1 /* $NetBSD: kern_proc.c,v 1.166 2010/06/10 20:54:53 pooka Exp $ */ 2 3 /*- 4 * Copyright (c) 1999, 2006, 2007, 2008 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility, 9 * NASA Ames Research Center, and by Andrew Doran. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 22 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 23 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 30 * POSSIBILITY OF SUCH DAMAGE. 31 */ 32 33 /* 34 * Copyright (c) 1982, 1986, 1989, 1991, 1993 35 * The Regents of the University of California. All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. Neither the name of the University nor the names of its contributors 46 * may be used to endorse or promote products derived from this software 47 * without specific prior written permission. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 50 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 51 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 52 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 53 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 54 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 55 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 56 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 57 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 58 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 59 * SUCH DAMAGE. 60 * 61 * @(#)kern_proc.c 8.7 (Berkeley) 2/14/95 62 */ 63 64 #include <sys/cdefs.h> 65 __KERNEL_RCSID(0, "$NetBSD: kern_proc.c,v 1.166 2010/06/10 20:54:53 pooka Exp $"); 66 67 #ifdef _KERNEL_OPT 68 #include "opt_kstack.h" 69 #include "opt_maxuprc.h" 70 #include "opt_dtrace.h" 71 #endif 72 73 #include <sys/param.h> 74 #include <sys/systm.h> 75 #include <sys/kernel.h> 76 #include <sys/proc.h> 77 #include <sys/resourcevar.h> 78 #include <sys/buf.h> 79 #include <sys/acct.h> 80 #include <sys/wait.h> 81 #include <sys/file.h> 82 #include <ufs/ufs/quota.h> 83 #include <sys/uio.h> 84 #include <sys/pool.h> 85 #include <sys/pset.h> 86 #include <sys/mbuf.h> 87 #include <sys/ioctl.h> 88 #include <sys/tty.h> 89 #include <sys/signalvar.h> 90 #include <sys/ras.h> 91 #include <sys/sa.h> 92 #include <sys/savar.h> 93 #include <sys/filedesc.h> 94 #include "sys/syscall_stats.h" 95 #include <sys/kauth.h> 96 #include <sys/sleepq.h> 97 #include <sys/atomic.h> 98 #include <sys/kmem.h> 99 #include <sys/dtrace_bsd.h> 100 101 #include <uvm/uvm.h> 102 #include <uvm/uvm_extern.h> 103 104 /* 105 * Other process lists 106 */ 107 108 struct proclist allproc; 109 struct proclist zombproc; /* resources have been freed */ 110 111 kmutex_t *proc_lock; 112 113 /* 114 * pid to proc lookup is done by indexing the pid_table array. 115 * Since pid numbers are only allocated when an empty slot 116 * has been found, there is no need to search any lists ever. 117 * (an orphaned pgrp will lock the slot, a session will lock 118 * the pgrp with the same number.) 119 * If the table is too small it is reallocated with twice the 120 * previous size and the entries 'unzipped' into the two halves. 121 * A linked list of free entries is passed through the pt_proc 122 * field of 'free' items - set odd to be an invalid ptr. 123 */ 124 125 struct pid_table { 126 struct proc *pt_proc; 127 struct pgrp *pt_pgrp; 128 }; 129 #if 1 /* strongly typed cast - should be a noop */ 130 static inline uint p2u(struct proc *p) { return (uint)(uintptr_t)p; } 131 #else 132 #define p2u(p) ((uint)p) 133 #endif 134 #define P_VALID(p) (!(p2u(p) & 1)) 135 #define P_NEXT(p) (p2u(p) >> 1) 136 #define P_FREE(pid) ((struct proc *)(uintptr_t)((pid) << 1 | 1)) 137 138 #define INITIAL_PID_TABLE_SIZE (1 << 5) 139 static struct pid_table *pid_table; 140 static uint pid_tbl_mask = INITIAL_PID_TABLE_SIZE - 1; 141 static uint pid_alloc_lim; /* max we allocate before growing table */ 142 static uint pid_alloc_cnt; /* number of allocated pids */ 143 144 /* links through free slots - never empty! */ 145 static uint next_free_pt, last_free_pt; 146 static pid_t pid_max = PID_MAX; /* largest value we allocate */ 147 148 /* Components of the first process -- never freed. */ 149 150 extern struct emul emul_netbsd; /* defined in kern_exec.c */ 151 152 struct session session0 = { 153 .s_count = 1, 154 .s_sid = 0, 155 }; 156 struct pgrp pgrp0 = { 157 .pg_members = LIST_HEAD_INITIALIZER(&pgrp0.pg_members), 158 .pg_session = &session0, 159 }; 160 filedesc_t filedesc0; 161 struct cwdinfo cwdi0 = { 162 .cwdi_cmask = CMASK, /* see cmask below */ 163 .cwdi_refcnt = 1, 164 }; 165 struct plimit limit0; 166 struct pstats pstat0; 167 struct vmspace vmspace0; 168 struct sigacts sigacts0; 169 struct proc proc0 = { 170 .p_lwps = LIST_HEAD_INITIALIZER(&proc0.p_lwps), 171 .p_sigwaiters = LIST_HEAD_INITIALIZER(&proc0.p_sigwaiters), 