4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #include <sys/mutex.h>
27 #include <sys/debug.h>
28 #include <sys/types.h>
29 #include <sys/param.h>
30 #include <sys/kmem.h>
31 #include <sys/thread.h>
32 #include <sys/id_space.h>
33 #include <sys/avl.h>
34 #include <sys/list.h>
35 #include <sys/sysmacros.h>
36 #include <sys/proc.h>
37 #include <sys/contract.h>
38 #include <sys/contract_impl.h>
39 #include <sys/contract/process.h>
40 #include <sys/contract/process_impl.h>
41 #include <sys/cmn_err.h>
42 #include <sys/nvpair.h>
43 #include <sys/policy.h>
938 /*
939 * We check for emptiness before dropping the contract lock to
940 * send the exit event, otherwise we could end up with two
941 * empty events.
942 */
943 empty = (list_head(&ctp->conp_members) == NULL);
944 if (EVSENDP(ctp, CT_PR_EV_EXIT)) {
945 nvlist_t *nvl;
946
947 mutex_exit(&ct->ct_lock);
948 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
949 VERIFY(nvlist_add_uint32(nvl, CTPE_PID, p->p_pid) == 0);
950 VERIFY(nvlist_add_int32(nvl, CTPE_EXITSTATUS, exitstatus) == 0);
951
952 event = kmem_zalloc(sizeof (ct_kevent_t), KM_SLEEP);
953 event->cte_flags = EVINFOP(ctp, CT_PR_EV_EXIT) ? CTE_INFO : 0;
954 event->cte_type = CT_PR_EV_EXIT;
955 (void) cte_publish_all(ct, event, nvl, NULL);
956 mutex_enter(&ct->ct_lock);
957 }
958 if (empty) {
959 /*
960 * Send EMPTY message.
961 */
962 if (EVSENDP(ctp, CT_PR_EV_EMPTY)) {
963 nvlist_t *nvl;
964
965 mutex_exit(&ct->ct_lock);
966 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME,
967 KM_SLEEP) == 0);
968 VERIFY(nvlist_add_uint32(nvl, CTPE_PID, p->p_pid) == 0);
969
970 event = kmem_zalloc(sizeof (ct_kevent_t), KM_SLEEP);
971 event->cte_flags = EVINFOP(ctp, CT_PR_EV_EMPTY) ?
972 CTE_INFO : 0;
973 event->cte_type = CT_PR_EV_EMPTY;
974 (void) cte_publish_all(ct, event, nvl, NULL);
975 mutex_enter(&ct->ct_lock);
976 }
977
1040 return (NULL);
1041 }
1042 cp->p_ct_process = ctp;
1043 mutex_exit(&pp->p_lock);
1044 contract_hold(ct);
1045 list_insert_head(&ctp->conp_members, cp);
1046 ctp->conp_nmembers++;
1047 mutex_exit(&ct->ct_lock);
1048 if (EVSENDP(ctp, CT_PR_EV_FORK)) {
1049 nvlist_t *nvl;
1050
1051 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1052 VERIFY(nvlist_add_uint32(nvl, CTPE_PID, cp->p_pid) == 0);
1053 VERIFY(nvlist_add_uint32(nvl, CTPE_PPID, pp->p_pid) == 0);
1054
1055 event = kmem_zalloc(sizeof (ct_kevent_t), KM_SLEEP);
1056 event->cte_flags = EVINFOP(ctp, CT_PR_EV_FORK) ? CTE_INFO : 0;
1057 event->cte_type = CT_PR_EV_FORK;
1058 (void) cte_publish_all(ct, event, nvl, NULL);
1059 }
1060 return (ctp);
1061 }
1062
1063 /*
1064 * contract_process_core
1065 *
1066 * Called on core file generation attempts. Generates a core event, if
1067 * requested, containing the names of the process, global, and
1068 * system-global ("zone") core files. If dumping core is in the fatal
1069 * event set, calls contract_process_kill().
1070 */
1071 void
1072 contract_process_core(cont_process_t *ctp, proc_t *p, int sig,
1073 const char *process, const char *global, const char *zone)
1074 {
1075 contract_t *ct = &ctp->conp_contract;
1076
1077 if (EVSENDP(ctp, CT_PR_EV_CORE)) {
1078 ct_kevent_t *event;
1079 nvlist_t *nvl, *gnvl = NULL;
|
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright 2016 Joyent, Inc.
25 */
26
27 #include <sys/mutex.h>
28 #include <sys/debug.h>
29 #include <sys/types.h>
30 #include <sys/param.h>
31 #include <sys/kmem.h>
32 #include <sys/thread.h>
33 #include <sys/id_space.h>
34 #include <sys/avl.h>
35 #include <sys/list.h>
36 #include <sys/sysmacros.h>
37 #include <sys/proc.h>
38 #include <sys/contract.h>
39 #include <sys/contract_impl.h>
40 #include <sys/contract/process.h>
41 #include <sys/contract/process_impl.h>
42 #include <sys/cmn_err.h>
43 #include <sys/nvpair.h>
44 #include <sys/policy.h>
939 /*
940 * We check for emptiness before dropping the contract lock to
941 * send the exit event, otherwise we could end up with two
942 * empty events.
