1 /* $OpenBSD: kern_sig.c,v 1.203 2016/08/25 00:00:02 dlg Exp $ */ 2 /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ 3 4 /* 5 * Copyright (c) 1997 Theo de Raadt. All rights reserved. 6 * Copyright (c) 1982, 1986, 1989, 1991, 1993 7 * The Regents of the University of California. All rights reserved. 8 * (c) UNIX System Laboratories, Inc. 9 * All or some portions of this file are derived from material licensed 10 * to the University of California by American Telephone and Telegraph 11 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 12 * the permission of UNIX System Laboratories, Inc. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 1. Redistributions of source code must retain the above copyright 18 * notice, this list of conditions and the following disclaimer. 19 * 2. Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in the 21 * documentation and/or other materials provided with the distribution. 22 * 3. Neither the name of the University nor the names of its contributors 23 * may be used to endorse or promote products derived from this software 24 * without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 28 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 29 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 30 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 31 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 32 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 33 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 34 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 35 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 36 * SUCH DAMAGE. 37 * 38 * @(#)kern_sig.c 8.7 (Berkeley) 4/18/94 39 */ 40 41 #define SIGPROP /* include signal properties table */ 42 #include <sys/param.h> 43 #include <sys/signalvar.h> 44 #include <sys/resourcevar.h> 45 #include <sys/queue.h> 46 #include <sys/namei.h> 47 #include <sys/vnode.h> 48 #include <sys/event.h> 49 #include <sys/proc.h> 50 #include <sys/systm.h> 51 #include <sys/acct.h> 52 #include <sys/file.h> 53 #include <sys/filedesc.h> 54 #include <sys/kernel.h> 55 #include <sys/wait.h> 56 #include <sys/ktrace.h> 57 #include <sys/stat.h> 58 #include <sys/core.h> 59 #include <sys/malloc.h> 60 #include <sys/pool.h> 61 #include <sys/ptrace.h> 62 #include <sys/sched.h> 63 #include <sys/user.h> 64 #include <sys/syslog.h> 65 #include <sys/pledge.h> 66 67 #include <sys/mount.h> 68 #include <sys/syscallargs.h> 69 70 #include <uvm/uvm_extern.h> 71 72 #ifdef __HAVE_MD_TCB 73 # include <machine/tcb.h> 74 #endif 75 76 int filt_sigattach(struct knote *kn); 77 void filt_sigdetach(struct knote *kn); 78 int filt_signal(struct knote *kn, long hint); 79 80 struct filterops sig_filtops = 81 { 0, filt_sigattach, filt_sigdetach, filt_signal }; 82 83 void proc_stop(struct proc *p, int); 84 void proc_stop_sweep(void *); 85 struct timeout proc_stop_to; 86 87 int cansignal(struct proc *, struct process *, int); 88 89 struct pool sigacts_pool; /* memory pool for sigacts structures */ 90 91 /* 92 * Can thread p, send the signal signum to process qr? 93 */ 94 int 95 cansignal(struct proc *p, struct process *qr, int signum) 96 { 97 struct process *pr = p->p_p; 98 struct ucred *uc = p->p_ucred; 99 struct ucred *quc = qr->ps_ucred; 100 101 if (uc->cr_uid == 0) 102 return (1); /* root can always signal */ 103 104 if (pr == qr) 105 return (1); /* process can always signal itself */ 106 107 /* optimization: if the same creds then the tests below will pass */ 108 if (uc == quc) 109 return (1); 110 111 if (signum == SIGCONT && qr->ps_session == pr->ps_session) 112 return (1); /* SIGCONT in session */ 113 114 /* 115 * Using kill(), only certain signals can be sent to setugid 116 * child processes 117 */ 118 if (qr->ps_flags & PS_SUGID) { 119 switch (signum) { 120 case 0: 121 case SIGKILL: 122 case SIGINT: 123 case SIGTERM: 124 case SIGALRM: 125 case SIGSTOP: 126 case SIGTTIN: 127 case SIGTTOU: 128 case SIGTSTP: 129 case SIGHUP: 130 case SIGUSR1: 131 case SIGUSR2: 132 if (uc->cr_ruid == quc->cr_ruid || 133 uc->cr_uid == quc->cr_ruid) 134 return (1); 135 } 136 return (0); 137 } 138 139 if (uc->cr_ruid == quc->cr_ruid || 140 uc->cr_ruid == quc->cr_svuid || 141 uc->cr_uid == quc->cr_ruid || 142 uc->cr_uid == quc->cr_svuid) 143 return (1); 144 return (0); 145 } 146 147 /* 148 * Initialize signal-related data structures. 149 */ 150 void 151 signal_init(void) 152 { 153 timeout_set(&proc_stop_to, proc_stop_sweep, NULL); 154 155 pool_init(&sigacts_pool, sizeof(struct sigacts), 0, 0, PR_WAITOK, 156 "sigapl", NULL); 157 pool_setipl(&sigacts_pool, IPL_NONE); 158 } 159 160 /* 161 * Create an initial sigacts structure, using the same signal state 162 * as p. 163 */ 164 struct sigacts * 165 sigactsinit(struct process *pr) 166 { 167 struct sigacts *ps; 168 169 ps = pool_get(&sigacts_pool, PR_WAITOK); 170 memcpy(ps, pr->ps_sigacts, sizeof(struct sigacts)); 171 ps->ps_refcnt = 1; 172 return (ps); 173 } 174 175 /* 176 * Share a sigacts structure. 177 */ 178 struct sigacts * 179 sigactsshare(struct process *pr) 180 { 181 struct sigacts *ps = pr->ps_sigacts; 182 183 ps->ps_refcnt++; 184 return ps; 185 } 186 187 /* 188 * Initialize a new sigaltstack structure. 189 */ 190 void 191 sigstkinit(struct sigaltstack *ss) 192 { 193 ss->ss_flags = SS_DISABLE; 194 ss->ss_size = 0; 195 ss->ss_sp = 0; 196 } 197 198 /* 199 * Make this process not share its sigacts, maintaining all 200 * signal state. 201 */ 202 void 203 sigactsunshare(struct process *pr) 204 { 205 struct sigacts *newps; 206 207 if (pr->ps_sigacts->ps_refcnt == 1) 208 return; 209 210 newps = sigactsinit(pr); 211 sigactsfree(pr); 212 pr->ps_sigacts = newps; 213 } 214 215 /* 216 * Release a sigacts structure. 217 */ 218 void 219 sigactsfree(struct process *pr) 220 { 221 struct sigacts *ps = pr->ps_sigacts; 222 223 if (--ps->ps_refcnt > 0) 224 return; 225 226 pr->ps_sigacts = NULL; 227 228 pool_put(&sigacts_pool, ps); 229 } 230 231 int 232 sys_sigaction(struct proc *p, void *v, register_t *retval) 233 { 234 struct sys_sigaction_args /* { 235 syscallarg(int) signum; 236 syscallarg(const struct sigaction *) nsa; 237 syscallarg(struct sigaction *) osa; 238 } */ *uap = v; 239 struct sigaction vec; 240 #ifdef KTRACE 241 struct sigaction ovec; 242 #endif 243 struct sigaction *sa; 244 const struct sigaction *nsa; 245 struct sigaction *osa; 246 struct sigacts *ps = p->p_p->ps_sigacts; 247 int signum; 248 int bit, error; 249 250 signum = SCARG(uap, signum); 251 nsa = SCARG(uap, nsa); 252 osa = SCARG(uap, osa); 253 254 if (signum <= 0 || signum >= NSIG || 255 (nsa && (signum == SIGKILL || signum == SIGSTOP))) 256 return (EINVAL); 257 sa = &vec; 258 if (osa) { 259 sa->sa_handler = ps->ps_sigact[signum]; 260 sa->sa_mask = ps->ps_catchmask[signum]; 261 bit = sigmask(signum); 262 sa->sa_flags = 0; 263 if ((ps->ps_sigonstack & bit) != 0) 264 sa->sa_flags |= SA_ONSTACK; 265 if ((ps->ps_sigintr & bit) == 0) 266 sa->sa_flags |= SA_RESTART; 267 if ((ps->ps_sigreset & bit) != 0) 268 sa->sa_flags |= SA_RESETHAND; 269 if ((ps->ps_siginfo & bit) != 0) 270 sa->sa_flags |= SA_SIGINFO; 271 if (signum == SIGCHLD) { 272 if ((ps->ps_flags & SAS_NOCLDSTOP) != 0) 273 sa->sa_flags |= SA_NOCLDSTOP; 274 if ((ps->ps_flags & SAS_NOCLDWAIT) != 0) 275 sa->sa_flags |= SA_NOCLDWAIT; 276 } 277 if ((sa->sa_mask & bit) == 0) 278 sa->sa_flags |= SA_NODEFER; 279 sa->sa_mask &= ~bit; 280 error = copyout(sa, osa, sizeof (vec)); 281 if (error) 282 return (error); 283 #ifdef KTRACE 284 if (KTRPOINT(p, KTR_STRUCT)) 285 ovec = vec; 286 #endif 287 } 288 if (nsa) { 289 error = copyin(nsa, sa, sizeof (vec)); 290 if (error) 291 return (error); 292 #ifdef KTRACE 293 if (KTRPOINT(p, KTR_STRUCT)) 294 ktrsigaction(p, sa); 295 #endif 296 setsigvec(p, signum, sa); 297 } 298 #ifdef KTRACE 299 if (osa && KTRPOINT(p, KTR_STRUCT)) 300 ktrsigaction(p, &ovec); 301 #endif 302 return (0); 303 } 304 305 void 306 setsigvec(struct proc *p, int signum, struct sigaction *sa) 307 { 308 struct sigacts *ps = p->p_p->ps_sigacts; 309 int bit; 310 int s; 311 312 bit = sigmask(signum); 313 /* 314 * Change setting atomically. 315 */ 316 s = splhigh(); 317 ps->ps_sigact[signum] = sa->sa_handler; 318 if ((sa->sa_flags & SA_NODEFER) == 0) 319 sa->sa_mask |= sigmask(signum); 320 ps->ps_catchmask[signum] = sa->sa_mask &~ sigcantmask; 321 if (signum == SIGCHLD) { 322 if (sa->sa_flags & SA_NOCLDSTOP) 323 atomic_setbits_int(&ps->ps_flags, SAS_NOCLDSTOP); 324 else 325 atomic_clearbits_int(&ps->ps_flags, SAS_NOCLDSTOP); 326 /* 327 * If the SA_NOCLDWAIT flag is set or the handler 328 * is SIG_IGN we reparent the dying child to PID 1 329 * (init) which will reap the zombie. Because we use 330 * init to do our dirty work we never set SAS_NOCLDWAIT 331 * for PID 1. 332 * XXX exit1 rework means this is unnecessary? 333 */ 334 if (initprocess->ps_sigacts != ps && 335 ((sa->sa_flags & SA_NOCLDWAIT) || 336 sa->sa_handler == SIG_IGN)) 337 atomic_setbits_int(&ps->ps_flags, SAS_NOCLDWAIT); 338 else 339 atomic_clearbits_int(&ps->ps_flags, SAS_NOCLDWAIT); 340 } 341 if ((sa->sa_flags & SA_RESETHAND) != 0) 342 ps->ps_sigreset |= bit; 343 else 344 ps->ps_sigreset &= ~bit; 345 if ((sa->sa_flags & SA_SIGINFO) != 0) 346 ps->ps_siginfo |= bit; 347 else 348 ps->ps_siginfo &= ~bit; 349 if ((sa->sa_flags & SA_RESTART) == 0) 350 ps->ps_sigintr |= bit; 351 else 352 ps->ps_sigintr &= ~bit; 353 if ((sa->sa_flags & SA_ONSTACK) != 0) 354 ps->ps_sigonstack |= bit; 355 else 356 ps->ps_sigonstack &= ~bit; 357 /* 358 * Set bit in ps_sigignore for signals that are set to SIG_IGN, 359 * and for signals set to SIG_DFL where the default is to ignore. 360 * However, don't put SIGCONT in ps_sigignore, 361 * as we have to restart the process. 362 */ 363 if (sa->sa_handler == SIG_IGN || 364 (sigprop[signum] & SA_IGNORE && sa->sa_handler == SIG_DFL)) { 365 atomic_clearbits_int(&p->p_siglist, bit); 366 if (signum != SIGCONT) 367 ps->ps_sigignore |= bit; /* easier in psignal */ 368 ps->ps_sigcatch &= ~bit; 369 } else { 370 ps->ps_sigignore &= ~bit; 371 if (sa->sa_handler == SIG_DFL) 372 ps->ps_sigcatch &= ~bit; 373 else 374 ps->ps_sigcatch |= bit; 375 } 376 splx(s); 377 } 378 379 /* 380 * Initialize signal state for process 0; 381 * set to ignore signals that are ignored by default. 382 */ 383 void 384 siginit(struct process *pr) 385 { 386 struct sigacts *ps = pr->ps_sigacts; 387 int i; 388 389 for (i = 0; i < NSIG; i++) 390 if (sigprop[i] & SA_IGNORE && i != SIGCONT) 391 ps->ps_sigignore |= sigmask(i); 392 ps->ps_flags = SAS_NOCLDWAIT | SAS_NOCLDSTOP; 393 } 394 395 /* 396 * Reset signals for an exec by the specified thread. 397 */ 398 void 399 execsigs(struct proc *p) 400 { 401 struct sigacts *ps; 402 int nc, mask; 403 404 sigactsunshare(p->p_p); 405 ps = p->p_p->ps_sigacts; 406 407 /* 408 * Reset caught signals. Held signals remain held 409 * through p_sigmask (unless they were caught, 410 * and are now ignored by default). 411 */ 412 while (ps->ps_sigcatch) { 413 nc = ffs((long)ps->ps_sigcatch); 414 mask = sigmask(nc); 415 ps->ps_sigcatch &= ~mask; 416 if (sigprop[nc] & SA_IGNORE) { 417 if (nc != SIGCONT) 418 ps->ps_sigignore |= mask; 419 atomic_clearbits_int(&p->p_siglist, mask); 420 } 421 ps->ps_sigact[nc] = SIG_DFL; 422 } 423 /* 424 * Reset stack state to the user stack. 425 * Clear set of signals caught on the signal stack. 426 */ 427 sigstkinit(&p->p_sigstk); 428 ps->ps_flags &= ~SAS_NOCLDWAIT; 429 if (ps->ps_sigact[SIGCHLD] == SIG_IGN) 430 ps->ps_sigact[SIGCHLD] = SIG_DFL; 431 } 432 433 /* 434 * Manipulate signal mask. 435 * Note that we receive new mask, not pointer, 436 * and return old mask as return value; 437 * the library stub does the rest. 438 */ 439 int 440 sys_sigprocmask(struct proc *p, void *v, register_t *retval) 441 { 442 struct sys_sigprocmask_args /* { 443 syscallarg(int) how; 444 syscallarg(sigset_t) mask; 445 } */ *uap = v; 446 int error = 0; 447 sigset_t mask; 448 449 *retval = p->p_sigmask; 450 mask = SCARG(uap, mask) &~ sigcantmask; 451 452 switch (SCARG(uap, how)) { 453 case SIG_BLOCK: 454 atomic_setbits_int(&p->p_sigmask, mask); 455 break; 456 case SIG_UNBLOCK: 457 atomic_clearbits_int(&p->p_sigmask, mask); 458 break; 459 case SIG_SETMASK: 460 p->p_sigmask = mask; 461 break; 462 default: 463 error = EINVAL; 464 break; 465 } 466 return (error); 467 } 468 469 int 470 sys_sigpending(struct proc *p, void *v, register_t *retval) 471 { 472 473 *retval = p->p_siglist; 474 return (0); 475 } 476 477 /* 478 * Temporarily replace calling proc's signal mask for the duration of a 479 * system call. Original signal mask will be restored by userret(). 480 */ 481 void 482 dosigsuspend(struct proc *p, sigset_t newmask) 483 { 484 KASSERT(p == curproc); 485 486 p->p_oldmask = p->p_sigmask; 487 atomic_setbits_int(&p->p_flag, P_SIGSUSPEND); 488 p->p_sigmask = newmask; 489 } 490 491 /* 492 * Suspend process until signal, providing mask to be set 493 * in the meantime. Note nonstandard calling convention: 494 * libc stub passes mask, not pointer, to save a copyin. 495 */ 496 int 497 sys_sigsuspend(struct proc *p, void *v, register_t *retval) 498 { 499 struct sys_sigsuspend_args /* { 500 syscallarg(int) mask; 501 } */ *uap = v; 502 struct process *pr = p->p_p; 503 struct sigacts *ps = pr->ps_sigacts; 504 505 dosigsuspend(p, SCARG(uap, mask) &~ sigcantmask); 506 while (tsleep(ps, PPAUSE|PCATCH, "pause", 0) == 0) 507 /* void */; 508 /* always return EINTR rather than ERESTART... */ 509 return (EINTR); 510 } 511 512 int 513 sigonstack(size_t stack) 514 { 515 const struct sigaltstack *ss = &curproc->p_sigstk; 516 517 return (ss->ss_flags & SS_DISABLE ? 