1 /* $NetBSD: sys_process.c,v 1.163 2014/01/04 00:10:03 dsl Exp $ */ 2 3 /*- 4 * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1989, 1993 34 * The Regents of the University of California. All rights reserved. 35 * (c) UNIX System Laboratories, Inc. 36 * All or some portions of this file are derived from material licensed 37 * to the University of California by American Telephone and Telegraph 38 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 39 * the permission of UNIX System Laboratories, Inc. 40 * 41 * This code is derived from software contributed to Berkeley by 42 * Jan-Simon Pendry. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. Neither the name of the University nor the names of its contributors 53 * may be used to endorse or promote products derived from this software 54 * without specific prior written permission. 55 * 56 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 57 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 59 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 60 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 61 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 62 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 63 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 64 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 65 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 66 * SUCH DAMAGE. 67 * 68 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 69 */ 70 71 /*- 72 * Copyright (c) 1993 Jan-Simon Pendry. 73 * Copyright (c) 1994 Christopher G. Demetriou. All rights reserved. 74 * 75 * This code is derived from software contributed to Berkeley by 76 * Jan-Simon Pendry. 77 * 78 * Redistribution and use in source and binary forms, with or without 79 * modification, are permitted provided that the following conditions 80 * are met: 81 * 1. Redistributions of source code must retain the above copyright 82 * notice, this list of conditions and the following disclaimer. 83 * 2. Redistributions in binary form must reproduce the above copyright 84 * notice, this list of conditions and the following disclaimer in the 85 * documentation and/or other materials provided with the distribution. 86 * 3. All advertising materials mentioning features or use of this software 87 * must display the following acknowledgement: 88 * This product includes software developed by the University of 89 * California, Berkeley and its contributors. 90 * 4. Neither the name of the University nor the names of its contributors 91 * may be used to endorse or promote products derived from this software 92 * without specific prior written permission. 93 * 94 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 97 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 104 * SUCH DAMAGE. 105 * 106 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 107 */ 108 109 /* 110 * References: 111 * (1) Bach's "The Design of the UNIX Operating System", 112 * (2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution, 113 * (3) the "4.4BSD Programmer's Reference Manual" published 114 * by USENIX and O'Reilly & Associates. 