1 /* $NetBSD: sys_process.c,v 1.156 2010/07/01 02:38:31 rmind Exp $ */ 2 3 /*- 4 * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Andrew Doran. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /*- 33 * Copyright (c) 1982, 1986, 1989, 1993 34 * The Regents of the University of California. All rights reserved. 35 * (c) UNIX System Laboratories, Inc. 36 * All or some portions of this file are derived from material licensed 37 * to the University of California by American Telephone and Telegraph 38 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 39 * the permission of UNIX System Laboratories, Inc. 40 * 41 * This code is derived from software contributed to Berkeley by 42 * Jan-Simon Pendry. 43 * 44 * Redistribution and use in source and binary forms, with or without 45 * modification, are permitted provided that the following conditions 46 * are met: 47 * 1. Redistributions of source code must retain the above copyright 48 * notice, this list of conditions and the following disclaimer. 49 * 2. Redistributions in binary form must reproduce the above copyright 50 * notice, this list of conditions and the following disclaimer in the 51 * documentation and/or other materials provided with the distribution. 52 * 3. Neither the name of the University nor the names of its contributors 53 * may be used to endorse or promote products derived from this software 54 * without specific prior written permission. 55 * 56 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 57 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 59 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 60 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 61 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 62 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 63 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 64 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 65 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 66 * SUCH DAMAGE. 67 * 68 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 69 */ 70 71 /*- 72 * Copyright (c) 1993 Jan-Simon Pendry. 73 * Copyright (c) 1994 Christopher G. Demetriou. All rights reserved. 74 * 75 * This code is derived from software contributed to Berkeley by 76 * Jan-Simon Pendry. 77 * 78 * Redistribution and use in source and binary forms, with or without 79 * modification, are permitted provided that the following conditions 80 * are met: 81 * 1. Redistributions of source code must retain the above copyright 82 * notice, this list of conditions and the following disclaimer. 83 * 2. Redistributions in binary form must reproduce the above copyright 84 * notice, this list of conditions and the following disclaimer in the 85 * documentation and/or other materials provided with the distribution. 86 * 3. All advertising materials mentioning features or use of this software 87 * must display the following acknowledgement: 88 * This product includes software developed by the University of 89 * California, Berkeley and its contributors. 90 * 4. Neither the name of the University nor the names of its contributors 91 * may be used to endorse or promote products derived from this software 92 * without specific prior written permission. 