static int
sysvipc_listener_cb(kauth_cred_t cred, kauth_action_t action, void *cookie,
void *arg0, void *arg1, void *arg2, void *arg3)
{
mode_t mask;
int ismember = 0;
struct ipc_perm *perm;
int mode;
enum kauth_system_req req;
req = (enum kauth_system_req)arg0;
if (!(action == KAUTH_SYSTEM_SYSVIPC &&
req == KAUTH_REQ_SYSTEM_SYSVIPC_BYPASS))
return KAUTH_RESULT_DEFER;
perm = arg1;
mode = (int)(uintptr_t)arg2;
if (mode == IPC_M) {
if (kauth_cred_geteuid(cred) == perm->uid ||
kauth_cred_geteuid(cred) == perm->cuid)
return (KAUTH_RESULT_ALLOW);
return (KAUTH_RESULT_DEFER); /* EPERM */
}
mask = 0;
if (kauth_cred_geteuid(cred) == perm->uid ||
kauth_cred_geteuid(cred) == perm->cuid) {
if (mode & IPC_R)
mask |= S_IRUSR;
if (mode & IPC_W)
mask |= S_IWUSR;
return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */);
}
if (kauth_cred_getegid(cred) == perm->gid ||
(kauth_cred_ismember_gid(cred, perm->gid, &ismember) == 0 && ismember) ||
kauth_cred_getegid(cred) == perm->cgid ||
(kauth_cred_ismember_gid(cred, perm->cgid, &ismember) == 0 && ismember)) {
if (mode & IPC_R)
mask |= S_IRGRP;
if (mode & IPC_W)
mask |= S_IWGRP;
return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */);
}
if (mode & IPC_R)
mask |= S_IROTH;
if (mode & IPC_W)
mask |= S_IWOTH;
return ((perm->mode & mask) == mask ? KAUTH_RESULT_ALLOW : KAUTH_RESULT_DEFER /* EACCES */);
}
/*
* Check for a valid change to a users allocation.
* Issue an error message if appropriate.
*/
static int
chkiqchg(struct inode *ip, int32_t change, kauth_cred_t cred, int type)
{
struct dquot *dq = ip->i_dquot[type];
long ncurinodes = dq->dq_curinodes + change;
KASSERT(mutex_owned(&dq->dq_interlock));
/*
* If user would exceed their hard limit, disallow inode allocation.
*/
if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) {
if ((dq->dq_flags & DQ_WARN(QL_FILE)) == 0 &&
ip->i_uid == kauth_cred_geteuid(cred)) {
uprintf("\n%s: write failed, %s inode limit reached\n",
ITOV(ip)->v_mount->mnt_stat.f_mntonname,
lfs_quotatypes[type]);
dq->dq_flags |= DQ_WARN(QL_FILE);
}
return (EDQUOT);
}
/*
* If user is over their soft limit for too long, disallow inode
* allocation. Reset time limit as they cross their soft limit.
*/
if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) {
if (dq->dq_curinodes < dq->dq_isoftlimit) {
dq->dq_itime =
time_second + ip->i_ump->umq1_itime[type];
if (ip->i_uid == kauth_cred_geteuid(cred))
uprintf("\n%s: warning, %s %s\n",
ITOV(ip)->v_mount->mnt_stat.f_mntonname,
lfs_quotatypes[type], "inode quota exceeded");
return (0);
}
if (time_second > dq->dq_itime) {
if ((dq->dq_flags & DQ_WARN(QL_FILE)) == 0 &&
ip->i_uid == kauth_cred_geteuid(cred)) {
uprintf("\n%s: write failed, %s %s\n",
ITOV(ip)->v_mount->mnt_stat.f_mntonname,
lfs_quotatypes[type],
"inode quota exceeded for too long");
dq->dq_flags |= DQ_WARN(QL_FILE);
}
return (EDQUOT);
}
}
return (0);
}
static int
tap_fops_stat(file_t *fp, struct stat *st)
{
int error = 0;
struct tap_softc *sc;
int unit = fp->f_devunit;
(void)memset(st, 0, sizeof(*st));
KERNEL_LOCK(1, NULL);
sc = device_lookup_private(&tap_cd, unit);
if (sc == NULL) {
error = ENXIO;
goto out;
}
st->st_dev = makedev(cdevsw_lookup_major(&tap_cdevsw), unit);
st->st_atimespec = sc->sc_atime;
st->st_mtimespec = sc->sc_mtime;
st->st_ctimespec = st->st_birthtimespec = sc->sc_btime;
st->st_uid = kauth_cred_geteuid(fp->f_cred);
st->st_gid = kauth_cred_getegid(fp->f_cred);
out:
KERNEL_UNLOCK_ONE(NULL);
return error;
}
/*
* Perform chown operation on inode ip;
* inode must be locked prior to call.
*/
static int
ptyfs_chown(struct vnode *vp, uid_t uid, gid_t gid, kauth_cred_t cred,
struct lwp *l)
{
struct ptyfsnode *ptyfs = VTOPTYFS(vp);
int error, ismember = 0;
if (uid == (uid_t)VNOVAL)
uid = ptyfs->ptyfs_uid;
if (gid == (gid_t)VNOVAL)
gid = ptyfs->ptyfs_gid;
/*
* If we don't own the file, are trying to change the owner
* of the file, or are not a member of the target group,
* the caller's credentials must imply super-user privilege
* or the call fails.
*/
if ((kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid || uid != ptyfs->ptyfs_uid ||
(gid != ptyfs->ptyfs_gid &&
!(kauth_cred_getegid(cred) == gid ||
(kauth_cred_ismember_gid(cred, gid, &ismember) == 0 && ismember)))) &&
((error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
NULL)) != 0))
return error;
ptyfs->ptyfs_gid = gid;
ptyfs->ptyfs_uid = uid;
return 0;
}
/* ARGSUSED */
int
sys_geteuid(struct lwp *l, const void *v, register_t *retval)
{
*retval = kauth_cred_geteuid(l->l_cred);
return (0);
}
int
sys_setreuid(struct lwp *l, const struct sys_setreuid_args *uap, register_t *retval)
{
/* {
syscallarg(uid_t) ruid;
syscallarg(uid_t) euid;
} */
kauth_cred_t cred = l->l_cred;
uid_t ruid, euid, svuid;
ruid = SCARG(uap, ruid);
euid = SCARG(uap, euid);
if (ruid == -1)
ruid = kauth_cred_getuid(cred);
if (euid == -1)
euid = kauth_cred_geteuid(cred);
/* Saved uid is set to the new euid if the ruid changed */
svuid = (ruid == kauth_cred_getuid(cred)) ? -1 : euid;
return do_setresuid(l, ruid, euid, svuid,
ID_R_EQ_R | ID_R_EQ_E |
ID_E_EQ_R | ID_E_EQ_E | ID_E_EQ_S |
ID_S_EQ_R | ID_S_EQ_E | ID_S_EQ_S);
}
int
sys__lwp_kill(struct lwp *l, const struct sys__lwp_kill_args *uap,
register_t *retval)
{
/* {
syscallarg(lwpid_t) target;
syscallarg(int) signo;
} */
struct proc *p = l->l_proc;
struct lwp *t;
ksiginfo_t ksi;
int signo = SCARG(uap, signo);
int error = 0;
if ((u_int)signo >= NSIG)
return EINVAL;
KSI_INIT(&ksi);
ksi.ksi_signo = signo;
ksi.ksi_code = SI_LWP;
ksi.ksi_pid = p->p_pid;
ksi.ksi_uid = kauth_cred_geteuid(l->l_cred);
ksi.ksi_lid = SCARG(uap, target);
mutex_enter(proc_lock);
mutex_enter(p->p_lock);
if ((t = lwp_find(p, ksi.ksi_lid)) == NULL)
error = ESRCH;
else if (signo != 0)
kpsignal2(p, &ksi);
mutex_exit(p->p_lock);
mutex_exit(proc_lock);
return error;
}
int
v7fs_symlink(void *v)
{
struct vop_symlink_v3_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
char *a_target;
} */ *a = v;
struct v7fs_node *parent_node = a->a_dvp->v_data;
struct v7fs_mount *v7fsmount = parent_node->v7fsmount;
struct v7fs_self *fs = v7fsmount->core;
struct vattr *va = a->a_vap;
kauth_cred_t cr = a->a_cnp->cn_cred;
struct componentname *cnp = a->a_cnp;
struct v7fs_fileattr attr;
v7fs_ino_t ino;
const char *from = a->a_target;
const char *to = cnp->cn_nameptr;
size_t len = strlen(from) + 1;
int error = 0;
if (len > V7FS_BSIZE) { /* limited to 512byte pathname */
DPRINTF("too long pathname.");
return ENAMETOOLONG;
}
memset(&attr, 0, sizeof(attr));
attr.uid = kauth_cred_geteuid(cr);
attr.gid = kauth_cred_getegid(cr);
attr.mode = va->va_mode | vtype_to_v7fs_mode(va->va_type);
if ((error = v7fs_file_allocate
(fs, &parent_node->inode, to, &attr, &ino))) {
return error;
}
/* Sync dirent size change. */
uvm_vnp_setsize(a->a_dvp, v7fs_inode_filesize(&parent_node->inode));
/* Get myself vnode. */
if ((error = v7fs_vget(v7fsmount->mountp, ino, a->a_vpp))) {
DPRINTF("can't get vnode.\n");
}
struct v7fs_node *newnode = (*a->a_vpp)->v_data;
struct v7fs_inode *p = &newnode->inode;
v7fs_file_symlink(fs, p, from);
uvm_vnp_setsize(*a->a_vpp, v7fs_inode_filesize(p));
newnode->update_ctime = true;
newnode->update_mtime = true;
newnode->update_atime = true;
if (error == 0)
VOP_UNLOCK(*a->a_vpp);
return error;
}
/* ARGSUSED */
int
sys_getuid_with_euid(struct lwp *l, const void *v, register_t *retval)
{
retval[0] = kauth_cred_getuid(l->l_cred);
retval[1] = kauth_cred_geteuid(l->l_cred);
return (0);
}
int
v7fs_create(void *v)
{
struct vop_create_v3_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
} */ *a = v;
struct v7fs_node *parent_node = a->a_dvp->v_data;
struct v7fs_mount *v7fsmount = parent_node->v7fsmount;
struct v7fs_self *fs = v7fsmount->core;
struct mount *mp = v7fsmount->mountp;
struct v7fs_fileattr attr;
struct vattr *va = a->a_vap;
kauth_cred_t cr = a->a_cnp->cn_cred;
v7fs_ino_t ino;
int error = 0;
DPRINTF("%s parent#%d\n", a->a_cnp->cn_nameptr,
parent_node->inode.inode_number);
KDASSERT((va->va_type == VREG) || (va->va_type == VSOCK));
memset(&attr, 0, sizeof(attr));
attr.uid = kauth_cred_geteuid(cr);
attr.gid = kauth_cred_getegid(cr);
attr.mode = va->va_mode | vtype_to_v7fs_mode (va->va_type);
attr.device = 0;
/* Allocate disk entry. and register its entry to parent directory. */
if ((error = v7fs_file_allocate(fs, &parent_node->inode,
a->a_cnp->cn_nameptr, &attr, &ino))) {
DPRINTF("v7fs_file_allocate failed.\n");
return error;
}
/* Sync dirent size change. */
uvm_vnp_setsize(a->a_dvp, v7fs_inode_filesize(&parent_node->inode));
/* Get myself vnode. */
*a->a_vpp = 0;
if ((error = v7fs_vget(mp, ino, a->a_vpp))) {
DPRINTF("v7fs_vget failed.\n");
return error;
}
/* Scheduling update time. real update by v7fs_update */
struct v7fs_node *newnode = (*a->a_vpp)->v_data;
newnode->update_ctime = true;
newnode->update_mtime = true;
newnode->update_atime = true;
DPRINTF("allocated %s->#%d\n", a->a_cnp->cn_nameptr, ino);
if (error == 0)
VOP_UNLOCK(*a->a_vpp);
return error;
}
static int
kill1(struct lwp *l, pid_t pid, ksiginfo_t *ksi, register_t *retval)
{
int error;
struct proc *p;
if ((u_int)ksi->ksi_signo >= NSIG)
return EINVAL;
if (pid != l->l_proc->p_pid) {
if (ksi->ksi_pid != l->l_proc->p_pid)
return EPERM;
if (ksi->ksi_uid != kauth_cred_geteuid(l->l_cred))
return EPERM;
switch (ksi->ksi_code) {
case SI_USER:
case SI_QUEUE:
break;
default:
return EPERM;
}
}
if (pid > 0) {
/* kill single process */
mutex_enter(proc_lock);
p = proc_find_raw(pid);
if (p == NULL || (p->p_stat != SACTIVE && p->p_stat != SSTOP)) {
mutex_exit(proc_lock);
/* IEEE Std 1003.1-2001: return success for zombies */
return p ? 0 : ESRCH;
}
mutex_enter(p->p_lock);
error = kauth_authorize_process(l->l_cred,
KAUTH_PROCESS_SIGNAL, p, KAUTH_ARG(ksi->ksi_signo),
NULL, NULL);
if (!error && ksi->ksi_signo) {
kpsignal2(p, ksi);
}
mutex_exit(p->p_lock);
mutex_exit(proc_lock);
return error;
}
switch (pid) {
case -1: /* broadcast signal */
return killpg1(l, ksi, 0, 1);
case 0: /* signal own process group */
return killpg1(l, ksi, 0, 0);
default: /* negative explicit process group */
return killpg1(l, ksi, -pid, 0);
}
/* NOTREACHED */
}
/*
* Allocate an inode in the file system.
