Differential D5603 Diff 53745 head/sys/kern/kern_procctl.c

Changeset View

Standalone View

head/sys/kern/kern_procctl.c

Show All 37 Lines
#include <sys/priv.h>		#include <sys/priv.h>
#include <sys/proc.h>		#include <sys/proc.h>
#include <sys/procctl.h>		#include <sys/procctl.h>
#include <sys/sx.h>		#include <sys/sx.h>
#include <sys/syscallsubr.h>		#include <sys/syscallsubr.h>
#include <sys/sysproto.h>		#include <sys/sysproto.h>
#include <sys/wait.h>		#include <sys/wait.h>

		#include <vm/vm.h>
		#include <vm/pmap.h>
		#include <vm/vm_map.h>
		#include <vm/vm_extern.h>

static int		static int
protect_setchild(struct thread td, struct proc p, int flags)		protect_setchild(struct thread td, struct proc p, int flags)
{		{

PROC_LOCK_ASSERT(p, MA_OWNED);		PROC_LOCK_ASSERT(p, MA_OWNED);
if (p->p_flag & P_SYSTEM \|\| p_cansched(td, p) != 0)		if (p->p_flag & P_SYSTEM \|\| p_cansched(td, p) != 0)
return (0);		return (0);
if (flags & PPROT_SET) {		if (flags & PPROT_SET) {
▲ Show 20 Lines • Show All 354 Lines • ▼ Show 20 Lines
trapcap_status(struct thread td, struct proc p, int *data)		trapcap_status(struct thread td, struct proc p, int *data)
{		{

*data = (p->p_flag2 & P2_TRAPCAP) != 0 ? PROC_TRAPCAP_CTL_ENABLE :		*data = (p->p_flag2 & P2_TRAPCAP) != 0 ? PROC_TRAPCAP_CTL_ENABLE :
PROC_TRAPCAP_CTL_DISABLE;		PROC_TRAPCAP_CTL_DISABLE;
return (0);		return (0);
}		}

		static int
		aslr_ctl(struct thread td, struct proc p, int state)
		{

		PROC_LOCK_ASSERT(p, MA_OWNED);

		switch (state) {
		case PROC_ASLR_FORCE_ENABLE:
		p->p_flag2 &= ~P2_ASLR_DISABLE;
		p->p_flag2 \|= P2_ASLR_ENABLE;
		break;
		case PROC_ASLR_FORCE_DISABLE:
		p->p_flag2 \|= P2_ASLR_DISABLE;
		p->p_flag2 &= ~P2_ASLR_ENABLE;
		break;
		case PROC_ASLR_NOFORCE:
		p->p_flag2 &= ~(P2_ASLR_ENABLE \| P2_ASLR_DISABLE);
		break;
		default:
		return (EINVAL);
		}
		return (0);
		}

		static int
		aslr_status(struct thread td, struct proc p, int *data)
		{
		struct vmspace *vm;
		int d;

		switch (p->p_flag2 & (P2_ASLR_ENABLE \| P2_ASLR_DISABLE)) {
		case 0:
		d = PROC_ASLR_NOFORCE;
		break;
		case P2_ASLR_ENABLE:
		d = PROC_ASLR_FORCE_ENABLE;
		break;
		case P2_ASLR_DISABLE:
		d = PROC_ASLR_FORCE_DISABLE;
		break;
		}
		if ((p->p_flag & P_WEXIT) == 0) {
		_PHOLD(p);
		PROC_UNLOCK(p);
		vm = vmspace_acquire_ref(p);
		if (vm != NULL && (vm->vm_map.flags & MAP_ASLR) != 0) {
		d \|= PROC_ASLR_ACTIVE;
		vmspace_free(vm);
		}
		PROC_LOCK(p);
		_PRELE(p);
		}
		*data = d;
		return (0);
		}

#ifndef _SYS_SYSPROTO_H_		#ifndef _SYS_SYSPROTO_H_
struct procctl_args {		struct procctl_args {
idtype_t idtype;		idtype_t idtype;
id_t id;		id_t id;
int com;		int com;
void *data;		void *data;
};		};
#endif		#endif
/* ARGSUSED */		/* ARGSUSED */
int		int
sys_procctl(struct thread td, struct procctl_args uap)		sys_procctl(struct thread td, struct procctl_args uap)
{		{
void *data;		void *data;
union {		union {
struct procctl_reaper_status rs;		struct procctl_reaper_status rs;
struct procctl_reaper_pids rp;		struct procctl_reaper_pids rp;
struct procctl_reaper_kill rk;		struct procctl_reaper_kill rk;
} x;		} x;
int error, error1, flags, signum;		int error, error1, flags, signum;

