1 /* $NetBSD: sys_process.c,v 1.165 2014/11/24 02:34:04 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1989, 1993 34 * The Regents of the University of California. All rights reserved. 35 * (c) UNIX System Laboratories, Inc. 36 * All or some portions of this file are derived from material licensed 37 * to the University of California by American Telephone and Telegraph 38 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 39 * the permission of UNIX System Laboratories, Inc. 40 * 41 * This code is derived from software contributed to Berkeley by 42 * Jan-Simon Pendry. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. Neither the name of the University nor the names of its contributors 53 * may be used to endorse or promote products derived from this software 54 * without specific prior written permission. 55 * 56 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 57 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 59 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 60 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 61 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 62 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 63 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 64 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 65 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 66 * SUCH DAMAGE. 67 * 68 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 69 */ 70 71 /*- 72 * Copyright (c) 1993 Jan-Simon Pendry. 73 * Copyright (c) 1994 Christopher G. Demetriou. All rights reserved. 74 * 75 * This code is derived from software contributed to Berkeley by 76 * Jan-Simon Pendry. 77 * 78 * Redistribution and use in source and binary forms, with or without 79 * modification, are permitted provided that the following conditions 80 * are met: 81 * 1. Redistributions of source code must retain the above copyright 82 * notice, this list of conditions and the following disclaimer. 83 * 2. Redistributions in binary form must reproduce the above copyright 84 * notice, this list of conditions and the following disclaimer in the 85 * documentation and/or other materials provided with the distribution. 86 * 3. All advertising materials mentioning features or use of this software 87 * must display the following acknowledgement: 88 * This product includes software developed by the University of 89 * California, Berkeley and its contributors. 90 * 4. Neither the name of the University nor the names of its contributors 91 * may be used to endorse or promote products derived from this software 92 * without specific prior written permission. 93 * 94 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 97 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 104 * SUCH DAMAGE. 105 * 106 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 107 */ 108 109 /* 110 * References: 111 * (1) Bach's "The Design of the UNIX Operating System", 112 * (2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution, 113 * (3) the "4.4BSD Programmer's Reference Manual" published 114 * by USENIX and O'Reilly & Associates. 