*
* If allocating a directory, use ext2fs_dirpref to select the inode.
* If allocating in a directory, the following hierarchy is followed:
* 1) allocate the preferred inode.
* 2) allocate an inode in the same cylinder group.
* 3) quadradically rehash into other cylinder groups, until an
* available inode is located.
* If no inode preference is given the following hierarchy is used
* to allocate an inode:
* 1) allocate an inode in cylinder group 0.
* 2) quadradically rehash into other cylinder groups, until an
* available inode is located.
*/
int
ext2fs_valloc(struct vnode *pvp, int mode, kauth_cred_t cred,
struct vnode **vpp)
{
struct inode *pip;
struct m_ext2fs *fs;
struct inode *ip;
ino_t ino, ipref;
int cg, error;
*vpp = NULL;
pip = VTOI(pvp);
fs = pip->i_e2fs;
if (fs->e2fs.e2fs_ficount == 0)
goto noinodes;
if ((mode & IFMT) == IFDIR)
cg = ext2fs_dirpref(fs);
else
cg = ino_to_cg(fs, pip->i_number);
ipref = cg * fs->e2fs.e2fs_ipg + 1;
ino = (ino_t)ext2fs_hashalloc(pip, cg, (long)ipref, mode, ext2fs_nodealloccg);
if (ino == 0)
goto noinodes;
error = VFS_VGET(pvp->v_mount, ino, vpp);
if (error) {
ext2fs_vfree(pvp, ino, mode);
return (error);
}
ip = VTOI(*vpp);
if (ip->i_e2fs_mode && ip->i_e2fs_nlink != 0) {
printf("mode = 0%o, nlinks %d, inum = %llu, fs = %s\n",
ip->i_e2fs_mode, ip->i_e2fs_nlink,
(unsigned long long)ip->i_number, fs->e2fs_fsmnt);
panic("ext2fs_valloc: dup alloc");
}
memset(ip->i_din.e2fs_din, 0, sizeof(struct ext2fs_dinode));
/*
* Set up a new generation number for this inode.
*/
if (++ext2gennumber < time_second)
ext2gennumber = time_second;
ip->i_e2fs_gen = ext2gennumber;
return (0);
noinodes:
ext2fs_fserr(fs, kauth_cred_geteuid(cred), "out of inodes");
uprintf("\n%s: create/symlink failed, no inodes free\n", fs->e2fs_fsmnt);
return (ENOSPC);
}
/*
* Change the mode on a file.
* Inode must be locked before calling.
*/
static int
ptyfs_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred, struct lwp *l)
{
struct ptyfsnode *ptyfs = VTOPTYFS(vp);
int error;
if (kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid &&
(error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
NULL)) != 0)
return error;
ptyfs->ptyfs_mode &= ~ALLPERMS;
ptyfs->ptyfs_mode |= (mode & ALLPERMS);
return 0;
}
int
v7fs_mknod(void *v)
{
struct vop_mknod_v3_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
} */ *a = v;
struct componentname *cnp = a->a_cnp;
kauth_cred_t cr = cnp->cn_cred;
struct vnode *dvp = a->a_dvp;
struct vattr *va = a->a_vap;
struct v7fs_node *parent_node = dvp->v_data;
struct v7fs_mount *v7fsmount = parent_node->v7fsmount;
struct v7fs_self *fs = v7fsmount->core;
struct mount *mp = v7fsmount->mountp;
struct v7fs_fileattr attr;
v7fs_ino_t ino;
int error = 0;
DPRINTF("%s %06o %lx %d\n", cnp->cn_nameptr, va->va_mode,
(long)va->va_rdev, va->va_type);
memset(&attr, 0, sizeof(attr));
attr.uid = kauth_cred_geteuid(cr);
attr.gid = kauth_cred_getegid(cr);
attr.mode = va->va_mode | vtype_to_v7fs_mode(va->va_type);
attr.device = va->va_rdev;
if ((error = v7fs_file_allocate(fs, &parent_node->inode,
cnp->cn_nameptr, &attr, &ino)))
return error;
/* Sync dirent size change. */
uvm_vnp_setsize(dvp, v7fs_inode_filesize(&parent_node->inode));
if ((error = v7fs_vget(mp, ino, a->a_vpp))) {
DPRINTF("can't get vnode.\n");
return error;
}
struct v7fs_node *newnode = (*a->a_vpp)->v_data;
newnode->update_ctime = true;
newnode->update_mtime = true;
newnode->update_atime = true;
if (error == 0)
VOP_UNLOCK(*a->a_vpp);
return error;
}
int
sysvbfs_create(void *arg)
{
struct vop_create_args /* {
struct vnode *a_dvp;
struct vnode **a_vpp;
struct componentname *a_cnp;
struct vattr *a_vap;
} */ *a = arg;
struct sysvbfs_node *bnode = a->a_dvp->v_data;
struct sysvbfs_mount *bmp = bnode->bmp;
struct bfs *bfs = bmp->bfs;
struct mount *mp = bmp->mountp;
struct bfs_dirent *dirent;
struct bfs_fileattr attr;
struct vattr *va = a->a_vap;
kauth_cred_t cr = a->a_cnp->cn_cred;
int err = 0;
DPRINTF("%s: %s\n", __func__, a->a_cnp->cn_nameptr);
KDASSERT(a->a_vap->va_type == VREG);
attr.uid = kauth_cred_geteuid(cr);
attr.gid = kauth_cred_getegid(cr);
attr.mode = va->va_mode;
if ((err = bfs_file_create(bfs, a->a_cnp->cn_nameptr, 0, 0, &attr))
!= 0) {
DPRINTF("%s: bfs_file_create failed.\n", __func__);
goto unlock_exit;
}
if (!bfs_dirent_lookup_by_name(bfs, a->a_cnp->cn_nameptr, &dirent))
panic("no dirent for created file.");
if ((err = sysvbfs_vget(mp, dirent->inode, a->a_vpp)) != 0) {
DPRINTF("%s: sysvbfs_vget failed.\n", __func__);
goto unlock_exit;
}
bnode = (*a->a_vpp)->v_data;
bnode->update_ctime = true;
bnode->update_mtime = true;
bnode->update_atime = true;
unlock_exit:
/* unlock parent directory */
vput(a->a_dvp); /* locked at sysvbfs_lookup(); */
return err;
}
static int
rnd_stat(struct file *fp, struct stat *st)
{
struct rnd_ctx *const ctx = fp->f_data;
/* XXX lock, if cprng allocated? why? */
memset(st, 0, sizeof(*st));
st->st_dev = makedev(cdevsw_lookup_major(&rnd_cdevsw),
(ctx->rc_hard? RND_DEV_RANDOM : RND_DEV_URANDOM));
/* XXX leave atimespect, mtimespec, ctimespec = 0? */
st->st_uid = kauth_cred_geteuid(fp->f_cred);
st->st_gid = kauth_cred_getegid(fp->f_cred);
st->st_mode = S_IFCHR;
return 0;
}
int
sys_kill(struct lwp *l, const struct sys_kill_args *uap, register_t *retval)
{
/* {
syscallarg(pid_t) pid;
syscallarg(int) signum;
} */
ksiginfo_t ksi;
KSI_INIT(&ksi);
ksi.ksi_signo = SCARG(uap, signum);
ksi.ksi_code = SI_USER;
ksi.ksi_pid = l->l_proc->p_pid;
ksi.ksi_uid = kauth_cred_geteuid(l->l_cred);
return kill1(l, SCARG(uap, pid), &ksi, retval);
}
static int
linux_do_tkill(struct lwp *l, int tgid, int tid, int signum)
{
struct proc *p;
struct lwp *t;
ksiginfo_t ksi;
int error;
if (signum < 0 || signum >= LINUX__NSIG)
return EINVAL;
signum = linux_to_native_signo[signum];
if (tgid == -1) {
tgid = tid;
}
KSI_INIT(&ksi);
ksi.ksi_signo = signum;
ksi.ksi_code = SI_LWP;
ksi.ksi_pid = l->l_proc->p_pid;
ksi.ksi_uid = kauth_cred_geteuid(l->l_cred);
ksi.ksi_lid = tid;
mutex_enter(proc_lock);
p = proc_find(tgid);
if (p == NULL) {
mutex_exit(proc_lock);
return ESRCH;
}
mutex_enter(p->p_lock);
error = kauth_authorize_process(l->l_cred,
KAUTH_PROCESS_SIGNAL, p, KAUTH_ARG(signum), NULL, NULL);
if ((t = lwp_find(p, ksi.ksi_lid)) == NULL)
error = ESRCH;
else if (signum != 0)
kpsignal2(p, &ksi);
mutex_exit(p->p_lock);
mutex_exit(proc_lock);
return error;
}
/*
* Allocate a block in the file system.
