Print this page
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/fs/proc/prcontrol.c
+++ new/usr/src/uts/common/fs/proc/prcontrol.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
|
↓ open down ↓ |
17 lines elided |
↑ open up ↑ |
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 25 */
26 26
27 27 /*
28 - * Copyright (c) 2013, Joyent, Inc. All rights reserved.
28 + * Copyright 2015, Joyent, Inc.
29 29 * Copyright 2023 Oxide Computer Company
30 30 */
31 31
32 32 #include <sys/types.h>
33 33 #include <sys/uio.h>
34 34 #include <sys/param.h>
35 35 #include <sys/cmn_err.h>
36 36 #include <sys/cred.h>
37 37 #include <sys/policy.h>
38 38 #include <sys/debug.h>
39 39 #include <sys/errno.h>
40 40 #include <sys/file.h>
41 41 #include <sys/inline.h>
42 42 #include <sys/kmem.h>
43 43 #include <sys/proc.h>
44 44 #include <sys/brand.h>
45 45 #include <sys/regset.h>
46 46 #include <sys/sysmacros.h>
47 47 #include <sys/systm.h>
48 48 #include <sys/vfs.h>
49 49 #include <sys/vnode.h>
50 50 #include <sys/signal.h>
51 51 #include <sys/auxv.h>
52 52 #include <sys/user.h>
53 53 #include <sys/class.h>
54 54 #include <sys/fault.h>
55 55 #include <sys/syscall.h>
56 56 #include <sys/procfs.h>
57 57 #include <sys/zone.h>
58 58 #include <sys/copyops.h>
59 59 #include <sys/schedctl.h>
60 60 #include <vm/as.h>
61 61 #include <vm/seg.h>
62 62 #include <fs/proc/prdata.h>
63 63 #include <sys/contract/process_impl.h>
64 64 #include <sys/stdalign.h>
65 65
66 66 static void pr_settrace(proc_t *, sigset_t *);
67 67 static int pr_setfpregs(prnode_t *, prfpregset_t *);
68 68 static int pr_setxregs(prnode_t *, prxregset_t *);
69 69 static int pr_setvaddr(prnode_t *, caddr_t);
70 70 static int pr_clearsig(prnode_t *);
71 71 static int pr_clearflt(prnode_t *);
72 72 static int pr_watch(prnode_t *, prwatch_t *, int *);
73 73 static int pr_agent(prnode_t *, prgregset_t, int *);
74 74 static int pr_rdwr(proc_t *, enum uio_rw, priovec_t *);
75 75 static int pr_scred(proc_t *, prcred_t *, cred_t *, boolean_t);
76 76 static int pr_spriv(proc_t *, prpriv_t *, cred_t *);
77 77 static int pr_szoneid(proc_t *, zoneid_t, cred_t *);
78 78 static void pauselwps(proc_t *);
79 79 static void unpauselwps(proc_t *);
80 80
81 81 /*
82 82 * This union represents the size of commands that are generally fixed size in
83 83 * /proc. There are some commands that are variable size because the actual data
84 84 * is structured. Of things in the latter category, some of these are the same
85 85 * across all architectures (e.g. prcred_t, prpriv_t) and some vary and are
86 86 * opaque (e.g. the prxregset_t).
87 87 */
88 88 typedef union {
89 89 long sig; /* PCKILL, PCUNKILL */
90 90 long nice; /* PCNICE */
91 91 long timeo; /* PCTWSTOP */
92 92 ulong_t flags; /* PCRUN, PCSET, PCUNSET */
93 93 caddr_t vaddr; /* PCSVADDR */
94 94 siginfo_t siginfo; /* PCSSIG */
95 95 sigset_t sigset; /* PCSTRACE, PCSHOLD */
96 96 fltset_t fltset; /* PCSFAULT */
97 97 sysset_t sysset; /* PCSENTRY, PCSEXIT */
98 98 prgregset_t prgregset; /* PCSREG, PCAGENT */
99 99 prfpregset_t prfpregset; /* PCSFPREG */
100 100 prwatch_t prwatch; /* PCWATCH */
101 101 priovec_t priovec; /* PCREAD, PCWRITE */
102 102 prcred_t prcred; /* PCSCRED */
103 103 prpriv_t prpriv; /* PCSPRIV */
104 104 long przoneid; /* PCSZONE */
105 105 } arg_t;
106 106
107 107 static boolean_t
108 108 prwritectl_pcscredx_sizef(const void *datap, size_t *sizep)
109 109 {
110 110 const prcred_t *cred = datap;
111 111
112 112 if (cred->pr_ngroups < 0 || cred->pr_ngroups > ngroups_max) {
113 113 return (B_FALSE);
114 114 }
115 115
116 116 if (cred->pr_ngroups == 0) {
117 117 *sizep = 0;
118 118 } else {
119 119 *sizep = (cred->pr_ngroups - 1) * sizeof (gid_t);
120 120 }
121 121 return (B_TRUE);
122 122 }
123 123
124 124 static boolean_t
125 125 prwritectl_pcspriv_sizef(const void *datap, size_t *sizep)
126 126 {
127 127 const prpriv_t *priv = datap;
128 128 *sizep = priv_prgetprivsize(priv) - sizeof (prpriv_t);
129 129 return (B_TRUE);
130 130 }
131 131
132 132 /*
133 133 * This structure represents a single /proc write command that we support and
134 134 * metadata about how to ensure we have sufficient data for it. To determine the
135 135 * data that we need to read, this combines information from three different
136 136 * sources for a given named command in 'pcs_cmd'. The main goal is to first
137 137 * make sure we have the right minimum amount of information so we can read and
138 138 * validate the data around variable length structures.
139 139 *
140 140 * o Most commands have a fixed static size. This is represented in the
141 141 * pcs_size member. This also is used to represent the base structure size
142 142 * in the case of entries like PCSCREDX.
143 143 *
144 144 * o Other commands have an unknown minimum size to determine how much data
145 145 * there is and they use the pcs_minf() function to determine the right
146 146 * value. This is often unknown at compile time because it is say a
147 147 * machdep or ISA based feature (ala PCSXREGS) and we'd rather not #ifdef
148 148 * this code to death. This may be skipped and is for most things. The value
149 149 * it returns is added to the static value.
150 150 *
151 151 * o The final piece is the pcs_sizef() function pointer which determines the
152 152 * total required size for this. It is given a pointer that has at least
153 153 * pcs_size and pcs_minf() bytes. This is used to determine the total
154 154 * expected size of the structure. Callers must not dereference data beyond
155 155 * what they've indicated previously. This should only return exra bytes
156 156 * that are required beyond what was already indicated between the two
157 157 * functions.
158 158 *
159 159 * In all cases, the core prwritectl() logic will determine if there is
160 160 * sufficient step along the way for each of these to proceed.
161 161 */
162 162 typedef struct proc_control_info {
163 163 long pcs_cmd;
164 164 size_t pcs_size;
165 165 boolean_t (*pcs_minf)(size_t *);
166 166 boolean_t (*pcs_sizef)(const void *, size_t *);
167 167 } proc_control_info_t;
168 168
169 169 static const proc_control_info_t proc_ctl_info[] = {
170 170 { PCNULL, 0, NULL, NULL },
171 171 { PCSTOP, 0, NULL, NULL },
172 172 { PCDSTOP, 0, NULL, NULL },
173 173 { PCWSTOP, 0, NULL, NULL },
174 174 { PCCSIG, 0, NULL, NULL },
175 175 { PCCFAULT, 0, NULL, NULL },
176 176 { PCSSIG, sizeof (siginfo_t), NULL, NULL },
177 177 { PCTWSTOP, sizeof (long), NULL, NULL },
178 178 { PCKILL, sizeof (long), NULL, NULL },
179 179 { PCUNKILL, sizeof (long), NULL, NULL },
180 180 { PCNICE, sizeof (long), NULL, NULL },
181 181 { PCRUN, sizeof (ulong_t), NULL, NULL },
182 182 { PCSET, sizeof (ulong_t), NULL, NULL },
183 183 { PCUNSET, sizeof (ulong_t), NULL, NULL },
184 184 { PCSTRACE, sizeof (sigset_t), NULL, NULL },
185 185 { PCSHOLD, sizeof (sigset_t), NULL, NULL },
186 186 { PCSFAULT, sizeof (fltset_t), NULL, NULL },
187 187 { PCSENTRY, sizeof (sysset_t), NULL, NULL },
188 188 { PCSEXIT, sizeof (sysset_t), NULL, NULL },
189 189 { PCSREG, sizeof (prgregset_t), NULL, NULL },
190 190 { PCAGENT, sizeof (prgregset_t), NULL, NULL },
191 191 { PCSFPREG, sizeof (prfpregset_t), NULL, NULL },
192 192 { PCSXREG, 0, prwriteminxreg, prwritesizexreg },
193 193 { PCWATCH, sizeof (prwatch_t), NULL },
194 194 { PCREAD, sizeof (priovec_t), NULL, NULL },
195 195 { PCWRITE, sizeof (priovec_t), NULL, NULL },
196 196 { PCSCRED, sizeof (prcred_t), NULL, NULL },
197 197 { PCSCREDX, sizeof (prcred_t), NULL, prwritectl_pcscredx_sizef },
198 198 { PCSPRIV, sizeof (prpriv_t), NULL, prwritectl_pcspriv_sizef },
199 199 { PCSZONE, sizeof (long), NULL },
200 200 };
201 201
202 202 /*
203 203 * We need a default buffer that we're going to allocate when we need memory to
204 204 * read control operations. This is on average large enough to hold multiple
205 205 * control operations. We leave this as a smaller value on debug builds just
206 206 * to exercise our reallocation logic.
207 207 */
208 208 #ifdef DEBUG
209 209 #define PROC_CTL_DEFSIZE 32
210 210 #else
211 211 #define PROC_CTL_DEFSIZE 1024
212 212 #endif
213 213
214 214 /*
215 215 * This structure is used to track all of the information that we have around a
216 216 * prwritectl call. This is used to reduce function parameters and make state
217 217 * clear.
218 218 */
219 219 typedef struct {
220 220 void *prwc_buf;
221 221 size_t prwc_buflen;
222 222 size_t prwc_curvalid;
223 223 uio_t *prwc_uiop;
224 224 prnode_t *prwc_pnp;
225 225 boolean_t prwc_locked;
226 226 boolean_t prwc_need32;
227 227 void *prwc_buf32;
228 228 } prwritectl_t;
229 229
230 230 /*
231 231 * Attempt to read in at least needed data. If we need to read in data, then we
232 232 * will try to fill in as much data as required.
233 233 */
234 234 static int
235 235 prwritectl_readin(prwritectl_t *prwc, size_t needed)
236 236 {
237 237 int ret;
238 238 size_t toread;
239 239 void *start;
240 240
241 241 /*
242 242 * If we have as much data as we need then we're good to go.
243 243 */
244 244 if (prwc->prwc_curvalid > needed) {
245 245 ASSERT3U(prwc->prwc_buflen, >=, prwc->prwc_curvalid);
246 246 ASSERT3U(prwc->prwc_buflen, >=, needed);
247 247 return (0);
248 248 }
249 249
250 250 /*
251 251 * We don't have all of our data. We must make sure of several things:
252 252 *
253 253 * 1. That there actually is enough data in the uio_t for what we
254 254 * need, considering what we've already read.
255 255 * 2. If the process is locked, at this point, we want to unlock it
256 256 * before we deal with any I/O or memory allocation. Otherwise we
257 257 * can wreak havoc with p_lock / paging.
258 258 * 3. We need to make sure that our buffer is large enough to actually
259 259 * fit it all.
260 260 * 4. Only at that point can we actually perform the read.
261 261 */
262 262 if (needed - prwc->prwc_curvalid > prwc->prwc_uiop->uio_resid) {
263 263 return (EINVAL);
264 264 }
265 265
266 266 if (prwc->prwc_locked) {
267 267 prunlock(prwc->prwc_pnp);
268 268 prwc->prwc_locked = B_FALSE;
269 269 }
270 270
271 271 if (needed > prwc->prwc_buflen) {
272 272 size_t new_len = P2ROUNDUP(needed, PROC_CTL_DEFSIZE);
273 273 prwc->prwc_buf = kmem_rezalloc(prwc->prwc_buf,
274 274 prwc->prwc_buflen, new_len, KM_SLEEP);
275 275 if (prwc->prwc_need32) {
276 276 prwc->prwc_buf32 = kmem_rezalloc(prwc->prwc_buf32,
277 277 prwc->prwc_buflen, new_len, KM_SLEEP);
278 278 }
279 279 prwc->prwc_buflen = new_len;
280 280 }
281 281
282 282 toread = MIN(prwc->prwc_buflen - prwc->prwc_curvalid,
283 283 prwc->prwc_uiop->uio_resid);
284 284 ASSERT3U(toread, >=, needed - prwc->prwc_curvalid);
285 285 start = (void *)((uintptr_t)prwc->prwc_buf + prwc->prwc_curvalid);
286 286 if ((ret = uiomove(start, toread, UIO_WRITE, prwc->prwc_uiop)) != 0) {
287 287 return (ret);
288 288 }
289 289
290 290 prwc->prwc_curvalid += toread;
291 291 return (0);
292 292 }
293 293
294 294 static const proc_control_info_t *
295 295 prwritectl_cmd_identify(const prwritectl_t *prwc,
296 296 const proc_control_info_t *info, size_t ninfo, size_t cmdsize)
297 297 {
298 298 long cmd;
299 299
300 300 ASSERT(cmdsize == sizeof (int32_t) || cmdsize == sizeof (long));
301 301 if (cmdsize == 4) {
302 302 cmd = (long)*(int32_t *)prwc->prwc_buf;
303 303 } else {
304 304 cmd = *(long *)prwc->prwc_buf;
305 305 }
306 306
307 307
308 308 for (size_t i = 0; i < ninfo; i++) {
309 309 if (info[i].pcs_cmd == cmd) {
310 310 return (&info[i]);
311 311 }
312 312 }
313 313
314 314 return (NULL);
315 315 }
316 316
317 317 /*
318 318 * Control operations (lots).
319 319 *
320 320 * Users can submit one or more commands to us in the uio_t. They are required
321 321 * to always be complete messages. The first one that fails will cause all
322 322 * subsequent things to fail. Processing this can be a little tricky as the
323 323 * actual data size that may be required is variable, not all structures are
324 324 * fixed sizes and some vary based on the instructing set (e.g. x86 vs.
