1 /* 2 * Copyright (c) 1982, 1986, 1989, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 */ 29 30 #include <sys/param.h> 31 #include <sys/systm.h> 32 #include <sys/kernel.h> 33 #include <sys/sysctl.h> 34 #include <sys/malloc.h> 35 #include <sys/proc.h> 36 #include <sys/vnode.h> 37 #include <sys/jail.h> 38 #include <sys/filedesc.h> 39 #include <sys/tty.h> 40 #include <sys/dsched.h> 41 #include <sys/signalvar.h> 42 #include <sys/spinlock.h> 43 #include <sys/random.h> 44 #include <sys/vnode.h> 45 #include <vm/vm.h> 46 #include <sys/lock.h> 47 #include <vm/pmap.h> 48 #include <vm/vm_map.h> 49 #include <sys/user.h> 50 #include <machine/smp.h> 51 52 #include <sys/refcount.h> 53 #include <sys/spinlock2.h> 54 #include <sys/mplock2.h> 55 56 /* 57 * Hash table size must be a power of two and is not currently dynamically 58 * sized. There is a trade-off between the linear scans which must iterate 59 * all HSIZE elements and the number of elements which might accumulate 60 * within each hash chain. 61 */ 62 #define ALLPROC_HSIZE 256 63 #define ALLPROC_HMASK (ALLPROC_HSIZE - 1) 64 #define ALLPROC_HASH(pid) (pid & ALLPROC_HMASK) 65 #define PGRP_HASH(pid) (pid & ALLPROC_HMASK) 66 #define SESS_HASH(pid) (pid & ALLPROC_HMASK) 67 68 /* 69 * pid_doms[] management, used to control how quickly a PID can be recycled. 70 * Must be a multiple of ALLPROC_HSIZE for the proc_makepid() inner loops. 71 * 72 * WARNING! PIDDOM_DELAY should not be defined > 20 or so unless you change 73 * the array from int8_t's to int16_t's. 74 */ 75 #define PIDDOM_COUNT 10 /* 10 pids per domain - reduce array size */ 76 #define PIDDOM_DELAY 10 /* min 10 seconds after exit before reuse */ 77 #define PIDSEL_DOMAINS (PID_MAX / PIDDOM_COUNT / ALLPROC_HSIZE * ALLPROC_HSIZE) 78 79 /* Used by libkvm */ 80 int allproc_hsize = ALLPROC_HSIZE; 81 82 LIST_HEAD(pidhashhead, proc); 83 84 static MALLOC_DEFINE(M_PGRP, "pgrp", "process group header"); 85 MALLOC_DEFINE(M_SESSION, "session", "session header"); 86 MALLOC_DEFINE(M_PROC, "proc", "Proc structures"); 87 MALLOC_DEFINE(M_LWP, "lwp", "lwp structures"); 88 MALLOC_DEFINE(M_SUBPROC, "subproc", "Proc sub-structures"); 89 90 int ps_showallprocs = 1; 91 static int ps_showallthreads = 1; 92 SYSCTL_INT(_security, OID_AUTO, ps_showallprocs, CTLFLAG_RW, 93 &ps_showallprocs, 0, 94 "Unprivileged processes can see processes with different UID/GID"); 95 SYSCTL_INT(_security, OID_AUTO, ps_showallthreads, CTLFLAG_RW, 96 &ps_showallthreads, 0, 97 "Unprivileged processes can see kernel threads"); 98 static u_int pid_domain_skips; 99 SYSCTL_UINT(_kern, OID_AUTO, pid_domain_skips, CTLFLAG_RW, 100 &pid_domain_skips, 0, 101 "Number of pid_doms[] skipped"); 102 static u_int pid_inner_skips; 103 SYSCTL_UINT(_kern, OID_AUTO, pid_inner_skips, CTLFLAG_RW, 104 &pid_inner_skips, 0, 105 "Number of pid_doms[] skipped"); 106 107 static void orphanpg(struct pgrp *pg); 108 static void proc_makepid(struct proc *p, int random_offset); 109 110 /* 111 * Other process lists 112 */ 113 static struct lwkt_token proc_tokens[ALLPROC_HSIZE]; 114 static struct proclist allprocs[ALLPROC_HSIZE]; /* locked by proc_tokens */ 115 static struct pgrplist allpgrps[ALLPROC_HSIZE]; /* locked by proc_tokens */ 116 static struct sesslist allsessn[ALLPROC_HSIZE]; /* locked by proc_tokens */ 117 118 /* 119 * We try our best to avoid recycling a PID too quickly. We do this by 120 * storing (uint8_t)time_second in the related pid domain on-reap and then 121 * using that to skip-over the domain on-allocate. 122 * 123 * This array has to be fairly large to support a high fork/exec rate. 124 * We want ~100,000 entries or so to support a 10-second reuse latency 125 * at 10,000 execs/second, worst case. Best-case multiply by PIDDOM_COUNT 126 * (approximately 100,000 execs/second). 127 */ 128 static uint8_t pid_doms[PIDSEL_DOMAINS]; /* ~100,000 entries */ 129 130 /* 131 * Random component to nextpid generation. We mix in a random factor to make 132 * it a little harder to predict. We sanity check the modulus value to avoid 133 * doing it in critical paths. Don't let it be too small or we pointlessly 134 * waste randomness entropy, and don't let it be impossibly large. Using a 135 * modulus that is too big causes a LOT more process table scans and slows 136 * down fork processing as the pidchecked caching is defeated. 137 */ 138 static int randompid = 0; 139 140 /* 141 * No requirements. 142 */ 143 static int 144 sysctl_kern_randompid(SYSCTL_HANDLER_ARGS) 145 { 146 int error, pid; 147 148 pid = randompid; 149 error = sysctl_handle_int(oidp, &pid, 0, req); 150 if (error || !req->newptr) 151 return (error); 152 if (pid < 0 || pid > PID_MAX - 100) /* out of range */ 153 pid = PID_MAX - 100; 154 else if (pid < 2) /* NOP */ 155 pid = 0; 156 else if (pid < 100) /* Make it reasonable */ 157 pid = 100; 158 randompid = pid; 159 return (error); 160 } 161 162 SYSCTL_PROC(_kern, OID_AUTO, randompid, CTLTYPE_INT|CTLFLAG_RW, 163 0, 0, sysctl_kern_randompid, "I", "Random PID modulus"); 164 165 /* 166 * Initialize global process hashing structures. 167 * 168 * These functions are ONLY called from the low level boot code and do 169 * not lock their operations. 