From nobody Wed Oct 18 18:03:52 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4S9dyK1FC7z4xKyQ;
	Wed, 18 Oct 2023 18:03:53 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4S9dyJ5kVyz4Xdm;
	Wed, 18 Oct 2023 18:03:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1697652232;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aTdETYJsSVgzVjtMcwERNCaXXLm/A/NZDmhK1MzoPlg=;
	b=YiArP/M/1NqbT+2hcjrzH8Wl8upJ5QKtcpGZMut9MZYq+oVAjoX7vgcPrLZSaVHHFrDcdN
	Cv/R0bu4hrAezNnVZb8zRcTDPJxOBYcHIUKlNylGk5y90e6zgVXFJmBJD1YpXpRCGbCALj
	1dfiqnk6csotil4pDwiQbyR722u+NKgebJ7ku5SMX2OzUofJj6DU0wyqIpPzkLHlkesIry
	IOwT7R/mSz6RMg5AZ3lf2MRTDrtP/AIPwlY/fawo1Btm/Wih0p/Ho1RcMkEyaNIEUJcV8A
	bRnXDc4csZ9dDfuFoblIm8vm3y2svoiGtD4S+EY0o67BsunaeJvqp3X2tTRbOw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1697652232; a=rsa-sha256; cv=none;
	b=PUlpOYlPw7Phj4vZjCRZT0Ka9ieZA1n5VvBksqtJToaEKG65e1AzFHbsmdAySt66uPp1N5
	WvgQMFVYNyCmjrgGK6Lzp0hPFygnD3xvTYiv5e3DEntpJ1YPqyKZwXtNO9Y4W0hh+BsrK8
	b7YeQOKa1fiBp/sCVcBLSjgV/PJ2GURQoFP7Z7WtRiZ5wanUhWzBDvEhJRa2rfpdJ3L+qd
	uWcI+q/XJZR4wNiXFnZfMHWar8sKE3rZVMwtVE6Mx2JoheleFbobnb9wbgmZLq0xHr5YaZ
	AKlUOIysL/pzOPfKhK8oBLTeLx154/Fa6t0Afn/qoO9jv/cN1kwvyC5pUTB1Eg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1697652232;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=aTdETYJsSVgzVjtMcwERNCaXXLm/A/NZDmhK1MzoPlg=;
	b=U8xgwhYtlNTtU73KYoJWbU5TH1+nqtLkkkHf5VcHKndwTxNnC5399EwTS68WYJ/Eke5T/X
	w0XmJaiLf741SjQ7I0ViNdloDbTSyU+UfsuTjF0LjtNGWc12V/88JjQa8Om03+iaezR/AP
	91jYepTCKZCwsvaVI1jdTfdng4HEaTLpUw6vcK9/j/rKPnAIV2UT5LTvaMXUmX4nPdXiFS
	9YVlyMj6N5GwjFiRU2fqiOpN/QfwT16S2NN/YzBREp2PVDgxxMkmXOTxKY4s9c3Er8jVb3
	paRNecjRYEUYFRUo9nyGacyqb5WFLx6HYckfaqZhcpHNqVp0Wm+MV8bpBD4gqQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4S9dyJ4qn2z2RF;
	Wed, 18 Oct 2023 18:03:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 39II3qqR044818;
	Wed, 18 Oct 2023 18:03:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 39II3qFo044815;
	Wed, 18 Oct 2023 18:03:52 GMT
	(envelope-from git)
Date: Wed, 18 Oct 2023 18:03:52 GMT
Message-Id: <202310181803.39II3qFo044815@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Mitchell Horne <mhorne@FreeBSD.org>
Subject: git: daf8ad192942 - releng/14.0 - p_candebug(9):
  cr_bsd_visible() impacts, misc fixes
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mhorne
X-Git-Repository: src
X-Git-Refname: refs/heads/releng/14.0
X-Git-Reftype: branch
X-Git-Commit: daf8ad192942f6d9da1affca6a0ea9d3da42101f
Auto-Submitted: auto-generated

The branch releng/14.0 has been updated by mhorne:

URL: https://cgit.FreeBSD.org/src/commit/?id=daf8ad192942f6d9da1affca6a0ea9d3da42101f

commit daf8ad192942f6d9da1affca6a0ea9d3da42101f
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:43 +0000
Commit:     Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-10-18 18:01:26 +0000

    p_candebug(9): cr_bsd_visible() impacts, misc fixes
    
    Mention cr_bsd_visible(9).  Remove references to cr_canseeothergids(9)
    and cr_canseeotheruids(9), as well as indirect references not
    immediately useful.
    
    Fix description of credentials checks to match reality.
    
    Re-order errors to match code's check order.
    
