |
size_t ncargs; |
|
103 |
struct execsw *execswp; |
|
104 |
uintptr_t entry; |
|
105 |
uintptr_t thrptr; |
|
2712
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
106 |
char *emulator; |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
107 |
char *brandname; |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
108 |
auxv32_t *brand_auxp; /* starting user addr of brand auxvs on stack */ |
0 | 109 |
} uarg_t; |
110 |
||
111 |
/* |
|
2712
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
112 |
* Possible brand actions for exec. |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
113 |
*/ |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
114 |
#define EBA_NONE 0 |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
115 |
#define EBA_NATIVE 1 |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
116 |
#define EBA_BRAND 2 |
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
117 |
|
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
118 |
/* |
0 | 119 |
* The following macro is a machine dependent encapsulation of |
120 |
* postfix processing to hide the stack direction from elf.c |
|
121 |
* thereby making the elf.c code machine independent. |
|
122 |
*/ |
|
123 |
#define execpoststack(ARGS, ARRAYADDR, BYTESIZE) \ |
|
124 |
(copyout((caddr_t)(ARRAYADDR), (ARGS)->stackend, (BYTESIZE)) ? EFAULT \ |
|
125 |
: (((ARGS)->stackend += (BYTESIZE)), 0)) |
|
126 |
||
127 |
/* |
|
128 |
* This provides the current user stack address for an object of size BYTESIZE. |
|
129 |
* Used to determine the stack address just before applying execpoststack(). |
|
130 |
*/ |
|
131 |
#define stackaddress(ARGS, BYTESIZE) ((ARGS)->stackend) |
|
132 |
||
133 |
/* |
|
134 |
* Macro to add attribute/values the aux vector under construction. |
|
135 |
*/ |
|
136 |
/* BEGIN CSTYLED */ |
|
137 |
#if ((_LONG_ALIGNMENT == (2 * _INT_ALIGNMENT)) || \ |
|
138 |
(_POINTER_ALIGNMENT == (2 * _INT_ALIGNMENT))) |
|
139 |
/* END CSTYLED */ |
|
140 |
/* |
|
141 |
* This convoluted stuff is necessitated by the fact that there is |
|
142 |
* potential padding in the aux vector, but not necessarily and |
|
143 |
* without clearing the padding there is a small, but potential |
|
144 |
* security hole. |
|
145 |
*/ |
|
146 |
#define ADDAUX(p, a, v) { \ |
|
147 |
(&(p)->a_type)[1] = 0; \ |
|
148 |
(p)->a_type = (a); \ |
|
149 |
(p)->a_un.a_val = (v); \ |
|
150 |
++(p); \ |
|
151 |
} |
|
152 |
#else |
|
153 |
#define ADDAUX(p, a, v) { \ |
|
154 |
(p)->a_type = (a); \ |
|
155 |
((p)++)->a_un.a_val = (v); \ |
|
156 |
} |
|
157 |
#endif |
|
158 |
||
159 |
#define INTPSZ MAXPATHLEN |
|
160 |
typedef struct intpdata { |
|
161 |
char *intp; |
|
162 |
char *intp_name; |
|
163 |
char *intp_arg; |
|
164 |
} intpdata_t; |
|
165 |
||
1335
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
166 |
#define EXECSETID_SETID 0x1 /* setid exec */ |
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
167 |
#define EXECSETID_UGIDS 0x2 /* [ug]ids mismatch */ |
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
168 |
#define EXECSETID_PRIVS 0x4 /* more privs than before */ |
99d6f0945b8f
6361644 Differences in SUID scripts between S9 and S10
casper
parents:
0
diff
changeset
|
169 |
|
0 | 170 |
struct execsw { |
171 |
char *exec_magic; |
|
172 |
int exec_magoff; |
|
173 |
int exec_maglen; |
|
174 |
int (*exec_func)(struct vnode *vp, struct execa *uap, |
|
175 |
struct uarg *args, struct intpdata *idata, int level, |
|
176 |