170 */ 171 void 172 procinit(void) 173 { 174 u_long i; 175 176 /* 177 * Avoid unnecessary stalls due to pid_doms[] values all being 178 * the same. Make sure that the allocation of pid 1 and pid 2 179 * succeeds. 180 */ 181 for (i = 0; i < PIDSEL_DOMAINS; ++i) 182 pid_doms[i] = (int8_t)i - (int8_t)(PIDDOM_DELAY + 1); 183 184 /* 185 * Other misc init. 186 */ 187 for (i = 0; i < ALLPROC_HSIZE; ++i) { 188 LIST_INIT(&allprocs[i]); 189 LIST_INIT(&allsessn[i]); 190 LIST_INIT(&allpgrps[i]); 191 lwkt_token_init(&proc_tokens[i], "allproc"); 192 } 193 uihashinit(); 194 } 195 196 void 197 procinsertinit(struct proc *p) 198 { 199 LIST_INSERT_HEAD(&allprocs[ALLPROC_HASH(p->p_pid)], p, p_list); 200 } 201 202 void 203 pgrpinsertinit(struct pgrp *pg) 204 { 205 LIST_INSERT_HEAD(&allpgrps[ALLPROC_HASH(pg->pg_id)], pg, pg_list); 206 } 207 208 void 209 sessinsertinit(struct session *sess) 210 { 211 LIST_INSERT_HEAD(&allsessn[ALLPROC_HASH(sess->s_sid)], sess, s_list); 212 } 213 214 /* 215 * Process hold/release support functions. Called via the PHOLD(), 216 * PRELE(), and PSTALL() macros. 217 * 218 * p->p_lock is a simple hold count with a waiting interlock. No wakeup() 219 * is issued unless someone is actually waiting for the process. 220 * 221 * Most holds are short-term, allowing a process scan or other similar 222 * operation to access a proc structure without it getting ripped out from 223 * under us. procfs and process-list sysctl ops also use the hold function 224 * interlocked with various p_flags to keep the vmspace intact when reading 225 * or writing a user process's address space. 226 * 227 * There are two situations where a hold count can be longer. Exiting lwps 228 * hold the process until the lwp is reaped, and the parent will hold the 229 * child during vfork()/exec() sequences while the child is marked P_PPWAIT. 230 * 231 * The kernel waits for the hold count to drop to 0 (or 1 in some cases) at 232 * various critical points in the fork/exec and exit paths before proceeding. 233 */ 234 #define PLOCK_ZOMB 0x20000000 235 #define PLOCK_WAITING 0x40000000 236 #define PLOCK_MASK 0x1FFFFFFF 237 238 void 239 pstall(struct proc *p, const char *wmesg, int count) 240 { 241 int o; 242 int n; 243 244 for (;;) { 245 o = p->p_lock; 246 cpu_ccfence(); 247 if ((o & PLOCK_MASK) <= count) 248 break; 249 n = o | PLOCK_WAITING; 250 tsleep_interlock(&p->p_lock, 0); 251 252 /* 253 * If someone is trying to single-step the process during 254 * an exec or an exit they can deadlock us because procfs 255 * sleeps with the process held. 256 */ 257 if (p->p_stops) { 258 if (p->p_flags & P_INEXEC) { 259 wakeup(&p->p_stype); 260 } else if (p->p_flags & P_POSTEXIT) { 261 spin_lock(&p->p_spin); 262 p->p_stops = 0; 263 p->p_step = 0; 264 spin_unlock(&p->p_spin); 265 wakeup(&p->p_stype); 266 } 267 } 268 269 if (atomic_cmpset_int(&p->p_lock, o, n)) { 270 tsleep(&p->p_lock, PINTERLOCKED, wmesg, 0); 271 } 272 } 273 } 274 275 void 276 phold(struct proc *p) 277 { 278 atomic_add_int(&p->p_lock, 1); 279 } 280 281 /* 282 * WARNING! On last release (p) can become instantly invalid due to 283 * MP races. 284 */ 285 void 286 prele(struct proc *p) 287 { 288 int o; 289 int n; 290 291 /* 292 * Fast path 293 */ 294 if (atomic_cmpset_int(&p->p_lock, 1, 0)) 295 return; 296 297 /* 298 * Slow path 299 */ 300 for (;;) { 301 o = p->p_lock; 302 KKASSERT((o & PLOCK_MASK) > 0); 303 cpu_ccfence(); 304 n = (o - 1) & ~PLOCK_WAITING; 305 if (atomic_cmpset_int(&p->p_lock, o, n)) { 306 if (o & PLOCK_WAITING) 307 wakeup(&p->p_lock); 308 break; 309 } 310 } 311 } 312 313 /* 314 * Hold and flag serialized for zombie reaping purposes. 315 * 316 * This function will fail if it has to block, returning non-zero with 317 * neither the flag set or the hold count bumped. Note that we must block 318 * without holding a ref, meaning that the caller must ensure that (p) 319 * remains valid through some other interlock (typically on its parent 320 * process's p_token). 321 * 322 * Zero is returned on success. The hold count will be incremented and 323 * the serialization flag acquired. Note that serialization is only against 324 * other pholdzomb() calls, not against phold() calls. 325 */ 326 int 327 pholdzomb(struct proc *p) 328 { 329 int o; 330 int n; 331 332 /* 333 * Fast path 334 */ 335 if (atomic_cmpset_int(&p->p_lock, 0, PLOCK_ZOMB | 1)) 336 return(0); 337 338 /* 339 * Slow path 340 */ 341 for (;;) { 342 o = p->p_lock; 343 cpu_ccfence(); 344 if ((o & PLOCK_ZOMB) == 0) { 345 n = (o + 1) | PLOCK_ZOMB; 346 if (atomic_cmpset_int(&p->p_lock, o, n)) 347 return(0); 348 } else { 349 KKASSERT((o & PLOCK_MASK) > 0); 350 n = o | PLOCK_WAITING; 351 tsleep_interlock(&p->p_lock, 0); 352 if (atomic_cmpset_int(&p->p_lock, o, n)) { 353 tsleep(&p->p_lock, PINTERLOCKED, "phldz", 0); 354 /* (p) can be ripped out at this point */ 355 return(1); 356 } 357 } 358 } 359 } 360 361 /* 362 * Release PLOCK_ZOMB and the hold count, waking up any waiters. 363 * 364 * WARNING! On last release (p) can become instantly invalid due to 365 * MP races. 