1 /* $NetBSD: sys_process.c,v 1.155 2010/04/07 13:10:46 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1989, 1993 34 * The Regents of the University of California. All rights reserved. 35 * (c) UNIX System Laboratories, Inc. 36 * All or some portions of this file are derived from material licensed 37 * to the University of California by American Telephone and Telegraph 38 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 39 * the permission of UNIX System Laboratories, Inc. 40 * 41 * This code is derived from software contributed to Berkeley by 42 * Jan-Simon Pendry. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. Neither the name of the University nor the names of its contributors 53 * may be used to endorse or promote products derived from this software 54 * without specific prior written permission. 55 * 56 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 57 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 59 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 60 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 61 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 62 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 63 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 64 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 65 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 66 * SUCH DAMAGE. 67 * 68 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 69 */ 70 71 /*- 72 * Copyright (c) 1993 Jan-Simon Pendry. 73 * Copyright (c) 1994 Christopher G. Demetriou. All rights reserved. 74 * 75 * This code is derived from software contributed to Berkeley by 76 * Jan-Simon Pendry. 77 * 78 * Redistribution and use in source and binary forms, with or without 79 * modification, are permitted provided that the following conditions 80 * are met: 81 * 1. Redistributions of source code must retain the above copyright 82 * notice, this list of conditions and the following disclaimer. 83 * 2. Redistributions in binary form must reproduce the above copyright 84 * notice, this list of conditions and the following disclaimer in the 85 * documentation and/or other materials provided with the distribution. 86 * 3. All advertising materials mentioning features or use of this software 87 * must display the following acknowledgement: 88 * This product includes software developed by the University of 89 * California, Berkeley and its contributors. 90 * 4. Neither the name of the University nor the names of its contributors 91 * may be used to endorse or promote products derived from this software 92 * without specific prior written permission. 93 * 94 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 97 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 104 * SUCH DAMAGE. 105 * 106 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 107 */ 108 109 /* 110 * References: 111 * (1) Bach's "The Design of the UNIX Operating System", 112 * (2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution, 113 * (3) the "4.4BSD Programmer's Reference Manual" published 114 * by USENIX and O'Reilly & Associates. 