]> git.saurik.com Git - apple/xnu.git/blobdiff - bsd/kern/mach_process.c
projects / apple / xnu.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
xnu-1228.15.4.tar.gz
[apple/xnu.git] / bsd / kern / mach_process.c
diff --git a/bsd/kern/mach_process.c b/bsd/kern/mach_process.c
index 8e6a05af4af68b8eb50a2ac34ea14948e44fc210..46d527f0507b75b7142306f3467f747ff79fcf6e 100644 (file)
--- a/bsd/kern/mach_process.c
+++ b/bsd/kern/mach_process.c
@@ -1,16 +1,19 @@
 /*
 /*
- * Copyright (c) 2000-2002 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
  *
  *
- * @APPLE_LICENSE_HEADER_START@
- * 
- * Copyright (c) 1999-2003 Apple Computer, Inc.  All Rights Reserved.
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  * 
  * This file contains Original Code and/or Modifications of Original Code
  * as defined in and that are subject to the Apple Public Source License
  * Version 2.0 (the 'License'). You may not use this file except in
  * 
  * This file contains Original Code and/or Modifications of Original Code
  * as defined in and that are subject to the Apple Public Source License
  * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
+ * 
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
  * 
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  * 
  * The Original Code and all software distributed under the License are
  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
@@ -20,7 +23,7 @@
  * Please see the License for the specific language governing rights and
  * limitations under the License.
  * 
  * Please see the License for the specific language governing rights and
  * limitations under the License.
  * 
- * @APPLE_LICENSE_HEADER_END@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
  */
 /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
 /*-
  */
 /* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
 /*-
@@ -68,7 +71,8 @@
 
 #include <sys/param.h>
 #include <sys/systm.h>
 
 #include <sys/param.h>
 #include <sys/systm.h>
-#include <sys/proc.h>
+#include <sys/proc_internal.h>
+#include <sys/kauth.h>
 #include <sys/errno.h>
 #include <sys/ptrace.h>
 #include <sys/uio.h>
 #include <sys/errno.h>
 #include <sys/ptrace.h>
 #include <sys/uio.h>
@@ -76,73 +80,67 @@
 #include <sys/sysctl.h>
 #include <sys/wait.h>
 
 #include <sys/sysctl.h>
 #include <sys/wait.h>
 
-#include <sys/mount.h>
+#include <sys/mount_internal.h>
+#include <sys/sysproto.h>
+
+#include <bsm/audit_kernel.h>
 
 #include <kern/task.h>
 #include <kern/thread.h>
 
 #include <kern/task.h>
 #include <kern/thread.h>
-#include <mach/machine/thread_status.h>
+
+#include <mach/task.h>                 /* for task_resume() */
+#include <kern/sched_prim.h>           /* for thread_exception_return() */
+
+/* XXX ken/bsd_kern.c - prototype should be in common header */
+int get_task_userstop(task_t);
 
 /* Macros to clear/set/test flags. */
 #define        SET(t, f)       (t) |= (f)
 #define        CLR(t, f)       (t) &= ~(f)
 #define        ISSET(t, f)     ((t) & (f))
 
 
 /* Macros to clear/set/test flags. */
 #define        SET(t, f)       (t) |= (f)
 #define        CLR(t, f)       (t) &= ~(f)
 #define        ISSET(t, f)     ((t) & (f))
 
-void psignal_lock __P((struct proc *, int, int));
-int isinferior __P((struct proc *, struct proc *));
+extern thread_t        port_name_to_thread(mach_port_name_t port_name);
+extern thread_t get_firstthread(task_t);
+
 