*
* A preference may be optionally specified. If a preference is given
* the following hierarchy is used to allocate a block:
* 1) allocate the requested block.
* 2) allocate a rotationally optimal block in the same cylinder.
* 3) allocate a block in the same cylinder group.
* 4) quadradically rehash into other cylinder groups, until an
* available block is located.
* If no block preference is given the following hierarchy is used
* to allocate a block:
* 1) allocate a block in the cylinder group that contains the
* inode for the file.
* 2) quadradically rehash into other cylinder groups, until an
* available block is located.
*/
int
ext2fs_alloc(struct inode *ip, daddr_t lbn, daddr_t bpref,
kauth_cred_t cred, daddr_t *bnp)
{
struct m_ext2fs *fs;
daddr_t bno;
int cg;
*bnp = 0;
fs = ip->i_e2fs;
#ifdef DIAGNOSTIC
if (cred == NOCRED)
panic("ext2fs_alloc: missing credential");
#endif /* DIAGNOSTIC */
if (fs->e2fs.e2fs_fbcount == 0)
goto nospace;
if (kauth_authorize_system(cred, KAUTH_SYSTEM_FS_RESERVEDSPACE, 0, NULL,
NULL, NULL) != 0 &&
freespace(fs) <= 0)
goto nospace;
if (bpref >= fs->e2fs.e2fs_bcount)
bpref = 0;
if (bpref == 0)
cg = ino_to_cg(fs, ip->i_number);
else
cg = dtog(fs, bpref);
bno = (daddr_t)ext2fs_hashalloc(ip, cg, bpref, fs->e2fs_bsize,
ext2fs_alloccg);
if (bno > 0) {
ip->i_e2fs_nblock += btodb(fs->e2fs_bsize);
ip->i_flag |= IN_CHANGE | IN_UPDATE;
*bnp = bno;
return (0);
}
nospace:
ext2fs_fserr(fs, kauth_cred_geteuid(cred), "file system full");
uprintf("\n%s: write failed, file system is full\n", fs->e2fs_fsmnt);
return (ENOSPC);
}
struct mbuf *
compat_70_unp_addsockcred(struct lwp *l, struct mbuf *control)
{
struct sockcred70 *sc;
struct mbuf *m;
void *p;
m = sbcreatecontrol1(&p, SOCKCRED70SIZE(kauth_cred_ngroups(l->l_cred)),
SCM_OCREDS, SOL_SOCKET, M_WAITOK);
if (m == NULL)
return control;
sc = p;
sc->sc_uid = kauth_cred_getuid(l->l_cred);
sc->sc_euid = kauth_cred_geteuid(l->l_cred);
sc->sc_gid = kauth_cred_getgid(l->l_cred);
sc->sc_egid = kauth_cred_getegid(l->l_cred);
sc->sc_ngroups = kauth_cred_ngroups(l->l_cred);
for (int i = 0; i < sc->sc_ngroups; i++)
sc->sc_groups[i] = kauth_cred_group(l->l_cred, i);
return m_add(control, m);
}
/*
* trap(frame): exception, fault, and trap interface to BSD kernel.
*
* This common code is called from assembly language IDT gate entry routines
* that prepare a suitable stack frame, and restore this frame after the
* exception has been processed. Note that the effect is as if the arguments
* were passed call by reference.
*/
void
trap(struct trapframe *frame)
{
struct lwp *l = curlwp;
struct proc *p;
struct pcb *pcb;
extern char fusubail[], kcopy_fault[], return_address_fault[],
IDTVEC(osyscall)[];
struct trapframe *vframe;
ksiginfo_t ksi;
void *onfault;
int type, error;
uint32_t cr2;
bool pfail;
if (__predict_true(l != NULL)) {
pcb = lwp_getpcb(l);
p = l->l_proc;
} else {
/*
* this can happen eg. on break points in early on boot.
*/
pcb = NULL;
p = NULL;
}
type = frame->tf_trapno;
#ifdef DEBUG
if (trapdebug) {
trap_print(frame, l);
}
#endif
if (type != T_NMI &&
!KERNELMODE(frame->tf_cs, frame->tf_eflags)) {
type |= T_USER;
l->l_md.md_regs = frame;
pcb->pcb_cr2 = 0;
LWP_CACHE_CREDS(l, p);
}
#ifdef KDTRACE_HOOKS
/*
* A trap can occur while DTrace executes a probe. Before
* executing the probe, DTrace blocks re-scheduling and sets
* a flag in its per-cpu flags to indicate that it doesn't
* want to fault. On returning from the the probe, the no-fault
* flag is cleared and finally re-scheduling is enabled.
*
* If the DTrace kernel module has registered a trap handler,
* call it and if it returns non-zero, assume that it has
* handled the trap and modified the trap frame so that this
* function can return normally.
*/
if ((type == T_PROTFLT || type == T_PAGEFLT) &&
dtrace_trap_func != NULL) {
if ((*dtrace_trap_func)(frame, type)) {
return;
}
}
#endif
switch (type) {
case T_ASTFLT:
/*FALLTHROUGH*/
default:
we_re_toast:
if (type == T_TRCTRAP)
check_dr0();
else
trap_print(frame, l);
if (kdb_trap(type, 0, frame))
return;
if (kgdb_trap(type, frame))
return;
/*
* If this is a breakpoint, don't panic if we're not connected.
*/
if (type == T_BPTFLT && kgdb_disconnected()) {
printf("kgdb: ignored %s\n", trap_type[type]);
return;
}
panic("trap");
/*NOTREACHED*/
case T_PROTFLT:
case T_SEGNPFLT:
case T_ALIGNFLT:
case T_TSSFLT:
if (p == NULL)
goto we_re_toast;
/* Check for copyin/copyout fault. */
onfault = onfault_handler(pcb, frame);
if (onfault != NULL) {
copyefault:
error = EFAULT;
copyfault:
frame->tf_eip = (uintptr_t)onfault;
frame->tf_eax = error;
return;
}
/*
* Check for failure during return to user mode.
* This can happen loading invalid values into the segment
* registers, or during the 'iret' itself.
*
* We do this by looking at the instruction we faulted on.
* The specific instructions we recognize only happen when
* returning from a trap, syscall, or interrupt.
*/
kernelfault:
KSI_INIT_TRAP(&ksi);
ksi.ksi_signo = SIGSEGV;
ksi.ksi_code = SEGV_ACCERR;
ksi.ksi_trap = type;
switch (*(u_char *)frame->tf_eip) {
case 0xcf: /* iret */
/*
* The 'iret' instruction faulted, so we have the
* 'user' registers saved after the kernel %eip:%cs:%fl
* of the 'iret' and below that the user %eip:%cs:%fl
* the 'iret' was processing.
* We must delete the 3 words of kernel return address
* from the stack to generate a normal stack frame
* (eg for sending a SIGSEGV).
*/
vframe = (void *)((int *)frame + 3);
if (KERNELMODE(vframe->tf_cs, vframe->tf_eflags))
goto we_re_toast;
memmove(vframe, frame,
offsetof(struct trapframe, tf_eip));
/* Set the faulting address to the user %eip */
ksi.ksi_addr = (void *)vframe->tf_eip;
break;
case 0x8e:
switch (*(uint32_t *)frame->tf_eip) {
case 0x8e242c8e: /* mov (%esp,%gs), then */
case 0x0424648e: /* mov 0x4(%esp),%fs */
case 0x0824448e: /* mov 0x8(%esp),%es */
case 0x0c245c8e: /* mov 0xc(%esp),%ds */
break;
default:
goto we_re_toast;
}
/*
* We faulted loading one if the user segment registers.
* The stack frame containing the user registers is
* still valid and is just below the %eip:%cs:%fl of
* the kernel fault frame.
*/
vframe = (void *)(&frame->tf_eflags + 1);
if (KERNELMODE(vframe->tf_cs, vframe->tf_eflags))
goto we_re_toast;
/* There is no valid address for the fault */
break;
default:
goto we_re_toast;
}
/*
* We might have faulted trying to execute the
* trampoline for a local (nested) signal handler.
* Only generate SIGSEGV if the user %cs isn't changed.
* (This is only strictly necessary in the 'iret' case.)
*/
if (!pmap_exec_fixup(&p->p_vmspace->vm_map, vframe, pcb)) {
/* Save outer frame for any signal return */
l->l_md.md_regs = vframe;
(*p->p_emul->e_trapsignal)(l, &ksi);
}
/* Return to user by reloading the user frame */
trap_return_fault_return(vframe);
/* NOTREACHED */
case T_PROTFLT|T_USER: /* protection fault */
case T_TSSFLT|T_USER:
case T_SEGNPFLT|T_USER:
case T_STKFLT|T_USER:
case T_ALIGNFLT|T_USER:
KSI_INIT_TRAP(&ksi);
ksi.ksi_addr = (void *)rcr2();
switch (type) {
case T_SEGNPFLT|T_USER:
case T_STKFLT|T_USER:
ksi.ksi_signo = SIGBUS;
ksi.ksi_code = BUS_ADRERR;
break;
case T_TSSFLT|T_USER:
ksi.ksi_signo = SIGBUS;
ksi.ksi_code = BUS_OBJERR;
break;
case T_ALIGNFLT|T_USER:
ksi.ksi_signo = SIGBUS;
ksi.ksi_code = BUS_ADRALN;
break;
case T_PROTFLT|T_USER:
#ifdef VM86
if (frame->tf_eflags & PSL_VM) {
vm86_gpfault(l, type & ~T_USER);
goto out;
}
#endif
/*
* If pmap_exec_fixup does something,
* let's retry the trap.
*/
if (pmap_exec_fixup(&p->p_vmspace->vm_map, frame, pcb)){
goto out;
}
ksi.ksi_signo = SIGSEGV;
ksi.ksi_code = SEGV_ACCERR;
break;
default:
KASSERT(0);
break;
}
goto trapsignal;
case T_PRIVINFLT|T_USER: /* privileged instruction fault */
case T_FPOPFLT|T_USER: /* coprocessor operand fault */
KSI_INIT_TRAP(&ksi);
ksi.ksi_signo = SIGILL;
ksi.ksi_addr = (void *) frame->tf_eip;
switch (type) {
case T_PRIVINFLT|T_USER:
ksi.ksi_code = ILL_PRVOPC;
break;
case T_FPOPFLT|T_USER:
ksi.ksi_code = ILL_COPROC;
break;
default:
ksi.ksi_code = 0;
break;
}
goto trapsignal;
case T_ASTFLT|T_USER:
/* Allow process switch. */
//curcpu()->ci_data.cpu_nast++;
if (l->l_pflag & LP_OWEUPC) {
l->l_pflag &= ~LP_OWEUPC;
ADDUPROF(l);
}
/* Allow a forced task switch. */
if (curcpu()->ci_want_resched) {
preempt();
}
goto out;
case T_BOUND|T_USER:
case T_OFLOW|T_USER:
case T_DIVIDE|T_USER:
KSI_INIT_TRAP(&ksi);
ksi.ksi_signo = SIGFPE;
ksi.ksi_addr = (void *)frame->tf_eip;
switch (type) {
case T_BOUND|T_USER:
ksi.ksi_code = FPE_FLTSUB;
break;
case T_OFLOW|T_USER:
ksi.ksi_code = FPE_INTOVF;
break;
case T_DIVIDE|T_USER:
ksi.ksi_code = FPE_INTDIV;
break;
default:
ksi.ksi_code = 0;
break;
}
goto trapsignal;
case T_PAGEFLT:
/* Allow page faults in kernel mode. */
if (__predict_false(l == NULL))
goto we_re_toast;
/*
* fusubail is used by [fs]uswintr() to prevent page faulting
* from inside the profiling interrupt.