115 * The 4.4BSD PRM does a reasonably good job of documenting what the various 116 * ptrace() requests should actually do, and its text is quoted several times 117 * in this file. 118 */ 119 120 #include <sys/cdefs.h> 121 __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.155 2010/04/07 13:10:46 christos Exp $"); 122 123 #include "opt_ptrace.h" 124 #include "opt_ktrace.h" 125 126 #include <sys/param.h> 127 #include <sys/systm.h> 128 #include <sys/proc.h> 129 #include <sys/errno.h> 130 #include <sys/ptrace.h> 131 #include <sys/uio.h> 132 #include <sys/ras.h> 133 #include <sys/kmem.h> 134 #include <sys/kauth.h> 135 #include <sys/mount.h> 136 #include <sys/syscallargs.h> 137 138 #include <uvm/uvm_extern.h> 139 140 #include <machine/reg.h> 141 142 #ifdef PTRACE 143 static kauth_listener_t ptrace_listener; 144 145 static int 146 ptrace_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 147 void *arg0, void *arg1, void *arg2, void *arg3) 148 { 149 struct proc *p; 150 int result; 151 152 result = KAUTH_RESULT_DEFER; 153 p = arg0; 154 155 if (action != KAUTH_PROCESS_PTRACE) 156 return result; 157 158 switch ((u_long)arg1) { 159 case PT_TRACE_ME: 160 case PT_ATTACH: 161 case PT_WRITE_I: 162 case PT_WRITE_D: 163 case PT_READ_I: 164 case PT_READ_D: 165 case PT_IO: 166 #ifdef PT_GETREGS 167 case PT_GETREGS: 168 #endif 169 #ifdef PT_SETREGS 170 case PT_SETREGS: 171 #endif 172 #ifdef PT_GETFPREGS 173 case PT_GETFPREGS: 174 #endif 175 #ifdef PT_SETFPREGS 176 case PT_SETFPREGS: 177 #endif 178 #ifdef __HAVE_PTRACE_MACHDEP 179 PTRACE_MACHDEP_REQUEST_CASES 180 #endif 181 if (kauth_cred_getuid(cred) != kauth_cred_getuid(p->p_cred) || 182 ISSET(p->p_flag, PK_SUGID)) { 183 break; 184 } 185 186 result = KAUTH_RESULT_ALLOW; 187 188 break; 189 190 #ifdef PT_STEP 191 case PT_STEP: 192 #endif 193 case PT_CONTINUE: 194 case PT_KILL: 195 case PT_DETACH: 196 case PT_LWPINFO: 197 case PT_SYSCALL: 198 case PT_DUMPCORE: 199 result = KAUTH_RESULT_ALLOW; 200 break; 201 202 default: 203 break; 204 } 205 206 return result; 207 } 208 209 void 210 ptrace_init(void) 211 { 212 213 ptrace_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 214 ptrace_listener_cb, NULL); 215 } 216 217 /* 218 * Process debugging system call. 219 */ 220 int 221 sys_ptrace(struct lwp *l, const struct sys_ptrace_args *uap, register_t *retval) 222 { 223 /* { 224 syscallarg(int) req; 225 syscallarg(pid_t) pid; 226 syscallarg(void *) addr; 227 syscallarg(int) data; 228 } */ 229 struct proc *p = l->l_proc; 230 struct lwp *lt; 231 #ifdef PT_STEP 232 struct lwp *lt2; 233 #endif 234 struct proc *t; /* target process */ 235 struct uio uio; 236 struct iovec iov; 237 struct ptrace_io_desc piod; 238 struct ptrace_lwpinfo pl; 239 struct vmspace *vm; 240 int error, write, tmp, req, pheld; 241 int signo = 0; 242 int resume_all; 243 ksiginfo_t ksi; 244 char *path; 245 int len; 246 247 error = 0; 248 req = SCARG(uap, req); 249 250 /* 251 * If attaching or detaching, we need to get a write hold on the 252 * proclist lock so that we can re-parent the target process. 