93 * 94 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 95 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 96 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 97 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 98 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 99 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 100 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 101 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 102 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 103 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 104 * SUCH DAMAGE. 105 * 106 * from: @(#)sys_process.c 8.1 (Berkeley) 6/10/93 107 */ 108 109 /* 110 * References: 111 * (1) Bach's "The Design of the UNIX Operating System", 112 * (2) sys/miscfs/procfs from UCB's 4.4BSD-Lite distribution, 113 * (3) the "4.4BSD Programmer's Reference Manual" published 114 * by USENIX and O'Reilly & Associates. 115 * The 4.4BSD PRM does a reasonably good job of documenting what the various 116 * ptrace() requests should actually do, and its text is quoted several times 117 * in this file. 118 */ 119 120 #include <sys/cdefs.h> 121 __KERNEL_RCSID(0, "$NetBSD: sys_process.c,v 1.156 2010/07/01 02:38:31 rmind Exp $"); 122 123 #include "opt_ptrace.h" 124 #include "opt_ktrace.h" 125 126 #include <sys/param.h> 127 #include <sys/systm.h> 128 #include <sys/proc.h> 129 #include <sys/errno.h> 130 #include <sys/ptrace.h> 131 #include <sys/uio.h> 132 #include <sys/ras.h> 133 #include <sys/kmem.h> 134 #include <sys/kauth.h> 135 #include <sys/mount.h> 136 #include <sys/syscallargs.h> 137 138 #include <uvm/uvm_extern.h> 139 140 #include <machine/reg.h> 141 142 #ifdef PTRACE 143 static kauth_listener_t ptrace_listener; 144 145 static int 146 ptrace_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, 147 void *arg0, void *arg1, void *arg2, void *arg3) 148 { 149 struct proc *p; 150 int result; 151 152 result = KAUTH_RESULT_DEFER; 153 p = arg0; 154 155 if (action != KAUTH_PROCESS_PTRACE) 156 return result; 157 158 switch ((u_long)arg1) { 159 case PT_TRACE_ME: 160 case PT_ATTACH: 161 case PT_WRITE_I: 162 case PT_WRITE_D: 163 case PT_READ_I: 164 case PT_READ_D: 165 case PT_IO: 166 #ifdef PT_GETREGS 167 case PT_GETREGS: 168 #endif 169 #ifdef PT_SETREGS 170 case PT_SETREGS: 171 #endif 172 #ifdef PT_GETFPREGS 173 case PT_GETFPREGS: 174 #endif 175 #ifdef PT_SETFPREGS 176 case PT_SETFPREGS: 177 #endif 178 #ifdef __HAVE_PTRACE_MACHDEP 179 PTRACE_MACHDEP_REQUEST_CASES 180 #endif 181 if (kauth_cred_getuid(cred) != kauth_cred_getuid(p->p_cred) || 182 ISSET(p->p_flag, PK_SUGID)) { 183 break; 184 } 185 186 result = KAUTH_RESULT_ALLOW; 187 188 break; 189 190 #ifdef PT_STEP 191 case PT_STEP: 192 #endif 193 case PT_CONTINUE: 194 case PT_KILL: 195 case PT_DETACH: 196 case PT_LWPINFO: 197 case PT_SYSCALL: 198 case PT_DUMPCORE: 199 result = KAUTH_RESULT_ALLOW; 200 break; 201 202 default: 203 break; 204 } 205 206 return result; 207 } 208 209 void 210 ptrace_init(void) 211 { 212 213 ptrace_listener = kauth_listen_scope(KAUTH_SCOPE_PROCESS, 214 ptrace_listener_cb, NULL); 215 } 216 217 /* 218 * Process debugging system call. 219 */ 220 int 221 sys_ptrace(struct lwp *l, const struct sys_ptrace_args *uap, register_t *retval) 222 { 223 /* { 224 syscallarg(int) req; 225 syscallarg(pid_t) pid; 226 