[ksh93-integration-discuss] Toy/prototype patch top add "shcomp" + "shbinexec" kernel module...
Roland Mainz
roland.mainz at nrubsig.org
Tue Sep 5 20:33:57 PDT 2006
Hi!
----
Attached is a small "toy" patch
("ksh93_integration_shcomp_patch001.diff.txt") which adds "shcomp" (the
shell script compiler) to the current ksh93-integration prototype002 and
adds a matching kernel module ("shbinexec") which recognises the
compiled shell script code and launches them using ksh93 on demand...
Note that the patch is currently incomplete and more or less untested
and needs more work:
- The kernel module doesn't work (it gets loaded but refuses to start
any scripts, I have to dig around why this happens)
- SPARC support for the kernel module is missing
- IMO there should be some code-cleanup - the "javaexec", "intpexec" and
"shbinexec" modules could share most of their code (this would also
provide a fix for the problem that executable JAR files cannot be run
setuid/setgid (I filed
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6319768 long
ago for that issue))
- Either the "shbinexec" module needs to be moved to /usr/kernel/exec/
(which means that compiled shell scripts will not work at boot time when
/usr isn't mounted yet) or it must use /sbin/ksh93 instead of
/usr/bin/ksh93 (however that collides)
- IMO the magic identifers for all the Solaris exec kernel modules
should live in a header, including identifer and identifier length.
Currently this information is shattered over multiple files with
numberic length values... ;-(
Comments/suggestions/ideas/rants welcome... :-)
----
Bye,
Roland
P.S: Note: This is just a prototype patch and will NOT be included in
the initial putback of ksh93...
--
__ . . __
(o.\ \/ /.o) roland.mainz at nrubsig.org
\__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer
/O /==\ O\ TEL +49 641 7950090
(;O/ \/ \O;)
-------------- next part --------------
Index: src/pkgdefs/SUNWcsu/prototype_com
===================================================================
--- src/pkgdefs/SUNWcsu/prototype_com (revision 426)
+++ src/pkgdefs/SUNWcsu/prototype_com (working copy)
@@ -249,6 +249,7 @@
f none usr/bin/settime 555 root bin
l none usr/bin/setuname=../../usr/lib/isaexec
s none usr/bin/sh=../../sbin/sh
+f none usr/bin/shcomp 555 root bin
f none usr/bin/sleep 555 root bin
l none usr/bin/sparc=../../usr/bin/i286
f none usr/bin/strchg 555 root root
Index: src/pkgdefs/SUNWckr/prototype_i386
===================================================================
--- src/pkgdefs/SUNWckr/prototype_i386 (revision 426)
+++ src/pkgdefs/SUNWckr/prototype_i386 (working copy)
@@ -126,6 +126,7 @@
f none kernel/drv/wc 755 root sys
f none kernel/exec/elfexec 755 root sys
f none kernel/exec/intpexec 755 root sys
+f none kernel/exec/shbinexec 755 root sys
f none kernel/fs/autofs 755 root sys
f none kernel/fs/cachefs 755 root sys
f none kernel/fs/ctfs 755 root sys
@@ -294,6 +295,7 @@
d none kernel/exec/amd64 755 root sys
f none kernel/exec/amd64/elfexec 755 root sys
f none kernel/exec/amd64/intpexec 755 root sys
+f none kernel/exec/amd64/shbinexec 755 root sys
d none kernel/fs/amd64 755 root sys
f none kernel/fs/amd64/autofs 755 root sys
f none kernel/fs/amd64/cachefs 755 root sys
Index: src/cmd/shcomp/Makefile
===================================================================
--- src/cmd/shcomp/Makefile (revision 0)
+++ src/cmd/shcomp/Makefile (revision 0)
@@ -0,0 +1,93 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+
+#
+# Copyright 2006 Sun Microsystems, Inc. All rights reserved.
+# Use is subject to license terms.
+#
+# ident "@(#)Makefile 1.1 2006/04/25 SMI"
+#
+# cmd/shcomp/Makefile
+#
+
+SHELL=/bin/ksh
+
+include ../Makefile.cmd
+
+PROG= shcomp
+
+COBJS= \
+ sh/shcomp.o
+
+LIBSHELLSRC=../../lib/libshell/common
+
+SRCS= $(COBJS:%.o=$(LIBSHELLSRC)/%.c)
+
+GROUP= bin
+LDLIBS += -lshell -last
+
+# We use "=" here since using $(CPPFLAGS.master) is very tricky in our
+# case - it MUST come as the last element but future changes in -D options
+# may then cause silent breakage in the AST sources because the last -D
+# option specified overrides previous -D options so we prefer the current
+# way to expliclity list each single flag.