253 */ 254 mutex_enter(proc_lock); 255 256 /* "A foolish consistency..." XXX */ 257 if (req == PT_TRACE_ME) { 258 t = p; 259 mutex_enter(t->p_lock); 260 } else { 261 /* Find the process we're supposed to be operating on. */ 262 if ((t = p_find(SCARG(uap, pid), PFIND_LOCKED)) == NULL) { 263 mutex_exit(proc_lock); 264 return (ESRCH); 265 } 266 267 /* XXX-elad */ 268 mutex_enter(t->p_lock); 269 error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_CANSEE, 270 t, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL); 271 if (error) { 272 mutex_exit(proc_lock); 273 mutex_exit(t->p_lock); 274 return (ESRCH); 275 } 276 } 277 278 /* 279 * Grab a reference on the process to prevent it from execing or 280 * exiting. 281 */ 282 if (!rw_tryenter(&t->p_reflock, RW_READER)) { 283 mutex_exit(proc_lock); 284 mutex_exit(t->p_lock); 285 return EBUSY; 286 } 287 288 /* Make sure we can operate on it. */ 289 switch (req) { 290 case PT_TRACE_ME: 291 /* Saying that you're being traced is always legal. */ 292 break; 293 294 case PT_ATTACH: 295 /* 296 * You can't attach to a process if: 297 * (1) it's the process that's doing the attaching, 298 */ 299 if (t->p_pid == p->p_pid) { 300 error = EINVAL; 301 break; 302 } 303 304 /* 305 * (2) it's a system process 306 */ 307 if (t->p_flag & PK_SYSTEM) { 308 error = EPERM; 309 break; 310 } 311 312 /* 313 * (3) it's already being traced, or 314 */ 315 if (ISSET(t->p_slflag, PSL_TRACED)) { 316 error = EBUSY; 317 break; 318 } 319 320 /* 321 * (4) the tracer is chrooted, and its root directory is 322 * not at or above the root directory of the tracee 323 */ 324 mutex_exit(t->p_lock); /* XXXSMP */ 325 tmp = proc_isunder(t, l); 326 mutex_enter(t->p_lock); /* XXXSMP */ 327 if (!tmp) { 328 error = EPERM; 329 break; 330 } 331 break; 332 333 case PT_READ_I: 334 case PT_READ_D: 335 case PT_WRITE_I: 336 case PT_WRITE_D: 337 case PT_IO: 338 #ifdef PT_GETREGS 339 case PT_GETREGS: 340 #endif 341 #ifdef PT_SETREGS 342 case PT_SETREGS: 343 #endif 344 #ifdef PT_GETFPREGS 345 case PT_GETFPREGS: 346 #endif 347 #ifdef PT_SETFPREGS 348 case PT_SETFPREGS: 349 #endif 350 #ifdef __HAVE_PTRACE_MACHDEP 351 PTRACE_MACHDEP_REQUEST_CASES 352 #endif 353 /* 354 * You can't read/write the memory or registers of a process 355 * if the tracer is chrooted, and its root directory is not at 356 * or above the root directory of the tracee. 357 */ 358 mutex_exit(t->p_lock); /* XXXSMP */ 359 tmp = proc_isunder(t, l); 360 mutex_enter(t->p_lock); /* XXXSMP */ 361 if (!tmp) { 362 error = EPERM; 363 break; 364 } 365 /*FALLTHROUGH*/ 366 367 case PT_CONTINUE: 368 case PT_KILL: 369 case PT_DETACH: 370 case PT_LWPINFO: 371 case PT_SYSCALL: 372 case PT_DUMPCORE: 373 #ifdef PT_STEP 374 case PT_STEP: 375 #endif 376 /* 377 * You can't do what you want to the process if: 378 * (1) It's not being traced at all, 379 */ 380 if (!ISSET(t->p_slflag, PSL_TRACED)) { 381 error = EPERM; 382 break; 383 } 384 385 /* 386 * (2) it's being traced by procfs (which has 387 * different signal delivery semantics), 388 */ 389 if (ISSET(t->p_slflag, PSL_FSTRACE)) { 390 uprintf("file system traced\n"); 391 error = EBUSY; 392 break; 393 } 394 395 /* 396 * (3) it's not being traced by _you_, or 397 */ 398 if (t->p_pptr != p) { 399 uprintf("parent %d != %d\n", t->p_pptr->p_pid, 400 p->p_pid); 401 error = EBUSY; 402 break; 403 } 404 405 /* 406 * (4) it's not currently stopped. 