172 .p_nlwps = 1, 173 .p_nrlwps = 1, 174 .p_nlwpid = 1, /* must match lwp0.l_lid */ 175 .p_pgrp = &pgrp0, 176 .p_comm = "system", 177 /* 178 * Set P_NOCLDWAIT so that kernel threads are reparented to init(8) 179 * when they exit. init(8) can easily wait them out for us. 180 */ 181 .p_flag = PK_SYSTEM | PK_NOCLDWAIT, 182 .p_stat = SACTIVE, 183 .p_nice = NZERO, 184 .p_emul = &emul_netbsd, 185 .p_cwdi = &cwdi0, 186 .p_limit = &limit0, 187 .p_fd = &filedesc0, 188 .p_vmspace = &vmspace0, 189 .p_stats = &pstat0, 190 .p_sigacts = &sigacts0, 191 }; 192 kauth_cred_t cred0; 193 194 int nofile = NOFILE; 195 int maxuprc = MAXUPRC; 196 int cmask = CMASK; 197 198 MALLOC_DEFINE(M_EMULDATA, "emuldata", "Per-process emulation data"); 199 MALLOC_DEFINE(M_SUBPROC, "subproc", "Proc sub-structures"); 200 201 /* 202 * The process list descriptors, used during pid allocation and 203 * by sysctl. No locking on this data structure is needed since 204 * it is completely static. 205 */ 206 const struct proclist_desc proclists[] = { 207 { &allproc }, 208 { &zombproc }, 209 { NULL }, 210 }; 211 212 static struct pgrp * pg_remove(pid_t); 213 static void pg_delete(pid_t); 214 static void orphanpg(struct pgrp *); 215 216 static specificdata_domain_t proc_specificdata_domain; 217 218 static pool_cache_t proc_cache; 219 220 static kauth_listener_t proc_listener; 221 222 static int 223 proc_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 224 void *arg0, void *arg1, void *arg2, void *arg3) 225 { 226 struct proc *p; 227 int result; 228 229 result = KAUTH_RESULT_DEFER; 230 p = arg0; 231 232 switch (action) { 233 case KAUTH_PROCESS_CANSEE: { 234 enum kauth_process_req req; 235 236 req = (enum kauth_process_req)arg1; 237 238 switch (req) { 239 case KAUTH_REQ_PROCESS_CANSEE_ARGS: 240 case KAUTH_REQ_PROCESS_CANSEE_ENTRY: 241 case KAUTH_REQ_PROCESS_CANSEE_OPENFILES: 242 result = KAUTH_RESULT_ALLOW; 243 244 break; 245 246 case KAUTH_REQ_PROCESS_CANSEE_ENV: 247 if (kauth_cred_getuid(cred) != 248 kauth_cred_getuid(p->p_cred) || 249 kauth_cred_getuid(cred) != 250 kauth_cred_getsvuid(p->p_cred)) 251 break; 252 253 result = KAUTH_RESULT_ALLOW; 254 255 break; 256 257 default: 258 break; 259 } 260 261 break; 262 } 263 264 case KAUTH_PROCESS_FORK: { 265 int lnprocs = (int)(unsigned long)arg2; 266 267 /* 268 * Don't allow a nonprivileged user to use the last few 269 * processes. The variable lnprocs is the current number of 270 * processes, maxproc is the limit. 271 */ 272 if (__predict_false((lnprocs >= maxproc - 5))) 273 break; 274 275 result = KAUTH_RESULT_ALLOW; 276 277 break; 278 } 279 280 case KAUTH_PROCESS_CORENAME: 281 case KAUTH_PROCESS_STOPFLAG: 282 if (proc_uidmatch(cred, p->p_cred) == 0) 283 result = KAUTH_RESULT_ALLOW; 284 285 break; 286 287 default: 288 break; 289 } 290 291 return result; 292 } 293 294 /* 295 * Initialize global process hashing structures. 296 */ 297 void 298 procinit(void) 299 { 300 const struct proclist_desc *pd; 301 u_int i; 302 #define LINK_EMPTY ((PID_MAX + INITIAL_PID_TABLE_SIZE) & ~(INITIAL_PID_TABLE_SIZE - 1)) 303 304 for (pd = proclists; pd->pd_list != NULL; pd++) 305 LIST_INIT(pd->pd_list); 306 307 proc_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_NONE); 308 pid_table = kmem_alloc(INITIAL_PID_TABLE_SIZE 309 * sizeof(struct pid_table), KM_SLEEP); 310 311 /* Set free list running through table... 312 Preset 'use count' above PID_MAX so we allocate pid 1 next. */ 313 for (i = 0; i <= pid_tbl_mask; i++) { 314 pid_table[i].pt_proc = P_FREE(LINK_EMPTY + i + 1); 315 pid_table[i].pt_pgrp = 0; 316 } 317 /* slot 0 is just grabbed */ 318 next_free_pt = 1; 319 /* Need to fix last entry. */ 320 last_free_pt = pid_tbl_mask; 321 pid_table[last_free_pt].pt_proc = P_FREE(LINK_EMPTY); 322 /* point at which we grow table - to avoid reusing pids too often */ 323 pid_alloc_lim = pid_tbl_mask - 1; 324 #undef LINK_EMPTY 325 326 proc_specificdata_domain = specificdata_domain_create(); 327 KASSERT(proc_specificdata_domain != NULL); 328 329 proc_cache = pool_cache_init(sizeof(struct proc), 0, 0, 0, 330 "procpl", NULL, IPL_NONE, NULL, NULL, NULL); 331 332 proc_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 333 proc_listener_cb, NULL); 334 } 335 336 /* 337 * Initialize process 0. 