syscallarg(void *) addr; 227 syscallarg(int) data; 228 } */ 229 struct proc *p = l->l_proc; 230 struct lwp *lt; 231 #ifdef PT_STEP 232 struct lwp *lt2; 233 #endif 234 struct proc *t; /* target process */ 235 struct uio uio; 236 struct iovec iov; 237 struct ptrace_io_desc piod; 238 struct ptrace_lwpinfo pl; 239 struct vmspace *vm; 240 int error, write, tmp, req, pheld; 241 int signo = 0; 242 int resume_all; 243 ksiginfo_t ksi; 244 char *path; 245 int len; 246 247 error = 0; 248 req = SCARG(uap, req); 249 250 /* 251 * If attaching or detaching, we need to get a write hold on the 252 * proclist lock so that we can re-parent the target process. 253 */ 254 mutex_enter(proc_lock); 255 256 /* "A foolish consistency..." XXX */ 257 if (req == PT_TRACE_ME) { 258 t = p; 259 mutex_enter(t->p_lock); 260 } else { 261 /* Find the process we're supposed to be operating on. */ 262 t = proc_find(SCARG(uap, pid)); 263 if (t == NULL) { 264 mutex_exit(proc_lock); 265 return (ESRCH); 266 } 267 268 /* XXX-elad */ 269 mutex_enter(t->p_lock); 270 error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_CANSEE, 271 t, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL); 272 if (error) { 273 mutex_exit(proc_lock); 274 mutex_exit(t->p_lock); 275 return (ESRCH); 276 } 277 } 278 279 /* 280 * Grab a reference on the process to prevent it from execing or 281 * exiting. 282 */ 283 if (!rw_tryenter(&t->p_reflock, RW_READER)) { 284 mutex_exit(proc_lock); 285 mutex_exit(t->p_lock); 286 return EBUSY; 287 } 288 289 /* Make sure we can operate on it. */ 290 switch (req) { 291 case PT_TRACE_ME: 292 /* Saying that you're being traced is always legal. */ 293 break; 294 295 case PT_ATTACH: 296 /* 297 * You can't attach to a process if: 298 * (1) it's the process that's doing the attaching, 299 */ 300 if (t->p_pid == p->p_pid) { 301 error = EINVAL; 302 break; 303 } 304 305 /* 306 * (2) it's a system process 307 */ 308 if (t->p_flag & PK_SYSTEM) { 309 error = EPERM; 310 break; 311 } 312 313 /* 314 * (3) it's already being traced, or 315 */ 316 if (ISSET(t->p_slflag, PSL_TRACED)) { 317 error = EBUSY; 318 break; 319 } 320 321 /* 322 * (4) the tracer is chrooted, and its root directory is 323 * not at or above the root directory of the tracee 324 */ 325 mutex_exit(t->p_lock); /* XXXSMP */ 326 tmp = proc_isunder(t, l); 327 mutex_enter(t->p_lock); /* XXXSMP */ 328 if (!tmp) { 329 error = EPERM; 330 break; 331 } 332 break; 333 334 case PT_READ_I: 335 case PT_READ_D: 336 case PT_WRITE_I: 337 case PT_WRITE_D: 338 case PT_IO: 339 #ifdef PT_GETREGS 340 case PT_GETREGS: 341 #endif 342 #ifdef PT_SETREGS 343 case PT_SETREGS: 344 #endif 345 #ifdef PT_GETFPREGS 346 case PT_GETFPREGS: 347 #endif 348 #ifdef PT_SETFPREGS 349 case PT_SETFPREGS: 350 #endif 351 #ifdef __HAVE_PTRACE_MACHDEP 352 PTRACE_MACHDEP_REQUEST_CASES 353 #endif 354 /* 355 * You can't read/write the memory or registers of a process 356 * if the tracer is chrooted, and its root directory is not at 357 * or above the root directory of the tracee. 