407 */ 408 if (t->p_stat != SSTOP || !t->p_waited /* XXXSMP */) { 409 uprintf("stat %d flag %d\n", t->p_stat, 410 !t->p_waited); 411 error = EBUSY; 412 break; 413 } 414 break; 415 416 default: /* It was not a legal request. */ 417 error = EINVAL; 418 break; 419 } 420 421 if (error == 0) { 422 error = kauth_authorize_process(l->l_cred, 423 KAUTH_PROCESS_PTRACE, t, KAUTH_ARG(req), 424 NULL, NULL); 425 } 426 if (error == 0) { 427 lt = lwp_find_first(t); 428 if (lt == NULL) 429 error = ESRCH; 430 } 431 432 if (error != 0) { 433 mutex_exit(proc_lock); 434 mutex_exit(t->p_lock); 435 rw_exit(&t->p_reflock); 436 return error; 437 } 438 439 /* Do single-step fixup if needed. */ 440 FIX_SSTEP(t); 441 KASSERT(lt != NULL); 442 lwp_addref(lt); 443 444 /* 445 * Which locks do we need held? XXX Ugly. 446 */ 447 switch (req) { 448 #ifdef PT_STEP 449 case PT_STEP: 450 #endif 451 case PT_CONTINUE: 452 case PT_DETACH: 453 case PT_KILL: 454 case PT_SYSCALL: 455 case PT_ATTACH: 456 case PT_TRACE_ME: 457 pheld = 1; 458 break; 459 default: 460 mutex_exit(proc_lock); 461 mutex_exit(t->p_lock); 462 pheld = 0; 463 break; 464 } 465 466 /* Now do the operation. */ 467 write = 0; 468 *retval = 0; 469 tmp = 0; 470 resume_all = 1; 471 472 switch (req) { 473 case PT_TRACE_ME: 474 /* Just set the trace flag. */ 475 SET(t->p_slflag, PSL_TRACED); 476 t->p_opptr = t->p_pptr; 477 break; 478 479 case PT_WRITE_I: /* XXX no separate I and D spaces */ 480 case PT_WRITE_D: 481 #if defined(__HAVE_RAS) 482 /* 483 * Can't write to a RAS 484 */ 485 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 486 error = EACCES; 487 break; 488 } 489 #endif 490 write = 1; 491 tmp = SCARG(uap, data); 492 /* FALLTHROUGH */ 493 494 case PT_READ_I: /* XXX no separate I and D spaces */ 495 case PT_READ_D: 496 /* write = 0 done above. */ 497 iov.iov_base = (void *)&tmp; 498 iov.iov_len = sizeof(tmp); 499 uio.uio_iov = &iov; 500 uio.uio_iovcnt = 1; 501 uio.uio_offset = (off_t)(unsigned long)SCARG(uap, addr); 502 uio.uio_resid = sizeof(tmp); 503 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 504 UIO_SETUP_SYSSPACE(&uio); 505 506 error = process_domem(l, lt, &uio); 507 if (!write) 508 *retval = tmp; 509 break; 510 511 case PT_IO: 512 error = copyin(SCARG(uap, addr), &piod, sizeof(piod)); 513 if (error) 514 break; 515 switch (piod.piod_op) { 516 case PIOD_READ_D: 517 case PIOD_READ_I: 518 uio.uio_rw = UIO_READ; 519 break; 520 case PIOD_WRITE_D: 521 case PIOD_WRITE_I: 522 /* 523 * Can't write to a RAS 524 */ 525 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 526 return (EACCES); 527 } 528 uio.uio_rw = UIO_WRITE; 529 break; 530 default: 531 error = EINVAL; 532 break; 533 } 534 if (error) 535 break; 536 error = proc_vmspace_getref(l->l_proc, &vm); 537 if (error) 538 break; 539 iov.iov_base = piod.piod_addr; 540 iov.iov_len = piod.piod_len; 541 uio.uio_iov = &iov; 542 uio.uio_iovcnt = 1; 543 uio.uio_offset = (off_t)(unsigned long)piod.piod_offs; 544 uio.uio_resid = piod.piod_len; 545 uio.uio_vmspace = vm; 546 547 error = process_domem(l, lt, &uio); 548 piod.piod_len -= uio.uio_resid; 549 (void) copyout(&piod, SCARG(uap, addr), sizeof(piod)); 550 uvmspace_free(vm); 551 break; 552 553 case PT_DUMPCORE: 554 if ((path = SCARG(uap, addr)) != NULL) { 555 char *dst; 556 len = SCARG(uap, data); 557 558 if (len < 0 || len >= MAXPATHLEN) { 559 error = EINVAL; 560 break; 561 } 562 dst = kmem_alloc(len + 1, KM_SLEEP); 563 if ((error = copyin(path, dst, len)) != 0) { 564 kmem_free(dst, len + 1); 565 break; 566 } 567 path = dst; 568 path[len] = '\0'; 569 } 570 error = (*coredump_vec)(lt, path); 571 if (path) 572 kmem_free(path, len + 1); 573 break; 574 575 #ifdef PT_STEP 576 case PT_STEP: 577 /* 578 * From the 4.4BSD PRM: 579 * "Execution continues as in request PT_CONTINUE; however 580 * as soon as possible after execution of at least one 581 * instruction, execution stops again. [ ... ]" 582 */ 583 #endif 584 case PT_CONTINUE: 585 case PT_SYSCALL: 586 case PT_DETACH: 587 if (req == PT_SYSCALL) { 588 if (!ISSET(t->p_slflag, PSL_SYSCALL)) { 589 SET(t->p_slflag, PSL_SYSCALL); 590 #ifdef __HAVE_SYSCALL_INTERN 591 (*t->p_emul->e_syscall_intern)(t); 592 #endif 593 } 594 } else { 595 if (ISSET(t->p_slflag, PSL_SYSCALL)) { 596 CLR(t->p_slflag, PSL_SYSCALL); 597 #ifdef __HAVE_SYSCALL_INTERN 598 (*t->p_emul->e_syscall_intern)(t); 599 #endif 600 } 601 } 602 p->p_trace_enabled = trace_is_enabled(p); 603 604 /* 605 * Pick up the LWPID, if supplied. There are two cases: 606 * data < 0 : step or continue single thread, lwp = -data 607 * data > 0 in PT_STEP : step this thread, continue others 608 * For operations other than PT_STEP, data > 0 means 609 * data is the signo to deliver to the process. 610 */ 611 tmp = SCARG(uap, data); 612 if (tmp >= 0) { 613 #ifdef PT_STEP 614 if (req == PT_STEP) 615 signo = 0; 616 else 617 #endif 618 { 619 signo = tmp; 620 tmp = 0; /* don't search for LWP */ 621 } 622 } 623 else 624 tmp = -tmp; 625 626 if (tmp > 0) { 627 if (req == PT_DETACH) { 628 error = EINVAL; 629 break; 630 } 631 lwp_delref2 (lt); 632 lt = lwp_find(t, tmp); 633 if (lt == NULL) { 634 error = ESRCH; 635 break; 636 } 637 lwp_addref(lt); 638 resume_all = 0; 639 signo = 0; 640 } 641 642 /* 643 * From the 4.4BSD PRM: 644 * "The data argument is taken as a signal number and the 645 * child's execution continues at location addr as if it 646 * incurred that signal. Normally the signal number will 647 * be either 0 to indicate that the signal that caused the 648 * stop should be ignored, or that value fetched out of 649 * the process's image indicating which signal caused 650 * the stop. If addr is (int *)1 then execution continues 651 * from where it stopped." 652 */ 653 654 /* Check that the data is a valid signal number or zero. */ 655 if (signo < 0 || signo >= NSIG) { 656 error = EINVAL; 657 break; 658 } 659 660 /* If the address parameter is not (int *)1, set the pc. */ 661 if ((int *)SCARG(uap, addr) != (int *)1) { 662 error = process_set_pc(lt, SCARG(uap, addr)); 663 if (error != 0) 664 break; 665 } 666 #ifdef PT_STEP 667 /* 668 * Arrange for a single-step, if that's requested and possible. 