static int sysvipc_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie, void *arg0, void *arg1, void *arg2, void *arg3) { mode_t mask; int ismember = 0; struct ipc_perm *perm; int mode; enum kauth_system_req req; req = (enum kauth_system_req)arg0; if (!(action == KAUTH_SYSTEM_SYSVIPC && req == KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS)) return KAUTH_RESULT_DEFER; perm = arg1; mode = (int)(uintptr_t)arg2; if (mode == IPC_M) { if (kauth_cred_geteuid(cred) == perm->uid || kauth_cred_geteuid(cred) == perm->cuid) return (KAUTH_RESULT_ALLOW); return (KAUTH_RESULT_DEFER); /* EPERM */ } mask = 0; if (kauth_cred_geteuid(cred) == perm->uid || kauth_cred_geteuid(cred) == perm->cuid) { if (mode & IPC_R) mask |= S_IRUSR; if (mode & IPC_W) mask |= S_IWUSR; return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */); } if (kauth_cred_getegid(cred) == perm->gid || (kauth_cred_ismember_gid(cred, perm->gid, &ismember) == 0 && ismember) || kauth_cred_getegid(cred) == perm->cgid || (kauth_cred_ismember_gid(cred, perm->cgid, &ismember) == 0 && ismember)) { if (mode & IPC_R) mask |= S_IRGRP; if (mode & IPC_W) mask |= S_IWGRP; return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */); } if (mode & IPC_R) mask |= S_IROTH; if (mode & IPC_W) mask |= S_IWOTH; return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */); }
/* * Check for a valid change to a users allocation. * Issue an error message if appropriate. */ static int chkiqchg(struct inode *ip, int32_t change, kauth_cred_t cred, int type) { struct dquot *dq = ip->i_dquot[type]; long ncurinodes = dq->dq_curinodes + change; KASSERT(mutex_owned(&dq->dq_interlock)); /* * If user would exceed their hard limit, disallow inode allocation. */ if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) { if ((dq->dq_flags & DQ_WARN(QL_FILE)) == 0 && ip->i_uid == kauth_cred_geteuid(cred)) { uprintf("\n%s: write failed, %s inode limit reached\n", ITOV(ip)->v_mount->mnt_stat.f_mntonname, lfs_quotatypes[type]); dq->dq_flags |= DQ_WARN(QL_FILE); } return (EDQUOT); } /* * If user is over their soft limit for too long, disallow inode * allocation. Reset time limit as they cross their soft limit. */ if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) { if (dq->dq_curinodes < dq->dq_isoftlimit) { dq->dq_itime = time_second + ip->i_ump->umq1_itime[type]; if (ip->i_uid == kauth_cred_geteuid(cred)) uprintf("\n%s: warning, %s %s\n", ITOV(ip)->v_mount->mnt_stat.f_mntonname, lfs_quotatypes[type], "inode quota exceeded"); return (0); } if (time_second > dq->dq_itime) { if ((dq->dq_flags & DQ_WARN(QL_FILE)) == 0 && ip->i_uid == kauth_cred_geteuid(cred)) { uprintf("\n%s: write failed, %s %s\n", ITOV(ip)->v_mount->mnt_stat.f_mntonname, lfs_quotatypes[type], "inode quota exceeded for too long"); dq->dq_flags |= DQ_WARN(QL_FILE); } return (EDQUOT); } } return (0); }
static int tap_fops_stat(file_t *fp, struct stat *st) { int error = 0; struct tap_softc *sc; int unit = fp->f_devunit; (void)memset(st, 0, sizeof(*st)); KERNEL_LOCK(1, NULL); sc = device_lookup_private(&tap_cd, unit); if (sc == NULL) { error = ENXIO; goto out; } st->st_dev = makedev(cdevsw_lookup_major(&tap_cdevsw), unit); st->st_atimespec = sc->sc_atime; st->st_mtimespec = sc->sc_mtime; st->st_ctimespec = st->st_birthtimespec = sc->sc_btime; st->st_uid = kauth_cred_geteuid(fp->f_cred); st->st_gid = kauth_cred_getegid(fp->f_cred); out: KERNEL_UNLOCK_ONE(NULL); return error; }
/* * Perform chown operation on inode ip; * inode must be locked prior to call. */ static int ptyfs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred, struct lwp *l) { struct ptyfsnode *ptyfs = VTOPTYFS(vp); int error, ismember = 0; if (uid == (uid_t)VNOVAL) uid = ptyfs->ptyfs_uid; if (gid == (gid_t)VNOVAL) gid = ptyfs->ptyfs_gid; /* * If we don't own the file, are trying to change the owner * of the file, or are not a member of the target group, * the caller's credentials must imply super-user privilege * or the call fails. */ if ((kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid || uid != ptyfs->ptyfs_uid || (gid != ptyfs->ptyfs_gid && !(kauth_cred_getegid(cred) == gid || (kauth_cred_ismember_gid(cred, gid, &ismember) == 0 && ismember)))) && ((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL)) != 0)) return error; ptyfs->ptyfs_gid = gid; ptyfs->ptyfs_uid = uid; return 0; }
/* ARGSUSED */ int sys_geteuid(struct lwp *l, const void *v, register_t *retval) { *retval = kauth_cred_geteuid(l->l_cred); return (0); }
int sys_setreuid(struct lwp *l, const struct sys_setreuid_args *uap, register_t *retval) { /* { syscallarg(uid_t) ruid; syscallarg(uid_t) euid; } */ kauth_cred_t cred = l->l_cred; uid_t ruid, euid, svuid; ruid = SCARG(uap, ruid); euid = SCARG(uap, euid); if (ruid == -1) ruid = kauth_cred_getuid(cred); if (euid == -1) euid = kauth_cred_geteuid(cred); /* Saved uid is set to the new euid if the ruid changed */ svuid = (ruid == kauth_cred_getuid(cred)) ? -1 : euid; return do_setresuid(l, ruid, euid, svuid, ID_R_EQ_R | ID_R_EQ_E | ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S | ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S); }
int sys__lwp_kill(struct lwp *l, const struct sys__lwp_kill_args *uap, register_t *retval) { /* { syscallarg(lwpid_t) target; syscallarg(int) signo; } */ struct proc *p = l->l_proc; struct lwp *t; ksiginfo_t ksi; int signo = SCARG(uap, signo); int error = 0; if ((u_int)signo >= NSIG) return EINVAL; KSI_INIT(&ksi); ksi.ksi_signo = signo; ksi.ksi_code = SI_LWP; ksi.ksi_pid = p->p_pid; ksi.ksi_uid = kauth_cred_geteuid(l->l_cred); ksi.ksi_lid = SCARG(uap, target); mutex_enter(proc_lock); mutex_enter(p->p_lock); if ((t = lwp_find(p, ksi.ksi_lid)) == NULL) error = ESRCH; else if (signo != 0) kpsignal2(p, &ksi); mutex_exit(p->p_lock); mutex_exit(proc_lock); return error; }
int v7fs_symlink(void *v) { struct vop_symlink_v3_args /* { struct vnode *a_dvp; struct vnode **a_vpp; struct componentname *a_cnp; struct vattr *a_vap; char *a_target; } */ *a = v; struct v7fs_node *parent_node = a->a_dvp->v_data; struct v7fs_mount *v7fsmount = parent_node->v7fsmount; struct v7fs_self *fs = v7fsmount->core; struct vattr *va = a->a_vap; kauth_cred_t cr = a->a_cnp->cn_cred; struct componentname *cnp = a->a_cnp; struct v7fs_fileattr attr; v7fs_ino_t ino; const char *from = a->a_target; const char *to = cnp->cn_nameptr; size_t len = strlen(from) + 1; int error = 0; if (len > V7FS_BSIZE) { /* limited to 512byte pathname */ DPRINTF("too long pathname."); return ENAMETOOLONG; } memset(&attr, 0, sizeof(attr)); attr.uid = kauth_cred_geteuid(cr); attr.gid = kauth_cred_getegid(cr); attr.mode = va->va_mode | vtype_to_v7fs_mode(va->va_type); if ((error = v7fs_file_allocate (fs, &parent_node->inode, to, &attr, &ino))) { return error; } /* Sync dirent size change. */ uvm_vnp_setsize(a->a_dvp, v7fs_inode_filesize(&parent_node->inode)); /* Get myself vnode. */ if ((error = v7fs_vget(v7fsmount->mountp, ino, a->a_vpp))) { DPRINTF("can't get vnode.\n"); } struct v7fs_node *newnode = (*a->a_vpp)->v_data; struct v7fs_inode *p = &newnode->inode; v7fs_file_symlink(fs, p, from); uvm_vnp_setsize(*a->a_vpp, v7fs_inode_filesize(p)); newnode->update_ctime = true; newnode->update_mtime = true; newnode->update_atime = true; if (error == 0) VOP_UNLOCK(*a->a_vpp); return error; }
/* ARGSUSED */ int sys_getuid_with_euid(struct lwp *l, const void *v, register_t *retval) { retval[0] = kauth_cred_getuid(l->l_cred); retval[1] = kauth_cred_geteuid(l->l_cred); return (0); }