115 * The 4.4BSD PRM does a reasonably good job of documenting what the various 116 * ptrace() requests should actually do, and its text is quoted several times 117 * in this file. 118 */ 119 120 #include <sys/cdefs.h> 121 __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.163 2014/01/04 00:10:03 dsl Exp $"); 122 123 #include "opt_ptrace.h" 124 #include "opt_ktrace.h" 125 126 #include <sys/param.h> 127 #include <sys/systm.h> 128 #include <sys/proc.h> 129 #include <sys/errno.h> 130 #include <sys/ptrace.h> 131 #include <sys/uio.h> 132 #include <sys/ras.h> 133 #include <sys/kmem.h> 134 #include <sys/kauth.h> 135 #include <sys/mount.h> 136 #include <sys/syscallargs.h> 137 138 #include <uvm/uvm_extern.h> 139 140 #include <machine/reg.h> 141 142 #ifdef PTRACE 143 static kauth_listener_t ptrace_listener; 144 145 static int 146 ptrace_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 147 void *arg0, void *arg1, void *arg2, void *arg3) 148 { 149 struct proc *p; 150 int result; 151 152 result = KAUTH_RESULT_DEFER; 153 p = arg0; 154 155 if (action != KAUTH_PROCESS_PTRACE) 156 return result; 157 158 switch ((u_long)arg1) { 159 case PT_TRACE_ME: 160 case PT_ATTACH: 161 case PT_WRITE_I: 162 case PT_WRITE_D: 163 case PT_READ_I: 164 case PT_READ_D: 165 case PT_IO: 166 #ifdef PT_GETREGS 167 case PT_GETREGS: 168 #endif 169 #ifdef PT_SETREGS 170 case PT_SETREGS: 171 #endif 172 #ifdef PT_GETFPREGS 173 case PT_GETFPREGS: 174 #endif 175 #ifdef PT_SETFPREGS 176 case PT_SETFPREGS: 177 #endif 178 case PT_SET_EVENT_MASK: 179 case PT_GET_EVENT_MASK: 180 case PT_GET_PROCESS_STATE: 181 #ifdef __HAVE_PTRACE_MACHDEP 182 PTRACE_MACHDEP_REQUEST_CASES 183 #endif 184 if (kauth_cred_getuid(cred) != kauth_cred_getuid(p->p_cred) || 185 ISSET(p->p_flag, PK_SUGID)) { 186 break; 187 } 188 189 result = KAUTH_RESULT_ALLOW; 190 191 break; 192 193 #ifdef PT_STEP 194 case PT_STEP: 195 #endif 196 case PT_CONTINUE: 197 case PT_KILL: 198 case PT_DETACH: 199 case PT_LWPINFO: 200 case PT_SYSCALL: 201 case PT_SYSCALLEMU: 202 case PT_DUMPCORE: 203 result = KAUTH_RESULT_ALLOW; 204 break; 205 206 default: 207 break; 208 } 209 210 return result; 211 } 212 213 void 214 ptrace_init(void) 215 { 216 217 ptrace_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 218 ptrace_listener_cb, NULL); 219 } 220 221 /* 222 * Process debugging system call. 223 */ 224 int 225 sys_ptrace(struct lwp *l, const struct sys_ptrace_args *uap, register_t *retval) 226 { 227 /* { 228 syscallarg(int) req; 229 syscallarg(pid_t) pid; 230 syscallarg(void *) addr; 231 syscallarg(int) data; 232 } */ 233 struct proc *p = l->l_proc; 234 struct lwp *lt; 235 #ifdef PT_STEP 236 struct lwp *lt2; 237 #endif 238 struct proc *t; /* target process */ 239 struct uio uio; 240 struct iovec iov; 241 struct ptrace_io_desc piod; 242 struct ptrace_event pe; 243 struct ptrace_state ps; 244 struct ptrace_lwpinfo pl; 245 struct vmspace *vm; 246 int error, write, tmp, req, pheld; 247 int signo = 0; 248 int resume_all; 249 ksiginfo_t ksi; 250 char *path; 251 int len = 0; 252 253 error = 0; 254 req = SCARG(uap, req); 255 256 /* 257 * If attaching or detaching, we need to get a write hold on the 258 * proclist lock so that we can re-parent the target process. 