115 * The 4.4BSD PRM does a reasonably good job of documenting what the various 116 * ptrace() requests should actually do, and its text is quoted several times 117 * in this file. 118 */ 119 120 #include <sys/cdefs.h> 121 __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.165 2014/11/24 02:34:04 christos Exp $"); 122 123 #include "opt_ptrace.h" 124 #include "opt_ktrace.h" 125 126 #include <sys/param.h> 127 #include <sys/systm.h> 128 #include <sys/proc.h> 129 #include <sys/errno.h> 130 #include <sys/ptrace.h> 131 #include <sys/uio.h> 132 #include <sys/ras.h> 133 #include <sys/kmem.h> 134 #include <sys/kauth.h> 135 #include <sys/mount.h> 136 #include <sys/syscallargs.h> 137 138 #include <uvm/uvm_extern.h> 139 140 #include <machine/reg.h> 141 142 #ifdef PTRACE 143 144 # ifdef DEBUG 145 # define DPRINTF(a) uprintf a 146 # else 147 # define DPRINTF(a) 148 # endif 149 150 static kauth_listener_t ptrace_listener; 151 152 static int 153 ptrace_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 154 void *arg0, void *arg1, void *arg2, void *arg3) 155 { 156 struct proc *p; 157 int result; 158 159 result = KAUTH_RESULT_DEFER; 160 p = arg0; 161 162 if (action != KAUTH_PROCESS_PTRACE) 163 return result; 164 165 switch ((u_long)arg1) { 166 case PT_TRACE_ME: 167 case PT_ATTACH: 168 case PT_WRITE_I: 169 case PT_WRITE_D: 170 case PT_READ_I: 171 case PT_READ_D: 172 case PT_IO: 173 #ifdef PT_GETREGS 174 case PT_GETREGS: 175 #endif 176 #ifdef PT_SETREGS 177 case PT_SETREGS: 178 #endif 179 #ifdef PT_GETFPREGS 180 case PT_GETFPREGS: 181 #endif 182 #ifdef PT_SETFPREGS 183 case PT_SETFPREGS: 184 #endif 185 case PT_SET_EVENT_MASK: 186 case PT_GET_EVENT_MASK: 187 case PT_GET_PROCESS_STATE: 188 #ifdef __HAVE_PTRACE_MACHDEP 189 PTRACE_MACHDEP_REQUEST_CASES 190 #endif 191 if (kauth_cred_getuid(cred) != kauth_cred_getuid(p->p_cred) || 192 ISSET(p->p_flag, PK_SUGID)) { 193 break; 194 } 195 196 result = KAUTH_RESULT_ALLOW; 197 198 break; 199 200 #ifdef PT_STEP 201 case PT_STEP: 202 #endif 203 case PT_CONTINUE: 204 case PT_KILL: 205 case PT_DETACH: 206 case PT_LWPINFO: 207 case PT_SYSCALL: 208 case PT_SYSCALLEMU: 209 case PT_DUMPCORE: 210 result = KAUTH_RESULT_ALLOW; 211 break; 212 213 default: 214 break; 215 } 216 217 return result; 218 } 219 220 void 221 ptrace_init(void) 222 { 223 224 ptrace_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 225 ptrace_listener_cb, NULL); 226 } 227 228 /* 229 * Process debugging system call. 230 */ 231 int 232 sys_ptrace(struct lwp *l, const struct sys_ptrace_args *uap, register_t *retval) 233 { 234 /* { 235 syscallarg(int) req; 236 syscallarg(pid_t) pid; 237 syscallarg(void *) addr; 238 syscallarg(int) data; 239 } */ 240 struct proc *p = l->l_proc; 241 struct lwp *lt; 242 #ifdef PT_STEP 243 struct lwp *lt2; 244 #endif 245 struct proc *t; /* target process */ 246 struct uio uio; 247 struct iovec iov; 248 struct ptrace_io_desc piod; 249 struct ptrace_event pe; 250 struct ptrace_state ps; 251 struct ptrace_lwpinfo pl; 252 struct vmspace *vm; 253 int error, write, tmp, req, pheld; 254 int signo = 0; 255 int resume_all; 256 ksiginfo_t ksi; 257 char *path; 258 int len = 0; 259 260 error = 0; 261 req = SCARG(uap, req); 262 263 /* 264 * If attaching or detaching, we need to get a write hold on the 265 * proclist lock so that we can re-parent the target process. 