+CPPFLAGS = \
+ $(DTEXTDOM) $(DTS_ERRNO) \
+ -I$(ROOT)/usr/include/ast \
+ -I$(LIBSHELLSRC)/include \
+ '-DSH_DICT="libshell"' \
+ -DSHOPT_KIA \
+ -D_PACKAGE_ast \
+ -DSHOPT_DYNAMIC \
+ '-DUSAGE_LICENSE="[-author?David Korn <dgk at research.att.com>][-copyright?Copyright (c) 1982-2006 AT&T Knowledge Ventures][-license?http://www.opensource.org/licenses/cpl1.0.txt][--catalog?libshell]"'
+
+CFLAGS += \
+ $(CCVERBOSE) \
+ -xstrconst
+
+# Override this top level flag so the compiler builds in its native
+# C99 mode. This has been enabled to support the math stuff in ksh93.
+C99MODE= $(C99_ENABLE) -D_XOPEN_SOURCE=600 -D__EXTENSIONS__=1
+
+# silence common libast&co. warnings (upstream will handle this later) ...
+# ... about |#pragma prototyped| ...
+CERRWARN += -erroff=E_UNRECOGNIZED_PRAGMA_IGNORED
+
+.KEEP_STATE:
+
+%.o: $(LIBSHELLSRC)/%.c
+ mkdir -p "$$(dirname "$@")"
+ $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+
+all: $(PROG)
+
+$(PROG): $(COBJS)
+ $(LINK.c) -o $@ $(COBJS) $(LDLIBS)
+ $(POST_PROCESS)
+
+install: all $(ROOTPROG)
+
+clean:
+ $(RM) $(COBJS)
+
+lint: lint_PROG
+
+include ../Makefile.targ
Index: src/lib/libshell/mapfile-vers
===================================================================
--- src/lib/libshell/mapfile-vers (revision 426)
+++ src/lib/libshell/mapfile-vers (working copy)
@@ -83,6 +83,7 @@
sh_bltin_tree;
sh_close;
sh_trap;
+ sh_tdump;
sh_onoption;
sh_subfork;
sh_fun;
@@ -90,6 +91,7 @@
sh_offoption;
sh_main;
sh_reinit;
+ nv_name;
local:
*;
};
Index: src/uts/common/conf/param.c
===================================================================
--- src/uts/common/conf/param.c (revision 426)
+++ src/uts/common/conf/param.c (working copy)
@@ -313,9 +313,15 @@
#define AOUT_ZMAGIC_STRING "\x1""\x0b" /* 0413 */
#define NOMAGIC_STRING ""
+#define SHBIN_CNTL(x) ((x)&037)
+#define SHBIN_VERSION 3
+#define SHBINMAGIC_STRING { SHBIN_CNTL('k'),SHBIN_CNTL('s'),SHBIN_CNTL('h'),0,SHBIN_VERSION,0 }
+#define SHBINMAGIC_LEN 5
+
char elf32magicstr[] = ELF32MAGIC_STRING;
char elf64magicstr[] = ELF64MAGIC_STRING;
char intpmagicstr[] = INTPMAGIC_STRING;
+char shbinmagicstr[] = SHBINMAGIC_STRING;
char javamagicstr[] = JAVAMAGIC_STRING;
#if defined(__sparc)
char aout_nmagicstr[] = AOUT_NMAGIC_STRING;
@@ -330,6 +336,7 @@
"elfexec", /* Elf64 */
#endif
"intpexec",
+ "shbinexec",
"javaexec",
#if defined(__sparc)
"aoutexec",
@@ -347,6 +354,7 @@
{ elf64magicstr, 0, 5, NULL, NULL, NULL },
#endif
{ intpmagicstr, 0, 2, NULL, NULL, NULL },
+ { shbinmagicstr, 0, SHBINMAGIC_LEN, NULL, NULL, NULL },
{ javamagicstr, 0, 4, NULL, NULL, NULL },
#if defined(__sparc)
{ aout_zmagicstr, 2, 2, NULL, NULL, NULL },
Index: src/uts/common/Makefile.files
===================================================================
--- src/uts/common/Makefile.files (revision 426)
+++ src/uts/common/Makefile.files (working copy)
@@ -733,6 +733,8 @@
INTPEXEC_OBJS +=intp.o
+SHBINEXEC_OBJS +=shbin.o
+
JAVAEXEC_OBJS +=java.o
#
Index: src/uts/common/exec/shbin/shbin.c
===================================================================
--- src/uts/common/exec/shbin/shbin.c (revision 0)
+++ src/uts/common/exec/shbin/shbin.c (revision 0)
@@ -0,0 +1,214 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License, Version 1.0 only
+ * (the "License"). You may not use this file except in compliance
+ * with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
+ * Use is subject to license terms.