325 325 * something else).
326 326 *
327 327 * The way that we handle process locking deserves some consideration. Prior to
328 328 * the colonization of prwritectl and the support for dynamic sizing of data,
329 329 * the logic would try to read in a large chunk of data and keep a process
330 330 * locked throughout that period and then unlock it before reading more data. As
331 331 * such, we mimic that logically and basically lock it before executing the
332 332 * first (or any subsequent) command and then only unlock it either when we're
333 333 * done entirely or we need to allocate memory or read from the process.
334 334 *
335 335 * This function is a common implementation for both the ILP32 and LP64 entry
336 336 * points as they are mostly the same except for the sizing and control function
337 337 * we call.
338 338 */
339 339 int
340 340 prwritectl_common(vnode_t *vp, uio_t *uiop, cred_t *cr,
341 341 const proc_control_info_t *proc_info, size_t ninfo, size_t cmdsize,
342 342 int (*pr_controlf)(long, void *, prnode_t *, cred_t *))
343 343 {
344 344 int ret;
345 345 prwritectl_t prwc;
346 346
347 347 VERIFY(cmdsize == sizeof (int32_t) || cmdsize == sizeof (long));
348 348
349 349 bzero(&prwc, sizeof (prwc));
350 350 prwc.prwc_pnp = VTOP(vp);
351 351 prwc.prwc_uiop = uiop;
352 352 prwc.prwc_need32 = cmdsize == sizeof (int32_t);
353 353
354 354 /*
355 355 * We may have multiple commands to read and want to try to minimize the
356 356 * amount of reading that we do. Our callers expect us to have a
357 357 * contiguous buffer for a command's actual implementation. However, we
358 358 * must have at least a single long worth of data, otherwise it's not
359 359 * worth continuing.
360 360 */
361 361 while (uiop->uio_resid > 0 || prwc.prwc_curvalid > 0) {
362 362 const proc_control_info_t *proc_cmd;
363 363 void *data;
364 364
365 365 /*
366 366 * Check if we have enough data to identify a command. If not,
367 367 * we read as much as we can in one gulp.
368 368 */
369 369 if ((ret = prwritectl_readin(&prwc, cmdsize)) != 0) {
370 370 goto out;
371 371 }
372 372
373 373 /*
374 374 * Identify the command and figure out how how much data we
375 375 * should have read in the kernel. Some commands have a variable
376 376 * length and we need to make sure the minimum is met before
377 377 * asking how much there is in general. Most things know what
378 378 * the minimum length is and this pcs_minf() is not implemented.
379 379 * However things that are ISA-specific require us to ask that
380 380 * first.
381 381 *
382 382 * We also must be aware that there may not actually be enough
383 383 * data present in the uio_t.
384 384 */
385 385 if ((proc_cmd = prwritectl_cmd_identify(&prwc, proc_info,
386 386 ninfo, cmdsize)) == NULL) {
387 387 ret = EINVAL;
388 388 goto out;
389 389 }
390 390
391 391 size_t needed_data = cmdsize + proc_cmd->pcs_size;
392 392 if (proc_cmd->pcs_minf != NULL) {
393 393 size_t min;
394 394
395 395 if (!proc_cmd->pcs_minf(&min)) {
396 396 ret = EINVAL;
397 397 goto out;
398 398 }
399 399
400 400 needed_data += min;
401 401 }
402 402
403 403 if (proc_cmd->pcs_sizef != NULL) {
404 404 size_t extra;
405 405
406 406 /*
407 407 * Make sure we have the minimum amount of data that
408 408 * they asked us to between the static and minf
409 409 * function.
410 410 */
411 411 if ((ret = prwritectl_readin(&prwc, needed_data)) !=
412 412 0) {
413 413 goto out;
414 414 }
415 415
416 416 VERIFY3U(prwc.prwc_curvalid, >, cmdsize);
417 417 data = (void *)((uintptr_t)prwc.prwc_buf + cmdsize);
418 418 if (!proc_cmd->pcs_sizef(data, &extra)) {
419 419 ret = EINVAL;
420 420 goto out;
421 421 }
422 422
423 423 needed_data += extra;
424 424 }
425 425
426 426 /*
427 427 * Now that we know how much data we're supposed to have,
428 428 * finally ensure we have the total amount we need.
429 429 */
430 430 if ((ret = prwritectl_readin(&prwc, needed_data)) != 0) {
431 431 goto out;
432 432 }
433 433
434 434 /*
435 435 * /proc has traditionally assumed control writes come in
436 436 * multiples of a long. This is 4 bytes for ILP32 and 8 bytes
437 437 * for LP64. When calculating the required size for a structure,
438 438 * it would always round that up to the next long. However, the
439 439 * exact combination of circumstances changes with the
440 440 * introduction of the 64-bit kernel. For 64-bit processes we
441 441 * round up when the current command we're processing isn't the
442 442 * last one.
443 443 *
444 444 * Because of our tracking structures and caching we need to
445 445 * look beyond the uio_t to make this determination. In
446 446 * particular, the uio_t can have a zero resid, but we may still
447 447 * have additional data to read as indicated by prwc_curvalid
448 448 * exceeded the current command size. In the end, we must check
449 449 * both of these cases.
450 450 */
451 451 if ((needed_data % cmdsize) != 0) {
452 452 if (cmdsize == sizeof (int32_t) ||
453 453 prwc.prwc_curvalid > needed_data ||
454 454 prwc.prwc_uiop->uio_resid > 0) {
455 455 needed_data = P2ROUNDUP(needed_data,
456 456 cmdsize);
457 457 if ((ret = prwritectl_readin(&prwc,
458 458 needed_data)) != 0) {
459 459 goto out;
460 460 }
461 461 }
462 462 }
463 463
464 464 if (!prwc.prwc_locked) {
465 465 ret = prlock(prwc.prwc_pnp, ZNO);
466 466 if (ret != 0) {
467 467 goto out;
468 468 }
469 469 prwc.prwc_locked = B_TRUE;
470 470 }
471 471
472 472 /*
473 473 * Run our actual command. When there is an error, then the
474 474 * underlying pr_control call will have unlocked the prnode_t
475 475 * on our behalf. pr_control can return -1, which is a special
476 476 * error indicating a timeout occurred. In such a case the node
477 477 * is unlocked; however, that we are supposed to continue
478 478 * processing commands regardless.
479 479 *
480 480 * Finally, we must deal with with one actual wrinkle. The LP64
481 481 * based logic always guarantees that we have data that is
482 482 * 8-byte aligned. However, the ILP32 logic is 4-byte aligned
483 483 * and the rest of the /proc code assumes it can always
484 484 * dereference it. If we're not aligned, we have to bcopy it to
485 485 * a temporary buffer.
486 486 */
487 487 data = (void *)((uintptr_t)prwc.prwc_buf + cmdsize);
488 488 #ifdef DEBUG
489 489 if (cmdsize == sizeof (long)) {
490 490 VERIFY0((uintptr_t)data % alignof (long));
491 491 }
492 492 #endif
493 493 if (prwc.prwc_need32 && ((uintptr_t)data % alignof (long)) !=
494 494 0 && needed_data > cmdsize) {
495 495 bcopy(data, prwc.prwc_buf32, needed_data - cmdsize);
496 496 data = prwc.prwc_buf32;
497 497 }
498 498 ret = pr_controlf(proc_cmd->pcs_cmd, data, prwc.prwc_pnp, cr);
499 499 if (ret != 0) {
500 500 prwc.prwc_locked = B_FALSE;
501 501 if (ret > 0) {
502 502 goto out;
503 503 }
504 504 }
505 505
506 506 /*
507 507 * Finally, now that we have processed this command, we need to
508 508 * move on. To make our life simple, we basically shift all the
509 509 * data in our buffer over to indicate it's been consumed. While
510 510 * a little wasteful, this simplifies buffer management and
511 511 * guarantees that command processing uses a semi-sanitized
512 512 * state. Visually, this is the following transformation:
513 513 *
514 514 * 0 20 prwc.prwc_curvalid
515 515 * +------------------+----------------+
516 516 * | needed_data | remaining_data |
517 517 * +------------------+----------------+
518 518 *
519 519 * In the above example we are shifting all the data over by 20,
520 520 * so remaining data starts at 0. This leaves us needed_data
521 521 * bytes to clean up from what was valid.
522 522 */
523 523 if (prwc.prwc_buf32 != NULL) {
524 524 bzero(prwc.prwc_buf32, needed_data - cmdsize);
525 525 }
526 526
527 527 if (prwc.prwc_curvalid > needed_data) {
528 528 size_t save_size = prwc.prwc_curvalid - needed_data;
529 529 void *first_save = (void *)((uintptr_t)prwc.prwc_buf +
530 530 needed_data);
531 531 memmove(prwc.prwc_buf, first_save, save_size);
532 532 void *first_zero = (void *)((uintptr_t)prwc.prwc_buf +
533 533 save_size);
534 534 bzero(first_zero, needed_data);
535 535 } else {
536 536 bzero(prwc.prwc_buf, prwc.prwc_curvalid);
537 537 }
538 538 prwc.prwc_curvalid -= needed_data;
539 539 }
540 540
541 541 /*
542 542 * We've managed to successfully process everything. We can actually say
543 543 * this was successful now.
544 544 */
545 545 ret = 0;
546 546
547 547 out:
548 548 if (prwc.prwc_locked) {
549 549 prunlock(prwc.prwc_pnp);
550 550 prwc.prwc_locked = B_FALSE;
551 551 }
552 552
553 553 if (prwc.prwc_buf != NULL) {
554 554 kmem_free(prwc.prwc_buf, prwc.prwc_buflen);
555 555 }
556 556
557 557 if (prwc.prwc_buf32 != NULL) {
558 558 VERIFY(prwc.prwc_need32);
559 559 kmem_free(prwc.prwc_buf32, prwc.prwc_buflen);
560 560 }
561 561
562 562 return (ret);
563 563 }
564 564
565 565 static int
566 566 pr_control(long cmd, void *generic, prnode_t *pnp, cred_t *cr)
567 567 {
568 568 prcommon_t *pcp;
569 569 proc_t *p;
570 570 int unlocked;
571 571 int error = 0;
572 572 arg_t *argp = generic;
573 573
574 574 if (cmd == PCNULL)
575 575 return (0);
576 576
577 577 pcp = pnp->pr_common;
578 578 p = pcp->prc_proc;
579 579 ASSERT(p != NULL);
580 580
581 581 /* System processes defy control. */
582 582 if (p->p_flag & SSYS) {
583 583 prunlock(pnp);
584 584 return (EBUSY);
585 585 }
586 586
587 587 switch (cmd) {
588 588
589 589 default:
590 590 error = EINVAL;
591 591 break;
592 592
593 593 case PCSTOP: /* direct process or lwp to stop and wait for stop */
594 594 case PCDSTOP: /* direct process or lwp to stop, don't wait */
595 595 case PCWSTOP: /* wait for process or lwp to stop */
596 596 case PCTWSTOP: /* wait for process or lwp to stop, with timeout */
597 597 {
598 598 time_t timeo;
599 599
600 600 /*
601 601 * Can't apply to a system process.
602 602 */
603 603 if (p->p_as == &kas) {
604 604 error = EBUSY;
605 605 break;
606 606 }
607 607
608 608 if (cmd == PCSTOP || cmd == PCDSTOP)
609 609 pr_stop(pnp);
610 610
611 611 if (cmd == PCDSTOP)
612 612 break;
613 613
614 614 /*
615 615 * If an lwp is waiting for itself or its process,
616 616 * don't wait. The stopped lwp would never see the
617 617 * fact that it is stopped.
618 618 */
619 619 if ((pcp->prc_flags & PRC_LWP)?