266 */ 267 mutex_enter(proc_lock); 268 269 /* "A foolish consistency..." XXX */ 270 if (req == PT_TRACE_ME) { 271 t = p; 272 mutex_enter(t->p_lock); 273 } else { 274 /* Find the process we're supposed to be operating on. */ 275 t = proc_find(SCARG(uap, pid)); 276 if (t == NULL) { 277 mutex_exit(proc_lock); 278 return (ESRCH); 279 } 280 281 /* XXX-elad */ 282 mutex_enter(t->p_lock); 283 error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_CANSEE, 284 t, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL); 285 if (error) { 286 mutex_exit(proc_lock); 287 mutex_exit(t->p_lock); 288 return (ESRCH); 289 } 290 } 291 292 /* 293 * Grab a reference on the process to prevent it from execing or 294 * exiting. 295 */ 296 if (!rw_tryenter(&t->p_reflock, RW_READER)) { 297 mutex_exit(proc_lock); 298 mutex_exit(t->p_lock); 299 return EBUSY; 300 } 301 302 /* Make sure we can operate on it. */ 303 switch (req) { 304 case PT_TRACE_ME: 305 /* Saying that you're being traced is always legal. */ 306 break; 307 308 case PT_ATTACH: 309 /* 310 * You can't attach to a process if: 311 * (1) it's the process that's doing the attaching, 312 */ 313 if (t->p_pid == p->p_pid) { 314 error = EINVAL; 315 break; 316 } 317 318 /* 319 * (2) it's a system process 320 */ 321 if (t->p_flag & PK_SYSTEM) { 322 error = EPERM; 323 break; 324 } 325 326 /* 327 * (3) it's already being traced, or 328 */ 329 if (ISSET(t->p_slflag, PSL_TRACED)) { 330 error = EBUSY; 331 break; 332 } 333 334 /* 335 * (4) the tracer is chrooted, and its root directory is 336 * not at or above the root directory of the tracee 337 */ 338 mutex_exit(t->p_lock); /* XXXSMP */ 339 tmp = proc_isunder(t, l); 340 mutex_enter(t->p_lock); /* XXXSMP */ 341 if (!tmp) { 342 error = EPERM; 343 break; 344 } 345 break; 346 347 case PT_READ_I: 348 case PT_READ_D: 349 case PT_WRITE_I: 350 case PT_WRITE_D: 351 case PT_IO: 352 #ifdef PT_GETREGS 353 case PT_GETREGS: 354 #endif 355 #ifdef PT_SETREGS 356 case PT_SETREGS: 357 #endif 358 #ifdef PT_GETFPREGS 359 case PT_GETFPREGS: 360 #endif 361 #ifdef PT_SETFPREGS 362 case PT_SETFPREGS: 363 #endif 364 #ifdef __HAVE_PTRACE_MACHDEP 365 PTRACE_MACHDEP_REQUEST_CASES 366 #endif 367 /* 368 * You can't read/write the memory or registers of a process 369 * if the tracer is chrooted, and its root directory is not at 370 * or above the root directory of the tracee. 371 */ 372 mutex_exit(t->p_lock); /* XXXSMP */ 373 tmp = proc_isunder(t, l); 374 mutex_enter(t->p_lock); /* XXXSMP */ 375 if (!tmp) { 376 error = EPERM; 377 break; 378 } 379 /*FALLTHROUGH*/ 380 381 case PT_CONTINUE: 382 case PT_KILL: 383 case PT_DETACH: 384 case PT_LWPINFO: 385 case PT_SYSCALL: 386 case PT_SYSCALLEMU: 387 case PT_DUMPCORE: 388 #ifdef PT_STEP 389 case PT_STEP: 390 #endif 391 case PT_SET_EVENT_MASK: 392 case PT_GET_EVENT_MASK: 393 case PT_GET_PROCESS_STATE: 394 /* 395 * You can't do what you want to the process if: 396 * (1) It's not being traced at all, 397 */ 398 if (!ISSET(t->p_slflag, PSL_TRACED)) { 399 error = EPERM; 400 break; 401 } 402 403 /* 404 * (2) it's being traced by procfs (which has 405 * different signal delivery semantics), 406 */ 407 if (ISSET(t->p_slflag, PSL_FSTRACE)) { 408 DPRINTF(("file system traced\n")); 409 error = EBUSY; 410 break; 411 } 412 413 /* 414 * (3) it's not being traced by _you_, or 415 */ 416 if (t->p_pptr != p) { 417 DPRINTF(("parent %d != %d\n", t->p_pptr->p_pid, 418 p->p_pid)); 419 error = EBUSY; 420 break; 421 } 422 423 /* 424 * (4) it's not currently stopped. 