669 * More precisely, set the single step status as requested for 670 * the requested thread, and clear it for other threads. 671 */ 672 LIST_FOREACH(lt2, &t->p_lwps, l_sibling) { 673 if (lt != lt2) 674 { 675 lwp_lock(lt2); 676 process_sstep(lt2, 0); 677 lwp_unlock(lt2); 678 } 679 } 680 error = process_sstep(lt, req == PT_STEP); 681 if (error) 682 break; 683 #endif 684 if (req == PT_DETACH) { 685 CLR(t->p_slflag, PSL_TRACED|PSL_FSTRACE|PSL_SYSCALL); 686 687 /* give process back to original parent or init */ 688 if (t->p_opptr != t->p_pptr) { 689 struct proc *pp = t->p_opptr; 690 proc_reparent(t, pp ? pp : initproc); 691 } 692 693 /* not being traced any more */ 694 t->p_opptr = NULL; 695 } 696 sendsig: 697 /* Finally, deliver the requested signal (or none). */ 698 if (t->p_stat == SSTOP) { 699 /* 700 * Unstop the process. If it needs to take a 701 * signal, make all efforts to ensure that at 702 * an LWP runs to see it. 703 */ 704 t->p_xstat = signo; 705 if (resume_all) 706 proc_unstop(t); 707 else 708 lwp_unstop(lt); 709 } else if (signo != 0) { 710 KSI_INIT_EMPTY(&ksi); 711 ksi.ksi_signo = signo; 712 kpsignal2(t, &ksi); 713 } 714 break; 715 716 case PT_KILL: 717 /* just send the process a KILL signal. */ 718 signo = SIGKILL; 719 goto sendsig; /* in PT_CONTINUE, above. */ 720 721 case PT_ATTACH: 722 /* 723 * Go ahead and set the trace flag. 724 * Save the old parent (it's reset in 725 * _DETACH, and also in kern_exit.c:wait4() 726 * Reparent the process so that the tracing 727 * proc gets to see all the action. 728 * Stop the target. 729 */ 730 t->p_opptr = t->p_pptr; 731 if (t->p_pptr != p) { 732 struct proc *parent = t->p_pptr; 733 734 if (parent->p_lock < t->p_lock) { 735 if (!mutex_tryenter(parent->p_lock)) { 736 mutex_exit(t->p_lock); 737 mutex_enter(parent->p_lock); 738 } 739 } else if (parent->p_lock > t->p_lock) { 740 mutex_enter(parent->p_lock); 741 } 742 parent->p_slflag |= PSL_CHTRACED; 743 proc_reparent(t, p); 744 if (parent->p_lock != t->p_lock) 745 mutex_exit(parent->p_lock); 746 } 747 SET(t->p_slflag, PSL_TRACED); 748 signo = SIGSTOP; 749 goto sendsig; 750 751 case PT_LWPINFO: 752 if (SCARG(uap, data) != sizeof(pl)) { 753 error = EINVAL; 754 break; 755 } 756 error = copyin(SCARG(uap, addr), &pl, sizeof(pl)); 757 if (error) 758 break; 759 tmp = pl.pl_lwpid; 760 lwp_delref(lt); 761 mutex_enter(t->p_lock); 762 if (tmp == 0) 763 lt = lwp_find_first(t); 764 else { 765 lt = lwp_find(t, tmp); 766 if (lt == NULL) { 767 mutex_exit(t->p_lock); 768 error = ESRCH; 769 break; 770 } 771 lt = LIST_NEXT(lt, l_sibling); 772 } 773 while (lt != NULL && !lwp_alive(lt)) 774 lt = LIST_NEXT(lt, l_sibling); 775 pl.pl_lwpid = 0; 776 pl.pl_event = 0; 777 if (lt) { 778 lwp_addref(lt); 779 pl.pl_lwpid = lt->l_lid; 780 if (lt->l_lid == t->p_sigctx.ps_lwp) 781 pl.pl_event = PL_EVENT_SIGNAL; 782 } 783 mutex_exit(t->p_lock); 784 785 error = copyout(&pl, SCARG(uap, addr), sizeof(pl)); 786 break; 787 788 #ifdef PT_SETREGS 789 case PT_SETREGS: 790 write = 1; 791 #endif 792 #ifdef PT_GETREGS 793 case PT_GETREGS: 794 /* write = 0 done above. */ 795 #endif 796 #if defined(PT_SETREGS) || defined(PT_GETREGS) 797 tmp = SCARG(uap, data); 798 if (tmp != 