0 : 518 (stack - (size_t)ss->ss_sp < ss->ss_size)); 519 } 520 521 int 522 sys_sigaltstack(struct proc *p, void *v, register_t *retval) 523 { 524 struct sys_sigaltstack_args /* { 525 syscallarg(const struct sigaltstack *) nss; 526 syscallarg(struct sigaltstack *) oss; 527 } */ *uap = v; 528 struct sigaltstack ss; 529 const struct sigaltstack *nss; 530 struct sigaltstack *oss; 531 int onstack = sigonstack(PROC_STACK(p)); 532 int error; 533 534 nss = SCARG(uap, nss); 535 oss = SCARG(uap, oss); 536 537 if (oss != NULL) { 538 ss = p->p_sigstk; 539 if (onstack) 540 ss.ss_flags |= SS_ONSTACK; 541 if ((error = copyout(&ss, oss, sizeof(ss)))) 542 return (error); 543 } 544 if (nss == NULL) 545 return (0); 546 error = copyin(nss, &ss, sizeof(ss)); 547 if (error) 548 return (error); 549 if (onstack) 550 return (EPERM); 551 if (ss.ss_flags & ~SS_DISABLE) 552 return (EINVAL); 553 if (ss.ss_flags & SS_DISABLE) { 554 p->p_sigstk.ss_flags = ss.ss_flags; 555 return (0); 556 } 557 if (ss.ss_size < MINSIGSTKSZ) 558 return (ENOMEM); 559 p->p_sigstk = ss; 560 return (0); 561 } 562 563 int 564 sys_o58_kill(struct proc *cp, void *v, register_t *retval) 565 { 566 struct sys_o58_kill_args /* { 567 syscallarg(int) pid; 568 syscallarg(int) signum; 569 } */ *uap = v; 570 struct proc *p; 571 int pid = SCARG(uap, pid); 572 int signum = SCARG(uap, signum); 573 int error; 574 575 if (pid <= THREAD_PID_OFFSET && (error = pledge_kill(cp, pid)) != 0) 576 return (error); 577 if (((u_int)signum) >= NSIG) 578 return (EINVAL); 579 if (pid > 0) { 580 enum signal_type type = SPROCESS; 581 582 /* 583 * If the target pid is > THREAD_PID_OFFSET then this 584 * must be a kill of another thread in the same process. 585 * Otherwise, this is a process kill and the target must 586 * be a main thread. 587 */ 588 if (pid > THREAD_PID_OFFSET) { 589 if ((p = pfind(pid - THREAD_PID_OFFSET)) == NULL) 590 return (ESRCH); 591 if (p->p_p != cp->p_p) 592 return (ESRCH); 593 type = STHREAD; 594 } else { 595 /* XXX use prfind() */ 596 if ((p = pfind(pid)) == NULL) 597 return (ESRCH); 598 if (p->p_flag & P_THREAD) 599 return (ESRCH); 600 if (!cansignal(cp, p->p_p, signum)) 601 return (EPERM); 602 } 603 604 /* kill single process or thread */ 605 if (signum) 606 ptsignal(p, signum, type); 607 return (0); 608 } 609 switch (pid) { 610 case -1: /* broadcast signal */ 611 return (killpg1(cp, signum, 0, 1)); 612 case 0: /* signal own process group */ 613 return (killpg1(cp, signum, 0, 0)); 614 default: /* negative explicit process group */ 615 return (killpg1(cp, signum, -pid, 0)); 616 } 617 /* NOTREACHED */ 618 } 619 620 int 621 sys_kill(struct proc *cp, void *v, register_t *retval) 622 { 623 struct sys_kill_args /* { 624 syscallarg(int) pid; 625 syscallarg(int) signum; 626 } */ *uap = v; 627 struct process *pr; 628 int pid = SCARG(uap, pid); 629 int signum = SCARG(uap, signum); 630 int error; 631 int zombie = 0; 632 633 if ((error = pledge_kill(cp, pid)) != 0) 634 return (error); 635 if (((u_int)signum) >= NSIG) 636 return (EINVAL); 637 if (pid > 0) { 638 if ((pr = prfind(pid)) == NULL) { 639 if ((pr = zombiefind(pid)) == NULL) 640 return (ESRCH); 641 else 642 zombie = 1; 643 } 644 if (!cansignal(cp, pr, signum)) 645 return (EPERM); 646 647 /* kill single process */ 648 if (signum && !zombie) 649 prsignal(pr, signum); 650 return (0); 651 } 652 switch (pid) { 653 case -1: /* broadcast signal */ 654 return (killpg1(cp, signum, 0, 1)); 655 case 0: /* signal own process group */ 656 return (killpg1(cp, signum, 0, 0)); 657 default: /* negative explicit process group */ 658 return (killpg1(cp, signum, -pid, 0)); 659 } 660 } 661 662 int 663 sys_thrkill(struct proc *cp, void *v, register_t *retval) 664 { 665 struct sys_thrkill_args /* { 666 syscallarg(pid_t) tid; 667 syscallarg(int) signum; 668 syscallarg(void *) tcb; 669 } */ *uap = v; 670 struct proc *p; 671 int tid = SCARG(uap, tid); 672 int signum = SCARG(uap, signum); 673 void *tcb; 674 675 if (((u_int)signum) >= NSIG) 676 return (EINVAL); 677 if (tid > THREAD_PID_OFFSET) { 678 if ((p = pfind(tid - THREAD_PID_OFFSET)) == NULL) 679 return (ESRCH); 680 681 /* can only kill threads in the same process */ 682 if (p->p_p != cp->p_p) 683 return (ESRCH); 684 } else if (tid == 0) 685 p = cp; 686 else 687 return (EINVAL); 688 689 /* optionally require the target thread to have the given tcb addr */ 690 tcb = SCARG(uap, tcb); 691 if (tcb != NULL && tcb != TCB_GET(p)) 692 return (ESRCH); 693 694 if (signum) 695 ptsignal(p, signum, STHREAD); 696 return (0); 697 } 698 699 /* 700 * Common code for kill process group/broadcast kill. 701 * cp is calling process. 702 */ 703 int 704 killpg1(struct proc *cp, int signum, int pgid, int all) 705 { 706 struct process *pr; 707 struct pgrp *pgrp; 708 int nfound = 0; 709 710 if (all) 711 /* 712 * broadcast 713 */ 714 LIST_FOREACH(pr, &allprocess, ps_list) { 715 if (pr->ps_pid <= 1 || 716 pr->ps_flags & (PS_SYSTEM | PS_NOBROADCASTKILL) || 717 pr == cp->p_p || !cansignal(cp, pr, signum)) 718 continue; 719 nfound++; 720 if (signum) 721 prsignal(pr, signum); 722 } 723 else { 724 if (pgid == 0) 725 /* 726 * zero pgid means send to my process group. 727 */ 728 pgrp = cp->p_p->ps_pgrp; 729 else { 730 pgrp = pgfind(pgid); 731 if (pgrp == NULL) 732 return (ESRCH); 733 } 734 LIST_FOREACH(pr, &pgrp->pg_members, ps_pglist) { 735 if (pr->ps_pid <= 1 || pr->ps_flags & PS_SYSTEM || 736 !cansignal(cp, pr, signum)) 737 continue; 738 nfound++; 739 if (signum) 740 prsignal(pr, signum); 741 } 742 } 743 return (nfound ? 0 : ESRCH); 744 } 745 746 #define CANDELIVER(uid, euid, pr) \ 747 (euid == 0 || \ 748 (uid) == (pr)->ps_ucred->cr_ruid || \ 749 (uid) == (pr)->ps_ucred->cr_svuid || \ 750 (uid) == (pr)->ps_ucred->cr_uid || \ 751 (euid) == (pr)->ps_ucred->cr_ruid || \ 752 (euid) == (pr)->ps_ucred->cr_svuid || \ 753 (euid) == (pr)->ps_ucred->cr_uid) 754 755 /* 756 * Deliver signum to pgid, but first check uid/euid against each 757 * process and see if it is permitted. 758 */ 759 void 760 csignal(pid_t pgid, int signum, uid_t uid, uid_t euid) 761 { 762 struct pgrp *pgrp; 763 struct process *pr; 764 765 if (pgid == 0) 766 return; 767 if (pgid < 0) { 768 pgid = -pgid; 769 if ((pgrp = pgfind(pgid)) == NULL) 770 return; 771 LIST_FOREACH(pr, &pgrp->pg_members, ps_pglist) 772 if (CANDELIVER(uid, euid, pr)) 773 prsignal(pr, signum); 774 } else { 775 if ((pr = prfind(pgid)) == NULL) 776 return; 777 if (CANDELIVER(uid, euid, pr)) 778 prsignal(pr, signum); 779 } 780 } 781 782 /* 783 * Send a signal to a process group. 784 */ 785 void 786 gsignal(int pgid, int signum) 787 { 788 struct pgrp *pgrp; 789 790 if (pgid && (pgrp = pgfind(pgid))) 791 pgsignal(pgrp, signum, 0); 792 } 793 794 /* 795 * Send a signal to a process group. If checktty is 1, 796 * limit to members which have a controlling terminal. 797 */ 798 void 799 pgsignal(struct pgrp *pgrp, int signum, int checkctty) 800 { 801 struct process *pr; 802 803 if (pgrp) 804 LIST_FOREACH(pr, &pgrp->pg_members, ps_pglist) 805 if (checkctty == 0 || pr->ps_flags & PS_CONTROLT) 806 prsignal(pr, signum); 807 } 808 809 /* 810 * Send a signal caused by a trap to the current process. 