From owner-svn-src-stable-9@FreeBSD.ORG Thu Jan 2 21:57:08 2014 Return-Path: Delivered-To: svn-src-stable-9@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 44927897; Thu, 2 Jan 2014 21:57:08 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 2D6601760; Thu, 2 Jan 2014 21:57:08 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s02Lv82n008095; Thu, 2 Jan 2014 21:57:08 GMT (envelope-from jhb@svn.freebsd.org) Received: (from jhb@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s02Lv3nS008068; Thu, 2 Jan 2014 21:57:03 GMT (envelope-from jhb@svn.freebsd.org) Message-Id: <201401022157.s02Lv3nS008068@svn.freebsd.org> From: John Baldwin Date: Thu, 2 Jan 2014 21:57:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r260208 - in stable/9: lib/libc/sys sys/compat/freebsd32 sys/kern sys/sys sys/vm usr.bin usr.bin/kdump usr.bin/protect usr.bin/truss X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-9@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for only the 9-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jan 2014 21:57:08 -0000 Author: jhb Date: Thu Jan 2 21:57:03 2014 New Revision: 260208 URL: http://svnweb.freebsd.org/changeset/base/260208 Log: MFC 255708,255711,255731: Extend the support for exempting processes from being killed when swap is exhausted. - Add a new protect(1) command that can be used to set or revoke protection from arbitrary processes. Similar to ktrace it can apply a change to all existing descendants of a process as well as future descendants. - Add a new procctl(2) system call that provides a generic interface for control operations on processes (as opposed to the debugger-specific operations provided by ptrace(2)). procctl(2) uses a combination of idtype_t and an id to identify the set of processes on which to operate similar to wait6(). - Add a PROC_SPROTECT control operation to manage the protection status of a set of processes. MADV_PROTECT still works for backwards compatability. - Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc) the first bit of which is used to track if P_PROTECT should be inherited by new child processes. Added: stable/9/lib/libc/sys/procctl.2 - copied, changed from r255708, head/lib/libc/sys/procctl.2 stable/9/sys/sys/procctl.h - copied unchanged from r255708, head/sys/sys/procctl.h - copied from r255708, head/usr.bin/protect/ Directory Properties: stable/9/usr.bin/protect/ (props changed) Modified: stable/9/lib/libc/sys/Makefile.inc stable/9/lib/libc/sys/Symbol.map stable/9/sys/compat/freebsd32/freebsd32.h stable/9/sys/compat/freebsd32/freebsd32_misc.c stable/9/sys/compat/freebsd32/syscalls.master stable/9/sys/kern/init_main.c stable/9/sys/kern/kern_fork.c stable/9/sys/kern/kern_proc.c stable/9/sys/kern/sys_process.c stable/9/sys/kern/syscalls.master stable/9/sys/sys/proc.h stable/9/sys/sys/syscallsubr.h stable/9/sys/sys/user.h stable/9/sys/vm/vm_mmap.c stable/9/usr.bin/Makefile stable/9/usr.bin/kdump/kdump.c stable/9/usr.bin/kdump/mksubr stable/9/usr.bin/protect/protect.1 stable/9/usr.bin/truss/syscall.h stable/9/usr.bin/truss/syscalls.c Directory Properties: stable/9/lib/libc/ (props changed) stable/9/lib/libc/sys/ (props changed) stable/9/sys/ (props changed) stable/9/sys/sys/ (props changed) stable/9/usr.bin/ (props changed) stable/9/usr.bin/kdump/ (props changed) stable/9/usr.bin/truss/ (props changed) Modified: stable/9/lib/libc/sys/Makefile.inc ============================================================================== --- stable/9/lib/libc/sys/Makefile.inc Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/lib/libc/sys/Makefile.inc