259 */ 260 mutex_enter(proc_lock); 261 262 /* "A foolish consistency..." XXX */ 263 if (req == PT_TRACE_ME) { 264 t = p; 265 mutex_enter(t->p_lock); 266 } else { 267 /* Find the process we're supposed to be operating on. */ 268 t = proc_find(SCARG(uap, pid)); 269 if (t == NULL) { 270 mutex_exit(proc_lock); 271 return (ESRCH); 272 } 273 274 /* XXX-elad */ 275 mutex_enter(t->p_lock); 276 error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_CANSEE, 277 t, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL); 278 if (error) { 279 mutex_exit(proc_lock); 280 mutex_exit(t->p_lock); 281 return (ESRCH); 282 } 283 } 284 285 /* 286 * Grab a reference on the process to prevent it from execing or 287 * exiting. 288 */ 289 if (!rw_tryenter(&t->p_reflock, RW_READER)) { 290 mutex_exit(proc_lock); 291 mutex_exit(t->p_lock); 292 return EBUSY; 293 } 294 295 /* Make sure we can operate on it. */ 296 switch (req) { 297 case PT_TRACE_ME: 298 /* Saying that you're being traced is always legal. */ 299 break; 300 301 case PT_ATTACH: 302 /* 303 * You can't attach to a process if: 304 * (1) it's the process that's doing the attaching, 305 */ 306 if (t->p_pid == p->p_pid) { 307 error = EINVAL; 308 break; 309 } 310 311 /* 312 * (2) it's a system process 313 */ 314 if (t->p_flag & PK_SYSTEM) { 315 error = EPERM; 316 break; 317 } 318 319 /* 320 * (3) it's already being traced, or 321 */ 322 if (ISSET(t->p_slflag, PSL_TRACED)) { 323 error = EBUSY; 324 break; 325 } 326 327 /* 328 * (4) the tracer is chrooted, and its root directory is 329 * not at or above the root directory of the tracee 330 */ 331 mutex_exit(t->p_lock); /* XXXSMP */ 332 tmp = proc_isunder(t, l); 333 mutex_enter(t->p_lock); /* XXXSMP */ 334 if (!tmp) { 335 error = EPERM; 336 break; 337 } 338 break; 339 340 case PT_READ_I: 341 case PT_READ_D: 342 case PT_WRITE_I: 343 case PT_WRITE_D: 344 case PT_IO: 345 #ifdef PT_GETREGS 346 case PT_GETREGS: 347 #endif 348 #ifdef PT_SETREGS 349 case PT_SETREGS: 350 #endif 351 #ifdef PT_GETFPREGS 352 case PT_GETFPREGS: 353 #endif 354 #ifdef PT_SETFPREGS 355 case PT_SETFPREGS: 356 #endif 357 #ifdef __HAVE_PTRACE_MACHDEP 358 PTRACE_MACHDEP_REQUEST_CASES 359 #endif 360 /* 361 * You can't read/write the memory or registers of a process 362 * if the tracer is chrooted, and its root directory is not at 363 * or above the root directory of the tracee. 364 */ 365 mutex_exit(t->p_lock); /* XXXSMP */ 366 tmp = proc_isunder(t, l); 367 mutex_enter(t->p_lock); /* XXXSMP */ 368 if (!tmp) { 369 error = EPERM; 370 break; 371 } 372 /*FALLTHROUGH*/ 373 374 case PT_CONTINUE: 375 case PT_KILL: 376 case PT_DETACH: 377 case PT_LWPINFO: 378 case PT_SYSCALL: 379 case PT_SYSCALLEMU: 380 case PT_DUMPCORE: 381 #ifdef PT_STEP 382 case PT_STEP: 383 #endif 384 case PT_SET_EVENT_MASK: 385 case PT_GET_EVENT_MASK: 386 case PT_GET_PROCESS_STATE: 387 /* 388 * You can't do what you want to the process if: 389 * (1) It's not being traced at all, 390 */ 391 if (!ISSET(t->p_slflag, PSL_TRACED)) { 392 error = EPERM; 393 break; 394 } 395 396 /* 397 * (2) it's being traced by procfs (which has 398 * different signal delivery semantics), 399 */ 400 if (ISSET(t->p_slflag, PSL_FSTRACE)) { 401 uprintf("file system traced\n"); 402 error = EBUSY; 403 break; 404 } 405 406 /* 407 * (3) it's not being traced by _you_, or 408 */ 409 if (t->p_pptr != p) { 410 uprintf("parent %d != %d\n", t->p_pptr->p_pid, 411 p->p_pid); 412 error = EBUSY; 413 break; 414 } 415 416 /* 417 * (4) it's not currently stopped. 