search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / kernel / fs / proc / prcontrol.c
blob04eaa32daeee15cb4bc0872619709ad95a25d476
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /*
28 * Copyright (c) 2013, Joyent, Inc. All rights reserved.
29 * Copyright 2014 Garrett D'Amore <garrett@damore.org>
30 */
31
32 #include <sys/types.h>
33 #include <sys/uio.h>
34 #include <sys/param.h>
35 #include <sys/cmn_err.h>
36 #include <sys/cred.h>
37 #include <sys/policy.h>
38 #include <sys/debug.h>
39 #include <sys/errno.h>
40 #include <sys/file.h>
41 #include <sys/inline.h>
42 #include <sys/kmem.h>
43 #include <sys/proc.h>
44 #include <sys/brand.h>
45 #include <sys/regset.h>
46 #include <sys/sysmacros.h>
47 #include <sys/systm.h>
48 #include <sys/vfs.h>
49 #include <sys/vnode.h>
50 #include <sys/signal.h>
51 #include <sys/auxv.h>
52 #include <sys/user.h>
53 #include <sys/class.h>
54 #include <sys/fault.h>
55 #include <sys/syscall.h>
56 #include <sys/procfs.h>
57 #include <sys/zone.h>
58 #include <sys/copyops.h>
59 #include <sys/schedctl.h>
60 #include <vm/as.h>
61 #include <vm/seg.h>
62 #include <sys/proc/prdata.h>
63 #include <sys/contract/process_impl.h>
64
65 static void pr_settrace(proc_t *, sigset_t *);
66 static int pr_setfpregs(prnode_t *, prfpregset_t *);
67 static int pr_setvaddr(prnode_t *, caddr_t);
68 static int pr_clearsig(prnode_t *);
69 static int pr_clearflt(prnode_t *);
70 static int pr_watch(prnode_t *, prwatch_t *, int *);
71 static int pr_agent(prnode_t *, prgregset_t, int *);
72 static int pr_rdwr(proc_t *, enum uio_rw, priovec_t *);
73 static int pr_scred(proc_t *, prcred_t *, cred_t *, boolean_t);
74 static int pr_spriv(proc_t *, prpriv_t *, cred_t *);
75 static int pr_szoneid(proc_t *, zoneid_t, cred_t *);
76 static void pauselwps(proc_t *);
77 static void unpauselwps(proc_t *);
78
79 typedef union {
80 long sig; /* PCKILL, PCUNKILL */
81 long nice; /* PCNICE */
82 long timeo; /* PCTWSTOP */
83 ulong_t flags; /* PCRUN, PCSET, PCUNSET */
84 caddr_t vaddr; /* PCSVADDR */
85 siginfo_t siginfo; /* PCSSIG */
86 sigset_t sigset; /* PCSTRACE, PCSHOLD */
87 fltset_t fltset; /* PCSFAULT */
88 sysset_t sysset; /* PCSENTRY, PCSEXIT */
89 prgregset_t prgregset; /* PCSREG, PCAGENT */
90 prfpregset_t prfpregset; /* PCSFPREG */
91 prwatch_t prwatch; /* PCWATCH */
92 priovec_t priovec; /* PCREAD, PCWRITE */
93 prcred_t prcred; /* PCSCRED */
94 prpriv_t prpriv; /* PCSPRIV */
95 long przoneid; /* PCSZONE */
96 } arg_t;
97
98 static int pr_control(long, arg_t *, prnode_t *, cred_t *);
99
100 static size_t
101 ctlsize(long cmd, size_t resid, arg_t *argp)
102 {
103 size_t size = sizeof (long);
104 size_t rnd;
105 int ngrp;
106
107 switch (cmd) {
108 case PCNULL:
109 case PCSTOP:
110 case PCDSTOP:
111 case PCWSTOP:
112 case PCCSIG:
113 case PCCFAULT:
114 break;
115 case PCSSIG:
116 size += sizeof (siginfo_t);
117 break;
118 case PCTWSTOP:
119 size += sizeof (long);
120 break;
121 case PCKILL:
122 case PCUNKILL:
123 case PCNICE:
124 size += sizeof (long);
125 break;
126 case PCRUN:
127 case PCSET:
128 case PCUNSET:
129 size += sizeof (ulong_t);
130 break;
131 case PCSVADDR:
132 size += sizeof (caddr_t);
133 break;
134 case PCSTRACE:
135 case PCSHOLD:
136 size += sizeof (sigset_t);
137 break;
138 case PCSFAULT:
139 size += sizeof (fltset_t);
140 break;
141 case PCSENTRY:
142 case PCSEXIT:
143 size += sizeof (sysset_t);
144 break;
145 case PCSREG:
146 case PCAGENT:
147 size += sizeof (prgregset_t);
148 break;
149 case PCSFPREG:
150 size += sizeof (prfpregset_t);
151 break;
152 case PCWATCH:
153 size += sizeof (prwatch_t);
154 break;
155 case PCREAD:
156 case PCWRITE:
157 size += sizeof (priovec_t);
158 break;
159 case PCSCRED:
160 size += sizeof (prcred_t);
161 break;
162 case PCSCREDX:
163 /*
164 * We cannot derefence the pr_ngroups fields if it
165 * we don't have enough data.
166 */
167 if (resid < size + sizeof (prcred_t) - sizeof (gid_t))
168 return (0);
169 ngrp = argp->prcred.pr_ngroups;
170 if (ngrp < 0 || ngrp > ngroups_max)
171 return (0);
172
173 /* The result can be smaller than sizeof (prcred_t) */
174 size += sizeof (prcred_t) - sizeof (gid_t);
175 size += ngrp * sizeof (gid_t);
176 break;
177 case PCSPRIV:
178 if (resid >= size + sizeof (prpriv_t))
179 size += priv_prgetprivsize(&argp->prpriv);
180 else
181 return (0);
182 break;
183 case PCSZONE:
184 size += sizeof (long);
185 break;
186 default:
187 return (0);
188 }
189
190 /* Round up to a multiple of long, unless exact amount written */
191 if (size < resid) {
192 rnd = size & (sizeof (long) - 1);
193
194 if (rnd != 0)
195 size += sizeof (long) - rnd;
196 }
197
198 if (size > resid)
199 return (0);
200 return (size);
201 }
202
203 /*
204 * Control operations (lots).
205 */
206 int
207 prwritectl(vnode_t *vp, uio_t *uiop, cred_t *cr)
208 {
209 #define MY_BUFFER_SIZE \
210 100 > 1 + sizeof (arg_t) / sizeof (long) ? \
211 100 : 1 + sizeof (arg_t) / sizeof (long)
212 long buf[MY_BUFFER_SIZE];
213 long *bufp;
214 size_t resid = 0;
215 size_t size;
216 prnode_t *pnp = VTOP(vp);
217 int error;
218 int locked = 0;
219
220 while (uiop->uio_resid) {
221 /*
222 * Read several commands in one gulp.
223 */
224 bufp = buf;
225 if (resid) { /* move incomplete command to front of buffer */
226 long *tail;
227
228 if (resid >= sizeof (buf))
229 break;
230 tail = (long *)((char *)buf + sizeof (buf) - resid);
231 do {
232 *bufp++ = *tail++;
233 } while ((resid -= sizeof (long)) != 0);
234 }
235 resid = sizeof (buf) - ((char *)bufp - (char *)buf);
236 if (resid > uiop->uio_resid)
237 resid = uiop->uio_resid;
238 if (error = uiomove((caddr_t)bufp, resid, UIO_WRITE, uiop))
239 return (error);
240 resid += (char *)bufp - (char *)buf;
241 bufp = buf;
242
243 do { /* loop over commands in buffer */
244 long cmd = bufp[0];
245 arg_t *argp = (arg_t *)&bufp[1];
246
247 size = ctlsize(cmd, resid, argp);
248 if (size == 0) /* incomplete or invalid command */
249 break;
250 /*
251 * Perform the specified control operation.
252 */
253 if (!locked) {
254 if ((error = prlock(pnp, ZNO)) != 0)
255 return (error);
256 locked = 1;
257 }
258 if (error = pr_control(cmd, argp, pnp, cr)) {
259 if (error == -1) /* -1 is timeout */
260 locked = 0;
261 else
262 return (error);
263 }
264 bufp = (long *)((char *)bufp + size);
265 } while ((resid -= size) != 0);
266
267 if (locked) {
268 prunlock(pnp);
269 locked = 0;
270 }
271 }
272 return (resid? EINVAL : 0);
273 }
274
275 static int
276 pr_control(long cmd, arg_t *argp, prnode_t *pnp, cred_t *cr)
277 {
278 prcommon_t *pcp;
279 proc_t *p;
280 int unlocked;
281 int error = 0;
282
283 if (cmd == PCNULL)
284 return (0);
285
286 pcp = pnp->pr_common;
287 p = pcp->prc_proc;
288 ASSERT(p != NULL);
289
290 /* System processes defy control. */
291 if (p->p_flag & SSYS) {
292 prunlock(pnp);
293 return (EBUSY);
294 }
295
296 switch (cmd) {
297
298 default:
299 error = EINVAL;
300 break;
301
302 case PCSTOP: /* direct process or lwp to stop and wait for stop */
303 case PCDSTOP: /* direct process or lwp to stop, don't wait */
304 case PCWSTOP: /* wait for process or lwp to stop */
305 case PCTWSTOP: /* wait for process or lwp to stop, with timeout */
306 {
307 time_t timeo;
308
309 /*
310 * Can't apply to a system process.
311 */
312 if (p->p_as == &kas) {
313 error = EBUSY;
314 break;
315 }
316
317 if (cmd == PCSTOP || cmd == PCDSTOP)
318 pr_stop(pnp);
319
320 if (cmd == PCDSTOP)
321 break;
322
323 /*
324 * If an lwp is waiting for itself or its process,
325 * don't wait. The stopped lwp would never see the
326 * fact that it is stopped.
327 */
328 if ((pcp->prc_flags & PRC_LWP)?