811 * If it will be caught immediately, deliver it with correct code. 812 * Otherwise, post it normally. 813 */ 814 void 815 trapsignal(struct proc *p, int signum, u_long trapno, int code, 816 union sigval sigval) 817 { 818 struct process *pr = p->p_p; 819 struct sigacts *ps = pr->ps_sigacts; 820 int mask; 821 822 mask = sigmask(signum); 823 if ((pr->ps_flags & PS_TRACED) == 0 && 824 (ps->ps_sigcatch & mask) != 0 && 825 (p->p_sigmask & mask) == 0) { 826 #ifdef KTRACE 827 if (KTRPOINT(p, KTR_PSIG)) { 828 siginfo_t si; 829 830 initsiginfo(&si, signum, trapno, code, sigval); 831 ktrpsig(p, signum, ps->ps_sigact[signum], 832 p->p_sigmask, code, &si); 833 } 834 #endif 835 p->p_ru.ru_nsignals++; 836 (*pr->ps_emul->e_sendsig)(ps->ps_sigact[signum], signum, 837 p->p_sigmask, trapno, code, sigval); 838 atomic_setbits_int(&p->p_sigmask, ps->ps_catchmask[signum]); 839 if ((ps->ps_sigreset & mask) != 0) { 840 ps->ps_sigcatch &= ~mask; 841 if (signum != SIGCONT && sigprop[signum] & SA_IGNORE) 842 ps->ps_sigignore |= mask; 843 ps->ps_sigact[signum] = SIG_DFL; 844 } 845 } else { 846 p->p_sisig = signum; 847 p->p_sitrapno = trapno; /* XXX for core dump/debugger */ 848 p->p_sicode = code; 849 p->p_sigval = sigval; 850 851 /* 852 * Signals like SIGBUS and SIGSEGV should not, when 853 * generated by the kernel, be ignorable or blockable. 854 * If it is and we're not being traced, then just kill 855 * the process. 856 */ 857 if ((pr->ps_flags & PS_TRACED) == 0 && 858 (sigprop[signum] & SA_KILL) && 859 ((p->p_sigmask & mask) || (ps->ps_sigignore & mask))) 860 sigexit(p, signum); 861 ptsignal(p, signum, STHREAD); 862 } 863 } 864 865 /* 866 * Send the signal to the process. If the signal has an action, the action 867 * is usually performed by the target process rather than the caller; we add 868 * the signal to the set of pending signals for the process. 869 * 870 * Exceptions: 871 * o When a stop signal is sent to a sleeping process that takes the 872 * default action, the process is stopped without awakening it. 873 * o SIGCONT restarts stopped processes (or puts them back to sleep) 874 * regardless of the signal action (eg, blocked or ignored). 875 * 876 * Other ignored signals are discarded immediately. 877 */ 878 void 879 psignal(struct proc *p, int signum) 880 { 881 ptsignal(p, signum, SPROCESS); 882 } 883 884 /* 885 * type = SPROCESS process signal, can be diverted (sigwait()) 886 * XXX if blocked in all threads, mark as pending in struct process 887 * type = STHREAD thread signal, but should be propagated if unhandled 888 * type = SPROPAGATED propagated to this thread, so don't propagate again 889 */ 890 void 891 ptsignal(struct proc *p, int signum, enum signal_type type) 892 { 893 int s, prop; 894 sig_t action; 895 int mask; 896 struct process *pr = p->p_p; 897 struct proc *q; 898 int wakeparent = 0; 899 900 #ifdef DIAGNOSTIC 901 if ((u_int)signum >= NSIG || signum == 0) 902 panic("psignal signal number"); 903 #endif 904 905 /* Ignore signal if the target process is exiting */ 906 if (pr->ps_flags & PS_EXITING) 907 return; 908 909 mask = sigmask(signum); 910 911 if (type == SPROCESS) { 912 /* Accept SIGKILL to coredumping processes */ 913 if (pr->ps_flags & PS_COREDUMP && signum == SIGKILL) { 914 if (pr->ps_single != NULL) 915 p = pr->ps_single; 916 atomic_setbits_int(&p->p_siglist, mask); 917 return; 918 } 919 920 /* 921 * If the current thread can process the signal 922 * immediately (it's unblocked) then have it take it. 923 */ 924 q = curproc; 925 if (q != NULL && q->p_p == pr && (q->p_flag & P_WEXIT) == 0 && 926 (q->p_sigmask & mask) == 0) 927 p = q; 928 else { 929 /* 930 * A process-wide signal can be diverted to a 931 * different thread that's in sigwait() for this 932 * signal. If there isn't such a thread, then 933 * pick a thread that doesn't have it blocked so 934 * that the stop/kill consideration isn't 935 * delayed. Otherwise, mark it pending on the 936 * main thread. 937 */ 938 TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) { 939 /* ignore exiting threads */ 940 if (q->p_flag & P_WEXIT) 941 continue; 942 943 /* skip threads that have the signal blocked */ 944 if ((q->p_sigmask & mask) != 0) 945 continue; 946 947 /* okay, could send to this thread */ 948 p = q; 949 950 /* 951 * sigsuspend, sigwait, ppoll/pselect, etc? 952 * Definitely go to this thread, as it's 953 * already blocked in the kernel. 954 */ 955 if (q->p_flag & P_SIGSUSPEND) 956 break; 957 } 958 } 959 } 960 961 if (type != SPROPAGATED) 962 KNOTE(&pr->ps_klist, NOTE_SIGNAL | signum); 963 964 prop = sigprop[signum]; 965 966 /* 967 * If proc is traced, always give parent a chance. 968 */ 969 if (pr->ps_flags & PS_TRACED) { 970 action = SIG_DFL; 971 atomic_setbits_int(&p->p_siglist, mask); 972 } else { 973 /* 974 * If the signal is being ignored, 975 * then we forget about it immediately. 976 * (Note: we don't set SIGCONT in ps_sigignore, 977 * and if it is set to SIG_IGN, 978 * action will be SIG_DFL here.) 979 */ 980 if (pr->ps_sigacts->ps_sigignore & mask) 981 return; 982 if (p->p_sigmask & mask) { 983 action = SIG_HOLD; 984 } else if (pr->ps_sigacts->ps_sigcatch & mask) { 985 action = SIG_CATCH; 986 } else { 987 action = SIG_DFL; 988 989 if (prop & SA_KILL && pr->ps_nice > NZERO) 990 pr->ps_nice = NZERO; 991 992 /* 993 * If sending a tty stop signal to a member of an 994 * orphaned process group, discard the signal here if 995 * the action is default; don't stop the process below 996 * if sleeping, and don't clear any pending SIGCONT. 997 */ 998 if (prop & SA_TTYSTOP && pr->ps_pgrp->pg_jobc == 0) 999 return; 1000 } 1001 1002 atomic_setbits_int(&p->p_siglist, mask); 1003 } 1004 1005 if (prop & SA_CONT) 1006 atomic_clearbits_int(&p->p_siglist, stopsigmask); 1007 1008 if (prop & SA_STOP) { 1009 atomic_clearbits_int(&p->p_siglist, contsigmask); 1010 atomic_clearbits_int(&p->p_flag, P_CONTINUED); 1011 } 1012 1013 /* 1014 * XXX delay processing of SA_STOP signals unless action == SIG_DFL? 1015 */ 1016 if (prop & (SA_CONT | SA_STOP) && type != SPROPAGATED) 1017 TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) 1018 if (q != p) 1019 ptsignal(q, signum, SPROPAGATED); 1020 1021 /* 1022 * Defer further processing for signals which are held, 1023 * except that stopped processes must be continued by SIGCONT. 1024 */ 1025 if (action == SIG_HOLD && ((prop & SA_CONT) == 0 || p->p_stat != SSTOP)) 1026 return; 1027 1028 SCHED_LOCK(s); 1029 1030 switch (p->p_stat) { 1031 1032 case SSLEEP: 1033 /* 1034 * If process is sleeping uninterruptibly 1035 * we can't interrupt the sleep... the signal will 1036 * be noticed when the process returns through 1037 * trap() or syscall(). 1038 */ 1039 if ((p->p_flag & P_SINTR) == 0) 1040 goto out; 1041 /* 1042 * Process is sleeping and traced... make it runnable 1043 * so it can discover the signal in issignal() and stop 1044 * for the parent. 