338 */ 339 void 340 proc0_init(void) 341 { 342 struct proc *p; 343 struct pgrp *pg; 344 rlim_t lim; 345 int i; 346 347 p = &proc0; 348 pg = &pgrp0; 349 350 mutex_init(&p->p_stmutex, MUTEX_DEFAULT, IPL_HIGH); 351 mutex_init(&p->p_auxlock, MUTEX_DEFAULT, IPL_NONE); 352 p->p_lock = mutex_obj_alloc(MUTEX_DEFAULT, IPL_NONE); 353 354 rw_init(&p->p_reflock); 355 cv_init(&p->p_waitcv, "wait"); 356 cv_init(&p->p_lwpcv, "lwpwait"); 357 358 LIST_INSERT_HEAD(&p->p_lwps, &lwp0, l_sibling); 359 360 pid_table[0].pt_proc = p; 361 LIST_INSERT_HEAD(&allproc, p, p_list); 362 363 pid_table[0].pt_pgrp = pg; 364 LIST_INSERT_HEAD(&pg->pg_members, p, p_pglist); 365 366 #ifdef __HAVE_SYSCALL_INTERN 367 (*p->p_emul->e_syscall_intern)(p); 368 #endif 369 370 /* Create credentials. */ 371 cred0 = kauth_cred_alloc(); 372 p->p_cred = cred0; 373 374 /* Create the CWD info. */ 375 rw_init(&cwdi0.cwdi_lock); 376 377 /* Create the limits structures. */ 378 mutex_init(&limit0.pl_lock, MUTEX_DEFAULT, IPL_NONE); 379 for (i = 0; i < __arraycount(limit0.pl_rlimit); i++) 380 limit0.pl_rlimit[i].rlim_cur = 381 limit0.pl_rlimit[i].rlim_max = RLIM_INFINITY; 382 383 limit0.pl_rlimit[RLIMIT_NOFILE].rlim_max = maxfiles; 384 limit0.pl_rlimit[RLIMIT_NOFILE].rlim_cur = 385 maxfiles < nofile ? maxfiles : nofile; 386 387 limit0.pl_rlimit[RLIMIT_NPROC].rlim_max = maxproc; 388 limit0.pl_rlimit[RLIMIT_NPROC].rlim_cur = 389 maxproc < maxuprc ? maxproc : maxuprc; 390 391 lim = MIN(VM_MAXUSER_ADDRESS, ctob((rlim_t)uvmexp.free)); 392 limit0.pl_rlimit[RLIMIT_RSS].rlim_max = lim; 393 limit0.pl_rlimit[RLIMIT_MEMLOCK].rlim_max = lim; 394 limit0.pl_rlimit[RLIMIT_MEMLOCK].rlim_cur = lim / 3; 395 limit0.pl_corename = defcorename; 396 limit0.pl_refcnt = 1; 397 limit0.pl_sv_limit = NULL; 398 399 /* Configure virtual memory system, set vm rlimits. */ 400 uvm_init_limits(p); 401 402 /* Initialize file descriptor table for proc0. */ 403 fd_init(&filedesc0); 404 405 /* 406 * Initialize proc0's vmspace, which uses the kernel pmap. 407 * All kernel processes (which never have user space mappings) 408 * share proc0's vmspace, and thus, the kernel pmap. 409 */ 410 uvmspace_init(&vmspace0, pmap_kernel(), round_page(VM_MIN_ADDRESS), 411 trunc_page(VM_MAX_ADDRESS)); 412 413 /* Initialize signal state for proc0. XXX IPL_SCHED */ 414 mutex_init(&p->p_sigacts->sa_mutex, MUTEX_DEFAULT, IPL_SCHED); 415 siginit(p); 416 417 proc_initspecific(p); 418 kdtrace_proc_ctor(NULL, p); 419 } 420 421 /* 422 * Session reference counting. 423 */ 424 425 void 426 proc_sesshold(struct session *ss) 427 { 428 429 KASSERT(mutex_owned(proc_lock)); 430 ss->s_count++; 431 } 432 433 void 434 proc_sessrele(struct session *ss) 435 { 436 437 KASSERT(mutex_owned(proc_lock)); 438 /* 439 * We keep the pgrp with the same id as the session in order to 440 * stop a process being given the same pid. Since the pgrp holds 441 * a reference to the session, it must be a 'zombie' pgrp by now. 442 */ 443 if (--ss->s_count == 0) { 444 struct pgrp *pg; 445 446 pg = pg_remove(ss->s_sid); 447 mutex_exit(proc_lock); 448 449 kmem_free(pg, sizeof(struct pgrp)); 450 kmem_free(ss, sizeof(struct session)); 451 } else { 452 mutex_exit(proc_lock); 453 } 454 } 455 456 /* 457 * Check that the specified process group is in the session of the 458 * specified process. 459 * Treats -ve ids as process ids. 460 * Used to validate TIOCSPGRP requests. 461 */ 462 int 463 pgid_in_session(struct proc *p, pid_t pg_id) 464 { 465 struct pgrp *pgrp; 466 struct session *session; 467 int error; 468 469 mutex_enter(proc_lock); 470 if (pg_id < 0) { 471 struct proc *p1 = p_find(-pg_id, PFIND_LOCKED | PFIND_UNLOCK_FAIL); 472 if (p1 == NULL) 473 return EINVAL; 474 pgrp = p1->p_pgrp; 475 } else { 476 pgrp = pg_find(pg_id, PFIND_LOCKED | PFIND_UNLOCK_FAIL); 477 if (pgrp == NULL) 478 return EINVAL; 479 } 480 session = pgrp->pg_session; 481 if (session != p->p_pgrp->pg_session) 482 error = EPERM; 483 else 484 error = 0; 485 mutex_exit(proc_lock); 486 487 return error; 488 } 489 490 /* 491 * p_inferior: is p an inferior of q? 492 */ 493 static inline bool 494 p_inferior(struct proc *p, struct proc *q) 495 { 496 497 KASSERT(mutex_owned(proc_lock)); 498 499 for (; p != q; p = p->p_pptr) 500 if (p->p_pid == 0) 501 return false; 502 return true; 503 } 504 505 /* 506 * Locate a process by number 507 */ 508 struct proc * 509 p_find(pid_t pid, uint flags) 510 { 511 struct proc *p; 512 char stat; 513 514 if (!(flags & PFIND_LOCKED)) 515 mutex_enter(proc_lock); 516 517 p = pid_table[pid & pid_tbl_mask].pt_proc; 518 519 /* Only allow live processes to be found by pid. */ 520 /* XXXSMP p_stat */ 521 if (P_VALID(p) && p->p_pid == pid && ((stat = p->p_stat) == SACTIVE || 522 stat == SSTOP || ((flags & PFIND_ZOMBIE) && 523 (stat == SZOMB || stat == SDEAD || stat == SDYING)))) { 524 if (flags & PFIND_UNLOCK_OK) 525 mutex_exit(proc_lock); 526 return p; 527 } 528 if (flags & PFIND_UNLOCK_FAIL) 529 mutex_exit(proc_lock); 530 return NULL; 531 } 532 533 534 /* 535 * Locate a process group by number 536 */ 537 struct pgrp * 538 pg_find(pid_t pgid, uint flags) 539 { 540 struct pgrp *pg; 541 542 if (!