329 (pcp->prc_thread == curthread) : (p == curproc)) {
330 if (cmd == PCWSTOP || cmd == PCTWSTOP)
331 error = EBUSY;
332 break;
333 }
334
335 timeo = (cmd == PCTWSTOP)? (time_t)argp->timeo : 0;
336 if ((error = pr_wait_stop(pnp, timeo)) != 0)
337 return (error);
338
339 break;
340 }
341
342 case PCRUN: /* make lwp or process runnable */
343 error = pr_setrun(pnp, argp->flags);
344 break;
345
346 case PCSTRACE: /* set signal trace mask */
347 pr_settrace(p, &argp->sigset);
348 break;
349
350 case PCSSIG: /* set current signal */
351 error = pr_setsig(pnp, &argp->siginfo);
352 if (argp->siginfo.si_signo == SIGKILL && error == 0) {
353 prunlock(pnp);
354 pr_wait_die(pnp);
355 return (-1);
356 }
357 break;
358
359 case PCKILL: /* send signal */
360 error = pr_kill(pnp, (int)argp->sig, cr);
361 if (error == 0 && argp->sig == SIGKILL) {
362 prunlock(pnp);
363 pr_wait_die(pnp);
364 return (-1);
365 }
366 break;
367
368 case PCUNKILL: /* delete a pending signal */
369 error = pr_unkill(pnp, (int)argp->sig);
370 break;
371
372 case PCNICE: /* set nice priority */
373 error = pr_nice(p, (int)argp->nice, cr);
374 break;
375
376 case PCSENTRY: /* set syscall entry bit mask */
377 case PCSEXIT: /* set syscall exit bit mask */
378 pr_setentryexit(p, &argp->sysset, cmd == PCSENTRY);
379 break;
380
381 case PCSET: /* set process flags */
382 error = pr_set(p, argp->flags);
383 break;
384
385 case PCUNSET: /* unset process flags */
386 error = pr_unset(p, argp->flags);
387 break;
388
389 case PCSREG: /* set general registers */
390 {
391 kthread_t *t = pr_thread(pnp);
392
393 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
394 thread_unlock(t);
395 error = EBUSY;
396 } else {
397 thread_unlock(t);
398 mutex_exit(&p->p_lock);
399 prsetprregs(ttolwp(t), argp->prgregset, 0);
400 mutex_enter(&p->p_lock);
401 }
402 break;
403 }
404
405 case PCSFPREG: /* set floating-point registers */
406 error = pr_setfpregs(pnp, &argp->prfpregset);
407 break;
408
409 case PCSXREG: /* set extra registers */
410 error = EINVAL;
411 break;
412
413
414 case PCSVADDR: /* set virtual address at which to resume */
415 error = pr_setvaddr(pnp, argp->vaddr);
416 break;
417
418 case PCSHOLD: /* set signal-hold mask */
419 pr_sethold(pnp, &argp->sigset);
420 break;
421
422 case PCSFAULT: /* set mask of traced faults */
423 pr_setfault(p, &argp->fltset);
424 break;
425
426 case PCCSIG: /* clear current signal */
427 error = pr_clearsig(pnp);
428 break;
429
430 case PCCFAULT: /* clear current fault */
431 error = pr_clearflt(pnp);
432 break;
433
434 case PCWATCH: /* set or clear watched areas */
435 error = pr_watch(pnp, &argp->prwatch, &unlocked);
436 if (error && unlocked)
437 return (error);
438 break;
439
440 case PCAGENT: /* create the /proc agent lwp in the target process */
441 error = pr_agent(pnp, argp->prgregset, &unlocked);
442 if (error && unlocked)
443 return (error);
444 break;
445
446 case PCREAD: /* read from the address space */
447 error = pr_rdwr(p, UIO_READ, &argp->priovec);
448 break;
449
450 case PCWRITE: /* write to the address space */
451 error = pr_rdwr(p, UIO_WRITE, &argp->priovec);
452 break;
453
454 case PCSCRED: /* set the process credentials */
455 case PCSCREDX:
456 error = pr_scred(p, &argp->prcred, cr, cmd == PCSCREDX);
457 break;
458
459 case PCSPRIV: /* set the process privileges */
460 error = pr_spriv(p, &argp->prpriv, cr);
461 break;
462 case PCSZONE: /* set the process's zoneid credentials */
463 error = pr_szoneid(p, (zoneid_t)argp->przoneid, cr);
464 break;
465 }
466
467 if (error)
468 prunlock(pnp);
469 return (error);
470 }
471
472 #ifdef _SYSCALL32_IMPL
473
474 typedef union {
475 int32_t sig; /* PCKILL, PCUNKILL */
476 int32_t nice; /* PCNICE */
477 int32_t timeo; /* PCTWSTOP */
478 uint32_t flags; /* PCRUN, PCSET, PCUNSET */
479 caddr32_t vaddr; /* PCSVADDR */
480 siginfo32_t siginfo; /* PCSSIG */
481 sigset_t sigset; /* PCSTRACE, PCSHOLD */
482 fltset_t fltset; /* PCSFAULT */
483 sysset_t sysset; /* PCSENTRY, PCSEXIT */
484 prgregset32_t prgregset; /* PCSREG, PCAGENT */
485 prfpregset32_t prfpregset; /* PCSFPREG */
486 #if defined(__sparc)
487 prxregset_t prxregset; /* PCSXREG */
488 #endif
489 prwatch32_t prwatch; /* PCWATCH */
490 priovec32_t priovec; /* PCREAD, PCWRITE */
491 prcred32_t prcred; /* PCSCRED */
492 prpriv_t prpriv; /* PCSPRIV */
493 int32_t przoneid; /* PCSZONE */
494 } arg32_t;
495
496 static int pr_control32(int32_t, arg32_t *, prnode_t *, cred_t *);
497 static int pr_setfpregs32(prnode_t *, prfpregset32_t *);
498
499 /*
500 * Note that while ctlsize32() can use argp, it must do so only in a way
501 * that assumes 32-bit rather than 64-bit alignment as argp is a pointer
502 * to an array of 32-bit values and only 32-bit alignment is ensured.
503 */
504 static size_t
505 ctlsize32(int32_t cmd, size_t resid, arg32_t *argp)
506 {
507 size_t size = sizeof (int32_t);
508 size_t rnd;
509 int ngrp;
510
511 switch (cmd) {
512 case PCNULL:
513 case PCSTOP:
514 case PCDSTOP:
515 case PCWSTOP:
516 case PCCSIG:
517 case PCCFAULT:
518 break;
519 case PCSSIG:
520 size += sizeof (siginfo32_t);
521 break;
522 case PCTWSTOP:
523 size += sizeof (int32_t);
524 break;
525 case PCKILL:
526 case PCUNKILL:
527 case PCNICE:
528 size += sizeof (int32_t);
529 break;
530 case PCRUN:
531 case PCSET:
532 case PCUNSET:
533 size += sizeof (uint32_t);
534 break;
535 case PCSVADDR:
536 size += sizeof (caddr32_t);
537 break;
538 case PCSTRACE:
539 case PCSHOLD:
540 size += sizeof (sigset_t);
541 break;
542 case PCSFAULT:
543 size += sizeof (fltset_t);
544 break;
545 case PCSENTRY:
546 case PCSEXIT:
547 size += sizeof (sysset_t);
548 break;
549 case PCSREG:
550 case PCAGENT:
551 size += sizeof (prgregset32_t);
552 break;
553 case PCSFPREG:
554 size += sizeof (prfpregset32_t);
555 break;
556 #if defined(__sparc)
557 case PCSXREG:
558 size += sizeof (prxregset_t);
559 break;
560 #endif
561 case PCWATCH:
562 size += sizeof (prwatch32_t);
563 break;
564 case PCREAD:
565 case PCWRITE:
566 size += sizeof (priovec32_t);
567 break;
568 case PCSCRED:
569 size += sizeof (prcred32_t);
570 break;
571 case PCSCREDX:
572 /*
573 * We cannot derefence the pr_ngroups fields if it
574 * we don't have enough data.
575 */
576 if (resid < size + sizeof (prcred32_t) - sizeof (gid32_t))
577 return (0);
578 ngrp = argp->prcred.pr_ngroups;
579 if (ngrp < 0 || ngrp > ngroups_max)
580 return (0);
581
582 /* The result can be smaller than sizeof (prcred32_t) */
583 size += sizeof (prcred32_t) - sizeof (gid32_t);
584 size += ngrp * sizeof (gid32_t);
585 break;
586 case PCSPRIV:
587 if (resid >= size + sizeof (prpriv_t))
588 size += priv_prgetprivsize(&argp->prpriv);
589 else
590 return (0);
591 break;
592 case PCSZONE:
593 size += sizeof (int32_t);
594 break;
595 default:
596 return (0);
597 }
598
599 /* Round up to a multiple of int32_t */
600 rnd = size & (sizeof (int32_t) - 1);
601
602 if (rnd != 0)
603 size += sizeof (int32_t) - rnd;
604
605 if (size > resid)
606 return (0);
607 return (size);
608 }
609
610 /*
611 * Control operations (lots).
612 */
613 int
614 prwritectl32(struct vnode *vp, struct uio *uiop, cred_t *cr)
615 {
616 #define MY_BUFFER_SIZE32 \
617 100 > 1 + sizeof (arg32_t) / sizeof (int32_t) ? \
618 100 : 1 + sizeof (arg32_t) / sizeof (int32_t)
619 int32_t buf[MY_BUFFER_SIZE32];
620 int32_t *bufp;
621 arg32_t arg;
622 size_t resid = 0;
623 size_t size;
624 prnode_t *pnp = VTOP(vp);
625 int error;
626 int locked = 0;
627
628 while (uiop->uio_resid) {
629 /*
630 * Read several commands in one gulp.
631 */
632 bufp = buf;
633 if (resid) { /* move incomplete command to front of buffer */
634 int32_t *tail;
635
636 if (resid >= sizeof (buf))
637 break;
638 tail = (int32_t *)((char *)buf + sizeof (buf) - resid);
639 do {
640 *bufp++ = *tail++;
641 } while ((resid -= sizeof (int32_t)) != 0);
642 }
643 resid = sizeof (buf) - ((char *)bufp - (char *)buf);
644 if (resid > uiop->uio_resid)
645 resid = uiop->uio_resid;
646 if (error = uiomove((caddr_t)bufp, resid, UIO_WRITE, uiop))
647 return (error);
648 resid += (char *)bufp - (char *)buf;
649 bufp = buf;
650
651 do { /* loop over commands in buffer */
652 int32_t cmd = bufp[0];
653 arg32_t *argp = (arg32_t *)&bufp[1];
654
655 size = ctlsize32(cmd, resid, argp);
656 if (size == 0) /* incomplete or invalid command */
657 break;
658 /*
659 * Perform the specified control operation.
660 */
661 if (!locked) {
662 if ((error = prlock(pnp, ZNO)) != 0)
663 return (error);
664 locked = 1;
665 }
666
667 /*
668 * Since some members of the arg32_t union contain
669 * 64-bit values (which must be 64-bit aligned), we
670 * can't simply pass a pointer to the structure as
671 * it may be unaligned. Note that we do pass the
672 * potentially unaligned structure to ctlsize32()
673 * above, but that uses it a way that makes no
674 * assumptions about alignment.