1045 */ 1046 if (pr->ps_flags & PS_TRACED) 1047 goto run; 1048 /* 1049 * If SIGCONT is default (or ignored) and process is 1050 * asleep, we are finished; the process should not 1051 * be awakened. 1052 */ 1053 if ((prop & SA_CONT) && action == SIG_DFL) { 1054 atomic_clearbits_int(&p->p_siglist, mask); 1055 goto out; 1056 } 1057 /* 1058 * When a sleeping process receives a stop 1059 * signal, process immediately if possible. 1060 */ 1061 if ((prop & SA_STOP) && action == SIG_DFL) { 1062 /* 1063 * If a child holding parent blocked, 1064 * stopping could cause deadlock. 1065 */ 1066 if (pr->ps_flags & PS_PPWAIT) 1067 goto out; 1068 atomic_clearbits_int(&p->p_siglist, mask); 1069 p->p_xstat = signum; 1070 proc_stop(p, 0); 1071 goto out; 1072 } 1073 /* 1074 * All other (caught or default) signals 1075 * cause the process to run. 1076 */ 1077 goto runfast; 1078 /*NOTREACHED*/ 1079 1080 case SSTOP: 1081 /* 1082 * If traced process is already stopped, 1083 * then no further action is necessary. 1084 */ 1085 if (pr->ps_flags & PS_TRACED) 1086 goto out; 1087 1088 /* 1089 * Kill signal always sets processes running. 1090 */ 1091 if (signum == SIGKILL) { 1092 atomic_clearbits_int(&p->p_flag, P_SUSPSIG); 1093 goto runfast; 1094 } 1095 1096 if (prop & SA_CONT) { 1097 /* 1098 * If SIGCONT is default (or ignored), we continue the 1099 * process but don't leave the signal in p_siglist, as 1100 * it has no further action. If SIGCONT is held, we 1101 * continue the process and leave the signal in 1102 * p_siglist. If the process catches SIGCONT, let it 1103 * handle the signal itself. If it isn't waiting on 1104 * an event, then it goes back to run state. 1105 * Otherwise, process goes back to sleep state. 1106 */ 1107 atomic_setbits_int(&p->p_flag, P_CONTINUED); 1108 atomic_clearbits_int(&p->p_flag, P_SUSPSIG); 1109 wakeparent = 1; 1110 if (action == SIG_DFL) 1111 atomic_clearbits_int(&p->p_siglist, mask); 1112 if (action == SIG_CATCH) 1113 goto runfast; 1114 if (p->p_wchan == 0) 1115 goto run; 1116 p->p_stat = SSLEEP; 1117 goto out; 1118 } 1119 1120 if (prop & SA_STOP) { 1121 /* 1122 * Already stopped, don't need to stop again. 1123 * (If we did the shell could get confused.) 1124 */ 1125 atomic_clearbits_int(&p->p_siglist, mask); 1126 goto out; 1127 } 1128 1129 /* 1130 * If process is sleeping interruptibly, then simulate a 1131 * wakeup so that when it is continued, it will be made 1132 * runnable and can look at the signal. But don't make 1133 * the process runnable, leave it stopped. 1134 */ 1135 if (p->p_wchan && p->p_flag & P_SINTR) 1136 unsleep(p); 1137 goto out; 1138 1139 case SONPROC: 1140 signotify(p); 1141 /* FALLTHROUGH */ 1142 default: 1143 /* 1144 * SRUN, SIDL, SDEAD do nothing with the signal, 1145 * other than kicking ourselves if we are running. 1146 * It will either never be noticed, or noticed very soon. 1147 */ 1148 goto out; 1149 } 1150 /*NOTREACHED*/ 1151 1152 runfast: 1153 /* 1154 * Raise priority to at least PUSER. 1155 */ 1156 if (p->p_priority > PUSER) 1157 p->p_priority = PUSER; 1158 run: 1159 setrunnable(p); 1160 out: 1161 SCHED_UNLOCK(s); 1162 if (wakeparent) 1163 wakeup(pr->ps_pptr); 1164 } 1165 1166 /* 1167 * If the current process has received a signal (should be caught or cause 1168 * termination, should interrupt current syscall), return the signal number. 1169 * Stop signals with default action are processed immediately, then cleared; 1170 * they aren't returned. This is checked after each entry to the system for 1171 * a syscall or trap (though this can usually be done without calling issignal 1172 * by checking the pending signal masks in the CURSIG macro.) The normal call 1173 * sequence is 1174 * 1175 * while (signum = CURSIG(curproc)) 1176 * postsig(signum); 1177 * 1178 * Assumes that if the P_SINTR flag is set, we're holding both the 1179 * kernel and scheduler locks. 1180 */ 1181 int 1182 issignal(struct proc *p) 1183 { 1184 struct process *pr = p->p_p; 1185 int signum, mask, prop; 1186 int dolock = (p->p_flag & P_SINTR) == 0; 1187 int s; 1188 1189 for (;;) { 1190 mask = p->p_siglist & ~p->p_sigmask; 1191 if (pr->ps_flags & PS_PPWAIT) 1192 mask &= ~stopsigmask; 1193 if (mask == 0) /* no signal to send */ 1194 return (0); 1195 signum = ffs((long)mask); 1196 mask = sigmask(signum); 1197 atomic_clearbits_int(&p->p_siglist, mask); 1198 1199 /* 1200 * We should see pending but ignored signals 1201 * only if PS_TRACED was on when they were posted. 1202 */ 1203 if (mask & pr->ps_sigacts->ps_sigignore && 1204 (pr->ps_flags & PS_TRACED) == 0) 1205 continue; 1206 1207 if ((pr->ps_flags & (PS_TRACED | PS_PPWAIT)) == PS_TRACED) { 1208 /* 1209 * If traced, always stop, and stay 1210 * stopped until released by the debugger. 1211 */ 1212 p->p_xstat = signum; 1213 1214 if (dolock) 1215 KERNEL_LOCK(); 1216 single_thread_set(p, SINGLE_PTRACE, 0); 1217 if (dolock) 1218 KERNEL_UNLOCK(); 1219 1220 if (dolock) 1221 SCHED_LOCK(s); 1222 proc_stop(p, 1); 1223 if (dolock) 1224 SCHED_UNLOCK(s); 1225 1226 if (dolock) 1227 KERNEL_LOCK(); 1228 single_thread_clear(p, 0); 1229 if (dolock) 1230 KERNEL_UNLOCK(); 1231 1232 /* 1233 * If we are no longer being traced, or the parent 1234 * didn't give us a signal, look for more signals. 1235 */ 1236 if ((pr->ps_flags & PS_TRACED) == 0 || p->p_xstat == 0) 1237 continue; 1238 1239 /* 1240 * If the new signal is being masked, look for other 1241 * signals. 1242 */ 1243 signum = p->p_xstat; 1244 mask = sigmask(signum); 1245 if ((p->p_sigmask & mask) != 0) 1246 continue; 1247 1248 /* take the signal! */ 1249 atomic_clearbits_int(&p->p_siglist, mask); 1250 } 1251 1252 prop = sigprop[signum]; 1253 1254 /* 1255 * Decide whether the signal should be returned. 1256 * Return the signal's number, or fall through 1257 * to clear it from the pending mask. 1258 */ 1259 switch ((long)pr->ps_sigacts->ps_sigact[signum]) { 1260 case (long)SIG_DFL: 1261 /* 1262 * Don't take default actions on system processes. 1263 */ 1264 if (p->p_pid <= 1) { 1265 #ifdef DIAGNOSTIC 1266 /* 1267 * Are you sure you want to ignore SIGSEGV 1268 * in init? XXX 1269 */ 1270 printf("Process (pid %d) got signal %d\n", 1271 p->p_pid, signum); 1272 #endif 1273 break; /* == ignore */ 1274 } 1275 /* 1276 * If there is a pending stop signal to process 1277 * with default action, stop here, 1278 * then clear the signal. However, 1279 * if process is member of an orphaned 1280 * process group, ignore tty stop signals. 1281 */ 1282 if (prop & SA_STOP) { 1283 if (pr->ps_flags & PS_TRACED || 1284 (pr->ps_pgrp->pg_jobc == 0 && 1285 prop & SA_TTYSTOP)) 1286 break; /* == ignore */ 1287 p->p_xstat = signum; 1288 if (dolock) 1289 SCHED_LOCK(s); 1290 proc_stop(p, 1); 1291 if (dolock) 1292 SCHED_UNLOCK(s); 1293 break; 1294 } else if (prop & SA_IGNORE) { 1295 /* 1296 * Except for SIGCONT, shouldn't get here. 1297 * Default action is to ignore; drop it. 1298 */ 1299 break; /* == ignore */ 1300 } else 1301 goto keep; 1302 /*NOTREACHED*/ 1303 case (long)SIG_IGN: 1304 /* 1305 * Masking above should prevent us ever trying 1306 * to take action on an ignored signal other 1307 * than SIGCONT, unless process is traced. 