366 */ 367 void 368 prelezomb(struct proc *p) 369 { 370 int o; 371 int n; 372 373 /* 374 * Fast path 375 */ 376 if (atomic_cmpset_int(&p->p_lock, PLOCK_ZOMB | 1, 0)) 377 return; 378 379 /* 380 * Slow path 381 */ 382 KKASSERT(p->p_lock & PLOCK_ZOMB); 383 for (;;) { 384 o = p->p_lock; 385 KKASSERT((o & PLOCK_MASK) > 0); 386 cpu_ccfence(); 387 n = (o - 1) & ~(PLOCK_ZOMB | PLOCK_WAITING); 388 if (atomic_cmpset_int(&p->p_lock, o, n)) { 389 if (o & PLOCK_WAITING) 390 wakeup(&p->p_lock); 391 break; 392 } 393 } 394 } 395 396 /* 397 * Is p an inferior of the current process? 398 * 399 * No requirements. 400 */ 401 int 402 inferior(struct proc *p) 403 { 404 struct proc *p2; 405 406 PHOLD(p); 407 lwkt_gettoken_shared(&p->p_token); 408 while (p != curproc) { 409 if (p->p_pid == 0) { 410 lwkt_reltoken(&p->p_token); 411 return (0); 412 } 413 p2 = p->p_pptr; 414 PHOLD(p2); 415 lwkt_reltoken(&p->p_token); 416 PRELE(p); 417 lwkt_gettoken_shared(&p2->p_token); 418 p = p2; 419 } 420 lwkt_reltoken(&p->p_token); 421 PRELE(p); 422 423 return (1); 424 } 425 426 /* 427 * Locate a process by number. The returned process will be referenced and 428 * must be released with PRELE(). 429 * 430 * No requirements. 431 */ 432 struct proc * 433 pfind(pid_t pid) 434 { 435 struct proc *p = curproc; 436 int n; 437 438 /* 439 * Shortcut the current process 440 */ 441 if (p && p->p_pid == pid) { 442 PHOLD(p); 443 return (p); 444 } 445 446 /* 447 * Otherwise find it in the hash table. 448 */ 449 n = ALLPROC_HASH(pid); 450 451 lwkt_gettoken_shared(&proc_tokens[n]); 452 LIST_FOREACH(p, &allprocs[n], p_list) { 453 if (p->p_stat == SZOMB) 454 continue; 455 if (p->p_pid == pid) { 456 PHOLD(p); 457 lwkt_reltoken(&proc_tokens[n]); 458 return (p); 459 } 460 } 461 lwkt_reltoken(&proc_tokens[n]); 462 463 return (NULL); 464 } 465 466 /* 467 * Locate a process by number. The returned process is NOT referenced. 468 * The result will not be stable and is typically only used to validate 469 * against a process that the caller has in-hand. 470 * 471 * No requirements. 472 */ 473 struct proc * 474 pfindn(pid_t pid) 475 { 476 struct proc *p = curproc; 477 int n; 478 479 /* 480 * Shortcut the current process 481 */ 482 if (p && p->p_pid == pid) 483 return (p); 484 485 /* 486 * Otherwise find it in the hash table. 487 */ 488 n = ALLPROC_HASH(pid); 489 490 lwkt_gettoken_shared(&proc_tokens[n]); 491 LIST_FOREACH(p, &allprocs[n], p_list) { 492 if (p->p_stat == SZOMB) 493 continue; 494 if (p->p_pid == pid) { 495 lwkt_reltoken(&proc_tokens[n]); 496 return (p); 497 } 498 } 499 lwkt_reltoken(&proc_tokens[n]); 500 501 return (NULL); 502 } 503 504 /* 505 * Locate a process on the zombie list. Return a process or NULL. 506 * The returned process will be referenced and the caller must release 507 * it with PRELE(). 508 * 509 * No other requirements. 510 */ 511 struct proc * 512 zpfind(pid_t pid) 513 { 514 struct proc *p = curproc; 515 int n; 516 517 /* 518 * Shortcut the current process 519 */ 520 if (p && p->p_pid == pid) { 521 PHOLD(p); 522 return (p); 523 } 524 525 /* 526 * Otherwise find it in the hash table. 527 */ 528 n = ALLPROC_HASH(pid); 529 530 lwkt_gettoken_shared(&proc_tokens[n]); 531 LIST_FOREACH(p, &allprocs[n], p_list) { 532 if (p->p_stat != SZOMB) 533 continue; 534 if (p->p_pid == pid) { 535 PHOLD(p); 536 lwkt_reltoken(&proc_tokens[n]); 537 return (p); 538 } 539 } 540 lwkt_reltoken(&proc_tokens[n]); 541 542 return (NULL); 543 } 544 545 546 void 547 pgref(struct pgrp *pgrp) 548 { 549 refcount_acquire(&pgrp->pg_refs); 550 } 551 552 void 553 pgrel(struct pgrp *pgrp) 554 { 555 int count; 556 int n; 557 558 n = PGRP_HASH(pgrp->pg_id); 559 for (;;) { 560 count = pgrp->pg_refs; 561 cpu_ccfence(); 562 KKASSERT(count > 0); 563 if (count == 1) { 564 lwkt_gettoken(&proc_tokens[n]); 565 if (atomic_cmpset_int(&pgrp->pg_refs, 1, 0)) 566 break; 567 lwkt_reltoken(&proc_tokens[n]); 568 /* retry */ 569 } else { 570 if (atomic_cmpset_int(&pgrp->pg_refs, count, count - 1)) 571 return; 572 /* retry */ 573 } 574 } 575 576 /* 577 * Successful 1->0 transition, pghash_spin is held. 578 */ 579 LIST_REMOVE(pgrp, pg_list); 580 pid_doms[pgrp->pg_id % PIDSEL_DOMAINS] = (uint8_t)time_second; 581 582 /* 583 * Reset any sigio structures pointing to us as a result of 584 * F_SETOWN with our pgid. 585 */ 586 funsetownlst(&pgrp->pg_sigiolst); 587 588 if (pgrp->pg_session->s_ttyp != NULL && 589 pgrp->pg_session->s_ttyp->t_pgrp == pgrp) { 590 pgrp->pg_session->s_ttyp->t_pgrp = NULL; 591 } 592 lwkt_reltoken(&proc_tokens[n]); 593 594 sess_rele(pgrp->pg_session); 595 kfree(pgrp, M_PGRP); 596 } 597 598 /* 599 * Locate a process group by number. The returned process group will be 600 * referenced w/pgref() and must be released with pgrel() (or assigned 601 * somewhere if you wish to keep the reference). 602 * 603 * No requirements. 604 */ 605 struct pgrp * 606 pgfind(pid_t pgid) 607 { 608 struct pgrp *pgrp; 609 int n; 610 611 n = PGRP_HASH(pgid); 612 lwkt_gettoken_shared(&proc_tokens[n]); 613 614 LIST_FOREACH(pgrp, &allpgrps[n], pg_list) { 615 if (pgrp->pg_id == pgid) { 616 refcount_acquire(&pgrp->pg_refs); 617 lwkt_reltoken(&proc_tokens[n]); 618 return (pgrp); 619 } 620 } 621 lwkt_reltoken(&proc_tokens[n]); 622 return (NULL); 623 } 624 625 /* 626 * Move p to a new or existing process group (and session) 627 * 628 * No requirements. 