425 */ 426 if (t->p_stat != SSTOP || !t->p_waited /* XXXSMP */) { 427 DPRINTF(("stat %d flag %d\n", t->p_stat, 428 !t->p_waited)); 429 error = EBUSY; 430 break; 431 } 432 break; 433 434 default: /* It was not a legal request. */ 435 error = EINVAL; 436 break; 437 } 438 439 if (error == 0) { 440 error = kauth_authorize_process(l->l_cred, 441 KAUTH_PROCESS_PTRACE, t, KAUTH_ARG(req), 442 NULL, NULL); 443 } 444 if (error == 0) { 445 lt = lwp_find_first(t); 446 if (lt == NULL) 447 error = ESRCH; 448 } 449 450 if (error != 0) { 451 mutex_exit(proc_lock); 452 mutex_exit(t->p_lock); 453 rw_exit(&t->p_reflock); 454 return error; 455 } 456 457 /* Do single-step fixup if needed. */ 458 FIX_SSTEP(t); 459 KASSERT(lt != NULL); 460 lwp_addref(lt); 461 462 /* 463 * Which locks do we need held? XXX Ugly. 464 */ 465 switch (req) { 466 #ifdef PT_STEP 467 case PT_STEP: 468 #endif 469 case PT_CONTINUE: 470 case PT_DETACH: 471 case PT_KILL: 472 case PT_SYSCALL: 473 case PT_SYSCALLEMU: 474 case PT_ATTACH: 475 case PT_TRACE_ME: 476 pheld = 1; 477 break; 478 default: 479 mutex_exit(proc_lock); 480 mutex_exit(t->p_lock); 481 pheld = 0; 482 break; 483 } 484 485 /* Now do the operation. */ 486 write = 0; 487 *retval = 0; 488 tmp = 0; 489 resume_all = 1; 490 491 switch (req) { 492 case PT_TRACE_ME: 493 /* Just set the trace flag. */ 494 SET(t->p_slflag, PSL_TRACED); 495 t->p_opptr = t->p_pptr; 496 break; 497 498 case PT_WRITE_I: /* XXX no separate I and D spaces */ 499 case PT_WRITE_D: 500 #if defined(__HAVE_RAS) 501 /* 502 * Can't write to a RAS 503 */ 504 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 505 error = EACCES; 506 break; 507 } 508 #endif 509 write = 1; 510 tmp = SCARG(uap, data); 511 /* FALLTHROUGH */ 512 513 case PT_READ_I: /* XXX no separate I and D spaces */ 514 case PT_READ_D: 515 /* write = 0 done above. */ 516 iov.iov_base = (void *)&tmp; 517 iov.iov_len = sizeof(tmp); 518 uio.uio_iov = &iov; 519 uio.uio_iovcnt = 1; 520 uio.uio_offset = (off_t)(unsigned long)SCARG(uap, addr); 521 uio.uio_resid = sizeof(tmp); 522 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 523 UIO_SETUP_SYSSPACE(&uio); 524 525 error = process_domem(l, lt, &uio); 526 if (!write) 527 *retval = tmp; 528 break; 529 530 case PT_IO: 531 error = copyin(SCARG(uap, addr), &piod, sizeof(piod)); 532 if (error) 533 break; 534 switch (piod.piod_op) { 535 case PIOD_READ_D: 536 case PIOD_READ_I: 537 uio.uio_rw = UIO_READ; 538 break; 539 case PIOD_WRITE_D: 540 case PIOD_WRITE_I: 541 /* 542 * Can't write to a RAS 543 */ 544 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 545 return (EACCES); 546 } 547 uio.uio_rw = UIO_WRITE; 548 break; 549 default: 550 error = EINVAL; 551 break; 552 } 553 if (error) 554 break; 555 error = proc_vmspace_getref(l->l_proc, &vm); 556 if (error) 557 break; 558 iov.iov_base = piod.piod_addr; 559 iov.iov_len = piod.piod_len; 560 uio.uio_iov = &iov; 561 uio.uio_iovcnt = 1; 562 uio.uio_offset = (off_t)(unsigned long)piod.piod_offs; 563 uio.uio_resid = piod.piod_len; 564 uio.uio_vmspace = vm; 565 566 error = process_domem(l, lt, &uio); 567 piod.piod_len -= uio.uio_resid; 568 (void) copyout(&piod, SCARG(uap, addr), sizeof(piod)); 569 uvmspace_free(vm); 570 break; 571 572 case PT_DUMPCORE: 573 if ((path = SCARG(uap, addr)) != NULL) { 574 char *dst; 575 len = SCARG(uap, data); 576 577 if (len < 0 || len >= MAXPATHLEN) { 578 error = EINVAL; 579 break; 580 } 581 dst = kmem_alloc(len + 