int v7fs_create(void *v) { struct vop_create_v3_args /* { struct vnode *a_dvp; struct vnode **a_vpp; struct componentname *a_cnp; struct vattr *a_vap; } */ *a = v; struct v7fs_node *parent_node = a->a_dvp->v_data; struct v7fs_mount *v7fsmount = parent_node->v7fsmount; struct v7fs_self *fs = v7fsmount->core; struct mount *mp = v7fsmount->mountp; struct v7fs_fileattr attr; struct vattr *va = a->a_vap; kauth_cred_t cr = a->a_cnp->cn_cred; v7fs_ino_t ino; int error = 0; DPRINTF("%s parent#%d\n", a->a_cnp->cn_nameptr, parent_node->inode.inode_number); KDASSERT((va->va_type == VREG) || (va->va_type == VSOCK)); memset(&attr, 0, sizeof(attr)); attr.uid = kauth_cred_geteuid(cr); attr.gid = kauth_cred_getegid(cr); attr.mode = va->va_mode | vtype_to_v7fs_mode (va->va_type); attr.device = 0; /* Allocate disk entry. and register its entry to parent directory. */ if ((error = v7fs_file_allocate(fs, &parent_node->inode, a->a_cnp->cn_nameptr, &attr, &ino))) { DPRINTF("v7fs_file_allocate failed.\n"); return error; } /* Sync dirent size change. */ uvm_vnp_setsize(a->a_dvp, v7fs_inode_filesize(&parent_node->inode)); /* Get myself vnode. */ *a->a_vpp = 0; if ((error = v7fs_vget(mp, ino, a->a_vpp))) { DPRINTF("v7fs_vget failed.\n"); return error; } /* Scheduling update time. real update by v7fs_update */ struct v7fs_node *newnode = (*a->a_vpp)->v_data; newnode->update_ctime = true; newnode->update_mtime = true; newnode->update_atime = true; DPRINTF("allocated %s->#%d\n", a->a_cnp->cn_nameptr, ino); if (error == 0) VOP_UNLOCK(*a->a_vpp); return error; }
static int kill1(struct lwp *l, pid_t pid, ksiginfo_t *ksi, register_t *retval) { int error; struct proc *p; if ((u_int)ksi->ksi_signo >= NSIG) return EINVAL; if (pid != l->l_proc->p_pid) { if (ksi->ksi_pid != l->l_proc->p_pid) return EPERM; if (ksi->ksi_uid != kauth_cred_geteuid(l->l_cred)) return EPERM; switch (ksi->ksi_code) { case SI_USER: case SI_QUEUE: break; default: return EPERM; } } if (pid > 0) { /* kill single process */ mutex_enter(proc_lock); p = proc_find_raw(pid); if (p == NULL || (p->p_stat != SACTIVE && p->p_stat != SSTOP)) { mutex_exit(proc_lock); /* IEEE Std 1003.1-2001: return success for zombies */ return p ? 0 : ESRCH; } mutex_enter(p->p_lock); error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SIGNAL, p, KAUTH_ARG(ksi->ksi_signo), NULL, NULL); if (!error && ksi->ksi_signo) { kpsignal2(p, ksi); } mutex_exit(p->p_lock); mutex_exit(proc_lock); return error; } switch (pid) { case -1: /* broadcast signal */ return killpg1(l, ksi, 0, 1); case 0: /* signal own process group */ return killpg1(l, ksi, 0, 0); default: /* negative explicit process group */ return killpg1(l, ksi, -pid, 0); } /* NOTREACHED */ }
/* * Allocate an inode in the file system. * * If allocating a directory, use ext2fs_dirpref to select the inode. * If allocating in a directory, the following hierarchy is followed: * 1) allocate the preferred inode. * 2) allocate an inode in the same cylinder group. * 3) quadradically rehash into other cylinder groups, until an * available inode is located. * If no inode preference is given the following hierarchy is used * to allocate an inode: * 1) allocate an inode in cylinder group 0. * 2) quadradically rehash into other cylinder groups, until an * available inode is located. */ int ext2fs_valloc(struct vnode *pvp, int mode, kauth_cred_t cred, struct vnode **vpp) { struct inode *pip; struct m_ext2fs *fs; struct inode *ip; ino_t ino, ipref; int cg, error; *vpp = NULL; pip = VTOI(pvp); fs = pip->i_e2fs; if (fs->e2fs.e2fs_ficount == 0) goto noinodes; if ((mode & IFMT) == IFDIR) cg = ext2fs_dirpref(fs); else cg = ino_to_cg(fs, pip->i_number); ipref = cg * fs->e2fs.e2fs_ipg + 1; ino = (ino_t)ext2fs_hashalloc(pip, cg, (long)ipref, mode, ext2fs_nodealloccg); if (ino == 0) goto noinodes; error = VFS_VGET(pvp->v_mount, ino, vpp); if (error) { ext2fs_vfree(pvp, ino, mode); return (error); } ip = VTOI(*vpp); if (ip->i_e2fs_mode && ip->i_e2fs_nlink != 0) { printf("mode = 0%o, nlinks %d, inum = %llu, fs = %s\n", ip->i_e2fs_mode, ip->i_e2fs_nlink, (unsigned long long)ip->i_number, fs->e2fs_fsmnt); panic("ext2fs_valloc: dup alloc"); } memset(ip->i_din.e2fs_din, 0, sizeof(struct ext2fs_dinode)); /* * Set up a new generation number for this inode. */ if (++ext2gennumber < time_second) ext2gennumber = time_second; ip->i_e2fs_gen = ext2gennumber; return (0); noinodes: ext2fs_fserr(fs, kauth_cred_geteuid(cred), "out of inodes"); uprintf("\n%s: create/symlink failed, no inodes free\n", fs->e2fs_fsmnt); return (ENOSPC); }
/* * Change the mode on a file. * Inode must be locked before calling. */ static int ptyfs_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred, struct lwp *l) { struct ptyfsnode *ptyfs = VTOPTYFS(vp); int error; if (kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid && (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL)) != 0) return error; ptyfs->ptyfs_mode &= ~ALLPERMS; ptyfs->ptyfs_mode |= (mode & ALLPERMS); return 0; }
int v7fs_mknod(void *v) { struct vop_mknod_v3_args /* { struct vnode *a_dvp; struct vnode **a_vpp; struct componentname *a_cnp; struct vattr *a_vap; } */ *a = v; struct componentname *cnp = a->a_cnp; kauth_cred_t cr = cnp->cn_cred; struct vnode *dvp = a->a_dvp; struct vattr *va = a->a_vap; struct v7fs_node *parent_node = dvp->v_data; struct v7fs_mount *v7fsmount = parent_node->v7fsmount; struct v7fs_self *fs = v7fsmount->core; struct mount *mp = v7fsmount->mountp; struct v7fs_fileattr attr; v7fs_ino_t ino; int error = 0; DPRINTF("%s %06o %lx %d\n", cnp->cn_nameptr, va->va_mode, (long)va->va_rdev, va->va_type); memset(&attr, 0, sizeof(attr)); attr.uid = kauth_cred_geteuid(cr); attr.gid = kauth_cred_getegid(cr); attr.mode = va->va_mode | vtype_to_v7fs_mode(va->va_type); attr.device = va->va_rdev; if ((error = v7fs_file_allocate(fs, &parent_node->inode, cnp->cn_nameptr, &attr, &ino))) return error; /* Sync dirent size change. */ uvm_vnp_setsize(dvp, v7fs_inode_filesize(&parent_node->inode)); if ((error = v7fs_vget(mp, ino, a->a_vpp))) { DPRINTF("can't get vnode.\n"); return error; } struct v7fs_node *newnode = (*a->a_vpp)->v_data; newnode->update_ctime = true; newnode->update_mtime = true; newnode->update_atime = true; if (error == 0) VOP_UNLOCK(*a->a_vpp); return error; }
int sysvbfs_create(void *arg) { struct vop_create_args /* { struct vnode *a_dvp; struct vnode **a_vpp; struct componentname *a_cnp; struct vattr *a_vap; } */ *a = arg; struct sysvbfs_node *bnode = a->a_dvp->v_data; struct sysvbfs_mount *bmp = bnode->bmp; struct bfs *bfs = bmp->bfs; struct mount *mp = bmp->mountp; struct bfs_dirent *dirent; struct bfs_fileattr attr; struct vattr *va = a->a_vap; kauth_cred_t cr = a->a_cnp->cn_cred; int err = 0; DPRINTF("%s: %s\n", __func__, a->a_cnp->cn_nameptr); KDASSERT(a->a_vap->va_type == VREG); attr.uid = kauth_cred_geteuid(cr); attr.gid = kauth_cred_getegid(cr); attr.mode = va->va_mode; if ((err = bfs_file_create(bfs, a->a_cnp->cn_nameptr, 0, 0, &attr)) != 0) { DPRINTF("%s: bfs_file_create failed.\n", __func__); goto unlock_exit; } if (!bfs_dirent_lookup_by_name(bfs, a->a_cnp->cn_nameptr, &dirent)) panic("no dirent for created file."); if ((err = sysvbfs_vget(mp, dirent->inode, a->a_vpp)) != 0) { DPRINTF("%s: sysvbfs_vget failed.\n", __func__); goto unlock_exit; } bnode = (*a->a_vpp)->v_data; bnode->update_ctime = true; bnode->update_mtime = true; bnode->update_atime = true; unlock_exit: /* unlock parent directory */ vput(a->a_dvp); /* locked at sysvbfs_lookup(); */ return err; }
static int rnd_stat(struct file *fp, struct stat *st) { struct rnd_ctx *const ctx = fp->f_data; /* XXX lock, if cprng allocated? why? */ memset(st, 0, sizeof(*st)); st->st_dev = makedev(cdevsw_lookup_major(&rnd_cdevsw), (ctx->rc_hard? RND_DEV_RANDOM : RND_DEV_URANDOM)); /* XXX leave atimespect, mtimespec, ctimespec = 0? */ st->st_uid = kauth_cred_geteuid(fp->f_cred); st->st_gid = kauth_cred_getegid(fp->f_cred); st->st_mode = S_IFCHR; return 0; }
int sys_kill(struct lwp *l, const struct sys_kill_args *uap, register_t *retval) { /* { syscallarg(pid_t) pid; syscallarg(int) signum; } */ ksiginfo_t ksi; KSI_INIT(&ksi); ksi.ksi_signo = SCARG(uap, signum); ksi.ksi_code = SI_USER; ksi.ksi_pid = l->l_proc->p_pid; ksi.ksi_uid = kauth_cred_geteuid(l->l_cred); return kill1(l, SCARG(uap, pid), &ksi, retval); }