629 */ 630 int 631 enterpgrp(struct proc *p, pid_t pgid, int mksess) 632 { 633 struct pgrp *pgrp; 634 struct pgrp *opgrp; 635 int error; 636 637 pgrp = pgfind(pgid); 638 639 KASSERT(pgrp == NULL || !mksess, 640 ("enterpgrp: setsid into non-empty pgrp")); 641 KASSERT(!SESS_LEADER(p), 642 ("enterpgrp: session leader attempted setpgrp")); 643 644 if (pgrp == NULL) { 645 pid_t savepid = p->p_pid; 646 struct proc *np; 647 int n; 648 649 /* 650 * new process group 651 */ 652 KASSERT(p->p_pid == pgid, 653 ("enterpgrp: new pgrp and pid != pgid")); 654 pgrp = kmalloc(sizeof(struct pgrp), M_PGRP, M_WAITOK | M_ZERO); 655 pgrp->pg_id = pgid; 656 LIST_INIT(&pgrp->pg_members); 657 pgrp->pg_jobc = 0; 658 SLIST_INIT(&pgrp->pg_sigiolst); 659 lwkt_token_init(&pgrp->pg_token, "pgrp_token"); 660 refcount_init(&pgrp->pg_refs, 1); 661 lockinit(&pgrp->pg_lock, "pgwt", 0, 0); 662 663 n = PGRP_HASH(pgid); 664 665 if ((np = pfindn(savepid)) == NULL || np != p) { 666 lwkt_reltoken(&proc_tokens[n]); 667 error = ESRCH; 668 kfree(pgrp, M_PGRP); 669 goto fatal; 670 } 671 672 lwkt_gettoken(&proc_tokens[n]); 673 if (mksess) { 674 struct session *sess; 675 676 /* 677 * new session 678 */ 679 sess = kmalloc(sizeof(struct session), M_SESSION, 680 M_WAITOK | M_ZERO); 681 lwkt_gettoken(&p->p_token); 682 sess->s_leader = p; 683 sess->s_sid = p->p_pid; 684 sess->s_count = 1; 685 sess->s_ttyvp = NULL; 686 sess->s_ttyp = NULL; 687 bcopy(p->p_session->s_login, sess->s_login, 688 sizeof(sess->s_login)); 689 pgrp->pg_session = sess; 690 KASSERT(p == curproc, 691 ("enterpgrp: mksession and p != curproc")); 692 p->p_flags &= ~P_CONTROLT; 693 LIST_INSERT_HEAD(&allsessn[n], sess, s_list); 694 lwkt_reltoken(&p->p_token); 695 } else { 696 lwkt_gettoken(&p->p_token); 697 pgrp->pg_session = p->p_session; 698 sess_hold(pgrp->pg_session); 699 lwkt_reltoken(&p->p_token); 700 } 701 LIST_INSERT_HEAD(&allpgrps[n], pgrp, pg_list); 702 703 lwkt_reltoken(&proc_tokens[n]); 704 } else if (pgrp == p->p_pgrp) { 705 pgrel(pgrp); 706 goto done; 707 } /* else pgfind() referenced the pgrp */ 708 709 lwkt_gettoken(&pgrp->pg_token); 710 lwkt_gettoken(&p->p_token); 711 712 /* 713 * Replace p->p_pgrp, handling any races that occur. 714 */ 715 while ((opgrp = p->p_pgrp) != NULL) { 716 pgref(opgrp); 717 lwkt_gettoken(&opgrp->pg_token); 718 if (opgrp != p->p_pgrp) { 719 lwkt_reltoken(&opgrp->pg_token); 720 pgrel(opgrp); 721 continue; 722 } 723 LIST_REMOVE(p, p_pglist); 724 break; 725 } 726 p->p_pgrp = pgrp; 727 LIST_INSERT_HEAD(&pgrp->pg_members, p, p_pglist); 728 729 /* 730 * Adjust eligibility of affected pgrps to participate in job control. 731 * Increment eligibility counts before decrementing, otherwise we 732 * could reach 0 spuriously during the first call. 733 */ 734 fixjobc(p, pgrp, 1); 735 if (opgrp) { 736 fixjobc(p, opgrp, 0); 737 lwkt_reltoken(&opgrp->pg_token); 738 pgrel(opgrp); /* manual pgref */ 739 pgrel(opgrp); /* p->p_pgrp ref */ 740 } 741 lwkt_reltoken(&p->p_token); 742 lwkt_reltoken(&pgrp->pg_token); 743 done: 744 error = 0; 745 fatal: 746 return (error); 747 } 748 749 /* 750 * Remove process from process group 751 * 752 * No requirements. 753 */ 754 int 755 leavepgrp(struct proc *p) 756 { 757 struct pgrp *pg = p->p_pgrp; 758 759 lwkt_gettoken(&p->p_token); 760 while ((pg = p->p_pgrp) != NULL) { 761 pgref(pg); 762 lwkt_gettoken(&pg->pg_token); 763 if (p->p_pgrp != pg) { 764 lwkt_reltoken(&pg->pg_token); 765 pgrel(pg); 766 continue; 767 } 768 p->p_pgrp = NULL; 769 LIST_REMOVE(p, p_pglist); 770 lwkt_reltoken(&pg->pg_token); 771 pgrel(pg); /* manual pgref */ 772 pgrel(pg); /* p->p_pgrp ref */ 773 break; 774 } 775 lwkt_reltoken(&p->p_token); 776 777 return (0); 778 } 779 780 /* 781 * Adjust the ref count on a session structure. When the ref count falls to 782 * zero the tty is disassociated from the session and the session structure 783 * is freed. Note that tty assocation is not itself ref-counted. 784 * 785 * No requirements. 786 */ 787 void 788 sess_hold(struct session *sp) 789 { 790 atomic_add_int(&sp->s_count, 1); 791 } 792 793 /* 794 * No requirements. 795 */ 796 void 797 sess_rele(struct session *sess) 798 { 799 struct tty *tp; 800 int count; 801 int n; 802 803 n = SESS_HASH(sess->s_sid); 804 for (;;) { 805 count = sess->s_count; 806 cpu_ccfence(); 807 KKASSERT(count > 0); 808 if (count == 1) { 809 lwkt_gettoken(&tty_token); 810 lwkt_gettoken(&proc_tokens[n]); 811 if (atomic_cmpset_int(&sess->s_count, 1, 0)) 812 break; 813 lwkt_reltoken(&proc_tokens[n]); 814 lwkt_reltoken(&tty_token); 815 /* retry */ 816 } else { 817 if (atomic_cmpset_int(&sess->s_count, count, count - 1)) 818 return; 819 /* retry */ 820 } 821 } 822 823 /* 824 * Successful 1->0 transition and tty_token is held. 825 */ 826 LIST_REMOVE(sess, s_list); 827 pid_doms[sess->s_sid % PIDSEL_DOMAINS] = (uint8_t)time_second; 828 829 if (sess->s_ttyp && sess->s_ttyp->t_session) { 830 #ifdef TTY_DO_FULL_CLOSE 831 /* FULL CLOSE, see ttyclearsession() */ 832 KKASSERT(sess->s_ttyp->t_session == sess); 833 sess->s_ttyp->t_session = NULL; 834 #else 835 /* HALF CLOSE, see ttyclearsession() */ 836 if (sess->s_ttyp->t_session == sess) 837 sess->s_ttyp->t_session = NULL; 838 #endif 839 } 840 if ((tp = sess->s_ttyp) != NULL) { 841 sess->s_ttyp = NULL; 842 ttyunhold(tp); 843 } 844 lwkt_reltoken(&proc_tokens[n]); 845 lwkt_reltoken(&tty_token); 846 847 kfree(sess, M_SESSION); 848 } 849 850 /* 851 * Adjust pgrp jobc counters when specified process changes process group. 