1, KM_SLEEP); 582 if ((error = copyin(path, dst, len)) != 0) { 583 kmem_free(dst, len + 1); 584 break; 585 } 586 path = dst; 587 path[len] = '\0'; 588 } 589 error = (*coredump_vec)(lt, path); 590 if (path) 591 kmem_free(path, len + 1); 592 break; 593 594 #ifdef PT_STEP 595 case PT_STEP: 596 /* 597 * From the 4.4BSD PRM: 598 * "Execution continues as in request PT_CONTINUE; however 599 * as soon as possible after execution of at least one 600 * instruction, execution stops again. [ ... ]" 601 */ 602 #endif 603 case PT_CONTINUE: 604 case PT_SYSCALL: 605 case PT_DETACH: 606 if (req == PT_SYSCALL) { 607 if (!ISSET(t->p_slflag, PSL_SYSCALL)) { 608 SET(t->p_slflag, PSL_SYSCALL); 609 #ifdef __HAVE_SYSCALL_INTERN 610 (*t->p_emul->e_syscall_intern)(t); 611 #endif 612 } 613 } else { 614 if (ISSET(t->p_slflag, PSL_SYSCALL)) { 615 CLR(t->p_slflag, PSL_SYSCALL); 616 #ifdef __HAVE_SYSCALL_INTERN 617 (*t->p_emul->e_syscall_intern)(t); 618 #endif 619 } 620 } 621 t->p_trace_enabled = trace_is_enabled(t); 622 623 /* 624 * Pick up the LWPID, if supplied. There are two cases: 625 * data < 0 : step or continue single thread, lwp = -data 626 * data > 0 in PT_STEP : step this thread, continue others 627 * For operations other than PT_STEP, data > 0 means 628 * data is the signo to deliver to the process. 629 */ 630 tmp = SCARG(uap, data); 631 if (tmp >= 0) { 632 #ifdef PT_STEP 633 if (req == PT_STEP) 634 signo = 0; 635 else 636 #endif 637 { 638 signo = tmp; 639 tmp = 0; /* don't search for LWP */ 640 } 641 } 642 else 643 tmp = -tmp; 644 645 if (tmp > 0) { 646 if (req == PT_DETACH) { 647 error = EINVAL; 648 break; 649 } 650 lwp_delref2 (lt); 651 lt = lwp_find(t, tmp); 652 if (lt == NULL) { 653 error = ESRCH; 654 break; 655 } 656 lwp_addref(lt); 657 resume_all = 0; 658 signo = 0; 659 } 660 661 /* 662 * From the 4.4BSD PRM: 663 * "The data argument is taken as a signal number and the 664 * child's execution continues at location addr as if it 665 * incurred that signal. Normally the signal number will 666 * be either 0 to indicate that the signal that caused the 667 * stop should be ignored, or that value fetched out of 668 * the process's image indicating which signal caused 669 * the stop. If addr is (int *)1 then execution continues 670 * from where it stopped." 671 */ 672 673 /* Check that the data is a valid signal number or zero. */ 674 if (signo < 0 || signo >= NSIG) { 675 error = EINVAL; 676 break; 677 } 678 679 /* If the address parameter is not (int *)1, set the pc. */ 680 if ((int *)SCARG(uap, addr) != (int *)1) { 681 error = process_set_pc(lt, SCARG(uap, addr)); 682 if (error != 0) 683 break; 684 } 685 #ifdef PT_STEP 686 /* 687 * Arrange for a single-step, if that's requested and possible. 688 * More precisely, set the single step status as requested for 689 * the requested thread, and clear it for other threads. 