620 620 (pcp->prc_thread == curthread) : (p == curproc)) {
621 621 if (cmd == PCWSTOP || cmd == PCTWSTOP)
622 622 error = EBUSY;
623 623 break;
624 624 }
625 625
626 626 timeo = (cmd == PCTWSTOP)? (time_t)argp->timeo : 0;
627 627 if ((error = pr_wait_stop(pnp, timeo)) != 0)
628 628 return (error);
629 629
630 630 break;
631 631 }
632 632
633 633 case PCRUN: /* make lwp or process runnable */
634 634 error = pr_setrun(pnp, argp->flags);
635 635 break;
636 636
637 637 case PCSTRACE: /* set signal trace mask */
638 638 pr_settrace(p, &argp->sigset);
639 639 break;
640 640
641 641 case PCSSIG: /* set current signal */
642 642 error = pr_setsig(pnp, &argp->siginfo);
643 643 if (argp->siginfo.si_signo == SIGKILL && error == 0) {
644 644 prunlock(pnp);
645 645 pr_wait_die(pnp);
646 646 return (-1);
647 647 }
648 648 break;
649 649
650 650 case PCKILL: /* send signal */
651 651 error = pr_kill(pnp, (int)argp->sig, cr);
652 652 if (error == 0 && argp->sig == SIGKILL) {
653 653 prunlock(pnp);
654 654 pr_wait_die(pnp);
655 655 return (-1);
656 656 }
657 657 break;
658 658
659 659 case PCUNKILL: /* delete a pending signal */
660 660 error = pr_unkill(pnp, (int)argp->sig);
661 661 break;
662 662
663 663 case PCNICE: /* set nice priority */
664 664 error = pr_nice(p, (int)argp->nice, cr);
665 665 break;
666 666
667 667 case PCSENTRY: /* set syscall entry bit mask */
668 668 case PCSEXIT: /* set syscall exit bit mask */
669 669 pr_setentryexit(p, &argp->sysset, cmd == PCSENTRY);
670 670 break;
671 671
672 672 case PCSET: /* set process flags */
673 673 error = pr_set(p, argp->flags);
674 674 break;
675 675
676 676 case PCUNSET: /* unset process flags */
677 677 error = pr_unset(p, argp->flags);
678 678 break;
679 679
680 680 case PCSREG: /* set general registers */
681 681 {
682 682 kthread_t *t = pr_thread(pnp);
683 683
684 684 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
685 685 thread_unlock(t);
686 686 error = EBUSY;
687 687 } else {
688 688 thread_unlock(t);
689 689 mutex_exit(&p->p_lock);
690 690 prsetprregs(ttolwp(t), argp->prgregset, 0);
691 691 mutex_enter(&p->p_lock);
692 692 }
693 693 break;
694 694 }
695 695
696 696 case PCSFPREG: /* set floating-point registers */
697 697 error = pr_setfpregs(pnp, &argp->prfpregset);
698 698 break;
699 699
700 700 case PCSXREG: /* set extra registers */
701 701 error = pr_setxregs(pnp, (prxregset_t *)argp);
702 702 break;
703 703
704 704 case PCSVADDR: /* set virtual address at which to resume */
705 705 error = pr_setvaddr(pnp, argp->vaddr);
706 706 break;
707 707
708 708 case PCSHOLD: /* set signal-hold mask */
709 709 pr_sethold(pnp, &argp->sigset);
710 710 break;
711 711
712 712 case PCSFAULT: /* set mask of traced faults */
713 713 pr_setfault(p, &argp->fltset);
714 714 break;
715 715
716 716 case PCCSIG: /* clear current signal */
717 717 error = pr_clearsig(pnp);
718 718 break;
719 719
720 720 case PCCFAULT: /* clear current fault */
721 721 error = pr_clearflt(pnp);
722 722 break;
723 723
724 724 case PCWATCH: /* set or clear watched areas */
725 725 error = pr_watch(pnp, &argp->prwatch, &unlocked);
726 726 if (error && unlocked)
727 727 return (error);
728 728 break;
729 729
730 730 case PCAGENT: /* create the /proc agent lwp in the target process */
731 731 error = pr_agent(pnp, argp->prgregset, &unlocked);
732 732 if (error && unlocked)
733 733 return (error);
734 734 break;
735 735
736 736 case PCREAD: /* read from the address space */
737 737 error = pr_rdwr(p, UIO_READ, &argp->priovec);
738 738 break;
739 739
740 740 case PCWRITE: /* write to the address space */
741 741 error = pr_rdwr(p, UIO_WRITE, &argp->priovec);
742 742 break;
743 743
744 744 case PCSCRED: /* set the process credentials */
745 745 case PCSCREDX:
746 746 error = pr_scred(p, &argp->prcred, cr, cmd == PCSCREDX);
747 747 break;
748 748
749 749 case PCSPRIV: /* set the process privileges */
750 750 error = pr_spriv(p, &argp->prpriv, cr);
751 751 break;
752 752 case PCSZONE: /* set the process's zoneid credentials */
753 753 error = pr_szoneid(p, (zoneid_t)argp->przoneid, cr);
754 754 break;
755 755 }
756 756
757 757 if (error)
758 758 prunlock(pnp);
759 759 return (error);
760 760 }
761 761
762 762 int
763 763 prwritectl(vnode_t *vp, uio_t *uiop, cred_t *cr)
764 764 {
765 765 return (prwritectl_common(vp, uiop, cr, proc_ctl_info,
766 766 ARRAY_SIZE(proc_ctl_info), sizeof (long), pr_control));
767 767 }
768 768
769 769 #ifdef _SYSCALL32_IMPL
770 770
771 771 typedef union {
772 772 int32_t sig; /* PCKILL, PCUNKILL */
773 773 int32_t nice; /* PCNICE */
774 774 int32_t timeo; /* PCTWSTOP */
775 775 uint32_t flags; /* PCRUN, PCSET, PCUNSET */
776 776 caddr32_t vaddr; /* PCSVADDR */
777 777 siginfo32_t siginfo; /* PCSSIG */
778 778 sigset_t sigset; /* PCSTRACE, PCSHOLD */
779 779 fltset_t fltset; /* PCSFAULT */
780 780 sysset_t sysset; /* PCSENTRY, PCSEXIT */
781 781 prgregset32_t prgregset; /* PCSREG, PCAGENT */
782 782 prfpregset32_t prfpregset; /* PCSFPREG */
783 783 prwatch32_t prwatch; /* PCWATCH */
784 784 priovec32_t priovec; /* PCREAD, PCWRITE */
785 785 prcred32_t prcred; /* PCSCRED */
786 786 prpriv_t prpriv; /* PCSPRIV */
787 787 int32_t przoneid; /* PCSZONE */
788 788 } arg32_t;
789 789
790 790 static int pr_setfpregs32(prnode_t *, prfpregset32_t *);
791 791
792 792 static boolean_t
793 793 prwritectl_pcscredx32_sizef(const void *datap, size_t *sizep)
794 794 {
795 795 const prcred32_t *cred = datap;
796 796
797 797 if (cred->pr_ngroups < 0 || cred->pr_ngroups > ngroups_max) {
798 798 return (B_FALSE);
799 799 }
800 800
801 801 if (cred->pr_ngroups == 0) {
802 802 *sizep = 0;
803 803 } else {
804 804 *sizep = (cred->pr_ngroups - 1) * sizeof (gid32_t);
805 805 }
806 806 return (B_TRUE);
807 807 }
808 808
809 809 /*
810 810 * When dealing with ILP32 code, we are not at a point where we can assume
811 811 * 64-bit aligned data. Any functions that are operating here must be aware of
812 812 * that.
813 813 */
814 814 static const proc_control_info_t proc_ctl_info32[] = {
815 815 { PCNULL, 0, NULL, NULL },
816 816 { PCSTOP, 0, NULL, NULL },
817 817 { PCDSTOP, 0, NULL, NULL },
818 818 { PCWSTOP, 0, NULL, NULL },
819 819 { PCCSIG, 0, NULL, NULL },
820 820 { PCCFAULT, 0, NULL, NULL },
821 821 { PCSSIG, sizeof (siginfo32_t), NULL, NULL },
822 822 { PCTWSTOP, sizeof (int32_t), NULL, NULL },
823 823 { PCKILL, sizeof (int32_t), NULL, NULL },
824 824 { PCUNKILL, sizeof (int32_t), NULL, NULL },
825 825 { PCNICE, sizeof (int32_t), NULL, NULL },
826 826 { PCRUN, sizeof (uint32_t), NULL, NULL },
827 827 { PCSET, sizeof (uint32_t), NULL, NULL },
828 828 { PCUNSET, sizeof (uint32_t), NULL, NULL },
829 829 { PCSVADDR, sizeof (caddr32_t), NULL, NULL },
830 830 { PCSTRACE, sizeof (sigset_t), NULL, NULL },
831 831 { PCSHOLD, sizeof (sigset_t), NULL, NULL },
832 832 { PCSFAULT, sizeof (fltset_t), NULL, NULL },
833 833 { PCSENTRY, sizeof (sysset_t), NULL, NULL },
834 834 { PCSEXIT, sizeof (sysset_t), NULL, NULL },
835 835 { PCSREG, sizeof (prgregset32_t), NULL, NULL },
836 836 { PCAGENT, sizeof (prgregset32_t), NULL, NULL },
837 837 { PCSFPREG, sizeof (prfpregset32_t), NULL, NULL },
838 838 { PCSXREG, 0, prwriteminxreg, prwritesizexreg },
839 839 { PCWATCH, sizeof (prwatch32_t), NULL },
840 840 { PCREAD, sizeof (priovec32_t), NULL, NULL },
841 841 { PCWRITE, sizeof (priovec32_t), NULL, NULL },
842 842 { PCSCRED, sizeof (prcred32_t), NULL, NULL },
843 843 { PCSCREDX, sizeof (prcred32_t), NULL, prwritectl_pcscredx32_sizef },
844 844 { PCSPRIV, sizeof (prpriv_t), NULL, prwritectl_pcspriv_sizef },
845 845 { PCSZONE, sizeof (long), NULL },
846 846 };
847 847
848 848 static int
849 849 pr_control32(long cmd, void *generic, prnode_t *pnp, cred_t *cr)
850 850 {
851 851 prcommon_t *pcp;
852 852 proc_t *p;
853 853 int unlocked;
854 854 int error = 0;
855 855 arg32_t *argp = generic;
856 856
857 857 if (cmd == PCNULL)
858 858 return (0);
859 859
860 860 pcp = pnp->pr_common;
861 861 p = pcp->prc_proc;
862 862 ASSERT(p != NULL);
863 863
864 864 if (p->p_flag & SSYS) {
865 865 prunlock(pnp);
866 866 return (EBUSY);
867 867 }
868 868
869 869 switch (cmd) {
870 870
871 871 default:
872 872 error = EINVAL;
873 873 break;
874 874
875 875 case PCSTOP: /* direct process or lwp to stop and wait for stop */
876 876 case PCDSTOP: /* direct process or lwp to stop, don't wait */
877 877 case PCWSTOP: /* wait for process or lwp to stop */
878 878 case PCTWSTOP: /* wait for process or lwp to stop, with timeout */
879 879 {
880 880 time_t timeo;
881 881
882 882 /*
883 883 * Can't apply to a system process.
884 884 */
885 885 if (p->p_as == &kas) {
886 886 error = EBUSY;
887 887 break;
888 888 }
889 889
890 890 if (cmd == PCSTOP || cmd == PCDSTOP)
891 891 pr_stop(pnp);
892 892
893 893 if (cmd == PCDSTOP)
894 894 break;
895 895
896 896 /*
897 897 * If an lwp is waiting for itself or its process,
898 898 * don't wait. The lwp will never see the fact that
899 899 * itself is stopped.
900 900 */
901 901 if ((pcp->prc_flags & PRC_LWP)?
902 902 (pcp->prc_thread == curthread) : (p == curproc)) {
903 903 if (cmd == PCWSTOP || cmd == PCTWSTOP)
904 904 error = EBUSY;
905 905 break;
906 906 }
907 907
908 908 timeo = (cmd == PCTWSTOP)? (time_t)argp->timeo : 0;
909 909 if ((error = pr_wait_stop(pnp, timeo)) != 0)
910 910 return (error);
911 911
912 912 break;
913 913 }
914 914
915 915 case PCRUN: /* make lwp or process runnable */
916 916 error = pr_setrun(pnp, (ulong_t)argp->flags);
917 917 break;
918 918
919 919 case PCSTRACE: /* set signal trace mask */
920 920 pr_settrace(p, &argp->sigset);
921 921 break;
922 922
923 923 case PCSSIG: /* set current signal */
924 924 if (PROCESS_NOT_32BIT(p))
925 925 error = EOVERFLOW;
926 926 else {
927 927 int sig = (int)argp->siginfo.si_signo;
928 928 siginfo_t siginfo;
929 929
930 930 bzero(&siginfo, sizeof (siginfo));
931 931 siginfo_32tok(&argp->siginfo, (k_siginfo_t *)&siginfo);
932 932 error = pr_setsig(pnp, &siginfo);
933 933 if (sig == SIGKILL && error == 0) {
934 934 prunlock(pnp);
935 935 pr_wait_die(pnp);
936 936 return (-1);
937 937 }
938 938 }
939 939 break;
940 940
941 941 case PCKILL: /* send signal */
942 942 error = pr_kill(pnp, (int)argp->sig, cr);
943 943 if (error == 0 && argp->sig == SIGKILL) {
944 944 prunlock(pnp);
945 945 pr_wait_die(pnp);
946 946 return (-1);
947 947 }
948 948 break;
949 949
950 950 case PCUNKILL: /* delete a pending signal */
951 951 error = pr_unkill(pnp, (int)argp->sig);
952 952 break;
953 953
954 954 case PCNICE: /* set nice priority */
955 955 error = pr_nice(p, (int)argp->nice, cr);
956 956 break;
957 957
958 958 case PCSENTRY: /* set syscall entry bit mask */
959 959 case PCSEXIT: /* set syscall exit bit mask */
960 960 pr_setentryexit(p, &argp->sysset, cmd == PCSENTRY);
961 961 break;
962 962
963 963 case PCSET: /* set process flags */
964 964 error = pr_set(p, (long)argp->flags);
965 965 break;
966 966
967 967 case PCUNSET: /* unset process flags */
968 968 error = pr_unset(p, (long)argp->flags);
969 969 break;
970 970
971 971 case PCSREG: /* set general registers */
972 972 if (PROCESS_NOT_32BIT(p))
973 973 error = EOVERFLOW;
974 974 else {
975 975 kthread_t *t = pr_thread(pnp);
976 976
977 977 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
978 978 thread_unlock(t);
979 979 error = EBUSY;
980 980 } else {
981 981 prgregset_t prgregset;
982 982 klwp_t *lwp = ttolwp(t);
983 983
984 984 thread_unlock(t);
985 985 mutex_exit(&p->p_lock);
986 986 prgregset_32ton(lwp, argp->prgregset,
987 987 prgregset);
988 988 prsetprregs(lwp, prgregset, 0);
989 989 mutex_enter(&p->p_lock);
990 990 }
991 991 }
992 992 break;
993 993
994 994 case PCSFPREG: /* set floating-point registers */
995 995 if (PROCESS_NOT_32BIT(p))
996 996 error = EOVERFLOW;
997 997 else
998 998 error = pr_setfpregs32(pnp, &argp->prfpregset);
999 999 break;
1000 1000
1001 1001 case PCSXREG: /* set extra registers */
1002 1002 if (PROCESS_NOT_32BIT(p))
1003 1003 error = EOVERFLOW;
1004 1004 else
1005 1005 error = pr_setxregs(pnp, (prxregset_t *)argp);
1006 1006 break;
1007 1007
1008 1008 case PCSVADDR: /* set virtual address at which to resume */
1009 1009 if (PROCESS_NOT_32BIT(p))
1010 1010 error = EOVERFLOW;
1011 1011 else
1012 1012 error = pr_setvaddr(pnp,
1013 1013 (caddr_t)(uintptr_t)argp->vaddr);
1014 1014 break;
1015 1015
1016 1016 case PCSHOLD: /* set signal-hold mask */
1017 1017 pr_sethold(pnp, &argp->sigset);
1018 1018 break;
1019 1019
1020 1020 case PCSFAULT: /* set mask of traced faults */
1021 1021 pr_setfault(p, &argp->fltset);
1022 1022 break;
1023 1023
1024 1024 case PCCSIG: /* clear current signal */
1025 1025 error = pr_clearsig(pnp);
1026 1026 break;
1027 1027
1028 1028 case PCCFAULT: /* clear current fault */
1029 1029 error = pr_clearflt(pnp);
1030 1030 break;
1031 1031
1032 1032 case PCWATCH: /* set or clear watched areas */
1033 1033 if (PROCESS_NOT_32BIT(p))
1034 1034 error = EOVERFLOW;
1035 1035 else {
1036 1036 prwatch_t prwatch;
1037 1037
1038 1038 prwatch.pr_vaddr = argp->prwatch.pr_vaddr;
1039 1039 prwatch.pr_size = argp->prwatch.pr_size;
1040 1040 prwatch.pr_wflags = argp->prwatch.pr_wflags;
1041 1041 prwatch.pr_pad = argp->prwatch.pr_pad;
1042 1042 error = pr_watch(pnp, &prwatch, &unlocked);
1043 1043 if (error && unlocked)
1044 1044 return (error);
1045 1045 }
1046 1046 break;
1047 1047
1048 1048 case PCAGENT: /* create the /proc agent lwp in the target process */
1049 1049 if (PROCESS_NOT_32BIT(p))
1050 1050 error = EOVERFLOW;
1051 1051 else {
1052 1052 prgregset_t prgregset;
1053 1053 kthread_t *t = pr_thread(pnp);
1054 1054 klwp_t *lwp = ttolwp(t);
1055 1055 thread_unlock(t);
1056 1056 mutex_exit(&p->p_lock);
1057 1057 prgregset_32ton(lwp, argp->prgregset, prgregset);
1058 1058 mutex_enter(&p->p_lock);
1059 1059 error = pr_agent(pnp, prgregset, &unlocked);
1060 1060 if (error && unlocked)
1061 1061 return (error);
1062 1062 }
1063 1063 break;
1064 1064
1065 1065 case PCREAD: /* read from the address space */
1066 1066 case PCWRITE: /* write to the address space */
1067 1067 if (PROCESS_NOT_32BIT(p) || (pnp->pr_flags & PR_OFFMAX))
1068 1068 error = EOVERFLOW;
1069 1069 else {
1070 1070 enum uio_rw rw = (cmd == PCREAD)? UIO_READ : UIO_WRITE;
1071 1071 priovec_t priovec;
1072 1072
1073 1073 priovec.pio_base =
1074 1074 (void *)(uintptr_t)argp->priovec.pio_base;
1075 1075 priovec.pio_len = (size_t)argp->priovec.pio_len;
1076 1076 priovec.pio_offset = (off_t)
1077 1077 (uint32_t)argp->priovec.pio_offset;
1078 1078 error = pr_rdwr(p, rw, &priovec);
1079 1079 }
1080 1080 break;
1081 1081
1082 1082 case PCSCRED: /* set the process credentials */
1083 1083 case PCSCREDX:
1084 1084 {
1085 1085 /*
1086 1086 * All the fields in these structures are exactly the
1087 1087 * same and so the structures are compatible. In case
1088 1088 * this ever changes, we catch this with the ASSERT
1089 1089 * below.