*/
onfault = pcb->pcb_onfault;
if (onfault == fusubail || onfault == return_address_fault) {
goto copyefault;
}
if (cpu_intr_p() || (l->l_pflag & LP_INTR) != 0) {
goto we_re_toast;
}
cr2 = rcr2();
goto faultcommon;
case T_PAGEFLT|T_USER: { /* page fault */
register vaddr_t va;
register struct vmspace *vm;
register struct vm_map *map;
vm_prot_t ftype;
extern struct vm_map *kernel_map;
cr2 = rcr2();
faultcommon:
vm = p->p_vmspace;
if (__predict_false(vm == NULL)) {
goto we_re_toast;
}
pcb->pcb_cr2 = cr2;
va = trunc_page((vaddr_t)cr2);
/*
* It is only a kernel address space fault iff:
* 1. (type & T_USER) == 0 and
* 2. pcb_onfault not set or
* 3. pcb_onfault set but supervisor space fault
* The last can occur during an exec() copyin where the
* argument space is lazy-allocated.
*/
if (type == T_PAGEFLT && va >= KERNBASE)
map = kernel_map;
else
map = &vm->vm_map;
if (frame->tf_err & PGEX_W)
ftype = VM_PROT_WRITE;
else if (frame->tf_err & PGEX_X)
ftype = VM_PROT_EXECUTE;
else
ftype = VM_PROT_READ;
#ifdef DIAGNOSTIC
if (map == kernel_map && va == 0) {
printf("trap: bad kernel access at %lx\n", va);
goto we_re_toast;
}
#endif
/* Fault the original page in. */
onfault = pcb->pcb_onfault;
pcb->pcb_onfault = NULL;
error = uvm_fault(map, va, ftype);
pcb->pcb_onfault = onfault;
if (error == 0) {
if (map != kernel_map && (void *)va >= vm->vm_maxsaddr)
uvm_grow(p, va);
pfail = false;
while (type == T_PAGEFLT) {
/*
* we need to switch pmap now if we're in
* the middle of copyin/out.
*
* but we don't need to do so for kcopy as
* it never touch userspace.
*/
kpreempt_disable();
if (curcpu()->ci_want_pmapload) {
onfault = onfault_handler(pcb, frame);
if (onfault != kcopy_fault) {
pmap_load();
}
}
/*
* We need to keep the pmap loaded and
* so avoid being preempted until back
* into the copy functions. Disable
* interrupts at the hardware level before
* re-enabling preemption. Interrupts
* will be re-enabled by 'iret' when
* returning back out of the trap stub.
* They'll only be re-enabled when the
* program counter is once again in
* the copy functions, and so visible
* to cpu_kpreempt_exit().
*/
#ifndef XEN
x86_disable_intr();
#endif
l->l_nopreempt--;
if (l->l_nopreempt > 0 || !l->l_dopreempt ||
pfail) {
return;
}
#ifndef XEN
x86_enable_intr();
#endif
/*
* If preemption fails for some reason,
* don't retry it. The conditions won't
* change under our nose.
*/
pfail = kpreempt(0);
}
goto out;
}
if (type == T_PAGEFLT) {
onfault = onfault_handler(pcb, frame);
if (onfault != NULL)
goto copyfault;
printf("uvm_fault(%p, %#lx, %d) -> %#x\n",
map, va, ftype, error);
goto kernelfault;
}
KSI_INIT_TRAP(&ksi);
ksi.ksi_trap = type & ~T_USER;
ksi.ksi_addr = (void *)cr2;
switch (error) {
case EINVAL:
ksi.ksi_signo = SIGBUS;
ksi.ksi_code = BUS_ADRERR;
break;
case EACCES:
ksi.ksi_signo = SIGSEGV;
ksi.ksi_code = SEGV_ACCERR;
error = EFAULT;
break;
case ENOMEM:
ksi.ksi_signo = SIGKILL;
printf("UVM: pid %d.%d (%s), uid %d killed: "
"out of swap\n", p->p_pid, l->l_lid, p->p_comm,
l->l_cred ? kauth_cred_geteuid(l->l_cred) : -1);
break;
default:
ksi.ksi_signo = SIGSEGV;
ksi.ksi_code = SEGV_MAPERR;
break;
}
#ifdef TRAP_SIGDEBUG
printf("pid %d.%d (%s): signal %d at eip %x addr %lx "
"error %d\n", p->p_pid, l->l_lid, p->p_comm, ksi.ksi_signo,
frame->tf_eip, va, error);
#endif
(*p->p_emul->e_trapsignal)(l, &ksi);
break;
}
case T_TRCTRAP:
/* Check whether they single-stepped into a lcall. */
if (frame->tf_eip == (int)IDTVEC(osyscall))
return;
if (frame->tf_eip == (int)IDTVEC(osyscall) + 1) {
frame->tf_eflags &= ~PSL_T;
return;
}
goto we_re_toast;
case T_BPTFLT|T_USER: /* bpt instruction fault */
case T_TRCTRAP|T_USER: /* trace trap */
/*
* Don't go single-stepping into a RAS.
*/
if (p->p_raslist == NULL ||
(ras_lookup(p, (void *)frame->tf_eip) == (void *)-1)) {
KSI_INIT_TRAP(&ksi);
ksi.ksi_signo = SIGTRAP;
ksi.ksi_trap = type & ~T_USER;
if (type == (T_BPTFLT|T_USER))
ksi.ksi_code = TRAP_BRKPT;
else
ksi.ksi_code = TRAP_TRACE;
ksi.ksi_addr = (void *)frame->tf_eip;
(*p->p_emul->e_trapsignal)(l, &ksi);
}
break;
case T_NMI:
if (nmi_dispatch(frame))
return;
/* NMI can be hooked up to a pushbutton for debugging */
if (kgdb_trap(type, frame))
return;
if (kdb_trap(type, 0, frame))
return;
/* machine/parity/power fail/"kitchen sink" faults */
#if NMCA > 0
mca_nmi();
#endif
x86_nmi();
}
if ((type & T_USER) == 0)
return;
out:
userret(l);
return;
trapsignal:
ksi.ksi_trap = type & ~T_USER;
(*p->p_emul->e_trapsignal)(l, &ksi);
userret(l);
}
/*
* Copy arguments onto the stack in the normal way, but add some
* extra information in case of dynamic binding.
*/
int
linux32_elf32_copyargs(struct lwp *l, struct exec_package *pack,
struct ps_strings *arginfo, char **stackp, void *argp)
{
Aux32Info ai[LINUX32_ELF_AUX_ENTRIES], *a;
uint32_t randbytes[4];
struct elf_args *ap;
struct vattr *vap;
size_t len;
int error;
if ((error = netbsd32_copyargs(l, pack, arginfo, stackp, argp)) != 0)
return error;
a = ai;
memset(ai, 0, sizeof(ai));
/*
* Push extra arguments on the stack needed by dynamically
* linked binaries and static binaries as well.
*/
a->a_type = AT_PAGESZ;
a->a_v = PAGE_SIZE;
a++;
if ((ap = (struct elf_args *)pack->ep_emul_arg)) {
a->a_type = AT_PHDR;
a->a_v = ap->arg_phaddr;
a++;
a->a_type = AT_PHENT;
a->a_v = ap->arg_phentsize;
a++;
a->a_type = AT_PHNUM;
a->a_v = ap->arg_phnum;
a++;
a->a_type = AT_BASE;
a->a_v = ap->arg_interp;
a++;
a->a_type = AT_FLAGS;
a->a_v = 0;
a++;
a->a_type = AT_ENTRY;
a->a_v = ap->arg_entry;
a++;
exec_free_emul_arg(pack);
}
/* Linux-specific items */
a->a_type = LINUX_AT_CLKTCK;
a->a_v = hz;
a++;
vap = pack->ep_vap;
a->a_type = LINUX_AT_UID;
a->a_v = kauth_cred_getuid(l->l_cred);
a++;
a->a_type = LINUX_AT_EUID;
a->a_v = ((vap->va_mode & S_ISUID) ?
vap->va_uid : kauth_cred_geteuid(l->l_cred));
a++;
a->a_type = LINUX_AT_GID;
a->a_v = kauth_cred_getgid(l->l_cred);
a++;
a->a_type = LINUX_AT_EGID;
a->a_v = ((vap->va_mode & S_ISGID) ?
