| blob | cf49447bf1716d24912a2d60c32d9cbe3f9546ab |
1 /* This file handles the EXEC system call. It performs the work as follows:
2 * - see if the permissions allow the file to be executed
3 * - read the header and extract the sizes
4 * - fetch the initial args and environment from the user space
5 * - allocate the memory for the new process
6 * - copy the initial stack from PM to the process
7 * - read in the text and data segments and copy to the process
8 * - take care of setuid and setgid bits
9 * - fix up 'mproc' table
10 * - tell kernel about EXEC
11 * - save offset to initial argc (for ps)
12 *
13 * The entry points into this file are:
14 * pm_exec: perform the EXEC system call
15 */
18 #include <sys/stat.h>
19 #include <minix/callnr.h>
20 #include <minix/endpoint.h>
21 #include <minix/com.h>
22 #include <minix/u64.h>
23 #include <a.out.h>
24 #include <signal.h>
25 #include <stdlib.h>
26 #include <string.h>
27 #include <dirent.h>
28 #include <sys/param.h>
33 #include <minix/vfsif.h>
34 #include <machine/vmparam.h>
35 #include <assert.h>
36 #include <fcntl.h>
39 #include <libexec.h>
41 /* fields only used by elf and in VFS */
51 };
68 /* Array of loaders for different object file formats */
75 };
80 };
82 /*===========================================================================*
83 * lock_exec *
84 *===========================================================================*/
86 {
90 /* First try to get it right off the bat */
102 }
104 /*===========================================================================*
105 * unlock_exec *
106 *===========================================================================*/
108 {
111 }
113 /*===========================================================================*
114 * get_read_vp *
115 *===========================================================================*/
118 {
119 /* Make the executable that we want to exec() into the binary pointed
120 * to by 'fullpath.' This function fills in necessary details in the execi
121 * structure, such as opened vnode. It unlocks and releases the vnode if
122 * it was already there. This makes it easy to change the executable
123 * during the exec(), which is often necessary, by calling this function
124 * more than once. This is specifically necessary when we discover the
125 * executable is actually a script or a dynamically linked executable.
126 */
129 /* Caller wants to switch vp to the file in 'fullpath.'
130 * unlock and put it first if there is any there.
131 */
136 }
138 /* Remember/overwrite the executable name if requested. */
145 }
147 /* Open executable */
157 else
163 /* If caller wants us to, honour suid/guid mode bits. */
165 /* Deal with setuid/setgid executables */
169 }
173 }
174 }
176 /* Read in first chunk of file. */
181 }
183 #define FAILCHECK(expr) if((r=(expr)) != OK) { goto pm_execfinal; } while(0)
184 #define Get_read_vp(e,f,p,s,rs,fp) do { \
185 r=get_read_vp(&e,f,p,s,rs,fp); if(r != OK) { FAILCHECK(r); } \
186 } while(0)
188 /*===========================================================================*
189 * pm_exec *
190 *===========================================================================*/
194 {
195 /* Perform the execve(name, argv, envp) call. The user library builds a
196 * complete stack image, including pointers, args, environ, etc. The stack
197 * is copied to a buffer inside VFS, and then to the new core image.
198 */
200 vir_bytes vsp;
214 /* unset execi values are 0. */
217 /* passed from exec() libc code */
229 /* Fetch the stack from the user before destroying the old core image. */
238 }
240 /* The default is to keep the original user and group IDs */
244 /* Get the exec file name. */
248 /* Get_read_vp will return an opened vn in execi.
249 * if necessary it releases the existing vp so we can
250 * switch after we find out what's inside the file.
251 * It reads the start of the file.
252 */
255 /* If this is a script (i.e. has a #!/interpreter line),
256 * retrieve the name of the interpreter and open that
257 * executable instead.
258 */
260 /* patch_stack will add interpreter name and
261 * args to stack and retrieve the new binary
262 * name into fullpath.
263 */
268 }
270 /* If this is a dynamically linked executable, retrieve
271 * the name of that interpreter in elf_interpreter and open that
272 * executable instead. But open the current executable in an
273 * fd for the current process.
274 */
277 /* Switch the executable vnode to the interpreter */
280 /* The interpreter (loader) needs an fd to the main program,
281 * which is currently in finalexec
282 */
287 }
289 /* ld.so is linked at 0, but it can relocate itself; we
290 * want it higher to trap NULL pointer dereferences.