1090 1090 */
1091 1091 prcred_t *prcred = (prcred_t *)&argp->prcred;
1092 1092
1093 1093 #ifndef __lint
1094 1094 ASSERT(sizeof (prcred_t) == sizeof (prcred32_t));
1095 1095 #endif
1096 1096
1097 1097 error = pr_scred(p, prcred, cr, cmd == PCSCREDX);
1098 1098 break;
1099 1099 }
1100 1100
1101 1101 case PCSPRIV: /* set the process privileges */
1102 1102 error = pr_spriv(p, &argp->prpriv, cr);
1103 1103 break;
1104 1104
1105 1105 case PCSZONE: /* set the process's zoneid */
1106 1106 error = pr_szoneid(p, (zoneid_t)argp->przoneid, cr);
1107 1107 break;
1108 1108 }
1109 1109
1110 1110 if (error)
1111 1111 prunlock(pnp);
1112 1112 return (error);
1113 1113 }
1114 1114
1115 1115 int
1116 1116 prwritectl32(struct vnode *vp, struct uio *uiop, cred_t *cr)
1117 1117 {
1118 1118 return (prwritectl_common(vp, uiop, cr, proc_ctl_info32,
1119 1119 ARRAY_SIZE(proc_ctl_info32), sizeof (int32_t), pr_control32));
1120 1120 }
1121 1121 #endif /* _SYSCALL32_IMPL */
1122 1122
1123 1123 /*
1124 1124 * Return the specific or chosen thread/lwp for a control operation.
1125 1125 * Returns with the thread locked via thread_lock(t).
1126 1126 */
1127 1127 kthread_t *
1128 1128 pr_thread(prnode_t *pnp)
1129 1129 {
1130 1130 prcommon_t *pcp = pnp->pr_common;
1131 1131 kthread_t *t;
1132 1132
1133 1133 if (pcp->prc_flags & PRC_LWP) {
1134 1134 t = pcp->prc_thread;
1135 1135 ASSERT(t != NULL);
1136 1136 thread_lock(t);
1137 1137 } else {
1138 1138 proc_t *p = pcp->prc_proc;
1139 1139 t = prchoose(p); /* returns locked thread */
1140 1140 ASSERT(t != NULL);
1141 1141 }
1142 1142
1143 1143 return (t);
1144 1144 }
1145 1145
1146 1146 /*
1147 1147 * Direct the process or lwp to stop.
1148 1148 */
1149 1149 void
1150 1150 pr_stop(prnode_t *pnp)
1151 1151 {
1152 1152 prcommon_t *pcp = pnp->pr_common;
1153 1153 proc_t *p = pcp->prc_proc;
1154 1154 kthread_t *t;
1155 1155 vnode_t *vp;
1156 1156
1157 1157 /*
1158 1158 * If already stopped, do nothing; otherwise flag
1159 1159 * it to be stopped the next time it tries to run.
1160 1160 * If sleeping at interruptible priority, set it
1161 1161 * running so it will stop within cv_wait_sig().
1162 1162 *
1163 1163 * Take care to cooperate with jobcontrol: if an lwp
1164 1164 * is stopped due to the default action of a jobcontrol
1165 1165 * stop signal, flag it to be stopped the next time it
1166 1166 * starts due to a SIGCONT signal.
1167 1167 */
1168 1168 if (pcp->prc_flags & PRC_LWP)
1169 1169 t = pcp->prc_thread;
1170 1170 else
1171 1171 t = p->p_tlist;
1172 1172 ASSERT(t != NULL);
1173 1173
1174 1174 do {
1175 1175 int notify;
1176 1176
1177 1177 notify = 0;
1178 1178 thread_lock(t);
1179 1179 if (!ISTOPPED(t)) {
1180 1180 t->t_proc_flag |= TP_PRSTOP;
1181 1181 t->t_sig_check = 1; /* do ISSIG */
1182 1182 }
1183 1183
1184 1184 /* Move the thread from wait queue to run queue */
1185 1185 if (ISWAITING(t))
1186 1186 setrun_locked(t);
1187 1187
1188 1188 if (ISWAKEABLE(t)) {
1189 1189 if (t->t_wchan0 == NULL)
1190 1190 setrun_locked(t);
1191 1191 else if (!VSTOPPED(t)) {
1192 1192 /*
1193 1193 * Mark it virtually stopped.
1194 1194 */
1195 1195 t->t_proc_flag |= TP_PRVSTOP;
1196 1196 notify = 1;
1197 1197 }
1198 1198 }
1199 1199 /*
1200 1200 * force the thread into the kernel
1201 1201 * if it is not already there.
1202 1202 */
1203 1203 prpokethread(t);
1204 1204 thread_unlock(t);
1205 1205 if (notify &&
1206 1206 (vp = p->p_lwpdir[t->t_dslot].ld_entry->le_trace) != NULL)
1207 1207 prnotify(vp);
1208 1208 if (pcp->prc_flags & PRC_LWP)
1209 1209 break;
1210 1210 } while ((t = t->t_forw) != p->p_tlist);
1211 1211
1212 1212 /*
1213 1213 * We do this just in case the thread we asked
1214 1214 * to stop is in holdlwps() (called from cfork()).
1215 1215 */
1216 1216 cv_broadcast(&p->p_holdlwps);
1217 1217 }
1218 1218
1219 1219 /*
1220 1220 * Sleep until the lwp stops, but cooperate with
1221 1221 * jobcontrol: Don't wake up if the lwp is stopped
1222 1222 * due to the default action of a jobcontrol stop signal.
1223 1223 * If this is the process file descriptor, sleep
1224 1224 * until all of the process's lwps stop.
1225 1225 */
1226 1226 int
1227 1227 pr_wait_stop(prnode_t *pnp, time_t timeo)
1228 1228 {
1229 1229 prcommon_t *pcp = pnp->pr_common;
1230 1230 proc_t *p = pcp->prc_proc;
1231 1231 timestruc_t rqtime;
1232 1232 timestruc_t *rqtp = NULL;
1233 1233 int timecheck = 0;
1234 1234 kthread_t *t;
1235 1235 int error;
1236 1236
1237 1237 if (timeo > 0) { /* millisecond timeout */
1238 1238 /*
1239 1239 * Determine the precise future time of the requested timeout.
1240 1240 */
1241 1241 timestruc_t now;
1242 1242
1243 1243 timecheck = timechanged;
1244 1244 gethrestime(&now);
1245 1245 rqtp = &rqtime;
1246 1246 rqtp->tv_sec = timeo / MILLISEC;
1247 1247 rqtp->tv_nsec = (timeo % MILLISEC) * MICROSEC;
1248 1248 timespecadd(rqtp, &now);
1249 1249 }
1250 1250
1251 1251 if (pcp->prc_flags & PRC_LWP) { /* lwp file descriptor */
1252 1252 t = pcp->prc_thread;
1253 1253 ASSERT(t != NULL);
1254 1254 thread_lock(t);
1255 1255 while (!ISTOPPED(t) && !VSTOPPED(t)) {
1256 1256 thread_unlock(t);
1257 1257 mutex_enter(&pcp->prc_mutex);
1258 1258 prunlock(pnp);
1259 1259 error = pr_wait(pcp, rqtp, timecheck);
1260 1260 if (error) /* -1 is timeout */
1261 1261 return (error);
1262 1262 if ((error = prlock(pnp, ZNO)) != 0)
1263 1263 return (error);
1264 1264 ASSERT(p == pcp->prc_proc);
1265 1265 ASSERT(t == pcp->prc_thread);
1266 1266 thread_lock(t);
1267 1267 }
1268 1268 thread_unlock(t);
1269 1269 } else { /* process file descriptor */
1270 1270 t = prchoose(p); /* returns locked thread */
1271 1271 ASSERT(t != NULL);
1272 1272 ASSERT(MUTEX_HELD(&p->p_lock));
1273 1273 while ((!ISTOPPED(t) && !VSTOPPED(t) && !SUSPENDED(t)) ||
1274 1274 (p->p_flag & SEXITLWPS)) {
1275 1275 thread_unlock(t);
1276 1276 mutex_enter(&pcp->prc_mutex);
1277 1277 prunlock(pnp);
1278 1278 error = pr_wait(pcp, rqtp, timecheck);
1279 1279 if (error) /* -1 is timeout */
1280 1280 return (error);
1281 1281 if ((error = prlock(pnp, ZNO)) != 0)
1282 1282 return (error);
1283 1283 ASSERT(p == pcp->prc_proc);
1284 1284 t = prchoose(p); /* returns locked t */
1285 1285 ASSERT(t != NULL);
1286 1286 }
1287 1287 thread_unlock(t);
1288 1288 }
1289 1289
1290 1290 ASSERT(!(pcp->prc_flags & PRC_DESTROY) && p->p_stat != SZOMB &&
1291 1291 t != NULL && t->t_state != TS_ZOMB);
1292 1292
1293 1293 return (0);
1294 1294 }
1295 1295
1296 1296 int
1297 1297 pr_setrun(prnode_t *pnp, ulong_t flags)
1298 1298 {
1299 1299 prcommon_t *pcp = pnp->pr_common;
1300 1300 proc_t *p = pcp->prc_proc;
1301 1301 kthread_t *t;
1302 1302 klwp_t *lwp;
1303 1303
1304 1304 /*
1305 1305 * Cannot set an lwp running if it is not stopped.
1306 1306 * Also, no lwp other than the /proc agent lwp can
1307 1307 * be set running so long as the /proc agent lwp exists.
1308 1308 */
1309 1309 t = pr_thread(pnp); /* returns locked thread */
1310 1310 if ((!ISTOPPED(t) && !VSTOPPED(t) &&
1311 1311 !(t->t_proc_flag & TP_PRSTOP)) ||
1312 1312 (p->p_agenttp != NULL &&
1313 1313 (t != p->p_agenttp || !(pcp->prc_flags & PRC_LWP)))) {
1314 1314 thread_unlock(t);
1315 1315 return (EBUSY);
1316 1316 }
1317 1317 thread_unlock(t);
1318 1318 if (flags & ~(PRCSIG|PRCFAULT|PRSTEP|PRSTOP|PRSABORT))
1319 1319 return (EINVAL);
1320 1320 lwp = ttolwp(t);
1321 1321 if ((flags & PRCSIG) && lwp->lwp_cursig != SIGKILL) {
1322 1322 /*
1323 1323 * Discard current siginfo_t, if any.
1324 1324 */
1325 1325 lwp->lwp_cursig = 0;
1326 1326 lwp->lwp_extsig = 0;
1327 1327 if (lwp->lwp_curinfo) {
1328 1328 siginfofree(lwp->lwp_curinfo);
1329 1329 lwp->lwp_curinfo = NULL;
1330 1330 }
1331 1331 }
1332 1332 if (flags & PRCFAULT)
1333 1333 lwp->lwp_curflt = 0;
1334 1334 /*
1335 1335 * We can't hold p->p_lock when we touch the lwp's registers.
1336 1336 * It may be swapped out and we will get a page fault.
1337 1337 */
1338 1338 if (flags & PRSTEP) {
1339 1339 mutex_exit(&p->p_lock);
1340 1340 prstep(lwp, 0);
1341 1341 mutex_enter(&p->p_lock);
1342 1342 }
1343 1343 if (flags & PRSTOP) {
1344 1344 t->t_proc_flag |= TP_PRSTOP;
1345 1345 t->t_sig_check = 1; /* do ISSIG */
1346 1346 }
1347 1347 if (flags & PRSABORT)
1348 1348 lwp->lwp_sysabort = 1;
1349 1349 thread_lock(t);
1350 1350 if ((pcp->prc_flags & PRC_LWP) || (flags & (PRSTEP|PRSTOP))) {
1351 1351 /*
1352 1352 * Here, we are dealing with a single lwp.