static int linux_do_tkill(struct lwp *l, int tgid, int tid, int signum) { struct proc *p; struct lwp *t; ksiginfo_t ksi; int error; if (signum < 0 || signum >= LINUX__NSIG) return EINVAL; signum = linux_to_native_signo[signum]; if (tgid == -1) { tgid = tid; } KSI_INIT(&ksi); ksi.ksi_signo = signum; ksi.ksi_code = SI_LWP; ksi.ksi_pid = l->l_proc->p_pid; ksi.ksi_uid = kauth_cred_geteuid(l->l_cred); ksi.ksi_lid = tid; mutex_enter(proc_lock); p = proc_find(tgid); if (p == NULL) { mutex_exit(proc_lock); return ESRCH; } mutex_enter(p->p_lock); error = kauth_authorize_process(l->l_cred, KAUTH_PROCESS_SIGNAL, p, KAUTH_ARG(signum), NULL, NULL); if ((t = lwp_find(p, ksi.ksi_lid)) == NULL) error = ESRCH; else if (signum != 0) kpsignal2(p, &ksi); mutex_exit(p->p_lock); mutex_exit(proc_lock); return error; }
/* * Allocate a block in the file system. * * A preference may be optionally specified. If a preference is given * the following hierarchy is used to allocate a block: * 1) allocate the requested block. * 2) allocate a rotationally optimal block in the same cylinder. * 3) allocate a block in the same cylinder group. * 4) quadradically rehash into other cylinder groups, until an * available block is located. * If no block preference is given the following hierarchy is used * to allocate a block: * 1) allocate a block in the cylinder group that contains the * inode for the file. * 2) quadradically rehash into other cylinder groups, until an * available block is located. */ int ext2fs_alloc(struct inode *ip, daddr_t lbn, daddr_t bpref, kauth_cred_t cred, daddr_t *bnp) { struct m_ext2fs *fs; daddr_t bno; int cg; *bnp = 0; fs = ip->i_e2fs; #ifdef DIAGNOSTIC if (cred == NOCRED) panic("ext2fs_alloc: missing credential"); #endif /* DIAGNOSTIC */ if (fs->e2fs.e2fs_fbcount == 0) goto nospace; if (kauth_authorize_system(cred, KAUTH_SYSTEM_FS_RESERVEDSPACE, 0, NULL, NULL, NULL) != 0 && freespace(fs) <= 0) goto nospace; if (bpref >= fs->e2fs.e2fs_bcount) bpref = 0; if (bpref == 0) cg = ino_to_cg(fs, ip->i_number); else cg = dtog(fs, bpref); bno = (daddr_t)ext2fs_hashalloc(ip, cg, bpref, fs->e2fs_bsize, ext2fs_alloccg); if (bno > 0) { ip->i_e2fs_nblock += btodb(fs->e2fs_bsize); ip->i_flag |= IN_CHANGE | IN_UPDATE; *bnp = bno; return (0); } nospace: ext2fs_fserr(fs, kauth_cred_geteuid(cred), "file system full"); uprintf("\n%s: write failed, file system is full\n", fs->e2fs_fsmnt); return (ENOSPC); }
struct mbuf * compat_70_unp_addsockcred(struct lwp *l, struct mbuf *control) { struct sockcred70 *sc; struct mbuf *m; void *p; m = sbcreatecontrol1(&p, SOCKCRED70SIZE(kauth_cred_ngroups(l->l_cred)), SCM_OCREDS, SOL_SOCKET, M_WAITOK); if (m == NULL) return control; sc = p; sc->sc_uid = kauth_cred_getuid(l->l_cred); sc->sc_euid = kauth_cred_geteuid(l->l_cred); sc->sc_gid = kauth_cred_getgid(l->l_cred); sc->sc_egid = kauth_cred_getegid(l->l_cred); sc->sc_ngroups = kauth_cred_ngroups(l->l_cred); for (int i = 0; i < sc->sc_ngroups; i++) sc->sc_groups[i] = kauth_cred_group(l->l_cred, i); return m_add(control, m); }
/* * trap(frame): exception, fault, and trap interface to BSD kernel. * * This common code is called from assembly language IDT gate entry routines * that prepare a suitable stack frame, and restore this frame after the * exception has been processed. Note that the effect is as if the arguments * were passed call by reference. */ void trap(struct trapframe *frame) { struct lwp *l = curlwp; struct proc *p; struct pcb *pcb; extern char fusubail[], kcopy_fault[], return_address_fault[], IDTVEC(osyscall)[]; struct trapframe *vframe; ksiginfo_t ksi; void *onfault; int type, error; uint32_t cr2; bool pfail; if (__predict_true(l != NULL)) { pcb = lwp_getpcb(l); p = l->l_proc; } else { /* * this can happen eg. on break points in early on boot. */ pcb = NULL; p = NULL; } type = frame->tf_trapno; #ifdef DEBUG if (trapdebug) { trap_print(frame, l); } #endif if (type != T_NMI && !KERNELMODE(frame->tf_cs, frame->tf_eflags)) { type |= T_USER; l->l_md.md_regs = frame; pcb->pcb_cr2 = 0; LWP_CACHE_CREDS(l, p); } #ifdef KDTRACE_HOOKS /* * A trap can occur while DTrace executes a probe. Before * executing the probe, DTrace blocks re-scheduling and sets * a flag in its per-cpu flags to indicate that it doesn't * want to fault. On returning from the the probe, the no-fault * flag is cleared and finally re-scheduling is enabled. * * If the DTrace kernel module has registered a trap handler, * call it and if it returns non-zero, assume that it has * handled the trap and modified the trap frame so that this * function can return normally. */ if ((type == T_PROTFLT || type == T_PAGEFLT) && dtrace_trap_func != NULL) { if ((*dtrace_trap_func)(frame, type)) { return; } } #endif switch (type) { case T_ASTFLT: /*FALLTHROUGH*/ default: we_re_toast: if (type == T_TRCTRAP) check_dr0(); else trap_print(frame, l); if (kdb_trap(type, 0, frame)) return; if (kgdb_trap(type, frame)) return; /* * If this is a breakpoint, don't panic if we're not connected. */ if (type == T_BPTFLT && kgdb_disconnected()) { printf("kgdb: ignored %s\n", trap_type[type]); return; } panic("trap"); /*NOTREACHED*/ case T_PROTFLT: case T_SEGNPFLT: case T_ALIGNFLT: case T_TSSFLT: if (p == NULL) goto we_re_toast; /* Check for copyin/copyout fault. */ onfault = onfault_handler(pcb, frame); if (onfault != NULL) { copyefault: error = EFAULT; copyfault: frame->tf_eip = (uintptr_t)onfault; frame->tf_eax = error; return; } /* * Check for failure during return to user mode. * This can happen loading invalid values into the segment * registers, or during the 'iret' itself. * * We do this by looking at the instruction we faulted on. * The specific instructions we recognize only happen when * returning from a trap, syscall, or interrupt. */ kernelfault: KSI_INIT_TRAP(&ksi); ksi.ksi_signo = SIGSEGV; ksi.ksi_code = SEGV_ACCERR; ksi.ksi_trap = type; switch (*(u_char *)frame->tf_eip) { case 0xcf: /* iret */ /* * The 'iret' instruction faulted, so we have the * 'user' registers saved after the kernel %eip:%cs:%fl * of the 'iret' and below that the user %eip:%cs:%fl * the 'iret' was processing. * We must delete the 3 words of kernel return address * from the stack to generate a normal stack frame * (eg for sending a SIGSEGV). */ vframe = (void *)((int *)frame + 3); if (KERNELMODE(vframe->tf_cs, vframe->tf_eflags)) goto we_re_toast; memmove(vframe, frame, offsetof(struct trapframe, tf_eip)); /* Set the faulting address to the user %eip */ ksi.ksi_addr = (void *)vframe->tf_eip; break; case 0x8e: switch (*(uint32_t *)frame->tf_eip) { case 0x8e242c8e: /* mov (%esp,%gs), then */ case 0x0424648e: /* mov 0x4(%esp),%fs */ case 0x0824448e: /* mov 0x8(%esp),%es */ case 0x0c245c8e: /* mov 0xc(%esp),%ds */ break; default: goto we_re_toast; } /* * We faulted loading one if the user segment registers. * The stack frame containing the user registers is * still valid and is just below the %eip:%cs:%fl of * the kernel fault frame. */ vframe = (void *)(&frame->tf_eflags + 1); if (KERNELMODE(vframe->tf_cs, vframe->tf_eflags)) goto we_re_toast; /* There is no valid address for the fault */ break; default: goto we_re_toast; } /* * We might have faulted trying to execute the * trampoline for a local (nested) signal handler. * Only generate SIGSEGV if the user %cs isn't changed. * (This is only strictly necessary in the 'iret' case.) */ if (!pmap_exec_fixup(&p->p_vmspace->vm_map, vframe, pcb)) { /* Save outer frame for any signal return */ l->l_md.md_regs = vframe; (*p->p_emul->e_trapsignal)(l, &ksi); } /* Return to user by reloading the user frame */ trap_return_fault_return(vframe); /* NOTREACHED */ case T_PROTFLT|T_USER: /* protection fault */ case T_TSSFLT|T_USER: case T_SEGNPFLT|T_USER: case T_STKFLT|T_USER: case T_ALIGNFLT|T_USER: KSI_INIT_TRAP(&ksi); ksi.ksi_addr = (void *)rcr2(); switch (type) { case T_SEGNPFLT|T_USER: case T_STKFLT|T_USER: ksi.ksi_signo = SIGBUS; ksi.ksi_code = BUS_ADRERR; break; case T_TSSFLT|T_USER: ksi.ksi_signo = SIGBUS; ksi.ksi_code = BUS_OBJERR; break; case T_ALIGNFLT|T_USER: ksi.ksi_signo = SIGBUS; ksi.ksi_code = BUS_ADRALN; break; case T_PROTFLT|T_USER: #ifdef VM86 if (frame->tf_eflags & PSL_VM) { vm86_gpfault(l, type & ~T_USER); goto out; } #endif /* * If pmap_exec_fixup does