358 */ 359 mutex_exit(t->p_lock); /* XXXSMP */ 360 tmp = proc_isunder(t, l); 361 mutex_enter(t->p_lock); /* XXXSMP */ 362 if (!tmp) { 363 error = EPERM; 364 break; 365 } 366 /*FALLTHROUGH*/ 367 368 case PT_CONTINUE: 369 case PT_KILL: 370 case PT_DETACH: 371 case PT_LWPINFO: 372 case PT_SYSCALL: 373 case PT_DUMPCORE: 374 #ifdef PT_STEP 375 case PT_STEP: 376 #endif 377 /* 378 * You can't do what you want to the process if: 379 * (1) It's not being traced at all, 380 */ 381 if (!ISSET(t->p_slflag, PSL_TRACED)) { 382 error = EPERM; 383 break; 384 } 385 386 /* 387 * (2) it's being traced by procfs (which has 388 * different signal delivery semantics), 389 */ 390 if (ISSET(t->p_slflag, PSL_FSTRACE)) { 391 uprintf("file system traced\n"); 392 error = EBUSY; 393 break; 394 } 395 396 /* 397 * (3) it's not being traced by _you_, or 398 */ 399 if (t->p_pptr != p) { 400 uprintf("parent %d != %d\n", t->p_pptr->p_pid, 401 p->p_pid); 402 error = EBUSY; 403 break; 404 } 405 406 /* 407 * (4) it's not currently stopped. 408 */ 409 if (t->p_stat != SSTOP || !t->p_waited /* XXXSMP */) { 410 uprintf("stat %d flag %d\n", t->p_stat, 411 !t->p_waited); 412 error = EBUSY; 413 break; 414 } 415 break; 416 417 default: /* It was not a legal request. */ 418 error = EINVAL; 419 break; 420 } 421 422 if (error == 0) { 423 error = kauth_authorize_process(l->l_cred, 424 KAUTH_PROCESS_PTRACE, t, KAUTH_ARG(req), 425 NULL, NULL); 426 } 427 if (error == 0) { 428 lt = lwp_find_first(t); 429 if (lt == NULL) 430 error = ESRCH; 431 } 432 433 if (error != 0) { 434 mutex_exit(proc_lock); 435 mutex_exit(t->p_lock); 436 rw_exit(&t->p_reflock); 437 return error; 438 } 439 440 /* Do single-step fixup if needed. */ 441 FIX_SSTEP(t); 442 KASSERT(lt != NULL); 443 lwp_addref(lt); 444 445 /* 446 * Which locks do we need held? XXX Ugly. 447 */ 448 switch (req) { 449 #ifdef PT_STEP 450 case PT_STEP: 451 #endif 452 case PT_CONTINUE: 453 case PT_DETACH: 454 case PT_KILL: 455 case PT_SYSCALL: 456 case PT_ATTACH: 457 case PT_TRACE_ME: 458 pheld = 1; 459 break; 460 default: 461 mutex_exit(proc_lock); 462 mutex_exit(t->p_lock); 463 pheld = 0; 464 break; 465 } 466 467 /* Now do the operation. */ 468 write = 0; 469 *retval = 0; 470 tmp = 0; 471 resume_all = 1; 472 473 switch (req) { 474 case PT_TRACE_ME: 475 /* Just set the trace flag. */ 476 SET(t->p_slflag, PSL_TRACED); 477 t->p_opptr = t->p_pptr; 478 break; 479 480 case PT_WRITE_I: /* XXX no separate I and D spaces */ 481 case PT_WRITE_D: 482 #if defined(__HAVE_RAS) 483 /* 484 * Can't write to a RAS 485 */ 486 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 487 error = EACCES; 488 break; 489 } 490 #endif 491 write = 1; 492 tmp = SCARG(uap, data); 493 /* FALLTHROUGH */ 494 495 case PT_READ_I: /* XXX no separate I and D spaces */ 496 case PT_READ_D: 497 /* write = 0 done above. */ 498 iov.iov_base = (void *)&tmp; 499 iov.iov_len = sizeof(tmp); 500 uio.uio_iov = &iov; 501 uio.uio_iovcnt = 1; 502 uio.uio_offset = (off_t)(unsigned long)SCARG(uap, addr); 503 uio.uio_resid = sizeof(tmp); 504 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 505 UIO_SETUP_SYSSPACE(&uio); 506 507 error = process_domem(l, lt, &uio); 508 if (!write) 509 *retval = tmp; 510 break; 511 512 case PT_IO: 513 error = copyin(SCARG(uap, addr), &piod, sizeof(piod)); 514 if (error) 515 break; 516 switch (piod.piod_op) { 517 case PIOD_READ_D: 518 case PIOD_READ_I: 519 uio.uio_rw = UIO_READ; 520 break; 521 case PIOD_WRITE_D: 522 case PIOD_WRITE_I: 523 /* 524 * Can't write to a RAS 525 */ 526 if (ras_lookup(t, SCARG(uap, addr)) != (void *)-1) { 527 return (EACCES); 528 } 529 uio.uio_rw = UIO_WRITE; 530 break; 531 default: 532 error = EINVAL; 533 break; 534 } 535 if (error) 536 break; 537 error = proc_vmspace_getref(l->l_proc, &vm); 538 if (error) 539 break; 540 iov.iov_base = piod.piod_addr; 541 iov.iov_len = piod.piod_len; 542 uio.uio_iov = &iov; 543 uio.uio_iovcnt = 1; 544 uio.uio_offset = (off_t)(unsigned long)piod.piod_offs; 545 uio.uio_resid = piod.piod_len; 546 uio.uio_vmspace = vm; 547 548 error = process_domem(l, lt, &uio); 549 piod.piod_len -= uio.uio_resid; 550 (void) copyout(&piod, SCARG(uap, addr), sizeof(piod)); 551 uvmspace_free(vm); 552 break; 553 554 case PT_DUMPCORE: 555 if ((path = SCARG(uap, addr)) != NULL) { 556 char *dst; 557 len = SCARG(uap, data); 558 559 if (len < 0 || len >= MAXPATHLEN) { 560 error = EINVAL; 561 break; 562 } 563 dst = kmem_alloc(len + 1, KM_SLEEP); 564 if ((error = copyin(path, dst, len)) != 0) { 565 kmem_free(dst, len + 1); 566 break; 567 } 568 path = dst; 569 path[len] = '\0'; 570 } 571 error = (*coredump_vec)(lt, path); 572 if (path) 573 kmem_free(path, len + 1); 574 break; 575 576 #ifdef PT_STEP 577 case PT_STEP: 578 /* 579 * From the 4.4BSD PRM: 580 * "Execution continues as in request PT_CONTINUE; however 581 * as soon as possible after execution of at least one 582 * instruction, execution stops again. [ ... ]" 583 */ 584 #endif 585 case PT_CONTINUE: 586 case PT_SYSCALL: 587 case PT_DETACH: 588 if (req == PT_SYSCALL) { 589 if (!ISSET(t->p_slflag, PSL_SYSCALL)) { 590 SET(t->p_slflag, PSL_SYSCALL); 591 #ifdef __HAVE_SYSCALL_INTERN 592 (*t->p_emul->e_syscall_intern)(t); 593 #endif 594 } 595 } else { 596 if (ISSET(t->p_slflag, PSL_SYSCALL)) { 597 CLR(t->p_slflag, PSL_SYSCALL); 598 #ifdef __HAVE_SYSCALL_INTERN 599 (*t->p_emul->e_syscall_intern)(t); 600 #endif 601 } 602 } 603 p->p_trace_enabled = trace_is_enabled(p); 604 605 /* 606 * Pick up the LWPID, if supplied. There are two cases: 607 * data < 0 : step or continue single thread, lwp = -data 608 * data > 0 in PT_STEP : step this thread, continue others 609 * For operations other than PT_STEP, data > 0 means 610 * data is the signo to deliver to the process. 611 */ 612 tmp = SCARG(uap, data); 613 if (tmp >= 0) { 614 #ifdef PT_STEP 615 if (req == PT_STEP) 616 signo = 0; 617 else 618 #endif 619 { 620 signo = tmp; 621 tmp = 0; /* don't search for LWP */ 622 } 623 } 624 else 625 tmp = -tmp; 626 627 if (tmp > 0) { 628 if (req == PT_DETACH) { 629 error = EINVAL; 630 break; 631 } 632 lwp_delref2 (lt); 633 lt = lwp_find(t, tmp); 634 if (lt == NULL) { 635 error = ESRCH; 636 break; 637 } 638 lwp_addref(lt); 639 resume_all = 0; 640 signo = 0; 641 } 642 643 /* 644 * From the 4.4BSD PRM: 645 * "The data argument is taken as a signal number and the 646 * child's execution continues at location addr as if it 647 * incurred that signal. Normally the signal number will 648 * be either 0 to indicate that the signal that caused the 649 * stop should be ignored, or that value fetched out of 650 * the process's image indicating which signal caused 651 * the stop. If addr is (int *)1 then execution continues 652 * from where it stopped." 