diff options
Diffstat (limited to 'usr/src')
| -rw-r--r-- | usr/src/uts/common/brand/lx/os/lx_brand.c | 8 | ||||
| -rw-r--r-- | usr/src/uts/common/brand/sn1/sn1_brand.c | 4 | ||||
| -rw-r--r-- | usr/src/uts/common/brand/sngl/sngl_brand.c | 4 | ||||
| -rw-r--r-- | usr/src/uts/common/brand/solaris10/s10_brand.c | 4 | ||||
| -rw-r--r-- | usr/src/uts/common/exec/aout/aout.c | 5 | ||||
| -rw-r--r-- | usr/src/uts/common/exec/elf/elf.c | 14 | ||||
| -rw-r--r-- | usr/src/uts/common/exec/intp/intp.c | 8 | ||||
| -rw-r--r-- | usr/src/uts/common/exec/java/java.c | 3 | ||||
| -rw-r--r-- | usr/src/uts/common/exec/shbin/shbin.c | 5 | ||||
| -rw-r--r-- | usr/src/uts/common/os/brand.c | 2 | ||||
| -rw-r--r-- | usr/src/uts/common/os/exec.c | 4 | ||||
| -rw-r--r-- | usr/src/uts/common/sys/brand.h | 4 | ||||
| -rw-r--r-- | usr/src/uts/common/sys/exec.h | 10 |
13 files changed, 40 insertions, 35 deletions
diff --git a/usr/src/uts/common/brand/lx/os/lx_brand.c b/usr/src/uts/common/brand/lx/os/lx_brand.c index 1f00eb1d99..27e0630771 100644 --- a/usr/src/uts/common/brand/lx/os/lx_brand.c +++ b/usr/src/uts/common/brand/lx/os/lx_brand.c @@ -212,7 +212,7 @@ uint64_t lx_maxstack64 = LX_MAXSTACK64; static int lx_elfexec(struct vnode *vp, struct execa *uap, struct uarg *args, struct intpdata *idata, int level, long *execsz, int setid, - caddr_t exec_file, struct cred *cred, int brand_action); + caddr_t exec_file, struct cred *cred, int *brand_action); static boolean_t lx_native_exec(uint8_t, const char **); static uint32_t lx_map32limit(proc_t *); @@ -1351,10 +1351,10 @@ restoreexecenv(struct execenv *ep, stack_t *sp) } extern int elfexec(vnode_t *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); extern int elf32exec(struct vnode *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); /* * Exec routine called by elfexec() to load either 32-bit or 64-bit Linux @@ -1363,7 +1363,7 @@ extern int elf32exec(struct vnode *, execa_t *, uarg_t *, intpdata_t *, int, static int lx_elfexec(struct vnode *vp, struct execa *uap, struct uarg *args, struct intpdata *idata, int level, long *execsz, int setid, - caddr_t exec_file, struct cred *cred, int brand_action) + caddr_t exec_file, struct cred *cred, int *brand_action) { int error; vnode_t *nvp; diff --git a/usr/src/uts/common/brand/sn1/sn1_brand.c b/usr/src/uts/common/brand/sn1/sn1_brand.c index e4f0217da8..ff11c58ae5 100644 --- a/usr/src/uts/common/brand/sn1/sn1_brand.c +++ b/usr/src/uts/common/brand/sn1/sn1_brand.c @@ -58,7 +58,7 @@ void sn1_forklwp(klwp_t *, klwp_t *); void sn1_freelwp(klwp_t *); void sn1_lwpexit(klwp_t *); int sn1_elfexec(vnode_t *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); /* sn1 brand */ struct brand_ops sn1_brops = { @@ -249,7 +249,7 @@ sn1_init_brand_data(zone_t *zone) int sn1_elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file, cred_t *cred, - int brand_action) + int *brand_action) { return (brand_solaris_elfexec(vp, uap, args, idatap, level, execsz, setid, exec_file, cred, brand_action, &sn1_brand, SN1_BRANDNAME, diff --git a/usr/src/uts/common/brand/sngl/sngl_brand.c b/usr/src/uts/common/brand/sngl/sngl_brand.c index 19ce925076..9a1d76d157 100644 --- a/usr/src/uts/common/brand/sngl/sngl_brand.c +++ b/usr/src/uts/common/brand/sngl/sngl_brand.c @@ -59,7 +59,7 @@ void sngl_forklwp(klwp_t *, klwp_t *); void sngl_freelwp(klwp_t *); void sngl_lwpexit(klwp_t *); int sngl_elfexec(vnode_t *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); /* SNGL brand */ struct brand_ops sngl_brops = { @@ -233,7 +233,7 @@ sngl_init_brand_data(zone_t *zone) int sngl_elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file, cred_t *cred, - int brand_action) + int *brand_action) { return (brand_solaris_elfexec(vp, uap, args, idatap, level, execsz, setid, exec_file, cred, brand_action, &sngl_brand, SNGL_BRANDNAME, diff --git a/usr/src/uts/common/brand/solaris10/s10_brand.c b/usr/src/uts/common/brand/solaris10/s10_brand.c index ae086566b7..1239dcc323 100644 --- a/usr/src/uts/common/brand/solaris10/s10_brand.c +++ b/usr/src/uts/common/brand/solaris10/s10_brand.c @@ -61,7 +61,7 @@ void s10_forklwp(klwp_t *, klwp_t *); void s10_freelwp(klwp_t *); void s10_lwpexit(klwp_t *); int s10_elfexec(vnode_t *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); void s10_sigset_native_to_s10(sigset_t *); void s10_sigset_s10_to_native(sigset_t *); @@ -418,7 +418,7 @@ s10_init_brand_data(zone_t *zone) int s10_elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file, cred_t *cred, - int brand_action) + int *brand_action) { return (brand_solaris_elfexec(vp, uap, args, idatap, level, execsz, setid, exec_file, cred, brand_action, &s10_brand, S10_BRANDNAME, diff --git a/usr/src/uts/common/exec/aout/aout.c b/usr/src/uts/common/exec/aout/aout.c index fc45bd9544..5dbb2ed28c 100644 --- a/usr/src/uts/common/exec/aout/aout.c +++ b/usr/src/uts/common/exec/aout/aout.c @@ -22,6 +22,7 @@ * Copyright 2008 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. * Copyright (c) 2011 Bayard G. Bell. All rights reserved. + * Copyright 2015, Joyent, Inc. */ #include <sys/types.h> @@ -54,7 +55,7 @@ static int aoutexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, - caddr_t exec_file, cred_t *cred, int brand_action); + caddr_t exec_file, cred_t *cred, int *brand_action); static int get_aout_head(struct vnode **vpp, struct exdata *edp, long *execsz, int *isdyn); static int aoutcore(vnode_t *vp, proc_t *pp, cred_t *credp, @@ -130,7 +131,7 @@ _info(struct modinfo *modinfop) static int aoutexec(vnode_t *vp, struct execa *uap, struct uarg *args, struct intpdata *idatap, int level, long *execsz, int setid, - caddr_t exec_file, cred_t *cred, int brand_action) + caddr_t exec_file, cred_t *cred, int *brand_action) { auxv32_t auxflags_auxv32; int error; diff --git a/usr/src/uts/common/exec/elf/elf.c b/usr/src/uts/common/exec/elf/elf.c index 92dd5347da..d5a79a1410 100644 --- a/usr/src/uts/common/exec/elf/elf.c +++ b/usr/src/uts/common/exec/elf/elf.c @@ -287,7 +287,7 @@ mapexec_brand(vnode_t *vp, uarg_t *args, Ehdr *ehdr, Addr *uphdr_vaddr, int elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file, cred_t *cred, - int brand_action) + int *brand_action) { caddr_t phdrbase = NULL; caddr_t bssbase = 0; @@ -405,11 +405,11 @@ elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, * be branded and be subject to all of the normal actions of the brand. */ if ((level < 2) && - (brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { + (*brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { if (BROP(p)->b_native_exec(ehdrp->e_ident[EI_OSABI], &args->brand_nroot) == B_TRUE) { ASSERT(ehdrp->e_ident[EI_OSABI]); - brand_action = EBA_NATIVE; + *brand_action = EBA_NATIVE; /* Add one for the trailing '/' in the path */ if (args->brand_nroot != NULL) nsize = strlen(args->brand_nroot) + 1; @@ -417,7 +417,7 @@ elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, } if ((level < 2) && - (brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { + (*brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { error = BROP(p)->b_elfexec(vp, uap, args, idatap, level + 1, execsz, setid, exec_file, cred, brand_action); @@ -544,7 +544,7 @@ elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, args->auxsize += sizeof (aux_entry_t); } - if ((brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { + if ((*brand_action != EBA_NATIVE) && (PROC_IS_BRANDED(p))) { branded = 1; /* * We will be adding 5 entries to the aux vectors. One for @@ -842,7 +842,7 @@ elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, * malicious user within the zone from crafting a wrapper to * run native suid commands with unsecure libraries interposed. */ - if ((brand_action == EBA_NATIVE) && (PROC_IS_BRANDED(p) && + if ((*brand_action == EBA_NATIVE) && (PROC_IS_BRANDED(p) && (setid &= ~EXECSETID_SETID) != 0)) auxf &= ~AF_SUN_SETUGID; @@ -2333,7 +2333,7 @@ static struct modlexec modlexec = { extern int elf32exec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file, cred_t *cred, - int brand_action); + int *brand_action); extern int elf32core(vnode_t *vp, proc_t *p, cred_t *credp, rlim64_t rlimit, int sig, core_content_t content); diff --git a/usr/src/uts/common/exec/intp/intp.c b/usr/src/uts/common/exec/intp/intp.c index 998c0f1f8e..316f4c07e0 100644 --- a/usr/src/uts/common/exec/intp/intp.c +++ b/usr/src/uts/common/exec/intp/intp.c @@ -22,6 +22,7 @@ * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. * Copyright 2012 Milan Jurik. All rights reserved. + * Copyright 2015, Joyent, Inc. */ /* Copyright (c) 1988 AT&T */ @@ -53,7 +54,7 @@ #include <sys/modctl.h> extern int intpexec(struct vnode *, struct execa *, struct uarg *, - struct intpdata *, int, long *, int, caddr_t, struct cred *, int); + struct intpdata *, int, long *, int, caddr_t, struct cred *, int *); static struct execsw esw = { intpmagicstr, @@ -169,7 +170,7 @@ intpexec( int setid, caddr_t exec_file, struct cred *cred, - int brand_action) + int *brand_action) { _NOTE(ARGUNUSED(brand_action)) vnode_t *nvp; @@ -180,6 +181,7 @@ intpexec( char *opath; char devfd[19]; /* 32-bit int fits in 10 digits + 8 for "/dev/fd/" */ int fd = -1; + int custom_action = EBA_NONE; if (level) { /* Can't recurse */ error = ENOEXEC; @@ -228,7 +230,7 @@ intpexec( } error = gexec(&nvp, uap, args, &idata, ++level, execsz, exec_file, cred, - EBA_NONE); + &custom_action); if (!error) { /* diff --git a/usr/src/uts/common/exec/java/java.c b/usr/src/uts/common/exec/java/java.c index 7cf9126e8d..4ce223a682 100644 --- a/usr/src/uts/common/exec/java/java.c +++ b/usr/src/uts/common/exec/java/java.c @@ -21,6 +21,7 @@ /* * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * Copyright 2015, Joyent, Inc. */ /* @@ -85,7 +86,7 @@ char *jexec_arg = "-jar"; static int javaexec(vnode_t *vp, struct execa *uap, struct uarg *args, struct intpdata *idatap, int level, long *execsz, int setid, - caddr_t execfile, cred_t *cred, int brand_action) + caddr_t execfile, cred_t *cred, int *brand_action) { struct intpdata idata; int error; diff --git a/usr/src/uts/common/exec/shbin/shbin.c b/usr/src/uts/common/exec/shbin/shbin.c index a6cf129d9d..a431264103 100644 --- a/usr/src/uts/common/exec/shbin/shbin.c +++ b/usr/src/uts/common/exec/shbin/shbin.c @@ -22,6 +22,7 @@ /* * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * Copyright 2015, Joyent, Inc. */ #include <sys/types.h> @@ -58,7 +59,7 @@ shbinexec( int setid, caddr_t exec_file, struct cred *cred, - int brand_action); + int *brand_action); #define SHBIN_CNTL(x) ((x)&037) #define SHBINMAGIC_LEN 4 @@ -162,7 +163,7 @@ shbinexec( int setid, caddr_t exec_file, struct cred *cred, - int brand_action) + int *brand_action) { _NOTE(ARGUNUSED(brand_action)) vnode_t *nvp; diff --git a/usr/src/uts/common/os/brand.c b/usr/src/uts/common/os/brand.c index 82108b806b..61aa562f73 100644 --- a/usr/src/uts/common/os/brand.c +++ b/usr/src/uts/common/os/brand.c @@ -616,7 +616,7 @@ restoreexecenv(struct execenv *ep, stack_t *sp) int brand_solaris_elfexec(vnode_t *vp, execa_t *uap, uarg_t *args, intpdata_t *idatap, int level, long *execsz, int setid, caddr_t exec_file, - cred_t *cred, int brand_action, struct brand *pbrand, char *bname, + cred_t *cred, int *brand_action, struct brand *pbrand, char *bname, char *brandlib, char *brandlib32) { diff --git a/usr/src/uts/common/os/exec.c b/usr/src/uts/common/os/exec.c index 75374430d6..4b6c79997e 100644 --- a/usr/src/uts/common/os/exec.c +++ b/usr/src/uts/common/os/exec.c @@ -317,7 +317,7 @@ exec_common(const char *fname, const char **argp, const char **envp, } if ((error = gexec(&vp, &ua, &args, NULL, 0, &execsz, - exec_file, p->p_cred, brand_action)) != 0) { + exec_file, p->p_cred, &brand_action)) != 0) { if (brandme) { BROP(p)->b_freelwp(lwp); brand_clearbrand(p); @@ -565,7 +565,7 @@ gexec( long *execsz, caddr_t exec_file, struct cred *cred, - int brand_action) + int *brand_action) { struct vnode *vp, *execvp = NULL; proc_t *pp = ttoproc(curthread); diff --git a/usr/src/uts/common/sys/brand.h b/usr/src/uts/common/sys/brand.h index a83adeb870..f94c93d748 100644 --- a/usr/src/uts/common/sys/brand.h +++ b/usr/src/uts/common/sys/brand.h @@ -165,7 +165,7 @@ struct brand_ops { int (*b_elfexec)(struct vnode *vp, struct execa *uap, struct uarg *args, struct intpdata *idata, int level, long *execsz, int setid, caddr_t exec_file, - struct cred *cred, int brand_action); + struct cred *cred, int *brand_action); void (*b_sigset_native_to_brand)(sigset_t *); void (*b_sigset_brand_to_native)(sigset_t *); void (*b_psig_to_proc)(proc_t *, kthread_t *, int); @@ -244,7 +244,7 @@ extern int brand_solaris_cmd(int, uintptr_t, uintptr_t, uintptr_t, extern void brand_solaris_copy_procdata(proc_t *, proc_t *, struct brand *); extern int brand_solaris_elfexec(vnode_t *, execa_t *, uarg_t *, - intpdata_t *, int, long *, int, caddr_t, cred_t *, int, + intpdata_t *, int, long *, int, caddr_t, cred_t *, int *, struct brand *, char *, char *, char *); extern void brand_solaris_exec(struct brand *); extern int brand_solaris_fini(char **, struct modlinkage *, diff --git a/usr/src/uts/common/sys/exec.h b/usr/src/uts/common/sys/exec.h index 50786aca30..de01910b5a 100644 --- a/usr/src/uts/common/sys/exec.h +++ b/usr/src/uts/common/sys/exec.h @@ -27,7 +27,7 @@ /* All Rights Reserved */ /* - * Copyright (c) 2014, Joyent, Inc. All rights reserved. + * Copyright 2015, Joyent, Inc. */ #ifndef _SYS_EXEC_H @@ -180,7 +180,7 @@ struct execsw { int (*exec_func)(struct vnode *vp, struct execa *uap, struct uarg *args, struct intpdata *idata, int level, long *execsz, int setid, caddr_t exec_file, - struct cred *cred, int brand_action); + struct cred *cred, int *brand_action); int (*exec_core)(struct vnode *vp, struct proc *p, struct cred *cred, rlim64_t rlimit, int sig, core_content_t content); @@ -218,7 +218,7 @@ extern int exec_common(const char *fname, const char **argp, const char **envp, int brand_action); extern int gexec(vnode_t **vp, struct execa *uap, struct uarg *args, struct intpdata *idata, int level, long *execsz, caddr_t exec_file, - struct cred *cred, int brand_action); + struct cred *cred, int *brand_action); extern struct execsw *allocate_execsw(char *name, char *magic, size_t magic_size); extern struct execsw *findexecsw(char *magic); @@ -243,7 +243,7 @@ extern void exec_set_sp(size_t); * when compiling the 32-bit compatability elf code in the elfexec module. */ extern int elfexec(vnode_t *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); extern int mapexec_brand(vnode_t *, uarg_t *, Ehdr *, Addr *, intptr_t *, caddr_t, char **, caddr_t *, caddr_t *, size_t *, uintptr_t *, uintptr_t *); @@ -251,7 +251,7 @@ extern int mapexec_brand(vnode_t *, uarg_t *, Ehdr *, Addr *, #if defined(_LP64) extern int elf32exec(vnode_t *, execa_t *, uarg_t *, intpdata_t *, int, - long *, int, caddr_t, cred_t *, int); + long *, int, caddr_t, cred_t *, int *); extern int mapexec32_brand(vnode_t *, uarg_t *, Elf32_Ehdr *, Elf32_Addr *, intptr_t *, caddr_t, char **, caddr_t *, caddr_t *, size_t *, uintptr_t *, uintptr_t *); |