switch (uap->com) {		switch (uap->com) {
		case PROC_ASLR_CTL:
case PROC_SPROTECT:		case PROC_SPROTECT:
case PROC_TRACE_CTL:		case PROC_TRACE_CTL:
case PROC_TRAPCAP_CTL:		case PROC_TRAPCAP_CTL:
error = copyin(uap->data, &flags, sizeof(flags));		error = copyin(uap->data, &flags, sizeof(flags));
if (error != 0)		if (error != 0)
return (error);		return (error);
data = &flags;		data = &flags;
break;		break;
Show All 13 Lines	case PROC_REAP_GETPIDS:
data = &x.rp;		data = &x.rp;
break;		break;
case PROC_REAP_KILL:		case PROC_REAP_KILL:
error = copyin(uap->data, &x.rk, sizeof(x.rk));		error = copyin(uap->data, &x.rk, sizeof(x.rk));
if (error != 0)		if (error != 0)
return (error);		return (error);
data = &x.rk;		data = &x.rk;
break;		break;
		case PROC_ASLR_STATUS:
case PROC_TRACE_STATUS:		case PROC_TRACE_STATUS:
case PROC_TRAPCAP_STATUS:		case PROC_TRAPCAP_STATUS:
data = &flags;		data = &flags;
break;		break;
case PROC_PDEATHSIG_CTL:		case PROC_PDEATHSIG_CTL:
error = copyin(uap->data, &signum, sizeof(signum));		error = copyin(uap->data, &signum, sizeof(signum));
if (error != 0)		if (error != 0)
return (error);		return (error);
Show All 11 Lines	case PROC_REAP_STATUS:
if (error == 0)		if (error == 0)
error = copyout(&x.rs, uap->data, sizeof(x.rs));		error = copyout(&x.rs, uap->data, sizeof(x.rs));
break;		break;
case PROC_REAP_KILL:		case PROC_REAP_KILL:
error1 = copyout(&x.rk, uap->data, sizeof(x.rk));		error1 = copyout(&x.rk, uap->data, sizeof(x.rk));
if (error == 0)		if (error == 0)
error = error1;		error = error1;
break;		break;
		case PROC_ASLR_STATUS:
case PROC_TRACE_STATUS:		case PROC_TRACE_STATUS:
case PROC_TRAPCAP_STATUS:		case PROC_TRAPCAP_STATUS:
if (error == 0)		if (error == 0)
error = copyout(&flags, uap->data, sizeof(flags));		error = copyout(&flags, uap->data, sizeof(flags));
break;		break;
case PROC_PDEATHSIG_STATUS:		case PROC_PDEATHSIG_STATUS:
if (error == 0)		if (error == 0)
error = copyout(&signum, uap->data, sizeof(signum));		error = copyout(&signum, uap->data, sizeof(signum));
break;		break;
}		}
return (error);		return (error);
}		}

static int		static int
kern_procctl_single(struct thread td, struct proc p, int com, void *data)		kern_procctl_single(struct thread td, struct proc p, int com, void *data)
{		{

PROC_LOCK_ASSERT(p, MA_OWNED);		PROC_LOCK_ASSERT(p, MA_OWNED);
switch (com) {		switch (com) {
		case PROC_ASLR_CTL:
		return (aslr_ctl(td, p, (int )data));
		case PROC_ASLR_STATUS:
		return (aslr_status(td, p, data));
case PROC_SPROTECT:		case PROC_SPROTECT:
return (protect_set(td, p, (int )data));		return (protect_set(td, p, (int )data));
case PROC_REAP_ACQUIRE:		case PROC_REAP_ACQUIRE:
return (reap_acquire(td, p));		return (reap_acquire(td, p));
case PROC_REAP_RELEASE:		case PROC_REAP_RELEASE:
return (reap_release(td, p));		return (reap_release(td, p));
case PROC_REAP_STATUS:		case PROC_REAP_STATUS:
return (reap_status(td, p, data));		return (reap_status(td, p, data));
Show All 19 Lines
{		{
struct pgrp *pg;		struct pgrp *pg;
struct proc *p;		struct proc *p;
int error, first_error, ok;		int error, first_error, ok;
int signum;		int signum;
bool tree_locked;		bool tree_locked;

switch (com) {		switch (com) {
		case PROC_ASLR_CTL:
		case PROC_ASLR_STATUS:
case PROC_REAP_ACQUIRE:		case PROC_REAP_ACQUIRE:
case PROC_REAP_RELEASE:		case PROC_REAP_RELEASE:
case PROC_REAP_STATUS:		case PROC_REAP_STATUS:
case PROC_REAP_GETPIDS:		case PROC_REAP_GETPIDS:
case PROC_REAP_KILL:		case PROC_REAP_KILL:
case PROC_TRACE_STATUS:		case PROC_TRACE_STATUS:
case PROC_TRAPCAP_STATUS:		case PROC_TRAPCAP_STATUS:
case PROC_PDEATHSIG_CTL:		case PROC_PDEATHSIG_CTL:
Show All 33 Lines	case PROC_TRAPCAP_CTL:
sx_slock(&proctree_lock);		sx_slock(&proctree_lock);
tree_locked = true;		tree_locked = true;
break;		break;
case PROC_REAP_ACQUIRE:		case PROC_REAP_ACQUIRE:
case PROC_REAP_RELEASE:		case PROC_REAP_RELEASE:
sx_xlock(&proctree_lock);		sx_xlock(&proctree_lock);
tree_locked = true;		tree_locked = true;
break;		break;
		case PROC_ASLR_CTL:
		case PROC_ASLR_STATUS:
case PROC_TRACE_STATUS:		case PROC_TRACE_STATUS:
case PROC_TRAPCAP_STATUS:		case PROC_TRAPCAP_STATUS:
tree_locked = false;		tree_locked = false;
break;		break;
default:		default:
return (EINVAL);		return (EINVAL);
}		}

▲ Show 20 Lines • Show All 59 Lines • Show Last 20 Lines