Thu Jan 2 21:57:03 2014 (r260208) @@ -101,7 +101,7 @@ MAN+= abort2.2 accept.2 access.2 acct.2 msgctl.2 msgget.2 msgrcv.2 msgsnd.2 \ msync.2 munmap.2 nanosleep.2 nfssvc.2 ntp_adjtime.2 open.2 \ pathconf.2 pdfork.2 pipe.2 poll.2 posix_fadvise.2 posix_fallocate.2 \ - posix_openpt.2 profil.2 \ + posix_openpt.2 procctl.2 profil.2 \ pselect.2 ptrace.2 quotactl.2 \ read.2 readlink.2 reboot.2 recv.2 rename.2 revoke.2 rfork.2 rmdir.2 \ rtprio.2 Modified: stable/9/lib/libc/sys/Symbol.map ============================================================================== --- stable/9/lib/libc/sys/Symbol.map Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/lib/libc/sys/Symbol.map Thu Jan 2 21:57:03 2014 (r260208) @@ -381,6 +381,7 @@ FBSD_1.2 { FBSD_1.3 { clock_getcpuclockid2; posix_fadvise; + procctl; wait6; }; @@ -806,6 +807,8 @@ FBSDprivate_1.0 { __sys_poll; _preadv; __sys_preadv; + _procctl; + __sys_procctl; _profil; __sys_profil; _pselect; Copied and modified: stable/9/lib/libc/sys/procctl.2 (from r255708, head/lib/libc/sys/procctl.2) ============================================================================== --- head/lib/libc/sys/procctl.2 Thu Sep 19 18:53:42 2013 (r255708, copy source) +++ stable/9/lib/libc/sys/procctl.2 Thu Jan 2 21:57:03 2014 (r260208) @@ -54,7 +54,7 @@ to control as many of the selected possi An error is only returned if no selected processes successfully complete the request. The following identifier types are supported: -.Bl -tag -width Dv P_PGID +.Bl -tag -width "Dv P_PGID" .It Dv P_PID Control the process with the process ID .Fa id . @@ -67,7 +67,7 @@ The control request to perform is specif .Fa cmd argument. The following commands are supported: -.Bl -tag -width Dv PROC_SPROTECT +.Bl -tag -width "Dv PROC_SPROTECT" .It Dv PROC_SPROTECT Set process protection state. This is used to mark a process as protected from being killed if the system @@ -77,7 +77,7 @@ The parameter must point to an integer containing an operation and zero or more optional flags. The following operations are supported: -.Bl -tag -width Dv PPROT_CLEAR +.Bl -tag -width "Dv PPROT_CLEAR" .It Dv PPROT_SET Mark the selected processes as protected. .It Dv PPROT_CLEAR @@ -85,7 +85,7 @@ Clear the protected state of selected pr .El .Pp The following optional flags are supported: -.Bl -tag -width Dv PPROT_DESCEND +.Bl -tag -width "Dv PPROT_DESCE" .It Dv PPROT_DESCEND Apply the requested operation to all child processes of each selected process in addition to each selected process. Modified: stable/9/sys/compat/freebsd32/freebsd32.h ============================================================================== --- stable/9/sys/compat/freebsd32/freebsd32.h Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/compat/freebsd32/freebsd32.h Thu Jan 2 21:57:03 2014 (r260208) @@ -334,6 +334,8 @@ struct kinfo_proc32 { char ki_loginclass[LOGINCLASSLEN+1]; char ki_sparestrings[50]; int ki_spareints[KI_NSPARE_INT]; + int ki_flag2; + int ki_fibnum; u_int ki_cr_flags; int ki_jid; int ki_numthreads; Modified: stable/9/sys/compat/freebsd32/freebsd32_misc.c ============================================================================== --- stable/9/sys/compat/freebsd32/freebsd32_misc.