something, * let's retry the trap. */ if (pmap_exec_fixup(&p->p_vmspace->vm_map, frame, pcb)){ goto out; } ksi.ksi_signo = SIGSEGV; ksi.ksi_code = SEGV_ACCERR; break; default: KASSERT(0); break; } goto trapsignal; case T_PRIVINFLT|T_USER: /* privileged instruction fault */ case T_FPOPFLT|T_USER: /* coprocessor operand fault */ KSI_INIT_TRAP(&ksi); ksi.ksi_signo = SIGILL; ksi.ksi_addr = (void *) frame->tf_eip; switch (type) { case T_PRIVINFLT|T_USER: ksi.ksi_code = ILL_PRVOPC; break; case T_FPOPFLT|T_USER: ksi.ksi_code = ILL_COPROC; break; default: ksi.ksi_code = 0; break; } goto trapsignal; case T_ASTFLT|T_USER: /* Allow process switch. */ //curcpu()->ci_data.cpu_nast++; if (l->l_pflag & LP_OWEUPC) { l->l_pflag &= ~LP_OWEUPC; ADDUPROF(l); } /* Allow a forced task switch. */ if (curcpu()->ci_want_resched) { preempt(); } goto out; case T_BOUND|T_USER: case T_OFLOW|T_USER: case T_DIVIDE|T_USER: KSI_INIT_TRAP(&ksi); ksi.ksi_signo = SIGFPE; ksi.ksi_addr = (void *)frame->tf_eip; switch (type) { case T_BOUND|T_USER: ksi.ksi_code = FPE_FLTSUB; break; case T_OFLOW|T_USER: ksi.ksi_code = FPE_INTOVF; break; case T_DIVIDE|T_USER: ksi.ksi_code = FPE_INTDIV; break; default: ksi.ksi_code = 0; break; } goto trapsignal; case T_PAGEFLT: /* Allow page faults in kernel mode. */ if (__predict_false(l == NULL)) goto we_re_toast; /* * fusubail is used by [fs]uswintr() to prevent page faulting * from inside the profiling interrupt. */ onfault = pcb->pcb_onfault; if (onfault == fusubail || onfault == return_address_fault) { goto copyefault; } if (cpu_intr_p() || (l->l_pflag & LP_INTR) != 0) { goto we_re_toast; } cr2 = rcr2(); goto faultcommon; case T_PAGEFLT|T_USER: { /* page fault */ register vaddr_t va; register struct vmspace *vm; register struct vm_map *map; vm_prot_t ftype; extern struct vm_map *kernel_map; cr2 = rcr2(); faultcommon: vm = p->p_vmspace; if (__predict_false(vm == NULL)) { goto we_re_toast; } pcb->pcb_cr2 = cr2; va = trunc_page((vaddr_t)cr2); /* * It is only a kernel address space fault iff: * 1. (type & T_USER) == 0 and * 2. pcb_onfault not set or * 3. pcb_onfault set but supervisor space fault * The last can occur during an exec() copyin where the * argument space is lazy-allocated. */ if (type == T_PAGEFLT && va >= KERNBASE) map = kernel_map; else map = &vm->vm_map; if (frame->tf_err & PGEX_W) ftype = VM_PROT_WRITE; else if (frame->tf_err & PGEX_X) ftype = VM_PROT_EXECUTE; else ftype = VM_PROT_READ; #ifdef DIAGNOSTIC if (map == kernel_map && va == 0) { printf("trap: bad kernel access at %lx\n", va); goto we_re_toast; } #endif /* Fault the original page in. */ onfault = pcb->pcb_onfault; pcb->pcb_onfault = NULL; error = uvm_fault(map, va, ftype); pcb->pcb_onfault = onfault; if (error == 0) { if (map != kernel_map && (void *)va >= vm->vm_maxsaddr) uvm_grow(p, va); pfail = false; while (type == T_PAGEFLT) { /* * we need to switch pmap now if we're in * the middle of copyin/out. * * but we don't need to do so for kcopy as * it never touch userspace. */ kpreempt_disable(); if (curcpu()->ci_want_pmapload) { onfault = onfault_handler(pcb, frame); if (onfault != kcopy_fault) { pmap_load(); } } /* * We need to keep the pmap loaded and * so avoid being preempted until back * into the copy functions. Disable * interrupts at the hardware level before * re-enabling preemption. Interrupts * will be re-enabled by 'iret' when * returning back out of the trap stub. * They'll only be re-enabled when the * program counter is once again in * the copy functions, and so visible * to cpu_kpreempt_exit(). */ #ifndef XEN x86_disable_intr(); #endif l->l_nopreempt--; if (l->l_nopreempt > 0 || !l->l_dopreempt || pfail) { return; } #ifndef XEN x86_enable_intr(); #endif /* * If preemption fails for some reason, * don't retry it. The conditions won't * change under our nose. */ pfail = kpreempt(0); } goto out; } if (type == T_PAGEFLT) { onfault = onfault_handler(pcb, frame); if (onfault != NULL) goto copyfault; printf("uvm_fault(%p, %#lx, %d) -> %#x\n", map, va, ftype, error); goto kernelfault; } KSI_INIT_TRAP(&ksi); ksi.ksi_trap = type & ~T_USER; ksi.ksi_addr = (void *)cr2; switch (error) { case EINVAL: ksi.ksi_signo = SIGBUS; ksi.ksi_code = BUS_ADRERR; break; case EACCES: ksi.ksi_signo = SIGSEGV; ksi.ksi_code = SEGV_ACCERR; error = EFAULT; break; case ENOMEM: ksi.ksi_signo = SIGKILL; printf("UVM: pid %d.%d (%s), uid %d killed: " "out of swap\n", p->p_pid, l->l_lid, p->p_comm, l->l_cred ? kauth_cred_geteuid(l->l_cred) : -1); break; default: ksi.ksi_signo = SIGSEGV; ksi.ksi_code = SEGV_MAPERR; break; } #ifdef TRAP_SIGDEBUG printf("pid %d.%d (%s): signal %d at eip %x addr %lx " "error %d\n", p->p_pid, l->l_lid, p->p_comm, ksi.ksi_signo, frame->tf_eip, va, error); #endif (*p->p_emul->e_trapsignal)(l, &ksi); break; } case T_TRCTRAP: /* Check whether they single-stepped into a lcall. */ if (frame->tf_eip == (int)IDTVEC(osyscall)) return; if (frame->tf_eip == (int)IDTVEC(osyscall) + 1) { frame->tf_eflags &= ~PSL_T; return; } goto we_re_toast; case T_BPTFLT|T_USER: /* bpt instruction fault */ case T_TRCTRAP|T_USER: /* trace trap */ /* * Don't go single-stepping into a RAS. */ if (p->p_raslist == NULL || (ras_lookup(p, (void *)frame->tf_eip) == (void *)-1)) { KSI_INIT_TRAP(&ksi); ksi.ksi_signo = SIGTRAP; ksi.ksi_trap = type & ~T_USER; if (type == (T_BPTFLT|T_USER)) ksi.ksi_code = TRAP_BRKPT; else ksi.ksi_code = TRAP_TRACE; ksi.ksi_addr = (void *)frame->tf_eip; (*p->p_emul->e_trapsignal)(l, &ksi); } break; case T_NMI: if (nmi_dispatch(frame)) return; /* NMI can be hooked up to a pushbutton for debugging */ if (kgdb_trap(type, frame)) return; if (kdb_trap(type, 0, frame)) return; /* machine/parity/power fail/"kitchen sink" faults */ #if NMCA > 0 mca_nmi(); #endif x86_nmi(); } if ((type & T_USER) == 0) return; out: userret(l); return; trapsignal: ksi.ksi_trap = type & ~T_USER; (*p->p_emul->e_trapsignal)(l, &ksi); userret(l); }
/* * Copy arguments onto the stack in the normal way, but add some * extra information in case of dynamic binding. */ int linux32_elf32_copyargs(struct lwp *l, struct exec_package *pack, struct ps_strings *arginfo, char **stackp, void *argp) { Aux32Info ai[LINUX32_ELF_AUX_ENTRIES], *a; uint32_t randbytes[4]; struct elf_args *ap; struct vattr *vap; size_t len; int error; if ((error = netbsd32_copyargs(l, pack, arginfo, stackp, argp)) != 0) return error; a = ai; memset(ai, 0, sizeof(ai)); /* * Push extra arguments on the stack needed by dynamically * linked binaries and static binaries as well. */ a->a_type = AT_PAGESZ; a->a_v = PAGE_SIZE; a++; if ((ap = (struct elf_args *)pack->ep_emul_arg)) { a->a_type = AT_PHDR; a->a_v = ap->arg_phaddr; a++; a->a_type = AT_PHENT; a->a_v = ap->arg_phentsize; a++; a->a_type = AT_PHNUM; a->a_v = ap->arg_phnum; a++; a->a_type = AT_BASE; a->a_v = ap->arg_interp; a++; a->a_type = AT_FLAGS; a->a_v = 0; a++; a->a_type = AT_ENTRY; a->a_v = ap->arg_entry; a++; exec_free_emul_arg(pack); } /* Linux-specific items */ a->a_type = LINUX_AT_CLKTCK; a->a_v = hz; a++; vap = pack->ep_vap; a->a_type = LINUX_AT_UID; a->a_v = kauth_cred_getuid(l->l_cred); a++; a->a_type = LINUX_AT_EUID; a->a_v = ((vap->va_mode & S_ISUID) ? vap->va_uid : kauth_cred_geteuid(l->l_cred)); a++; a->a_type = LINUX_AT_GID; a->a_v = kauth_cred_getgid(l->l_cred); a++; a->a_type = LINUX_AT_EGID; a->a_v = ((vap->va_mode & S_ISGID) ? vap->va_gid : kauth_cred_getegid(l->l_cred)); a++; a->a_type = LINUX_AT_SECURE; a->a_v = 0; a++; a->a_type = LINUX_AT_RANDOM; a->a_v = NETBSD32PTR32I(*stackp); a++; #if 0 /* XXX: increase LINUX32_ELF_AUX_ENTRIES if we enable those things */ a->a_type = LINUX_AT_SYSINFO; a->a_v = NETBSD32PTR32I(&esdp->kernel_vsyscall[0]); a++; a->a_type = LINUX_AT_SYSINFO_EHDR; a->a_v = NETBSD32PTR32I(&esdp->elfhdr); a++; a->a_type = LINUX_AT_HWCAP; a->a_v = LINUX32_CPUCAP; a++; a->a_type = LINUX_AT_PLATFORM; a->a_v = NETBSD32PTR32I(&esdp->hw_platform[0]); a++; #endif a->a_type = AT_NULL; a->a_v = 0; a++; randbytes[0] = cprng_strong32(); randbytes[1] = cprng_strong32(); randbytes[2] = cprng_strong32(); randbytes[3] = cprng_strong32(); len = sizeof(randbytes); if ((error = copyout(randbytes, *stackp, len)) != 0) return error; *stackp += len; #if 0 memcpy(esd.kernel_vsyscall, linux32_kernel_vsyscall, sizeof(linux32_kernel_vsyscall)); memcpy(&esd.elfhdr, eh, sizeof(*eh)); strcpy(esd.hw_platform, LINUX32_PLATFORM); /* * Copy out the ELF auxiliary table and hw platform name */ if ((error = copyout(&esd, esdp, sizeof(esd))) != 0) return error; *stackp += sizeof(esd); #endif len = (a - ai) * sizeof(Aux32Info); KASSERT(len <= LINUX32_ELF_AUX_ENTRIES * sizeof(Aux32Info)); if ((error = copyout(ai, *stackp, len)) != 0) return error; *stackp += len; return 0; }