vap->va_gid : kauth_cred_getegid(l->l_cred));
a++;
a->a_type = LINUX_AT_SECURE;
a->a_v = 0;
a++;
a->a_type = LINUX_AT_RANDOM;
a->a_v = NETBSD32PTR32I(*stackp);
a++;
#if 0
/* XXX: increase LINUX32_ELF_AUX_ENTRIES if we enable those things */
a->a_type = LINUX_AT_SYSINFO;
a->a_v = NETBSD32PTR32I(&esdp->kernel_vsyscall[0]);
a++;
a->a_type = LINUX_AT_SYSINFO_EHDR;
a->a_v = NETBSD32PTR32I(&esdp->elfhdr);
a++;
a->a_type = LINUX_AT_HWCAP;
a->a_v = LINUX32_CPUCAP;
a++;
a->a_type = LINUX_AT_PLATFORM;
a->a_v = NETBSD32PTR32I(&esdp->hw_platform[0]);
a++;
#endif
a->a_type = AT_NULL;
a->a_v = 0;
a++;
randbytes[0] = cprng_strong32();
randbytes[1] = cprng_strong32();
randbytes[2] = cprng_strong32();
randbytes[3] = cprng_strong32();
len = sizeof(randbytes);
if ((error = copyout(randbytes, *stackp, len)) != 0)
return error;
*stackp += len;
#if 0
memcpy(esd.kernel_vsyscall, linux32_kernel_vsyscall,
sizeof(linux32_kernel_vsyscall));
memcpy(&esd.elfhdr, eh, sizeof(*eh));
strcpy(esd.hw_platform, LINUX32_PLATFORM);
/*
* Copy out the ELF auxiliary table and hw platform name
*/
if ((error = copyout(&esd, esdp, sizeof(esd))) != 0)
return error;
*stackp += sizeof(esd);
#endif
len = (a - ai) * sizeof(Aux32Info);
KASSERT(len <= LINUX32_ELF_AUX_ENTRIES * sizeof(Aux32Info));
if ((error = copyout(ai, *stackp, len)) != 0)
return error;
*stackp += len;
return 0;
}
int
sys_semget(struct lwp *l, const struct sys_semget_args *uap, register_t *retval)
{
/* {
syscallarg(key_t) key;
syscallarg(int) nsems;
syscallarg(int) semflg;
} */
int semid, error = 0;
int key = SCARG(uap, key);
int nsems = SCARG(uap, nsems);
int semflg = SCARG(uap, semflg);
kauth_cred_t cred = l->l_cred;
SEM_PRINTF(("semget(0x%x, %d, 0%o)\n", key, nsems, semflg));
mutex_enter(&semlock);
if (key != IPC_PRIVATE) {
for (semid = 0; semid < seminfo.semmni; semid++) {
if ((sema[semid].sem_perm.mode & SEM_ALLOC) &&
sema[semid].sem_perm._key == key)
break;
}
if (semid < seminfo.semmni) {
SEM_PRINTF(("found public key\n"));
if ((error = ipcperm(cred, &sema[semid].sem_perm,
semflg & 0700)))
goto out;
if (nsems > 0 && sema[semid].sem_nsems < nsems) {
SEM_PRINTF(("too small\n"));
error = EINVAL;
goto out;
}
if ((semflg & IPC_CREAT) && (semflg & IPC_EXCL)) {
SEM_PRINTF(("not exclusive\n"));
error = EEXIST;
goto out;
}
goto found;
}
}
SEM_PRINTF(("need to allocate the semid_ds\n"));
if (key == IPC_PRIVATE || (semflg & IPC_CREAT)) {
if (nsems <= 0 || nsems > seminfo.semmsl) {
SEM_PRINTF(("nsems out of range (0<%d<=%d)\n", nsems,
seminfo.semmsl));
error = EINVAL;
goto out;
}
if (nsems > seminfo.semmns - semtot) {
SEM_PRINTF(("not enough semaphores left "
"(need %d, got %d)\n",
nsems, seminfo.semmns - semtot));
error = ENOSPC;
goto out;
}
for (semid = 0; semid < seminfo.semmni; semid++) {
if ((sema[semid].sem_perm.mode & SEM_ALLOC) == 0)
break;
}
if (semid == seminfo.semmni) {
SEM_PRINTF(("no more semid_ds's available\n"));
error = ENOSPC;
goto out;
}
SEM_PRINTF(("semid %d is available\n", semid));
sema[semid].sem_perm._key = key;
sema[semid].sem_perm.cuid = kauth_cred_geteuid(cred);
sema[semid].sem_perm.uid = kauth_cred_geteuid(cred);
sema[semid].sem_perm.cgid = kauth_cred_getegid(cred);
sema[semid].sem_perm.gid = kauth_cred_getegid(cred);
sema[semid].sem_perm.mode = (semflg & 0777) | SEM_ALLOC;
sema[semid].sem_perm._seq =
(sema[semid].sem_perm._seq + 1) & 0x7fff;
sema[semid].sem_nsems = nsems;
sema[semid].sem_otime = 0;
sema[semid].sem_ctime = time_second;
sema[semid]._sem_base = &sem[semtot];
semtot += nsems;
memset(sema[semid]._sem_base, 0,
sizeof(sema[semid]._sem_base[0]) * nsems);
SEM_PRINTF(("sembase = %p, next = %p\n", sema[semid]._sem_base,
&sem[semtot]));
} else {
SEM_PRINTF(("didn't find it and wasn't asked to create it\n"));
error = ENOENT;
goto out;
}
found:
*retval = IXSEQ_TO_IPCID(semid, sema[semid].sem_perm);
out:
mutex_exit(&semlock);
return (error);
}
int
semctl1(struct lwp *l, int semid, int semnum, int cmd, void *v,
register_t *retval)
{
kauth_cred_t cred = l->l_cred;
union __semun *arg = v;
struct semid_ds *sembuf = v, *semaptr;
int i, error, ix;
SEM_PRINTF(("call to semctl(%d, %d, %d, %p)\n",
semid, semnum, cmd, v));
mutex_enter(&semlock);
ix = IPCID_TO_IX(semid);
if (ix < 0 || ix >= seminfo.semmni) {
mutex_exit(&semlock);
return (EINVAL);
}
semaptr = &sema[ix];
if ((semaptr->sem_perm.mode & SEM_ALLOC) == 0 ||
semaptr->sem_perm._seq != IPCID_TO_SEQ(semid)) {
mutex_exit(&semlock);
return (EINVAL);
}
switch (cmd) {
case IPC_RMID:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_M)) != 0)
break;
semaptr->sem_perm.cuid = kauth_cred_geteuid(cred);
semaptr->sem_perm.uid = kauth_cred_geteuid(cred);
semtot -= semaptr->sem_nsems;
for (i = semaptr->_sem_base - sem; i < semtot; i++)
sem[i] = sem[i + semaptr->sem_nsems];
for (i = 0; i < seminfo.semmni; i++) {
if ((sema[i].sem_perm.mode & SEM_ALLOC) &&
sema[i]._sem_base > semaptr->_sem_base)
sema[i]._sem_base -= semaptr->sem_nsems;
}
semaptr->sem_perm.mode = 0;
semundo_clear(ix, -1);
cv_broadcast(&semcv[ix]);
break;
case IPC_SET:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_M)))
break;
KASSERT(sembuf != NULL);
semaptr->sem_perm.uid = sembuf->sem_perm.uid;
semaptr->sem_perm.gid = sembuf->sem_perm.gid;
semaptr->sem_perm.mode = (semaptr->sem_perm.mode & ~0777) |
(sembuf->sem_perm.mode & 0777);
semaptr->sem_ctime = time_second;
break;
case IPC_STAT:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
break;
KASSERT(sembuf != NULL);
memcpy(sembuf, semaptr, sizeof(struct semid_ds));
sembuf->sem_perm.mode &= 0777;
break;
case GETNCNT:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
break;
if (semnum < 0 || semnum >= semaptr->sem_nsems) {
error = EINVAL;
break;
}
*retval = semaptr->_sem_base[semnum].semncnt;
break;
case GETPID:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
break;
if (semnum < 0 || semnum >= semaptr->sem_nsems) {
error = EINVAL;
break;
}
*retval = semaptr->_sem_base[semnum].sempid;
break;
case GETVAL:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
break;
if (semnum < 0 || semnum >= semaptr->sem_nsems) {
error = EINVAL;
break;
}
*retval = semaptr->_sem_base[semnum].semval;
break;
case GETALL:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
break;
KASSERT(arg != NULL);
for (i = 0; i < semaptr->sem_nsems; i++) {
error = copyout(&semaptr->_sem_base[i].semval,
&arg->array[i], sizeof(arg->array[i]));
if (error != 0)
break;
}
break;
case GETZCNT:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_R)))
break;
if (semnum < 0 || semnum >= semaptr->sem_nsems) {
error = EINVAL;
break;
}
*retval = semaptr->_sem_base[semnum].semzcnt;
break;
case SETVAL:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_W)))
break;
if (semnum < 0 || semnum >= semaptr->sem_nsems) {
error = EINVAL;
break;
}
KASSERT(arg != NULL);
if ((unsigned int)arg->val > seminfo.semvmx) {
error = ERANGE;
break;
}
semaptr->_sem_base[semnum].semval = arg->val;
semundo_clear(ix, semnum);
cv_broadcast(&semcv[ix]);
break;
case SETALL:
if ((error = ipcperm(cred, &semaptr->sem_perm, IPC_W)))
break;
KASSERT(arg != NULL);
for (i = 0; i < semaptr->sem_nsems; i++) {
unsigned short semval;
error = copyin(&arg->array[i], &semval,
sizeof(arg->array[i]));
if (error != 0)
break;
if ((unsigned int)semval > seminfo.semvmx) {
error = ERANGE;
break;
}
semaptr->_sem_base[i].semval = semval;
}
semundo_clear(ix, -1);
cv_broadcast(&semcv[ix]);
break;
default:
error = EINVAL;
break;
}
mutex_exit(&semlock);
return (error);
}
/*ARGSUSED*/
void
trap(struct frame *fp, int type, unsigned code, unsigned v)
{
extern char fubail[], subail[];
struct lwp *l;
struct proc *p;
struct pcb *pcb;
void *onfault;
ksiginfo_t ksi;
int s;
int rv;
u_quad_t sticks = 0 /* XXX initialiser works around compiler bug */;
static int panicking __diagused;
curcpu()->ci_data.cpu_ntrap++;
l = curlwp;
p = l->l_proc;
pcb = lwp_getpcb(l);
KSI_INIT_TRAP(&ksi);
ksi.ksi_trap = type & ~T_USER;
if (USERMODE(fp->f_sr)) {
type |= T_USER;
sticks = p->p_sticks;
l->l_md.md_regs = fp->f_regs;
LWP_CACHE_CREDS(l, p);
}
switch (type) {
default:
dopanic:
/*
* Let the kernel debugger see the trap frame that
* caused us to panic. This is a convenience so
* one can see registers at the point of failure.
*/
s = splhigh();
panicking = 1;
printf("trap type %d, code = 0x%x, v = 0x%x\n", type, code, v);
printf("%s program counter = 0x%x\n",
(type & T_USER) ? "user" : "kernel", fp->f_pc);
#ifdef KGDB
/* If connected, step or cont returns 1 */
if (kgdb_trap(type, (db_regs_t *)fp))
goto kgdb_cont;
#endif
#ifdef DDB
(void)kdb_trap(type, (db_regs_t *)fp);
#endif
#ifdef KGDB
kgdb_cont:
#endif
splx(s);
if (panicstr) {
printf("trap during panic!\n");
#ifdef DEBUG
/* XXX should be a machine-dependent hook */
printf("(press a key)\n"); (void)cngetc();
#endif
}
regdump((struct trapframe *)fp, 128);
type &= ~T_USER;
if ((u_int)type < trap_types)
panic(trap_type[type]);
panic("trap");
case T_BUSERR: /* kernel bus error */
onfault = pcb->pcb_onfault;
if (onfault == NULL)
goto dopanic;
rv = EFAULT;
/* FALLTHROUGH */
copyfault:
/*
* If we have arranged to catch this fault in any of the
* copy to/from user space routines, set PC to return to
* indicated location and set flag informing buserror code
* that it may need to clean up stack frame.
*/
fp->f_stackadj = exframesize[fp->f_format];
fp->f_format = fp->f_vector = 0;
fp->f_pc = (int)onfault;
fp->f_regs[D0] = rv;
return;
case T_BUSERR|T_USER: /* bus error */
case T_ADDRERR|T_USER: /* address error */
ksi.ksi_addr = (void *)v;
ksi.ksi_signo = SIGBUS;
ksi.ksi_code = (type == (T_BUSERR|T_USER)) ?