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/compat/freebsd32/freebsd32_misc.c Thu Jan 2 21:57:03 2014 (r260208) @@ -55,6 +55,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -2990,3 +2991,23 @@ convert_sigevent32(struct sigevent32 *si } return (0); } + +int +freebsd32_procctl(struct thread *td, struct freebsd32_procctl_args *uap) +{ + void *data; + int error, flags; + + switch (uap->com) { + case PROC_SPROTECT: + error = copyin(PTRIN(uap->data), &flags, sizeof(flags)); + if (error) + return (error); + data = &flags; + break; + default: + return (EINVAL); + } + return (kern_procctl(td, uap->idtype, PAIR32TO64(id_t, uap->id), + uap->com, data)); +} Modified: stable/9/sys/compat/freebsd32/syscalls.master ============================================================================== --- stable/9/sys/compat/freebsd32/syscalls.master Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/compat/freebsd32/syscalls.master Thu Jan 2 21:57:03 2014 (r260208) @@ -1027,3 +1027,23 @@ struct wrusage32 *wrusage, \ siginfo_t *info); } #endif +533 AUE_NULL UNIMPL cap_rights_limit +534 AUE_NULL UNIMPL cap_ioctls_limit +535 AUE_NULL UNIMPL cap_ioctls_get +536 AUE_NULL UNIMPL cap_fcntls_limit +537 AUE_NULL UNIMPL cap_fcntls_get +538 AUE_NULL UNIMPL bindat +539 AUE_NULL UNIMPL connectat +540 AUE_NULL UNIMPL chflagsat +541 AUE_NULL UNIMPL accept4 +542 AUE_NULL UNIMPL pipe2 +543 AUE_NULL UNIMPL aio_mlock +#ifdef PAD64_REQUIRED +544 AUE_NULL STD { int freebsd32_procctl(int idtype, int pad, \ + uint32_t id1, uint32_t id2, int com, \ + void *data); } +#else +544 AUE_NULL STD { int freebsd32_procctl(int idtype, \ + uint32_t id1, uint32_t id2, int com, \ + void *data); } +#endif Modified: stable/9/sys/kern/init_main.c ============================================================================== --- stable/9/sys/kern/init_main.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/kern/init_main.c Thu Jan 2 21:57:03 2014 (r260208) @@ -476,6 +476,7 @@ proc0_init(void *dummy __unused) p->p_sysent = &null_sysvec; p->p_flag = P_SYSTEM | P_INMEM; + p->p_flag2 = 0; p->p_state = PRS_NORMAL; knlist_init_mtx(&p->p_klist, &p->p_mtx); STAILQ_INIT(&p->p_ktr); Modified: stable/9/sys/kern/kern_fork.c ============================================================================== --- stable/9/sys/kern/kern_fork.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/kern/kern_fork.c Thu Jan 2 21:57:03 2014 (r260208) @@ -494,6 +494,7 @@ do_fork(struct thread *td, int flags, st * Increase reference counts on shared objects. */ p2->p_flag = P_INMEM; + p2->p_flag2 = 0; p2->p_swtick = ticks; if (p1->p_flag & P_PROFIL) startprofclock(p2); @@ -517,6 +518,11 @@ do_fork(struct thread *td, int flags, st p2->p_fd = fd; p2->p_fdtol = fdtol; + if (p1->p_flag2 & P2_INHERIT_PROTECTED) { + p2->p_flag |= P_PROTECTED; + p2->p_flag2 |= P2_INHERIT_PROTECTED; + } + /* * p_limit is copy-on-write. Bump its refcount. */ Modified: stable/9/sys/kern/kern_proc.c ============================================================================== --- stable/9/sys/kern/kern_proc.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/kern/kern_proc.c Thu Jan 2 21:57:03 2014 (r260208) @@ -803,6 +803,7 @@ fill_kinfo_proc_only(struct proc *p, str kp->ki_fd = p->p_fd; kp->ki_vmspace = p->p_vmspace; kp->ki_flag = p->p_flag; + kp->ki_flag2 = p->p_flag2; cred = p->p_ucred; if (cred) { kp->ki_uid = cred->cr_uid; @@ -1161,6 +1162,8 @@ freebsd32_kinfo_proc_out(const struct ki bcopy(ki->ki_comm, ki32->ki_comm, COMMLEN + 1); bcopy(ki->ki_emul, ki32->ki_emul, KI_EMULNAMELEN + 1); bcopy(ki->ki_loginclass, ki32->ki_loginclass, LOGINCLASSLEN + 1); + CP(*ki, *ki32, ki_flag2); + CP(*ki, *ki32, ki_fibnum); CP(*ki, *ki32, ki_cr_flags); CP(*ki, *ki32, ki_jid); CP(*ki, *ki32, ki_numthreads); Modified: stable/9/sys/kern/sys_process.c ============================================================================== --- stable/9/sys/kern/sys_process.