int sys_semget(struct lwp *l, const struct sys_semget_args *uap, register_t *retval) { /* { syscallarg(key_t) key; syscallarg(int) nsems; syscallarg(int) semflg; } */ int semid, error = 0; int key = SCARG(uap, key); int nsems = SCARG(uap, nsems); int semflg = SCARG(uap, semflg); kauth_cred_t cred = l->l_cred; SEM_PRINTF(("semget(0x%x, %d, 0%o)\n", key, nsems, semflg)); mutex_enter(&semlock); if (key != IPC_PRIVATE) { for (semid = 0; semid < seminfo.semmni; semid++) { if ((sema[semid].sem_perm.mode & SEM_ALLOC) && sema[semid].sem_perm._key == key) break; } if (semid < seminfo.semmni) { SEM_PRINTF(("found public key\n")); if ((error = ipcperm(cred, &sema[semid].sem_perm, semflg & 0700))) goto out; if (nsems > 0 && sema[semid].sem_nsems < nsems) { SEM_PRINTF(("too small\n")); error = EINVAL; goto out; } if ((semflg & IPC_CREAT) && (semflg & IPC_EXCL)) { SEM_PRINTF(("not exclusive\n")); error = EEXIST; goto out; } goto found; } } SEM_PRINTF(("need to allocate the semid_ds\n")); if (key == IPC_PRIVATE || (semflg & IPC_CREAT)) { if (nsems <= 0 || nsems > seminfo.semmsl) { SEM_PRINTF(("nsems out of range (0<%d<=%d)\n", nsems, seminfo.semmsl)); error = EINVAL; goto out; } if (nsems > seminfo.semmns - semtot) { SEM_PRINTF(("not enough semaphores left " "(need %d, got %d)\n", nsems, seminfo.semmns - semtot)); error = ENOSPC; goto out; } for (semid = 0; semid < seminfo.semmni; semid++) { if ((sema[semid].sem_perm.mode & SEM_ALLOC) == 0) break; } if (semid == seminfo.semmni) { SEM_PRINTF(("no more semid_ds's available\n")); error = ENOSPC; goto out; } SEM_PRINTF(("semid %d is available\n", semid)); sema[semid].sem_perm._key = key; sema[semid].sem_perm.cuid = kauth_cred_geteuid(cred); sema[semid].sem_perm.uid = kauth_cred_geteuid(cred); sema[semid].sem_perm.cgid = kauth_cred_getegid(cred); sema[semid].sem_perm.gid = kauth_cred_getegid(cred); sema[semid].sem_perm.mode = (semflg & 0777) | SEM_ALLOC; sema[semid].sem_perm._seq = (sema[semid].sem_perm._seq + 1) & 0x7fff; sema[semid].sem_nsems = nsems; sema[semid].sem_otime = 0; sema[semid].sem_ctime = time_second; sema[semid]._sem_base = &sem[semtot]; semtot += nsems; memset(sema[semid]._sem_base, 0, sizeof(sema[semid]._sem_base[0]) * nsems); SEM_PRINTF(("sembase = %p, next = %p\n", sema[semid]._sem_base, &sem[semtot])); } else { SEM_PRINTF(("didn't find it and wasn't asked to create it\n")); error = ENOENT; goto out; } found: *retval = IXSEQ_TO_IPCID(semid, sema[semid].sem_perm); out: mutex_exit(&semlock); return (error); }
int semctl1(struct lwp *l, int semid, int semnum, int cmd, void *v, register_t *retval) { kauth_cred_t cred = l->l_cred; union __semun *arg = v; struct semid_ds *sembuf = v, *semaptr; int i, error, ix; SEM_PRINTF(("call to semctl(%d, %d, %d, %p)\n", semid, semnum, cmd, v)); mutex_enter(&semlock); ix = IPCID_TO_IX(semid); if (ix < 0 || ix >= seminfo.semmni) { mutex_exit(&semlock); return (EINVAL); } semaptr = &sema[ix]; if ((semaptr->sem_perm.mode & SEM_ALLOC) == 0 || semaptr->sem_perm._seq != IPCID_TO_SEQ(semid)) { mutex_exit(&semlock); return (EINVAL); } switch (cmd) { case IPC_RMID: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_M)) != 0) break; semaptr->sem_perm.cuid = kauth_cred_geteuid(cred); semaptr->sem_perm.uid = kauth_cred_geteuid(cred); semtot -= semaptr->sem_nsems; for (i = semaptr->_sem_base - sem; i < semtot; i++) sem[i] = sem[i + semaptr->sem_nsems]; for (i = 0; i < seminfo.semmni; i++) { if ((sema[i].sem_perm.mode & SEM_ALLOC) && sema[i]._sem_base > semaptr->_sem_base) sema[i]._sem_base -= semaptr->sem_nsems; } semaptr->sem_perm.mode = 0; semundo_clear(ix, -1); cv_broadcast(&semcv[ix]); break; case IPC_SET: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_M))) break; KASSERT(sembuf != NULL); semaptr->sem_perm.uid = sembuf->sem_perm.uid; semaptr->sem_perm.gid = sembuf->sem_perm.gid; semaptr->sem_perm.mode = (semaptr->sem_perm.mode & ~0777) | (sembuf->sem_perm.mode & 0777); semaptr->sem_ctime = time_second; break; case IPC_STAT: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R))) break; KASSERT(sembuf != NULL); memcpy(sembuf, semaptr, sizeof(struct semid_ds)); sembuf->sem_perm.mode &= 0777; break; case GETNCNT: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R))) break; if (semnum < 0 || semnum >= semaptr->sem_nsems) { error = EINVAL; break; } *retval = semaptr->_sem_base[semnum].semncnt; break; case GETPID: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R))) break; if (semnum < 0 || semnum >= semaptr->sem_nsems) { error = EINVAL; break; } *retval = semaptr->_sem_base[semnum].sempid; break; case GETVAL: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R))) break; if (semnum < 0 || semnum >= semaptr->sem_nsems) { error = EINVAL; break; } *retval = semaptr->_sem_base[semnum].semval; break; case GETALL: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R))) break; KASSERT(arg != NULL); for (i = 0; i < semaptr->sem_nsems; i++) { error = copyout(&semaptr->_sem_base[i].semval, &arg->array[i], sizeof(arg->array[i])); if (error != 0) break; } break; case GETZCNT: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R))) break; if (semnum < 0 || semnum >= semaptr->sem_nsems) { error = EINVAL; break; } *retval = semaptr->_sem_base[semnum].semzcnt; break; case SETVAL: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_W))) break; if (semnum < 0 || semnum >= semaptr->sem_nsems) { error = EINVAL; break; } KASSERT(arg != NULL); if ((unsigned int)arg->val > seminfo.semvmx) { error = ERANGE; break; } semaptr->_sem_base[semnum].semval = arg->val; semundo_clear(ix, semnum); cv_broadcast(&semcv[ix]); break; case SETALL: if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_W))) break; KASSERT(arg != NULL); for (i = 0; i < semaptr->sem_nsems; i++) { unsigned short semval; error = copyin(&arg->array[i], &semval, sizeof(arg->array[i])); if (error != 0) break; if ((unsigned int)semval > seminfo.semvmx) { error = ERANGE; break; } semaptr->_sem_base[i].semval = semval; } semundo_clear(ix, -1); cv_broadcast(&semcv[ix]); break; default: error = EINVAL; break; } mutex_exit(&semlock); return (error); }
/*ARGSUSED*/ void trap(struct frame *fp, int type, unsigned code, unsigned v) { extern char fubail[], subail[]; struct lwp *l; struct proc *p; struct pcb *pcb; void *onfault; ksiginfo_t ksi; int s; int rv; u_quad_t sticks = 0 /* XXX initialiser works around compiler bug */; static int panicking __diagused; curcpu()->ci_data.cpu_ntrap++; l = curlwp; p = l->l_proc; pcb = lwp_getpcb(l); KSI_INIT_TRAP(&ksi); ksi.ksi_trap = type & ~T_USER; if (USERMODE(fp->f_sr)) { type |= T_USER; sticks = p->p_sticks; l->l_md.md_regs = fp->f_regs; LWP_CACHE_CREDS(l, p); } switch (type) { default: dopanic: /* * Let the kernel debugger see the trap frame that * caused us to panic. This is a convenience so * one can see registers at the point of failure. */ s = splhigh(); panicking = 1; printf("trap type %d, code = 0x%x, v = 0x%x\n", type, code, v); printf("%s program counter = 0x%x\n", (type & T_USER) ? "user" : "kernel", fp->f_pc); #ifdef KGDB /* If connected, step or cont returns 1 */ if (kgdb_trap(type, (db_regs_t *)fp)) goto kgdb_cont; #endif #ifdef DDB (void)kdb_trap(type, (db_regs_t *)fp); #endif #ifdef KGDB kgdb_cont: #endif splx(s); if (panicstr) { printf("trap during panic!