(flags & PFIND_LOCKED)) 543 mutex_enter(proc_lock); 544 pg = pid_table[pgid & pid_tbl_mask].pt_pgrp; 545 /* 546 * Can't look up a pgrp that only exists because the session 547 * hasn't died yet (traditional) 548 */ 549 if (pg == NULL || pg->pg_id != pgid || LIST_EMPTY(&pg->pg_members)) { 550 if (flags & PFIND_UNLOCK_FAIL) 551 mutex_exit(proc_lock); 552 return NULL; 553 } 554 555 if (flags & PFIND_UNLOCK_OK) 556 mutex_exit(proc_lock); 557 return pg; 558 } 559 560 static void 561 expand_pid_table(void) 562 { 563 size_t pt_size, tsz; 564 struct pid_table *n_pt, *new_pt; 565 struct proc *proc; 566 struct pgrp *pgrp; 567 pid_t pid; 568 u_int i; 569 570 pt_size = pid_tbl_mask + 1; 571 tsz = pt_size * 2 * sizeof(struct pid_table); 572 new_pt = kmem_alloc(tsz, KM_SLEEP); 573 574 mutex_enter(proc_lock); 575 if (pt_size != pid_tbl_mask + 1) { 576 /* Another process beat us to it... */ 577 mutex_exit(proc_lock); 578 kmem_free(new_pt, tsz); 579 return; 580 } 581 582 /* 583 * Copy entries from old table into new one. 584 * If 'pid' is 'odd' we need to place in the upper half, 585 * even pid's to the lower half. 586 * Free items stay in the low half so we don't have to 587 * fixup the reference to them. 588 * We stuff free items on the front of the freelist 589 * because we can't write to unmodified entries. 590 * Processing the table backwards maintains a semblance 591 * of issueing pid numbers that increase with time. 592 */ 593 i = pt_size - 1; 594 n_pt = new_pt + i; 595 for (; ; i--, n_pt--) { 596 proc = pid_table[i].pt_proc; 597 pgrp = pid_table[i].pt_pgrp; 598 if (!P_VALID(proc)) { 599 /* Up 'use count' so that link is valid */ 600 pid = (P_NEXT(proc) + pt_size) & ~pt_size; 601 proc = P_FREE(pid); 602 if (pgrp) 603 pid = pgrp->pg_id; 604 } else 605 pid = proc->p_pid; 606 607 /* Save entry in appropriate half of table */ 608 n_pt[pid & pt_size].pt_proc = proc; 609 n_pt[pid & pt_size].pt_pgrp = pgrp; 610 611 /* Put other piece on start of free list */ 612 pid = (pid ^ pt_size) & ~pid_tbl_mask; 613 n_pt[pid & pt_size].pt_proc = 614 P_FREE((pid & ~pt_size) | next_free_pt); 615 n_pt[pid & pt_size].pt_pgrp = 0; 616 next_free_pt = i | (pid & pt_size); 617 if (i == 0) 618 break; 619 } 620 621 /* Save old table size and switch tables */ 622 tsz = pt_size * sizeof(struct pid_table); 623 n_pt = pid_table; 624 pid_table = new_pt; 625 pid_tbl_mask = pt_size * 2 - 1; 626 627 /* 628 * pid_max starts as PID_MAX (= 30000), once we have 16384 629 * allocated pids we need it to be larger! 630 */ 631 if (pid_tbl_mask > PID_MAX) { 632 pid_max = pid_tbl_mask * 2 + 1; 633 pid_alloc_lim |= pid_alloc_lim << 1; 634 } else 635 pid_alloc_lim <<= 1; /* doubles number of free slots... */ 636 637 mutex_exit(proc_lock); 638 kmem_free(n_pt, tsz); 639 } 640 641 struct proc * 642 proc_alloc(void) 643 { 644 struct proc *p; 645 int nxt; 646 pid_t pid; 647 struct pid_table *pt; 648 649 p = pool_cache_get(proc_cache, PR_WAITOK); 650 p->p_stat = SIDL; /* protect against others */ 651 652 proc_initspecific(p); 653 kdtrace_proc_ctor(NULL, p); 654 655 for (;;expand_pid_table()) { 656 if (__predict_false(pid_alloc_cnt >= pid_alloc_lim)) 657 /* ensure pids cycle through 2000+ values */ 658 continue; 659 mutex_enter(proc_lock); 660 pt = &pid_table[next_free_pt]; 661 #ifdef DIAGNOSTIC 662 if (__predict_false(P_VALID(pt->pt_proc) || pt->pt_pgrp)) 663 panic("proc_alloc: slot busy"); 664 #endif 665 nxt = P_NEXT(pt->pt_proc); 666 if (nxt & pid_tbl_mask) 667 break; 668 /* Table full - expand (NB last entry not used....) */ 669 mutex_exit(proc_lock); 670 } 671 672 /* pid is 'saved use count' + 'size' + entry */ 673 pid = (nxt & ~pid_tbl_mask) + pid_tbl_mask + 1 + next_free_pt; 674 if ((uint)pid > (uint)pid_max) 675 pid &= pid_tbl_mask; 676 p->p_pid = pid; 677 next_free_pt = nxt & pid_tbl_mask; 678 679 /* Grab table slot */ 680 pt->pt_proc = p; 681 pid_alloc_cnt++; 682 mutex_exit(proc_lock); 683 684 return p; 685 } 686 687 /* 688 * Free a process id - called from proc_free (in kern_exit.c) 689 * 690 * Called with the proc_lock held. 691 */ 692 void 693 proc_free_pid(struct proc *p) 694 { 695 pid_t pid = p->p_pid; 696 struct pid_table *pt; 697 698 KASSERT(mutex_owned(proc_lock)); 699 700 pt = &pid_table[pid & pid_tbl_mask]; 701 #ifdef DIAGNOSTIC 702 if (__predict_false(pt->pt_proc != p)) 703 panic("proc_free: pid_table mismatch, pid %x, proc %p", 704 pid, p); 705 #endif 706 /* save pid use count in slot */ 707 pt->pt_proc = P_FREE(pid & ~pid_tbl_mask); 708 709 if (pt->pt_pgrp == NULL) { 710 /* link last freed entry onto ours */ 711 pid &= pid_tbl_mask; 712 pt = &pid_table[last_free_pt]; 713 pt->pt_proc = P_FREE(P_NEXT(pt->pt_proc) | pid); 714 last_free_pt = pid; 715 pid_alloc_cnt--; 716 } 717 718 atomic_dec_uint(&nprocs); 719 } 720 721 void 722 proc_free_mem(struct proc *p) 723 { 724 725 kdtrace_proc_dtor(NULL, p); 726 pool_cache_put(proc_cache, p); 727 } 728 729 /* 730 * proc_enterpgrp: move p to a new or existing process group (and session). 