+ */
+
+
+#pragma ident "@(#)shbin.c 1.29 06/01/26 SMI" /* from S5R4 1.6 */
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/sysmacros.h>
+#include <sys/signal.h>
+#include <sys/cred.h>
+#include <sys/user.h>
+#include <sys/errno.h>
+#include <sys/vnode.h>
+#include <sys/proc.h>
+#include <sys/cmn_err.h>
+#include <sys/debug.h>
+#include <sys/pathname.h>
+#include <sys/disp.h>
+#include <sys/exec.h>
+#include <sys/kmem.h>
+
+/*
+ * This is the loadable module wrapper.
+ */
+#include <sys/modctl.h>
+
+int
+shbinexec(
+ struct vnode *vp,
+ struct execa *uap,
+ struct uarg *args,
+ struct intpdata *idatap,
+ int level,
+ long *execsz,
+ int setid,
+ caddr_t exec_file,
+ struct cred *cred);
+
+#define SHBIN_CNTL(x) ((x)&037)
+#define SHBIN_VERSION 3
+#define SHBINMAGIC_STRING { SHBIN_CNTL('k'),SHBIN_CNTL('s'),SHBIN_CNTL('h'),0,SHBIN_VERSION,0 }
+#define SHBINMAGIC_LEN 5
+extern char shbinmagicstr[];
+
+static struct execsw esw = {
+ shbinmagicstr,
+ 0,
+ SHBINMAGIC_LEN,
+ shbinexec,
+ NULL
+};
+
+/*
+ * Module linkage information for the kernel.
+ */
+extern struct mod_ops mod_execops;
+
+static struct modlexec modlexec = {
+ &mod_execops, "exec mod for shell binaries (ksh93)", &esw
+};
+
+static struct modlinkage modlinkage = {
+ MODREV_1, (void *)&modlexec, NULL
+};
+
+int
+_init()
+{
+ return (mod_install(&modlinkage));
+}
+
+int
+_fini()
+{
+ return (mod_remove(&modlinkage));
+}
+
+int
+_info(struct modinfo *modinfop)
+{
+ return (mod_info(&modlinkage, modinfop));
+}
+
+
+/*
+ * Crack open a '#!' line.
+ */
+static int
+getshbinhead(struct vnode *vp, struct intpdata *idatap)
+{
+ int error;
+ char *cp, *linep = idatap->intp;
+ ssize_t resid;
+
+ /*
+ * Read the entire line and confirm that it starts with '#!'.
+ */
+ if (error = vn_rdwr(UIO_READ, vp, linep, INTPSZ, (offset_t)0,
+ UIO_SYSSPACE, 0, (rlim64_t)0, CRED(), &resid))
+ return (error);
+
+ if (!memcmp(linep, shbinmagicstr, SHBINMAGIC_LEN))
+ return (ENOEXEC);
+
+ idatap->intp_name = "/home/test001/ksh93/ksh93_20060724/build/arch/sol11.i386/bin/ksh";
+ idatap->intp_arg = NULL;
+
+ return (0);
+}
+
+int
+shbinexec(
+ struct vnode *vp,
+ struct execa *uap,
+ struct uarg *args,
+ struct intpdata *idatap,
+ int level,
+ long *execsz,
+ int setid,
+ caddr_t exec_file,
+ struct cred *cred)
+{
+ vnode_t *nvp;
+ int error = 0;
+ struct intpdata idata;
+ struct pathname intppn;
+ struct pathname resolvepn;
+ char *opath;
+ char devfd[14];
+ int fd = -1;
+
+ if (level) { /* Can't recurse */
+ error = ENOEXEC;
+ goto bad;
+ }
+
+ ASSERT(idatap == (struct intpdata *)NULL);
+
+ /*
+ * Allocate a buffer to read in the interpreter pathname.
+ */
+ idata.intp = kmem_alloc(INTPSZ, KM_SLEEP);
+ if (error = getshbinhead(vp, &idata))
+ goto fail;
+
+ /*
+ * Look the new vnode up.
+ */
+ if (error = pn_get(idata.intp_name, UIO_SYSSPACE, &intppn))
+ goto fail;
+ pn_alloc(&resolvepn);
+ if (error = lookuppn(&intppn, &resolvepn, FOLLOW, NULLVPP, &nvp)) {
+ pn_free(&resolvepn);
+ pn_free(&intppn);
+ goto fail;
+ }
+ opath = args->pathname;
+ args->pathname = resolvepn.pn_path;
+ /* don't free resolvepn until we are done with args */
+ pn_free(&intppn);
+
+ /*
+ * When we're executing a set-uid script resulting in uids
+ * mismatching or when we execute with additional privileges,
+ * we close the "replace script between exec and open by shell"
+ * hole by passing the script as /dev/fd parameter.