675 */
676 ASSERT(size - sizeof (cmd) <= sizeof (arg));
677 bcopy(argp, &arg, size - sizeof (cmd));
678
679 if (error = pr_control32(cmd, &arg, pnp, cr)) {
680 if (error == -1) /* -1 is timeout */
681 locked = 0;
682 else
683 return (error);
684 }
685 bufp = (int32_t *)((char *)bufp + size);
686 } while ((resid -= size) != 0);
687
688 if (locked) {
689 prunlock(pnp);
690 locked = 0;
691 }
692 }
693 return (resid? EINVAL : 0);
694 }
695
696 static int
697 pr_control32(int32_t cmd, arg32_t *argp, prnode_t *pnp, cred_t *cr)
698 {
699 prcommon_t *pcp;
700 proc_t *p;
701 int unlocked;
702 int error = 0;
703
704 if (cmd == PCNULL)
705 return (0);
706
707 pcp = pnp->pr_common;
708 p = pcp->prc_proc;
709 ASSERT(p != NULL);
710
711 if (p->p_flag & SSYS) {
712 prunlock(pnp);
713 return (EBUSY);
714 }
715
716 switch (cmd) {
717
718 default:
719 error = EINVAL;
720 break;
721
722 case PCSTOP: /* direct process or lwp to stop and wait for stop */
723 case PCDSTOP: /* direct process or lwp to stop, don't wait */
724 case PCWSTOP: /* wait for process or lwp to stop */
725 case PCTWSTOP: /* wait for process or lwp to stop, with timeout */
726 {
727 time_t timeo;
728
729 /*
730 * Can't apply to a system process.
731 */
732 if (p->p_as == &kas) {
733 error = EBUSY;
734 break;
735 }
736
737 if (cmd == PCSTOP || cmd == PCDSTOP)
738 pr_stop(pnp);
739
740 if (cmd == PCDSTOP)
741 break;
742
743 /*
744 * If an lwp is waiting for itself or its process,
745 * don't wait. The lwp will never see the fact that
746 * itself is stopped.
747 */
748 if ((pcp->prc_flags & PRC_LWP)?
749 (pcp->prc_thread == curthread) : (p == curproc)) {
750 if (cmd == PCWSTOP || cmd == PCTWSTOP)
751 error = EBUSY;
752 break;
753 }
754
755 timeo = (cmd == PCTWSTOP)? (time_t)argp->timeo : 0;
756 if ((error = pr_wait_stop(pnp, timeo)) != 0)
757 return (error);
758
759 break;
760 }
761
762 case PCRUN: /* make lwp or process runnable */
763 error = pr_setrun(pnp, (ulong_t)argp->flags);
764 break;
765
766 case PCSTRACE: /* set signal trace mask */
767 pr_settrace(p, &argp->sigset);
768 break;
769
770 case PCSSIG: /* set current signal */
771 if (PROCESS_NOT_32BIT(p))
772 error = EOVERFLOW;
773 else {
774 int sig = (int)argp->siginfo.si_signo;
775 siginfo_t siginfo;
776
777 bzero(&siginfo, sizeof (siginfo));
778 siginfo_32tok(&argp->siginfo, (k_siginfo_t *)&siginfo);
779 error = pr_setsig(pnp, &siginfo);
780 if (sig == SIGKILL && error == 0) {
781 prunlock(pnp);
782 pr_wait_die(pnp);
783 return (-1);
784 }
785 }
786 break;
787
788 case PCKILL: /* send signal */
789 error = pr_kill(pnp, (int)argp->sig, cr);
790 if (error == 0 && argp->sig == SIGKILL) {
791 prunlock(pnp);
792 pr_wait_die(pnp);
793 return (-1);
794 }
795 break;
796
797 case PCUNKILL: /* delete a pending signal */
798 error = pr_unkill(pnp, (int)argp->sig);
799 break;
800
801 case PCNICE: /* set nice priority */
802 error = pr_nice(p, (int)argp->nice, cr);
803 break;
804
805 case PCSENTRY: /* set syscall entry bit mask */
806 case PCSEXIT: /* set syscall exit bit mask */
807 pr_setentryexit(p, &argp->sysset, cmd == PCSENTRY);
808 break;
809
810 case PCSET: /* set process flags */
811 error = pr_set(p, (long)argp->flags);
812 break;
813
814 case PCUNSET: /* unset process flags */
815 error = pr_unset(p, (long)argp->flags);
816 break;
817
818 case PCSREG: /* set general registers */
819 if (PROCESS_NOT_32BIT(p))
820 error = EOVERFLOW;
821 else {
822 kthread_t *t = pr_thread(pnp);
823
824 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
825 thread_unlock(t);
826 error = EBUSY;
827 } else {
828 prgregset_t prgregset;
829 klwp_t *lwp = ttolwp(t);
830
831 thread_unlock(t);
832 mutex_exit(&p->p_lock);
833 prgregset_32ton(lwp, argp->prgregset,
834 prgregset);
835 prsetprregs(lwp, prgregset, 0);
836 mutex_enter(&p->p_lock);
837 }
838 }
839 break;
840
841 case PCSFPREG: /* set floating-point registers */
842 if (PROCESS_NOT_32BIT(p))
843 error = EOVERFLOW;
844 else
845 error = pr_setfpregs32(pnp, &argp->prfpregset);
846 break;
847
848 case PCSXREG: /* set extra registers */
849 #if defined(__sparc)
850 if (PROCESS_NOT_32BIT(p))
851 error = EOVERFLOW;
852 else
853 error = pr_setxregs(pnp, &argp->prxregset);
854 #else
855 error = EINVAL;
856 #endif
857 break;
858
859 case PCSVADDR: /* set virtual address at which to resume */
860 if (PROCESS_NOT_32BIT(p))
861 error = EOVERFLOW;
862 else
863 error = pr_setvaddr(pnp,
864 (caddr_t)(uintptr_t)argp->vaddr);
865 break;
866
867 case PCSHOLD: /* set signal-hold mask */
868 pr_sethold(pnp, &argp->sigset);
869 break;
870
871 case PCSFAULT: /* set mask of traced faults */
872 pr_setfault(p, &argp->fltset);
873 break;
874
875 case PCCSIG: /* clear current signal */
876 error = pr_clearsig(pnp);
877 break;
878
879 case PCCFAULT: /* clear current fault */
880 error = pr_clearflt(pnp);
881 break;
882
883 case PCWATCH: /* set or clear watched areas */
884 if (PROCESS_NOT_32BIT(p))
885 error = EOVERFLOW;
886 else {
887 prwatch_t prwatch;
888
889 prwatch.pr_vaddr = argp->prwatch.pr_vaddr;
890 prwatch.pr_size = argp->prwatch.pr_size;
891 prwatch.pr_wflags = argp->prwatch.pr_wflags;
892 prwatch.pr_pad = argp->prwatch.pr_pad;
893 error = pr_watch(pnp, &prwatch, &unlocked);
894 if (error && unlocked)
895 return (error);
896 }
897 break;
898
899 case PCAGENT: /* create the /proc agent lwp in the target process */
900 if (PROCESS_NOT_32BIT(p))
901 error = EOVERFLOW;
902 else {
903 prgregset_t prgregset;
904 kthread_t *t = pr_thread(pnp);
905 klwp_t *lwp = ttolwp(t);
906 thread_unlock(t);
907 mutex_exit(&p->p_lock);
908 prgregset_32ton(lwp, argp->prgregset, prgregset);
909 mutex_enter(&p->p_lock);
910 error = pr_agent(pnp, prgregset, &unlocked);
911 if (error && unlocked)
912 return (error);
913 }
914 break;
915
916 case PCREAD: /* read from the address space */
917 case PCWRITE: /* write to the address space */
918 if (PROCESS_NOT_32BIT(p) || (pnp->pr_flags & PR_OFFMAX))
919 error = EOVERFLOW;
920 else {
921 enum uio_rw rw = (cmd == PCREAD)? UIO_READ : UIO_WRITE;
922 priovec_t priovec;
923
924 priovec.pio_base =
925 (void *)(uintptr_t)argp->priovec.pio_base;
926 priovec.pio_len = (size_t)argp->priovec.pio_len;
927 priovec.pio_offset = (off_t)
928 (uint32_t)argp->priovec.pio_offset;
929 error = pr_rdwr(p, rw, &priovec);
930 }
931 break;
932
933 case PCSCRED: /* set the process credentials */
934 case PCSCREDX:
935 {
936 /*
937 * All the fields in these structures are exactly the
938 * same and so the structures are compatible. In case
939 * this ever changes, we catch this with the ASSERT
940 * below.
941 */
942 prcred_t *prcred = (prcred_t *)&argp->prcred;
943
944 ASSERT(sizeof (prcred_t) == sizeof (prcred32_t));
945
946 error = pr_scred(p, prcred, cr, cmd == PCSCREDX);
947 break;
948 }
949
950 case PCSPRIV: /* set the process privileges */
951 error = pr_spriv(p, &argp->prpriv, cr);
952 break;
953
954 case PCSZONE: /* set the process's zoneid */
955 error = pr_szoneid(p, (zoneid_t)argp->przoneid, cr);
956 break;
957 }
958
959 if (error)
960 prunlock(pnp);
961 return (error);
962 }
963
964 #endif /* _SYSCALL32_IMPL */
965
966 /*
967 * Return the specific or chosen thread/lwp for a control operation.
968 * Returns with the thread locked via thread_lock(t).
969 */
970 kthread_t *
971 pr_thread(prnode_t *pnp)
972 {
973 prcommon_t *pcp = pnp->pr_common;
974 kthread_t *t;
975
976 if (pcp->prc_flags & PRC_LWP) {
977 t = pcp->prc_thread;
978 ASSERT(t != NULL);
979 thread_lock(t);
980 } else {
981 proc_t *p = pcp->prc_proc;
982 t = prchoose(p); /* returns locked thread */
983 ASSERT(t != NULL);
984 }
985
986 return (t);
987 }
988
989 /*
990 * Direct the process or lwp to stop.
991 */
992 void
993 pr_stop(prnode_t *pnp)
994 {
995 prcommon_t *pcp = pnp->pr_common;
996 proc_t *p = pcp->prc_proc;
997 kthread_t *t;
998 vnode_t *vp;
999
1000 /*
1001 * If already stopped, do nothing; otherwise flag
1002 * it to be stopped the next time it tries to run.
1003 * If sleeping at interruptible priority, set it
1004 * running so it will stop within cv_wait_sig().
1005 *
1006 * Take care to cooperate with jobcontrol: if an lwp
1007 * is stopped due to the default action of a jobcontrol
1008 * stop signal, flag it to be stopped the next time it
1009 * starts due to a SIGCONT signal.