690 */ 691 LIST_FOREACH(lt2, &t->p_lwps, l_sibling) { 692 if (lt != lt2) 693 { 694 lwp_lock(lt2); 695 process_sstep(lt2, 0); 696 lwp_unlock(lt2); 697 } 698 } 699 error = process_sstep(lt, req == PT_STEP); 700 if (error) 701 break; 702 #endif 703 if (req == PT_DETACH) { 704 CLR(t->p_slflag, PSL_TRACED|PSL_FSTRACE|PSL_SYSCALL); 705 706 /* give process back to original parent or init */ 707 if (t->p_opptr != t->p_pptr) { 708 struct proc *pp = t->p_opptr; 709 proc_reparent(t, pp ? pp : initproc); 710 } 711 712 /* not being traced any more */ 713 t->p_opptr = NULL; 714 } 715 sendsig: 716 t->p_fpid = 0; 717 /* Finally, deliver the requested signal (or none). */ 718 if (t->p_stat == SSTOP) { 719 /* 720 * Unstop the process. If it needs to take a 721 * signal, make all efforts to ensure that at 722 * an LWP runs to see it. 723 */ 724 t->p_xstat = signo; 725 if (resume_all) 726 proc_unstop(t); 727 else 728 lwp_unstop(lt); 729 } else if (signo != 0) { 730 KSI_INIT_EMPTY(&ksi); 731 ksi.ksi_signo = signo; 732 kpsignal2(t, &ksi); 733 } 734 break; 735 736 case PT_SYSCALLEMU: 737 if (!ISSET(t->p_slflag, PSL_SYSCALL) || t->p_stat != SSTOP) { 738 error = EINVAL; 739 break; 740 } 741 SET(t->p_slflag, PSL_SYSCALLEMU); 742 break; 743 744 case PT_KILL: 745 /* just send the process a KILL signal. */ 746 signo = SIGKILL; 747 goto sendsig; /* in PT_CONTINUE, above. */ 748 749 case PT_ATTACH: 750 /* 751 * Go ahead and set the trace flag. 752 * Save the old parent (it's reset in 753 * _DETACH, and also in kern_exit.c:wait4() 754 * Reparent the process so that the tracing 755 * proc gets to see all the action. 756 * Stop the target. 757 */ 758 t->p_opptr = t->p_pptr; 759 if (t->p_pptr != p) { 760 struct proc *parent = t->p_pptr; 761 762 if (parent->p_lock < t->p_lock) { 763 if (!mutex_tryenter(parent->p_lock)) { 764 mutex_exit(t->p_lock); 765 mutex_enter(parent->p_lock); 766 } 767 } else if (parent->p_lock > t->p_lock) { 768 mutex_enter(parent->p_lock); 769 } 770 parent->p_slflag |= PSL_CHTRACED; 771 proc_reparent(t, p); 772 if (parent->p_lock != t->p_lock) 773 mutex_exit(parent->p_lock); 774 } 775 SET(t->p_slflag, PSL_TRACED); 776 signo = SIGSTOP; 777 goto sendsig; 778 779 case PT_GET_EVENT_MASK: 780 if (SCARG(uap, data) != sizeof(pe)) { 781 DPRINTF(("ptrace(%d): %d != %zu\n", req, 782 SCARG(uap, data), sizeof(pe))); 783 error = EINVAL; 784 break; 785 } 786 memset(&pe, 0, sizeof(pe)); 787 pe.pe_set_event = ISSET(t->p_slflag, PSL_TRACEFORK) ? 788 PTRACE_FORK : 0; 789 error = copyout(&pe, SCARG(uap, addr), sizeof(pe)); 790 break; 791 792 case PT_SET_EVENT_MASK: 793 if (SCARG(uap, data) != sizeof(pe)) { 794 DPRINTF(("ptrace(%d): %d != %zu\n", req, 795 SCARG(uap, data), sizeof(pe))); 796 error = EINVAL; 797 break; 798 } 799 if ((error = copyin(SCARG(uap, addr), &pe, sizeof(pe))) != 0) 800 return error; 801 if (pe.pe_set_event & PTRACE_FORK) 802 SET(t->p_slflag, PSL_TRACEFORK); 803 else 804 CLR(t->p_slflag, PSL_TRACEFORK); 805 break; 806 807 case PT_GET_PROCESS_STATE: 808 if (SCARG(uap, data) != sizeof(ps)) { 809 DPRINTF(("ptrace(%d): %d != %zu\n", req, 810 SCARG(uap, data), sizeof(ps))); 811 error = EINVAL; 812 break; 813 } 814 memset(&ps, 0, sizeof(ps)); 815 if (t->p_fpid) { 816 ps.pe_report_event = PTRACE_FORK; 817 ps.pe_other_pid = t->p_fpid; 818 } 819 error = copyout(&ps, SCARG(uap, addr), sizeof(ps)); 820 break; 821 822 case PT_LWPINFO: 823 if (SCARG(uap, data) != sizeof(pl)) { 824 DPRINTF(("ptrace(%d): %d != %zu\n", req, 825 SCARG(uap, data), sizeof(pl))); 826 error = EINVAL; 827 break; 828 } 829 error = copyin(SCARG(uap, addr), &pl, sizeof(pl)); 830 if (error) 831 break; 832 tmp = pl.pl_lwpid; 833 lwp_delref(lt); 834 mutex_enter(t->p_lock); 835 if (tmp == 0) 836 lt = lwp_find_first(t); 837 else { 838 lt = lwp_find(t, tmp); 839 if (lt == NULL) { 840 mutex_exit(t->p_lock); 841 