From abd1094f175810ed5ec686a897d27fae63d1ca87 Mon Sep 17 00:00:00 2001 From: kib Date: Fri, 17 Feb 2012 23:47:16 +0000 Subject: Fix misuse of the kernel map in miscellaneous image activators. Vnode-backed mappings cannot be put into the kernel map, since it is a system map. Use exec_map for transient mappings, and remove the mappings with kmem_free_wakeup() to notify the waiters on available map space. Do not map the whole executable into KVA at all to copy it out into usermode. Directly use vn_rdwr() for the case of not page aligned binary. There is one place left where the potentially unbounded amount of data is mapped into exec_map, namely, in the COFF image activator enumeration of the needed shared libraries. Reviewed by: alc MFC after: 2 weeks --- sys/compat/svr4/imgact_svr4.c | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) (limited to 'sys/compat/svr4') diff --git a/sys/compat/svr4/imgact_svr4.c b/sys/compat/svr4/imgact_svr4.c index 9b19ec3..69e8890 100644 --- a/sys/compat/svr4/imgact_svr4.c +++ b/sys/compat/svr4/imgact_svr4.c @@ -66,8 +66,8 @@ exec_svr4_imgact(imgp) struct vmspace *vmspace; vm_offset_t vmaddr; unsigned long virtual_offset, file_offset; - vm_offset_t buffer; unsigned long bss_size; + ssize_t aresid; int error; if (((a_out->a_magic >> 16) & 0xff) != 0x64) @@ -145,21 +145,15 @@ exec_svr4_imgact(imgp) if (error) goto fail; - error = vm_mmap(kernel_map, &buffer, - round_page(a_out->a_text + a_out->a_data + file_offset), - VM_PROT_READ, VM_PROT_READ, 0, - OBJT_VNODE, imgp->vp, trunc_page(file_offset)); - if (error) - goto fail; - - error = copyout((caddr_t)(buffer + file_offset), (caddr_t)vmaddr, - a_out->a_text + a_out->a_data); - - vm_map_remove(kernel_map, buffer, - buffer + round_page(a_out->a_text + a_out->a_data + file_offset)); - - if (error) - goto fail; + error = vn_rdwr(UIO_READ, imgp->vp, (void *)vmaddr, file_offset, + a_out->a_text + a_out->a_data, UIO_USERSPACE, 0, + curthread->td_ucred, NOCRED, &aresid, curthread); + if (error != 0) + goto fail; + if (aresid != 0) { + error = ENOEXEC; + goto fail; + } /* * remove write enable on the 'text' part -- cgit v1.1