852 * We count the number of processes in each process group that "qualify" 853 * the group for terminal job control (those with a parent in a different 854 * process group of the same session). If that count reaches zero, the 855 * process group becomes orphaned. Check both the specified process' 856 * process group and that of its children. 857 * entering == 0 => p is leaving specified group. 858 * entering == 1 => p is entering specified group. 859 * 860 * No requirements. 861 */ 862 void 863 fixjobc(struct proc *p, struct pgrp *pgrp, int entering) 864 { 865 struct pgrp *hispgrp; 866 struct session *mysession; 867 struct proc *np; 868 869 /* 870 * Check p's parent to see whether p qualifies its own process 871 * group; if so, adjust count for p's process group. 872 */ 873 lwkt_gettoken(&p->p_token); /* p_children scan */ 874 lwkt_gettoken(&pgrp->pg_token); 875 876 mysession = pgrp->pg_session; 877 if ((hispgrp = p->p_pptr->p_pgrp) != pgrp && 878 hispgrp->pg_session == mysession) { 879 if (entering) 880 pgrp->pg_jobc++; 881 else if (--pgrp->pg_jobc == 0) 882 orphanpg(pgrp); 883 } 884 885 /* 886 * Check this process' children to see whether they qualify 887 * their process groups; if so, adjust counts for children's 888 * process groups. 889 */ 890 LIST_FOREACH(np, &p->p_children, p_sibling) { 891 PHOLD(np); 892 lwkt_gettoken(&np->p_token); 893 if ((hispgrp = np->p_pgrp) != pgrp && 894 hispgrp->pg_session == mysession && 895 np->p_stat != SZOMB) { 896 pgref(hispgrp); 897 lwkt_gettoken(&hispgrp->pg_token); 898 if (entering) 899 hispgrp->pg_jobc++; 900 else if (--hispgrp->pg_jobc == 0) 901 orphanpg(hispgrp); 902 lwkt_reltoken(&hispgrp->pg_token); 903 pgrel(hispgrp); 904 } 905 lwkt_reltoken(&np->p_token); 906 PRELE(np); 907 } 908 KKASSERT(pgrp->pg_refs > 0); 909 lwkt_reltoken(&pgrp->pg_token); 910 lwkt_reltoken(&p->p_token); 911 } 912 913 /* 914 * A process group has become orphaned; 915 * if there are any stopped processes in the group, 916 * hang-up all process in that group. 917 * 918 * The caller must hold pg_token. 919 */ 920 static void 921 orphanpg(struct pgrp *pg) 922 { 923 struct proc *p; 924 925 LIST_FOREACH(p, &pg->pg_members, p_pglist) { 926 if (p->p_stat == SSTOP) { 927 LIST_FOREACH(p, &pg->pg_members, p_pglist) { 928 ksignal(p, SIGHUP); 929 ksignal(p, SIGCONT); 930 } 931 return; 932 } 933 } 934 } 935 936 /* 937 * Add a new process to the allproc list and the PID hash. This 938 * also assigns a pid to the new process. 939 * 940 * No requirements. 941 */ 942 void 943 proc_add_allproc(struct proc *p) 944 { 945 int random_offset; 946 947 if ((random_offset = randompid) != 0) { 948 read_random(&random_offset, sizeof(random_offset)); 949 random_offset = (random_offset & 0x7FFFFFFF) % randompid; 950 } 951 proc_makepid(p, random_offset); 952 } 953 954 /* 955 * Calculate a new process pid. This function is integrated into 956 * proc_add_allproc() to guarentee that the new pid is not reused before 957 * the new process can be added to the allproc list. 958 * 959 * p_pid is assigned and the process is added to the allproc hash table 960 * 961 * WARNING! We need to allocate PIDs sequentially during early boot. 962 * In particular, init needs to have a pid of 1. 963 */ 964 static 965 void 966 proc_makepid(struct proc *p, int random_offset) 967 { 968 static pid_t nextpid = 1; /* heuristic, allowed to race */ 969 struct pgrp *pg; 970 struct proc *ps; 971 struct session *sess; 972 pid_t base; 973 int8_t delta8; 974 int retries; 975 int n; 976 977 /* 978 * Select the next pid base candidate. 979 * 980 * Check cyclement, do not allow a pid < 100. 981 */ 982 retries = 0; 983 retry: 984 base = atomic_fetchadd_int(&nextpid, 1) + random_offset; 985 if (base <= 0 || base >= PID_MAX) { 986 base = base % PID_MAX; 987 if (base < 0) 988 base = 100; 989 if (base < 100) 990 base += 100; 991 nextpid = base; /* reset (SMP race ok) */ 992 } 993 994 /* 995 * Do not allow a base pid to be selected from a domain that has 996 * recently seen a pid/pgid/sessid reap. Sleep a little if we looped 997 * through all available domains. 998 * 999 * WARNING: We want the early pids to be allocated linearly, 1000 * particularly pid 1 and pid 2. 1001 */ 1002 if (++retries >= PIDSEL_DOMAINS) 1003 tsleep(&nextpid, 0, "makepid", 1); 1004 if (base >= 100) { 1005 delta8 = (int8_t)time_second - 1006 (int8_t)pid_doms[base % PIDSEL_DOMAINS]; 1007 if (delta8 >= 0 && delta8 <= PIDDOM_DELAY) { 1008 ++pid_domain_skips; 1009 goto retry; 1010 } 1011 } 1012 1013 /* 1014 * Calculate a hash index and find an unused process id within 1015 * the table, looping if we cannot find one. 1016 * 1017 * The inner loop increments by ALLPROC_HSIZE which keeps the 1018 * PID at the same pid_doms[] index as well as the same hash index. 