1308 */ 1309 if ((prop & SA_CONT) == 0 && 1310 (pr->ps_flags & PS_TRACED) == 0) 1311 printf("issignal\n"); 1312 break; /* == ignore */ 1313 default: 1314 /* 1315 * This signal has an action, let 1316 * postsig() process it. 1317 */ 1318 goto keep; 1319 } 1320 } 1321 /* NOTREACHED */ 1322 1323 keep: 1324 atomic_setbits_int(&p->p_siglist, mask); /*leave the signal for later */ 1325 return (signum); 1326 } 1327 1328 /* 1329 * Put the argument process into the stopped state and notify the parent 1330 * via wakeup. Signals are handled elsewhere. The process must not be 1331 * on the run queue. 1332 */ 1333 void 1334 proc_stop(struct proc *p, int sw) 1335 { 1336 struct process *pr = p->p_p; 1337 extern void *softclock_si; 1338 1339 #ifdef MULTIPROCESSOR 1340 SCHED_ASSERT_LOCKED(); 1341 #endif 1342 1343 p->p_stat = SSTOP; 1344 atomic_clearbits_int(&pr->ps_flags, PS_WAITED); 1345 atomic_setbits_int(&pr->ps_flags, PS_STOPPED); 1346 atomic_setbits_int(&p->p_flag, P_SUSPSIG); 1347 if (!timeout_pending(&proc_stop_to)) { 1348 timeout_add(&proc_stop_to, 0); 1349 /* 1350 * We need this soft interrupt to be handled fast. 1351 * Extra calls to softclock don't hurt. 1352 */ 1353 softintr_schedule(softclock_si); 1354 } 1355 if (sw) 1356 mi_switch(); 1357 } 1358 1359 /* 1360 * Called from a timeout to send signals to the parents of stopped processes. 1361 * We can't do this in proc_stop because it's called with nasty locks held 1362 * and we would need recursive scheduler lock to deal with that. 1363 */ 1364 void 1365 proc_stop_sweep(void *v) 1366 { 1367 struct process *pr; 1368 1369 LIST_FOREACH(pr, &allprocess, ps_list) { 1370 if ((pr->ps_flags & PS_STOPPED) == 0) 1371 continue; 1372 atomic_clearbits_int(&pr->ps_flags, PS_STOPPED); 1373 1374 if ((pr->ps_pptr->ps_sigacts->ps_flags & SAS_NOCLDSTOP) == 0) 1375 prsignal(pr->ps_pptr, SIGCHLD); 1376 wakeup(pr->ps_pptr); 1377 } 1378 } 1379 1380 /* 1381 * Take the action for the specified signal 1382 * from the current set of pending signals. 1383 */ 1384 void 1385 postsig(int signum) 1386 { 1387 struct proc *p = curproc; 1388 struct process *pr = p->p_p; 1389 struct sigacts *ps = pr->ps_sigacts; 1390 sig_t action; 1391 u_long trapno; 1392 int mask, returnmask; 1393 union sigval sigval; 1394 int s, code; 1395 1396 #ifdef DIAGNOSTIC 1397 if (signum == 0) 1398 panic("postsig"); 1399 #endif 1400 1401 KERNEL_LOCK(); 1402 1403 mask = sigmask(signum); 1404 atomic_clearbits_int(&p->p_siglist, mask); 1405 action = ps->ps_sigact[signum]; 1406 sigval.sival_ptr = 0; 1407 1408 if (p->p_sisig != signum) { 1409 trapno = 0; 1410 code = SI_USER; 1411 sigval.sival_ptr = 0; 1412 } else { 1413 trapno = p->p_sitrapno; 1414 code = p->p_sicode; 1415 sigval = p->p_sigval; 1416 } 1417 1418 #ifdef KTRACE 1419 if (KTRPOINT(p, KTR_PSIG)) { 1420 siginfo_t si; 1421 1422 initsiginfo(&si, signum, trapno, code, sigval); 1423 ktrpsig(p, signum, action, p->p_flag & P_SIGSUSPEND ? 1424 p->p_oldmask : p->p_sigmask, code, &si); 1425 } 1426 #endif 1427 if (action == SIG_DFL) { 1428 /* 1429 * Default action, where the default is to kill 1430 * the process. (Other cases were ignored above.) 1431 */ 1432 sigexit(p, signum); 1433 /* NOTREACHED */ 1434 } else { 1435 /* 1436 * If we get here, the signal must be caught. 1437 */ 1438 #ifdef DIAGNOSTIC 1439 if (action == SIG_IGN || (p->p_sigmask & mask)) 1440 panic("postsig action"); 1441 #endif 1442 /* 1443 * Set the new mask value and also defer further 1444 * occurrences of this signal. 1445 * 1446 * Special case: user has done a sigpause. Here the 1447 * current mask is not of interest, but rather the 1448 * mask from before the sigpause is what we want 1449 * restored after the signal processing is completed. 1450 */ 1451 #ifdef MULTIPROCESSOR 1452 s = splsched(); 1453 #else 1454 s = splhigh(); 1455 #endif 1456 if (p->p_flag & P_SIGSUSPEND) { 1457 atomic_clearbits_int(&p->p_flag, P_SIGSUSPEND); 1458 returnmask = p->p_oldmask; 1459 } else { 1460 returnmask = p->p_sigmask; 1461 } 1462 atomic_setbits_int(&p->p_sigmask, ps->ps_catchmask[signum]); 1463 if ((ps->ps_sigreset & mask) != 0) { 1464 ps->ps_sigcatch &= ~mask; 1465 if (signum != SIGCONT && sigprop[signum] & SA_IGNORE) 1466 ps->ps_sigignore |= mask; 1467 ps->ps_sigact[signum] = SIG_DFL; 1468 } 1469 splx(s); 1470 p->p_ru.ru_nsignals++; 1471 if (p->p_sisig == signum) { 1472 p->p_sisig = 0; 1473 p->p_sitrapno = 0; 1474 p->p_sicode = SI_USER; 1475 p->p_sigval.sival_ptr = NULL; 1476 } 1477 1478 (*pr->ps_emul->e_sendsig)(action, signum, returnmask, trapno, 1479 code, sigval); 1480 } 1481 1482 KERNEL_UNLOCK(); 1483 } 1484 1485 /* 1486 * Force the current process to exit with the specified signal, dumping core 1487 * if appropriate. We bypass the normal tests for masked and caught signals, 1488 * allowing unrecoverable failures to terminate the process without changing 1489 * signal state. Mark the accounting record with the signal termination. 1490 * If dumping core, save the signal number for the debugger. Calls exit and 1491 * does not return. 1492 */ 1493 void 1494 sigexit(struct proc *p, int signum) 1495 { 1496 /* Mark process as going away */ 1497 atomic_setbits_int(&p->p_flag, P_WEXIT); 1498 1499 p->p_p->ps_acflag |= AXSIG; 1500 if (sigprop[signum] & SA_CORE) { 1501 p->p_sisig = signum; 1502 1503 /* if there are other threads, pause them */ 1504 if (P_HASSIBLING(p)) 1505 single_thread_set(p, SINGLE_SUSPEND, 0); 1506 1507 if (coredump(p) == 0) 1508 signum |= WCOREFLAG; 1509 } 1510 exit1(p, W_EXITCODE(0, signum), EXIT_NORMAL); 1511 /* NOTREACHED */ 1512 } 1513 1514 int nosuidcoredump = 1; 1515 1516 struct coredump_iostate { 1517 struct proc *io_proc; 1518 struct vnode *io_vp; 1519 struct ucred *io_cred; 1520 off_t io_offset; 1521 }; 1522 1523 /* 1524 * Dump core, into a file named "progname.core", unless the process was 1525 * setuid/setgid. 1526 */ 1527 int 1528 coredump(struct proc *p) 1529 { 1530 #ifdef SMALL_KERNEL 1531 return EPERM; 1532 #else 1533 struct process *pr = p->p_p; 1534 struct vnode *vp; 1535 struct ucred *cred = p->p_ucred; 1536 struct vmspace *vm = p->p_vmspace; 1537 struct nameidata nd; 1538 struct vattr vattr; 1539 struct coredump_iostate io; 1540 int error, len, incrash = 0; 1541 char name[MAXPATHLEN]; 1542 const char *dir = "/var/crash"; 1543 1544 if (pr->ps_emul->e_coredump == NULL) 1545 return (EINVAL); 1546 1547 pr->ps_flags |= PS_COREDUMP; 1548 1549 /* 1550 * If the process has inconsistant uids, nosuidcoredump 1551 * determines coredump placement policy. 