1010 */
1011 if (pcp->prc_flags & PRC_LWP)
1012 t = pcp->prc_thread;
1013 else
1014 t = p->p_tlist;
1015 ASSERT(t != NULL);
1016
1017 do {
1018 int notify;
1019
1020 notify = 0;
1021 thread_lock(t);
1022 if (!ISTOPPED(t)) {
1023 t->t_proc_flag |= TP_PRSTOP;
1024 t->t_sig_check = 1; /* do ISSIG */
1025 }
1026
1027 /* Move the thread from wait queue to run queue */
1028 if (ISWAITING(t))
1029 setrun_locked(t);
1030
1031 if (ISWAKEABLE(t)) {
1032 if (t->t_wchan0 == NULL)
1033 setrun_locked(t);
1034 else if (!VSTOPPED(t)) {
1035 /*
1036 * Mark it virtually stopped.
1037 */
1038 t->t_proc_flag |= TP_PRVSTOP;
1039 notify = 1;
1040 }
1041 }
1042 /*
1043 * force the thread into the kernel
1044 * if it is not already there.
1045 */
1046 prpokethread(t);
1047 thread_unlock(t);
1048 if (notify &&
1049 (vp = p->p_lwpdir[t->t_dslot].ld_entry->le_trace) != NULL)
1050 prnotify(vp);
1051 if (pcp->prc_flags & PRC_LWP)
1052 break;
1053 } while ((t = t->t_forw) != p->p_tlist);
1054
1055 /*
1056 * We do this just in case the thread we asked
1057 * to stop is in holdlwps() (called from cfork()).
1058 */
1059 cv_broadcast(&p->p_holdlwps);
1060 }
1061
1062 /*
1063 * Sleep until the lwp stops, but cooperate with
1064 * jobcontrol: Don't wake up if the lwp is stopped
1065 * due to the default action of a jobcontrol stop signal.
1066 * If this is the process file descriptor, sleep
1067 * until all of the process's lwps stop.
1068 */
1069 int
1070 pr_wait_stop(prnode_t *pnp, time_t timeo)
1071 {
1072 prcommon_t *pcp = pnp->pr_common;
1073 proc_t *p = pcp->prc_proc;
1074 timestruc_t rqtime;
1075 timestruc_t *rqtp = NULL;
1076 int timecheck = 0;
1077 kthread_t *t;
1078 int error;
1079
1080 if (timeo > 0) { /* millisecond timeout */
1081 /*
1082 * Determine the precise future time of the requested timeout.
1083 */
1084 timestruc_t now;
1085
1086 timecheck = timechanged;
1087 gethrestime(&now);
1088 rqtp = &rqtime;
1089 rqtp->tv_sec = timeo / MILLISEC;
1090 rqtp->tv_nsec = (timeo % MILLISEC) * MICROSEC;
1091 timespecadd(rqtp, &now);
1092 }
1093
1094 if (pcp->prc_flags & PRC_LWP) { /* lwp file descriptor */
1095 t = pcp->prc_thread;
1096 ASSERT(t != NULL);
1097 thread_lock(t);
1098 while (!ISTOPPED(t) && !VSTOPPED(t)) {
1099 thread_unlock(t);
1100 mutex_enter(&pcp->prc_mutex);
1101 prunlock(pnp);
1102 error = pr_wait(pcp, rqtp, timecheck);
1103 if (error) /* -1 is timeout */
1104 return (error);
1105 if ((error = prlock(pnp, ZNO)) != 0)
1106 return (error);
1107 ASSERT(p == pcp->prc_proc);
1108 ASSERT(t == pcp->prc_thread);
1109 thread_lock(t);
1110 }
1111 thread_unlock(t);
1112 } else { /* process file descriptor */
1113 t = prchoose(p); /* returns locked thread */
1114 ASSERT(t != NULL);
1115 ASSERT(MUTEX_HELD(&p->p_lock));
1116 while ((!ISTOPPED(t) && !VSTOPPED(t) && !SUSPENDED(t)) ||
1117 (p->p_flag & SEXITLWPS)) {
1118 thread_unlock(t);
1119 mutex_enter(&pcp->prc_mutex);
1120 prunlock(pnp);
1121 error = pr_wait(pcp, rqtp, timecheck);
1122 if (error) /* -1 is timeout */
1123 return (error);
1124 if ((error = prlock(pnp, ZNO)) != 0)
1125 return (error);
1126 ASSERT(p == pcp->prc_proc);
1127 t = prchoose(p); /* returns locked t */
1128 ASSERT(t != NULL);
1129 }
1130 thread_unlock(t);
1131 }
1132
1133 ASSERT(!(pcp->prc_flags & PRC_DESTROY) && p->p_stat != SZOMB &&
1134 t != NULL && t->t_state != TS_ZOMB);
1135
1136 return (0);
1137 }
1138
1139 int
1140 pr_setrun(prnode_t *pnp, ulong_t flags)
1141 {
1142 prcommon_t *pcp = pnp->pr_common;
1143 proc_t *p = pcp->prc_proc;
1144 kthread_t *t;
1145 klwp_t *lwp;
1146
1147 /*
1148 * Cannot set an lwp running if it is not stopped.
1149 * Also, no lwp other than the /proc agent lwp can
1150 * be set running so long as the /proc agent lwp exists.
1151 */
1152 t = pr_thread(pnp); /* returns locked thread */
1153 if ((!ISTOPPED(t) && !VSTOPPED(t) &&
1154 !(t->t_proc_flag & TP_PRSTOP)) ||
1155 (p->p_agenttp != NULL &&
1156 (t != p->p_agenttp || !(pcp->prc_flags & PRC_LWP)))) {
1157 thread_unlock(t);
1158 return (EBUSY);
1159 }
1160 thread_unlock(t);
1161 if (flags & ~(PRCSIG|PRCFAULT|PRSTEP|PRSTOP|PRSABORT))
1162 return (EINVAL);
1163 lwp = ttolwp(t);
1164 if ((flags & PRCSIG) && lwp->lwp_cursig != SIGKILL) {
1165 /*
1166 * Discard current siginfo_t, if any.
1167 */
1168 lwp->lwp_cursig = 0;
1169 lwp->lwp_extsig = 0;
1170 if (lwp->lwp_curinfo) {
1171 siginfofree(lwp->lwp_curinfo);
1172 lwp->lwp_curinfo = NULL;
1173 }
1174 }
1175 if (flags & PRCFAULT)
1176 lwp->lwp_curflt = 0;
1177 /*
1178 * We can't hold p->p_lock when we touch the lwp's registers.
1179 * It may be swapped out and we will get a page fault.
1180 */
1181 if (flags & PRSTEP) {
1182 mutex_exit(&p->p_lock);
1183 prstep(lwp, 0);
1184 mutex_enter(&p->p_lock);
1185 }
1186 if (flags & PRSTOP) {
1187 t->t_proc_flag |= TP_PRSTOP;
1188 t->t_sig_check = 1; /* do ISSIG */
1189 }
1190 if (flags & PRSABORT)
1191 lwp->lwp_sysabort = 1;
1192 thread_lock(t);
1193 if ((pcp->prc_flags & PRC_LWP) || (flags & (PRSTEP|PRSTOP))) {
1194 /*
1195 * Here, we are dealing with a single lwp.
1196 */
1197 if (ISTOPPED(t)) {
1198 t->t_schedflag |= TS_PSTART;
1199 t->t_dtrace_stop = 0;
1200 setrun_locked(t);
1201 } else if (flags & PRSABORT) {
1202 t->t_proc_flag &=
1203 ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1204 setrun_locked(t);
1205 } else if (!(flags & PRSTOP)) {
1206 t->t_proc_flag &=
1207 ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1208 }
1209 thread_unlock(t);
1210 } else {
1211 /*
1212 * Here, we are dealing with the whole process.
1213 */
1214 if (ISTOPPED(t)) {
1215 /*
1216 * The representative lwp is stopped on an event
1217 * of interest. We demote it to PR_REQUESTED and
1218 * choose another representative lwp. If the new
1219 * representative lwp is not stopped on an event of
1220 * interest (other than PR_REQUESTED), we set the
1221 * whole process running, else we leave the process
1222 * stopped showing the next event of interest.
1223 */
1224 kthread_t *tx = NULL;
1225
1226 if (!(flags & PRSABORT) &&
1227 t->t_whystop == PR_SYSENTRY &&
1228 t->t_whatstop == SYS_lwp_exit)
1229 tx = t; /* remember the exiting lwp */
1230 t->t_whystop = PR_REQUESTED;
1231 t->t_whatstop = 0;
1232 thread_unlock(t);
1233 t = prchoose(p); /* returns locked t */
1234 ASSERT(ISTOPPED(t) || VSTOPPED(t));
1235 if (VSTOPPED(t) ||
1236 t->t_whystop == PR_REQUESTED) {
1237 thread_unlock(t);
1238 allsetrun(p);
1239 } else {
1240 thread_unlock(t);
1241 /*
1242 * As a special case, if the old representative
1243 * lwp was stopped on entry to _lwp_exit()
1244 * (and we are not aborting the system call),
1245 * we set the old representative lwp running.
1246 * We do this so that the next process stop
1247 * will find the exiting lwp gone.
1248 */
1249 if (tx != NULL) {
1250 thread_lock(tx);
1251 tx->t_schedflag |= TS_PSTART;
1252 t->t_dtrace_stop = 0;
1253 setrun_locked(tx);
1254 thread_unlock(tx);
1255 }
1256 }
1257 } else {
1258 /*
1259 * No event of interest; set all of the lwps running.
1260 */
1261 if (flags & PRSABORT) {
1262 t->t_proc_flag &=
1263 ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1264 setrun_locked(t);
1265 }
1266 thread_unlock(t);
1267 allsetrun(p);
1268 }
1269 }
1270 return (0);
1271 }
1272
1273 /*
1274 * Wait until process/lwp stops or until timer expires.
1275 * Return EINTR for an interruption, -1 for timeout, else 0.
1276 */
1277 int
1278 pr_wait(prcommon_t *pcp, /* prcommon referring to process/lwp */
1279 timestruc_t *ts, /* absolute time of timeout, if any */
1280 int timecheck)
1281 {
1282 int rval;
1283
1284 ASSERT(MUTEX_HELD(&pcp->prc_mutex));
1285 rval = cv_waituntil_sig(&pcp->prc_wait, &pcp->prc_mutex, ts, timecheck);
1286 mutex_exit(&pcp->prc_mutex);
1287 switch (rval) {
1288 case 0:
1289 return (EINTR);
1290 case -1:
1291 return (-1);
1292 default:
1293 return (0);
1294 }
1295 }
1296
1297 /*
1298 * Make all threads in the process runnable.