731 * 732 * If we are creating a new pgrp, the pgid should equal 733 * the calling process' pid. 734 * If is only valid to enter a process group that is in the session 735 * of the process. 736 * Also mksess should only be set if we are creating a process group 737 * 738 * Only called from sys_setsid and sys_setpgid. 739 */ 740 int 741 proc_enterpgrp(struct proc *curp, pid_t pid, pid_t pgid, bool mksess) 742 { 743 struct pgrp *new_pgrp, *pgrp; 744 struct session *sess; 745 struct proc *p; 746 int rval; 747 pid_t pg_id = NO_PGID; 748 749 sess = mksess ? kmem_alloc(sizeof(*sess), KM_SLEEP) : NULL; 750 751 /* Allocate data areas we might need before doing any validity checks */ 752 mutex_enter(proc_lock); /* Because pid_table might change */ 753 if (pid_table[pgid & pid_tbl_mask].pt_pgrp == 0) { 754 mutex_exit(proc_lock); 755 new_pgrp = kmem_alloc(sizeof(*new_pgrp), KM_SLEEP); 756 mutex_enter(proc_lock); 757 } else 758 new_pgrp = NULL; 759 rval = EPERM; /* most common error (to save typing) */ 760 761 /* Check pgrp exists or can be created */ 762 pgrp = pid_table[pgid & pid_tbl_mask].pt_pgrp; 763 if (pgrp != NULL && pgrp->pg_id != pgid) 764 goto done; 765 766 /* Can only set another process under restricted circumstances. */ 767 if (pid != curp->p_pid) { 768 /* must exist and be one of our children... */ 769 if ((p = p_find(pid, PFIND_LOCKED)) == NULL || 770 !p_inferior(p, curp)) { 771 rval = ESRCH; 772 goto done; 773 } 774 /* ... in the same session... */ 775 if (sess != NULL || p->p_session != curp->p_session) 776 goto done; 777 /* ... existing pgid must be in same session ... */ 778 if (pgrp != NULL && pgrp->pg_session != p->p_session) 779 goto done; 780 /* ... and not done an exec. */ 781 if (p->p_flag & PK_EXEC) { 782 rval = EACCES; 783 goto done; 784 } 785 } else { 786 /* ... setsid() cannot re-enter a pgrp */ 787 if (mksess && (curp->p_pgid == curp->p_pid || 788 pg_find(curp->p_pid, PFIND_LOCKED))) 789 goto done; 790 p = curp; 791 } 792 793 /* Changing the process group/session of a session 794 leader is definitely off limits. */ 795 if (SESS_LEADER(p)) { 796 if (sess == NULL && p->p_pgrp == pgrp) 797 /* unless it's a definite noop */ 798 rval = 0; 799 goto done; 800 } 801 802 /* Can only create a process group with id of process */ 803 if (pgrp == NULL && pgid != pid) 804 goto done; 805 806 /* Can only create a session if creating pgrp */ 807 if (sess != NULL && pgrp != NULL) 808 goto done; 809 810 /* Check we allocated memory for a pgrp... */ 811 if (pgrp == NULL && new_pgrp == NULL) 812 goto done; 813 814 /* Don't attach to 'zombie' pgrp */ 815 if (pgrp != NULL && LIST_EMPTY(&pgrp->pg_members)) 816 goto done; 817 818 /* Expect to succeed now */ 819 rval = 0; 820 821 if (pgrp == p->p_pgrp) 822 /* nothing to do */ 823 goto done; 824 825 /* Ok all setup, link up required structures */ 826 827 if (pgrp == NULL) { 828 pgrp = new_pgrp; 829 new_pgrp = NULL; 830 if (sess != NULL) { 831 sess->s_sid = p->p_pid; 832 sess->s_leader = p; 833 sess->s_count = 1; 834 sess->s_ttyvp = NULL; 835 sess->s_ttyp = NULL; 836 sess->s_flags = p->p_session->s_flags & ~S_LOGIN_SET; 837 memcpy(sess->s_login, p->p_session->s_login, 838 sizeof(sess->s_login)); 839 p->p_lflag &= ~PL_CONTROLT; 840 } else { 841 sess = p->p_pgrp->pg_session; 842 proc_sesshold(sess); 843 } 844 pgrp->pg_session = sess; 845 sess = NULL; 846 847 pgrp->pg_id = pgid; 848 LIST_INIT(&pgrp->pg_members); 849 #ifdef DIAGNOSTIC 850 if (__predict_false(pid_table[pgid & pid_tbl_mask].pt_pgrp)) 851 panic("enterpgrp: pgrp table slot in use"); 852 if (__predict_false(mksess && p != curp)) 853 panic("enterpgrp: mksession and p != curproc"); 854 #endif 855 pid_table[pgid & pid_tbl_mask].pt_pgrp = pgrp; 856 pgrp->pg_jobc = 0; 857 } 858 859 /* 860 * Adjust eligibility of affected pgrps to participate in job control. 861 * Increment eligibility counts before decrementing, otherwise we 862 * could reach 0 spuriously during the first call. 863 */ 864 fixjobc(p, pgrp, 1); 865 fixjobc(p, p->p_pgrp, 0); 866 867 /* Interlock with ttread(). */ 868 mutex_spin_enter(&tty_lock); 869 870 /* Move process to requested group. */ 871 LIST_REMOVE(p, p_pglist); 872 if (LIST_EMPTY(&p->p_pgrp->pg_members)) 873 /* defer delete until we've dumped the lock */ 874 pg_id = p->p_pgrp->pg_id; 875 p->p_pgrp = pgrp; 876 LIST_INSERT_HEAD(&pgrp->pg_members, p, p_pglist); 877 878 /* Done with the swap; we can release the tty mutex. */ 879 mutex_spin_exit(&tty_lock); 880 881 done: 882 if (pg_id != NO_PGID) { 883 /* Releases proc_lock. */ 884 pg_delete(pg_id); 885 } else { 886 mutex_exit(proc_lock); 887 } 888 if (sess != NULL) 889 kmem_free(sess, sizeof(*sess)); 890 if (new_pgrp != NULL) 891 kmem_free(new_pgrp, sizeof(*new_pgrp)); 892 #ifdef DEBUG_PGRP 893 if (__predict_false(rval)) 894 printf("enterpgrp(%d,%d,%d), curproc %d, rval %d\n", 895 pid, pgid, mksess, curp->p_pid, rval); 896 #endif 897 return rval; 898 } 899 900 /* 901 * proc_leavepgrp: remove a process from its process group. 