aboutsummaryrefslogtreecommitdiff
path: root/sys/compat/svr4/imgact_svr4.c
diff options
context:
space:
mode:
authorKonstantin Belousov <kib@FreeBSD.org>2012-02-17 23:47:16 +0000
committerKonstantin Belousov <kib@FreeBSD.org>2012-02-17 23:47:16 +0000
commit3494f31ad2f19dd3cd47c609560a6a116b8e015d (patch)
tree8d01d9dbb96b87e94aed60c4fc7d2b35c530a0c8 /sys/compat/svr4/imgact_svr4.c
parent45cbfcdabc4ce68336116bacf93dcc6abbb76656 (diff)
downloadsrc-3494f31ad2f19dd3cd47c609560a6a116b8e015d.tar.gz
src-3494f31ad2f19dd3cd47c609560a6a116b8e015d.zip
Fix misuse of the kernel map in miscellaneous image activators.
Vnode-backed mappings cannot be put into the kernel map, since it is a system map. Use exec_map for transient mappings, and remove the mappings with kmem_free_wakeup() to notify the waiters on available map space. Do not map the whole executable into KVA at all to copy it out into usermode. Directly use vn_rdwr() for the case of not page aligned binary. There is one place left where the potentially unbounded amount of data is mapped into exec_map, namely, in the COFF image activator enumeration of the needed shared libraries. Reviewed by: alc MFC after: 2 weeks
Notes
Notes: svn path=/head/; revision=231885
Diffstat (limited to 'sys/compat/svr4/imgact_svr4.c')
-rw-r--r--sys/compat/svr4/imgact_svr4.c26
1 files changed, 10 insertions, 16 deletions
diff --git a/sys/compat/svr4/imgact_svr4.c b/sys/compat/svr4/imgact_svr4.c
index 9b19ec35e204..69e88900622a 100644
--- a/sys/compat/svr4/imgact_svr4.c
+++ b/sys/compat/svr4/imgact_svr4.c
@@ -66,8 +66,8 @@ exec_svr4_imgact(imgp)
struct vmspace *vmspace;
vm_offset_t vmaddr;
unsigned long virtual_offset, file_offset;
- vm_offset_t buffer;
unsigned long bss_size;
+ ssize_t aresid;
int error;
if (((a_out->a_magic >> 16) & 0xff) != 0x64)
@@ -145,21 +145,15 @@ exec_svr4_imgact(imgp)
if (error)
goto fail;
- error = vm_mmap(kernel_map, &buffer,
- round_page(a_out->a_text + a_out->a_data + file_offset),
- VM_PROT_READ, VM_PROT_READ, 0,
- OBJT_VNODE, imgp->vp, trunc_page(file_offset));
- if (error)
- goto fail;
-
- error = copyout((caddr_t)(buffer + file_offset), (caddr_t)vmaddr,
- a_out->a_text + a_out->a_data);
-
- vm_map_remove(kernel_map, buffer,
- buffer + round_page(a_out->a_text + a_out->a_data + file_offset));
-
- if (error)
- goto fail;
+ error = vn_rdwr(UIO_READ, imgp->vp, (void *)vmaddr, file_offset,
+ a_out->a_text + a_out->a_data, UIO_USERSPACE, 0,
+ curthread->td_ucred, NOCRED, &aresid, curthread);
+ if (error != 0)
+ goto fail;
+ if (aresid != 0) {
+ error = ENOEXEC;
+ goto fail;
+ }
/*
* remove write enable on the 'text' part