1299 */
1300 void
1301 allsetrun(proc_t *p)
1302 {
1303 kthread_t *t;
1304
1305 ASSERT(MUTEX_HELD(&p->p_lock));
1306
1307 if ((t = p->p_tlist) != NULL) {
1308 do {
1309 thread_lock(t);
1310 ASSERT(!(t->t_proc_flag & TP_LWPEXIT));
1311 t->t_proc_flag &= ~(TP_PRSTOP|TP_PRVSTOP|TP_STOPPING);
1312 if (ISTOPPED(t)) {
1313 t->t_schedflag |= TS_PSTART;
1314 t->t_dtrace_stop = 0;
1315 setrun_locked(t);
1316 }
1317 thread_unlock(t);
1318 } while ((t = t->t_forw) != p->p_tlist);
1319 }
1320 }
1321
1322 /*
1323 * Wait for the process to die.
1324 * We do this after sending SIGKILL because we know it will
1325 * die soon and we want subsequent operations to return ENOENT.
1326 */
1327 void
1328 pr_wait_die(prnode_t *pnp)
1329 {
1330 proc_t *p;
1331
1332 mutex_enter(&pidlock);
1333 while ((p = pnp->pr_common->prc_proc) != NULL && p->p_stat != SZOMB) {
1334 if (!cv_wait_sig(&p->p_srwchan_cv, &pidlock))
1335 break;
1336 }
1337 mutex_exit(&pidlock);
1338 }
1339
1340 static void
1341 pr_settrace(proc_t *p, sigset_t *sp)
1342 {
1343 prdelset(sp, SIGKILL);
1344 prassignset(&p->p_sigmask, sp);
1345 if (!sigisempty(&p->p_sigmask))
1346 p->p_proc_flag |= P_PR_TRACE;
1347 else if (prisempty(&p->p_fltmask)) {
1348 user_t *up = PTOU(p);
1349 if (up->u_systrap == 0)
1350 p->p_proc_flag &= ~P_PR_TRACE;
1351 }
1352 }
1353
1354 int
1355 pr_setsig(prnode_t *pnp, siginfo_t *sip)
1356 {
1357 int nsig = PROC_IS_BRANDED(curproc)? BROP(curproc)->b_nsig : NSIG;
1358 int sig = sip->si_signo;
1359 prcommon_t *pcp = pnp->pr_common;
1360 proc_t *p = pcp->prc_proc;
1361 kthread_t *t;
1362 klwp_t *lwp;
1363 int error = 0;
1364
1365 t = pr_thread(pnp); /* returns locked thread */
1366 thread_unlock(t);
1367 lwp = ttolwp(t);
1368 if (sig < 0 || sig >= nsig)
1369 /* Zero allowed here */
1370 error = EINVAL;
1371 else if (lwp->lwp_cursig == SIGKILL)
1372 /* "can't happen", but just in case */
1373 error = EBUSY;
1374 else if ((lwp->lwp_cursig = (uchar_t)sig) == 0) {
1375 lwp->lwp_extsig = 0;
1376 /*
1377 * Discard current siginfo_t, if any.
1378 */
1379 if (lwp->lwp_curinfo) {
1380 siginfofree(lwp->lwp_curinfo);
1381 lwp->lwp_curinfo = NULL;
1382 }
1383 } else {
1384 kthread_t *tx;
1385 sigqueue_t *sqp;
1386
1387 /* drop p_lock to do kmem_alloc(KM_SLEEP) */
1388 mutex_exit(&p->p_lock);
1389 sqp = kmem_zalloc(sizeof (sigqueue_t), KM_SLEEP);
1390 mutex_enter(&p->p_lock);
1391
1392 if (lwp->lwp_curinfo == NULL)
1393 lwp->lwp_curinfo = sqp;
1394 else
1395 kmem_free(sqp, sizeof (sigqueue_t));
1396 /*
1397 * Copy contents of info to current siginfo_t.
1398 */
1399 bcopy(sip, &lwp->lwp_curinfo->sq_info,
1400 sizeof (lwp->lwp_curinfo->sq_info));
1401 /*
1402 * Prevent contents published by si_zoneid-unaware /proc
1403 * consumers from being incorrectly filtered. Because
1404 * an uninitialized si_zoneid is the same as
1405 * GLOBAL_ZONEID, this means that you can't pr_setsig a
1406 * process in a non-global zone with a siginfo which
1407 * appears to come from the global zone.
1408 */
1409 if (SI_FROMUSER(sip) && sip->si_zoneid == 0)
1410 lwp->lwp_curinfo->sq_info.si_zoneid =
1411 p->p_zone->zone_id;
1412 /*
1413 * Side-effects for SIGKILL and jobcontrol signals.
1414 */
1415 if (sig == SIGKILL) {
1416 p->p_flag |= SKILLED;
1417 p->p_flag &= ~SEXTKILLED;
1418 } else if (sig == SIGCONT) {
1419 p->p_flag |= SSCONT;
1420 sigdelq(p, NULL, SIGSTOP);
1421 sigdelq(p, NULL, SIGTSTP);
1422 sigdelq(p, NULL, SIGTTOU);
1423 sigdelq(p, NULL, SIGTTIN);
1424 sigdiffset(&p->p_sig, &stopdefault);
1425 sigdiffset(&p->p_extsig, &stopdefault);
1426 if ((tx = p->p_tlist) != NULL) {
1427 do {
1428 sigdelq(p, tx, SIGSTOP);
1429 sigdelq(p, tx, SIGTSTP);
1430 sigdelq(p, tx, SIGTTOU);
1431 sigdelq(p, tx, SIGTTIN);
1432 sigdiffset(&tx->t_sig, &stopdefault);
1433 sigdiffset(&tx->t_extsig, &stopdefault);
1434 } while ((tx = tx->t_forw) != p->p_tlist);
1435 }
1436 } else if (sigismember(&stopdefault, sig)) {
1437 if (PTOU(p)->u_signal[sig-1] == SIG_DFL &&
1438 (sig == SIGSTOP || !p->p_pgidp->pid_pgorphaned))
1439 p->p_flag &= ~SSCONT;
1440 sigdelq(p, NULL, SIGCONT);
1441 sigdelset(&p->p_sig, SIGCONT);
1442 sigdelset(&p->p_extsig, SIGCONT);
1443 if ((tx = p->p_tlist) != NULL) {
1444 do {
1445 sigdelq(p, tx, SIGCONT);
1446 sigdelset(&tx->t_sig, SIGCONT);
1447 sigdelset(&tx->t_extsig, SIGCONT);
1448 } while ((tx = tx->t_forw) != p->p_tlist);
1449 }
1450 }
1451 thread_lock(t);
1452 if (ISWAKEABLE(t) || ISWAITING(t)) {
1453 /* Set signaled sleeping/waiting lwp running */
1454 setrun_locked(t);
1455 } else if (t->t_state == TS_STOPPED && sig == SIGKILL) {
1456 /* If SIGKILL, set stopped lwp running */
1457 p->p_stopsig = 0;
1458 t->t_schedflag |= TS_XSTART | TS_PSTART;
1459 t->t_dtrace_stop = 0;
1460 setrun_locked(t);
1461 }
1462 t->t_sig_check = 1; /* so ISSIG will be done */
1463 thread_unlock(t);
1464 /*
1465 * More jobcontrol side-effects.
1466 */
1467 if (sig == SIGCONT && (tx = p->p_tlist) != NULL) {
1468 p->p_stopsig = 0;
1469 do {
1470 thread_lock(tx);
1471 if (tx->t_state == TS_STOPPED &&
1472 tx->t_whystop == PR_JOBCONTROL) {
1473 tx->t_schedflag |= TS_XSTART;
1474 setrun_locked(tx);
1475 }
1476 thread_unlock(tx);
1477 } while ((tx = tx->t_forw) != p->p_tlist);
1478 }
1479 }
1480 return (error);
1481 }
1482
1483 int
1484 pr_kill(prnode_t *pnp, int sig, cred_t *cr)
1485 {
1486 int nsig = PROC_IS_BRANDED(curproc)? BROP(curproc)->b_nsig : NSIG;
1487 prcommon_t *pcp = pnp->pr_common;
1488 proc_t *p = pcp->prc_proc;
1489 k_siginfo_t info;
1490
1491 if (sig <= 0 || sig >= nsig)
1492 return (EINVAL);
1493
1494 bzero(&info, sizeof (info));
1495 info.si_signo = sig;
1496 info.si_code = SI_USER;
1497 info.si_pid = curproc->p_pid;
1498 info.si_ctid = PRCTID(curproc);
1499 info.si_zoneid = getzoneid();
1500 info.si_uid = crgetruid(cr);
1501 sigaddq(p, (pcp->prc_flags & PRC_LWP)?