653 */ 654 655 /* Check that the data is a valid signal number or zero. */ 656 if (signo < 0 || signo >= NSIG) { 657 error = EINVAL; 658 break; 659 } 660 661 /* If the address parameter is not (int *)1, set the pc. */ 662 if ((int *)SCARG(uap, addr) != (int *)1) { 663 error = process_set_pc(lt, SCARG(uap, addr)); 664 if (error != 0) 665 break; 666 } 667 #ifdef PT_STEP 668 /* 669 * Arrange for a single-step, if that's requested and possible. 670 * More precisely, set the single step status as requested for 671 * the requested thread, and clear it for other threads. 672 */ 673 LIST_FOREACH(lt2, &t->p_lwps, l_sibling) { 674 if (lt != lt2) 675 { 676 lwp_lock(lt2); 677 process_sstep(lt2, 0); 678 lwp_unlock(lt2); 679 } 680 } 681 error = process_sstep(lt, req == PT_STEP); 682 if (error) 683 break; 684 #endif 685 if (req == PT_DETACH) { 686 CLR(t->p_slflag, PSL_TRACED|PSL_FSTRACE|PSL_SYSCALL); 687 688 /* give process back to original parent or init */ 689 if (t->p_opptr != t->p_pptr) { 690 struct proc *pp = t->p_opptr; 691 proc_reparent(t, pp ? pp : initproc); 692 } 693 694 /* not being traced any more */ 695 t->p_opptr = NULL; 696 } 697 sendsig: 698 /* Finally, deliver the requested signal (or none). */ 699 if (t->p_stat == SSTOP) { 700 /* 701 * Unstop the process. If it needs to take a 702 * signal, make all efforts to ensure that at 703 * an LWP runs to see it. 704 */ 705 t->p_xstat = signo; 706 if (resume_all) 707 proc_unstop(t); 708 else 709 lwp_unstop(lt); 710 } else if (signo != 0) { 711 KSI_INIT_EMPTY(&ksi); 712 ksi.ksi_signo = signo; 713 kpsignal2(t, &ksi); 714 } 715 break; 716 717 case PT_KILL: 718 /* just send the process a KILL signal. */ 719 signo = SIGKILL; 720 goto sendsig; /* in PT_CONTINUE, above. */ 721 722 case PT_ATTACH: 723 /* 724 * Go ahead and set the trace flag. 725 * Save the old parent (it's reset in 726 * _DETACH, and also in kern_exit.c:wait4() 727 * Reparent the process so that the tracing 728 * proc gets to see all the action. 729 * Stop the target. 730 */ 731 t->p_opptr = t->p_pptr; 732 if (t->p_pptr != p) { 733 struct proc *parent = t->p_pptr; 734 735 if (parent->p_lock < t->p_lock) { 736 if (!mutex_tryenter(parent->p_lock)) { 737 mutex_exit(t->p_lock); 738 mutex_enter(parent->p_lock); 739 } 740 } else if (parent->p_lock > t->p_lock) { 741 mutex_enter(parent->p_lock); 742 } 743 parent->p_slflag |= PSL_CHTRACED; 744 proc_reparent(t, p); 745 if (parent->p_lock != t->p_lock) 746 mutex_exit(parent->p_lock); 747 } 748 SET(t->p_slflag, PSL_TRACED); 749 signo = SIGSTOP; 750 goto sendsig; 751 752 case PT_LWPINFO: 753 if (SCARG(uap, data) != sizeof(pl)) { 754 error = EINVAL; 755 break; 756 } 757 error = copyin(SCARG(uap, addr), &pl, sizeof(pl)); 758 if (error) 759 break; 760 tmp = pl.pl_lwpid; 761 lwp_delref(lt); 762 mutex_enter(t->p_lock); 763 if (tmp == 0) 764 lt = lwp_find_first(t); 765 else { 766 lt = lwp_find(t, tmp); 767 if (lt == NULL) { 768 mutex_exit(t->p_lock); 769 error = ESRCH; 770 break; 771 } 772 lt = LIST_NEXT(lt, l_sibling); 773 } 774 while (lt != NULL && !lwp_alive(lt)) 775 lt = LIST_NEXT(lt, l_sibling); 776 pl.pl_lwpid = 0; 777 pl.pl_event = 0; 778 if (lt) { 779 lwp_addref(lt); 780 pl.pl_lwpid = lt->l_lid; 781 if (lt->l_lid == t->p_sigctx.ps_lwp) 782 pl.pl_event = PL_EVENT_SIGNAL; 783 } 784 mutex_exit(t->p_lock); 785 786 error = copyout(&pl, SCARG(uap, addr), sizeof(pl)); 787 