BUS_OBJERR : BUS_ADRERR;
break;
case T_COPERR: /* kernel coprocessor violation */
case T_FMTERR|T_USER: /* do all RTE errors come in as T_USER? */
case T_FMTERR: /* ...just in case... */
/*
* The user has most likely trashed the RTE or FP state info
* in the stack frame of a signal handler.
*/
printf("pid %d: kernel %s exception\n", p->p_pid,
type==T_COPERR ? "coprocessor" : "format");
type |= T_USER;
mutex_enter(p->p_lock);
SIGACTION(p, SIGILL).sa_handler = SIG_DFL;
sigdelset(&p->p_sigctx.ps_sigignore, SIGILL);
sigdelset(&p->p_sigctx.ps_sigcatch, SIGILL);
sigdelset(&l->l_sigmask, SIGILL);
mutex_exit(p->p_lock);
ksi.ksi_signo = SIGILL;
ksi.ksi_addr = (void *)(int)fp->f_format;
/* XXX was ILL_RESAD_FAULT */
ksi.ksi_code = (type == T_COPERR) ?
ILL_COPROC : ILL_ILLOPC;
break;
case T_COPERR|T_USER: /* user coprocessor violation */
/* What is a proper response here? */
ksi.ksi_signo = SIGFPE;
ksi.ksi_code = FPE_FLTINV;
break;
case T_FPERR|T_USER: /* 68881 exceptions */
/*
* We pass along the 68881 status register which locore stashed
* in code for us.
*/
ksi.ksi_signo = SIGFPE;
ksi.ksi_code = fpsr2siginfocode(code);
break;
#ifdef M68040
case T_FPEMULI|T_USER: /* unimplemented FP instruction */
case T_FPEMULD|T_USER: /* unimplemented FP data type */
/* XXX need to FSAVE */
printf("pid %d(%s): unimplemented FP %s at %x (EA %x)\n",
p->p_pid, p->p_comm,
fp->f_format == 2 ? "instruction" : "data type",
fp->f_pc, fp->f_fmt2.f_iaddr);
/* XXX need to FRESTORE */
ksi.ksi_signo = SIGFPE;
ksi.ksi_code = FPE_FLTINV;
break;
#endif
case T_ILLINST|T_USER: /* illegal instruction fault */
case T_PRIVINST|T_USER: /* privileged instruction fault */
ksi.ksi_addr = (void *)(int)fp->f_format;
/* XXX was ILL_PRIVIN_FAULT */
ksi.ksi_signo = SIGILL;
ksi.ksi_code = (type == (T_PRIVINST|T_USER)) ?
ILL_PRVOPC : ILL_ILLOPC;
break;
case T_ZERODIV|T_USER: /* Divide by zero */
ksi.ksi_addr = (void *)(int)fp->f_format;
/* XXX was FPE_INTDIV_TRAP */
ksi.ksi_signo = SIGFPE;
ksi.ksi_code = FPE_FLTDIV;
break;
case T_CHKINST|T_USER: /* CHK instruction trap */
ksi.ksi_addr = (void *)(int)fp->f_format;
/* XXX was FPE_SUBRNG_TRAP */
ksi.ksi_signo = SIGFPE;
break;
case T_TRAPVINST|T_USER: /* TRAPV instruction trap */
ksi.ksi_addr = (void *)(int)fp->f_format;
/* XXX was FPE_INTOVF_TRAP */
ksi.ksi_signo = SIGFPE;
break;
/*
* XXX: Trace traps are a nightmare.
*
* HP-UX uses trap #1 for breakpoints,
* NetBSD/m68k uses trap #2,
* SUN 3.x uses trap #15,
* DDB and KGDB uses trap #15 (for kernel breakpoints;
* handled elsewhere).
*
* NetBSD and HP-UX traps both get mapped by locore.s into T_TRACE.
* SUN 3.x traps get passed through as T_TRAP15 and are not really
* supported yet.
*
* XXX: We should never get kernel-mode T_TRAP15
* XXX: because locore.s now gives them special treatment.
*/
case T_TRAP15: /* kernel breakpoint */
#ifdef DEBUG
printf("unexpected kernel trace trap, type = %d\n", type);
printf("program counter = 0x%x\n", fp->f_pc);
#endif
fp->f_sr &= ~PSL_T;
return;
case T_TRACE|T_USER: /* user trace trap */
#ifdef COMPAT_SUNOS
/*
* SunOS uses Trap #2 for a "CPU cache flush".
* Just flush the on-chip caches and return.
*/
if (p->p_emul == &emul_sunos) {
ICIA();
DCIU();
return;
}
#endif
/* FALLTHROUGH */
case T_TRACE: /* tracing a trap instruction */
case T_TRAP15|T_USER: /* SUN user trace trap */
fp->f_sr &= ~PSL_T;
ksi.ksi_signo = SIGTRAP;
break;
case T_ASTFLT: /* system async trap, cannot happen */
goto dopanic;
case T_ASTFLT|T_USER: /* user async trap */
astpending = 0;
/*
* We check for software interrupts first. This is because
* they are at a higher level than ASTs, and on a VAX would
* interrupt the AST. We assume that if we are processing
* an AST that we must be at IPL0 so we don't bother to
* check. Note that we ensure that we are at least at SIR
* IPL while processing the SIR.
*/
spl1();
/* fall into... */
case T_SSIR: /* software interrupt */
case T_SSIR|T_USER:
/*
* If this was not an AST trap, we are all done.
*/
if (type != (T_ASTFLT|T_USER)) {
curcpu()->ci_data.cpu_ntrap--;
return;
}
spl0();
if (l->l_pflag & LP_OWEUPC) {
l->l_pflag &= ~LP_OWEUPC;
ADDUPROF(l);
}
if (curcpu()->ci_want_resched)
preempt();
goto out;
case T_MMUFLT: /* kernel mode page fault */
/*
* If we were doing profiling ticks or other user mode
* stuff from interrupt code, Just Say No.
*/
onfault = pcb->pcb_onfault;
if (onfault == fubail || onfault == subail) {
rv = EFAULT;
goto copyfault;
}
/* fall into ... */
case T_MMUFLT|T_USER: /* page fault */
{
vaddr_t va;
struct vmspace *vm = p->p_vmspace;
struct vm_map *map;
vm_prot_t ftype;
extern struct vm_map *kernel_map;
onfault = pcb->pcb_onfault;
#ifdef DEBUG
if ((mmudebug & MDB_WBFOLLOW) || MDB_ISPID(p->p_pid))
printf("trap: T_MMUFLT pid=%d, code=%x, v=%x, pc=%x, sr=%x\n",
p->p_pid, code, v, fp->f_pc, fp->f_sr);
#endif
/*
* It is only a kernel address space fault iff:
* 1. (type & T_USER) == 0 and
* 2. pcb_onfault not set or
* 3. pcb_onfault set but supervisor space data fault
* The last can occur during an exec() copyin where the
* argument space is lazy-allocated.
*/
if ((type & T_USER) == 0 && (onfault == NULL || KDFAULT(code)))
map = kernel_map;
else {
map = vm ? &vm->vm_map : kernel_map;
}
if (WRFAULT(code))
ftype = VM_PROT_WRITE;
else
ftype = VM_PROT_READ;
va = trunc_page((vaddr_t)v);
if (map == kernel_map && va == 0) {
printf("trap: bad kernel %s access at 0x%x\n",
(ftype & VM_PROT_WRITE) ? "read/write" :
"read", v);
goto dopanic;
}
#ifdef DIAGNOSTIC
if (interrupt_depth && !panicking) {
printf("trap: calling uvm_fault() from interrupt!\n");
goto dopanic;
}
#endif
pcb->pcb_onfault = NULL;
rv = uvm_fault(map, va, ftype);
pcb->pcb_onfault = onfault;
#ifdef DEBUG
if (rv && MDB_ISPID(p->p_pid))
printf("uvm_fault(%p, 0x%lx, 0x%x) -> 0x%x\n",
map, va, ftype, rv);
#endif
/*
* If this was a stack access we keep track of the maximum
* accessed stack size. Also, if vm_fault gets a protection
* failure it is due to accessing the stack region outside
* the current limit and we need to reflect that as an access
* error.
*/
if (rv == 0) {
if (map != kernel_map && (void *)va >= vm->vm_maxsaddr)
uvm_grow(p, va);
if (type == T_MMUFLT) {
if (ucas_ras_check(&fp->F_t)) {
return;
}
#ifdef M68040
if (cputype == CPU_68040)
(void) writeback(fp, 1);
#endif
return;
}
goto out;
}
if (rv == EACCES) {
ksi.ksi_code = SEGV_ACCERR;
rv = EFAULT;
} else
ksi.ksi_code = SEGV_MAPERR;
if (type == T_MMUFLT) {
if (onfault)
goto copyfault;
printf("uvm_fault(%p, 0x%lx, 0x%x) -> 0x%x\n",
map, va, ftype, rv);
printf(" type %x, code [mmu,,ssw]: %x\n",
type, code);
goto dopanic;
}
ksi.ksi_addr = (void *)v;
switch (rv) {
case ENOMEM:
printf("UVM: pid %d (%s), uid %d killed: out of swap\n",
p->p_pid, p->p_comm,
l->l_cred ?