943 */
944 empty = (list_head(&ctp->conp_members) == NULL);
945 if (EVSENDP(ctp, CT_PR_EV_EXIT)) {
946 nvlist_t *nvl;
947
948 mutex_exit(&ct->ct_lock);
949 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
950 VERIFY(nvlist_add_uint32(nvl, CTPE_PID, p->p_pid) == 0);
951 VERIFY(nvlist_add_int32(nvl, CTPE_EXITSTATUS, exitstatus) == 0);
952
953 event = kmem_zalloc(sizeof (ct_kevent_t), KM_SLEEP);
954 event->cte_flags = EVINFOP(ctp, CT_PR_EV_EXIT) ? CTE_INFO : 0;
955 event->cte_type = CT_PR_EV_EXIT;
956 (void) cte_publish_all(ct, event, nvl, NULL);
957 mutex_enter(&ct->ct_lock);
958 }
959
960 /*
961 * CT_PR_EV_EXIT is not part of the CT_PR_ALLFATAL definition since
962 * we never allow including this in the fatal set via a user-land
963 * application, but we do allow CT_PR_EV_EXIT in the contract's fatal
964 * set for a process setup for zone init. See zone_start_init().
965 */
966 if (EVFATALP(ctp, CT_PR_EV_EXIT)) {
967 ASSERT(MUTEX_HELD(&ct->ct_lock));
968 contract_process_kill(ct, p, B_TRUE);
969 }
970
971 if (empty) {
972 /*
973 * Send EMPTY message.
974 */
975 if (EVSENDP(ctp, CT_PR_EV_EMPTY)) {
976 nvlist_t *nvl;
977
978 mutex_exit(&ct->ct_lock);
979 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME,
980 KM_SLEEP) == 0);
981 VERIFY(nvlist_add_uint32(nvl, CTPE_PID, p->p_pid) == 0);
982
983 event = kmem_zalloc(sizeof (ct_kevent_t), KM_SLEEP);
984 event->cte_flags = EVINFOP(ctp, CT_PR_EV_EMPTY) ?
985 CTE_INFO : 0;
986 event->cte_type = CT_PR_EV_EMPTY;
987 (void) cte_publish_all(ct, event, nvl, NULL);
988 mutex_enter(&ct->ct_lock);
989 }
990
1053 return (NULL);
1054 }
1055 cp->p_ct_process = ctp;
1056 mutex_exit(&pp->p_lock);
1057 contract_hold(ct);
1058 list_insert_head(&ctp->conp_members, cp);
1059 ctp->conp_nmembers++;
1060 mutex_exit(&ct->ct_lock);
1061 if (EVSENDP(ctp, CT_PR_EV_FORK)) {
1062 nvlist_t *nvl;
1063
1064 VERIFY(nvlist_alloc(&nvl, NV_UNIQUE_NAME, KM_SLEEP) == 0);
1065 VERIFY(nvlist_add_uint32(nvl, CTPE_PID, cp->p_pid) == 0);
1066 VERIFY(nvlist_add_uint32(nvl, CTPE_PPID, pp->p_pid) == 0);
1067
1068 event = kmem_zalloc(sizeof (ct_kevent_t), KM_SLEEP);
1069 event->cte_flags = EVINFOP(ctp, CT_PR_EV_FORK) ? CTE_INFO : 0;
1070 event->cte_type = CT_PR_EV_FORK;
1071 (void) cte_publish_all(ct, event, nvl, NULL);
1072 }
1073
1074 /*
1075 * Because the CT_PR_KEEP_EXEC flag is meant to be used by applications
1076 * which are not contract aware, we can assume that these applications
1077 * will never explicitly abandon the child's new contract. Thus, we
1078 * abandon it now.
1079 */
1080 if (ctp->conp_params & CT_PR_KEEP_EXEC) {
1081 (void) contract_abandon(ct, pp, 1);
1082 }
1083
1084 return (ctp);
1085 }
1086
1087 /*
1088 * contract_process_core
1089 *
1090 * Called on core file generation attempts. Generates a core event, if
1091 * requested, containing the names of the process, global, and
1092 * system-global ("zone") core files. If dumping core is in the fatal
1093 * event set, calls contract_process_kill().
1094 */
1095 void
1096 contract_process_core(cont_process_t *ctp, proc_t *p, int sig,
1097 const char *process, const char *global, const char *zone)
1098 {
1099 contract_t *ct = &ctp->conp_contract;
1100
1101 if (EVSENDP(ctp, CT_PR_EV_CORE)) {
1102 ct_kevent_t *event;
1103 nvlist_t *nvl, *gnvl = NULL;
|