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/kern/sys_process.c Thu Jan 2 21:57:03 2014 (r260208) @@ -41,7 +41,9 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include +#include #include #include #include @@ -1242,3 +1244,196 @@ stopevent(struct proc *p, unsigned int e msleep(&p->p_step, &p->p_mtx, PWAIT, "stopevent", 0); } while (p->p_step); } + +static int +protect_setchild(struct thread *td, struct proc *p, int flags) +{ + + PROC_LOCK_ASSERT(p, MA_OWNED); + if (p->p_flag & P_SYSTEM || p_cansee(td, p) != 0) + return (0); + if (flags & PPROT_SET) { + p->p_flag |= P_PROTECTED; + if (flags & PPROT_INHERIT) + p->p_flag2 |= P2_INHERIT_PROTECTED; + } else { + p->p_flag &= ~P_PROTECTED; + p->p_flag2 &= ~P2_INHERIT_PROTECTED; + } + return (1); +} + +static int +protect_setchildren(struct thread *td, struct proc *top, int flags) +{ + struct proc *p; + int ret; + + p = top; + ret = 0; + sx_assert(&proctree_lock, SX_LOCKED); + for (;;) { + ret |= protect_setchild(td, p, flags); + PROC_UNLOCK(p); + /* + * If this process has children, descend to them next, + * otherwise do any siblings, and if done with this level, + * follow back up the tree (but not past top). + */ + if (!LIST_EMPTY(&p->p_children)) + p = LIST_FIRST(&p->p_children); + else for (;;) { + if (p == top) { + PROC_LOCK(p); + return (ret); + } + if (LIST_NEXT(p, p_sibling)) { + p = LIST_NEXT(p, p_sibling); + break; + } + p = p->p_pptr; + } + PROC_LOCK(p); + } +} + +static int +protect_set(struct thread *td, struct proc *p, int flags) +{ + int error, ret; + + switch (PPROT_OP(flags)) { + case PPROT_SET: + case PPROT_CLEAR: + break; + default: + return (EINVAL); + } + + if ((PPROT_FLAGS(flags) & ~(PPROT_DESCEND | PPROT_INHERIT)) != 0) + return (EINVAL); + + error = priv_check(td, PRIV_VM_MADV_PROTECT); + if (error) + return (error); + + if (flags & PPROT_DESCEND) + ret = protect_setchildren(td, p, flags); + else + ret = protect_setchild(td, p, flags); + if (ret == 0) + return (EPERM); + return (0); +} + +#ifndef _SYS_SYSPROTO_H_ +struct procctl_args { + idtype_t idtype; + id_t id; + int com; + void *data; +}; +#endif +/* ARGSUSED */ +int +sys_procctl(struct thread *td, struct procctl_args *uap) +{ + int error, flags; + void *data; + + switch (uap->com) { + case PROC_SPROTECT: + error = copyin(uap->data, &flags, sizeof(flags)); + if (error) + return (error); + data = &flags; + break; + default: + return (EINVAL); + } + + return (kern_procctl(td, uap->idtype, uap->id, uap->com, data)); +} + +static int +kern_procctl_single(struct thread *td, struct proc *p, int com, void *data) +{ + + PROC_LOCK_ASSERT(p, MA_OWNED); + switch (com) { + case PROC_SPROTECT: + return (protect_set(td, p, *(int *)data)); + default: + return (EINVAL); + } +} + +int +kern_procctl(struct thread *td, idtype_t idtype, id_t id, int com, void *data) +{ + struct pgrp *pg; + struct proc *p; + int error, first_error, ok; + + sx_slock(&proctree_lock); + switch (idtype) { + case P_PID: + p = pfind(id); + if (p == NULL) { + error = ESRCH; + break; + } + if (p->p_state == PRS_NEW) + error = ESRCH; + else + error = p_cansee(td, p); + if (error == 0) + error = kern_procctl_single(td, p, com, data); + PROC_UNLOCK(p); + break; + case P_PGID: + /* + * Attempt to apply the operation to all members of the + * group. Ignore processes in the group that can't be + * seen. Ignore errors so long as at least one process is + * able to complete the request successfully. + */ + pg = pgfind(id); + if (pg == NULL) { + error = ESRCH; + break; + } + PGRP_UNLOCK(pg); + ok = 0; + first_error = 