kauth_cred_geteuid(l->l_cred) : -1);
ksi.ksi_signo = SIGKILL;
break;
case EINVAL:
ksi.ksi_signo = SIGBUS;
ksi.ksi_code = BUS_ADRERR;
break;
case EACCES:
ksi.ksi_signo = SIGSEGV;
ksi.ksi_code = SEGV_ACCERR;
break;
default:
ksi.ksi_signo = SIGSEGV;
ksi.ksi_code = SEGV_MAPERR;
break;
}
break;
}
}
trapsignal(l, &ksi);
if ((type & T_USER) == 0)
return;
out:
userret(l, fp, sticks, v, 1);
}
int
svr4_32_copyargs(struct lwp *l, struct exec_package *pack, struct ps_strings *arginfo, char **stackp, void *argp)
{
size_t len;
AuxInfo ai[SVR4_32_AUX_ARGSIZ], *a, *platform=NULL, *exec=NULL;
struct elf_args *ap;
extern char machine_model[];
int error;
if ((error = netbsd32_copyargs(l, pack, arginfo, stackp, argp)) != 0)
return error;
a = ai;
memset(ai, 0, sizeof(ai));
/*
* Push extra arguments on the stack needed by dynamically
* linked binaries
*/
if ((ap = (struct elf_args *)pack->ep_emul_arg)) {
struct proc *p = curproc; /* XXXXX */
a->a_type = AT_SUN_PLATFORM;
platform = a; /* Patch this later. */
a++;
a->a_type = AT_SUN_EXECNAME;
exec = a; /* Patch this later. */
a++;
a->a_type = AT_PHDR;
a->a_v = ap->arg_phaddr;
a++;
a->a_type = AT_PHENT;
a->a_v = ap->arg_phentsize;
a++;
a->a_type = AT_PHNUM;
a->a_v = ap->arg_phnum;
a++;
a->a_type = AT_ENTRY;
a->a_v = ap->arg_entry;
a++;
a->a_type = AT_BASE;
a->a_v = ap->arg_interp;
a++;
if (sun_flags) {
a->a_type = AT_FLAGS;
a->a_v = sun_flags;
a++;
}
a->a_type = AT_PAGESZ;
a->a_v = PAGE_SIZE;
a++;
a->a_type = AT_EUID;
a->a_v = kauth_cred_geteuid(l->l_cred);
a++;
a->a_type = AT_RUID;
a->a_v = kauth_cred_getuid(l->l_cred);
a++;
a->a_type = AT_EGID;
a->a_v = kauth_cred_getegid(l->l_cred);
a++;
a->a_type = AT_RGID;
a->a_v = kauth_cred_getgid(l->l_cred);
a++;
if (sun_hwcap) {
a->a_type = AT_SUN_HWCAP;
a->a_v = sun_hwcap;
a++;
}
exec_free_emul_arg(pack);
}
a->a_type = AT_NULL;
a->a_v = 0;
a++;
len = (a - ai) * sizeof(AuxInfo);
if (platform) {
char *ptr = (char *)a;
const char *path = NULL;
/* Copy out the platform name. */
platform->a_v = (u_long)(*stackp) + len;
/* XXXX extremely inefficient.... */
strcpy(ptr, machine_model);
ptr += strlen(machine_model) + 1;
len += strlen(machine_model) + 1;
if (exec) {
path = pack->ep_resolvedname;
/* Copy out the file we're executing. */
exec->a_v = (u_long)(*stackp) + len;
strcpy(ptr, path);
len += strlen(ptr)+1;
}
/* Round to 32-bits */
len = (len+7)&~0x7L;
}
if ((error = copyout(ai, *stackp, len)) != 0)
return error;
*stackp += len;
return error;
}
int
do_setresuid(struct lwp *l, uid_t r, uid_t e, uid_t sv, u_int flags)
{
struct proc *p = l->l_proc;
kauth_cred_t cred, ncred;
ncred = kauth_cred_alloc();
/* Get a write lock on the process credential. */
proc_crmod_enter();
cred = p->p_cred;
/*
* Check that the new value is one of the allowed existing values,
* or that we have root privilege.
*/
if ((r != -1
&& !((flags & ID_R_EQ_R) && r == kauth_cred_getuid(cred))
&& !((flags & ID_R_EQ_E) && r == kauth_cred_geteuid(cred))
&& !((flags & ID_R_EQ_S) && r == kauth_cred_getsvuid(cred))) ||
(e != -1
&& !((flags & ID_E_EQ_R) && e == kauth_cred_getuid(cred))
&& !((flags & ID_E_EQ_E) && e == kauth_cred_geteuid(cred))
&& !((flags & ID_E_EQ_S) && e == kauth_cred_getsvuid(cred))) ||
(sv != -1
&& !((flags & ID_S_EQ_R) && sv == kauth_cred_getuid(cred))
&& !((flags & ID_S_EQ_E) && sv == kauth_cred_geteuid(cred))
&& !((flags & ID_S_EQ_S) && sv == kauth_cred_getsvuid(cred)))) {
int error;
error = kauth_authorize_process(cred, KAUTH_PROCESS_SETID,
p, NULL, NULL, NULL);
if (error != 0) {
proc_crmod_leave(cred, ncred, false);
return error;
}
}
/* If nothing has changed, short circuit the request */
if ((r == -1 || r == kauth_cred_getuid(cred))
&& (e == -1 || e == kauth_cred_geteuid(cred))
&& (sv == -1 || sv == kauth_cred_getsvuid(cred))) {
proc_crmod_leave(cred, ncred, false);
return 0;
}
kauth_cred_clone(cred, ncred);
if (r != -1 && r != kauth_cred_getuid(ncred)) {
u_long nlwps;
/* Update count of processes for this user. */
(void)chgproccnt(kauth_cred_getuid(ncred), -1);
(void)chgproccnt(r, 1);
/* The first LWP of a process is excluded. */
KASSERT(mutex_owned(p->p_lock));
nlwps = p->p_nlwps - 1;
(void)chglwpcnt(kauth_cred_getuid(ncred), -nlwps);
(void)chglwpcnt(r, nlwps);
kauth_cred_setuid(ncred, r);
}
if (sv != -1)
kauth_cred_setsvuid(ncred, sv);
if (e != -1)
kauth_cred_seteuid(ncred, e);
/* Broadcast our credentials to the process and other LWPs. */
proc_crmod_leave(ncred, cred, true);
return 0;
}
void
trap(struct trapframe *tf)
{
u_int sig = 0, type = tf->tf_trap, code = 0;
u_int rv, addr;
bool trapsig = true;
const bool usermode = USERMODE_P(tf);
struct lwp * const l = curlwp;
struct proc * const p = l->l_proc;
struct pcb * const pcb = lwp_getpcb(l);
u_quad_t oticks = 0;
struct vmspace *vm;
struct vm_map *map;
vm_prot_t ftype;
void *onfault = pcb->pcb_onfault;
KASSERT(p != NULL);
curcpu()->ci_data.cpu_ntrap++;
if (usermode) {
type |= T_USER;
oticks = p->p_sticks;
l->l_md.md_utf = tf;
LWP_CACHE_CREDS(l, p);
}
type &= ~(T_WRITE|T_PTEFETCH);
#ifdef TRAPDEBUG
if(tf->tf_trap==7) goto fram;
if(faultdebug)printf("Trap: type %lx, code %lx, pc %lx, psl %lx\n",
tf->tf_trap, tf->tf_code, tf->tf_pc, tf->tf_psl);
fram:
#endif
switch (type) {
default:
#ifdef DDB
kdb_trap(tf);
#endif
panic("trap: type %x, code %x, pc %x, psl %x",
(u_int)tf->tf_trap, (u_int)tf->tf_code,
(u_int)tf->tf_pc, (u_int)tf->tf_psl);
case T_KSPNOTVAL:
panic("%d.%d (%s): KSP invalid %#x@%#x pcb %p fp %#x psl %#x)",
p->p_pid, l->l_lid, l->l_name ? l->l_name : "??",
mfpr(PR_KSP), (u_int)tf->tf_pc, pcb,
(u_int)tf->tf_fp, (u_int)tf->tf_psl);
case T_TRANSFLT|T_USER:
case T_TRANSFLT:
/*
* BUG! BUG! BUG! BUG! BUG!
* Due to a hardware bug (at in least KA65x CPUs) a double
* page table fetch trap will cause a translation fault
* even if access in the SPT PTE entry specifies 'no access'.
* In for example section 6.4.2 in VAX Architecture
* Reference Manual it states that if a page both are invalid
* and have no access set, a 'access violation fault' occurs.
* Therefore, we must fall through here...
*/
#ifdef nohwbug
panic("translation fault");
#endif
case T_PTELEN|T_USER: /* Page table length exceeded */
case T_ACCFLT|T_USER:
if (tf->tf_code < 0) { /* Check for kernel space */
sig = SIGSEGV;
code = SEGV_ACCERR;
break;
}
case T_PTELEN:
#ifndef MULTIPROCESSOR
/*
* If we referred to an address beyond the end of the system
* page table, it may be due to a failed CAS
* restartable-atomic-sequence. If it is, restart it at the
* beginning and restart.
*/
{
extern const uint8_t cas32_ras_start[], cas32_ras_end[];
if (tf->tf_code == CASMAGIC
&& tf->tf_pc >= (uintptr_t) cas32_ras_start
&& tf->tf_pc < (uintptr_t) cas32_ras_end) {
tf->tf_pc = (uintptr_t) cas32_ras_start;
trapsig = false;
break;
}
}
/* FALLTHROUGH */
#endif
case T_ACCFLT:
#ifdef TRAPDEBUG
if(faultdebug)printf("trap accflt type %lx, code %lx, pc %lx, psl %lx\n",
tf->tf_trap, tf->tf_code, tf->tf_pc, tf->tf_psl);
#endif
#ifdef DIAGNOSTIC
if (p == 0)
panic("trap: access fault: addr %lx code %lx",
tf->tf_pc, tf->tf_code);
if (tf->tf_psl & PSL_IS)
panic("trap: pflt on IS");
#endif
/*
* Page tables are allocated in pmap_enter(). We get
* info from below if it is a page table fault, but
* UVM may want to map in pages without faults, so
* because we must check for PTE pages anyway we don't
* bother doing it here.
*/
addr = trunc_page(tf->tf_code);
if (!usermode && (tf->tf_code < 0)) {
vm = NULL;
map = kernel_map;
} else {
vm = p->p_vmspace;
map = &vm->vm_map;
}
if (tf->tf_trap & T_WRITE)
ftype = VM_PROT_WRITE;
else
ftype = VM_PROT_READ;
pcb->pcb_onfault = NULL;
rv = uvm_fault(map, addr, ftype);
pcb->pcb_onfault = onfault;
if (rv != 0) {
if (!usermode) {
if (onfault) {
pcb->pcb_onfault = NULL;
tf->tf_pc = (unsigned)onfault;
tf->tf_psl &= ~PSL_FPD;
tf->tf_r0 = rv;
return;
}
printf("r0=%08lx r1=%08lx r2=%08lx r3=%08lx ",
tf->tf_r0, tf->tf_r1, tf->tf_r2, tf->tf_r3);
printf("r4=%08lx r5=%08lx r6=%08lx r7=%08lx\n",
tf->tf_r4, tf->tf_r5, tf->tf_r6, tf->tf_r7);
printf(
"r8=%08lx r9=%08lx r10=%08lx r11=%08lx\n",
tf->tf_r8, tf->tf_r9, tf->tf_r10,
tf->tf_r11);
printf("ap=%08lx fp=%08lx sp=%08lx pc=%08lx\n",
tf->tf_ap, tf->tf_fp, tf->tf_sp, tf->tf_pc);
panic("SEGV in kernel mode: pc %#lx addr %#lx",
tf->tf_pc, tf->tf_code);
}
switch (rv) {
case ENOMEM:
printf("UVM: pid %d (%s), uid %d killed: "
"out of swap\n",
p->p_pid, p->p_comm,
l->l_cred ?
