From 4fc656028601c789cff990c31467dfbad11e4241 Mon Sep 17 00:00:00 2001 From: dchagin Date: Tue, 17 Jun 2014 05:21:48 +0000 Subject: Revert MFC r266925 because it can lead to instant panic at fexecve(): To allow to run interpreter itself add a new ELF branding type. Pointed out by: kib, mjg --- sys/amd64/linux32/linux32_sysvec.c | 4 ++-- sys/i386/linux/linux_sysvec.c | 4 ++-- sys/kern/imgact_elf.c | 29 ----------------------------- sys/sys/imgact_elf.h | 1 - 4 files changed, 4 insertions(+), 34 deletions(-) diff --git a/sys/amd64/linux32/linux32_sysvec.c b/sys/amd64/linux32/linux32_sysvec.c index 9b5c555..c06ce11 100644 --- a/sys/amd64/linux32/linux32_sysvec.c +++ b/sys/amd64/linux32/linux32_sysvec.c @@ -1083,7 +1083,7 @@ static Elf32_Brandinfo linux_brand = { .sysvec = &elf_linux_sysvec, .interp_newpath = NULL, .brand_note = &linux32_brandnote, - .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE | BI_CAN_EXEC_INTERP + .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE }; static Elf32_Brandinfo linux_glibc2brand = { @@ -1095,7 +1095,7 @@ static Elf32_Brandinfo linux_glibc2brand = { .sysvec = &elf_linux_sysvec, .interp_newpath = NULL, .brand_note = &linux32_brandnote, - .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE | BI_CAN_EXEC_INTERP + .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE }; Elf32_Brandinfo *linux_brandlist[] = { diff --git a/sys/i386/linux/linux_sysvec.c b/sys/i386/linux/linux_sysvec.c index 60df6a2..0ad6791 100644 --- a/sys/i386/linux/linux_sysvec.c +++ b/sys/i386/linux/linux_sysvec.c @@ -1058,7 +1058,7 @@ static Elf32_Brandinfo linux_brand = { .sysvec = &elf_linux_sysvec, .interp_newpath = NULL, .brand_note = &linux_brandnote, - .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE | BI_CAN_EXEC_INTERP + .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE }; static Elf32_Brandinfo linux_glibc2brand = { @@ -1070,7 +1070,7 @@ static Elf32_Brandinfo linux_glibc2brand = { .sysvec = &elf_linux_sysvec, .interp_newpath = NULL, .brand_note = &linux_brandnote, - .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE | BI_CAN_EXEC_INTERP + .flags = BI_CAN_EXEC_DYN | BI_BRAND_NOTE }; Elf32_Brandinfo *linux_brandlist[] = { diff --git a/sys/kern/imgact_elf.c b/sys/kern/imgact_elf.c index a9659a1..8783670 100644 --- a/sys/kern/imgact_elf.c +++ b/sys/kern/imgact_elf.c @@ -261,8 +261,6 @@ __elfN(get_brandinfo)(struct image_params *imgp, const char *interp, { const Elf_Ehdr *hdr = (const Elf_Ehdr *)imgp->image_header; Elf_Brandinfo *bi; - const char *fname_name, *interp_brand_name; - int fname_len, interp_len; boolean_t ret; int i; @@ -313,33 +311,6 @@ __elfN(get_brandinfo)(struct image_params *imgp, const char *interp, } } - /* Some ABI allows to run the interpreter itself. */ - for (i = 0; i < MAX_BRANDS; i++) { - bi = elf_brand_list[i]; - if (bi == NULL || bi->flags & BI_BRAND_NOTE_MANDATORY) - continue; - if (hdr->e_machine != bi->machine || - (bi->flags & BI_CAN_EXEC_INTERP) == 0) - continue; - /* - * Compare the interpreter name not the path to allow run it - * from everywhere. - */ - interp_brand_name = strrchr(bi->interp_path, '/'); - if (interp_brand_name == NULL) - interp_brand_name = bi->interp_path; - interp_len = strlen(interp_brand_name); - fname_name = strrchr(imgp->args->fname, '/'); - if (fname_name == NULL) - fname_name = imgp->args->fname; - fname_len = strlen(fname_name); - if (fname_len < interp_len) - continue; - ret = strncmp(fname_name, interp_brand_name, interp_len); - if (ret == 0) - return (bi); - } - /* Lacking a recognized interpreter, try the default brand */ for (i = 0; i < MAX_BRANDS; i++) { bi = elf_brand_list[i]; diff --git a/sys/sys/imgact_elf.h b/sys/sys/imgact_elf.h index 3b34854..faef5f8 100644 --- a/sys/sys/imgact_elf.h +++ b/sys/sys/imgact_elf.h @@ -77,7 +77,6 @@ typedef struct { #define BI_CAN_EXEC_DYN 0x0001 #define BI_BRAND_NOTE 0x0002 /* May have note.ABI-tag section. */ #define BI_BRAND_NOTE_MANDATORY 0x0004 /* Must have note.ABI-tag section. */ -#define BI_CAN_EXEC_INTERP 0x0008 /* Allow to run interpreter itself. */ } __ElfN(Brandinfo); __ElfType(Auxargs); -- cgit v1.1