git: 0c10648fbb75 - main - exec: provide right hardlink name in AT_EXECPATH
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 28 Oct 2021 17:50:41 UTC
The branch main has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=0c10648fbb758bb76fd29330b7fe1bc519252325 commit 0c10648fbb758bb76fd29330b7fe1bc519252325 Author: Konstantin Belousov <kib@FreeBSD.org> AuthorDate: 2021-10-23 00:24:08 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2021-10-28 17:49:31 +0000 exec: provide right hardlink name in AT_EXECPATH For this, use vn_fullpath_hardlink() to resolve executable name for execve(2). This should provide the right hardlink name, used for execution, instead of random hardlink pointing to this binary. Also this should make the AT_EXECNAME reliable for execve(2), since kernel only needs to resolve parent directory path, which should always succeed (except pathological cases like unlinking a directory). PR: 248184 Reviewed by: markj Tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D32611 --- sys/kern/kern_exec.c | 38 ++++++++++++++++++++++++++++---------- 1 file changed, 28 insertions(+), 10 deletions(-) diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 5cc5a1205901..d61a9d5b0b1c 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -432,6 +432,7 @@ do_execve(struct thread *td, struct image_args *args, struct mac *mac_p, int error, i, orig_osrel; uint32_t orig_fctl0; Elf_Brandinfo *orig_brandinfo; + size_t freepath_size; static const char fexecv_proc_title[] = "(fexecv)"; imgp = &image_params; @@ -479,7 +480,8 @@ do_execve(struct thread *td, struct image_args *args, struct mac *mac_p, */ if (args->fname != NULL) { NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | LOCKSHARED | FOLLOW | - SAVENAME | AUDITVNODE1, UIO_SYSSPACE, args->fname, td); + SAVENAME | AUDITVNODE1 | WANTPARENT, + UIO_SYSSPACE, args->fname, td); } SDT_PROBE1(proc, , , exec, args->fname); @@ -625,9 +627,18 @@ interpret: /* * Do the best to calculate the full path to the image file. */ - if (args->fname != NULL && args->fname[0] == '/') - imgp->execpath = args->fname; - else { + if (args->fname != NULL) { + if (args->fname[0] == '/') { + imgp->execpath = args->fname; + } else { + VOP_UNLOCK(imgp->vp); + freepath_size = MAXPATHLEN; + if (vn_fullpath_hardlink(&nd, &imgp->execpath, + &imgp->freepath, &freepath_size) != 0) + imgp->execpath = args->fname; + vn_lock(imgp->vp, LK_SHARED | LK_RETRY); + } + } else { VOP_UNLOCK(imgp->vp); if (vn_fullpath(imgp->vp, &imgp->execpath, &imgp->freepath) != 0) @@ -680,8 +691,6 @@ interpret: VOP_UNSET_TEXT_CHECKED(newtextvp); imgp->textset = false; /* free name buffer and old vnode */ - if (args->fname != NULL) - NDFREE(&nd, NDF_ONLY_PNBUF); #ifdef MAC mac_execve_interpreter_enter(newtextvp, &interpvplabel); #endif @@ -690,6 +699,11 @@ interpret: imgp->opened = false; } vput(newtextvp); + if (args->fname != NULL) { + if (nd.ni_dvp != NULL) + vrele(nd.ni_dvp); + NDFREE(&nd, NDF_ONLY_PNBUF); + } vm_object_deallocate(imgp->object); imgp->object = NULL; execve_nosetid(imgp); @@ -697,9 +711,10 @@ interpret: free(imgp->freepath, M_TEMP); imgp->freepath = NULL; /* set new name to that of the interpreter */ - NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | LOCKSHARED | FOLLOW | - SAVENAME, UIO_SYSSPACE, imgp->interpreter_name, td); args->fname = imgp->interpreter_name; + NDINIT(&nd, LOOKUP, ISOPEN | LOCKLEAF | LOCKSHARED | FOLLOW | + SAVENAME | WANTPARENT, + UIO_SYSSPACE, imgp->interpreter_name, td); goto interpret; } @@ -930,8 +945,6 @@ exec_fail_dealloc: exec_unmap_first_page(imgp); if (imgp->vp != NULL) { - if (args->fname) - NDFREE(&nd, NDF_ONLY_PNBUF); if (imgp->opened) VOP_CLOSE(imgp->vp, FREAD, td->td_ucred, td); if (imgp->textset) @@ -940,6 +953,11 @@ exec_fail_dealloc: vput(imgp->vp); else VOP_UNLOCK(imgp->vp); + if (args->fname != NULL) { + if (nd.ni_dvp != NULL) + vrele(nd.ni_dvp); + NDFREE(&nd, NDF_ONLY_PNBUF); + } } if (imgp->object != NULL)