error = ESRCH; 842 break; 843 } 844 lt = LIST_NEXT(lt, l_sibling); 845 } 846 while (lt != NULL && !lwp_alive(lt)) 847 lt = LIST_NEXT(lt, l_sibling); 848 pl.pl_lwpid = 0; 849 pl.pl_event = 0; 850 if (lt) { 851 lwp_addref(lt); 852 pl.pl_lwpid = lt->l_lid; 853 if (lt->l_lid == t->p_sigctx.ps_lwp) 854 pl.pl_event = PL_EVENT_SIGNAL; 855 } 856 mutex_exit(t->p_lock); 857 858 error = copyout(&pl, SCARG(uap, addr), sizeof(pl)); 859 break; 860 861 #ifdef PT_SETREGS 862 case PT_SETREGS: 863 write = 1; 864 #endif 865 #ifdef PT_GETREGS 866 case PT_GETREGS: 867 /* write = 0 done above. */ 868 #endif 869 #if defined(PT_SETREGS) || defined(PT_GETREGS) 870 tmp = SCARG(uap, data); 871 if (tmp != 0 && t->p_nlwps > 1) { 872 lwp_delref(lt); 873 mutex_enter(t->p_lock); 874 lt = lwp_find(t, tmp); 875 if (lt == NULL) { 876 mutex_exit(t->p_lock); 877 error = ESRCH; 878 break; 879 } 880 lwp_addref(lt); 881 mutex_exit(t->p_lock); 882 } 883 if (!process_validregs(lt)) 884 error = EINVAL; 885 else { 886 error = proc_vmspace_getref(l->l_proc, &vm); 887 if (error) 888 break; 889 iov.iov_base = SCARG(uap, addr); 890 iov.iov_len = sizeof(struct reg); 891 uio.uio_iov = &iov; 892 uio.uio_iovcnt = 1; 893 uio.uio_offset = 0; 894 uio.uio_resid = sizeof(struct reg); 895 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 896 uio.uio_vmspace = vm; 897 898 error = process_doregs(l, lt, &uio); 899 uvmspace_free(vm); 900 } 901 break; 902 #endif 903 904 #ifdef PT_SETFPREGS 905 case PT_SETFPREGS: 906 write = 1; 907 #endif 908 #ifdef PT_GETFPREGS 909 case PT_GETFPREGS: 910 /* write = 0 done above. */ 911 #endif 912 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 913 tmp = SCARG(uap, data); 914 if (tmp != 0 && t->p_nlwps > 1) { 915 lwp_delref(lt); 916 mutex_enter(t->p_lock); 917 lt = lwp_find(t, tmp); 918 if (lt == NULL) { 919 mutex_exit(t->p_lock); 920 error = ESRCH; 921 break; 922 } 923 lwp_addref(lt); 924 mutex_exit(t->p_lock); 925 } 926 if (!process_validfpregs(lt)) 927 error = EINVAL; 928 else { 929 error = proc_vmspace_getref(l->l_proc, &vm); 930 if (error) 931 break; 932 iov.iov_base = SCARG(uap, addr); 933 iov.iov_len = sizeof(struct fpreg); 934 uio.uio_iov = &iov; 935 uio.uio_iovcnt = 1; 936 uio.uio_offset = 0; 937 uio.uio_resid = sizeof(struct fpreg); 938 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 939 uio.uio_vmspace = vm; 940 941 error = process_dofpregs(l, lt, &uio); 942 uvmspace_free(vm); 943 } 944 break; 945 #endif 946 947 #ifdef __HAVE_PTRACE_MACHDEP 948 PTRACE_MACHDEP_REQUEST_CASES 949 error = ptrace_machdep_dorequest(l, lt, 950 req, SCARG(uap, addr), SCARG(uap, data)); 951 break; 952 #endif 953 } 954 955 if (pheld) { 956 mutex_exit(t->p_lock); 957 mutex_exit(proc_lock); 958 } 959 if (lt != NULL) 960 lwp_delref(lt); 961 rw_exit(&t->p_reflock); 962 963 return error; 964 } 965 966 int 967 process_doregs(struct lwp *curl /*tracer*/, 968 struct lwp *l /*traced*/, 969 struct uio *uio) 970 { 971 #if defined(PT_GETREGS) || defined(PT_SETREGS) 972 int error; 973 struct reg r; 974 char *kv; 975 int kl; 976 977 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 978 return EINVAL; 979 980 kl = sizeof(r); 981 kv = (char *)&r; 982 983 kv += uio->uio_offset; 984 kl -= uio->uio_offset; 985 if ((size_t)kl > uio->uio_resid) 986 kl = uio->uio_resid; 987 988 error = process_read_regs(l, &r); 989 if (error == 0) 990 error = uiomove(kv, kl, uio); 991 if (error == 0 && uio->uio_rw == UIO_WRITE) { 992 if (l->l_stat != LSSTOP) 993 error = EBUSY; 994 else 995 error = process_write_regs(l, &r); 996 } 997 998 uio->uio_offset = 0; 999 return (error); 1000 #else 1001 return (EINVAL); 1002 #endif 1003 } 1004 1005 int 1006 process_validregs(struct lwp *l) 1007 { 1008 1009 #if defined(PT_SETREGS) || defined(PT_GETREGS) 1010 return ((l->l_flag & LW_SYSTEM) == 0); 1011 #else 1012 return (0); 1013 #endif 1014 } 1015 1016 int 1017 process_dofpregs(struct lwp *curl /*tracer*/, 1018 struct lwp *l /*traced*/, 1019 struct uio *uio) 1020 { 1021 #if defined(PT_GETFPREGS) || defined(PT_SETFPREGS) 1022 int error; 1023 struct fpreg r; 1024 char *kv; 1025 size_t kl; 1026 1027 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 1028 return EINVAL; 1029 1030 kl = sizeof(r); 1031 kv = (char *)&r; 1032 1033 kv += uio->uio_offset; 1034 kl -= uio->uio_offset; 1035 if (kl > uio->uio_resid) 1036 kl = uio->uio_resid; 1037 1038 error = process_read_fpregs(l, &r, &kl); 1039 if (error == 0) 1040 error = uiomove(kv, kl, uio); 1041 if (error == 0 && uio->uio_rw == UIO_WRITE) { 1042 if (l->l_stat != LSSTOP) 1043 error = EBUSY; 1044 else 1045 error = process_write_fpregs(l, &r, kl); 1046 } 1047 uio->uio_offset = 0; 1048 return (error); 1049 #else 1050 return (EINVAL); 1051 #endif 1052 } 1053 1054 int 1055 process_validfpregs(struct lwp *l) 1056 { 1057 1058 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 1059 return ((l->l_flag & LW_SYSTEM) == 0); 1060 #else 1061 return (0); 1062 #endif 1063 } 1064 #endif /* PTRACE */ 1065 1066 #if defined(KTRACE) || defined(PTRACE) 1067 int 1068 process_domem(struct lwp *curl /*tracer*/, 1069 struct lwp *l /*traced*/, 1070 struct uio *uio) 1071 { 1072 struct proc *p = l->l_proc; /* traced */ 1073 struct vmspace *vm; 1074 int error; 1075 1076 size_t len; 1077 #ifdef PMAP_NEED_PROCWR 1078 vaddr_t addr; 1079 #endif 1080 1081 error = 0; 1082 len = uio->uio_resid; 1083 1084 if (len == 0) 1085 return (0); 1086 1087 #ifdef PMAP_NEED_PROCWR 1088 addr = uio->uio_offset; 1089 #endif 1090 1091 vm = p->p_vmspace; 1092 1093 mutex_enter(&vm->vm_map.misc_lock); 1094 if ((l->l_flag & LW_WEXIT) || vm->vm_refcnt < 1) 1095 error = EFAULT; 1096 if (error == 0) 1097 p->p_vmspace->vm_refcnt++; /* XXX */ 1098 mutex_exit(&vm->vm_map.misc_lock); 1099 if (error != 0) 1100 return (error); 1101 error = uvm_io(&vm->vm_map, uio); 1102 uvmspace_free(vm); 1103 1104 #ifdef PMAP_NEED_PROCWR 1105 if (error == 0 && uio->uio_rw == UIO_WRITE) 1106 pmap_procwr(p, addr, len); 1107 #endif 1108 return (error); 1109 } 1110 #endif /* KTRACE || PTRACE */ 1111 1112 #if defined(KTRACE) || defined(PTRACE) 1113 void 1114 process_stoptrace(void) 1115 { 1116 struct lwp *l = curlwp; 1117 struct proc *p = l->l_proc, *pp; 1118 1119 mutex_enter(proc_lock); 1120 mutex_enter(p->p_lock); 1121 pp = p->p_pptr; 1122 if (pp->p_pid == 1) { 1123 CLR(p->p_slflag, PSL_SYSCALL); /* XXXSMP */ 1124 mutex_exit(p->p_lock); 1125 mutex_exit(proc_lock); 1126 return; 1127 } 1128 1129 p->p_xstat = SIGTRAP; 1130 proc_stop(p, 1, SIGSTOP); 1131 mutex_exit(proc_lock); 1132 1133 if (sigispending(l, 0)) { 1134 lwp_lock(l); 1135 l->l_flag |= LW_PENDSIG; 1136 lwp_unlock(l); 1137 } 1138 mutex_exit(p->p_lock); 1139 } 1140 #endif /* KTRACE || PTRACE */ 1141