\n"); #ifdef DEBUG /* XXX should be a machine-dependent hook */ printf("(press a key)\n"); (void)cngetc(); #endif } regdump((struct trapframe *)fp, 128); type &= ~T_USER; if ((u_int)type < trap_types) panic(trap_type[type]); panic("trap"); case T_BUSERR: /* kernel bus error */ onfault = pcb->pcb_onfault; if (onfault == NULL) goto dopanic; rv = EFAULT; /* FALLTHROUGH */ copyfault: /* * If we have arranged to catch this fault in any of the * copy to/from user space routines, set PC to return to * indicated location and set flag informing buserror code * that it may need to clean up stack frame. */ fp->f_stackadj = exframesize[fp->f_format]; fp->f_format = fp->f_vector = 0; fp->f_pc = (int)onfault; fp->f_regs[D0] = rv; return; case T_BUSERR|T_USER: /* bus error */ case T_ADDRERR|T_USER: /* address error */ ksi.ksi_addr = (void *)v; ksi.ksi_signo = SIGBUS; ksi.ksi_code = (type == (T_BUSERR|T_USER)) ? BUS_OBJERR : BUS_ADRERR; break; case T_COPERR: /* kernel coprocessor violation */ case T_FMTERR|T_USER: /* do all RTE errors come in as T_USER? */ case T_FMTERR: /* ...just in case... */ /* * The user has most likely trashed the RTE or FP state info * in the stack frame of a signal handler. */ printf("pid %d: kernel %s exception\n", p->p_pid, type==T_COPERR ? "coprocessor" : "format"); type |= T_USER; mutex_enter(p->p_lock); SIGACTION(p, SIGILL).sa_handler = SIG_DFL; sigdelset(&p->p_sigctx.ps_sigignore, SIGILL); sigdelset(&p->p_sigctx.ps_sigcatch, SIGILL); sigdelset(&l->l_sigmask, SIGILL); mutex_exit(p->p_lock); ksi.ksi_signo = SIGILL; ksi.ksi_addr = (void *)(int)fp->f_format; /* XXX was ILL_RESAD_FAULT */ ksi.ksi_code = (type == T_COPERR) ? ILL_COPROC : ILL_ILLOPC; break; case T_COPERR|T_USER: /* user coprocessor violation */ /* What is a proper response here? */ ksi.ksi_signo = SIGFPE; ksi.ksi_code = FPE_FLTINV; break; case T_FPERR|T_USER: /* 68881 exceptions */ /* * We pass along the 68881 status register which locore stashed * in code for us. */ ksi.ksi_signo = SIGFPE; ksi.ksi_code = fpsr2siginfocode(code); break; #ifdef M68040 case T_FPEMULI|T_USER: /* unimplemented FP instruction */ case T_FPEMULD|T_USER: /* unimplemented FP data type */ /* XXX need to FSAVE */ printf("pid %d(%s): unimplemented FP %s at %x (EA %x)\n", p->p_pid, p->p_comm, fp->f_format == 2 ? "instruction" : "data type", fp->f_pc, fp->f_fmt2.f_iaddr); /* XXX need to FRESTORE */ ksi.ksi_signo = SIGFPE; ksi.ksi_code = FPE_FLTINV; break; #endif case T_ILLINST|T_USER: /* illegal instruction fault */ case T_PRIVINST|T_USER: /* privileged instruction fault */ ksi.ksi_addr = (void *)(int)fp->f_format; /* XXX was ILL_PRIVIN_FAULT */ ksi.ksi_signo = SIGILL; ksi.ksi_code = (type == (T_PRIVINST|T_USER)) ? ILL_PRVOPC : ILL_ILLOPC; break; case T_ZERODIV|T_USER: /* Divide by zero */ ksi.ksi_addr = (void *)(int)fp->f_format; /* XXX was FPE_INTDIV_TRAP */ ksi.ksi_signo = SIGFPE; ksi.ksi_code = FPE_FLTDIV; break; case T_CHKINST|T_USER: /* CHK instruction trap */ ksi.ksi_addr = (void *)(int)fp->f_format; /* XXX was FPE_SUBRNG_TRAP */ ksi.ksi_signo = SIGFPE; break; case T_TRAPVINST|T_USER: /* TRAPV instruction trap */ ksi.ksi_addr = (void *)(int)fp->f_format; /* XXX was FPE_INTOVF_TRAP */ ksi.ksi_signo = SIGFPE; break; /* * XXX: Trace traps are a nightmare. * * HP-UX uses trap #1 for breakpoints, * NetBSD/m68k uses trap #2, * SUN 3.x uses trap #15, * DDB and KGDB uses trap #15 (for kernel breakpoints; * handled elsewhere). * * NetBSD and HP-UX traps both get mapped by locore.s into T_TRACE. * SUN 3.x traps get passed through as T_TRAP15 and are not really * supported yet. * * XXX: We should never get kernel-mode T_TRAP15 * XXX: because locore.s now gives them special treatment. */ case T_TRAP15: /* kernel breakpoint */ #ifdef DEBUG printf("unexpected kernel trace trap, type = %d\n", type); printf("program counter = 0x%x\n", fp->f_pc); #endif fp->f_sr &= ~PSL_T; return; case T_TRACE|T_USER: /* user trace trap */ #ifdef COMPAT_SUNOS /* * SunOS uses Trap #2 for a "CPU cache flush". * Just flush the on-chip caches and return. */ if (p->p_emul == &emul_sunos) { ICIA(); DCIU(); return; } #endif /* FALLTHROUGH */ case T_TRACE: /* tracing a trap instruction */ case T_TRAP15|T_USER: /* SUN user trace trap */ fp->f_sr &= ~PSL_T; ksi.ksi_signo = SIGTRAP; break; case T_ASTFLT: /* system async trap, cannot happen */ goto dopanic; case T_ASTFLT|T_USER: /* user async trap */ astpending = 0; /* * We check for software interrupts first. This is because * they are at a higher level than ASTs, and on a VAX would * interrupt the AST. We assume that if we are processing * an AST that we must be at IPL0 so we don't bother to * check. Note that we ensure that we are at least at SIR * IPL while processing the SIR. */ spl1(); /* fall into... */ case T_SSIR: /* software interrupt */ case T_SSIR|T_USER: /* * If this was not an AST trap, we are all done. */ if (type != (T_ASTFLT|T_USER)) { curcpu()->ci_data.cpu_ntrap--; return; } spl0(); if (l->l_pflag & LP_OWEUPC) { l->l_pflag &= ~LP_OWEUPC; ADDUPROF(l); } if (curcpu()->ci_want_resched) preempt(); goto out; case T_MMUFLT: /* kernel mode page fault */ /* * If we were doing profiling ticks or other user mode * stuff from interrupt code, Just Say No. */ onfault = pcb->pcb_onfault; if (onfault == fubail || onfault == subail) { rv = EFAULT; goto copyfault; } /* fall into ... */ case T_MMUFLT|T_USER: /* page fault */ { vaddr_t va; struct vmspace *vm = p->p_vmspace; struct vm_map *map; vm_prot_t ftype; extern struct vm_map *kernel_map; onfault = pcb->pcb_onfault; #ifdef DEBUG if ((mmudebug & MDB_WBFOLLOW) || MDB_ISPID(p->p_pid)) printf("trap: T_MMUFLT pid=%d, code=%x, v=%x, pc=%x, sr=%x\n", p->p_pid, code, v, fp->f_pc, fp->f_sr); #endif /* * It is only a kernel address space fault iff: * 1. (type & T_USER) == 0 and * 2. pcb_onfault not set or * 3. pcb_onfault set but supervisor space data fault * The last can occur during an exec() copyin where the * argument space is lazy-allocated. */ if ((type & T_USER) == 0 && (onfault == NULL || KDFAULT(code))) map = kernel_map; else { map = vm ? &vm->vm_map : kernel_map; } if (WRFAULT(code)) ftype = VM_PROT_WRITE; else ftype = VM_PROT_READ; va = trunc_page((vaddr_t)v); if (map == kernel_map && va == 0) { printf("trap: bad kernel %s access at 0x%x\n", (ftype & VM_PROT_WRITE) ? "read/write" : "read", v); goto dopanic; } #ifdef DIAGNOSTIC if (interrupt_depth && !panicking) { printf("trap: calling uvm_fault() from interrupt!\n"); goto dopanic; } #endif pcb->pcb_onfault = NULL; rv = uvm_fault(map, va, ftype); pcb->pcb_onfault = onfault; #ifdef DEBUG if (rv && MDB_ISPID(p->p_pid)) printf("uvm_fault(%p, 0x%lx, 0x%x) -> 0x%x\n", map, va, ftype, rv); #endif /* * If this was a stack access we keep track of the maximum * accessed stack size. Also, if vm_fault gets a protection * failure it is due to accessing the stack region outside * the current limit and we need to reflect that as an access * error. */ if (rv == 0) { if (map != kernel_map && (void *)va >= vm->vm_maxsaddr) uvm_grow(p, va); if (type == T_MMUFLT) { if (ucas_ras_check(&fp->F_t)) { return; } #ifdef M68040 if (cputype == CPU_68040) (void) writeback(fp, 1); #endif return; } goto out; } if (rv == EACCES) { ksi.ksi_code = SEGV_ACCERR; rv = EFAULT; } else ksi.ksi_code = SEGV_MAPERR; if (type == T_MMUFLT) { if (onfault) goto copyfault; printf("uvm_fault(%p, 0x%lx, 0x%x) -> 0x%x\n", map, va, ftype, rv); printf(" type %x, code [mmu,,ssw]: %x\n", type, code); goto dopanic; } ksi.ksi_addr = (void *)v; switch (rv) { case ENOMEM: printf("UVM: pid %d (%s), uid %d killed: out of swap\n", p->p_pid, p->p_comm, l->l_cred ? kauth_cred_geteuid(l->l_cred) : -1); ksi.ksi_signo = SIGKILL; break; case EINVAL: ksi.ksi_signo = SIGBUS; ksi.ksi_code = BUS_ADRERR; break; case EACCES: ksi.ksi_signo = SIGSEGV; ksi.ksi_code = SEGV_ACCERR; break; default: ksi.ksi_signo = SIGSEGV; ksi.ksi_code = SEGV_MAPERR; break; } break; } } trapsignal(l, &ksi); if ((type & T_USER) == 0) return; out: userret(l, fp, sticks, v, 1); }