418 */ 419 if (t->p_stat != SSTOP || !t->p_waited /* XXXSMP */) { 420 uprintf("stat %d flag %d\n", t->p_stat, 421 !t->p_waited); 422 error = EBUSY; 423 break; 424 } 425 break; 426 427 default: /* It was not a legal request. */ 428 error = EINVAL; 429 break; 430 } 431 432 if (error == 0) { 433 error = kauth_authorize_process(l->l_cred, 434 KAUTH_PROCESS_PTRACE, t, KAUTH_ARG(req), 435 NULL, NULL); 436 } 437 if (error == 0) { 438 lt = lwp_find_first(t); 439 if (lt == NULL) 440 error = ESRCH; 441 } 442 443 if (error != 0) { 444 mutex_exit(proc_lock); 445 mutex_exit(t->p_lock); 446 rw_exit(&t->p_reflock); 447 return error; 448 } 449 450 /* Do single-step fixup if needed. */ 451 FIX_SSTEP(t); 452 KASSERT(lt != NULL); 453 lwp_addref(lt); 454 455 /* 456 * Which locks do we need held? XXX Ugly. 457 */ 458 switch (req) { 459 #ifdef PT_STEP 460 case PT_STEP: 461 #endif 462 case PT_CONTINUE: 463 case PT_DETACH: 464 case PT_KILL: 465 case PT_SYSCALL: 466 case PT_SYSCALLEMU: 467 case PT_ATTACH: 468 case PT_TRACE_ME: 469 pheld = 1; 470 break; 471 default: 472 mutex_exit(proc_lock); 473 mutex_exit(t->p_lock); 474 pheld = 0; 475 break; 476 } 477 478 /* Now do the operation. */ 479 write = 0; 480 *retval = 0; 481 tmp = 0; 482 resume_all = 1; 483 484 switch (req) { 485 case PT_TRACE_ME: 486 /* Just set the trace flag. */ 487 SET(t->p_slflag, PSL_TRACED); 488 t->p_opptr = t->p_pptr; 489 break; 490 491 case PT_WRITE_I: /* XXX no separate I and D spaces */ 492 case PT_WRITE_D: 493 #if defined(__HAVE_RAS) 494 /* 495 * Can't write to a RAS 496 */ 497 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 498 error = EACCES; 499 break; 500 } 501 #endif 502 write = 1; 503 tmp = SCARG(uap, data); 504 /* FALLTHROUGH */ 505 506 case PT_READ_I: /* XXX no separate I and D spaces */ 507 case PT_READ_D: 508 /* write = 0 done above. */ 509 iov.iov_base = (void *)&tmp; 510 iov.iov_len = sizeof(tmp); 511 uio.uio_iov = &iov; 512 uio.uio_iovcnt = 1; 513 uio.uio_offset = (off_t)(unsigned long)SCARG(uap, addr); 514 uio.uio_resid = sizeof(tmp); 515 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 516 UIO_SETUP_SYSSPACE(&uio); 517 518 error = process_domem(l, lt, &uio); 519 if (!write) 520 *retval = tmp; 521 break; 522 523 case PT_IO: 524 error = copyin(SCARG(uap, addr), &piod, sizeof(piod)); 525 if (error) 526 break; 527 switch (piod.piod_op) { 528 case PIOD_READ_D: 529 case PIOD_READ_I: 530 uio.uio_rw = UIO_READ; 531 break; 532 case PIOD_WRITE_D: 533 case PIOD_WRITE_I: 534 /* 535 * Can't write to a RAS 536 */ 537 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 538 return (EACCES); 539 } 540 uio.uio_rw = UIO_WRITE; 541 break; 542 default: 543 error = EINVAL; 544 break; 545 } 546 if (error) 547 break; 548 error = proc_vmspace_getref(l->l_proc, &vm); 549 if (error) 550 break; 551 iov.iov_base = piod.piod_addr; 552 iov.iov_len = piod.piod_len; 553 uio.uio_iov = &iov; 554 uio.uio_iovcnt = 1; 555 uio.uio_offset = (off_t)(unsigned long)piod.piod_offs; 556 uio.uio_resid = piod.piod_len; 557 uio.uio_vmspace = vm; 558 559 error = process_domem(l, lt, &uio); 560 piod.piod_len -= uio.uio_resid; 561 (void) copyout(&piod, SCARG(uap, addr), sizeof(piod)); 562 uvmspace_free(vm); 563 break; 564 565 case PT_DUMPCORE: 566 if ((path = SCARG(uap, addr)) != NULL) { 