 /*
  * sys-trace system call.
  */
 
 /*
  * sys-trace system call.
  */
-struct ptrace_args {
-       int     req;
-       pid_t pid;
-       caddr_t addr;
-       int     data;
-};
 
 int
 
 int
-ptrace(p, uap, retval)
-       struct proc *p;
-       struct ptrace_args *uap;
-       register_t *retval;
+ptrace(struct proc *p, struct ptrace_args *uap, register_t *retval)
 {
        struct proc *t = current_proc();        /* target process */
 {
        struct proc *t = current_proc();        /* target process */
-       vm_offset_t     start_addr, end_addr,
-                       kern_addr, offset;
-       vm_size_t       size;
        task_t          task;
        task_t          task;
-       thread_t        thread;
-       thread_act_t    th_act;
+       thread_t        th_act;
        struct uthread  *ut;
        struct uthread  *ut;
-       int             *locr0;
-       int error = 0;
-#if defined(ppc)
-       struct ppc_thread_state64 statep;
-#elif  defined(i386)
-       struct i386_saved_state statep;
-#else
-#error architecture not supported
-#endif
-       unsigned long state_count;
        int tr_sigexc = 0;
        int tr_sigexc = 0;
-
-
-        if (uap->req == PT_DENY_ATTACH) {
-               if (ISSET(p->p_flag, P_TRACED)) {
-                               exit1(p, W_EXITCODE(ENOTSUP, 0), retval);
-                               /* drop funnel before we return */
-                               thread_funnel_set(kernel_flock, FALSE);
-                               thread_exception_return();
-                               /* NOTREACHED */
-                       }
-               SET(p->p_flag, P_NOATTACH);
+       int error = 0;
+       int stopped = 0;
+
+       AUDIT_ARG(cmd, uap->req);
+       AUDIT_ARG(pid, uap->pid);
+       AUDIT_ARG(addr, uap->addr);
+       AUDIT_ARG(value, uap->data);
+
+       if (uap->req == PT_DENY_ATTACH) {
+               proc_lock(p);
+               if (ISSET(p->p_lflag, P_LTRACED)) {
+                       proc_unlock(p);
+                       exit1(p, W_EXITCODE(ENOTSUP, 0), retval);
+                       /* drop funnel before we return */
+                       thread_exception_return();
+                       /* NOTREACHED */
+               }
+               SET(p->p_lflag, P_LNOATTACH);
+               proc_unlock(p);
 
                return(0);
        }
 
        if (uap->req == PT_FORCEQUOTA) {
                if (is_suser()) {
 
                return(0);
        }
 
        if (uap->req == PT_FORCEQUOTA) {
                if (is_suser()) {
-                       SET(t->p_flag, P_FORCEQUOTA);
+                       OSBitOrAtomic(P_FORCEQUOTA, (UInt32 *)&t->p_flag);
                        return (0);
                } else
                        return (EPERM);
                        return (0);
                } else
                        return (EPERM);
@@ -152,31 +150,39 @@ ptrace(p, uap, retval)
         *      Intercept and deal with "please trace me" request.
         */      
        if (uap->req == PT_TRACE_ME) {
         *      Intercept and deal with "please trace me" request.
         */      
        if (uap->req == PT_TRACE_ME) {
-               SET(p->p_flag, P_TRACED);
+               proc_lock(p);
+               SET(p->p_lflag, P_LTRACED);
                /* Non-attached case, our tracer is our parent. */
                /* Non-attached case, our tracer is our parent. */
-               t->p_oppid = t->p_pptr->p_pid;
+               p->p_oppid = p->p_ppid;
+               proc_unlock(p);
                return(0);
        }
        if (uap->req == PT_SIGEXC) {
                return(0);
        }
        if (uap->req == PT_SIGEXC) {
-               if (ISSET(p->p_flag, P_TRACED)) {
-                       SET(p->p_flag, P_SIGEXC);
+               proc_lock(p);
+               if (ISSET(p->p_lflag, P_LTRACED)) {
+                       SET(p->p_lflag, P_LSIGEXC);
+                       proc_unlock(p);
                        return(0);
                        return(0);
-               } else
+               } else {
+                       proc_unlock(p);
                        return(EINVAL);
                        return(EINVAL);
+               }
+       }
+
+       /* 
+        * We do not want ptrace to do anything with kernel or launchd 
+        */
+       if (uap->pid < 2) {
+               return(EPERM);
        }
 
        /*
         *      Locate victim, and make sure it is traceable.
         */
        }
 
        /*
         *      Locate victim, and make sure it is traceable.
         */
-       if ((t = pfind(uap->pid)) == NULL)
+       if ((t = proc_find(uap->pid)) == NULL)
                        return (ESRCH);
 
                        return (ESRCH);
 
-
-       /* We do not want ptrace to do anything with kernel, init 
-        * and mach_init
-        */
-       if (uap->pid <=2 )
-               return (EPERM);
+       AUDIT_ARG(process, t);
 
        task = t->task;
        if (uap->req == PT_ATTACHEXC) {
 
        task = t->task;
        if (uap->req == PT_ATTACHEXC) {
@@ -184,90 +190,102 @@ ptrace(p, uap, retval)
                tr_sigexc = 1;
        }
        if (uap->req == PT_ATTACH) {
                tr_sigexc = 1;
        }
        if (uap->req == PT_ATTACH) {
-
-               /*
-                * You can't attach to a process if:
-                *      (1) it's the process that's doing the attaching,
-                */
-               if (t->p_pid == p->p_pid)
-                       return (EINVAL);
-
-               /*
-                *      (2) it's already being traced, or
-                */
-               if (ISSET(t->p_flag, P_TRACED))
-                       return (EBUSY);
-
-               /*
-                *      (3) it's not owned by you, or is set-id on exec
-                *          (unless you're root).
-                */
-               if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
-                       ISSET(t->p_flag, P_SUGID)) &&
-                   (error = suser(p->p_ucred, &p->p_acflag)) != 0)
-                       return (error);
-
-               if ((p->p_flag & P_TRACED) && isinferior(p, t))
-                       return(EPERM);
-
-               if (ISSET(t->p_flag, P_NOATTACH)) {
-                       psignal(p, SIGSEGV);
-                       return (EBUSY);
-               }
-               SET(t->p_flag, P_TRACED);
-               if (tr_sigexc) 
-                       SET(t->p_flag, P_SIGEXC);
-
-               t->p_oppid = t->p_pptr->p_pid;
-               if (t->p_pptr != p)
-                       proc_reparent(t, p);
-
-               if (get_task_userstop(task) == 0 ) {
+               int             err;
+               
+               if ( kauth_authorize_process(proc_ucred(p), KAUTH_PROCESS_CANTRACE, 
+                                                                        t, (uintptr_t)&err, 0, 0) == 0 ) {
+                       /* it's OK to attach */
+                       proc_lock(t);
+                       SET(t->p_lflag, P_LTRACED);
+                       if (tr_sigexc) 
+                               SET(t->p_lflag, P_LSIGEXC);
+       
+                       t->p_oppid = t->p_ppid;
+                       proc_unlock(t);
+                       if (t->p_pptr != p)
+                               proc_reparentlocked(t, p, 1, 0);
+       
+                       proc_lock(t);
+                       if (get_task_userstop(task) > 0 ) {
+                               stopped = 1;
+                       }
                        t->p_xstat = 0;
                        t->p_xstat = 0;
+                       proc_unlock(t);
                        psignal(t, SIGSTOP);
                        psignal(t, SIGSTOP);
-               } else {
-                       t->p_xstat = SIGSTOP; 
-                       task_resume(task);       
+                       /*
+                        * If the process was stopped, wake up and run through
+                        * issignal() again to properly connect to the tracing
+                        * process.
+                        */
+                       if (stopped)
+                               task_resume(task);       
+                       error = 0;
+                       goto out;
+               }
+               else {
+                       /* not allowed to attach, proper error code returned by kauth_authorize_process */
+                       if (ISSET(t->p_lflag, P_LNOATTACH)) {
+                               psignal(p, SIGSEGV);
+                       }
+                       
+                       error = err;
+                       goto out;
                }
                }
-               return(0);
        }
 
        /*
         * You can't do what you want to the process if:
         *      (1) It's not being traced at all,
         */
        }
 
        /*
         * You can't do what you want to the process if:
         *      (1) It's not being traced at all,
         */
-       if (!ISSET(t->p_flag, P_TRACED))
-               return (EPERM);
+       proc_lock(t);
+       if (!ISSET(t->p_lflag, P_LTRACED)) {
+               proc_unlock(t);
+               error = EPERM;
+               goto out;
+       }
 
        /*
         *      (2) it's not being traced by _you_, or
         */
 
        /*
         *      (2) it's not being traced by _you_, or
         */
-       if (t->p_pptr != p)
-               return (EBUSY);
+       if (t->p_pptr != p) {
+               proc_unlock(t);
+               error = EBUSY;
+               goto out;
+       }
 
        /*
         *      (3) it's not currently stopped.
         */
 
        /*
         *      (3) it's not currently stopped.
         */
-       if (t->p_stat != SSTOP)
-               return (EBUSY);
+       if (t->p_stat != SSTOP) {
+               proc_unlock(t);
+               error = EBUSY;
+               goto out;
+       }
 
        /*
         *      Mach version of ptrace executes request directly here,
         *      thus simplifying the interaction of ptrace and signals.
         */
 
        /*
         *      Mach version of ptrace executes request directly here,
         *      thus simplifying the interaction of ptrace and signals.
         */
+       /* proc lock is held here */
        switch (uap->req) {
 
        case PT_DETACH:
        switch (uap->req) {
 
        case PT_DETACH:
-               if (t->p_oppid != t->p_pptr->p_pid) {
+               if (t->p_oppid != t->p_ppid) {
                        struct proc *pp;
 
                        struct proc *pp;
 
-                       pp = pfind(t->p_oppid);
-                       proc_reparent(t, pp ? pp : initproc);
+                       proc_unlock(t);
+                       pp = proc_find(t->p_oppid);
+                       proc_reparentlocked(t, pp ? pp : initproc, 1, 0);
+                       if (pp != PROC_NULL)
+                               proc_rele(pp);
+                       proc_lock(t);
+                       
                }
 
                t->p_oppid = 0;
                }
 
                t->p_oppid = 0;
-               CLR(t->p_flag, P_TRACED);
-               CLR(t->p_flag, P_SIGEXC);
+               CLR(t->p_lflag, P_LTRACED);
+               CLR(t->p_lflag, P_LSIGEXC);
+               proc_unlock(t);
                goto resume;
                
        case PT_KILL:
                goto resume;
                
        case PT_KILL:
@@ -275,117 +293,147 @@ ptrace(p, uap, retval)
                 *      Tell child process to kill itself after it
                 *      is resumed by adding NSIG to p_cursig. [see issig]
                 */
                 *      Tell child process to kill itself after it
                 *      is resumed by adding NSIG to p_cursig. [see issig]
                 */
-               psignal_lock(t, SIGKILL, 0);
+               proc_unlock(t);
+               psignal(t, SIGKILL);
                goto resume;
 
        case PT_STEP:                   /* single step the child */
        case PT_CONTINUE:               /* continue the child */
                goto resume;
 
        case PT_STEP:                   /* single step the child */
        case PT_CONTINUE:               /* continue the child */
-               th_act = (thread_act_t)get_firstthread(task);
-               if (th_act == THR_ACT_NULL)
-                       goto errorLabel;
-               ut = (uthread_t)get_bsdthread_info(th_act);
-               locr0 = ut->uu_ar0;
-#if defined(i386)
-               state_count = i386_NEW_THREAD_STATE_COUNT;
-               if (thread_getstatus(th_act, i386_NEW_THREAD_STATE, &statep, &state_count)  != KERN_SUCCESS) {
-                       goto errorLabel;
-               }       
-#elif defined(ppc)
-               state_count = PPC_THREAD_STATE64_COUNT;
-               if (thread_getstatus(th_act, PPC_THREAD_STATE64, &statep, &state_count)  != KERN_SUCCESS) {
-                       goto errorLabel;
-               }       
-#else
-#error architecture not supported
-#endif
-               if ((int)uap->addr != 1) {
-#if    defined(i386)
-                       locr0[PC] = (int)uap->addr;
-#elif  defined(ppc)
-#define ALIGNED(addr,size)     (((unsigned)(addr)&((size)-1))==0)
-               if (!ALIGNED((int)uap->addr, sizeof(int)))
-                       return (ERESTART);
+               proc_unlock(t);
+               th_act = (thread_t)get_firstthread(task);
+               if (th_act == THREAD_NULL) {
+                       error = EINVAL;
+                       goto out;
+               }
 
 
-               statep.srr0 = (uint64_t)((uint32_t)uap->addr);
-               state_count = PPC_THREAD_STATE64_COUNT;
-               if (thread_setstatus(th_act, PPC_THREAD_STATE64, &statep, &state_count)  != KERN_SUCCESS) {
-                       goto errorLabel;
-               }       
+               if (uap->addr != (user_addr_t)1) {
+#if defined(ppc)
+#define ALIGNED(addr,size)     (((unsigned)(addr)&((size)-1))==0)
+                       if (!ALIGNED((int)uap->addr, sizeof(int)))
+                               return (ERESTART);
 #undef         ALIGNED
 #undef         ALIGNED
-#else
-#error architecture not implemented!
 #endif
 #endif
-               } /* (int)uap->addr != 1 */
+                       thread_setentrypoint(th_act, uap->addr);
+               }
 
 
-               if ((unsigned)uap->data < 0 || (unsigned)uap->data >= NSIG)
-                       goto errorLabel;
+               if ((unsigned)uap->data >= NSIG) {
+                       error = EINVAL;
+                       goto out;
+               }
 
                if (uap->data != 0) {
 
                if (uap->data != 0) {
-                       psignal_lock(t, uap->data, 0);
+                       psignal(t, uap->data);
                 }
                 }
-#if defined(ppc)
-               state_count = PPC_THREAD_STATE64_COUNT;
-               if (thread_getstatus(th_act, PPC_THREAD_STATE64, &statep, &state_count)  != KERN_SUCCESS) {
-                       goto errorLabel;
-               }       
-#endif
-
-#define MSR_SE_BIT     21
 
                if (uap->req == PT_STEP) {
 
                if (uap->req == PT_STEP) {
-#if    defined(i386)
-                       locr0[PS] |= PSL_T;
-#elif  defined(ppc)
-                       statep.srr1 |= MASK(MSR_SE);
-#else
-#error architecture not implemented!
-#endif
-               } /* uap->req == PT_STEP */
-               else {  /* PT_CONTINUE - clear trace bit if set */
-#if defined(i386)
-                       locr0[PS] &= ~PSL_T;
-#elif defined(ppc)
-                       statep.srr1 &= ~MASK(MSR_SE);
-#endif
-               }
-#if defined (ppc)
-               state_count = PPC_THREAD_STATE64_COUNT;
-               if (thread_setstatus(th_act, PPC_THREAD_STATE64, &statep, &state_count)  != KERN_SUCCESS) {
-                       goto errorLabel;
+                       /*
+                        * set trace bit
+                        */
+                       if (thread_setsinglestep(th_act, 1) != KERN_SUCCESS) {
+                               error = ENOTSUP;
+                               goto out;
+                       }
+               } else {
+                       /*
+                        * clear trace bit if on
+                        */
+                       if (thread_setsinglestep(th_act, 0) != KERN_SUCCESS) {
+                               error = ENOTSUP;
+                               goto out;
+                       }
                }       
                }       
-#endif
        resume:
        resume:
+               proc_lock(t);
                t->p_xstat = uap->data;
                t->p_stat = SRUN;
                if (t->sigwait) {
                        wakeup((caddr_t)&(t->sigwait));
                t->p_xstat = uap->data;
                t->p_stat = SRUN;
                if (t->sigwait) {
                        wakeup((caddr_t)&(t->sigwait));
-                       if ((t->p_flag & P_SIGEXC) == 0)
-                               task_release(task);
-               }
+                       proc_unlock(t);
+                       if ((t->p_lflag & P_LSIGEXC) == 0) {
+                               task_resume(task);
+                       }
+               } else
+                       proc_unlock(t);
+                       
                break;
                
        case PT_THUPDATE:  {
                break;
                
        case PT_THUPDATE:  {
-               thread_act_t target_act;
-
-               if ((unsigned)uap->data >= NSIG)
-                       goto errorLabel;
-               th_act = (thread_act_t)port_name_to_act((void *)uap->addr);
-               if (th_act == THR_ACT_NULL)
+               proc_unlock(t);
+               if ((unsigned)uap->data >= NSIG) {
+                       error = EINVAL;
+                       goto out;
+               }
+               th_act = port_name_to_thread(CAST_DOWN(mach_port_name_t, uap->addr));
+               if (th_act == THREAD_NULL)
                        return (ESRCH);
                ut = (uthread_t)get_bsdthread_info(th_act);
                if (uap->data)
                        ut->uu_siglist |= sigmask(uap->data);
                        return (ESRCH);
                ut = (uthread_t)get_bsdthread_info(th_act);
                if (uap->data)
                        ut->uu_siglist |= sigmask(uap->data);
+               proc_lock(t);
                t->p_xstat = uap->data;
                t->p_stat = SRUN;
                t->p_xstat = uap->data;
                t->p_stat = SRUN;
-               act_deallocate(th_act);
-               return(0);
+               proc_unlock(t);
+               thread_deallocate(th_act);
+               error = 0;
                }
                break;
                }
                break;
-errorLabel:
        default:
        default:
-               return(EINVAL);
+               proc_unlock(t);
+               error = EINVAL;
+               goto out;
        }
 
        }
 
-       return(0);
+       error = 0;
+out:
+       proc_rele(t);
+       return(error);
 }
 
 }
 
+
+/*
+ * determine if one process (cur_procp) can trace another process (traced_procp).
+ */
+
+int
+cantrace(proc_t cur_procp, kauth_cred_t creds, proc_t traced_procp, int *errp)
+{
+       int             my_err;
+       /*
+        * You can't trace a process if:
+        *      (1) it's the process that's doing the tracing,
+        */
+       if (traced_procp->p_pid == cur_procp->p_pid) {
+               *errp = EINVAL;
+               return (0);
+       }
+
+       /*
+        *      (2) it's already being traced, or
+        */
+       if (ISSET(traced_procp->p_lflag, P_LTRACED)) {
+               *errp = EBUSY;
+               return (0);
+       }
+
+       /*
+        *      (3) it's not owned by you, or is set-id on exec
+        *          (unless you're root).
+        */
+       if ((creds->cr_ruid != proc_ucred(traced_procp)->cr_ruid ||
+               ISSET(traced_procp->p_flag, P_SUGID)) &&
+               (my_err = suser(creds, &cur_procp->p_acflag)) != 0) {
+               *errp = my_err;
+               return (0);
+       }
+
+       if ((cur_procp->p_lflag & P_LTRACED) && isinferior(cur_procp, traced_procp)) {
+               *errp = EPERM;
+               return (0);
+       }
+
+       if (ISSET(traced_procp->p_lflag, P_LNOATTACH)) {
+               *errp = EBUSY;
+               return (0);
+       }
+       return(1);
+}
mirror of XNU