int svr4_32_copyargs(struct lwp *l, struct exec_package *pack, struct ps_strings *arginfo, char **stackp, void *argp) { size_t len; AuxInfo ai[SVR4_32_AUX_ARGSIZ], *a, *platform=NULL, *exec=NULL; struct elf_args *ap; extern char machine_model[]; int error; if ((error = netbsd32_copyargs(l, pack, arginfo, stackp, argp)) != 0) return error; a = ai; memset(ai, 0, sizeof(ai)); /* * Push extra arguments on the stack needed by dynamically * linked binaries */ if ((ap = (struct elf_args *)pack->ep_emul_arg)) { struct proc *p = curproc; /* XXXXX */ a->a_type = AT_SUN_PLATFORM; platform = a; /* Patch this later. */ a++; a->a_type = AT_SUN_EXECNAME; exec = a; /* Patch this later. */ a++; a->a_type = AT_PHDR; a->a_v = ap->arg_phaddr; a++; a->a_type = AT_PHENT; a->a_v = ap->arg_phentsize; a++; a->a_type = AT_PHNUM; a->a_v = ap->arg_phnum; a++; a->a_type = AT_ENTRY; a->a_v = ap->arg_entry; a++; a->a_type = AT_BASE; a->a_v = ap->arg_interp; a++; if (sun_flags) { a->a_type = AT_FLAGS; a->a_v = sun_flags; a++; } a->a_type = AT_PAGESZ; a->a_v = PAGE_SIZE; a++; a->a_type = AT_EUID; a->a_v = kauth_cred_geteuid(l->l_cred); a++; a->a_type = AT_RUID; a->a_v = kauth_cred_getuid(l->l_cred); a++; a->a_type = AT_EGID; a->a_v = kauth_cred_getegid(l->l_cred); a++; a->a_type = AT_RGID; a->a_v = kauth_cred_getgid(l->l_cred); a++; if (sun_hwcap) { a->a_type = AT_SUN_HWCAP; a->a_v = sun_hwcap; a++; } exec_free_emul_arg(pack); } a->a_type = AT_NULL; a->a_v = 0; a++; len = (a - ai) * sizeof(AuxInfo); if (platform) { char *ptr = (char *)a; const char *path = NULL; /* Copy out the platform name. */ platform->a_v = (u_long)(*stackp) + len; /* XXXX extremely inefficient.... */ strcpy(ptr, machine_model); ptr += strlen(machine_model) + 1; len += strlen(machine_model) + 1; if (exec) { path = pack->ep_resolvedname; /* Copy out the file we're executing. */ exec->a_v = (u_long)(*stackp) + len; strcpy(ptr, path); len += strlen(ptr)+1; } /* Round to 32-bits */ len = (len+7)&~0x7L; } if ((error = copyout(ai, *stackp, len)) != 0) return error; *stackp += len; return error; }
int do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags) { struct proc *p = l->l_proc; kauth_cred_t cred, ncred; ncred = kauth_cred_alloc(); /* Get a write lock on the process credential. */ proc_crmod_enter(); cred = p->p_cred; /* * Check that the new value is one of the allowed existing values, * or that we have root privilege. */ if ((r != -1 && !((flags & ID_R_EQ_R) && r == kauth_cred_getuid(cred)) && !((flags & ID_R_EQ_E) && r == kauth_cred_geteuid(cred)) && !((flags & ID_R_EQ_S) && r == kauth_cred_getsvuid(cred))) || (e != -1 && !((flags & ID_E_EQ_R) && e == kauth_cred_getuid(cred)) && !((flags & ID_E_EQ_E) && e == kauth_cred_geteuid(cred)) && !((flags & ID_E_EQ_S) && e == kauth_cred_getsvuid(cred))) || (sv != -1 && !((flags & ID_S_EQ_R) && sv == kauth_cred_getuid(cred)) && !((flags & ID_S_EQ_E) && sv == kauth_cred_geteuid(cred)) && !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvuid(cred)))) { int error; error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID, p, NULL, NULL, NULL); if (error != 0) { proc_crmod_leave(cred, ncred, false); return error; } } /* If nothing has changed, short circuit the request */ if ((r == -1 || r == kauth_cred_getuid(cred)) && (e == -1 || e == kauth_cred_geteuid(cred)) && (sv == -1 || sv == kauth_cred_getsvuid(cred))) { proc_crmod_leave(cred, ncred, false); return 0; } kauth_cred_clone(cred, ncred); if (r != -1 && r != kauth_cred_getuid(ncred)) { u_long nlwps; /* Update count of processes for this user. */ (void)chgproccnt(kauth_cred_getuid(ncred), -1); (void)chgproccnt(r, 1); /* The first LWP of a process is excluded. */ KASSERT(mutex_owned(p->p_lock)); nlwps = p->p_nlwps - 1; (void)chglwpcnt(kauth_cred_getuid(ncred), -nlwps); (void)chglwpcnt(r, nlwps); kauth_cred_setuid(ncred, r); } if (sv != -1) kauth_cred_setsvuid(ncred, sv); if (e != -1) kauth_cred_seteuid(ncred, e); /* Broadcast our credentials to the process and other LWPs. */ proc_crmod_leave(ncred, cred, true); return 0; }
void trap(struct trapframe *tf) { u_int sig = 0, type = tf->tf_trap, code = 0; u_int rv, addr; bool trapsig = true; const bool usermode = USERMODE_P(tf); struct lwp * const l = curlwp; struct proc * const p = l->l_proc; struct pcb * const pcb = lwp_getpcb(l); u_quad_t oticks = 0; struct vmspace *vm; struct vm_map *map; vm_prot_t ftype; void *onfault = pcb->pcb_onfault; KASSERT(p != NULL); curcpu()->ci_data.cpu_ntrap++; if (usermode) { type |= T_USER; oticks = p->p_sticks; l->l_md.md_utf = tf; LWP_CACHE_CREDS(l, p); } type &= ~(T_WRITE|T_PTEFETCH); #ifdef TRAPDEBUG if(tf->tf_trap==7) goto fram; if(faultdebug)printf("Trap: type %lx, code %lx, pc %lx, psl %lx\n", tf->tf_trap, tf->tf_code, tf->tf_pc, tf->tf_psl); fram: #endif switch (type) { default: #ifdef DDB kdb_trap(tf); #endif panic("trap: type %x, code %x, pc %x, psl %x", (u_int)tf->tf_trap, (u_int)tf->tf_code, (u_int)tf->tf_pc, (u_int)tf->tf_psl); case T_KSPNOTVAL: panic("%d.%d (%s): KSP invalid %#x@%#x pcb %p fp %#x psl %#x)", p->p_pid, l->l_lid, l->l_name ? l->l_name : "??", mfpr(PR_KSP), (u_int)tf->tf_pc, pcb, (u_int)tf->tf_fp, (u_int)tf->tf_psl); case T_TRANSFLT|T_USER: case T_TRANSFLT: /* * BUG! BUG! BUG! BUG! BUG! * Due to a hardware bug (at in least KA65x CPUs) a double * page table fetch trap will cause a translation fault * even if access in the SPT PTE entry specifies 'no access'. * In for example section 6.4.2 in VAX Architecture * Reference Manual it states that if a page both are invalid * and have no access set, a 'access violation fault' occurs. * Therefore, we must fall through here... */ #ifdef nohwbug panic("translation fault"); #endif case T_PTELEN|T_USER: /* Page table length exceeded */ case T_ACCFLT|T_USER: if (tf->tf_code < 0) { /* Check for kernel space */ sig = SIGSEGV; code = SEGV_ACCERR; break; } case T_PTELEN: #ifndef MULTIPROCESSOR /* * If we referred to an address beyond the end of the system * page table, it may be due to a failed CAS * restartable-atomic-sequence. If it is, restart it at the * beginning and restart. */ { extern const uint8_t cas32_ras_start[], cas32_ras_end[]; if (tf->tf_code == CASMAGIC && tf->tf_pc >= (uintptr_t) cas32_ras_start && tf->tf_pc < (uintptr_t) cas32_ras_end) { tf->tf_pc = (uintptr_t) cas32_ras_start; trapsig = false; break; } } /* FALLTHROUGH */ #endif case T_ACCFLT: #ifdef TRAPDEBUG if(faultdebug)printf("trap accflt type %lx, code %lx, pc %lx, psl %lx\n", tf->tf_trap, tf->tf_code, tf->tf_pc, tf->tf_psl); #endif #ifdef DIAGNOSTIC if (p == 0) panic("trap: access fault: addr %lx code %lx", tf->tf_pc, tf->tf_code); if (tf->tf_psl & PSL_IS) panic("trap: pflt on IS"); #endif /* * Page tables are allocated in pmap_enter(). We get * info from below if it is a page table fault, but * UVM may want to map in pages without faults, so * because we must check for PTE pages anyway we don't * bother doing it here. */ addr = trunc_page(tf->tf_code); if (!usermode && (tf->tf_code < 0)) { vm = NULL; map = kernel_map; } else { vm = p->p_vmspace; map = &vm->vm_map; } if (tf->tf_trap & T_WRITE) ftype = VM_PROT_WRITE; else ftype = VM_PROT_READ; pcb->pcb_onfault = NULL; rv = uvm_fault(map, addr, ftype); pcb->pcb_onfault = onfault; if (rv != 0) { if (!usermode) { if (onfault) { pcb->pcb_onfault = NULL; tf->tf_pc = (unsigned)onfault; tf->tf_psl &= ~PSL_FPD; tf->tf_r0 = rv; return; } printf("r0=%08lx r1=%08lx r2=%08lx r3=%08lx ", tf->tf_r0, tf->tf_r1, tf->tf_r2, tf->tf_r3); printf("r4=%08lx r5=%08lx r6=%08lx r7=%08lx\n", tf->tf_r4, tf->tf_r5, tf->tf_r6, tf->tf_r7); printf( "r8=%08lx r9=%08lx r10=%08lx r11=%08lx\n", tf->tf_r8, tf->tf_r9, tf->tf_r10, tf->tf_r11); printf("ap=%08lx fp=%08lx sp=%08lx pc=%08lx\n", tf->tf_ap, tf->tf_fp, tf->tf_sp, tf->tf_pc); panic("SEGV in kernel mode: pc %#lx addr %#lx", tf->tf_pc, tf->tf_code); } switch (rv) { case ENOMEM: printf("UVM: pid %d (%s), uid %d killed: " "out of swap\n", p->p_pid, p->p_comm, l->l_cred ? kauth_cred_geteuid(l->l_cred) : -1); sig = SIGKILL; code = SI_NOINFO; break; case EINVAL: code = BUS_ADRERR; sig = SIGBUS; break; case EACCES: code = SEGV_ACCERR; sig = SIGSEGV; break; default: code = SEGV_MAPERR; sig = SIGSEGV; break; } } else { trapsig = false; if (map != kernel_map && addr > 0 && (void *)addr >= vm->vm_maxsaddr) uvm_grow(p, addr); } break; case T_BPTFLT|T_USER: sig = SIGTRAP; code = TRAP_BRKPT; break; case T_TRCTRAP|T_USER: sig = SIGTRAP; code = TRAP_TRACE; tf->tf_psl &= ~PSL_T; break; case T_PRIVINFLT|T_USER: sig = SIGILL; code = ILL_PRVOPC; break; case T_RESADFLT|T_USER: sig = SIGILL; code = ILL_ILLADR; break; case T_RESOPFLT|T_USER: sig = SIGILL; code = ILL_ILLOPC; break; case T_XFCFLT|T_USER: sig = SIGEMT; break; case T_ARITHFLT|T_USER: sig = SIGFPE; switch (tf->tf_code) { case ATRP_INTOVF: code = FPE_INTOVF; break; case ATRP_INTDIV: code = FPE_INTDIV; break; case ATRP_FLTOVF: code = FPE_FLTOVF; break; case ATRP_FLTDIV: code = FPE_FLTDIV; break; case ATRP_FLTUND: code = FPE_FLTUND; break; case ATRP_DECOVF: code = FPE_INTOVF; break; case ATRP_FLTSUB: code = FPE_FLTSUB; break; case AFLT_FLTDIV: code = FPE_FLTDIV; break; case AFLT_FLTUND: code = FPE_FLTUND; break; case AFLT_FLTOVF: code = FPE_FLTOVF; break; default: code = FPE_FLTINV; break; } break; case T_ASTFLT|T_USER: mtpr(AST_NO,PR_ASTLVL); trapsig = false; if (curcpu()->ci_want_resched) preempt(); break; #ifdef DDB case T_BPTFLT: /* Kernel breakpoint */ case T_KDBTRAP: case T_KDBTRAP|T_USER: case T_TRCTRAP: kdb_trap(tf); return; #endif } if (trapsig) { ksiginfo_t ksi; if ((sig == SIGSEGV || sig == SIGILL) && cpu_printfataltraps && (p->p_slflag & PSL_TRACED) == 0 && !sigismember(&p->p_sigctx.ps_sigcatch, sig)) printf("pid %d.%d (%s): sig %d: type %lx, code %lx, pc %lx, psl %lx\n", p->p_pid, l->l_lid, p->p_comm, sig, tf->tf_trap, tf->tf_code, tf->tf_pc, tf->tf_psl); KSI_INIT_TRAP(&ksi); ksi.ksi_signo = sig; ksi.ksi_trap = tf->tf_trap; ksi.ksi_addr = (void *)tf->tf_code; ksi.ksi_code = code; /* * Arithmetic exceptions can be of two kinds: * - traps (codes 1..7), where pc points to the * next instruction to execute. * - faults (codes 8..10), where pc points to the * faulting instruction. * In the latter case, we need to advance pc by ourselves * to prevent a signal loop. * * XXX this is gross -- miod */ if (type == (T_ARITHFLT | T_USER) && (tf->tf_code & 8)) tf->tf_pc = skip_opcode(tf->tf_pc); trapsignal(l, &ksi); } if (!usermode) return; userret(l, tf, oticks); }
int ELFNAME2(linux,copyargs)(struct lwp *l, struct exec_package *pack, struct ps_strings *arginfo, char **stackp, void *argp) { struct linux_extra_stack_data64 *esdp, esd; struct elf_args *ap; struct vattr *vap; Elf_Ehdr *eh; Elf_Phdr *ph; u_long phsize; Elf_Addr phdr = 0; int error; int i; if ((error = copyargs(l, pack, arginfo, stackp, argp)) != 0) return error; /* * Push extra arguments on the stack needed by dynamically * linked binaries and static binaries as well. */ memset(&esd, 0, sizeof(esd)); esdp = (struct linux_extra_stack_data64 *)(*stackp); ap = (struct elf_args *)pack->ep_emul_arg; vap = pack->ep_vap; eh = (Elf_Ehdr *)pack->ep_hdr; /* * We forgot this, so we need to reload it now. XXX keep track of it? */ if (ap == NULL) { phsize = eh->e_phnum * sizeof(Elf_Phdr); ph = (Elf_Phdr *)kmem_alloc(phsize, KM_SLEEP); error = exec_read_from(l, pack->ep_vp, eh->e_phoff, ph, phsize); if (error != 0) { for (i = 0; i < eh->e_phnum; i++) { if (ph[i].p_type == PT_PHDR) { phdr = ph[i].p_vaddr; break; } } } kmem_free(ph, phsize); } /* * The exec_package doesn't have a proc pointer and it's not * exactly trivial to add one since the credentials are * changing. XXX Linux uses curlwp's credentials. * Why can't we use them too? */ i = 0; esd.ai[i].a_type = LINUX_AT_HWCAP; esd.ai[i++].a_v = rcr4(); esd.ai[i].a_type = AT_PAGESZ; esd.ai[i++].a_v = PAGE_SIZE; esd.ai[i].a_type = LINUX_AT_CLKTCK; esd.ai[i++].a_v = hz; esd.ai[i].a_type = AT_PHDR; esd.ai[i++].a_v = (ap ? ap->arg_phaddr: phdr); esd.ai[i].a_type = AT_PHENT; esd.ai[i++].a_v = (ap ? ap->arg_phentsize : eh->e_phentsize); esd.ai[i].a_type = AT_PHNUM; esd.ai[i++].a_v = (ap ? ap->arg_phnum : eh->e_phnum); esd.ai[i].a_type = AT_BASE; esd.ai[i++].a_v = (ap ? ap->arg_interp : 0); esd.ai[i].a_type = AT_FLAGS; esd.ai[i++].a_v = 0; esd.ai[i].a_type = AT_ENTRY; esd.ai[i++].a_v = (ap ? ap->arg_entry : eh->e_entry); esd.ai[i].a_type = LINUX_AT_EGID; esd.ai[i++].a_v = ((vap->va_mode & S_ISGID) ? vap->va_gid : kauth_cred_getegid(l->l_cred)); esd.ai[i].a_type = LINUX_AT_GID; esd.ai[i++].a_v = kauth_cred_getgid(l->l_cred); esd.ai[i].a_type = LINUX_AT_EUID; esd.ai[i++].a_v = ((vap->va_mode & S_ISUID) ? vap->va_uid : kauth_cred_geteuid(l->l_cred)); esd.ai[i].a_type = LINUX_AT_UID; esd.ai[i++].a_v = kauth_cred_getuid(l->l_cred); esd.ai[i].a_type = LINUX_AT_SECURE; esd.ai[i++].a_v = 0; esd.ai[i].a_type = LINUX_AT_PLATFORM; esd.ai[i++].a_v = (Elf_Addr)&esdp->hw_platform[0]; esd.ai[i].a_type = AT_NULL; esd.ai[i++].a_v = 0; #ifdef DEBUG_LINUX if (i != LINUX_ELF_AUX_ENTRIES) { printf("linux_elf64_copyargs: %d Aux entries\n", i); return EINVAL; } #endif strcpy(esd.hw_platform, LINUX_PLATFORM); exec_free_emul_arg(pack); /* * Copy out the ELF auxiliary table and hw platform name */ if ((error = copyout(&esd, esdp, sizeof(esd))) != 0) return error; *stackp += sizeof(esd); return 0; }
/*ARGSUSED*/ int ptyfs_setattr(void *v) { struct vop_setattr_args /* { struct vnodeop_desc *a_desc; struct vnode *a_vp; struct vattr *a_vap; kauth_cred_t a_cred; } */ *ap = v; struct vnode *vp = ap->a_vp; struct ptyfsnode *ptyfs = VTOPTYFS(vp); struct vattr *vap = ap->a_vap; kauth_cred_t cred = ap->a_cred; struct lwp *l = curlwp; int error; if (vap->va_size != VNOVAL) { switch (ptyfs->ptyfs_type) { case PTYFSroot: return EISDIR; case PTYFSpts: case PTYFSptc: break; default: return EINVAL; } } if (vap->va_flags != VNOVAL) { if (vp->v_mount->mnt_flag & MNT_RDONLY) return EROFS; if (kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid && (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL)) != 0) return error; /* Immutable and append-only flags are not supported on ptyfs. */ if (vap->va_flags & (IMMUTABLE | APPEND)) return EINVAL; if (kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL) == 0) { /* Snapshot flag cannot be set or cleared */ if ((vap->va_flags & SF_SNAPSHOT) != (ptyfs->ptyfs_flags & SF_SNAPSHOT)) return EPERM; ptyfs->ptyfs_flags = vap->va_flags; } else { if ((ptyfs->ptyfs_flags & SF_SETTABLE) != (vap->va_flags & SF_SETTABLE)) return EPERM; ptyfs->ptyfs_flags &= SF_SETTABLE; ptyfs->ptyfs_flags |= (vap->va_flags & UF_SETTABLE); } ptyfs->ptyfs_flag |= PTYFS_CHANGE; } /* * Go through the fields and update iff not VNOVAL. */ if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { if (vp->v_mount->mnt_flag & MNT_RDONLY) return EROFS; if (ptyfs->ptyfs_type == PTYFSroot) return EPERM; error = ptyfs_chown(vp, vap->va_uid, vap->va_gid, cred, l); if (error) return error; } if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL || vap->va_birthtime.tv_sec != VNOVAL) { if (vp->v_mount->mnt_flag & MNT_RDONLY) return EROFS; if ((ptyfs->ptyfs_flags & SF_SNAPSHOT) != 0) return EPERM; if (kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid && (error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL)) && ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || (error = VOP_ACCESS(vp, VWRITE, cred)) != 0)) return (error); if (vap->va_atime.tv_sec != VNOVAL) if (!(vp->v_mount->mnt_flag & MNT_NOATIME)) ptyfs->ptyfs_flag |= PTYFS_ACCESS; if (vap->va_mtime.tv_sec != VNOVAL) ptyfs->ptyfs_flag |= PTYFS_CHANGE | PTYFS_MODIFY; if (vap->va_birthtime.tv_sec != VNOVAL) ptyfs->ptyfs_birthtime = vap->va_birthtime; ptyfs->ptyfs_flag |= PTYFS_CHANGE; error = ptyfs_update(vp, &vap->va_atime, &vap->va_mtime, 0); if (error) return error; } if (vap->va_mode != (mode_t)VNOVAL) { if (vp->v_mount->mnt_flag & MNT_RDONLY) return EROFS; if (ptyfs->ptyfs_type == PTYFSroot) return EPERM; if ((ptyfs->ptyfs_flags & SF_SNAPSHOT) != 0 && (vap->va_mode & (S_IXUSR|S_IWUSR|S_IXGRP|S_IWGRP|S_IXOTH|S_IWOTH))) return EPERM; error = ptyfs_chmod(vp, vap->va_mode, cred, l); if (error) return error; } VN_KNOTE(vp, NOTE_ATTRIB); return 0; }