    Approved by:            re (gjb)
    Reviewed by:            bcr, pauamma_gundo.com
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40638
    
    (cherry picked from commit eb94f24fab4b44f13ca045370d9fcf12ca8835f2)
    (cherry picked from commit c29ee9e238b36ef8a7c4508582d4512cda885192)
---
 share/man/man9/p_candebug.9 | 103 ++++++++++++++++++++++++--------------------
 1 file changed, 56 insertions(+), 47 deletions(-)

diff --git a/share/man/man9/p_candebug.9 b/share/man/man9/p_candebug.9
index e80d313de55c..c824db974154 100644
--- a/share/man/man9/p_candebug.9
+++ b/share/man/man9/p_candebug.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -25,7 +26,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt P_CANDEBUG 9
 .Os
 .Sh NAME
@@ -37,24 +38,27 @@
 .Ft int
 .Fn p_candebug "struct thread *td" "struct proc *p"
 .Sh DESCRIPTION
-This function can be used to determine if a given process
+This function determines if a given process
 .Fa p
-is debuggable by the thread
+is debuggable by some thread
 .Fa td .
-.Sh SYSCTL VARIABLES
+.Pp
 The following
 .Xr sysctl 8
 variables directly influence the behaviour of
 .Fn p_candebug :
 .Bl -tag -width indent
+.It Va security.bsd.unprivileged_proc_debug
+Must be set to a non-zero value to allow unprivileged processes
+access to the kernel's debug facilities.
 .It Va kern.securelevel
 Debugging of the init process is not allowed if this variable is
 .Li 1
 or greater.
-.It Va security.bsd.unprivileged_proc_debug
-Must be set to a non-zero value to allow unprivileged processes
-access to the kernel's debug facilities.
 .El
+.Pp
+Other such variables indirectly influence it; see
+.Xr cr_bsd_visible 9 .
 .Sh RETURN VALUES
 The
 .Fn p_candebug
@@ -68,35 +72,45 @@ is debuggable by thread
 or a non-zero error return value otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
-.It Bq Er EACCESS
-The MAC subsystem denied debuggability.
-.It Bq Er EAGAIN
-Process
-.Fa p
-is in the process of being
-.Fn exec Ns 'ed.
 .It Bq Er EPERM
+An unprivileged process attempted to debug another process but the system is
+configured to deny it
+.Po
+see
+.Xr sysctl 8
+variable
+.Va security.bsd.unprivileged_proc_debug
+above
+.Pc .
+.It Bq Er ESRCH
 Thread
 .Fa td
-lacks super-user credentials and process
-.Fa p
-is executing a set-user-ID or set-group-ID executable.
+has been jailed and the process to debug does not belong to the same jail or one
+of its sub-jails, as determined by
+.Xr prison_check 9 .
+.It Bq Er ESRCH
+.Xr cr_bsd_visible 9
+denied visibility according to the BSD security policies in force.
 .It Bq Er EPERM
 Thread
 .Fa td
-lacks super-user credentials and process
+lacks superuser credentials and its (effective) group set is not a superset of
+process
 .Fa p Ns 's
-group set is not a subset of
-.Fa td Ns 's
-effective group set.
+whole group set
+.Pq "including real, effective and saved group IDs" .
 .It Bq Er EPERM
 Thread
 .Fa td
-lacks super-user credentials and process
-.Fa p Ns 's
-user IDs do not match thread
-.Fa td Ns 's
-effective user ID.
+lacks superuser credentials and its (effective) user ID does not match all user
+IDs of process
+.Fa p .
+.It Bq Er EPERM
+Thread
+.Fa td
+lacks superuser credentials and process
+.Fa p
+is executing a set-user-ID or set-group-ID executable.
 .It Bq Er EPERM
 Process
 .Fa p
@@ -107,30 +121,25 @@ and the
 variable
 .Va kern.securelevel
 is greater than zero.
-.It Bq Er ESRCH
+.It Bq Er EBUSY
 Process
 .Fa p
-is not visible to thread
-.Fa td
-as determined by
-.Xr cr_canseeotheruids 9
-or
-.Xr cr_canseeothergids 9 .
-.It Bq Er ESRCH
-Thread
-.Fa td
-has been jailed and process
+is in the process of being
+.Fn exec Ns 'ed.
+.It Bq Er EPERM
+Process
 .Fa p
-does not belong to the same jail as
-.Fa td .
-.It Bq Er ESRCH
-The MAC subsystem denied debuggability.
+denied debuggability
+.Po
+see
+.Xr procctl 2 ,
+command
+.Dv PROC_TRACE_CTL
+.Pc .
 .El
 .Sh SEE ALSO
-.Xr jail 2 ,
-.Xr sysctl 8 ,
-.Xr cr_canseeothergids 9 ,
-.Xr cr_canseeotheruids 9 ,
+.Xr prison_check 9 ,
 .Xr mac 9 ,
-.Xr p_cansee 9 ,
-.Xr prison_check 9
+.Xr cr_bsd_visible 9 ,
+.Xr procctl 2 ,
+.Xr p_cansee 9