1502 pcp->prc_thread : NULL, &info, KM_NOSLEEP);
1503
1504 return (0);
1505 }
1506
1507 int
1508 pr_unkill(prnode_t *pnp, int sig)
1509 {
1510 int nsig = PROC_IS_BRANDED(curproc)? BROP(curproc)->b_nsig : NSIG;
1511 prcommon_t *pcp = pnp->pr_common;
1512 proc_t *p = pcp->prc_proc;
1513 sigqueue_t *infop = NULL;
1514
1515 if (sig <= 0 || sig >= nsig || sig == SIGKILL)
1516 return (EINVAL);
1517
1518 if (pcp->prc_flags & PRC_LWP)
1519 sigdeq(p, pcp->prc_thread, sig, &infop);
1520 else
1521 sigdeq(p, NULL, sig, &infop);
1522
1523 if (infop)
1524 siginfofree(infop);
1525
1526 return (0);
1527 }
1528
1529 int
1530 pr_nice(proc_t *p, int nice, cred_t *cr)
1531 {
1532 kthread_t *t;
1533 int err;
1534 int error = 0;
1535
1536 t = p->p_tlist;
1537 do {
1538 ASSERT(!(t->t_proc_flag & TP_LWPEXIT));
1539 err = CL_DONICE(t, cr, nice, NULL);
1540 schedctl_set_cidpri(t);
1541 if (error == 0)
1542 error = err;
1543 } while ((t = t->t_forw) != p->p_tlist);
1544
1545 return (error);
1546 }
1547
1548 void
1549 pr_setentryexit(proc_t *p, sysset_t *sysset, int entry)
1550 {
1551 user_t *up = PTOU(p);
1552
1553 if (entry) {
1554 prassignset(&up->u_entrymask, sysset);
1555 } else {
1556 prassignset(&up->u_exitmask, sysset);
1557 }
1558 if (!prisempty(&up->u_entrymask) ||
1559 !prisempty(&up->u_exitmask)) {
1560 up->u_systrap = 1;
1561 p->p_proc_flag |= P_PR_TRACE;
1562 set_proc_sys(p); /* set pre and post-sys flags */
1563 } else {
1564 up->u_systrap = 0;
1565 if (sigisempty(&p->p_sigmask) &&
1566 prisempty(&p->p_fltmask))
1567 p->p_proc_flag &= ~P_PR_TRACE;
1568 }
1569 }
1570
1571 #define ALLFLAGS \
1572 (PR_FORK|PR_RLC|PR_KLC|PR_ASYNC|PR_BPTADJ|PR_MSACCT|PR_MSFORK|\
1573 PR_PTRACE)
1574
1575 int
1576 pr_set(proc_t *p, long flags)
1577 {
1578 if ((p->p_flag & SSYS) || p->p_as == &kas)
1579 return (EBUSY);
1580
1581 if (flags & ~ALLFLAGS)
1582 return (EINVAL);
1583
1584 if (flags & PR_FORK)
1585 p->p_proc_flag |= P_PR_FORK;
1586 if (flags & PR_RLC)
1587 p->p_proc_flag |= P_PR_RUNLCL;
1588 if (flags & PR_KLC)
1589 p->p_proc_flag |= P_PR_KILLCL;
1590 if (flags & PR_ASYNC)
1591 p->p_proc_flag |= P_PR_ASYNC;
1592 if (flags & PR_BPTADJ)
1593 p->p_proc_flag |= P_PR_BPTADJ;
1594 if (flags & PR_MSACCT)
1595 if ((p->p_flag & SMSACCT) == 0)
1596 estimate_msacct(p->p_tlist, gethrtime());
1597 if (flags & PR_MSFORK)
1598 p->p_flag |= SMSFORK;
1599 if (flags & PR_PTRACE) {
1600 p->p_proc_flag |= P_PR_PTRACE;
1601 /* ptraced process must die if parent dead */
1602 if (p->p_ppid == 1)
1603 sigtoproc(p, NULL, SIGKILL);
1604 }
1605
1606 return (0);
1607 }
1608
1609 int
1610 pr_unset(proc_t *p, long flags)
1611 {
1612 if ((p->p_flag & SSYS) || p->p_as == &kas)
1613 return (EBUSY);
1614
1615 if (flags & ~ALLFLAGS)
1616 return (EINVAL);
1617
1618 if (flags & PR_FORK)
1619 p->p_proc_flag &= ~P_PR_FORK;
1620 if (flags & PR_RLC)
1621 p->p_proc_flag &= ~P_PR_RUNLCL;
1622 if (flags & PR_KLC)
1623 p->p_proc_flag &= ~P_PR_KILLCL;
1624 if (flags & PR_ASYNC)
1625 p->p_proc_flag &= ~P_PR_ASYNC;
1626 if (flags & PR_BPTADJ)
1627 p->p_proc_flag &= ~P_PR_BPTADJ;
1628 if (flags & PR_MSACCT)
1629 disable_msacct(p);
1630 if (flags & PR_MSFORK)
1631 p->p_flag &= ~SMSFORK;
1632 if (flags & PR_PTRACE)
1633 p->p_proc_flag &= ~P_PR_PTRACE;
1634
1635 return (0);
1636 }
1637
1638 static int
1639 pr_setfpregs(prnode_t *pnp, prfpregset_t *prfpregset)
1640 {
1641 proc_t *p = pnp->pr_common->prc_proc;
1642 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1643
1644 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1645 thread_unlock(t);
1646 return (EBUSY);
1647 }
1648 if (!prhasfp()) {
1649 thread_unlock(t);
1650 return (EINVAL); /* No FP support */
1651 }
1652
1653 /* drop p_lock while touching the lwp's stack */
1654 thread_unlock(t);
1655 mutex_exit(&p->p_lock);
1656 prsetprfpregs(ttolwp(t), prfpregset);
1657 mutex_enter(&p->p_lock);
1658
1659 return (0);
1660 }
1661
1662 #ifdef _SYSCALL32_IMPL
1663 static int
1664 pr_setfpregs32(prnode_t *pnp, prfpregset32_t *prfpregset)
1665 {
1666 proc_t *p = pnp->pr_common->prc_proc;
1667 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1668
1669 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1670 thread_unlock(t);
1671 return (EBUSY);
1672 }
1673 if (!prhasfp()) {
1674 thread_unlock(t);
1675 return (EINVAL); /* No FP support */
1676 }
1677
1678 /* drop p_lock while touching the lwp's stack */
1679 thread_unlock(t);
1680 mutex_exit(&p->p_lock);
1681 prsetprfpregs32(ttolwp(t), prfpregset);
1682 mutex_enter(&p->p_lock);
1683
1684 return (0);
1685 }
1686 #endif /* _SYSCALL32_IMPL */
1687
1688
1689 static int
1690 pr_setvaddr(prnode_t *pnp, caddr_t vaddr)
1691 {
1692 proc_t *p = pnp->pr_common->prc_proc;
1693 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1694
1695 if (!ISTOPPED(t) && !VSTOPPED(t) && !DSTOPPED(t)) {
1696 thread_unlock(t);
1697 return (EBUSY);
1698 }
1699
1700 /* drop p_lock while touching the lwp's stack */
1701 thread_unlock(t);
1702 mutex_exit(&p->p_lock);
1703 prsvaddr(ttolwp(t), vaddr);
1704 mutex_enter(&p->p_lock);
1705
1706 return (0);
1707 }
1708
1709 void
1710 pr_sethold(prnode_t *pnp, sigset_t *sp)
1711 {
1712 proc_t *p = pnp->pr_common->prc_proc;
1713 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1714
1715 schedctl_finish_sigblock(t);
1716 sigutok(sp, &t->t_hold);
1717 if (ISWAKEABLE(t) &&
1718 (fsig(&p->p_sig, t) || fsig(&t->t_sig, t)))
1719 setrun_locked(t);
1720 t->t_sig_check = 1; /* so thread will see new holdmask */
1721 thread_unlock(t);
1722 }
1723
1724 void
1725 pr_setfault(proc_t *p, fltset_t *fltp)
1726 {
1727 prassignset(&p->p_fltmask, fltp);
1728 if (!prisempty(&p->p_fltmask))
1729 p->p_proc_flag |= P_PR_TRACE;
1730 else if (sigisempty(&p->p_sigmask)) {
1731 user_t *up = PTOU(p);
1732 if (up->u_systrap == 0)
1733 p->p_proc_flag &= ~P_PR_TRACE;
1734 }
1735 }
1736
1737 static int
1738 pr_clearsig(prnode_t *pnp)
1739 {
1740 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1741 klwp_t *lwp = ttolwp(t);
1742
1743 thread_unlock(t);
1744 if (lwp->lwp_cursig == SIGKILL)
1745 return (EBUSY);
1746
1747 /*
1748 * Discard current siginfo_t, if any.
1749 */
1750 lwp->lwp_cursig = 0;
1751 lwp->lwp_extsig = 0;
1752 if (lwp->lwp_curinfo) {
1753 siginfofree(lwp->lwp_curinfo);
1754 lwp->lwp_curinfo = NULL;
1755 }
1756
1757 return (0);
1758 }
1759
1760 static int
1761 pr_clearflt(prnode_t *pnp)
1762 {
1763 kthread_t *t = pr_thread(pnp); /* returns locked thread */
1764
1765 thread_unlock(t);
1766 ttolwp(t)->lwp_curflt = 0;
1767
1768 return (0);
1769 }
1770
1771 static int
1772 pr_watch(prnode_t *pnp, prwatch_t *pwp, int *unlocked)
1773 {
1774 proc_t *p = pnp->pr_common->prc_proc;
1775 struct as *as = p->p_as;
1776 uintptr_t vaddr = pwp->pr_vaddr;
1777 size_t size = pwp->pr_size;
1778 int wflags = pwp->pr_wflags;
1779 ulong_t newpage = 0;
1780 struct watched_area *pwa;
1781 int error;
1782
1783 *unlocked = 0;
1784
1785 /*
1786 * Can't apply to a system process.
1787 */
1788 if ((p->p_flag & SSYS) || p->p_as == &kas)
1789 return (EBUSY);
1790
1791 /*
1792 * Verify that the address range does not wrap
1793 * and that only the proper flags were specified.
1794 */
1795 if ((wflags & ~WA_TRAPAFTER) == 0)
1796 size = 0;
1797 if (vaddr + size < vaddr ||
1798 (wflags & ~(WA_READ|WA_WRITE|WA_EXEC|WA_TRAPAFTER)) != 0 ||
1799 ((wflags & ~WA_TRAPAFTER) != 0 && size == 0))
1800 return (EINVAL);
1801
1802 /*
1803 * Don't let the address range go above as->a_userlimit.
1804 * There is no error here, just a limitation.
1805 */
1806 if (vaddr >= (uintptr_t)as->a_userlimit)
1807 return (0);
1808 if (vaddr + size > (uintptr_t)as->a_userlimit)
1809 size = (uintptr_t)as->a_userlimit - vaddr;
1810
1811 /*
1812 * Compute maximum number of pages this will add.
1813 */
1814 if ((wflags & ~WA_TRAPAFTER) != 0) {
1815 ulong_t pagespan = (vaddr + size) - (vaddr & PAGEMASK);
1816 newpage = btopr(pagespan);
1817 if (newpage > 2 * prnwatch)
1818 return (E2BIG);
1819 }
1820
1821 /*
1822 * Force the process to be fully stopped.
1823 */
1824 if (p == curproc) {
1825 prunlock(pnp);
1826 while (holdwatch() != 0)
1827 continue;
1828 if ((error = prlock(pnp, ZNO)) != 0) {
1829 continuelwps(p);
1830 *unlocked = 1;
1831 return (error);
1832 }
1833 } else {
1834 pauselwps(p);
1835 while (pr_allstopped(p, 0) > 0) {
1836 /*
1837 * This cv/mutex pair is persistent even
1838 * if the process disappears after we
1839 * unmark it and drop p->p_lock.
1840 */
1841 kcondvar_t *cv = &pr_pid_cv[p->p_slot];
1842 kmutex_t *mp = &p->p_lock;
1843
1844 prunmark(p);
1845 (void) cv_wait(cv, mp);
1846 mutex_exit(mp);
1847 if ((error = prlock(pnp, ZNO)) != 0) {
1848 /*
1849 * Unpause the process if it exists.
1850 */
1851 p = pr_p_lock(pnp);
1852 mutex_exit(&pr_pidlock);
1853 if (p != NULL) {
1854 unpauselwps(p);
1855 prunlock(pnp);
1856 }
1857 *unlocked = 1;
1858 return (error);
1859 }
1860 }
1861 }
1862
1863 /*
1864 * Drop p->p_lock in order to perform the rest of this.
1865 * The process is still locked with the P_PR_LOCK flag.