1552 */ 1553 if (((pr->ps_flags & PS_SUGID) && (error = suser(p, 0))) || 1554 ((pr->ps_flags & PS_SUGID) && nosuidcoredump)) { 1555 if (nosuidcoredump == 3 || nosuidcoredump == 2) 1556 incrash = 1; 1557 else 1558 return (EPERM); 1559 } 1560 1561 /* Don't dump if will exceed file size limit. */ 1562 if (USPACE + ptoa(vm->vm_dsize + vm->vm_ssize) >= 1563 p->p_rlimit[RLIMIT_CORE].rlim_cur) 1564 return (EFBIG); 1565 1566 if (incrash && nosuidcoredump == 3) { 1567 /* 1568 * If the program directory does not exist, dumps of 1569 * that core will silently fail. 1570 */ 1571 len = snprintf(name, sizeof(name), "%s/%s/%u.core", 1572 dir, p->p_comm, p->p_pid); 1573 } else if (incrash && nosuidcoredump == 2) 1574 len = snprintf(name, sizeof(name), "%s/%s.core", 1575 dir, p->p_comm); 1576 else 1577 len = snprintf(name, sizeof(name), "%s.core", p->p_comm); 1578 if (len >= sizeof(name)) 1579 return (EACCES); 1580 1581 /* 1582 * Control the UID used to write out. The normal case uses 1583 * the real UID. If the sugid case is going to write into the 1584 * controlled directory, we do so as root. 1585 */ 1586 if (incrash == 0) { 1587 cred = crdup(cred); 1588 cred->cr_uid = cred->cr_ruid; 1589 cred->cr_gid = cred->cr_rgid; 1590 } else { 1591 if (p->p_fd->fd_rdir) { 1592 vrele(p->p_fd->fd_rdir); 1593 p->p_fd->fd_rdir = NULL; 1594 } 1595 p->p_ucred = crdup(p->p_ucred); 1596 crfree(cred); 1597 cred = p->p_ucred; 1598 crhold(cred); 1599 cred->cr_uid = 0; 1600 cred->cr_gid = 0; 1601 } 1602 1603 NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, p); 1604 1605 error = vn_open(&nd, O_CREAT | FWRITE | O_NOFOLLOW, S_IRUSR | S_IWUSR); 1606 1607 if (error) 1608 goto out; 1609 1610 /* 1611 * Don't dump to non-regular files, files with links, or files 1612 * owned by someone else. 1613 */ 1614 vp = nd.ni_vp; 1615 if ((error = VOP_GETATTR(vp, &vattr, cred, p)) != 0) { 1616 VOP_UNLOCK(vp, p); 1617 vn_close(vp, FWRITE, cred, p); 1618 goto out; 1619 } 1620 if (vp->v_type != VREG || vattr.va_nlink != 1 || 1621 vattr.va_mode & ((VREAD | VWRITE) >> 3 | (VREAD | VWRITE) >> 6) || 1622 vattr.va_uid != cred->cr_uid) { 1623 error = EACCES; 1624 VOP_UNLOCK(vp, p); 1625 vn_close(vp, FWRITE, cred, p); 1626 goto out; 1627 } 1628 VATTR_NULL(&vattr); 1629 vattr.va_size = 0; 1630 VOP_SETATTR(vp, &vattr, cred, p); 1631 pr->ps_acflag |= ACORE; 1632 1633 io.io_proc = p; 1634 io.io_vp = vp; 1635 io.io_cred = cred; 1636 io.io_offset = 0; 1637 VOP_UNLOCK(vp, p); 1638 vref(vp); 1639 error = vn_close(vp, FWRITE, cred, p); 1640 if (error == 0) 1641 error = (*pr->ps_emul->e_coredump)(p, &io); 1642 vrele(vp); 1643 out: 1644 crfree(cred); 1645 return (error); 1646 #endif 1647 } 1648 1649 #ifndef SMALL_KERNEL 1650 int 1651 coredump_write(void *cookie, enum uio_seg segflg, const void *data, size_t len) 1652 { 1653 struct coredump_iostate *io = cookie; 1654 off_t coffset = 0; 1655 size_t csize; 1656 int chunk, error; 1657 1658 csize = len; 1659 do { 1660 if (io->io_proc->p_siglist & sigmask(SIGKILL)) 1661 return (EINTR); 1662 1663 /* Rest of the loop sleeps with lock held, so... */ 1664 yield(); 1665 1666 chunk = MIN(csize, MAXPHYS); 1667 error = vn_rdwr(UIO_WRITE, io->io_vp, 1668 (caddr_t)data + coffset, chunk, 1669 io->io_offset + coffset, segflg, 1670 IO_UNIT, io->io_cred, NULL, io->io_proc); 1671 if (error) { 1672 if (error == ENOSPC) 1673 log(LOG_ERR, "coredump of %s(%d) failed, filesystem full\n", 1674 io->io_proc->p_comm, io->io_proc->p_pid); 1675 else 1676 log(LOG_ERR, "coredump of %s(%d), write failed: errno %d\n", 1677 io->io_proc->p_comm, io->io_proc->p_pid, error); 1678 return (error); 1679 } 1680 1681 coffset += chunk; 1682 csize -= chunk; 1683 } while (csize > 0); 1684 1685 io->io_offset += len; 1686 return (0); 1687 } 1688 1689 void 1690 coredump_unmap(void *cookie, vaddr_t start, vaddr_t end) 1691 { 1692 struct coredump_iostate *io = cookie; 1693 1694 uvm_unmap(&io->io_proc->p_vmspace->vm_map, start, end); 1695 } 1696 1697 #endif /* !SMALL_KERNEL */ 1698 1699 /* 1700 * Nonexistent system call-- signal process (may want to handle it). 1701 * Flag error in case process won't see signal immediately (blocked or ignored). 1702 */ 1703 int 1704 sys_nosys(struct proc *p, void *v, register_t *retval) 1705 { 1706 1707 ptsignal(p, SIGSYS, STHREAD); 1708 return (ENOSYS); 1709 } 1710 1711 int 1712 sys___thrsigdivert(struct proc *p, void *v, register_t *retval) 1713 { 1714 static int sigwaitsleep; 1715 struct sys___thrsigdivert_args /* { 1716 syscallarg(sigset_t) sigmask; 1717 syscallarg(siginfo_t *) info; 1718 syscallarg(const struct timespec *) timeout; 1719 } */ *uap = v; 1720 struct process *pr = p->p_p; 1721 sigset_t *m; 1722 sigset_t mask = SCARG(uap, sigmask) &~ sigcantmask; 1723 siginfo_t si; 1724 uint64_t to_ticks = 0; 1725 int timeinvalid = 0; 1726 int error = 0; 1727 1728 memset(&si, 0, sizeof(si)); 1729 1730 if (SCARG(uap, timeout) != NULL) { 1731 struct timespec ts; 1732 if ((error = copyin(SCARG(uap, timeout), &ts, sizeof(ts))) != 0) 1733 return (error); 1734 #ifdef KTRACE 1735 if (KTRPOINT(p, KTR_STRUCT)) 1736 ktrreltimespec(p, &ts); 1737 #endif 1738 if (ts.tv_nsec < 0 || ts.tv_nsec >= 1000000000) 1739 timeinvalid = 1; 1740 else { 1741 to_ticks = (uint64_t)hz * ts.tv_sec + 1742 ts.tv_nsec / (tick * 1000); 1743 if (to_ticks > INT_MAX) 1744 to_ticks = INT_MAX; 1745 if (to_ticks == 0 && ts.tv_nsec) 1746 to_ticks = 1; 1747 } 1748 } 1749 1750 dosigsuspend(p, p->p_sigmask &~ mask); 1751 for (;;) { 1752 si.si_signo = CURSIG(p); 1753 if (si.si_signo != 0) { 1754 sigset_t smask = sigmask(si.si_signo); 1755 if (smask & mask) { 1756 if (p->p_siglist & smask) 1757 m = &p->p_siglist; 1758 else if (pr->ps_mainproc->p_siglist & smask) 1759 m = &pr->ps_mainproc->p_siglist; 1760 else { 1761 /* signal got eaten by someone else? */ 1762 continue; 1763 } 1764 atomic_clearbits_int(m, smask); 1765 error = 0; 1766 break; 1767 } 1768 } 1769 1770 /* per-POSIX, delay this error until after the above */ 1771 if (timeinvalid) 1772 error = EINVAL; 1773 1774 if (SCARG(uap, timeout) != NULL && to_ticks == 0) 1775 error = EAGAIN; 1776 1777 if (error != 0) 1778 break; 1779 1780 error = tsleep(&sigwaitsleep, PPAUSE|PCATCH, "sigwait", 1781 (int)to_ticks); 1782 } 1783 1784 if (error == 0) { 1785 *retval = si.si_signo; 1786 if (SCARG(uap, info) != NULL) 1787 error = copyout(&si, SCARG(uap, info), sizeof(si)); 1788 } else if (error == ERESTART && SCARG(uap, timeout) != NULL) { 1789 /* 1790 * Restarting is wrong if there's a timeout, as it'll be 1791 * for the same interval again 1792 */ 1793 error = EINTR; 1794 } 1795 1796 return (error); 1797 } 1798 1799 void 1800 initsiginfo(siginfo_t *si, int sig, u_long trapno, int code, union sigval val) 1801 { 1802 memset(si, 0, sizeof(*si)); 1803 1804 si->si_signo = sig; 1805 si->si_code = code; 1806 if (code == SI_USER) { 1807 si->si_value = val; 1808 } else { 1809 switch (sig) { 1810 case SIGSEGV: 1811 case SIGILL: 1812 case SIGBUS: 1813 case SIGFPE: 1814 si->si_addr = val.sival_ptr; 1815 si->si_trapno = trapno; 1816 break; 1817 case SIGXFSZ: 1818 break; 1819 } 1820 } 1821 } 1822 1823 int 1824 filt_sigattach(struct knote *kn) 1825 { 1826 struct process *pr = curproc->p_p; 1827 1828 if (kn->kn_id >= NSIG) 1829 return EINVAL; 1830 1831 kn->kn_ptr.p_process = pr; 1832 kn->kn_flags |= EV_CLEAR; /* automatically set */ 1833 1834 /* XXX lock the proc here while adding to the list? */ 1835 SLIST_INSERT_HEAD(&pr->ps_klist, kn, kn_selnext); 1836 1837 return (0); 1838 } 1839 1840 void 1841 filt_sigdetach(struct knote *kn) 1842 { 1843 struct process *pr = kn->kn_ptr.p_process; 1844 1845 SLIST_REMOVE(&pr->ps_klist, kn, knote, kn_selnext); 1846 } 1847 1848 /* 1849 * signal knotes are shared with proc knotes, so we apply a mask to 1850 * the hint in order to differentiate them from process hints. This 1851 * could be avoided by using a signal-specific knote list, but probably 1852 * isn't worth the trouble. 