902 * => must be called with the proc_lock held, which will be released; 903 */ 904 void 905 proc_leavepgrp(struct proc *p) 906 { 907 struct pgrp *pgrp; 908 909 KASSERT(mutex_owned(proc_lock)); 910 911 /* Interlock with ttread() */ 912 mutex_spin_enter(&tty_lock); 913 pgrp = p->p_pgrp; 914 LIST_REMOVE(p, p_pglist); 915 p->p_pgrp = NULL; 916 mutex_spin_exit(&tty_lock); 917 918 if (LIST_EMPTY(&pgrp->pg_members)) { 919 /* Releases proc_lock. */ 920 pg_delete(pgrp->pg_id); 921 } else { 922 mutex_exit(proc_lock); 923 } 924 } 925 926 /* 927 * pg_remove: remove a process group from the table. 928 * => must be called with the proc_lock held; 929 * => returns process group to free; 930 */ 931 static struct pgrp * 932 pg_remove(pid_t pg_id) 933 { 934 struct pgrp *pgrp; 935 struct pid_table *pt; 936 937 KASSERT(mutex_owned(proc_lock)); 938 939 pt = &pid_table[pg_id & pid_tbl_mask]; 940 pgrp = pt->pt_pgrp; 941 942 KASSERT(pgrp != NULL); 943 KASSERT(pgrp->pg_id == pg_id); 944 KASSERT(LIST_EMPTY(&pgrp->pg_members)); 945 946 pt->pt_pgrp = NULL; 947 948 if (!P_VALID(pt->pt_proc)) { 949 /* Orphaned pgrp, put slot onto free list. */ 950 KASSERT((P_NEXT(pt->pt_proc) & pid_tbl_mask) == 0); 951 pg_id &= pid_tbl_mask; 952 pt = &pid_table[last_free_pt]; 953 pt->pt_proc = P_FREE(P_NEXT(pt->pt_proc) | pg_id); 954 last_free_pt = pg_id; 955 pid_alloc_cnt--; 956 } 957 return pgrp; 958 } 959 960 /* 961 * pg_delete: delete and free a process group. 962 * => must be called with the proc_lock held, which will be released. 963 */ 964 static void 965 pg_delete(pid_t pg_id) 966 { 967 struct pgrp *pg; 968 struct tty *ttyp; 969 struct session *ss; 970 971 KASSERT(mutex_owned(proc_lock)); 972 973 pg = pid_table[pg_id & pid_tbl_mask].pt_pgrp; 974 if (pg == NULL || pg->pg_id != pg_id || !LIST_EMPTY(&pg->pg_members)) { 975 mutex_exit(proc_lock); 976 return; 977 } 978 979 ss = pg->pg_session; 980 981 /* Remove reference (if any) from tty to this process group */ 982 mutex_spin_enter(&tty_lock); 983 ttyp = ss->s_ttyp; 984 if (ttyp != NULL && ttyp->t_pgrp == pg) { 985 ttyp->t_pgrp = NULL; 986 KASSERT(ttyp->t_session == ss); 987 } 988 mutex_spin_exit(&tty_lock); 989 990 /* 991 * The leading process group in a session is freed by proc_sessrele(), 992 * if last reference. Note: proc_sessrele() releases proc_lock. 993 */ 994 pg = (ss->s_sid != pg->pg_id) ? pg_remove(pg_id) : NULL; 995 proc_sessrele(ss); 996 997 if (pg != NULL) { 998 /* Free it, if was not done by proc_sessrele(). */ 999 kmem_free(pg, sizeof(struct pgrp)); 1000 } 1001 } 1002 1003 /* 1004 * Adjust pgrp jobc counters when specified process changes process group. 1005 * We count the number of processes in each process group that "qualify" 1006 * the group for terminal job control (those with a parent in a different 1007 * process group of the same session). If that count reaches zero, the 1008 * process group becomes orphaned. Check both the specified process' 1009 * process group and that of its children. 1010 * entering == 0 => p is leaving specified group. 1011 * entering == 1 => p is entering specified group. 1012 * 1013 * Call with proc_lock held. 1014 */ 1015 void 1016 fixjobc(struct proc *p, struct pgrp *pgrp, int entering) 1017 { 1018 struct pgrp *hispgrp; 1019 struct session *mysession = pgrp->pg_session; 1020 struct proc *child; 1021 1022 KASSERT(mutex_owned(proc_lock)); 1023 1024 /* 1025 * Check p's parent to see whether p qualifies its own process 1026 * group; if so, adjust count for p's process group. 1027 */ 1028 hispgrp = p->p_pptr->p_pgrp; 1029 if (hispgrp != pgrp && hispgrp->pg_session == mysession) { 1030 if (entering) { 1031 pgrp->pg_jobc++; 1032 p->p_lflag &= ~PL_ORPHANPG; 1033 } else if (--pgrp->pg_jobc == 0) 1034 orphanpg(pgrp); 1035 } 1036 1037 /* 1038 * Check this process' children to see whether they qualify 1039 * their process groups; if so, adjust counts for children's 1040 * process groups. 1041 */ 1042 LIST_FOREACH(child, &p->p_children, p_sibling) { 1043 hispgrp = child->p_pgrp; 1044 if (hispgrp != pgrp && hispgrp->pg_session == mysession && 1045 !P_ZOMBIE(child)) { 1046 if (entering) { 1047 child->p_lflag &= ~PL_ORPHANPG; 1048 hispgrp->pg_jobc++; 1049 } else if (--hispgrp->pg_jobc == 0) 1050 orphanpg(hispgrp); 1051 } 1052 } 1053 } 1054 1055 /* 1056 * A process group has become orphaned; 1057 * if there are any stopped processes in the group, 1058 * hang-up all process in that group. 