1866 */
1867 mutex_exit(&p->p_lock);
1868
1869 pwa = kmem_alloc(sizeof (struct watched_area), KM_SLEEP);
1870 pwa->wa_vaddr = (caddr_t)vaddr;
1871 pwa->wa_eaddr = (caddr_t)vaddr + size;
1872 pwa->wa_flags = (ulong_t)wflags;
1873
1874 error = ((pwa->wa_flags & ~WA_TRAPAFTER) == 0)?
1875 clear_watched_area(p, pwa) : set_watched_area(p, pwa);
1876
1877 if (p == curproc) {
1878 setallwatch();
1879 mutex_enter(&p->p_lock);
1880 continuelwps(p);
1881 } else {
1882 mutex_enter(&p->p_lock);
1883 unpauselwps(p);
1884 }
1885
1886 return (error);
1887 }
1888
1889 /* jobcontrol stopped, but with a /proc directed stop in effect */
1890 #define JDSTOPPED(t) \
1891 ((t)->t_state == TS_STOPPED && \
1892 (t)->t_whystop == PR_JOBCONTROL && \
1893 ((t)->t_proc_flag & TP_PRSTOP))
1894
1895 /*
1896 * pr_agent() creates the agent lwp. If the process is exiting while
1897 * we are creating an agent lwp, then exitlwps() waits until the
1898 * agent has been created using prbarrier().
1899 */
1900 static int
1901 pr_agent(prnode_t *pnp, prgregset_t prgregset, int *unlocked)
1902 {
1903 proc_t *p = pnp->pr_common->prc_proc;
1904 prcommon_t *pcp;
1905 kthread_t *t;
1906 kthread_t *ct;
1907 klwp_t *clwp;
1908 k_sigset_t smask;
1909 int cid;
1910 void *bufp = NULL;
1911 int error;
1912
1913 *unlocked = 0;
1914
1915 /*
1916 * Cannot create the /proc agent lwp if :-
1917 * - the process is not fully stopped or directed to stop.
1918 * - there is an agent lwp already.
1919 * - the process has been killed.
1920 * - the process is exiting.
1921 * - it's a vfork(2) parent.
1922 */
1923 t = prchoose(p); /* returns locked thread */
1924 ASSERT(t != NULL);
1925
1926 if ((!ISTOPPED(t) && !VSTOPPED(t) && !SUSPENDED(t) && !JDSTOPPED(t)) ||
1927 p->p_agenttp != NULL ||
1928 (p->p_flag & (SKILLED | SEXITING | SVFWAIT))) {
1929 thread_unlock(t);
1930 return (EBUSY);
1931 }
1932
1933 thread_unlock(t);
1934 mutex_exit(&p->p_lock);
1935
1936 sigfillset(&smask);
1937 sigdiffset(&smask, &cantmask);
1938 clwp = lwp_create(lwp_rtt, NULL, 0, p, TS_STOPPED,
1939 t->t_pri, &smask, NOCLASS, 0);
1940 if (clwp == NULL) {
1941 mutex_enter(&p->p_lock);
1942 return (ENOMEM);
1943 }
1944 prsetprregs(clwp, prgregset, 1);
1945
1946 /*
1947 * Because abandoning the agent inside the target process leads to
1948 * a state that is essentially undebuggable, we record the psinfo of
1949 * the process creating the agent and hang that off of the lwp.
1950 */
1951 clwp->lwp_spymaster = kmem_zalloc(sizeof (psinfo_t), KM_SLEEP);
1952 mutex_enter(&curproc->p_lock);
1953 prgetpsinfo(curproc, clwp->lwp_spymaster);
1954 mutex_exit(&curproc->p_lock);
1955
1956 /*
1957 * We overload pr_time in the spymaster to denote the time at which the
1958 * agent was created.
1959 */
1960 gethrestime(&clwp->lwp_spymaster->pr_time);
1961
1962 retry:
1963 cid = t->t_cid;
1964 (void) CL_ALLOC(&bufp, cid, KM_SLEEP);
1965 mutex_enter(&p->p_lock);
1966 if (cid != t->t_cid) {
1967 /*
1968 * Someone just changed this thread's scheduling class,
1969 * so try pre-allocating the buffer again. Hopefully we
1970 * don't hit this often.
1971 */
1972 mutex_exit(&p->p_lock);
1973 CL_FREE(cid, bufp);
1974 goto retry;
1975 }
1976
1977 clwp->lwp_ap = clwp->lwp_arg;
1978 clwp->lwp_eosys = NORMALRETURN;
1979 ct = lwptot(clwp);
1980 ct->t_clfuncs = t->t_clfuncs;
1981 CL_FORK(t, ct, bufp);
1982 ct->t_cid = t->t_cid;
1983 ct->t_proc_flag |= TP_PRSTOP;
1984 /*
1985 * Setting t_sysnum to zero causes post_syscall()
1986 * to bypass all syscall checks and go directly to
1987 * if (issig()) psig();
1988 * so that the agent lwp will stop in issig_forreal()
1989 * showing PR_REQUESTED.
1990 */
1991 ct->t_sysnum = 0;
1992 ct->t_post_sys = 1;
1993 ct->t_sig_check = 1;
1994 p->p_agenttp = ct;
1995 ct->t_proc_flag &= ~TP_HOLDLWP;
1996
1997 pcp = pnp->pr_pcommon;
1998 mutex_enter(&pcp->prc_mutex);
1999
2000 lwp_create_done(ct);
2001
2002 /*
2003 * Don't return until the agent is stopped on PR_REQUESTED.
2004 */
2005
2006 for (;;) {
2007 prunlock(pnp);
2008 *unlocked = 1;
2009
2010 /*
2011 * Wait for the agent to stop and notify us.
2012 * If we've been interrupted, return that information.
2013 */
2014 error = pr_wait(pcp, NULL, 0);
2015 if (error == EINTR) {
2016 error = 0;
2017 break;
2018 }
2019
2020 /*
2021 * Confirm that the agent LWP has stopped.
2022 */
2023
2024 if ((error = prlock(pnp, ZNO)) != 0)
2025 break;
2026 *unlocked = 0;
2027
2028 /*
2029 * Since we dropped the lock on the process, the agent
2030 * may have disappeared or changed. Grab the current
2031 * agent and check fail if it has disappeared.
2032 */
2033 if ((ct = p->p_agenttp) == NULL) {
2034 error = ENOENT;
2035 break;
2036 }
2037
2038 mutex_enter(&pcp->prc_mutex);
2039 thread_lock(ct);
2040
2041 if (ISTOPPED(ct)) {
2042 thread_unlock(ct);
2043 mutex_exit(&pcp->prc_mutex);
2044 break;
2045 }
2046
2047 thread_unlock(ct);
2048 }
2049
2050 return (error ? error : -1);
2051 }
2052
2053 static int
2054 pr_rdwr(proc_t *p, enum uio_rw rw, priovec_t *pio)
2055 {
2056 caddr_t base = (caddr_t)pio->pio_base;
2057 size_t cnt = pio->pio_len;
2058 uintptr_t offset = (uintptr_t)pio->pio_offset;
2059 struct uio auio;
2060 struct iovec aiov;
2061 int error = 0;
2062
2063 if ((p->p_flag & SSYS) || p->p_as == &kas)
2064 error = EIO;
2065 else if ((base + cnt) < base || (offset + cnt) < offset)
2066 error = EINVAL;
2067 else if (cnt != 0) {
2068 aiov.iov_base = base;
2069 aiov.iov_len = cnt;
2070
2071 auio.uio_loffset = offset;
2072 auio.uio_iov = &aiov;
2073 auio.uio_iovcnt = 1;
2074 auio.uio_resid = cnt;
2075 auio.uio_segflg = UIO_USERSPACE;
2076 auio.uio_llimit = (longlong_t)MAXOFFSET_T;
2077 auio.uio_fmode = FREAD|FWRITE;
2078 auio.uio_extflg = UIO_COPY_DEFAULT;
2079
2080 mutex_exit(&p->p_lock);
2081 error = prusrio(p, rw, &auio, 0);
2082 mutex_enter(&p->p_lock);
2083
2084 /*
2085 * We have no way to return the i/o count,
2086 * like read() or write() would do, so we
2087 * return an error if the i/o was truncated.
2088 */
2089 if (auio.uio_resid != 0 && error == 0)
2090 error = EIO;
2091 }
2092
2093 return (error);
2094 }
2095
2096 static int
2097 pr_scred(proc_t *p, prcred_t *prcred, cred_t *cr, boolean_t dogrps)
2098 {
2099 kthread_t *t;
2100 cred_t *oldcred;
2101 cred_t *newcred;
2102 uid_t oldruid;
2103 int error;
2104 zone_t *zone = crgetzone(cr);
2105
2106 if (!VALID_UID(prcred->pr_euid, zone) ||
2107 !VALID_UID(prcred->pr_ruid, zone) ||
2108 !VALID_UID(prcred->pr_suid, zone) ||
2109 !VALID_GID(prcred->pr_egid, zone) ||
2110 !VALID_GID(prcred->pr_rgid, zone) ||
2111 !VALID_GID(prcred->pr_sgid, zone))
2112 return (EINVAL);
2113
2114 if (dogrps) {
2115 int ngrp = prcred->pr_ngroups;
2116 int i;
2117
2118 if (ngrp < 0 || ngrp > ngroups_max)
2119 return (EINVAL);
2120
2121 for (i = 0; i < ngrp; i++) {
2122 if (!VALID_GID(prcred->pr_groups[i], zone))
2123 return (EINVAL);
2124 }
2125 }
2126
2127 error = secpolicy_allow_setid(cr, prcred->pr_euid, B_FALSE);
2128
2129 if (error == 0 && prcred->pr_ruid != prcred->pr_euid)
2130 error = secpolicy_allow_setid(cr, prcred->pr_ruid, B_FALSE);
2131
2132 if (error == 0 && prcred->pr_suid != prcred->pr_euid &&
2133 prcred->pr_suid != prcred->pr_ruid)
2134 error = secpolicy_allow_setid(cr, prcred->pr_suid, B_FALSE);
2135
2136 if (error)
2137 return (error);
2138
2139 mutex_exit(&p->p_lock);
2140
2141 /* hold old cred so it doesn't disappear while we dup it */
2142 mutex_enter(&p->p_crlock);
2143 crhold(oldcred = p->p_cred);
2144 mutex_exit(&p->p_crlock);
2145 newcred = crdup(oldcred);
2146 oldruid = crgetruid(oldcred);
2147 crfree(oldcred);
2148
2149 /* Error checking done above */
2150 (void) crsetresuid(newcred, prcred->pr_ruid, prcred->pr_euid,
2151 prcred->pr_suid);
2152 (void) crsetresgid(newcred, prcred->pr_rgid, prcred->pr_egid,
2153 prcred->pr_sgid);
2154
2155 if (dogrps) {
2156 (void) crsetgroups(newcred, prcred->pr_ngroups,
2157 prcred->pr_groups);
2158
2159 }
2160
2161 mutex_enter(&p->p_crlock);
2162 oldcred = p->p_cred;
2163 p->p_cred = newcred;
2164 mutex_exit(&p->p_crlock);
2165 crfree(oldcred);
2166
2167 /*
2168 * Keep count of processes per uid consistent.