0 && t->p_nlwps > 1) { 799 lwp_delref(lt); 800 mutex_enter(t->p_lock); 801 lt = lwp_find(t, tmp); 802 if (lt == NULL) { 803 mutex_exit(t->p_lock); 804 error = ESRCH; 805 break; 806 } 807 lwp_addref(lt); 808 mutex_exit(t->p_lock); 809 } 810 if (!process_validregs(lt)) 811 error = EINVAL; 812 else { 813 error = proc_vmspace_getref(l->l_proc, &vm); 814 if (error) 815 break; 816 iov.iov_base = SCARG(uap, addr); 817 iov.iov_len = sizeof(struct reg); 818 uio.uio_iov = &iov; 819 uio.uio_iovcnt = 1; 820 uio.uio_offset = 0; 821 uio.uio_resid = sizeof(struct reg); 822 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 823 uio.uio_vmspace = vm; 824 825 error = process_doregs(l, lt, &uio); 826 uvmspace_free(vm); 827 } 828 break; 829 #endif 830 831 #ifdef PT_SETFPREGS 832 case PT_SETFPREGS: 833 write = 1; 834 #endif 835 #ifdef PT_GETFPREGS 836 case PT_GETFPREGS: 837 /* write = 0 done above. */ 838 #endif 839 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 840 tmp = SCARG(uap, data); 841 if (tmp != 0 && t->p_nlwps > 1) { 842 lwp_delref(lt); 843 mutex_enter(t->p_lock); 844 lt = lwp_find(t, tmp); 845 if (lt == NULL) { 846 mutex_exit(t->p_lock); 847 error = ESRCH; 848 break; 849 } 850 lwp_addref(lt); 851 mutex_exit(t->p_lock); 852 } 853 if (!process_validfpregs(lt)) 854 error = EINVAL; 855 else { 856 error = proc_vmspace_getref(l->l_proc, &vm); 857 if (error) 858 break; 859 iov.iov_base = SCARG(uap, addr); 860 iov.iov_len = sizeof(struct fpreg); 861 uio.uio_iov = &iov; 862 uio.uio_iovcnt = 1; 863 uio.uio_offset = 0; 864 uio.uio_resid = sizeof(struct fpreg); 865 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 866 uio.uio_vmspace = vm; 867 868 error = process_dofpregs(l, lt, &uio); 869 uvmspace_free(vm); 870 } 871 break; 872 #endif 873 874 #ifdef __HAVE_PTRACE_MACHDEP 875 PTRACE_MACHDEP_REQUEST_CASES 876 error = ptrace_machdep_dorequest(l, lt, 877 req, SCARG(uap, addr), SCARG(uap, data)); 878 break; 879 #endif 880 } 881 882 if (pheld) { 883 mutex_exit(t->p_lock); 884 mutex_exit(proc_lock); 885 } 886 if (lt != NULL) 887 lwp_delref(lt); 888 rw_exit(&t->p_reflock); 889 890 return error; 891 } 892 893 int 894 process_doregs(struct lwp *curl /*tracer*/, 895 struct lwp *l /*traced*/, 896 struct uio *uio) 897 { 898 #if defined(PT_GETREGS) || defined(PT_SETREGS) 899 int error; 900 struct reg r; 901 char *kv; 902 int kl; 903 904 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 905 return EINVAL; 906 907 kl = sizeof(r); 908 kv = (char *)&r; 909 910 kv += uio->uio_offset; 911 kl -= uio->uio_offset; 912 if ((size_t)kl > uio->uio_resid) 913 kl = uio->uio_resid; 914 915 error = process_read_regs(l, &r); 916 if (error == 0) 917 error = uiomove(kv, kl, uio); 918 if (error == 0 && uio->uio_rw == UIO_WRITE) { 919 if (l->l_stat != LSSTOP) 920 error = EBUSY; 921 else 922 error = process_write_regs(l, &r); 923 } 924 925 uio->uio_offset = 0; 926 return (error); 927 #else 928 return (EINVAL); 929 #endif 930 } 931 932 int 933 process_validregs(struct lwp *l) 934 { 935 936 #if defined(PT_SETREGS) || defined(PT_GETREGS) 937 return ((l->l_flag & LW_SYSTEM) == 0); 938 #else 939 return (0); 940 #endif 941 } 942 