567 char *dst; 568 len = SCARG(uap, data); 569 570 if (len < 0 || len >= MAXPATHLEN) { 571 error = EINVAL; 572 break; 573 } 574 dst = kmem_alloc(len + 1, KM_SLEEP); 575 if ((error = copyin(path, dst, len)) != 0) { 576 kmem_free(dst, len + 1); 577 break; 578 } 579 path = dst; 580 path[len] = '\0'; 581 } 582 error = (*coredump_vec)(lt, path); 583 if (path) 584 kmem_free(path, len + 1); 585 break; 586 587 #ifdef PT_STEP 588 case PT_STEP: 589 /* 590 * From the 4.4BSD PRM: 591 * "Execution continues as in request PT_CONTINUE; however 592 * as soon as possible after execution of at least one 593 * instruction, execution stops again. [ ... ]" 594 */ 595 #endif 596 case PT_CONTINUE: 597 case PT_SYSCALL: 598 case PT_DETACH: 599 if (req == PT_SYSCALL) { 600 if (!ISSET(t->p_slflag, PSL_SYSCALL)) { 601 SET(t->p_slflag, PSL_SYSCALL); 602 #ifdef __HAVE_SYSCALL_INTERN 603 (*t->p_emul->e_syscall_intern)(t); 604 #endif 605 } 606 } else { 607 if (ISSET(t->p_slflag, PSL_SYSCALL)) { 608 CLR(t->p_slflag, PSL_SYSCALL); 609 #ifdef __HAVE_SYSCALL_INTERN 610 (*t->p_emul->e_syscall_intern)(t); 611 #endif 612 } 613 } 614 t->p_trace_enabled = trace_is_enabled(t); 615 616 /* 617 * Pick up the LWPID, if supplied. There are two cases: 618 * data < 0 : step or continue single thread, lwp = -data 619 * data > 0 in PT_STEP : step this thread, continue others 620 * For operations other than PT_STEP, data > 0 means 621 * data is the signo to deliver to the process. 622 */ 623 tmp = SCARG(uap, data); 624 if (tmp >= 0) { 625 #ifdef PT_STEP 626 if (req == PT_STEP) 627 signo = 0; 628 else 629 #endif 630 { 631 signo = tmp; 632 tmp = 0; /* don't search for LWP */ 633 } 634 } 635 else 636 tmp = -tmp; 637 638 if (tmp > 0) { 639 if (req == PT_DETACH) { 640 error = EINVAL; 641 break; 642 } 643 lwp_delref2 (lt); 644 lt = lwp_find(t, tmp); 645 if (lt == NULL) { 646 error = ESRCH; 647 break; 648 } 649 lwp_addref(lt); 650 resume_all = 0; 651 signo = 0; 652 } 653 654 /* 655 * From the 4.4BSD PRM: 656 * "The data argument is taken as a signal number and the 657 * child's execution continues at location addr as if it 658 * incurred that signal. Normally the signal number will 659 * be either 0 to indicate that the signal that caused the 660 * stop should be ignored, or that value fetched out of 661 * the process's image indicating which signal caused 662 * the stop. If addr is (int *)1 then execution continues 663 * from where it stopped." 664 */ 665 666 /* Check that the data is a valid signal number or zero. */ 667 if (signo < 0 || signo >= NSIG) { 668 error = EINVAL; 669 break; 670 } 671 672 /* If the address parameter is not (int *)1, set the pc. */ 673 if ((int *)SCARG(uap, addr) != (int *)1) { 674 error = process_set_pc(lt, SCARG(uap, addr)); 675 if (error != 0) 676 break; 677 } 678 #ifdef PT_STEP 679 /* 680 * Arrange for a single-step, if that's requested and possible. 681 * More precisely, set the single step status as requested for 682 * the requested thread, and clear it for other threads. 