2169 */
2170 if (oldruid != prcred->pr_ruid) {
2171 zoneid_t zoneid = crgetzoneid(newcred);
2172
2173 mutex_enter(&pidlock);
2174 upcount_dec(oldruid, zoneid);
2175 upcount_inc(prcred->pr_ruid, zoneid);
2176 mutex_exit(&pidlock);
2177 }
2178
2179 /*
2180 * Broadcast the cred change to the threads.
2181 */
2182 mutex_enter(&p->p_lock);
2183 t = p->p_tlist;
2184 do {
2185 t->t_pre_sys = 1; /* so syscall will get new cred */
2186 } while ((t = t->t_forw) != p->p_tlist);
2187
2188 return (0);
2189 }
2190
2191 /*
2192 * Change process credentials to specified zone. Used to temporarily
2193 * set a process to run in the global zone; only transitions between
2194 * the process's actual zone and the global zone are allowed.
2195 */
2196 static int
2197 pr_szoneid(proc_t *p, zoneid_t zoneid, cred_t *cr)
2198 {
2199 kthread_t *t;
2200 cred_t *oldcred;
2201 cred_t *newcred;
2202 zone_t *zptr;
2203 zoneid_t oldzoneid;
2204
2205 if (secpolicy_zone_config(cr) != 0)
2206 return (EPERM);
2207 if (zoneid != GLOBAL_ZONEID && zoneid != p->p_zone->zone_id)
2208 return (EINVAL);
2209 if ((zptr = zone_find_by_id(zoneid)) == NULL)
2210 return (EINVAL);
2211 mutex_exit(&p->p_lock);
2212 mutex_enter(&p->p_crlock);
2213 oldcred = p->p_cred;
2214 crhold(oldcred);
2215 mutex_exit(&p->p_crlock);
2216 newcred = crdup(oldcred);
2217 oldzoneid = crgetzoneid(oldcred);
2218 crfree(oldcred);
2219
2220 crsetzone(newcred, zptr);
2221 zone_rele(zptr);
2222
2223 mutex_enter(&p->p_crlock);
2224 oldcred = p->p_cred;
2225 p->p_cred = newcred;
2226 mutex_exit(&p->p_crlock);
2227 crfree(oldcred);
2228
2229 /*
2230 * The target process is changing zones (according to its cred), so
2231 * update the per-zone upcounts, which are based on process creds.
2232 */
2233 if (oldzoneid != zoneid) {
2234 uid_t ruid = crgetruid(newcred);
2235
2236 mutex_enter(&pidlock);
2237 upcount_dec(ruid, oldzoneid);
2238 upcount_inc(ruid, zoneid);
2239 mutex_exit(&pidlock);
2240 }
2241 /*
2242 * Broadcast the cred change to the threads.
2243 */
2244 mutex_enter(&p->p_lock);
2245 t = p->p_tlist;
2246 do {
2247 t->t_pre_sys = 1; /* so syscall will get new cred */
2248 } while ((t = t->t_forw) != p->p_tlist);
2249
2250 return (0);
2251 }
2252
2253 static int
2254 pr_spriv(proc_t *p, prpriv_t *prpriv, cred_t *cr)
2255 {
2256 kthread_t *t;
2257 int err;
2258
2259 ASSERT(MUTEX_HELD(&p->p_lock));
2260
2261 if ((err = priv_pr_spriv(p, prpriv, cr)) == 0) {
2262 /*
2263 * Broadcast the cred change to the threads.
2264 */
2265 t = p->p_tlist;
2266 do {
2267 t->t_pre_sys = 1; /* so syscall will get new cred */
2268 } while ((t = t->t_forw) != p->p_tlist);
2269 }
2270
2271 return (err);
2272 }
2273
2274 /*
2275 * Return -1 if the process is the parent of a vfork(1) whose child has yet to
2276 * terminate or perform an exec(2).
2277 *
2278 * Returns 0 if the process is fully stopped except for the current thread (if
2279 * we are operating on our own process), 1 otherwise.
2280 *
2281 * If the watchstop flag is set, then we ignore threads with TP_WATCHSTOP set.
2282 * See holdwatch() for details.
2283 */
2284 int
2285 pr_allstopped(proc_t *p, int watchstop)
2286 {
2287 kthread_t *t;
2288 int rv = 0;
2289
2290 ASSERT(MUTEX_HELD(&p->p_lock));
2291
2292 if (p->p_flag & SVFWAIT) /* waiting for vfork'd child to exec */
2293 return (-1);
2294
2295 if ((t = p->p_tlist) != NULL) {
2296 do {
2297 if (t == curthread || VSTOPPED(t) ||
2298 (watchstop && (t->t_proc_flag & TP_WATCHSTOP)))
2299 continue;
2300 thread_lock(t);
2301 switch (t->t_state) {
2302 case TS_ZOMB:
2303 case TS_STOPPED:
2304 break;
2305 case TS_SLEEP:
2306 if (!(t->t_flag & T_WAKEABLE) ||
2307 t->t_wchan0 == NULL)
2308 rv = 1;
2309 break;
2310 default:
2311 rv = 1;
2312 break;
2313 }
2314 thread_unlock(t);
2315 } while (rv == 0 && (t = t->t_forw) != p->p_tlist);
2316 }
2317
2318 return (rv);
2319 }
2320
2321 /*
2322 * Cause all lwps in the process to pause (for watchpoint operations).
2323 */
2324 static void
2325 pauselwps(proc_t *p)
2326 {
2327 kthread_t *t;
2328
2329 ASSERT(MUTEX_HELD(&p->p_lock));
2330 ASSERT(p != curproc);
2331
2332 if ((t = p->p_tlist) != NULL) {
2333 do {
2334 thread_lock(t);
2335 t->t_proc_flag |= TP_PAUSE;
2336 aston(t);
2337 if ((ISWAKEABLE(t) && (t->t_wchan0 == NULL)) ||
2338 ISWAITING(t)) {
2339 setrun_locked(t);
2340 }
2341 prpokethread(t);
2342 thread_unlock(t);
2343 } while ((t = t->t_forw) != p->p_tlist);
2344 }
2345 }
2346
2347 /*
2348 * undo the effects of pauselwps()
2349 */
2350 static void
2351 unpauselwps(proc_t *p)
2352 {
2353 kthread_t *t;
2354
2355 ASSERT(MUTEX_HELD(&p->p_lock));
2356 ASSERT(p != curproc);
2357
2358 if ((t = p->p_tlist) != NULL) {
2359 do {
2360 thread_lock(t);
2361 t->t_proc_flag &= ~TP_PAUSE;
2362 if (t->t_state == TS_STOPPED) {
2363 t->t_schedflag |= TS_UNPAUSE;
2364 t->t_dtrace_stop = 0;
2365 setrun_locked(t);
2366 }
2367 thread_unlock(t);
2368 } while ((t = t->t_forw) != p->p_tlist);
2369 }
2370 }
2371
2372 /*
2373 * Cancel all watched areas. Called from prclose().
2374 */
2375 proc_t *
2376 pr_cancel_watch(prnode_t *pnp)
2377 {
2378 proc_t *p = pnp->pr_pcommon->prc_proc;
2379 struct as *as;
2380 kthread_t *t;
2381
2382 ASSERT(MUTEX_HELD(&p->p_lock) && (p->p_proc_flag & P_PR_LOCK));
2383
2384 if (!pr_watch_active(p))
2385 return (p);
2386
2387 /*
2388 * Pause the process before dealing with the watchpoints.
2389 */
2390 if (p == curproc) {
2391 prunlock(pnp);
2392 while (holdwatch() != 0)
2393 continue;
2394 p = pr_p_lock(pnp);
2395 mutex_exit(&pr_pidlock);
2396 ASSERT(p == curproc);
2397 } else {
2398 pauselwps(p);
2399 while (p != NULL && pr_allstopped(p, 0) > 0) {
2400 /*
2401 * This cv/mutex pair is persistent even
2402 * if the process disappears after we
2403 * unmark it and drop p->p_lock.
2404 */
2405 kcondvar_t *cv = &pr_pid_cv[p->p_slot];
2406 kmutex_t *mp = &p->p_lock;
2407
2408 prunmark(p);
2409 (void) cv_wait(cv, mp);
2410 mutex_exit(mp);
2411 p = pr_p_lock(pnp); /* NULL if process disappeared */
2412 mutex_exit(&pr_pidlock);
2413 }
2414 }
2415
2416 if (p == NULL) /* the process disappeared */
2417 return (NULL);
2418
2419 ASSERT(p == pnp->pr_pcommon->prc_proc);
2420 ASSERT(MUTEX_HELD(&p->p_lock) && (p->p_proc_flag & P_PR_LOCK));
2421
2422 if (pr_watch_active(p)) {
2423 pr_free_watchpoints(p);
2424 if ((t = p->p_tlist) != NULL) {
2425 do {
2426 watch_disable(t);
2427
2428 } while ((t = t->t_forw) != p->p_tlist);
2429 }
2430 }
2431
2432 if ((as = p->p_as) != NULL) {
2433 avl_tree_t *tree;
2434 struct watched_page *pwp;
2435
2436 /*
2437 * If this is the parent of a vfork, the watched page
2438 * list has been moved temporarily to p->p_wpage.
2439 */
2440 if (avl_numnodes(&p->p_wpage) != 0)
2441 tree = &p->p_wpage;
2442 else
2443 tree = &as->a_wpage;
2444
2445 mutex_exit(&p->p_lock);
2446 AS_LOCK_ENTER(as, RW_WRITER);
2447
2448 for (pwp = avl_first(tree); pwp != NULL;
2449 pwp = AVL_NEXT(tree, pwp)) {
2450 pwp->wp_read = 0;
2451 pwp->wp_write = 0;
2452 pwp->wp_exec = 0;
2453 if ((pwp->wp_flags & WP_SETPROT) == 0) {
2454 pwp->wp_flags |= WP_SETPROT;
2455 pwp->wp_prot = pwp->wp_oprot;
2456 pwp->wp_list = p->p_wprot;
2457 p->p_wprot = pwp;
2458 }
2459 }
2460
2461 AS_LOCK_EXIT(as);
2462 mutex_enter(&p->p_lock);
2463 }
2464
2465 /*
2466 * Unpause the process now.
2467 */
2468 if (p == curproc)
2469 continuelwps(p);
2470 else
2471 unpauselwps(p);
2472
2473 return (p);
2474 }
unleashed repo fork