1353 1353 */
1354 1354 if (ISTOPPED(t)) {
1355 1355 t->t_schedflag |= TS_PSTART;
1356 1356 t->t_dtrace_stop = 0;
1357 1357 setrun_locked(t);
1358 1358 } else if (flags & PRSABORT) {
1359 1359 t->t_proc_flag &=
1360 1360 ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1361 1361 setrun_locked(t);
1362 1362 } else if (!(flags & PRSTOP)) {
1363 1363 t->t_proc_flag &=
1364 1364 ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1365 1365 }
1366 1366 thread_unlock(t);
1367 1367 } else {
1368 1368 /*
1369 1369 * Here, we are dealing with the whole process.
1370 1370 */
1371 1371 if (ISTOPPED(t)) {
1372 1372 /*
1373 1373 * The representative lwp is stopped on an event
1374 1374 * of interest. We demote it to PR_REQUESTED and
1375 1375 * choose another representative lwp. If the new
1376 1376 * representative lwp is not stopped on an event of
1377 1377 * interest (other than PR_REQUESTED), we set the
1378 1378 * whole process running, else we leave the process
1379 1379 * stopped showing the next event of interest.
1380 1380 */
1381 1381 kthread_t *tx = NULL;
1382 1382
1383 1383 if (!(flags & PRSABORT) &&
1384 1384 t->t_whystop == PR_SYSENTRY &&
1385 1385 t->t_whatstop == SYS_lwp_exit)
1386 1386 tx = t; /* remember the exiting lwp */
1387 1387 t->t_whystop = PR_REQUESTED;
1388 1388 t->t_whatstop = 0;
1389 1389 thread_unlock(t);
1390 1390 t = prchoose(p); /* returns locked t */
1391 1391 ASSERT(ISTOPPED(t) || VSTOPPED(t));
1392 1392 if (VSTOPPED(t) ||
1393 1393 t->t_whystop == PR_REQUESTED) {
1394 1394 thread_unlock(t);
1395 1395 allsetrun(p);
1396 1396 } else {
1397 1397 thread_unlock(t);
1398 1398 /*
1399 1399 * As a special case, if the old representative
1400 1400 * lwp was stopped on entry to _lwp_exit()
1401 1401 * (and we are not aborting the system call),
1402 1402 * we set the old representative lwp running.
1403 1403 * We do this so that the next process stop
1404 1404 * will find the exiting lwp gone.
1405 1405 */
1406 1406 if (tx != NULL) {
1407 1407 thread_lock(tx);
1408 1408 tx->t_schedflag |= TS_PSTART;
1409 1409 t->t_dtrace_stop = 0;
1410 1410 setrun_locked(tx);
1411 1411 thread_unlock(tx);
1412 1412 }
1413 1413 }
1414 1414 } else {
1415 1415 /*
1416 1416 * No event of interest; set all of the lwps running.
1417 1417 */
1418 1418 if (flags & PRSABORT) {
1419 1419 t->t_proc_flag &=
1420 1420 ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1421 1421 setrun_locked(t);
1422 1422 }
1423 1423 thread_unlock(t);
1424 1424 allsetrun(p);
1425 1425 }
1426 1426 }
1427 1427 return (0);
1428 1428 }
1429 1429
1430 1430 /*
1431 1431 * Wait until process/lwp stops or until timer expires.
1432 1432 * Return EINTR for an interruption, -1 for timeout, else 0.
1433 1433 */
1434 1434 int
1435 1435 pr_wait(prcommon_t *pcp, /* prcommon referring to process/lwp */
1436 1436 timestruc_t *ts, /* absolute time of timeout, if any */
1437 1437 int timecheck)
1438 1438 {
1439 1439 int rval;
1440 1440
1441 1441 ASSERT(MUTEX_HELD(&pcp->prc_mutex));
1442 1442 rval = cv_waituntil_sig(&pcp->prc_wait, &pcp->prc_mutex, ts, timecheck);
1443 1443 mutex_exit(&pcp->prc_mutex);
1444 1444 switch (rval) {
1445 1445 case 0:
1446 1446 return (EINTR);
1447 1447 case -1:
1448 1448 return (-1);
1449 1449 default:
1450 1450 return (0);
1451 1451 }
1452 1452 }
1453 1453
1454 1454 /*
1455 1455 * Make all threads in the process runnable.
1456 1456 */
1457 1457 void
1458 1458 allsetrun(proc_t *p)
1459 1459 {
1460 1460 kthread_t *t;
1461 1461
1462 1462 ASSERT(MUTEX_HELD(&p->p_lock));
1463 1463
1464 1464 if ((t = p->p_tlist) != NULL) {
1465 1465 do {
1466 1466 thread_lock(t);
1467 1467 ASSERT(!(t->t_proc_flag & TP_LWPEXIT));
1468 1468 t->t_proc_flag &= ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1469 1469 if (ISTOPPED(t)) {
1470 1470 t->t_schedflag |= TS_PSTART;
1471 1471 t->t_dtrace_stop = 0;
1472 1472 setrun_locked(t);
1473 1473 }
1474 1474 thread_unlock(t);
1475 1475 } while ((t = t->t_forw) != p->p_tlist);
1476 1476 }
1477 1477 }
1478 1478
1479 1479 /*
1480 1480 * Wait for the process to die.
1481 1481 * We do this after sending SIGKILL because we know it will
1482 1482 * die soon and we want subsequent operations to return ENOENT.
1483 1483 */
1484 1484 void
1485 1485 pr_wait_die(prnode_t *pnp)
1486 1486 {
1487 1487 proc_t *p;
1488 1488
1489 1489 mutex_enter(&pidlock);
1490 1490 while ((p = pnp->pr_common->prc_proc) != NULL && p->p_stat != SZOMB) {
1491 1491 if (!cv_wait_sig(&p->p_srwchan_cv, &pidlock))
1492 1492 break;
1493 1493 }
1494 1494 mutex_exit(&pidlock);
1495 1495 }
1496 1496
1497 1497 static void
1498 1498 pr_settrace(proc_t *p, sigset_t *sp)
1499 1499 {
1500 1500 prdelset(sp, SIGKILL);
1501 1501 prassignset(&p->p_sigmask, sp);
1502 1502 if (!sigisempty(&p->p_sigmask))
1503 1503 p->p_proc_flag |= P_PR_TRACE;
1504 1504 else if (prisempty(&p->p_fltmask)) {
1505 1505 user_t *up = PTOU(p);
1506 1506 if (up->u_systrap == 0)
1507 1507 p->p_proc_flag &= ~P_PR_TRACE;
1508 1508 }
1509 1509 }
1510 1510
1511 1511 int
1512 1512 pr_setsig(prnode_t *pnp, siginfo_t *sip)
1513 1513 {
1514 1514 int nsig = PROC_IS_BRANDED(curproc)? BROP(curproc)->b_nsig : NSIG;
1515 1515 int sig = sip->si_signo;
1516 1516 prcommon_t *pcp = pnp->pr_common;
1517 1517 proc_t *p = pcp->prc_proc;
1518 1518 kthread_t *t;
1519 1519 klwp_t *lwp;
1520 1520 int error = 0;
1521 1521
1522 1522 t = pr_thread(pnp); /* returns locked thread */
1523 1523 thread_unlock(t);
1524 1524 lwp = ttolwp(t);
1525 1525 if (sig < 0 || sig >= nsig)
1526 1526 /* Zero allowed here */
1527 1527 error = EINVAL;
1528 1528 else if (lwp->lwp_cursig == SIGKILL)
1529 1529 /* "can't happen", but just in case */
1530 1530 error = EBUSY;
1531 1531 else if ((lwp->lwp_cursig = (uchar_t)sig) == 0) {
1532 1532 lwp->lwp_extsig = 0;
1533 1533 /*
1534 1534 * Discard current siginfo_t, if any.
1535 1535 */
1536 1536 if (lwp->lwp_curinfo) {
1537 1537 siginfofree(lwp->lwp_curinfo);
1538 1538 lwp->lwp_curinfo = NULL;
1539 1539 }
1540 1540 } else {
1541 1541 kthread_t *tx;
1542 1542 sigqueue_t *sqp;
1543 1543
1544 1544 /* drop p_lock to do kmem_alloc(KM_SLEEP) */
1545 1545 mutex_exit(&p->p_lock);
1546 1546 sqp = kmem_zalloc(sizeof (sigqueue_t), KM_SLEEP);
1547 1547 mutex_enter(&p->p_lock);
1548 1548
1549 1549 if (lwp->lwp_curinfo == NULL)
1550 1550 lwp->lwp_curinfo = sqp;
1551 1551 else
1552 1552 kmem_free(sqp, sizeof (sigqueue_t));
1553 1553 /*
1554 1554 * Copy contents of info to current siginfo_t.
1555 1555 */
1556 1556 bcopy(sip, &lwp->lwp_curinfo->sq_info,
1557 1557 sizeof (lwp->lwp_curinfo->sq_info));
1558 1558 /*
1559 1559 * Prevent contents published by si_zoneid-unaware /proc
1560 1560 * consumers from being incorrectly filtered. Because
1561 1561 * an uninitialized si_zoneid is the same as
1562 1562 * GLOBAL_ZONEID, this means that you can't pr_setsig a
1563 1563 * process in a non-global zone with a siginfo which
1564 1564 * appears to come from the global zone.
1565 1565 */
1566 1566 if (SI_FROMUSER(sip) && sip->si_zoneid == 0)
1567 1567 lwp->lwp_curinfo->sq_info.si_zoneid =
1568 1568 p->p_zone->zone_id;
1569 1569 /*
1570 1570 * Side-effects for SIGKILL and jobcontrol signals.
1571 1571 */
1572 1572 if (sig == SIGKILL) {
1573 1573 p->p_flag |= SKILLED;
1574 1574 p->p_flag &= ~SEXTKILLED;
1575 1575 } else if (sig == SIGCONT) {
1576 1576 p->p_flag |= SSCONT;
1577 1577 sigdelq(p, NULL, SIGSTOP);
1578 1578 sigdelq(p, NULL, SIGTSTP);
1579 1579 sigdelq(p, NULL, SIGTTOU);
1580 1580 sigdelq(p, NULL, SIGTTIN);
1581 1581 sigdiffset(&p->p_sig, &stopdefault);
1582 1582 sigdiffset(&p->p_extsig, &stopdefault);
1583 1583 if ((tx = p->p_tlist) != NULL) {
1584 1584 do {
1585 1585 sigdelq(p, tx, SIGSTOP);
1586 1586 sigdelq(p, tx, SIGTSTP);
1587 1587 sigdelq(p, tx, SIGTTOU);
1588 1588 sigdelq(p, tx, SIGTTIN);
1589 1589 sigdiffset(&tx->t_sig, &stopdefault);
1590 1590 sigdiffset(&tx->t_extsig, &stopdefault);
1591 1591 } while ((tx = tx->t_forw) != p->p_tlist);
1592 1592 }
1593 1593 } else if (sigismember(&stopdefault, sig)) {
1594 1594 if (PTOU(p)->u_signal[sig-1] == SIG_DFL &&
1595 1595 (sig == SIGSTOP || !p->p_pgidp->pid_pgorphaned))
1596 1596 p->p_flag &= ~SSCONT;
1597 1597 sigdelq(p, NULL, SIGCONT);
1598 1598 sigdelset(&p->p_sig, SIGCONT);
1599 1599 sigdelset(&p->p_extsig, SIGCONT);
1600 1600 if ((tx = p->p_tlist) != NULL) {
1601 1601 do {
1602 1602 sigdelq(p, tx, SIGCONT);
1603 1603 sigdelset(&tx->t_sig, SIGCONT);
1604 1604 sigdelset(&tx->t_extsig, SIGCONT);
|
↓ open down ↓ |
1566 lines elided |
↑ open up ↑ |
1605 1605 } while ((tx = tx->t_forw) != p->p_tlist);
1606 1606 }
1607 1607 }
1608 1608 thread_lock(t);
1609 1609 if (ISWAKEABLE(t) || ISWAITING(t)) {
1610 1610 /* Set signaled sleeping/waiting lwp running */
1611 1611 setrun_locked(t);
1612 1612 } else if (t->t_state == TS_STOPPED && sig == SIGKILL) {
1613 1613 /* If SIGKILL, set stopped lwp running */
1614 1614 p->p_stopsig = 0;
1615 - t->t_schedflag |= TS_XSTART | TS_PSTART;
1615 + t->t_schedflag |= TS_XSTART | TS_PSTART | TS_BSTART;
1616 1616 t->t_dtrace_stop = 0;
1617 1617 setrun_locked(t);
1618 1618 }
1619 1619 t->t_sig_check = 1; /* so ISSIG will be done */
1620 1620 thread_unlock(t);
1621 1621 /*
1622 1622 * More jobcontrol side-effects.
1623 1623 */
1624 1624 if (sig == SIGCONT && (tx = p->p_tlist) != NULL) {
1625 1625 p->p_stopsig = 0;
1626 1626 do {
1627 1627 thread_lock(tx);
1628 1628 if (tx->t_state == TS_STOPPED &&
1629 1629 tx->t_whystop == PR_JOBCONTROL) {
1630 1630 tx->t_schedflag |= TS_XSTART;
1631 1631 setrun_locked(tx);
1632 1632 }
1633 1633 thread_unlock(tx);
1634 1634 } while ((tx = tx->t_forw) != p->p_tlist);
1635 1635 }
1636 1636 }
1637 1637 return (error);
1638 1638 }
1639 1639
1640 1640 int
1641 1641 pr_kill(prnode_t *pnp, int sig, cred_t *cr)
1642 1642 {
1643 1643 int nsig = PROC_IS_BRANDED(curproc)? BROP(curproc)->b_nsig : NSIG;
1644 1644 prcommon_t *pcp = pnp->pr_common;
1645 1645 proc_t *p = pcp->prc_proc;
1646 1646 k_siginfo_t info;
1647 1647
1648 1648 if (sig <= 0 || sig >= nsig)
1649 1649 return (EINVAL);
1650 1650
1651 1651 bzero(&info, sizeof (info));
1652 1652 info.si_signo = sig;
1653 1653 info.si_code = SI_USER;
1654 1654 info.si_pid = curproc->p_pid;
1655 1655 info.si_ctid = PRCTID(curproc);
1656 1656 info.si_zoneid = getzoneid();
1657 1657 info.si_uid = crgetruid(cr);
1658 1658 sigaddq(p, (pcp->prc_flags & PRC_LWP)?