1059 * 1060 * Call with proc_lock held. 1061 */ 1062 static void 1063 orphanpg(struct pgrp *pg) 1064 { 1065 struct proc *p; 1066 1067 KASSERT(mutex_owned(proc_lock)); 1068 1069 LIST_FOREACH(p, &pg->pg_members, p_pglist) { 1070 if (p->p_stat == SSTOP) { 1071 p->p_lflag |= PL_ORPHANPG; 1072 psignal(p, SIGHUP); 1073 psignal(p, SIGCONT); 1074 } 1075 } 1076 } 1077 1078 #ifdef DDB 1079 #include <ddb/db_output.h> 1080 void pidtbl_dump(void); 1081 void 1082 pidtbl_dump(void) 1083 { 1084 struct pid_table *pt; 1085 struct proc *p; 1086 struct pgrp *pgrp; 1087 int id; 1088 1089 db_printf("pid table %p size %x, next %x, last %x\n", 1090 pid_table, pid_tbl_mask+1, 1091 next_free_pt, last_free_pt); 1092 for (pt = pid_table, id = 0; id <= pid_tbl_mask; id++, pt++) { 1093 p = pt->pt_proc; 1094 if (!P_VALID(p) && !pt->pt_pgrp) 1095 continue; 1096 db_printf(" id %x: ", id); 1097 if (P_VALID(p)) 1098 db_printf("proc %p id %d (0x%x) %s\n", 1099 p, p->p_pid, p->p_pid, p->p_comm); 1100 else 1101 db_printf("next %x use %x\n", 1102 P_NEXT(p) & pid_tbl_mask, 1103 P_NEXT(p) & ~pid_tbl_mask); 1104 if ((pgrp = pt->pt_pgrp)) { 1105 db_printf("\tsession %p, sid %d, count %d, login %s\n", 1106 pgrp->pg_session, pgrp->pg_session->s_sid, 1107 pgrp->pg_session->s_count, 1108 pgrp->pg_session->s_login); 1109 db_printf("\tpgrp %p, pg_id %d, pg_jobc %d, members %p\n", 1110 pgrp, pgrp->pg_id, pgrp->pg_jobc, 1111 LIST_FIRST(&pgrp->pg_members)); 1112 LIST_FOREACH(p, &pgrp->pg_members, p_pglist) { 1113 db_printf("\t\tpid %d addr %p pgrp %p %s\n", 1114 p->p_pid, p, p->p_pgrp, p->p_comm); 1115 } 1116 } 1117 } 1118 } 1119 #endif /* DDB */ 1120 1121 #ifdef KSTACK_CHECK_MAGIC 1122 1123 #define KSTACK_MAGIC 0xdeadbeaf 1124 1125 /* XXX should be per process basis? */ 1126 static int kstackleftmin = KSTACK_SIZE; 1127 static int kstackleftthres = KSTACK_SIZE / 8; 1128 1129 void 1130 kstack_setup_magic(const struct lwp *l) 1131 { 1132 uint32_t *ip; 1133 uint32_t const *end; 1134 1135 KASSERT(l != NULL); 1136 KASSERT(l != &lwp0); 1137 1138 /* 1139 * fill all the stack with magic number 1140 * so that later modification on it can be detected. 1141 */ 1142 ip = (uint32_t *)KSTACK_LOWEST_ADDR(l); 1143 end = (uint32_t *)((char *)KSTACK_LOWEST_ADDR(l) + KSTACK_SIZE); 1144 for (; ip < end; ip++) { 1145 *ip = KSTACK_MAGIC; 1146 } 1147 } 1148 1149 void 1150 kstack_check_magic(const struct lwp *l) 1151 { 1152 uint32_t const *ip, *end; 1153 int stackleft; 1154 1155 KASSERT(l != NULL); 1156 1157 /* don't check proc0 */ /*XXX*/ 1158 if (l == &lwp0) 1159 return; 1160 1161 #ifdef __MACHINE_STACK_GROWS_UP 1162 /* stack grows upwards (eg. hppa) */ 1163 ip = (uint32_t *)((void *)KSTACK_LOWEST_ADDR(l) + KSTACK_SIZE); 1164 end = (uint32_t *)KSTACK_LOWEST_ADDR(l); 1165 for (ip--; ip >= end; ip--) 1166 if (*ip != KSTACK_MAGIC) 1167 break; 1168 1169 stackleft = (void *)KSTACK_LOWEST_ADDR(l) + KSTACK_SIZE - (void *)ip; 1170 #else /* __MACHINE_STACK_GROWS_UP */ 1171 /* stack grows downwards (eg. i386) */ 1172 ip = (uint32_t *)KSTACK_LOWEST_ADDR(l); 1173 end = (uint32_t *)((char *)KSTACK_LOWEST_ADDR(l) + KSTACK_SIZE); 1174 for (; ip < end; ip++) 1175 if (*ip != KSTACK_MAGIC) 1176 break; 1177 1178 stackleft = ((const char *)ip) - (const char *)KSTACK_LOWEST_ADDR(l); 1179 #endif /* __MACHINE_STACK_GROWS_UP */ 1180 1181 if (kstackleftmin > stackleft) { 1182 kstackleftmin = stackleft; 1183 if (stackleft < kstackleftthres) 1184 printf("warning: kernel stack left %d bytes" 1185 "(pid %u:lid %u)\n", stackleft, 1186 (u_int)l->l_proc->p_pid, (u_int)l->l_lid); 1187 } 1188 1189 if (stackleft <= 0) { 1190 panic("magic on the top of kernel stack changed for " 1191 "pid %u, lid %u: maybe kernel stack overflow", 1192 (u_int)l->l_proc->p_pid, (u_int)l->l_lid); 1193 } 1194 } 1195 #endif /* KSTACK_CHECK_MAGIC */ 1196 1197 int 1198 proclist_foreach_call(struct proclist *list, 1199 int (*callback)(struct proc *, void *arg), void *arg) 1200 { 1201 struct proc marker; 1202 struct proc *p; 1203 int ret = 0; 1204 1205 marker.p_flag = PK_MARKER; 1206 mutex_enter(proc_lock); 1207 for (p = LIST_FIRST(list); ret == 0 && p != NULL;) { 1208 if (p->p_flag & PK_MARKER) { 1209 p = LIST_NEXT(p, p_list); 1210 continue; 1211 } 1212 LIST_INSERT_AFTER(p, &marker, p_list); 1213 ret = (*callback)(p, arg); 1214 KASSERT(mutex_owned(proc_lock)); 1215 p = LIST_NEXT(&marker, p_list); 1216 LIST_REMOVE(&marker, p_list); 1217 } 1218 mutex_exit(proc_lock); 1219 1220 return ret; 1221 } 1222 1223 int 1224 proc_vmspace_getref(struct proc *p, struct vmspace **vm) 1225 { 1226 1227 /* XXXCDC: how should locking work here? */ 1228 1229 /* curproc exception is for coredump. */ 1230 1231 if ((p != curproc && (p->p_sflag & PS_WEXIT) != 0) || 1232 (p->p_vmspace->vm_refcnt < 1)) { /* XXX */ 1233 return EFAULT; 1234 } 1235 1236 uvmspace_addref(p->p_vmspace); 1237 *vm = p->p_vmspace; 1238 1239 return 0; 1240 } 1241 1242 /* 1243 * Acquire a write lock on the process credential. 