long *execsz, int setid, caddr_t exec_file, |
|
2712
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
177 |
struct cred *cred, int brand_action); |
0 | 178 |
int (*exec_core)(struct vnode *vp, struct proc *p, |
179 |
struct cred *cred, rlim64_t rlimit, int sig, |
|
180 |
core_content_t content); |
|
181 |
krwlock_t *exec_lock; |
|
182 |
}; |
|
183 |
||
184 |
extern short elfmagic; |
|
185 |
extern short intpmagic; |
|
186 |
extern short javamagic; |
|
187 |
#if defined(__sparc) |
|
188 |
extern short aout_zmagic; |
|
189 |
extern short aout_nmagic; |
|
190 |
extern short aout_omagic; |
|
191 |
#endif |
|
192 |
extern short nomagic; |
|
193 |
||
194 |
extern char elf32magicstr[]; |
|
195 |
extern char elf64magicstr[]; |
|
196 |
extern char intpmagicstr[]; |
|
197 |
extern char javamagicstr[]; |
|
198 |
#if defined(__sparc) |
|
199 |
extern char aout_nmagicstr[]; |
|
200 |
extern char aout_zmagicstr[]; |
|
201 |
extern char aout_omagicstr[]; |
|
202 |
#endif |
|
203 |
extern char nomagicstr[]; |
|
204 |
||
205 |
extern int exec_args(execa_t *, uarg_t *, intpdata_t *, void **); |
|
206 |
extern int exec(const char *fname, const char **argp); |
|
207 |
extern int exece(const char *fname, const char **argp, const char **envp); |
|
208 |
extern int exec_common(const char *fname, const char **argp, |
|
2712
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
209 |
const char **envp, int brand_action); |
0 | 210 |
extern int gexec(vnode_t **vp, struct execa *uap, struct uarg *args, |
211 |
struct intpdata *idata, int level, long *execsz, caddr_t exec_file, |
|
2712
f74a135872bc
PSARC/2005/471 BrandZ: Support for non-native zones
nn35248
parents:
1335
diff
changeset
|
212 |
struct cred *cred, int brand_action); |
0 | 213 |
extern struct execsw *allocate_execsw(char *name, char *magic, |
214 |
size_t magic_size); |
|
215 |
extern struct execsw *findexecsw(char *magic); |
|
216 |
extern struct execsw *findexec_by_hdr(char *header); |
|
217 |
extern struct execsw *findexec_by_magic(char *magic); |
|
218 |
extern int execpermissions(struct vnode *vp, struct vattr *vattrp, |
|
219 |
struct uarg *args); |
|
220 |
extern int execmap(vnode_t *vp, caddr_t addr, size_t len, size_t zfodlen, |
|
221 |
off_t offset, int prot, int page, uint_t); |
|
222 |
extern void setexecenv(struct execenv *ep); |
|
223 |
extern int execopen(struct vnode **vpp, int *fdp); |
|
224 |
extern int execclose(int fd); |
|
225 |
extern void setregs(uarg_t *); |
|
226 |
extern void exec_set_sp(size_t); |
|
227 |
||
228 |
/* |
|
229 |
* Utility functions for exec module core routines: |
|
230 |
*/ |
|
231 |
extern int core_seg(proc_t *, vnode_t *, offset_t, caddr_t, |
|
232 |
size_t, rlim64_t, cred_t *); |
|
233 |
||
234 |
extern int core_write(vnode_t *, enum uio_seg, offset_t, |
|
235 |
const void *, size_t, rlim64_t, cred_t *); |
|
236 |
||
237 |
/* a.out stuff */ |
|
238 |
||
239 |
struct exec; |
|
240 |
||
241 |
extern caddr_t gettmem(struct exec *exp); |
|
242 |
extern caddr_t getdmem(struct exec *exp); |
|
243 |
extern ulong_t getdfile(struct exec *exp); |
|
244 |
extern uint_t gettfile(struct exec *exp); |
|
245 |
extern int chkaout(struct exdata *exp); |
|
246 |
extern void getexinfo(struct exdata *edp_in, struct exdata *edp_out, |
|
247 |
int *pagetext, int *pagedata); |
|
248 |
||
249 |
#endif /* _KERNEL */ |
|
250 |
||
251 |
#ifdef __cplusplus |
|
252 |
} |
|
253 |
#endif |
|
254 |
||
255 |
#endif /* _SYS_EXEC_H */ |