0; + LIST_FOREACH(p, &pg->pg_members, p_pglist) { + PROC_LOCK(p); + if (p->p_state == PRS_NEW || p_cansee(td, p) != 0) { + PROC_UNLOCK(p); + continue; + } + error = kern_procctl_single(td, p, com, data); + PROC_UNLOCK(p); + if (error == 0) + ok = 1; + else if (first_error == 0) + first_error = error; + } + if (ok) + error = 0; + else if (first_error != 0) + error = first_error; + else + /* + * Was not able to see any processes in the + * process group. + */ + error = ESRCH; + break; + default: + error = EINVAL; + break; + } + sx_sunlock(&proctree_lock); + return (error); +} Modified: stable/9/sys/kern/syscalls.master ============================================================================== --- stable/9/sys/kern/syscalls.master Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/kern/syscalls.master Thu Jan 2 21:57:03 2014 (r260208) @@ -953,5 +953,18 @@ int *status, int options, \ struct __wrusage *wrusage, \ siginfo_t *info); } +533 AUE_NULL UNIMPL cap_rights_limit +534 AUE_NULL UNIMPL cap_ioctls_limit +535 AUE_NULL UNIMPL cap_ioctls_get +536 AUE_NULL UNIMPL cap_fcntls_limit +537 AUE_NULL UNIMPL cap_fcntls_get +538 AUE_NULL UNIMPL bindat +539 AUE_NULL UNIMPL connectat +540 AUE_NULL UNIMPL chflagsat +541 AUE_NULL UNIMPL accept4 +542 AUE_NULL UNIMPL pipe2 +543 AUE_NULL UNIMPL aio_mlock +544 AUE_NULL STD { int procctl(idtype_t idtype, id_t id, \ + int com, void *data); } ; Please copy any additions and changes to the following compatability tables: ; sys/compat/freebsd32/syscalls.master Modified: stable/9/sys/sys/proc.h ============================================================================== --- stable/9/sys/sys/proc.h Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/sys/proc.h Thu Jan 2 21:57:03 2014 (r260208) @@ -493,11 +493,8 @@ struct proc { struct callout p_limco; /* (c) Limit callout handle */ struct sigacts *p_sigacts; /* (x) Signal actions, state (CPU). */ - /* - * The following don't make too much sense. - * See the td_ or ke_ versions of the same flags. - */ int p_flag; /* (c) P_* flags. */ + int p_flag2; /* (c) P2_* flags. */ enum { PRS_NEW = 0, /* In creation */ PRS_NORMAL, /* threads can be run. */ @@ -643,6 +640,9 @@ struct proc { #define P_SHOULDSTOP(p) ((p)->p_flag & P_STOPPED) #define P_KILLED(p) ((p)->p_flag & P_WKILLED) +/* These flags are kept in p_flag2. */ +#define P2_INHERIT_PROTECTED 0x00000001 /* New children get P_PROTECTED. */ + /* * These were process status values (p_stat), now they are only used in * legacy conversion code. Copied: stable/9/sys/sys/procctl.h (from r255708, head/sys/sys/procctl.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/9/sys/sys/procctl.h Thu Jan 2 21:57:03 2014 (r260208, copy of r255708, head/sys/sys/procctl.h) @@ -0,0 +1,55 @@ +/*- + * Copyright (c) 2013 Advanced Computing Technologies LLC + * Written by: John H. Baldwin + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _SYS_PROCCTL_H_ +#define _SYS_PROCCTL_H_ + +#define PROC_SPROTECT 1 /* set protected state */ + +/* Operations for PROC_SPROTECT (passed in integer arg). */ +#define PPROT_OP(x) ((x) & 0xf) +#define PPROT_SET 1 +#define PPROT_CLEAR 2 + +/* Flags for PROC_SPROTECT (ORed in with operation). */ +#define PPROT_FLAGS(x) ((x) & ~0xf) +#define PPROT_DESCEND 0x10 +#define PPROT_INHERIT 0x20 + +#ifndef _KERNEL +#include +#include + +__BEGIN_DECLS +int procctl(idtype_t, id_t, int, void *); +__END_DECLS + +#endif + +#endif /* !