683 */ 684 LIST_FOREACH(lt2, &t->p_lwps, l_sibling) { 685 if (lt != lt2) 686 { 687 lwp_lock(lt2); 688 process_sstep(lt2, 0); 689 lwp_unlock(lt2); 690 } 691 } 692 error = process_sstep(lt, req == PT_STEP); 693 if (error) 694 break; 695 #endif 696 if (req == PT_DETACH) { 697 CLR(t->p_slflag, PSL_TRACED|PSL_FSTRACE|PSL_SYSCALL); 698 699 /* give process back to original parent or init */ 700 if (t->p_opptr != t->p_pptr) { 701 struct proc *pp = t->p_opptr; 702 proc_reparent(t, pp ? pp : initproc); 703 } 704 705 /* not being traced any more */ 706 t->p_opptr = NULL; 707 } 708 sendsig: 709 t->p_fpid = 0; 710 /* Finally, deliver the requested signal (or none). */ 711 if (t->p_stat == SSTOP) { 712 /* 713 * Unstop the process. If it needs to take a 714 * signal, make all efforts to ensure that at 715 * an LWP runs to see it. 716 */ 717 t->p_xstat = signo; 718 if (resume_all) 719 proc_unstop(t); 720 else 721 lwp_unstop(lt); 722 } else if (signo != 0) { 723 KSI_INIT_EMPTY(&ksi); 724 ksi.ksi_signo = signo; 725 kpsignal2(t, &ksi); 726 } 727 break; 728 729 case PT_SYSCALLEMU: 730 if (!ISSET(t->p_slflag, PSL_SYSCALL) || t->p_stat != SSTOP) { 731 error = EINVAL; 732 break; 733 } 734 SET(t->p_slflag, PSL_SYSCALLEMU); 735 break; 736 737 case PT_KILL: 738 /* just send the process a KILL signal. */ 739 signo = SIGKILL; 740 goto sendsig; /* in PT_CONTINUE, above. */ 741 742 case PT_ATTACH: 743 /* 744 * Go ahead and set the trace flag. 745 * Save the old parent (it's reset in 746 * _DETACH, and also in kern_exit.c:wait4() 747 * Reparent the process so that the tracing 748 * proc gets to see all the action. 749 * Stop the target. 750 */ 751 t->p_opptr = t->p_pptr; 752 if (t->p_pptr != p) { 753 struct proc *parent = t->p_pptr; 754 755 if (parent->p_lock < t->p_lock) { 756 if (!mutex_tryenter(parent->p_lock)) { 757 mutex_exit(t->p_lock); 758 mutex_enter(parent->p_lock); 759 } 760 } else if (parent->p_lock > t->p_lock) { 761 mutex_enter(parent->p_lock); 762 } 763 parent->p_slflag |= PSL_CHTRACED; 764 proc_reparent(t, p); 765 if (parent->p_lock != t->p_lock) 766 mutex_exit(parent->p_lock); 767 } 768 SET(t->p_slflag, PSL_TRACED); 769 signo = SIGSTOP; 770 goto sendsig; 771 772 case PT_GET_EVENT_MASK: 773 if (SCARG(uap, data) != sizeof(pe)) 774 return EINVAL; 775 memset(&pe, 0, sizeof(pe)); 776 pe.pe_set_event = ISSET(t->p_slflag, PSL_TRACEFORK) ? 777 PTRACE_FORK : 0; 778 error = copyout(&pe, SCARG(uap, addr), sizeof(pe)); 779 break; 780 781 case PT_SET_EVENT_MASK: 782 if (SCARG(uap, data) != sizeof(pe)) 783 return EINVAL; 784 if ((error = copyin(SCARG(uap, addr), &pe, sizeof(pe))) != 0) 785 return error; 786 if (pe.pe_set_event & PTRACE_FORK) 787 SET(t->p_slflag, PSL_TRACEFORK); 788 else 789 CLR(t->p_slflag, PSL_TRACEFORK); 790 break; 791 792 case PT_GET_PROCESS_STATE: 793 if (SCARG(uap, data) != sizeof(ps)) 794 return EINVAL; 795 memset(&ps, 0, sizeof(ps)); 796 if (t->p_fpid) { 797 ps.pe_report_event = PTRACE_FORK; 798 ps.pe_other_pid = t->p_fpid; 799 } 800 error = copyout(&ps, SCARG(uap, addr), sizeof(ps)); 801 break; 802 803 case PT_LWPINFO: 804 if (SCARG(uap, data) != sizeof(pl)) { 805 error = EINVAL; 806 break; 807 } 808 error = copyin(SCARG(uap, addr), &pl, sizeof(pl)); 809 if (error) 810 break; 811 tmp = pl.pl_lwpid; 812 lwp_delref(lt); 813 mutex_enter(t->p_lock); 814 if (tmp == 0) 815 lt = lwp_find_first(t); 816 else { 817 lt = lwp_find(t, tmp); 818 if (lt == NULL) { 819 mutex_exit(t->p_lock); 820 error = ESRCH; 821 break; 822 } 823 lt = LIST_NEXT(lt, l_sibling); 824 } 825 while (lt != NULL && !lwp_alive(lt)) 