break; 788 789 #ifdef PT_SETREGS 790 case PT_SETREGS: 791 write = 1; 792 #endif 793 #ifdef PT_GETREGS 794 case PT_GETREGS: 795 /* write = 0 done above. */ 796 #endif 797 #if defined(PT_SETREGS) || defined(PT_GETREGS) 798 tmp = SCARG(uap, data); 799 if (tmp != 0 && t->p_nlwps > 1) { 800 lwp_delref(lt); 801 mutex_enter(t->p_lock); 802 lt = lwp_find(t, tmp); 803 if (lt == NULL) { 804 mutex_exit(t->p_lock); 805 error = ESRCH; 806 break; 807 } 808 lwp_addref(lt); 809 mutex_exit(t->p_lock); 810 } 811 if (!process_validregs(lt)) 812 error = EINVAL; 813 else { 814 error = proc_vmspace_getref(l->l_proc, &vm); 815 if (error) 816 break; 817 iov.iov_base = SCARG(uap, addr); 818 iov.iov_len = sizeof(struct reg); 819 uio.uio_iov = &iov; 820 uio.uio_iovcnt = 1; 821 uio.uio_offset = 0; 822 uio.uio_resid = sizeof(struct reg); 823 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 824 uio.uio_vmspace = vm; 825 826 error = process_doregs(l, lt, &uio); 827 uvmspace_free(vm); 828 } 829 break; 830 #endif 831 832 #ifdef PT_SETFPREGS 833 case PT_SETFPREGS: 834 write = 1; 835 #endif 836 #ifdef PT_GETFPREGS 837 case PT_GETFPREGS: 838 /* write = 0 done above. */ 839 #endif 840 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 841 tmp = SCARG(uap, data); 842 if (tmp != 0 && t->p_nlwps > 1) { 843 lwp_delref(lt); 844 mutex_enter(t->p_lock); 845 lt = lwp_find(t, tmp); 846 if (lt == NULL) { 847 mutex_exit(t->p_lock); 848 error = ESRCH; 849 break; 850 } 851 lwp_addref(lt); 852 mutex_exit(t->p_lock); 853 } 854 if (!process_validfpregs(lt)) 855 error = EINVAL; 856 else { 857 error = proc_vmspace_getref(l->l_proc, &vm); 858 if (error) 859 break; 860 iov.iov_base = SCARG(uap, addr); 861 iov.iov_len = sizeof(struct fpreg); 862 uio.uio_iov = &iov; 863 uio.uio_iovcnt = 1; 864 uio.uio_offset = 0; 865 uio.uio_resid = sizeof(struct fpreg); 866 uio.uio_rw = write ? UIO_WRITE : UIO_READ; 867 uio.uio_vmspace = vm; 868 869 error = process_dofpregs(l, lt, &uio); 870 uvmspace_free(vm); 871 } 872 break; 873 #endif 874 875 #ifdef __HAVE_PTRACE_MACHDEP 876 PTRACE_MACHDEP_REQUEST_CASES 877 error = ptrace_machdep_dorequest(l, lt, 878 req, SCARG(uap, addr), SCARG(uap, data)); 879 break; 880 #endif 881 } 882 883 if (pheld) { 884 mutex_exit(t->p_lock); 885 mutex_exit(proc_lock); 886 } 887 if (lt != NULL) 888 lwp_delref(lt); 889 rw_exit(&t->p_reflock); 890 891 return error; 892 } 893 894 int 895 process_doregs(struct lwp *curl /*tracer*/, 896 struct lwp *l /*traced*/, 897 struct uio *uio) 898 { 899 #if defined(PT_GETREGS) || defined(PT_SETREGS) 900 int error; 901 struct reg r; 902 char *kv; 903 int kl; 904 905 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 906 return EINVAL; 907 908 kl = sizeof(r); 909 kv = (char *)&r; 910 911 kv += uio->uio_offset; 912 kl -= uio->uio_offset; 913 if ((size_t)kl > uio->uio_resid) 914 kl = uio->uio_resid; 915 916 error = process_read_regs(l, &r); 917 if (error == 0) 918 error = uiomove(kv, kl, uio); 919 if (error == 0 && uio->uio_rw == UIO_WRITE) { 920 if (l->l_stat != LSSTOP) 921 error = EBUSY; 922 else 923 error = process_write_regs(l, &r); 924 } 925 926 uio->uio_offset = 0; 927 return (error); 928 #else 929 return (EINVAL); 930 #endif 931 } 932 933 int 934 process_validregs(struct lwp *l) 935 { 936 937 #if