_SYS_PROCCTL_H_ */ Modified: stable/9/sys/sys/syscallsubr.h ============================================================================== --- stable/9/sys/sys/syscallsubr.h Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/sys/syscallsubr.h Thu Jan 2 21:57:03 2014 (r260208) @@ -161,6 +161,8 @@ int kern_posix_fadvise(struct thread *td int advice); int kern_posix_fallocate(struct thread *td, int fd, off_t offset, off_t len); +int kern_procctl(struct thread *td, enum idtype idtype, id_t id, int com, + void *data); int kern_preadv(struct thread *td, int fd, struct uio *auio, off_t offset); int kern_pselect(struct thread *td, int nd, fd_set *in, fd_set *ou, fd_set *ex, struct timeval *tvp, sigset_t *uset, int abi_nfdbits); Modified: stable/9/sys/sys/user.h ============================================================================== --- stable/9/sys/sys/user.h Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/sys/user.h Thu Jan 2 21:57:03 2014 (r260208) @@ -83,7 +83,7 @@ * it in two places: function fill_kinfo_proc in sys/kern/kern_proc.c and * function kvm_proclist in lib/libkvm/kvm_proc.c . */ -#define KI_NSPARE_INT 9 +#define KI_NSPARE_INT 7 #define KI_NSPARE_LONG 12 #define KI_NSPARE_PTR 6 @@ -186,6 +186,8 @@ struct kinfo_proc { */ char ki_sparestrings[50]; /* spare string space */ int ki_spareints[KI_NSPARE_INT]; /* spare room for growth */ + int ki_flag2; /* P2_* flags */ + int ki_fibnum; /* Default FIB number */ u_int ki_cr_flags; /* Credential flags */ int ki_jid; /* Process jail ID */ int ki_numthreads; /* XXXKSE number of threads in total */ Modified: stable/9/sys/vm/vm_mmap.c ============================================================================== --- stable/9/sys/vm/vm_mmap.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/sys/vm/vm_mmap.c Thu Jan 2 21:57:03 2014 (r260208) @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -67,6 +68,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -724,23 +726,18 @@ sys_madvise(td, uap) { vm_offset_t start, end; vm_map_t map; - struct proc *p; - int error; + int flags; /* * Check for our special case, advising the swap pager we are * "immortal." */ if (uap->behav == MADV_PROTECT) { - error = priv_check(td, PRIV_VM_MADV_PROTECT); - if (error == 0) { - p = td->td_proc; - PROC_LOCK(p); - p->p_flag |= P_PROTECTED; - PROC_UNLOCK(p); - } - return (error); + flags = PPROT_SET; + return (kern_procctl(td, P_PID, td->td_proc->p_pid, + PROC_SPROTECT, &flags)); } + /* * Check for illegal behavior */ Modified: stable/9/usr.bin/Makefile ============================================================================== --- stable/9/usr.bin/Makefile Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/usr.bin/Makefile Thu Jan 2 21:57:03 2014 (r260208) @@ -127,6 +127,7 @@ SUBDIR= alias \ printenv \ printf \ procstat \ + protect \ rctl \ renice \ rev \ Modified: stable/9/usr.bin/kdump/kdump.c ============================================================================== --- stable/9/usr.bin/kdump/kdump.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/usr.bin/kdump/kdump.c Thu Jan 2 21:57:03 2014 (r260208) @@ -1031,6 +1031,18 @@ ktrsyscall(struct ktr_syscall *ktr, u_in ip++; narg--; break; + case SYS_procctl: + putchar('('); + idtypename(*ip, decimal); + c = ','; + ip++; + narg--; + print_number(ip, narg, c); + putchar(','); + procctlcmdname(*ip); + ip++; + narg--; + break; } } while (narg > 0) { Modified: stable/9/usr.bin/kdump/mksubr ============================================================================== --- stable/9/usr.bin/kdump/mksubr Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/usr.bin/kdump/mksubr Thu Jan 2 21:57:03 2014 (r260208) @@ -169,6 +169,7 @@ cat <<_EOF_ #include #include #include +#include #include #include #include @@ -438,6 +439,7 @@ auto_or_type "mountflagsname" " auto_switch_type "msyncflagsname" "MS_[A-Z]+[[:space:]]+0x[0-9]+" "sys/mman.h" auto_or_type "nfssvcname" "NFSSVC_[A-Z0-9]+[[:space:]]+0x[0-9]+" "nfs/nfssvc.h" auto_switch_type "prioname" "PRIO_[A-Z]+[[:space:]]+[0-9]" "sys/resource.h" +auto_switch_type "procctlcmdname" "PROC_[A-Z]+[[:space:]]+[0-9]" "sys/procctl.h" auto_switch_type "ptraceopname" "PT_[[:alnum:]_]+[[:space:]]+[0-9]+" "sys/ptrace.h" auto_switch_type "quotactlname" "Q_[A-Z]+[[:space:]]+0x[0-9]+" "ufs/ufs/quota.h" auto_or_type "rebootoptname" "RB_[A-Z]+[[:space:]]+0x[0-9]+" "sys/reboot.h" Modified: stable/9/usr.bin/protect/protect.1 ============================================================================== --- head/usr.bin/protect/protect.1 Thu Sep 19 18:53:42 2013 (r255708) +++ stable/9/usr.bin/protect/protect.1 Thu Jan 2 21:57:03 2014 (r260208) @@ -46,7 +46,7 @@ The kernel does not kill protected proce Note that this protected state is not inherited by child processes by default. .Pp The options are: -.Bl -tag -width indent +.Bl -tag -width XXXXXXXXXX .It Fl c Remove protection from the specified processes. .It Fl d @@ -74,16 +74,16 @@ flags may be specified when adjusting th Mark the Xorg server as protected: .Pp .Dl "pgrep Xorg | xargs protect -p" +.Pp Protect all ssh sessions and their child processes: .Pp .Dl "pgrep sshd | xargs protect -dip" +.Pp Remove protection from all current and future processes: .Pp .Dl "protect -cdi -p 1" .Sh SEE ALSO -.Xr pprotect 2 +.Xr procctl 2 .Sh BUGS If you protect a runaway process that allocates all memory the system will deadlock. -.Pp -Inheritance of the protected state is not yet implemented. Modified: stable/9/usr.bin/truss/syscall.h ============================================================================== --- stable/9/usr.bin/truss/syscall.h Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/usr.bin/truss/syscall.h Thu Jan 2 21:57:03 2014 (r260208) @@ -40,7 +40,7 @@ enum Argtype { None = 1, Hex, Octal, Int Fd_set, Sigaction, Fcntl, Mprot, Mmapflags, Whence, Readlinkres, Umtx, Sigset, Sigprocmask, Kevent, Sockdomain, Socktype, Open, Fcntlflag, Rusage, BinString, Shutdown, Resource, Rlimit, Timeval2, - Pathconf, Rforkflags, ExitStatus, Waitoptions, Idtype }; + Pathconf, Rforkflags, ExitStatus, Waitoptions, Idtype, Procctl }; #define ARG_MASK 0xff #define OUT 0x100 Modified: stable/9/usr.bin/truss/syscalls.c ============================================================================== --- stable/9/usr.bin/truss/syscalls.c Thu Jan 2 21:30:59 2014 (r260207) +++ stable/9/usr.bin/truss/syscalls.c Thu Jan 2 21:57:03 2014 (r260208) @@ -41,6 +41,7 @@ static const char rcsid[] = #include #include +#include #include #include #include @@ -270,6 +271,8 @@ struct syscall syscalls[] = { { .name = "wait6", .ret_type = 1, .nargs = 6, .args = { { Idtype, 0 }, { Int, 1 }, { ExitStatus | OUT, 2 }, { Waitoptions, 3 }, { Rusage | OUT, 4 }, { Ptr, 5 } } }, + { .name = "procctl", .ret_type = 1, .nargs = 4, + .args = { { Idtype, 0 }, { Int, 1 }, { Procctl, 2 }, { Ptr, 3 } } }, { .name = 0 }, }; @@ -395,6 +398,10 @@ static struct xlat idtype_arg[] = { X(P_CTID) X(P_CPUID) X(P_PSETID) XEND }; +static struct xlat procctl_arg[] = { + X(PROC_SPROTECT) XEND +}; + #undef X #undef XEND @@ -1194,6 +1201,9 @@ print_arg(struct syscall_args *sc, unsig case Idtype: tmp = strdup(xlookup(idtype_arg, args[sc->offset])); break; + case Procctl: + tmp = strdup(xlookup(procctl_arg, args[sc->offset])); + break; default: errx(1, "Invalid argument type %d\n", sc->type & ARG_MASK); }