+ */
+ if ((setid & EXECSETID_PRIVS) != 0 ||
+ (setid & (EXECSETID_UGIDS|EXECSETID_SETID)) ==
+ (EXECSETID_UGIDS|EXECSETID_SETID)) {
+ (void) strcpy(devfd, "/dev/fd/");
+ if (error = execopen(&vp, &fd))
+ goto done;
+ numtos(fd, &devfd[8]);
+ args->fname = devfd;
+ }
+
+ error = gexec(&nvp, uap, args, &idata, ++level,
+ execsz, exec_file, cred);
+done:
+ VN_RELE(nvp);
+ args->pathname = opath;
+ pn_free(&resolvepn);
+fail:
+ kmem_free(idata.intp, INTPSZ);
+ if (error && fd != -1)
+ (void) execclose(fd);
+bad:
+ return (error);
+}
Index: src/uts/common/Makefile.rules
===================================================================
--- src/uts/common/Makefile.rules (revision 426)
+++ src/uts/common/Makefile.rules (working copy)
@@ -154,6 +154,10 @@
$(COMPILE.c) -o $@ $<
$(CTFCONVERT_O)
+$(OBJS_DIR)/%.o: $(UTSBASE)/common/exec/shbin/%.c
+ $(COMPILE.c) -o $@ $<
+ $(CTFCONVERT_O)
+
$(OBJS_DIR)/%.o: $(UTSBASE)/common/exec/java/%.c
$(COMPILE.c) -o $@ $<
$(CTFCONVERT_O)
@@ -969,6 +973,9 @@
$(LINTS_DIR)/%.ln: $(UTSBASE)/common/exec/intp/%.c
@($(LHEAD) $(LINT.c) $< $(LTAIL))
+$(LINTS_DIR)/%.ln: $(UTSBASE)/common/exec/shbin/%.c
+ @($(LHEAD) $(LINT.c) $< $(LTAIL))
+
$(LINTS_DIR)/%.ln: $(UTSBASE)/common/exec/java/%.c
@($(LHEAD) $(LINT.c) $< $(LTAIL))
Index: src/uts/intel/shbinexec/Makefile
===================================================================
--- src/uts/intel/shbinexec/Makefile (revision 0)
+++ src/uts/intel/shbinexec/Makefile (revision 0)
@@ -0,0 +1,85 @@
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License, Version 1.0 only
+# (the "License"). You may not use this file except in compliance
+# with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+#
+# uts/intel/shbinexec/Makefile
+#
+# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
+# Use is subject to license terms.
+#
+#pragma ident "@(#)Makefile 1.1 05/06/08 SMI"
+#
+# This makefile drives the production of the shbinexec (shell binary (ksh93))
+# exec kernel module.
+#
+# intel architecture dependent
+#
+
+#
+# Path to the base of the uts directory tree (usually /usr/src/uts).
+#
+UTSBASE = ../..
+
+#
+# Define the module and object file sets.
+#
+MODULE = shbinexec
+OBJECTS = $(SHBINEXEC_OBJS:%=$(OBJS_DIR)/%)
+LINTS = $(SHBINEXEC_OBJS:%.o=$(LINTS_DIR)/%.ln)
+ROOTMODULE = $(ROOT_EXEC_DIR)/$(MODULE)
+
+#
+# Include common rules.
+#
+include $(UTSBASE)/intel/Makefile.intel
+
+#
+# Define targets
+#
+ALL_TARGET = $(BINARY)
+LINT_TARGET = $(MODULE).lint
+INSTALL_TARGET = $(BINARY) $(ROOTMODULE)
+
+#
+# Default build targets.
+#
+.KEEP_STATE:
+
+def: $(DEF_DEPS)
+
+all: $(ALL_DEPS)
+
+clean: $(CLEAN_DEPS)
+
+clobber: $(CLOBBER_DEPS)
+
+lint: $(LINT_DEPS)
+
+modlintlib: $(MODLINTLIB_DEPS)
+
+clean.lint: $(CLEAN_LINT_DEPS)
+
+install: $(INSTALL_DEPS)
+
+#
+# Include common targets.
+#
+include $(UTSBASE)/intel/Makefile.targ
Index: src/uts/intel/Makefile.intel.shared
===================================================================
--- src/uts/intel/Makefile.intel.shared (revision 426)
+++ src/uts/intel/Makefile.intel.shared (working copy)
@@ -398,7 +398,7 @@
#
# Exec Class Modules (/kernel/exec):
#
-EXEC_KMODS += elfexec intpexec javaexec
+EXEC_KMODS += elfexec intpexec shbinexec javaexec
#
# Scheduling Class Modules (/kernel/sched):
More information about the ksh93-integration-discuss
mailing list