1019 */ 1020 n = ALLPROC_HASH(base); 1021 lwkt_gettoken(&proc_tokens[n]); 1022 1023 restart1: 1024 LIST_FOREACH(ps, &allprocs[n], p_list) { 1025 if (ps->p_pid == base) { 1026 base += ALLPROC_HSIZE; 1027 if (base >= PID_MAX) { 1028 lwkt_reltoken(&proc_tokens[n]); 1029 goto retry; 1030 } 1031 ++pid_inner_skips; 1032 goto restart1; 1033 } 1034 } 1035 LIST_FOREACH(pg, &allpgrps[n], pg_list) { 1036 if (pg->pg_id == base) { 1037 base += ALLPROC_HSIZE; 1038 if (base >= PID_MAX) { 1039 lwkt_reltoken(&proc_tokens[n]); 1040 goto retry; 1041 } 1042 ++pid_inner_skips; 1043 goto restart1; 1044 } 1045 } 1046 LIST_FOREACH(sess, &allsessn[n], s_list) { 1047 if (sess->s_sid == base) { 1048 base += ALLPROC_HSIZE; 1049 if (base >= PID_MAX) { 1050 lwkt_reltoken(&proc_tokens[n]); 1051 goto retry; 1052 } 1053 ++pid_inner_skips; 1054 goto restart1; 1055 } 1056 } 1057 1058 /* 1059 * Assign the pid and insert the process. 1060 */ 1061 p->p_pid = base; 1062 LIST_INSERT_HEAD(&allprocs[n], p, p_list); 1063 lwkt_reltoken(&proc_tokens[n]); 1064 } 1065 1066 /* 1067 * Called from exit1 to place the process into a zombie state. 1068 * The process is removed from the pid hash and p_stat is set 1069 * to SZOMB. Normal pfind[n]() calls will not find it any more. 1070 * 1071 * Caller must hold p->p_token. We are required to wait until p_lock 1072 * becomes zero before we can manipulate the list, allowing allproc 1073 * scans to guarantee consistency during a list scan. 1074 */ 1075 void 1076 proc_move_allproc_zombie(struct proc *p) 1077 { 1078 int n; 1079 1080 n = ALLPROC_HASH(p->p_pid); 1081 PSTALL(p, "reap1", 0); 1082 lwkt_gettoken(&proc_tokens[n]); 1083 1084 PSTALL(p, "reap1a", 0); 1085 p->p_stat = SZOMB; 1086 1087 lwkt_reltoken(&proc_tokens[n]); 1088 dsched_exit_proc(p); 1089 } 1090 1091 /* 1092 * This routine is called from kern_wait() and will remove the process 1093 * from the zombie list and the sibling list. This routine will block 1094 * if someone has a lock on the proces (p_lock). 1095 * 1096 * Caller must hold p->p_token. We are required to wait until p_lock 1097 * becomes zero before we can manipulate the list, allowing allproc 1098 * scans to guarantee consistency during a list scan. 1099 */ 1100 void 1101 proc_remove_zombie(struct proc *p) 1102 { 1103 int n; 1104 1105 n = ALLPROC_HASH(p->p_pid); 1106 1107 PSTALL(p, "reap2", 0); 1108 lwkt_gettoken(&proc_tokens[n]); 1109 PSTALL(p, "reap2a", 0); 1110 LIST_REMOVE(p, p_list); /* from remove master list */ 1111 LIST_REMOVE(p, p_sibling); /* and from sibling list */ 1112 p->p_pptr = NULL; 1113 pid_doms[p->p_pid % PIDSEL_DOMAINS] = (uint8_t)time_second; 1114 lwkt_reltoken(&proc_tokens[n]); 1115 } 1116 1117 /* 1118 * Handle various requirements prior to returning to usermode. Called from 1119 * platform trap and system call code. 1120 */ 1121 void 1122 lwpuserret(struct lwp *lp) 1123 { 1124 struct proc *p = lp->lwp_proc; 1125 1126 if (lp->lwp_mpflags & LWP_MP_VNLRU) { 1127 atomic_clear_int(&lp->lwp_mpflags, LWP_MP_VNLRU); 1128 allocvnode_gc(); 1129 } 1130 if (lp->lwp_mpflags & LWP_MP_WEXIT) { 1131 lwkt_gettoken(&p->p_token); 1132 lwp_exit(0, NULL); 1133 lwkt_reltoken(&p->p_token); /* NOT REACHED */ 1134 } 1135 } 1136 1137 /* 1138 * Kernel threads run from user processes can also accumulate deferred 1139 * actions which need to be acted upon. Callers include: 1140 * 1141 * nfsd - Can allocate lots of vnodes 1142 */ 1143 void 1144 lwpkthreaddeferred(void) 1145 { 1146 struct lwp *lp = curthread->td_lwp; 1147 1148 if (lp) { 1149 if (lp->lwp_mpflags & LWP_MP_VNLRU) { 1150 atomic_clear_int(&lp->lwp_mpflags, LWP_MP_VNLRU); 1151 allocvnode_gc(); 1152 } 1153 } 1154 } 1155 1156 void 1157 proc_usermap(struct proc *p, int invfork) 1158 { 1159 struct sys_upmap *upmap; 1160 1161 lwkt_gettoken(&p->p_token); 1162 upmap = kmalloc(roundup2(sizeof(*upmap), PAGE_SIZE), M_PROC, 1163 M_WAITOK | M_ZERO); 1164 if (p->p_upmap == NULL) { 1165 upmap->header[0].type = UKPTYPE_VERSION; 1166 upmap->header[0].offset = offsetof(struct sys_upmap, version); 1167 upmap->header[1].type = UPTYPE_RUNTICKS; 1168 upmap->header[1].offset = offsetof(struct sys_upmap, runticks); 1169 upmap->header[2].type = UPTYPE_FORKID; 1170 upmap->header[2].offset = offsetof(struct sys_upmap, forkid); 1171 upmap->header[3].type = UPTYPE_PID; 1172 upmap->header[3].offset = offsetof(struct sys_upmap, pid); 1173 upmap->header[4].type = UPTYPE_PROC_TITLE; 1174 upmap->header[4].offset = offsetof(struct sys_upmap,proc_title); 1175 upmap->header[5].type = UPTYPE_INVFORK; 1176 upmap->header[5].offset = offsetof(struct sys_upmap, invfork); 1177 1178 upmap->version = UPMAP_VERSION; 1179 upmap->pid = p->p_pid; 1180 upmap->forkid = p->p_forkid; 1181 upmap->invfork = invfork; 1182 p->p_upmap = upmap; 1183 } else { 1184 kfree(upmap, M_PROC); 1185 } 1186 lwkt_reltoken(&p->p_token); 1187 } 1188 1189 void 1190 proc_userunmap(struct proc *p) 1191 { 1192 struct sys_upmap *upmap; 1193 1194 lwkt_gettoken(&p->p_token); 1195 if ((upmap = p->p_upmap) != NULL) { 1196 p->p_upmap = NULL; 1197 kfree(upmap, M_PROC); 1198 } 1199 lwkt_reltoken(&p->p_token); 1200 } 1201 1202 /* 1203 * Scan all processes on the allproc list. The process is automatically 1204 * held for the callback. A return value of -1 terminates the loop. 1205 * Zombie procs are skipped. 1206 * 1207 * The callback is made with the process held and proc_token held. 1208 * 1209 * We limit the scan to the number of processes as-of the start of 1210 * the scan so as not to get caught up in an endless loop if new processes 1211 * are created more quickly than we can scan the old ones. Add a little 1212 * slop to try to catch edge cases since nprocs can race. 1213 * 1214 * No requirements. 