291 */
294 /* Remember it */
297 /* The executable we need to execute first (loader)
298 * is in elf_interpreter, and has to be in fullpath to
299 * be looked up
300 */
303 }
305 /* callback functions and data */
318 /* Loaded successfully, so no need to try other loaders */
320 }
324 /* Inform PM */
327 /* Save off PC */
330 /* call a stack-setup function if this executable type wants it */
334 /* Patch up stack and copy it from VFS to new core image. */
339 /* Return new stack pointer to caller */
345 /* If after loading the image we're still allowed to run with
346 * setuid or setgid, change credentials now */
349 }
351 /* Remember the new name of the process */
354 pm_execfinal:
358 }
361 }
365 {
378 /* exec() promises stack space. Now find it. */
381 /* find a terminating NULL entry twice: one for argv[], one for envp[]. */
388 }
390 mysp++;
391 }
393 /* Userland provides a fully filled stack frame, with argc, argv, envp
394 * and then all the argv and envp strings; consistent with ELF ABI, except
395 * for a list of Aux vectors that should be between envp points and the
396 * start of the strings.
397 *
398 * It would take some very unpleasant hackery to insert the aux vectors before
399 * the strings, and correct all the pointers, so the exec code in libc makes
400 * space for us first and indicates the fact it did this with this flag.
401 */
407 /* Create extrabytes more space */
416 }
418 /* Ok, what mysp points to now we can use for the aux vectors. */
420 #define AUXINFO(type, value) \
421 { assert((char *) a < (char *) mysp_end); a->a_type = type; a->a_v = value; a++; }
422 #if 0
425 #endif
431 /* This is where we add the AT_NULL */
434 /* Always terminate with AT_NULL */
437 /* Empty space starts here, if any. */
441 vir_bytes userp;
443 /* Make space for the real closing AT_NULL entry. */
446 /* Empty space starts here; we can put the name here. */
450 /* What will the address of the string for the user be */
453 /* Move back to where the AT_NULL is */
457 }
460 }
462 /*===========================================================================*
463 * is_script *
464 *===========================================================================*/
466 {
467 /* Is Interpreted script? */
472 }
474 /*===========================================================================*
475 * patch_stack *
476 *===========================================================================*/
482 {
483 /* Patch the argument vector to include the path name of the script to be
484 * interpreted, and all strings on the #! line. Returns the path name of
485 * the interpreter.
486 */
489 off_t pos;
491 u64_t new_pos;
495 /* Make 'path' the new argv[0]. */
500 /* Issue request */
514 /* Use the 'path' variable for temporary storage */
520 /* Move sp backwards through script[], prepending each string to stack. */
522 /* skip spaces behind argument. */
527 /* Move to the start of the argument. */
534 }
535 }
540 /* Round *stk_bytes up to the size of a pointer for alignment contraints. */
546 }
548 /*===========================================================================*
549 * insert_arg *
550 *===========================================================================*/
555 int replace
556 )
557 {
558 /* Patch the stack so that arg will become argv[0]. Be careful, the stack may
559 * be filled with garbage, although it normally looks like this:
560 * nargs argv[0] ... argv[nargs-1] NULL envp[0] ... NULL
561 * followed by the strings "pointed" to by the argv[i] and the envp[i]. The
562 * pointers are really offsets from the start of stack.
563 * Return true iff the operation succeeded.
564 */
569 /* Prepending arg adds at least one string and a zero byte. */
577 /* Move a1 to the end of argv[0][] (argv[1] if nargs > 1). */
585 }
587 /* stack will grow by offset bytes (or shrink by -offset bytes) */
590 /* Reposition the strings by offset bytes */
596 /* Make space for a new argv[0]. */
600 }
601 /* Now patch up argv[] and envp[] by offset. */
605 }
607 /*===========================================================================*
608 * read_seg *
609 *===========================================================================*/
611 {
612 /*
613 * The byte count on read is usually smaller than the segment count, because
614 * a segment is padded out to a click multiple, and the data segment is only
615 * partially initialized.
616 */
618 u64_t new_pos;
622 /* Make sure that the file is big enough */
631 }
637 }
640 /*===========================================================================*
641 * clo_exec *
642 *===========================================================================*/
644 {
645 /* Files can be marked with the FD_CLOEXEC bit (in fp->fp_cloexec).
646 */
649 /* Check the file desriptors one by one for presence of FD_CLOEXEC. */
653 }
655 /*===========================================================================*
656 * map_header *
657 *===========================================================================*/
659 {
661 u64_t new_pos;
663 off_t pos;
668 /* How much is sensible to read */
678 }
681 }