943 int 944 process_dofpregs(struct lwp *curl /*tracer*/, 945 struct lwp *l /*traced*/, 946 struct uio *uio) 947 { 948 #if defined(PT_GETFPREGS) || defined(PT_SETFPREGS) 949 int error; 950 struct fpreg r; 951 char *kv; 952 size_t kl; 953 954 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 955 return EINVAL; 956 957 kl = sizeof(r); 958 kv = (char *)&r; 959 960 kv += uio->uio_offset; 961 kl -= uio->uio_offset; 962 if ((size_t)kl > uio->uio_resid) 963 kl = uio->uio_resid; 964 965 #ifdef __HAVE_PROCESS_XFPREGS 966 error = process_read_xfpregs(l, &r, &kl); 967 #else 968 error = process_read_fpregs(l, &r); 969 #endif 970 if (error == 0) 971 error = uiomove(kv, kl, uio); 972 if (error == 0 && uio->uio_rw == UIO_WRITE) { 973 if (l->l_stat != LSSTOP) 974 error = EBUSY; 975 else 976 #ifdef __HAVE_PROCESS_XFPREGS 977 error = process_write_xfpregs(l, &r, kl); 978 #else 979 error = process_write_fpregs(l, &r); 980 #endif 981 } 982 uio->uio_offset = 0; 983 return (error); 984 #else 985 return (EINVAL); 986 #endif 987 } 988 989 int 990 process_validfpregs(struct lwp *l) 991 { 992 993 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 994 return ((l->l_flag & LW_SYSTEM) == 0); 995 #else 996 return (0); 997 #endif 998 } 999 #endif /* PTRACE */ 1000 1001 #if defined(KTRACE) || defined(PTRACE) 1002 int 1003 process_domem(struct lwp *curl /*tracer*/, 1004 struct lwp *l /*traced*/, 1005 struct uio *uio) 1006 { 1007 struct proc *p = l->l_proc; /* traced */ 1008 struct vmspace *vm; 1009 int error; 1010 1011 size_t len; 1012 #ifdef PMAP_NEED_PROCWR 1013 vaddr_t addr; 1014 #endif 1015 1016 error = 0; 1017 len = uio->uio_resid; 1018 1019 if (len == 0) 1020 return (0); 1021 1022 #ifdef PMAP_NEED_PROCWR 1023 addr = uio->uio_offset; 1024 #endif 1025 1026 vm = p->p_vmspace; 1027 1028 mutex_enter(&vm->vm_map.misc_lock); 1029 if ((l->l_flag & LW_WEXIT) || vm->vm_refcnt < 1) 1030 error = EFAULT; 1031 if (error == 0) 1032 p->p_vmspace->vm_refcnt++; /* XXX */ 1033 mutex_exit(&vm->vm_map.misc_lock); 1034 if (error != 0) 1035 return (error); 1036 error = uvm_io(&vm->vm_map, uio); 1037 uvmspace_free(vm); 1038 1039 #ifdef PMAP_NEED_PROCWR 1040 if (error == 0 && uio->uio_rw == UIO_WRITE) 1041 pmap_procwr(p, addr, len); 1042 #endif 1043 return (error); 1044 } 1045 #endif /* KTRACE || PTRACE */ 1046 1047 #if defined(KTRACE) || defined(PTRACE) 1048 void 1049 process_stoptrace(void) 1050 { 1051 struct lwp *l = curlwp; 1052 struct proc *p = l->l_proc, *pp; 1053 1054 mutex_enter(proc_lock); 1055 mutex_enter(p->p_lock); 1056 pp = p->p_pptr; 1057 if (pp->p_pid == 1) { 1058 CLR(p->p_slflag, PSL_SYSCALL); /* XXXSMP */ 1059 mutex_exit(p->p_lock); 1060 mutex_exit(proc_lock); 1061 return; 1062 } 1063 1064 p->p_xstat = SIGTRAP; 1065 proc_stop(p, 1, SIGSTOP); 1066 mutex_exit(proc_lock); 1067 1068 /* 1069 * Call issignal() once only, to have it take care of the 1070 * pending stop. Signal processing will take place as usual 1071 * from userret(). 1072 */ 1073 KERNEL_UNLOCK_ALL(l, &l->l_biglocks); 1074 (void)issignal(l); 1075 mutex_exit(p->p_lock); 1076 KERNEL_LOCK(l->l_biglocks, l); 1077 } 1078 #endif /* KTRACE || PTRACE */ 1079