1659 1659 pcp->prc_thread : NULL, &info, KM_NOSLEEP);
1660 1660
1661 1661 return (0);
1662 1662 }
1663 1663
1664 1664 int
1665 1665 pr_unkill(prnode_t *pnp, int sig)
1666 1666 {
1667 1667 int nsig = PROC_IS_BRANDED(curproc)? BROP(curproc)->b_nsig : NSIG;
1668 1668 prcommon_t *pcp = pnp->pr_common;
1669 1669 proc_t *p = pcp->prc_proc;
1670 1670 sigqueue_t *infop = NULL;
1671 1671
1672 1672 if (sig <= 0 || sig >= nsig || sig == SIGKILL)
1673 1673 return (EINVAL);
1674 1674
1675 1675 if (pcp->prc_flags & PRC_LWP)
1676 1676 sigdeq(p, pcp->prc_thread, sig, &infop);
1677 1677 else
1678 1678 sigdeq(p, NULL, sig, &infop);
1679 1679
1680 1680 if (infop)
1681 1681 siginfofree(infop);
1682 1682
1683 1683 return (0);
1684 1684 }
1685 1685
1686 1686 int
1687 1687 pr_nice(proc_t *p, int nice, cred_t *cr)
1688 1688 {
1689 1689 kthread_t *t;
1690 1690 int err;
1691 1691 int error = 0;
1692 1692
1693 1693 t = p->p_tlist;
1694 1694 do {
1695 1695 ASSERT(!(t->t_proc_flag & TP_LWPEXIT));
1696 1696 err = CL_DONICE(t, cr, nice, (int *)NULL);
1697 1697 schedctl_set_cidpri(t);
1698 1698 if (error == 0)
1699 1699 error = err;
1700 1700 } while ((t = t->t_forw) != p->p_tlist);
1701 1701
1702 1702 return (error);
1703 1703 }
1704 1704
1705 1705 void
1706 1706 pr_setentryexit(proc_t *p, sysset_t *sysset, int entry)
1707 1707 {
1708 1708 user_t *up = PTOU(p);
1709 1709
1710 1710 if (entry) {
1711 1711 prassignset(&up->u_entrymask, sysset);
1712 1712 } else {
1713 1713 prassignset(&up->u_exitmask, sysset);
1714 1714 }
1715 1715 if (!prisempty(&up->u_entrymask) ||
1716 1716 !prisempty(&up->u_exitmask)) {
1717 1717 up->u_systrap = 1;
1718 1718 p->p_proc_flag |= P_PR_TRACE;
1719 1719 set_proc_sys(p); /* set pre and post-sys flags */
1720 1720 } else {
1721 1721 up->u_systrap = 0;
1722 1722 if (sigisempty(&p->p_sigmask) &&
1723 1723 prisempty(&p->p_fltmask))
1724 1724 p->p_proc_flag &= ~P_PR_TRACE;
1725 1725 }
1726 1726 }
1727 1727
1728 1728 #define ALLFLAGS \
1729 1729 (PR_FORK|PR_RLC|PR_KLC|PR_ASYNC|PR_BPTADJ|PR_MSACCT|PR_MSFORK|PR_PTRACE)
1730 1730
1731 1731 int
1732 1732 pr_set(proc_t *p, long flags)
1733 1733 {
1734 1734 if ((p->p_flag & SSYS) || p->p_as == &kas)
1735 1735 return (EBUSY);
1736 1736
1737 1737 if (flags & ~ALLFLAGS)
1738 1738 return (EINVAL);
1739 1739
1740 1740 if (flags & PR_FORK)
1741 1741 p->p_proc_flag |= P_PR_FORK;
1742 1742 if (flags & PR_RLC)
1743 1743 p->p_proc_flag |= P_PR_RUNLCL;
1744 1744 if (flags & PR_KLC)
1745 1745 p->p_proc_flag |= P_PR_KILLCL;
1746 1746 if (flags & PR_ASYNC)
1747 1747 p->p_proc_flag |= P_PR_ASYNC;
1748 1748 if (flags & PR_BPTADJ)
1749 1749 p->p_proc_flag |= P_PR_BPTADJ;
1750 1750 if (flags & PR_MSACCT)
1751 1751 if ((p->p_flag & SMSACCT) == 0)
1752 1752 estimate_msacct(p->p_tlist, gethrtime());
1753 1753 if (flags & PR_MSFORK)
1754 1754 p->p_flag |= SMSFORK;
1755 1755 if (flags & PR_PTRACE) {
1756 1756 p->p_proc_flag |= P_PR_PTRACE;
1757 1757 /* ptraced process must die if parent dead */
1758 1758 if (p->p_ppid == 1)
1759 1759 sigtoproc(p, NULL, SIGKILL);
1760 1760 }
1761 1761
1762 1762 return (0);
1763 1763 }
1764 1764
1765 1765 int
1766 1766 pr_unset(proc_t *p, long flags)
1767 1767 {
1768 1768 if ((p->p_flag & SSYS) || p->p_as == &kas)
1769 1769 return (EBUSY);
1770 1770
1771 1771 if (flags & ~ALLFLAGS)
1772 1772 return (EINVAL);
1773 1773
1774 1774 if (flags & PR_FORK)
1775 1775 p->p_proc_flag &= ~P_PR_FORK;
1776 1776 if (flags & PR_RLC)
1777 1777 p->p_proc_flag &= ~P_PR_RUNLCL;
1778 1778 if (flags & PR_KLC)
1779 1779 p->p_proc_flag &= ~P_PR_KILLCL;
1780 1780 if (flags & PR_ASYNC)
1781 1781 p->p_proc_flag &= ~P_PR_ASYNC;
1782 1782 if (flags & PR_BPTADJ)
1783 1783 p->p_proc_flag &= ~P_PR_BPTADJ;
1784 1784 if (flags & PR_MSACCT)
1785 1785 disable_msacct(p);
1786 1786 if (flags & PR_MSFORK)
1787 1787 p->p_flag &= ~SMSFORK;
1788 1788 if (flags & PR_PTRACE)
1789 1789 p->p_proc_flag &= ~P_PR_PTRACE;
1790 1790
1791 1791 return (0);
1792 1792 }
1793 1793
1794 1794 static int
1795 1795 pr_setfpregs(prnode_t *pnp, prfpregset_t *prfpregset)
1796 1796 {
1797 1797 proc_t *p = pnp->pr_common->prc_proc;
1798 1798 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1799 1799
1800 1800 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1801 1801 thread_unlock(t);
1802 1802 return (EBUSY);
1803 1803 }
1804 1804 if (!prhasfp()) {
1805 1805 thread_unlock(t);
1806 1806 return (EINVAL); /* No FP support */
1807 1807 }
1808 1808
1809 1809 /* drop p_lock while touching the lwp's stack */
1810 1810 thread_unlock(t);
1811 1811 mutex_exit(&p->p_lock);
1812 1812 prsetprfpregs(ttolwp(t), prfpregset);
1813 1813 mutex_enter(&p->p_lock);
1814 1814
1815 1815 return (0);
1816 1816 }
1817 1817
1818 1818 #ifdef _SYSCALL32_IMPL
1819 1819 static int
1820 1820 pr_setfpregs32(prnode_t *pnp, prfpregset32_t *prfpregset)
1821 1821 {
1822 1822 proc_t *p = pnp->pr_common->prc_proc;
1823 1823 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1824 1824
1825 1825 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1826 1826 thread_unlock(t);
1827 1827 return (EBUSY);
1828 1828 }
1829 1829 if (!prhasfp()) {
1830 1830 thread_unlock(t);
1831 1831 return (EINVAL); /* No FP support */
1832 1832 }
1833 1833
1834 1834 /* drop p_lock while touching the lwp's stack */
1835 1835 thread_unlock(t);
1836 1836 mutex_exit(&p->p_lock);
1837 1837 prsetprfpregs32(ttolwp(t), prfpregset);
1838 1838 mutex_enter(&p->p_lock);
1839 1839
1840 1840 return (0);
1841 1841 }
1842 1842 #endif /* _SYSCALL32_IMPL */
1843 1843
1844 1844 /* ARGSUSED */
1845 1845 static int
1846 1846 pr_setxregs(prnode_t *pnp, prxregset_t *prxregset)
1847 1847 {
1848 1848 int error;
1849 1849 proc_t *p = pnp->pr_common->prc_proc;
1850 1850 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1851 1851
1852 1852 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1853 1853 thread_unlock(t);
1854 1854 return (EBUSY);
1855 1855 }
1856 1856 thread_unlock(t);
1857 1857
1858 1858 if (!prhasx(p))
1859 1859 return (EINVAL); /* No extra register support */
1860 1860
1861 1861 /* drop p_lock while touching the lwp's stack */
1862 1862 mutex_exit(&p->p_lock);
1863 1863 error = prsetprxregs(ttolwp(t), prxregset);
1864 1864 mutex_enter(&p->p_lock);
1865 1865
1866 1866 return (error);
1867 1867 }
1868 1868
1869 1869 static int
1870 1870 pr_setvaddr(prnode_t *pnp, caddr_t vaddr)
1871 1871 {
1872 1872 proc_t *p = pnp->pr_common->prc_proc;
1873 1873 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1874 1874
1875 1875 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1876 1876 thread_unlock(t);
1877 1877 return (EBUSY);
1878 1878 }
1879 1879
1880 1880 /* drop p_lock while touching the lwp's stack */
1881 1881 thread_unlock(t);
1882 1882 mutex_exit(&p->p_lock);
1883 1883 prsvaddr(ttolwp(t), vaddr);
1884 1884 mutex_enter(&p->p_lock);
1885 1885
1886 1886 return (0);
1887 1887 }
1888 1888
1889 1889 void
1890 1890 pr_sethold(prnode_t *pnp, sigset_t *sp)
1891 1891 {
1892 1892 proc_t *p = pnp->pr_common->prc_proc;
1893 1893 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1894 1894
1895 1895 schedctl_finish_sigblock(t);
1896 1896 sigutok(sp, &t->t_hold);
1897 1897 if (ISWAKEABLE(t) &&
1898 1898 (fsig(&p->p_sig, t) || fsig(&t->t_sig, t)))
1899 1899 setrun_locked(t);
1900 1900 t->t_sig_check = 1; /* so thread will see new holdmask */
1901 1901 thread_unlock(t);
1902 1902 }
1903 1903
1904 1904 void
1905 1905 pr_setfault(proc_t *p, fltset_t *fltp)
1906 1906 {
1907 1907 prassignset(&p->p_fltmask, fltp);
1908 1908 if (!prisempty(&p->p_fltmask))
1909 1909 p->p_proc_flag |= P_PR_TRACE;
1910 1910 else if (sigisempty(&p->p_sigmask)) {
1911 1911 user_t *up = PTOU(p);
1912 1912 if (up->u_systrap == 0)
1913 1913 p->p_proc_flag &= ~P_PR_TRACE;
1914 1914 }
1915 1915 }
1916 1916
1917 1917 static int
1918 1918 pr_clearsig(prnode_t *pnp)
1919 1919 {
1920 1920 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1921 1921 klwp_t *lwp = ttolwp(t);
1922 1922
1923 1923 thread_unlock(t);
1924 1924 if (lwp->lwp_cursig == SIGKILL)
1925 1925 return (EBUSY);
1926 1926
1927 1927 /*
1928 1928 * Discard current siginfo_t, if any.
1929 1929 */
1930 1930 lwp->lwp_cursig = 0;
1931 1931 lwp->lwp_extsig = 0;
1932 1932 if (lwp->lwp_curinfo) {
1933 1933 siginfofree(lwp->lwp_curinfo);
1934 1934 lwp->lwp_curinfo = NULL;
1935 1935 }
1936 1936
1937 1937 return (0);
1938 1938 }
1939 1939
1940 1940 static int
1941 1941 pr_clearflt(prnode_t *pnp)
1942 1942 {
1943 1943 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1944 1944
1945 1945 thread_unlock(t);
1946 1946 ttolwp(t)->lwp_curflt = 0;
1947 1947
1948 1948 return (0);
1949 1949 }
1950 1950
1951 1951 static int
1952 1952 pr_watch(prnode_t *pnp, prwatch_t *pwp, int *unlocked)
1953 1953 {
1954 1954 proc_t *p = pnp->pr_common->prc_proc;
1955 1955 struct as *as = p->p_as;
1956 1956 uintptr_t vaddr = pwp->pr_vaddr;
1957 1957 size_t size = pwp->pr_size;
1958 1958 int wflags = pwp->pr_wflags;
1959 1959 ulong_t newpage = 0;
1960 1960 struct watched_area *pwa;
1961 1961 int error;
1962 1962
1963 1963 *unlocked = 0;
1964 1964
1965 1965 /*
1966 1966 * Can't apply to a system process.
1967 1967 */
1968 1968 if ((p->p_flag & SSYS) || p->p_as == &kas)
1969 1969 return (EBUSY);
1970 1970
1971 1971 /*
1972 1972 * Verify that the address range does not wrap
1973 1973 * and that only the proper flags were specified.
1974 1974 */
1975 1975 if ((wflags & ~WA_TRAPAFTER) == 0)
1976 1976 size = 0;
1977 1977 if (vaddr + size < vaddr ||
1978 1978 (wflags & ~(WA_READ|WA_WRITE|WA_EXEC|WA_TRAPAFTER)) != 0 ||
1979 1979 ((wflags & ~WA_TRAPAFTER) != 0 && size == 0))
1980 1980 return (EINVAL);
1981 1981
1982 1982 /*
1983 1983 * Don't let the address range go above as->a_userlimit.
1984 1984 * There is no error here, just a limitation.
1985 1985 */
1986 1986 if (vaddr >= (uintptr_t)as->a_userlimit)
1987 1987 return (0);
1988 1988 if (vaddr + size > (uintptr_t)as->a_userlimit)
1989 1989 size = (uintptr_t)as->a_userlimit - vaddr;
1990 1990
1991 1991 /*
1992 1992 * Compute maximum number of pages this will add.
