o Split out kernel part of execve(2) syscall into two parts: one that

  copies arguments into the kernel space and one that operates
  completely in the kernel space;

o use kernel-only version of execve(2) to kill another stackgap in
  linuxlator/i386.

Obtained from:  DragonFlyBSD (partially)
MFC after:      2 weeks

3 files changed, 21 insertions, 18 deletions

diff --git a/sys/i386/linux/imgact_linux.c b/sys/i386/linux/imgact_linux.c
index 093abfb8..50e40bf 100644
--- a/sys/i386/linux/imgact_linux.c
+++ b/sys/i386/linux/imgact_linux.c
@@ -116,11 +116,6 @@ exec_linux_imgact(struct image_params *imgp)
 
     VOP_UNLOCK(imgp->vp, 0, td);
 
-    /* copy in arguments and/or environment from old process */
-    error = exec_extract_strings(imgp);
-    if (error)
-	goto fail;
-
     /*
      * Destroy old process VM and create a new one (with a new stack)
      */
diff --git a/sys/i386/linux/linux_machdep.c b/sys/i386/linux/linux_machdep.c
index 2a825e8..77c49b1 100644
--- a/sys/i386/linux/linux_machdep.c
+++ b/sys/i386/linux/linux_machdep.c
@@ -31,7 +31,9 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 #include <sys/systm.h>
+#include <sys/imgact.h>
 #include <sys/lock.h>
+#include <sys/malloc.h>
 #include <sys/mman.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
@@ -104,21 +106,27 @@ bsd_to_linux_sigaltstack(int bsa)
 int
 linux_execve(struct thread *td, struct linux_execve_args *args)
 {
-	struct execve_args bsd;
-	caddr_t sg;
+	int error;
+	char *newpath;
+	struct image_args eargs;
 
-	sg = stackgap_init();
-	CHECKALTEXIST(td, &sg, args->path);
+	error = linux_emul_convpath(td, args->path, UIO_USERSPACE,
+	    &newpath, 0);
+	if (newpath == NULL)
+		return (error);
 
 #ifdef DEBUG
 	if (ldebug(execve))
-		printf(ARGS(execve, "%s"), args->path);
+		printf(ARGS(execve, "%s"), newpath);
 #endif
 
-	bsd.fname = args->path;
-	bsd.argv = args->argp;
-	bsd.envv = args->envp;
-	return (execve(td, &bsd));
+	error = exec_copyin_args(&eargs, newpath, UIO_SYSSPACE,
+	    args->argp, args->envp);
+	free(newpath, M_TEMP);
+	if (error == 0)
+		kern_execve(td, &eargs, NULL);
+	exec_free_args(&eargs);
+	return (error);
 }
 
 struct l_ipc_kludge {
diff --git a/sys/i386/linux/linux_sysvec.c b/sys/i386/linux/linux_sysvec.c
index 11f8981..8592701 100644
--- a/sys/i386/linux/linux_sysvec.c
+++ b/sys/i386/linux/linux_sysvec.c
@@ -216,13 +216,13 @@ linux_fixup(register_t **stack_base, struct image_params *imgp)
 	register_t *argv, *envp;
 
 	argv = *stack_base;
-	envp = *stack_base + (imgp->argc + 1);
+	envp = *stack_base + (imgp->args->argc + 1);
 	(*stack_base)--;
 	**stack_base = (intptr_t)(void *)envp;
 	(*stack_base)--;
 	**stack_base = (intptr_t)(void *)argv;
 	(*stack_base)--;
-	**stack_base = imgp->argc;
+	**stack_base = imgp->args->argc;
 	return 0;
 }
 
@@ -236,7 +236,7 @@ elf_linux_fixup(register_t **stack_base, struct image_params *imgp)
 	    (curthread->td_proc->p_flag & P_SA) == 0,
 	    ("unsafe elf_linux_fixup(), should be curproc"));
 	args = (Elf32_Auxargs *)imgp->auxargs;
-	pos = *stack_base + (imgp->argc + imgp->envc + 2);
+	pos = *stack_base + (imgp->args->argc + imgp->args->envc + 2);
 
 	if (args->trace)
 		AUXARGS_ENTRY(pos, AT_DEBUG, 1);
@@ -259,7 +259,7 @@ elf_linux_fixup(register_t **stack_base, struct image_params *imgp)
 	imgp->auxargs = NULL;
 
 	(*stack_base)--;
-	**stack_base = (register_t)imgp->argc;
+	**stack_base = (register_t)imgp->args->argc;
 	return 0;
 }