1215 */ 1216 void 1217 allproc_scan(int (*callback)(struct proc *, void *), void *data) 1218 { 1219 int limit = nprocs + ncpus; 1220 struct proc *p; 1221 int r; 1222 int n; 1223 1224 /* 1225 * proc_tokens[n] protects the allproc list and PHOLD() prevents the 1226 * process from being removed from the allproc list or the zombproc 1227 * list. 1228 */ 1229 for (n = 0; n < ALLPROC_HSIZE; ++n) { 1230 if (LIST_FIRST(&allprocs[n]) == NULL) 1231 continue; 1232 lwkt_gettoken(&proc_tokens[n]); 1233 LIST_FOREACH(p, &allprocs[n], p_list) { 1234 if (p->p_stat == SZOMB) 1235 continue; 1236 PHOLD(p); 1237 r = callback(p, data); 1238 PRELE(p); 1239 if (r < 0) 1240 break; 1241 if (--limit < 0) 1242 break; 1243 } 1244 lwkt_reltoken(&proc_tokens[n]); 1245 1246 /* 1247 * Check if asked to stop early 1248 */ 1249 if (p) 1250 break; 1251 } 1252 } 1253 1254 /* 1255 * Scan all lwps of processes on the allproc list. The lwp is automatically 1256 * held for the callback. A return value of -1 terminates the loop. 1257 * 1258 * The callback is made with the proces and lwp both held, and proc_token held. 1259 * 1260 * No requirements. 1261 */ 1262 void 1263 alllwp_scan(int (*callback)(struct lwp *, void *), void *data) 1264 { 1265 struct proc *p; 1266 struct lwp *lp; 1267 int r = 0; 1268 int n; 1269 1270 for (n = 0; n < ALLPROC_HSIZE; ++n) { 1271 if (LIST_FIRST(&allprocs[n]) == NULL) 1272 continue; 1273 lwkt_gettoken(&proc_tokens[n]); 1274 LIST_FOREACH(p, &allprocs[n], p_list) { 1275 if (p->p_stat == SZOMB) 1276 continue; 1277 PHOLD(p); 1278 lwkt_gettoken(&p->p_token); 1279 FOREACH_LWP_IN_PROC(lp, p) { 1280 LWPHOLD(lp); 1281 r = callback(lp, data); 1282 LWPRELE(lp); 1283 } 1284 lwkt_reltoken(&p->p_token); 1285 PRELE(p); 1286 if (r < 0) 1287 break; 1288 } 1289 lwkt_reltoken(&proc_tokens[n]); 1290 1291 /* 1292 * Asked to exit early 1293 */ 1294 if (p) 1295 break; 1296 } 1297 } 1298 1299 /* 1300 * Scan all processes on the zombproc list. The process is automatically 1301 * held for the callback. A return value of -1 terminates the loop. 1302 * 1303 * No requirements. 1304 * The callback is made with the proces held and proc_token held. 1305 */ 1306 void 1307 zombproc_scan(int (*callback)(struct proc *, void *), void *data) 1308 { 1309 struct proc *p; 1310 int r; 1311 int n; 1312 1313 /* 1314 * proc_tokens[n] protects the allproc list and PHOLD() prevents the 1315 * process from being removed from the allproc list or the zombproc 1316 * list. 1317 */ 1318 for (n = 0; n < ALLPROC_HSIZE; ++n) { 1319 if (LIST_FIRST(&allprocs[n]) == NULL) 1320 continue; 1321 lwkt_gettoken(&proc_tokens[n]); 1322 LIST_FOREACH(p, &allprocs[n], p_list) { 1323 if (p->p_stat != SZOMB) 1324 continue; 1325 PHOLD(p); 1326 r = callback(p, data); 1327 PRELE(p); 1328 if (r < 0) 1329 break; 1330 } 1331 lwkt_reltoken(&proc_tokens[n]); 1332 1333 /* 1334 * Check if asked to stop early 1335 */ 1336 if (p) 1337 break; 1338 } 1339 } 1340 1341 #include "opt_ddb.h" 1342 #ifdef DDB 1343 #include <ddb/ddb.h> 1344 1345 /* 1346 * Debugging only 1347 */ 1348 DB_SHOW_COMMAND(pgrpdump, pgrpdump) 1349 { 1350 struct pgrp *pgrp; 1351 struct proc *p; 1352 int i; 1353 1354 for (i = 0; i < ALLPROC_HSIZE; ++i) { 1355 if (LIST_EMPTY(&allpgrps[i])) 1356 continue; 1357 kprintf("\tindx %d\n", i); 1358 LIST_FOREACH(pgrp, &allpgrps[i], pg_list) { 1359 kprintf("\tpgrp %p, pgid %ld, sess %p, " 1360 "sesscnt %d, mem %p\n", 1361 (void *)pgrp, (long)pgrp->pg_id, 1362 (void *)pgrp->pg_session, 1363 pgrp->pg_session->s_count, 1364 (void *)LIST_FIRST(&pgrp->pg_members)); 1365 LIST_FOREACH(p, &pgrp->pg_members, p_pglist) { 1366 kprintf("\t\tpid %ld addr %p pgrp %p\n", 1367 (long)p->p_pid, (void *)p, 1368 (void *)p->p_pgrp); 1369 } 1370 } 1371 } 1372 } 1373 #endif /* DDB */ 1374 1375 /* 1376 * The caller must hold proc_token. 1377 */ 1378 static int 1379 sysctl_out_proc(struct proc *p, struct sysctl_req *req, int flags) 1380 { 1381 struct kinfo_proc ki; 1382 struct lwp *lp; 1383 int skp = 0, had_output = 0; 1384 int error; 1385 1386 bzero(&ki, sizeof(ki)); 1387 lwkt_gettoken_shared(&p->p_token); 1388 fill_kinfo_proc(p, &ki); 1389 if ((flags & KERN_PROC_FLAG_LWP) == 0) 1390 skp = 1; 1391 error = 0; 1392 FOREACH_LWP_IN_PROC(lp, p) { 1393 LWPHOLD(lp); 1394 fill_kinfo_lwp(lp, &ki.kp_lwp); 1395 had_output = 1; 1396 error = SYSCTL_OUT(req, &ki, sizeof(ki)); 1397 LWPRELE(lp); 1398 if (error) 1399 break; 1400 if (skp) 1401 break; 1402 } 1403 lwkt_reltoken(&p->p_token); 1404 /* We need to output at least the proc, even if there is no lwp. */ 1405 if (had_output == 0) { 1406 error = SYSCTL_OUT(req, &ki, sizeof(ki)); 1407 } 1408 return (error); 1409 } 1410 1411 /* 1412 * The caller must hold proc_token. 1413 */ 1414 static int 1415 sysctl_out_proc_kthread(struct thread *td, struct sysctl_req *req) 1416 { 1417 struct kinfo_proc ki; 1418 int error; 1419 1420 fill_kinfo_proc_kthread(td, &ki); 1421 error = SYSCTL_OUT(req, &ki, sizeof(ki)); 1422 if (error) 1423 return error; 1424 return(0); 1425 } 1426 1427 /* 1428 * No requirements. 