1993 1993 */
1994 1994 if ((wflags & ~WA_TRAPAFTER) != 0) {
1995 1995 ulong_t pagespan = (vaddr + size) - (vaddr & PAGEMASK);
1996 1996 newpage = btopr(pagespan);
1997 1997 if (newpage > 2 * prnwatch)
1998 1998 return (E2BIG);
1999 1999 }
2000 2000
2001 2001 /*
2002 2002 * Force the process to be fully stopped.
2003 2003 */
2004 2004 if (p == curproc) {
2005 2005 prunlock(pnp);
2006 2006 while (holdwatch() != 0)
2007 2007 continue;
2008 2008 if ((error = prlock(pnp, ZNO)) != 0) {
2009 2009 continuelwps(p);
2010 2010 *unlocked = 1;
2011 2011 return (error);
2012 2012 }
2013 2013 } else {
2014 2014 pauselwps(p);
2015 2015 while (pr_allstopped(p, 0) > 0) {
2016 2016 /*
2017 2017 * This cv/mutex pair is persistent even
2018 2018 * if the process disappears after we
2019 2019 * unmark it and drop p->p_lock.
2020 2020 */
2021 2021 kcondvar_t *cv = &pr_pid_cv[p->p_slot];
2022 2022 kmutex_t *mp = &p->p_lock;
2023 2023
2024 2024 prunmark(p);
2025 2025 (void) cv_wait(cv, mp);
2026 2026 mutex_exit(mp);
2027 2027 if ((error = prlock(pnp, ZNO)) != 0) {
2028 2028 /*
2029 2029 * Unpause the process if it exists.
2030 2030 */
2031 2031 p = pr_p_lock(pnp);
2032 2032 mutex_exit(&pr_pidlock);
2033 2033 if (p != NULL) {
2034 2034 unpauselwps(p);
2035 2035 prunlock(pnp);
2036 2036 }
2037 2037 *unlocked = 1;
2038 2038 return (error);
2039 2039 }
2040 2040 }
2041 2041 }
2042 2042
2043 2043 /*
2044 2044 * Drop p->p_lock in order to perform the rest of this.
2045 2045 * The process is still locked with the P_PR_LOCK flag.
2046 2046 */
2047 2047 mutex_exit(&p->p_lock);
2048 2048
2049 2049 pwa = kmem_alloc(sizeof (struct watched_area), KM_SLEEP);
2050 2050 pwa->wa_vaddr = (caddr_t)vaddr;
2051 2051 pwa->wa_eaddr = (caddr_t)vaddr + size;
2052 2052 pwa->wa_flags = (ulong_t)wflags;
2053 2053
2054 2054 error = ((pwa->wa_flags & ~WA_TRAPAFTER) == 0)?
2055 2055 clear_watched_area(p, pwa) : set_watched_area(p, pwa);
2056 2056
2057 2057 if (p == curproc) {
2058 2058 setallwatch();
2059 2059 mutex_enter(&p->p_lock);
2060 2060 continuelwps(p);
2061 2061 } else {
2062 2062 mutex_enter(&p->p_lock);
2063 2063 unpauselwps(p);
2064 2064 }
2065 2065
2066 2066 return (error);
2067 2067 }
2068 2068
2069 2069 /* jobcontrol stopped, but with a /proc directed stop in effect */
2070 2070 #define JDSTOPPED(t) \
2071 2071 ((t)->t_state == TS_STOPPED && \
2072 2072 (t)->t_whystop == PR_JOBCONTROL && \
2073 2073 ((t)->t_proc_flag & TP_PRSTOP))
2074 2074
2075 2075 /*
2076 2076 * pr_agent() creates the agent lwp. If the process is exiting while
2077 2077 * we are creating an agent lwp, then exitlwps() waits until the
2078 2078 * agent has been created using prbarrier().
2079 2079 */
2080 2080 static int
2081 2081 pr_agent(prnode_t *pnp, prgregset_t prgregset, int *unlocked)
2082 2082 {
2083 2083 proc_t *p = pnp->pr_common->prc_proc;
2084 2084 prcommon_t *pcp;
2085 2085 kthread_t *t;
2086 2086 kthread_t *ct;
2087 2087 klwp_t *clwp;
2088 2088 k_sigset_t smask;
2089 2089 int cid;
2090 2090 void *bufp = NULL;
2091 2091 int error;
2092 2092
2093 2093 *unlocked = 0;
2094 2094
2095 2095 /*
2096 2096 * Cannot create the /proc agent lwp if :-
2097 2097 * - the process is not fully stopped or directed to stop.
2098 2098 * - there is an agent lwp already.
2099 2099 * - the process has been killed.
2100 2100 * - the process is exiting.
2101 2101 * - it's a vfork(2) parent.
2102 2102 */
2103 2103 t = prchoose(p); /* returns locked thread */
2104 2104 ASSERT(t != NULL);
2105 2105
2106 2106 if ((!ISTOPPED(t) && !VSTOPPED(t) && !SUSPENDED(t) && !JDSTOPPED(t)) ||
2107 2107 p->p_agenttp != NULL ||
2108 2108 (p->p_flag & (SKILLED | SEXITING | SVFWAIT))) {
2109 2109 thread_unlock(t);
2110 2110 return (EBUSY);
2111 2111 }
2112 2112
2113 2113 thread_unlock(t);
2114 2114 mutex_exit(&p->p_lock);
2115 2115
2116 2116 sigfillset(&smask);
2117 2117 sigdiffset(&smask, &cantmask);
2118 2118 clwp = lwp_create(lwp_rtt, NULL, 0, p, TS_STOPPED,
2119 2119 t->t_pri, &smask, NOCLASS, 0);
2120 2120 if (clwp == NULL) {
2121 2121 mutex_enter(&p->p_lock);
2122 2122 return (ENOMEM);
2123 2123 }
2124 2124 prsetprregs(clwp, prgregset, 1);
2125 2125
2126 2126 /*
2127 2127 * Because abandoning the agent inside the target process leads to
2128 2128 * a state that is essentially undebuggable, we record the psinfo of
2129 2129 * the process creating the agent and hang that off of the lwp.
2130 2130 */
2131 2131 clwp->lwp_spymaster = kmem_zalloc(sizeof (psinfo_t), KM_SLEEP);
2132 2132 mutex_enter(&curproc->p_lock);
2133 2133 prgetpsinfo(curproc, clwp->lwp_spymaster);
2134 2134 mutex_exit(&curproc->p_lock);
2135 2135
2136 2136 /*
2137 2137 * We overload pr_time in the spymaster to denote the time at which the
2138 2138 * agent was created.
2139 2139 */
2140 2140 gethrestime(&clwp->lwp_spymaster->pr_time);
2141 2141
2142 2142 retry:
2143 2143 cid = t->t_cid;
2144 2144 (void) CL_ALLOC(&bufp, cid, KM_SLEEP);
2145 2145 mutex_enter(&p->p_lock);
2146 2146 if (cid != t->t_cid) {
2147 2147 /*
2148 2148 * Someone just changed this thread's scheduling class,
2149 2149 * so try pre-allocating the buffer again. Hopefully we
2150 2150 * don't hit this often.
2151 2151 */
2152 2152 mutex_exit(&p->p_lock);
2153 2153 CL_FREE(cid, bufp);
2154 2154 goto retry;
2155 2155 }
2156 2156
2157 2157 clwp->lwp_ap = clwp->lwp_arg;
2158 2158 clwp->lwp_eosys = NORMALRETURN;
2159 2159 ct = lwptot(clwp);
2160 2160 ct->t_clfuncs = t->t_clfuncs;
2161 2161 CL_FORK(t, ct, bufp);
2162 2162 ct->t_cid = t->t_cid;
2163 2163 ct->t_proc_flag |= TP_PRSTOP;
2164 2164 /*
2165 2165 * Setting t_sysnum to zero causes post_syscall()
2166 2166 * to bypass all syscall checks and go directly to
2167 2167 * if (issig()) psig();
2168 2168 * so that the agent lwp will stop in issig_forreal()
2169 2169 * showing PR_REQUESTED.
2170 2170 */
2171 2171 ct->t_sysnum = 0;
2172 2172 ct->t_post_sys = 1;
2173 2173 ct->t_sig_check = 1;
2174 2174 p->p_agenttp = ct;
2175 2175 ct->t_proc_flag &= ~TP_HOLDLWP;
2176 2176
2177 2177 pcp = pnp->pr_pcommon;
2178 2178 mutex_enter(&pcp->prc_mutex);
2179 2179
2180 2180 lwp_create_done(ct);
2181 2181
2182 2182 /*
2183 2183 * Don't return until the agent is stopped on PR_REQUESTED.
2184 2184 */
2185 2185
2186 2186 for (;;) {
2187 2187 prunlock(pnp);
2188 2188 *unlocked = 1;
2189 2189
2190 2190 /*
2191 2191 * Wait for the agent to stop and notify us.
2192 2192 * If we've been interrupted, return that information.
2193 2193 */
2194 2194 error = pr_wait(pcp, NULL, 0);
2195 2195 if (error == EINTR) {
2196 2196 error = 0;
2197 2197 break;
2198 2198 }
2199 2199
2200 2200 /*
2201 2201 * Confirm that the agent LWP has stopped.
2202 2202 */
2203 2203
2204 2204 if ((error = prlock(pnp, ZNO)) != 0)
2205 2205 break;
2206 2206 *unlocked = 0;
2207 2207
2208 2208 /*
2209 2209 * Since we dropped the lock on the process, the agent
2210 2210 * may have disappeared or changed. Grab the current
2211 2211 * agent and check fail if it has disappeared.
2212 2212 */
2213 2213 if ((ct = p->p_agenttp) == NULL) {
2214 2214 error = ENOENT;
2215 2215 break;
2216 2216 }
2217 2217
2218 2218 mutex_enter(&pcp->prc_mutex);
2219 2219 thread_lock(ct);
2220 2220
2221 2221 if (ISTOPPED(ct)) {
2222 2222 thread_unlock(ct);
2223 2223 mutex_exit(&pcp->prc_mutex);
2224 2224 break;
2225 2225 }
2226 2226
2227 2227 thread_unlock(ct);
2228 2228 }
2229 2229
2230 2230 return (error ? error : -1);
2231 2231 }
2232 2232
2233 2233 static int
2234 2234 pr_rdwr(proc_t *p, enum uio_rw rw, priovec_t *pio)
2235 2235 {
2236 2236 caddr_t base = (caddr_t)pio->pio_base;
2237 2237 size_t cnt = pio->pio_len;
2238 2238 uintptr_t offset = (uintptr_t)pio->pio_offset;
2239 2239 struct uio auio;
2240 2240 struct iovec aiov;
2241 2241 int error = 0;
2242 2242
2243 2243 if ((p->p_flag & SSYS) || p->p_as == &kas)
2244 2244 error = EIO;
2245 2245 else if ((base + cnt) < base || (offset + cnt) < offset)
2246 2246 error = EINVAL;
2247 2247 else if (cnt != 0) {
2248 2248 aiov.iov_base = base;
2249 2249 aiov.iov_len = cnt;
2250 2250
2251 2251 auio.uio_loffset = offset;
2252 2252 auio.uio_iov = &aiov;
2253 2253 auio.uio_iovcnt = 1;
2254 2254 auio.uio_resid = cnt;
2255 2255 auio.uio_segflg = UIO_USERSPACE;
2256 2256 auio.uio_llimit = (longlong_t)MAXOFFSET_T;
2257 2257 auio.uio_fmode = FREAD|FWRITE;
2258 2258 auio.uio_extflg = UIO_COPY_DEFAULT;
2259 2259
2260 2260 mutex_exit(&p->p_lock);
2261 2261 error = prusrio(p, rw, &auio, 0);
2262 2262 mutex_enter(&p->p_lock);
2263 2263
2264 2264 /*
2265 2265 * We have no way to return the i/o count,
2266 2266 * like read() or write() would do, so we
2267 2267 * return an error if the i/o was truncated.
2268 2268 */
2269 2269 if (auio.uio_resid != 0 && error == 0)
2270 2270 error = EIO;
2271 2271 }
2272 2272
2273 2273 return (error);
2274 2274 }
2275 2275
2276 2276 static int
2277 2277 pr_scred(proc_t *p, prcred_t *prcred, cred_t *cr, boolean_t dogrps)
2278 2278 {
2279 2279 kthread_t *t;
2280 2280 cred_t *oldcred;
2281 2281 cred_t *newcred;
2282 2282 uid_t oldruid;
2283 2283 int error;
2284 2284 zone_t *zone = crgetzone(cr);
2285 2285
2286 2286 if (!VALID_UID(prcred->pr_euid, zone) ||
2287 2287 !VALID_UID(prcred->pr_ruid, zone) ||
2288 2288 !VALID_UID(prcred->pr_suid, zone) ||
2289 2289 !VALID_GID(prcred->pr_egid, zone) ||
2290 2290 !VALID_GID(prcred->pr_rgid, zone) ||
2291 2291 !VALID_GID(prcred->pr_sgid, zone))
2292 2292 return (EINVAL);
2293 2293
2294 2294 if (dogrps) {
2295 2295 int ngrp = prcred->pr_ngroups;
2296 2296 int i;
2297 2297
2298 2298 if (ngrp < 0 || ngrp > ngroups_max)
2299 2299 return (EINVAL);
2300 2300
2301 2301 for (i = 0; i < ngrp; i++) {
2302 2302 if (!VALID_GID(prcred->pr_groups[i], zone))
2303 2303 return (EINVAL);
2304 2304 }
2305 2305 }
2306 2306
2307 2307 error = secpolicy_allow_setid(cr, prcred->pr_euid, B_FALSE);
2308 2308
2309 2309 if (error == 0 && prcred->pr_ruid != prcred->pr_euid)
2310 2310 error = secpolicy_allow_setid(cr, prcred->pr_ruid, B_FALSE);
2311 2311
2312 2312 if (error == 0 && prcred->pr_suid != prcred->pr_euid &&
2313 2313 prcred->pr_suid != prcred->pr_ruid)
2314 2314 error = secpolicy_allow_setid(cr, prcred->pr_suid, B_FALSE);
2315 2315
2316 2316 if (error)
2317 2317 return (error);
2318 2318
2319 2319 mutex_exit(&p->p_lock);
2320 2320
2321 2321 /* hold old cred so it doesn't disappear while we dup it */
2322 2322 mutex_enter(&p->p_crlock);
2323 2323 crhold(oldcred = p->p_cred);
2324 2324 mutex_exit(&p->p_crlock);
2325 2325 newcred = crdup(oldcred);
2326 2326 oldruid = crgetruid(oldcred);
2327 2327 crfree(oldcred);
2328 2328
2329 2329 /* Error checking done above */
2330 2330 (void) crsetresuid(newcred, prcred->pr_ruid, prcred->pr_euid,
2331 2331 prcred->pr_suid);
2332 2332 (void) crsetresgid(newcred, prcred->pr_rgid, prcred->pr_egid,
2333 2333 prcred->pr_sgid);
2334 2334
2335 2335 if (dogrps) {
2336 2336 (void) crsetgroups(newcred, prcred->pr_ngroups,
2337 2337 prcred->pr_groups);
2338 2338
2339 2339 }
2340 2340
2341 2341 mutex_enter(&p->p_crlock);
2342 2342 oldcred = p->p_cred;
2343 2343 p->p_cred = newcred;
2344 2344 mutex_exit(&p->p_crlock);
2345 2345 crfree(oldcred);
2346 2346
2347 2347 /*
2348 2348 * Keep count of processes per uid consistent.