kauth_cred_geteuid(l->l_cred) : -1);
sig = SIGKILL;
code = SI_NOINFO;
break;
case EINVAL:
code = BUS_ADRERR;
sig = SIGBUS;
break;
case EACCES:
code = SEGV_ACCERR;
sig = SIGSEGV;
break;
default:
code = SEGV_MAPERR;
sig = SIGSEGV;
break;
}
} else {
trapsig = false;
if (map != kernel_map && addr > 0
&& (void *)addr >= vm->vm_maxsaddr)
uvm_grow(p, addr);
}
break;
case T_BPTFLT|T_USER:
sig = SIGTRAP;
code = TRAP_BRKPT;
break;
case T_TRCTRAP|T_USER:
sig = SIGTRAP;
code = TRAP_TRACE;
tf->tf_psl &= ~PSL_T;
break;
case T_PRIVINFLT|T_USER:
sig = SIGILL;
code = ILL_PRVOPC;
break;
case T_RESADFLT|T_USER:
sig = SIGILL;
code = ILL_ILLADR;
break;
case T_RESOPFLT|T_USER:
sig = SIGILL;
code = ILL_ILLOPC;
break;
case T_XFCFLT|T_USER:
sig = SIGEMT;
break;
case T_ARITHFLT|T_USER:
sig = SIGFPE;
switch (tf->tf_code) {
case ATRP_INTOVF: code = FPE_INTOVF; break;
case ATRP_INTDIV: code = FPE_INTDIV; break;
case ATRP_FLTOVF: code = FPE_FLTOVF; break;
case ATRP_FLTDIV: code = FPE_FLTDIV; break;
case ATRP_FLTUND: code = FPE_FLTUND; break;
case ATRP_DECOVF: code = FPE_INTOVF; break;
case ATRP_FLTSUB: code = FPE_FLTSUB; break;
case AFLT_FLTDIV: code = FPE_FLTDIV; break;
case AFLT_FLTUND: code = FPE_FLTUND; break;
case AFLT_FLTOVF: code = FPE_FLTOVF; break;
default: code = FPE_FLTINV; break;
}
break;
case T_ASTFLT|T_USER:
mtpr(AST_NO,PR_ASTLVL);
trapsig = false;
if (curcpu()->ci_want_resched)
preempt();
break;
#ifdef DDB
case T_BPTFLT: /* Kernel breakpoint */
case T_KDBTRAP:
case T_KDBTRAP|T_USER:
case T_TRCTRAP:
kdb_trap(tf);
return;
#endif
}
if (trapsig) {
ksiginfo_t ksi;
if ((sig == SIGSEGV || sig == SIGILL)
&& cpu_printfataltraps
&& (p->p_slflag & PSL_TRACED) == 0
&& !sigismember(&p->p_sigctx.ps_sigcatch, sig))
printf("pid %d.%d (%s): sig %d: type %lx, code %lx, pc %lx, psl %lx\n",
p->p_pid, l->l_lid, p->p_comm, sig, tf->tf_trap,
tf->tf_code, tf->tf_pc, tf->tf_psl);
KSI_INIT_TRAP(&ksi);
ksi.ksi_signo = sig;
ksi.ksi_trap = tf->tf_trap;
ksi.ksi_addr = (void *)tf->tf_code;
ksi.ksi_code = code;
/*
* Arithmetic exceptions can be of two kinds:
* - traps (codes 1..7), where pc points to the
* next instruction to execute.
* - faults (codes 8..10), where pc points to the
* faulting instruction.
* In the latter case, we need to advance pc by ourselves
* to prevent a signal loop.
*
* XXX this is gross -- miod
*/
if (type == (T_ARITHFLT | T_USER) && (tf->tf_code & 8))
tf->tf_pc = skip_opcode(tf->tf_pc);
trapsignal(l, &ksi);
}
if (!usermode)
return;
userret(l, tf, oticks);
}
int
ELFNAME2(linux,copyargs)(struct lwp *l, struct exec_package *pack,
struct ps_strings *arginfo, char **stackp, void *argp)
{
struct linux_extra_stack_data64 *esdp, esd;
struct elf_args *ap;
struct vattr *vap;
Elf_Ehdr *eh;
Elf_Phdr *ph;
u_long phsize;
Elf_Addr phdr = 0;
int error;
int i;
if ((error = copyargs(l, pack, arginfo, stackp, argp)) != 0)
return error;
/*
* Push extra arguments on the stack needed by dynamically
* linked binaries and static binaries as well.
*/
memset(&esd, 0, sizeof(esd));
esdp = (struct linux_extra_stack_data64 *)(*stackp);
ap = (struct elf_args *)pack->ep_emul_arg;
vap = pack->ep_vap;
eh = (Elf_Ehdr *)pack->ep_hdr;
/*
* We forgot this, so we need to reload it now. XXX keep track of it?
*/
if (ap == NULL) {
phsize = eh->e_phnum * sizeof(Elf_Phdr);
ph = (Elf_Phdr *)kmem_alloc(phsize, KM_SLEEP);
error = exec_read_from(l, pack->ep_vp, eh->e_phoff, ph, phsize);
if (error != 0) {
for (i = 0; i < eh->e_phnum; i++) {
if (ph[i].p_type == PT_PHDR) {
phdr = ph[i].p_vaddr;
break;
}
}
}
kmem_free(ph, phsize);
}
/*
* The exec_package doesn't have a proc pointer and it's not
* exactly trivial to add one since the credentials are
* changing. XXX Linux uses curlwp's credentials.
* Why can't we use them too?
*/
i = 0;
esd.ai[i].a_type = LINUX_AT_HWCAP;
esd.ai[i++].a_v = rcr4();
esd.ai[i].a_type = AT_PAGESZ;
esd.ai[i++].a_v = PAGE_SIZE;
esd.ai[i].a_type = LINUX_AT_CLKTCK;
esd.ai[i++].a_v = hz;
esd.ai[i].a_type = AT_PHDR;
esd.ai[i++].a_v = (ap ? ap->arg_phaddr: phdr);
esd.ai[i].a_type = AT_PHENT;
esd.ai[i++].a_v = (ap ? ap->arg_phentsize : eh->e_phentsize);
esd.ai[i].a_type = AT_PHNUM;
esd.ai[i++].a_v = (ap ? ap->arg_phnum : eh->e_phnum);
esd.ai[i].a_type = AT_BASE;
esd.ai[i++].a_v = (ap ? ap->arg_interp : 0);
esd.ai[i].a_type = AT_FLAGS;
esd.ai[i++].a_v = 0;
esd.ai[i].a_type = AT_ENTRY;
esd.ai[i++].a_v = (ap ? ap->arg_entry : eh->e_entry);
esd.ai[i].a_type = LINUX_AT_EGID;
esd.ai[i++].a_v = ((vap->va_mode & S_ISGID) ?
vap->va_gid : kauth_cred_getegid(l->l_cred));
esd.ai[i].a_type = LINUX_AT_GID;
esd.ai[i++].a_v = kauth_cred_getgid(l->l_cred);
esd.ai[i].a_type = LINUX_AT_EUID;
esd.ai[i++].a_v = ((vap->va_mode & S_ISUID) ?
vap->va_uid : kauth_cred_geteuid(l->l_cred));
esd.ai[i].a_type = LINUX_AT_UID;
esd.ai[i++].a_v = kauth_cred_getuid(l->l_cred);
esd.ai[i].a_type = LINUX_AT_SECURE;
esd.ai[i++].a_v = 0;
esd.ai[i].a_type = LINUX_AT_PLATFORM;
esd.ai[i++].a_v = (Elf_Addr)&esdp->hw_platform[0];
esd.ai[i].a_type = AT_NULL;
esd.ai[i++].a_v = 0;
#ifdef DEBUG_LINUX
if (i != LINUX_ELF_AUX_ENTRIES) {
printf("linux_elf64_copyargs: %d Aux entries\n", i);
return EINVAL;
}
#endif
strcpy(esd.hw_platform, LINUX_PLATFORM);
exec_free_emul_arg(pack);
/*
* Copy out the ELF auxiliary table and hw platform name
*/
if ((error = copyout(&esd, esdp, sizeof(esd))) != 0)
return error;
*stackp += sizeof(esd);
return 0;
}
/*ARGSUSED*/
int
ptyfs_setattr(void *v)
{
struct vop_setattr_args /* {
struct vnodeop_desc *a_desc;
struct vnode *a_vp;
struct vattr *a_vap;
kauth_cred_t a_cred;
} */ *ap = v;
struct vnode *vp = ap->a_vp;
struct ptyfsnode *ptyfs = VTOPTYFS(vp);
struct vattr *vap = ap->a_vap;
kauth_cred_t cred = ap->a_cred;
struct lwp *l = curlwp;
int error;
if (vap->va_size != VNOVAL) {
switch (ptyfs->ptyfs_type) {
case PTYFSroot:
return EISDIR;
case PTYFSpts:
case PTYFSptc:
break;
default:
return EINVAL;
}
}
if (vap->va_flags != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if (kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid &&
(error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
NULL)) != 0)
return error;
/* Immutable and append-only flags are not supported on ptyfs. */
if (vap->va_flags & (IMMUTABLE | APPEND))
return EINVAL;
if (kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL) == 0) {
/* Snapshot flag cannot be set or cleared */
if ((vap->va_flags & SF_SNAPSHOT) !=
(ptyfs->ptyfs_flags & SF_SNAPSHOT))
return EPERM;
ptyfs->ptyfs_flags = vap->va_flags;
} else {
if ((ptyfs->ptyfs_flags & SF_SETTABLE) !=
(vap->va_flags & SF_SETTABLE))
return EPERM;
ptyfs->ptyfs_flags &= SF_SETTABLE;
ptyfs->ptyfs_flags |= (vap->va_flags & UF_SETTABLE);
}
ptyfs->ptyfs_flag |= PTYFS_CHANGE;
}
/*
* Go through the fields and update iff not VNOVAL.
*/
if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if (ptyfs->ptyfs_type == PTYFSroot)
return EPERM;
error = ptyfs_chown(vp, vap->va_uid, vap->va_gid, cred, l);
if (error)
return error;
}
if (vap->va_atime.tv_sec != VNOVAL || vap->va_mtime.tv_sec != VNOVAL ||
vap->va_birthtime.tv_sec != VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if ((ptyfs->ptyfs_flags & SF_SNAPSHOT) != 0)
return EPERM;
if (kauth_cred_geteuid(cred) != ptyfs->ptyfs_uid &&
(error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER,
NULL)) &&
((vap->va_vaflags & VA_UTIMES_NULL) == 0 ||
(error = VOP_ACCESS(vp, VWRITE, cred)) != 0))
return (error);
if (vap->va_atime.tv_sec != VNOVAL)
if (!(vp->v_mount->mnt_flag & MNT_NOATIME))
ptyfs->ptyfs_flag |= PTYFS_ACCESS;
if (vap->va_mtime.tv_sec != VNOVAL)
ptyfs->ptyfs_flag |= PTYFS_CHANGE | PTYFS_MODIFY;
if (vap->va_birthtime.tv_sec != VNOVAL)
ptyfs->ptyfs_birthtime = vap->va_birthtime;
ptyfs->ptyfs_flag |= PTYFS_CHANGE;
error = ptyfs_update(vp, &vap->va_atime, &vap->va_mtime, 0);
if (error)
return error;
}
if (vap->va_mode != (mode_t)VNOVAL) {
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return EROFS;
if (ptyfs->ptyfs_type == PTYFSroot)
return EPERM;
if ((ptyfs->ptyfs_flags & SF_SNAPSHOT) != 0 &&
(vap->va_mode &
(S_IXUSR|S_IWUSR|S_IXGRP|S_IWGRP|S_IXOTH|S_IWOTH)))
return EPERM;
error = ptyfs_chmod(vp, vap->va_mode, cred, l);
if (error)
return error;
}
VN_KNOTE(vp, NOTE_ATTRIB);
return 0;
}