1244 */ 1245 void 1246 proc_crmod_enter(void) 1247 { 1248 struct lwp *l = curlwp; 1249 struct proc *p = l->l_proc; 1250 struct plimit *lim; 1251 kauth_cred_t oc; 1252 char *cn; 1253 1254 /* Reset what needs to be reset in plimit. */ 1255 if (p->p_limit->pl_corename != defcorename) { 1256 lim_privatise(p, false); 1257 lim = p->p_limit; 1258 mutex_enter(&lim->pl_lock); 1259 cn = lim->pl_corename; 1260 lim->pl_corename = defcorename; 1261 mutex_exit(&lim->pl_lock); 1262 if (cn != defcorename) 1263 free(cn, M_TEMP); 1264 } 1265 1266 mutex_enter(p->p_lock); 1267 1268 /* Ensure the LWP cached credentials are up to date. */ 1269 if ((oc = l->l_cred) != p->p_cred) { 1270 kauth_cred_hold(p->p_cred); 1271 l->l_cred = p->p_cred; 1272 kauth_cred_free(oc); 1273 } 1274 1275 } 1276 1277 /* 1278 * Set in a new process credential, and drop the write lock. The credential 1279 * must have a reference already. Optionally, free a no-longer required 1280 * credential. The scheduler also needs to inspect p_cred, so we also 1281 * briefly acquire the sched state mutex. 1282 */ 1283 void 1284 proc_crmod_leave(kauth_cred_t scred, kauth_cred_t fcred, bool sugid) 1285 { 1286 struct lwp *l = curlwp, *l2; 1287 struct proc *p = l->l_proc; 1288 kauth_cred_t oc; 1289 1290 KASSERT(mutex_owned(p->p_lock)); 1291 1292 /* Is there a new credential to set in? */ 1293 if (scred != NULL) { 1294 p->p_cred = scred; 1295 LIST_FOREACH(l2, &p->p_lwps, l_sibling) { 1296 if (l2 != l) 1297 l2->l_prflag |= LPR_CRMOD; 1298 } 1299 1300 /* Ensure the LWP cached credentials are up to date. */ 1301 if ((oc = l->l_cred) != scred) { 1302 kauth_cred_hold(scred); 1303 l->l_cred = scred; 1304 } 1305 } else 1306 oc = NULL; /* XXXgcc */ 1307 1308 if (sugid) { 1309 /* 1310 * Mark process as having changed credentials, stops 1311 * tracing etc. 1312 */ 1313 p->p_flag |= PK_SUGID; 1314 } 1315 1316 mutex_exit(p->p_lock); 1317 1318 /* If there is a credential to be released, free it now. */ 1319 if (fcred != NULL) { 1320 KASSERT(scred != NULL); 1321 kauth_cred_free(fcred); 1322 if (oc != scred) 1323 kauth_cred_free(oc); 1324 } 1325 } 1326 1327 /* 1328 * proc_specific_key_create -- 1329 * Create a key for subsystem proc-specific data. 1330 */ 1331 int 1332 proc_specific_key_create(specificdata_key_t *keyp, specificdata_dtor_t dtor) 1333 { 1334 1335 return (specificdata_key_create(proc_specificdata_domain, keyp, dtor)); 1336 } 1337 1338 /* 1339 * proc_specific_key_delete -- 1340 * Delete a key for subsystem proc-specific data. 1341 */ 1342 void 1343 proc_specific_key_delete(specificdata_key_t key) 1344 { 1345 1346 specificdata_key_delete(proc_specificdata_domain, key); 1347 } 1348 1349 /* 1350 * proc_initspecific -- 1351 * Initialize a proc's specificdata container. 1352 */ 1353 void 1354 proc_initspecific(struct proc *p) 1355 { 1356 int error; 1357 1358 error = specificdata_init(proc_specificdata_domain, &p->p_specdataref); 1359 KASSERT(error == 0); 1360 } 1361 1362 /* 1363 * proc_finispecific -- 1364 * Finalize a proc's specificdata container. 1365 */ 1366 void 1367 proc_finispecific(struct proc *p) 1368 { 1369 1370 specificdata_fini(proc_specificdata_domain, &p->p_specdataref); 1371 } 1372 1373 /* 1374 * proc_getspecific -- 1375 * Return proc-specific data corresponding to the specified key. 1376 */ 1377 void * 1378 proc_getspecific(struct proc *p, specificdata_key_t key) 1379 { 1380 1381 return (specificdata_getspecific(proc_specificdata_domain, 1382 &p->p_specdataref, key)); 1383 } 1384 1385 /* 1386 * proc_setspecific -- 1387 * Set proc-specific data corresponding to the specified key. 1388 */ 1389 void 1390 proc_setspecific(struct proc *p, specificdata_key_t key, void *data) 1391 { 1392 1393 specificdata_setspecific(proc_specificdata_domain, 1394 &p->p_specdataref, key, data); 1395 } 1396 1397 int 1398 proc_uidmatch(kauth_cred_t cred, kauth_cred_t target) 1399 { 1400 int r = 0; 1401 1402 if (kauth_cred_getuid(cred) != kauth_cred_getuid(target) || 1403 kauth_cred_getuid(cred) != kauth_cred_getsvuid(target)) { 1404 /* 1405 * suid proc of ours or proc not ours 1406 */ 1407 r = EPERM; 1408 } else if (kauth_cred_getgid(target) != kauth_cred_getsvgid(target)) { 1409 /* 1410 * sgid proc has sgid back to us temporarily 1411 */ 1412 r = EPERM; 1413 } else { 1414 /* 1415 * our rgid must be in target's group list (ie, 1416 * sub-processes started by a sgid process) 1417 */ 1418 int ismember = 0; 1419 1420 if (kauth_cred_ismember_gid(cred, 1421 kauth_cred_getgid(target), &ismember) != 0 || 1422 !ismember) 1423 r = EPERM; 1424 } 1425 1426 return (r); 1427 } 1428 1429