defined(PT_SETREGS) || defined(PT_GETREGS) 938 return ((l->l_flag & LW_SYSTEM) == 0); 939 #else 940 return (0); 941 #endif 942 } 943 944 int 945 process_dofpregs(struct lwp *curl /*tracer*/, 946 struct lwp *l /*traced*/, 947 struct uio *uio) 948 { 949 #if defined(PT_GETFPREGS) || defined(PT_SETFPREGS) 950 int error; 951 struct fpreg r; 952 char *kv; 953 size_t kl; 954 955 if (uio->uio_offset < 0 || uio->uio_offset > (off_t)sizeof(r)) 956 return EINVAL; 957 958 kl = sizeof(r); 959 kv = (char *)&r; 960 961 kv += uio->uio_offset; 962 kl -= uio->uio_offset; 963 if ((size_t)kl > uio->uio_resid) 964 kl = uio->uio_resid; 965 966 #ifdef __HAVE_PROCESS_XFPREGS 967 error = process_read_xfpregs(l, &r, &kl); 968 #else 969 error = process_read_fpregs(l, &r); 970 #endif 971 if (error == 0) 972 error = uiomove(kv, kl, uio); 973 if (error == 0 && uio->uio_rw == UIO_WRITE) { 974 if (l->l_stat != LSSTOP) 975 error = EBUSY; 976 else 977 #ifdef __HAVE_PROCESS_XFPREGS 978 error = process_write_xfpregs(l, &r, kl); 979 #else 980 error = process_write_fpregs(l, &r); 981 #endif 982 } 983 uio->uio_offset = 0; 984 return (error); 985 #else 986 return (EINVAL); 987 #endif 988 } 989 990 int 991 process_validfpregs(struct lwp *l) 992 { 993 994 #if defined(PT_SETFPREGS) || defined(PT_GETFPREGS) 995 return ((l->l_flag & LW_SYSTEM) == 0); 996 #else 997 return (0); 998 #endif 999 } 1000 #endif /* PTRACE */ 1001 1002 #if defined(KTRACE) || defined(PTRACE) 1003 int 1004 process_domem(struct lwp *curl /*tracer*/, 1005 struct lwp *l /*traced*/, 1006 struct uio *uio) 1007 { 1008 struct proc *p = l->l_proc; /* traced */ 1009 struct vmspace *vm; 1010 int error; 1011 1012 size_t len; 1013 #ifdef PMAP_NEED_PROCWR 1014 vaddr_t addr; 1015 #endif 1016 1017 error = 0; 1018 len = uio->uio_resid; 1019 1020 if (len == 0) 1021 return (0); 1022 1023 #ifdef PMAP_NEED_PROCWR 1024 addr = uio->uio_offset; 1025 #endif 1026 1027 vm = p->p_vmspace; 1028 1029 mutex_enter(&vm->vm_map.misc_lock); 1030 if ((l->l_flag & LW_WEXIT) || vm->vm_refcnt < 1) 1031 error = EFAULT; 1032 if (error == 0) 1033 p->p_vmspace->vm_refcnt++; /* XXX */ 1034 mutex_exit(&vm->vm_map.misc_lock); 1035 if (error != 0) 1036 return (error); 1037 error = uvm_io(&vm->vm_map, uio); 1038 uvmspace_free(vm); 1039 1040 #ifdef PMAP_NEED_PROCWR 1041 if (error == 0 && uio->uio_rw == UIO_WRITE) 1042 pmap_procwr(p, addr, len); 1043 #endif 1044 return (error); 1045 } 1046 #endif /* KTRACE || PTRACE */ 1047 1048 #if defined(KTRACE) || defined(PTRACE) 1049 void 1050 process_stoptrace(void) 1051 { 1052 struct lwp *l = curlwp; 1053 struct proc *p = l->l_proc, *pp; 1054 1055 mutex_enter(proc_lock); 1056 mutex_enter(p->p_lock); 1057 pp = p->p_pptr; 1058 if (pp->p_pid == 1) { 1059 CLR(p->p_slflag, PSL_SYSCALL); /* XXXSMP */ 1060 mutex_exit(p->p_lock); 1061 mutex_exit(proc_lock); 1062 return; 1063 } 1064 1065 p->p_xstat = SIGTRAP; 1066 proc_stop(p, 1, SIGSTOP); 1067 mutex_exit(proc_lock); 1068 1069 /* 1070 * Call issignal() once only, to have it take care of the 1071 * pending stop. Signal processing will take place as usual 1072 * from userret(). 1073 */ 1074 KERNEL_UNLOCK_ALL(l, &l->l_biglocks); 1075 (void)issignal(l); 1076 mutex_exit(p->p_lock); 1077 KERNEL_LOCK(l->l_biglocks, l); 1078 } 1079 #endif /* KTRACE || PTRACE */ 1080