826 lt = LIST_NEXT(lt, l_sibling); 827 pl.pl_lwpid = 0; 828 pl.pl_event = 0; 829 if (lt) { 830 lwp_addref(lt); 831 pl.pl_lwpid = lt->l_lid; 832 if (lt->l_lid == t->p_sigctx.ps_lwp) 833 pl.pl_event = PL_EVENT_SIGNAL; 834 } 835 mutex_exit(t->p_lock); 836 837 error = copyout(&pl, SCARG(uap, addr), sizeof(pl)); 838 break; 839 840 #ifdef PT_SETREGS 841 case PT_SETREGS: 842 write = 1; 843 #endif 844 #ifdef PT_GETREGS 845 case PT_GETREGS: 846 /* write = 0 done above. */ 847 #endif 848 #if defined(PT_SETREGS) || defined(PT_GETREGS) 849 tmp = SCARG(uap, data); 850 if (tmp != 0 && t->p_nlwps > 1) { 851 lwp_delref(lt); 852 mutex_enter(t->p_lock); 853 lt = lwp_find(t, tmp); 854 if (lt == NULL) { 855 mutex_exit(t->p_lock); 856 error = ESRCH; 857 break; 858 } 859 lwp_addref(lt); 860 mutex_exit(t->p_lock); 861 } 862 if (!process_validregs(lt)) 863 error = EINVAL; 864 else { 865 error = proc_vmspace_getref(l->l_proc, &vm); 866 if (error) 867 break; 868 iov.iov_base = SCARG(uap, addr); 869 iov.iov_len = sizeof(struct reg); 870 uio.uio_iov = &iov; 871 uio.uio_iovcnt = 1; 872 uio.uio_offset = 0; 873 uio.uio_resid = sizeof(struct reg); 874 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 875 uio.uio_vmspace = vm; 876 877 error = process_doregs(l, lt, &uio); 878 uvmspace_free(vm); 879 } 880 break; 881 #endif 882 883 #ifdef PT_SETFPREGS 884 case PT_SETFPREGS: 885 write = 1; 886 #endif 887 #ifdef PT_GETFPREGS 888 case PT_GETFPREGS: 889 /* write = 0 done above. */ 890 #endif 891 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 892 tmp = SCARG(uap, data); 893 if (tmp != 0 && t->p_nlwps > 1) { 894 lwp_delref(lt); 895 mutex_enter(t->p_lock); 896 lt = lwp_find(t, tmp); 897 if (lt == NULL) { 898 mutex_exit(t->p_lock); 899 error = ESRCH; 900 break; 901 } 902 lwp_addref(lt); 903 mutex_exit(t->p_lock); 904 } 905 if (!process_validfpregs(lt)) 906 error = EINVAL; 907 else { 908 error = proc_vmspace_getref(l->l_proc, &vm); 909 if (error) 910 break; 911 iov.iov_base = SCARG(uap, addr); 912 iov.iov_len = sizeof(struct fpreg); 913 uio.uio_iov = &iov; 914 uio.uio_iovcnt = 1; 915 uio.uio_offset = 0; 916 uio.uio_resid = sizeof(struct fpreg); 917 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 918 uio.uio_vmspace = vm; 919 920 error = process_dofpregs(l, lt, &uio); 921 uvmspace_free(vm); 922 } 923 break; 924 #endif 925 926 #ifdef __HAVE_PTRACE_MACHDEP 927 PTRACE_MACHDEP_REQUEST_CASES 928 error = ptrace_machdep_dorequest(l, lt, 929 req, SCARG(uap, addr), SCARG(uap, data)); 930 break; 931 #endif 932 } 933 934 if (pheld) { 935 mutex_exit(t->p_lock); 936 mutex_exit(proc_lock); 937 } 938 if (lt != NULL) 939 lwp_delref(lt); 940 rw_exit(&t->p_reflock); 941 942 return error; 943 } 944 945 int 946 process_doregs(struct lwp *curl /*tracer*/, 947 struct lwp *l /*traced*/, 948 struct uio *uio) 949 { 950 #if defined(PT_GETREGS) || defined(PT_SETREGS) 951 int error; 952 struct reg r; 953 char *kv; 954 int kl; 955 956 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 957 return EINVAL; 958 959 kl = sizeof(r); 960 kv = (char *)&r; 961 962 kv += uio->uio_offset; 963 kl -= uio->uio_offset; 964 if ((size_t)kl > uio->uio_resid) 965 kl = uio->uio_resid; 966 967 error = process_read_regs(l, &r); 968 if (error == 0) 969 error = uiomove(kv, kl, uio); 970 