1853 */ 1854 int 1855 filt_signal(struct knote *kn, long hint) 1856 { 1857 1858 if (hint & NOTE_SIGNAL) { 1859 hint &= ~NOTE_SIGNAL; 1860 1861 if (kn->kn_id == hint) 1862 kn->kn_data++; 1863 } 1864 return (kn->kn_data != 0); 1865 } 1866 1867 void 1868 userret(struct proc *p) 1869 { 1870 int sig; 1871 1872 /* send SIGPROF or SIGVTALRM if their timers interrupted this thread */ 1873 if (p->p_flag & P_PROFPEND) { 1874 atomic_clearbits_int(&p->p_flag, P_PROFPEND); 1875 KERNEL_LOCK(); 1876 psignal(p, SIGPROF); 1877 KERNEL_UNLOCK(); 1878 } 1879 if (p->p_flag & P_ALRMPEND) { 1880 atomic_clearbits_int(&p->p_flag, P_ALRMPEND); 1881 KERNEL_LOCK(); 1882 psignal(p, SIGVTALRM); 1883 KERNEL_UNLOCK(); 1884 } 1885 1886 while ((sig = CURSIG(p)) != 0) 1887 postsig(sig); 1888 1889 /* 1890 * If P_SIGSUSPEND is still set here, then we still need to restore 1891 * the original sigmask before returning to userspace. Also, this 1892 * might unmask some pending signals, so we need to check a second 1893 * time for signals to post. 1894 */ 1895 if (p->p_flag & P_SIGSUSPEND) { 1896 atomic_clearbits_int(&p->p_flag, P_SIGSUSPEND); 1897 p->p_sigmask = p->p_oldmask; 1898 1899 while ((sig = CURSIG(p)) != 0) 1900 postsig(sig); 1901 } 1902 1903 if (p->p_flag & P_SUSPSINGLE) { 1904 KERNEL_LOCK(); 1905 single_thread_check(p, 0); 1906 KERNEL_UNLOCK(); 1907 } 1908 1909 p->p_cpu->ci_schedstate.spc_curpriority = p->p_priority = p->p_usrpri; 1910 } 1911 1912 int 1913 single_thread_check(struct proc *p, int deep) 1914 { 1915 struct process *pr = p->p_p; 1916 1917 if (pr->ps_single != NULL && pr->ps_single != p) { 1918 do { 1919 int s; 1920 1921 /* if we're in deep, we need to unwind to the edge */ 1922 if (deep) { 1923 if (pr->ps_flags & PS_SINGLEUNWIND) 1924 return (ERESTART); 1925 if (pr->ps_flags & PS_SINGLEEXIT) 1926 return (EINTR); 1927 } 1928 1929 if (--pr->ps_singlecount == 0) 1930 wakeup(&pr->ps_singlecount); 1931 if (pr->ps_flags & PS_SINGLEEXIT) 1932 exit1(p, 0, EXIT_THREAD_NOCHECK); 1933 1934 /* not exiting and don't need to unwind, so suspend */ 1935 SCHED_LOCK(s); 1936 p->p_stat = SSTOP; 1937 mi_switch(); 1938 SCHED_UNLOCK(s); 1939 } while (pr->ps_single != NULL); 1940 } 1941 1942 return (0); 1943 } 1944 1945 /* 1946 * Stop other threads in the process. The mode controls how and 1947 * where the other threads should stop: 1948 * - SINGLE_SUSPEND: stop wherever they are, will later either be told to exit 1949 * (by setting to SINGLE_EXIT) or be released (via single_thread_clear()) 1950 * - SINGLE_PTRACE: stop wherever they are, will wait for them to stop 1951 * later (via single_thread_wait()) and released as with SINGLE_SUSPEND 1952 * - SINGLE_UNWIND: just unwind to kernel boundary, will be told to exit 1953 * or released as with SINGLE_SUSPEND 1954 * - SINGLE_EXIT: unwind to kernel boundary and exit 1955 */ 1956 int 1957 single_thread_set(struct proc *p, enum single_thread_mode mode, int deep) 1958 { 1959 struct process *pr = p->p_p; 1960 struct proc *q; 1961 int error; 1962 1963 KERNEL_ASSERT_LOCKED(); 1964 1965 if ((error = single_thread_check(p, deep))) 1966 return error; 1967 1968 switch (mode) { 1969 case SINGLE_SUSPEND: 1970 case SINGLE_PTRACE: 1971 break; 1972 case SINGLE_UNWIND: 1973 atomic_setbits_int(&pr->ps_flags, PS_SINGLEUNWIND); 1974 break; 1975 case SINGLE_EXIT: 1976 atomic_setbits_int(&pr->ps_flags, PS_SINGLEEXIT); 1977 atomic_clearbits_int(&pr->ps_flags, PS_SINGLEUNWIND); 1978 break; 1979 #ifdef DIAGNOSTIC 1980 default: 1981 panic("single_thread_mode = %d", mode); 1982 #endif 1983 } 1984 pr->ps_single = p; 1985 pr->ps_singlecount = 0; 1986 TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) { 1987 int s; 1988 1989 if (q == p) 1990 continue; 1991 if (q->p_flag & P_WEXIT) { 1992 if (mode == SINGLE_EXIT) { 1993 SCHED_LOCK(s); 1994 if (q->p_stat == SSTOP) { 1995 setrunnable(q); 1996 pr->ps_singlecount++; 1997 } 1998 SCHED_UNLOCK(s); 1999 } 2000 continue; 2001 } 2002 SCHED_LOCK(s); 2003 atomic_setbits_int(&q->p_flag, P_SUSPSINGLE); 2004 switch (q->p_stat) { 2005 case SIDL: 2006 case SRUN: 2007 pr->ps_singlecount++; 2008 break; 2009 case SSLEEP: 2010 /* if it's not interruptible, then just have to wait */ 2011 if (q->p_flag & P_SINTR) { 2012 /* merely need to suspend? just stop it */ 2013 if (mode == SINGLE_SUSPEND || 2014 mode == SINGLE_PTRACE) { 2015 q->p_stat = SSTOP; 2016 break; 2017 } 2018 /* need to unwind or exit, so wake it */ 2019 setrunnable(q); 2020 } 2021 pr->ps_singlecount++; 2022 break; 2023 case SSTOP: 2024 if (mode == SINGLE_EXIT) { 2025 setrunnable(q); 2026 pr->ps_singlecount++; 2027 } 2028 break; 2029 case SDEAD: 2030 break; 2031 case SONPROC: 2032 pr->ps_singlecount++; 2033 signotify(q); 2034 break; 2035 } 2036 SCHED_UNLOCK(s); 2037 } 2038 2039 if (mode != SINGLE_PTRACE) 2040 single_thread_wait(pr); 2041 2042 return 0; 2043 } 2044 2045 void 2046 single_thread_wait(struct process *pr) 2047 { 2048 /* wait until they're all suspended */ 2049 while (pr->ps_singlecount > 0) 2050 tsleep(&pr->ps_singlecount, PUSER, "suspend", 0); 2051 } 2052 2053 void 2054 single_thread_clear(struct proc *p, int flag) 2055 { 2056 struct process *pr = p->p_p; 2057 struct proc *q; 2058 2059 KASSERT(pr->ps_single == p); 2060 KERNEL_ASSERT_LOCKED(); 2061 2062 pr->ps_single = NULL; 2063 atomic_clearbits_int(&pr->ps_flags, PS_SINGLEUNWIND | PS_SINGLEEXIT); 2064 TAILQ_FOREACH(q, &pr->ps_threads, p_thr_link) { 2065 int s; 2066 2067 if (q == p || (q->p_flag & P_SUSPSINGLE) == 0) 2068 continue; 2069 atomic_clearbits_int(&q->p_flag, P_SUSPSINGLE); 2070 2071 /* 2072 * if the thread was only stopped for single threading 2073 * then clearing that either makes it runnable or puts 2074 * it back into some sleep queue 2075 */ 2076 SCHED_LOCK(s); 2077 if (q->p_stat == SSTOP && (q->p_flag & flag) == 0) { 2078 if (q->p_wchan == 0) 2079 setrunnable(q); 2080 else 2081 q->p_stat = SSLEEP; 2082 } 2083 SCHED_UNLOCK(s); 2084 } 2085 } 2086