2349 2349 */
2350 2350 if (oldruid != prcred->pr_ruid) {
2351 2351 zoneid_t zoneid = crgetzoneid(newcred);
2352 2352
2353 2353 mutex_enter(&pidlock);
2354 2354 upcount_dec(oldruid, zoneid);
2355 2355 upcount_inc(prcred->pr_ruid, zoneid);
2356 2356 mutex_exit(&pidlock);
2357 2357 }
2358 2358
2359 2359 /*
2360 2360 * Broadcast the cred change to the threads.
2361 2361 */
2362 2362 mutex_enter(&p->p_lock);
2363 2363 t = p->p_tlist;
2364 2364 do {
2365 2365 t->t_pre_sys = 1; /* so syscall will get new cred */
2366 2366 } while ((t = t->t_forw) != p->p_tlist);
2367 2367
2368 2368 return (0);
2369 2369 }
2370 2370
2371 2371 /*
2372 2372 * Change process credentials to specified zone. Used to temporarily
2373 2373 * set a process to run in the global zone; only transitions between
2374 2374 * the process's actual zone and the global zone are allowed.
2375 2375 */
2376 2376 static int
2377 2377 pr_szoneid(proc_t *p, zoneid_t zoneid, cred_t *cr)
2378 2378 {
|
↓ open down ↓ |
753 lines elided |
↑ open up ↑ |
2379 2379 kthread_t *t;
2380 2380 cred_t *oldcred;
2381 2381 cred_t *newcred;
2382 2382 zone_t *zptr;
2383 2383 zoneid_t oldzoneid;
2384 2384
2385 2385 if (secpolicy_zone_config(cr) != 0)
2386 2386 return (EPERM);
2387 2387 if (zoneid != GLOBAL_ZONEID && zoneid != p->p_zone->zone_id)
2388 2388 return (EINVAL);
2389 - if ((zptr = zone_find_by_id(zoneid)) == NULL)
2390 - return (EINVAL);
2389 + /*
2390 + * We cannot hold p_lock when we call zone_find_by_id since that can
2391 + * lead to a deadlock. zone_find_by_id() takes zonehash_lock.
2392 + * zone_enter() can hold the zonehash_lock and needs p_lock when it
2393 + * calls task_join.
2394 + */
2391 2395 mutex_exit(&p->p_lock);
2396 + if ((zptr = zone_find_by_id(zoneid)) == NULL) {
2397 + mutex_enter(&p->p_lock);
2398 + return (EINVAL);
2399 + }
2392 2400 mutex_enter(&p->p_crlock);
2393 2401 oldcred = p->p_cred;
2394 2402 crhold(oldcred);
2395 2403 mutex_exit(&p->p_crlock);
2396 2404 newcred = crdup(oldcred);
2397 2405 oldzoneid = crgetzoneid(oldcred);
2398 2406 crfree(oldcred);
2399 2407
2400 2408 crsetzone(newcred, zptr);
2401 2409 zone_rele(zptr);
2402 2410
2403 2411 mutex_enter(&p->p_crlock);
2404 2412 oldcred = p->p_cred;
2405 2413 p->p_cred = newcred;
2406 2414 mutex_exit(&p->p_crlock);
2407 2415 crfree(oldcred);
2408 2416
2409 2417 /*
2410 2418 * The target process is changing zones (according to its cred), so
2411 2419 * update the per-zone upcounts, which are based on process creds.
2412 2420 */
2413 2421 if (oldzoneid != zoneid) {
2414 2422 uid_t ruid = crgetruid(newcred);
2415 2423
2416 2424 mutex_enter(&pidlock);
2417 2425 upcount_dec(ruid, oldzoneid);
2418 2426 upcount_inc(ruid, zoneid);
2419 2427 mutex_exit(&pidlock);
2420 2428 }
2421 2429 /*
2422 2430 * Broadcast the cred change to the threads.
2423 2431 */
2424 2432 mutex_enter(&p->p_lock);
2425 2433 t = p->p_tlist;
2426 2434 do {
2427 2435 t->t_pre_sys = 1; /* so syscall will get new cred */
2428 2436 } while ((t = t->t_forw) != p->p_tlist);
2429 2437
2430 2438 return (0);
2431 2439 }
2432 2440
2433 2441 static int
2434 2442 pr_spriv(proc_t *p, prpriv_t *prpriv, cred_t *cr)
2435 2443 {
2436 2444 kthread_t *t;
2437 2445 int err;
2438 2446
2439 2447 ASSERT(MUTEX_HELD(&p->p_lock));
2440 2448
2441 2449 if ((err = priv_pr_spriv(p, prpriv, cr)) == 0) {
2442 2450 /*
2443 2451 * Broadcast the cred change to the threads.
2444 2452 */
2445 2453 t = p->p_tlist;
2446 2454 do {
2447 2455 t->t_pre_sys = 1; /* so syscall will get new cred */
2448 2456 } while ((t = t->t_forw) != p->p_tlist);
2449 2457 }
2450 2458
2451 2459 return (err);
2452 2460 }
2453 2461
2454 2462 /*
2455 2463 * Return -1 if the process is the parent of a vfork(1) whose child has yet to
2456 2464 * terminate or perform an exec(2).
2457 2465 *
2458 2466 * Returns 0 if the process is fully stopped except for the current thread (if
2459 2467 * we are operating on our own process), 1 otherwise.
2460 2468 *
2461 2469 * If the watchstop flag is set, then we ignore threads with TP_WATCHSTOP set.
2462 2470 * See holdwatch() for details.
2463 2471 */
2464 2472 int
2465 2473 pr_allstopped(proc_t *p, int watchstop)
2466 2474 {
2467 2475 kthread_t *t;
2468 2476 int rv = 0;
2469 2477
2470 2478 ASSERT(MUTEX_HELD(&p->p_lock));
2471 2479
2472 2480 if (p->p_flag & SVFWAIT) /* waiting for vfork'd child to exec */
2473 2481 return (-1);
2474 2482
2475 2483 if ((t = p->p_tlist) != NULL) {
2476 2484 do {
2477 2485 if (t == curthread || VSTOPPED(t) ||
2478 2486 (watchstop && (t->t_proc_flag & TP_WATCHSTOP)))
2479 2487 continue;
2480 2488 thread_lock(t);
2481 2489 switch (t->t_state) {
2482 2490 case TS_ZOMB:
2483 2491 case TS_STOPPED:
2484 2492 break;
2485 2493 case TS_SLEEP:
2486 2494 if (!(t->t_flag & T_WAKEABLE) ||
2487 2495 t->t_wchan0 == NULL)
2488 2496 rv = 1;
2489 2497 break;
2490 2498 default:
2491 2499 rv = 1;
2492 2500 break;
2493 2501 }
2494 2502 thread_unlock(t);
2495 2503 } while (rv == 0 && (t = t->t_forw) != p->p_tlist);
2496 2504 }
2497 2505
2498 2506 return (rv);
2499 2507 }
2500 2508
2501 2509 /*
2502 2510 * Cause all lwps in the process to pause (for watchpoint operations).
2503 2511 */
2504 2512 static void
2505 2513 pauselwps(proc_t *p)
2506 2514 {
2507 2515 kthread_t *t;
2508 2516
2509 2517 ASSERT(MUTEX_HELD(&p->p_lock));
2510 2518 ASSERT(p != curproc);
2511 2519
2512 2520 if ((t = p->p_tlist) != NULL) {
2513 2521 do {
2514 2522 thread_lock(t);
2515 2523 t->t_proc_flag |= TP_PAUSE;
2516 2524 aston(t);
2517 2525 if ((ISWAKEABLE(t) && (t->t_wchan0 == NULL)) ||
2518 2526 ISWAITING(t)) {
2519 2527 setrun_locked(t);
2520 2528 }
2521 2529 prpokethread(t);
2522 2530 thread_unlock(t);
2523 2531 } while ((t = t->t_forw) != p->p_tlist);
2524 2532 }
2525 2533 }
2526 2534
2527 2535 /*
2528 2536 * undo the effects of pauselwps()
2529 2537 */
2530 2538 static void
2531 2539 unpauselwps(proc_t *p)
2532 2540 {
2533 2541 kthread_t *t;
2534 2542
2535 2543 ASSERT(MUTEX_HELD(&p->p_lock));
2536 2544 ASSERT(p != curproc);
2537 2545
2538 2546 if ((t = p->p_tlist) != NULL) {
2539 2547 do {
2540 2548 thread_lock(t);
2541 2549 t->t_proc_flag &= ~TP_PAUSE;
2542 2550 if (t->t_state == TS_STOPPED) {
2543 2551 t->t_schedflag |= TS_UNPAUSE;
2544 2552 t->t_dtrace_stop = 0;
2545 2553 setrun_locked(t);
2546 2554 }
2547 2555 thread_unlock(t);
2548 2556 } while ((t = t->t_forw) != p->p_tlist);
2549 2557 }
2550 2558 }
2551 2559
2552 2560 /*
2553 2561 * Cancel all watched areas. Called from prclose().
2554 2562 */
2555 2563 proc_t *
2556 2564 pr_cancel_watch(prnode_t *pnp)
2557 2565 {
2558 2566 proc_t *p = pnp->pr_pcommon->prc_proc;
2559 2567 struct as *as;
2560 2568 kthread_t *t;
2561 2569
2562 2570 ASSERT(MUTEX_HELD(&p->p_lock) && (p->p_proc_flag & P_PR_LOCK));
2563 2571
2564 2572 if (!pr_watch_active(p))
2565 2573 return (p);
2566 2574
2567 2575 /*
2568 2576 * Pause the process before dealing with the watchpoints.
2569 2577 */
2570 2578 if (p == curproc) {
2571 2579 prunlock(pnp);
2572 2580 while (holdwatch() != 0)
2573 2581 continue;
2574 2582 p = pr_p_lock(pnp);
2575 2583 mutex_exit(&pr_pidlock);
2576 2584 ASSERT(p == curproc);
2577 2585 } else {
2578 2586 pauselwps(p);
2579 2587 while (p != NULL && pr_allstopped(p, 0) > 0) {
2580 2588 /*
2581 2589 * This cv/mutex pair is persistent even
2582 2590 * if the process disappears after we
2583 2591 * unmark it and drop p->p_lock.
2584 2592 */
2585 2593 kcondvar_t *cv = &pr_pid_cv[p->p_slot];
2586 2594 kmutex_t *mp = &p->p_lock;
2587 2595
2588 2596 prunmark(p);
2589 2597 (void) cv_wait(cv, mp);
2590 2598 mutex_exit(mp);
2591 2599 p = pr_p_lock(pnp); /* NULL if process disappeared */
2592 2600 mutex_exit(&pr_pidlock);
2593 2601 }
2594 2602 }
2595 2603
2596 2604 if (p == NULL) /* the process disappeared */
2597 2605 return (NULL);
2598 2606
2599 2607 ASSERT(p == pnp->pr_pcommon->prc_proc);
2600 2608 ASSERT(MUTEX_HELD(&p->p_lock) && (p->p_proc_flag & P_PR_LOCK));
2601 2609
2602 2610 if (pr_watch_active(p)) {
2603 2611 pr_free_watchpoints(p);
2604 2612 if ((t = p->p_tlist) != NULL) {
2605 2613 do {
2606 2614 watch_disable(t);
2607 2615
2608 2616 } while ((t = t->t_forw) != p->p_tlist);
2609 2617 }
2610 2618 }
2611 2619
2612 2620 if ((as = p->p_as) != NULL) {
2613 2621 avl_tree_t *tree;
2614 2622 struct watched_page *pwp;
2615 2623
2616 2624 /*
2617 2625 * If this is the parent of a vfork, the watched page
2618 2626 * list has been moved temporarily to p->p_wpage.
2619 2627 */
2620 2628 if (avl_numnodes(&p->p_wpage) != 0)
2621 2629 tree = &p->p_wpage;
2622 2630 else
2623 2631 tree = &as->a_wpage;
2624 2632
2625 2633 mutex_exit(&p->p_lock);
2626 2634 AS_LOCK_ENTER(as, RW_WRITER);
2627 2635
2628 2636 for (pwp = avl_first(tree); pwp != NULL;
2629 2637 pwp = AVL_NEXT(tree, pwp)) {
2630 2638 pwp->wp_read = 0;
2631 2639 pwp->wp_write = 0;
2632 2640 pwp->wp_exec = 0;
2633 2641 if ((pwp->wp_flags & WP_SETPROT) == 0) {
2634 2642 pwp->wp_flags |= WP_SETPROT;
2635 2643 pwp->wp_prot = pwp->wp_oprot;
2636 2644 pwp->wp_list = p->p_wprot;
2637 2645 p->p_wprot = pwp;
2638 2646 }
2639 2647 }
2640 2648
2641 2649 AS_LOCK_EXIT(as);
2642 2650 mutex_enter(&p->p_lock);
2643 2651 }
2644 2652
2645 2653 /*
2646 2654 * Unpause the process now.
2647 2655 */
2648 2656 if (p == curproc)
2649 2657 continuelwps(p);
2650 2658 else
2651 2659 unpauselwps(p);
2652 2660
2653 2661 return (p);
2654 2662 }
|
↓ open down ↓ |
253 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX