X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/e2d2fc5c71f7d145cba7267989251af45e3bb5ba..c18c124eaa464aaaa5549e99e5a70fc9cbb50944:/bsd/kern/mach_process.c

diff --git a/bsd/kern/mach_process.c b/bsd/kern/mach_process.c
index 5294122ff..ef8ebffcd 100644
--- a/bsd/kern/mach_process.c
+++ b/bsd/kern/mach_process.c
@@ -83,6 +83,7 @@
 #include <sys/mount_internal.h>
 #include <sys/sysproto.h>
 #include <sys/kdebug.h>
+#include <sys/codesign.h>		/* cs_allow_invalid() */
 
 #include <security/audit/audit.h>
 
@@ -92,8 +93,6 @@
 #include <mach/task.h>			/* for task_resume() */
 #include <kern/sched_prim.h>		/* for thread_exception_return() */
 
-#include <vm/vm_protos.h>		/* cs_allow_invalid() */
-
 #include <pexpert/pexpert.h>
 
 /* XXX ken/bsd_kern.c - prototype should be in common header */
@@ -135,7 +134,7 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 			KERNEL_DEBUG_CONSTANT(BSDDBG_CODE(DBG_BSD_PROC, BSD_PROC_FRCEXIT) | DBG_FUNC_NONE,
 					      p->p_pid, W_EXITCODE(ENOTSUP, 0), 4, 0, 0);
 			exit1(p, W_EXITCODE(ENOTSUP, 0), retval);
-			/* drop funnel before we return */
+
 			thread_exception_return();
 			/* NOTREACHED */
 		}
@@ -146,7 +145,7 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 	}
 
 	if (uap->req == PT_FORCEQUOTA) {
-		if (is_suser()) {
+		if (kauth_cred_issuser(kauth_cred_get())) {
 			OSBitOrAtomic(P_FORCEQUOTA, &t->p_flag);
 			return (0);
 		} else
@@ -294,11 +293,17 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 
 			proc_unlock(t);
 			pp = proc_find(t->p_oppid);
-			proc_reparentlocked(t, pp ? pp : initproc, 1, 0);
-			if (pp != PROC_NULL)
+			if (pp != PROC_NULL) {
+				proc_reparentlocked(t, pp, 1, 0);
 				proc_rele(pp);
+			} else {
+				/* original parent exited while traced */
+				proc_list_lock();
+				t->p_listflag |= P_LIST_DEADPARENT;
+				proc_list_unlock();
+				proc_reparentlocked(t, initproc, 1, 0);
+			}
 			proc_lock(t);
-			
 		}
 
 		t->p_oppid = 0;
@@ -313,6 +318,11 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 		 *	is resumed by adding NSIG to p_cursig. [see issig]
 		 */
 		proc_unlock(t);
+#if CONFIG_MACF
+		error = mac_proc_check_signal(p, t, SIGKILL);
+		if (0 != error)
+			goto resume;
+#endif
 		psignal(t, SIGKILL);
 		goto resume;
 
@@ -325,14 +335,10 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 			goto out;
 		}
 
+		/* force use of Mach SPIs (and task_for_pid security checks) to adjust PC */
 		if (uap->addr != (user_addr_t)1) {
-#if defined(ppc)
-#define ALIGNED(addr,size)	(((unsigned)(addr)&((size)-1))==0)
-			if (!ALIGNED((int)uap->addr, sizeof(int)))
-				return (ERESTART);
-#undef 	ALIGNED
-#endif
-			thread_setentrypoint(th_act, uap->addr);
+			error = ENOTSUP;
+			goto out;
 		}
 
 		if ((unsigned)uap->data >= NSIG) {
@@ -346,8 +352,15 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 
 		if (uap->req == PT_STEP) {
 		        /*
-			 * set trace bit
+			 * set trace bit 
+			 * we use sending SIGSTOP as a comparable security check.
 			 */
+#if CONFIG_MACF
+			error = mac_proc_check_signal(p, t, SIGSTOP);
+			if (0 != error) {
+				goto out;
+			}
+#endif
 			if (thread_setsinglestep(th_act, 1) != KERN_SUCCESS) {
 				error = ENOTSUP;
 				goto out;
@@ -355,7 +368,14 @@ ptrace(struct proc *p, struct ptrace_args *uap, int32_t *retval)
 		} else {
 		        /*
 			 * clear trace bit if on
+			 * we use sending SIGCONT as a comparable security check.
 			 */
+#if CONFIG_MACF
+			error = mac_proc_check_signal(p, t, SIGCONT);
+			if (0 != error) {
+				goto out;
+			}
+#endif
 			if (thread_setsinglestep(th_act, 0) != KERN_SUCCESS) {
 				error = ENOTSUP;
 				goto out;
@@ -454,5 +474,13 @@ cantrace(proc_t cur_procp, kauth_cred_t creds, proc_t traced_procp, int *errp)
 		*errp = EBUSY;
 		return (0);
 	}
+
+#if CONFIG_MACF
+	if ((my_err = mac_proc_check_debug(cur_procp, traced_procp)) != 0) {
+		*errp = my_err;
+		return (0);
+	}
+#endif
+
 	return(1);
 }