if (error == 0 && uio->uio_rw == UIO_WRITE) { 971 if (l->l_stat != LSSTOP) 972 error = EBUSY; 973 else 974 error = process_write_regs(l, &r); 975 } 976 977 uio->uio_offset = 0; 978 return (error); 979 #else 980 return (EINVAL); 981 #endif 982 } 983 984 int 985 process_validregs(struct lwp *l) 986 { 987 988 #if defined(PT_SETREGS) || defined(PT_GETREGS) 989 return ((l->l_flag & LW_SYSTEM) == 0); 990 #else 991 return (0); 992 #endif 993 } 994 995 int 996 process_dofpregs(struct lwp *curl /*tracer*/, 997 struct lwp *l /*traced*/, 998 struct uio *uio) 999 { 1000 #if defined(PT_GETFPREGS) || defined(PT_SETFPREGS) 1001 int error; 1002 struct fpreg r; 1003 char *kv; 1004 size_t kl; 1005 1006 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 1007 return EINVAL; 1008 1009 kl = sizeof(r); 1010 kv = (char *)&r; 1011 1012 kv += uio->uio_offset; 1013 kl -= uio->uio_offset; 1014 if ((size_t)kl > uio->uio_resid) 1015 kl = uio->uio_resid; 1016 1017 error = process_read_fpregs(l, &r, &kl); 1018 if (error == 0) 1019 error = uiomove(kv, kl, uio); 1020 if (error == 0 && uio->uio_rw == UIO_WRITE) { 1021 if (l->l_stat != LSSTOP) 1022 error = EBUSY; 1023 else 1024 error = process_write_fpregs(l, &r, kl); 1025 } 1026 uio->uio_offset = 0; 1027 return (error); 1028 #else 1029 return (EINVAL); 1030 #endif 1031 } 1032 1033 int 1034 process_validfpregs(struct lwp *l) 1035 { 1036 1037 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 1038 return ((l->l_flag & LW_SYSTEM) == 0); 1039 #else 1040 return (0); 1041 #endif 1042 } 1043 #endif /* PTRACE */ 1044 1045 #if defined(KTRACE) || defined(PTRACE) 1046 int 1047 process_domem(struct lwp *curl /*tracer*/, 1048 struct lwp *l /*traced*/, 1049 struct uio *uio) 1050 { 1051 struct proc *p = l->l_proc; /* traced */ 1052 struct vmspace *vm; 1053 int error; 1054 1055 size_t len; 1056 #ifdef PMAP_NEED_PROCWR 1057 vaddr_t addr; 1058 #endif 1059 1060 error = 0; 1061 len = uio->uio_resid; 1062 1063 if (len == 0) 1064 return (0); 1065 1066 #ifdef PMAP_NEED_PROCWR 1067 addr = uio->uio_offset; 1068 #endif 1069 1070 vm = p->p_vmspace; 1071 1072 mutex_enter(&vm->vm_map.misc_lock); 1073 if ((l->l_flag & LW_WEXIT) || vm->vm_refcnt < 1) 1074 error = EFAULT; 1075 if (error == 0) 1076 p->p_vmspace->vm_refcnt++; /* XXX */ 1077 mutex_exit(&vm->vm_map.misc_lock); 1078 if (error != 0) 1079 return (error); 1080 error = uvm_io(&vm->vm_map, uio); 1081 uvmspace_free(vm); 1082 1083 #ifdef PMAP_NEED_PROCWR 1084 if (error == 0 && uio->uio_rw == UIO_WRITE) 1085 pmap_procwr(p, addr, len); 1086 #endif 1087 return (error); 1088 } 1089 #endif /* KTRACE || PTRACE */ 1090 1091 #if defined(KTRACE) || defined(PTRACE) 1092 void 1093 process_stoptrace(void) 1094 { 1095 struct lwp *l = curlwp; 1096 struct proc *p = l->l_proc, *pp; 1097 1098 mutex_enter(proc_lock); 1099 mutex_enter(p->p_lock); 1100 pp = p->p_pptr; 1101 if (pp->p_pid == 1) { 1102 CLR(p->p_slflag, PSL_SYSCALL); /* XXXSMP */ 1103 mutex_exit(p->p_lock); 1104 mutex_exit(proc_lock); 1105 return; 1106 } 1107 1108 p->p_xstat = SIGTRAP; 1109 proc_stop(p, 1, SIGSTOP); 1110 mutex_exit(proc_lock); 1111 1112 if (sigispending(l, 0)) { 1113 lwp_lock(l); 1114 l->l_flag |= LW_PENDSIG; 1115 lwp_unlock(l); 1116 } 1117 mutex_exit(p->p_lock); 1118 } 1119 #endif /* KTRACE || PTRACE */ 1120