1429 */ 1430 static int 1431 sysctl_kern_proc(SYSCTL_HANDLER_ARGS) 1432 { 1433 int *name = (int *)arg1; 1434 int oid = oidp->oid_number; 1435 u_int namelen = arg2; 1436 struct proc *p; 1437 struct thread *td; 1438 struct thread *marker; 1439 int flags = 0; 1440 int error = 0; 1441 int n; 1442 int origcpu; 1443 struct ucred *cr1 = curproc->p_ucred; 1444 1445 flags = oid & KERN_PROC_FLAGMASK; 1446 oid &= ~KERN_PROC_FLAGMASK; 1447 1448 if ((oid == KERN_PROC_ALL && namelen != 0) || 1449 (oid != KERN_PROC_ALL && namelen != 1)) { 1450 return (EINVAL); 1451 } 1452 1453 /* 1454 * proc_token protects the allproc list and PHOLD() prevents the 1455 * process from being removed from the allproc list or the zombproc 1456 * list. 1457 */ 1458 if (oid == KERN_PROC_PID) { 1459 p = pfind((pid_t)name[0]); 1460 if (p) { 1461 if (PRISON_CHECK(cr1, p->p_ucred)) 1462 error = sysctl_out_proc(p, req, flags); 1463 PRELE(p); 1464 } 1465 goto post_threads; 1466 } 1467 p = NULL; 1468 1469 if (!req->oldptr) { 1470 /* overestimate by 5 procs */ 1471 error = SYSCTL_OUT(req, 0, sizeof (struct kinfo_proc) * 5); 1472 if (error) 1473 goto post_threads; 1474 } 1475 1476 for (n = 0; n < ALLPROC_HSIZE; ++n) { 1477 if (LIST_EMPTY(&allprocs[n])) 1478 continue; 1479 lwkt_gettoken_shared(&proc_tokens[n]); 1480 LIST_FOREACH(p, &allprocs[n], p_list) { 1481 /* 1482 * Show a user only their processes. 1483 */ 1484 if ((!ps_showallprocs) && 1485 (p->p_ucred == NULL || p_trespass(cr1, p->p_ucred))) { 1486 continue; 1487 } 1488 /* 1489 * Skip embryonic processes. 1490 */ 1491 if (p->p_stat == SIDL) 1492 continue; 1493 /* 1494 * TODO - make more efficient (see notes below). 1495 * do by session. 1496 */ 1497 switch (oid) { 1498 case KERN_PROC_PGRP: 1499 /* could do this by traversing pgrp */ 1500 if (p->p_pgrp == NULL || 1501 p->p_pgrp->pg_id != (pid_t)name[0]) 1502 continue; 1503 break; 1504 1505 case KERN_PROC_TTY: 1506 if ((p->p_flags & P_CONTROLT) == 0 || 1507 p->p_session == NULL || 1508 p->p_session->s_ttyp == NULL || 1509 dev2udev(p->p_session->s_ttyp->t_dev) != 1510 (udev_t)name[0]) 1511 continue; 1512 break; 1513 1514 case KERN_PROC_UID: 1515 if (p->p_ucred == NULL || 1516 p->p_ucred->cr_uid != (uid_t)name[0]) 1517 continue; 1518 break; 1519 1520 case KERN_PROC_RUID: 1521 if (p->p_ucred == NULL || 1522 p->p_ucred->cr_ruid != (uid_t)name[0]) 1523 continue; 1524 break; 1525 } 1526 1527 if (!PRISON_CHECK(cr1, p->p_ucred)) 1528 continue; 1529 PHOLD(p); 1530 error = sysctl_out_proc(p, req, flags); 1531 PRELE(p); 1532 if (error) { 1533 lwkt_reltoken(&proc_tokens[n]); 1534 goto post_threads; 1535 } 1536 } 1537 lwkt_reltoken(&proc_tokens[n]); 1538 } 1539 1540 /* 1541 * Iterate over all active cpus and scan their thread list. Start 1542 * with the next logical cpu and end with our original cpu. We 1543 * migrate our own thread to each target cpu in order to safely scan 1544 * its thread list. In the last loop we migrate back to our original 1545 * cpu. 1546 */ 1547 origcpu = mycpu->gd_cpuid; 1548 if (!ps_showallthreads || jailed(cr1)) 1549 goto post_threads; 1550 1551 marker = kmalloc(sizeof(struct thread), M_TEMP, M_WAITOK|M_ZERO); 1552 marker->td_flags = TDF_MARKER; 1553 error = 0; 1554 1555 for (n = 1; n <= ncpus; ++n) { 1556 globaldata_t rgd; 1557 int nid; 1558 1559 nid = (origcpu + n) % ncpus; 1560 if (CPUMASK_TESTBIT(smp_active_mask, nid) == 0) 1561 continue; 1562 rgd = globaldata_find(nid); 1563 lwkt_setcpu_self(rgd); 1564 1565 crit_enter(); 1566 TAILQ_INSERT_TAIL(&rgd->gd_tdallq, marker, td_allq); 1567 1568 while ((td = TAILQ_PREV(marker, lwkt_queue, td_allq)) != NULL) { 1569 TAILQ_REMOVE(&rgd->gd_tdallq, marker, td_allq); 1570 TAILQ_INSERT_BEFORE(td, marker, td_allq); 1571 if (td->td_flags & TDF_MARKER) 1572 continue; 1573 if (td->td_proc) 1574 continue; 1575 1576 lwkt_hold(td); 1577 crit_exit(); 1578 1579 switch (oid) { 1580 case KERN_PROC_PGRP: 1581 case KERN_PROC_TTY: 1582 case KERN_PROC_UID: 1583 case KERN_PROC_RUID: 1584 break; 1585 default: 1586 error = sysctl_out_proc_kthread(td, req); 1587 break; 1588 } 1589 lwkt_rele(td); 1590 crit_enter(); 1591 if (error) 1592 break; 1593 } 1594 TAILQ_REMOVE(&rgd->gd_tdallq, marker, td_allq); 1595 crit_exit(); 1596 1597 if (error) 1598 break; 1599 } 1600 1601 /* 1602 * Userland scheduler expects us to return on the same cpu we 1603 * started on. 1604 */ 1605 if (mycpu->gd_cpuid != origcpu) 1606 lwkt_setcpu_self(globaldata_find(origcpu)); 1607 1608 kfree(marker, M_TEMP); 1609 1610 post_threads: 1611 return (error); 1612 } 1613 1614 /* 1615 * This sysctl allows a process to retrieve the argument list or process 1616 * title for another process without groping around in the address space 1617 * of the other process. It also allow a process to set its own "process 1618 * title to a string of its own choice. 1619 * 1620 * No requirements. 1621 */ 1622 static int 1623 sysctl_kern_proc_args(SYSCTL_HANDLER_ARGS) 1624 { 1625 int *name = (int*) arg1; 1626 u_int namelen = arg2; 1627 struct proc *p; 1628 struct pargs *opa; 1629 struct pargs *pa; 1630 int error = 0; 1631 struct ucred *cr1 = curproc->p_ucred; 1632 1633 if (namelen != 1) 1634 return (EINVAL); 1635 1636 p = pfind((pid_t)name[0]); 1637 if (p == NULL) 1638 goto done; 1639 lwkt_gettoken(&p->p_token); 1640 1641 if ((!ps_argsopen) && p_trespass(cr1, p->p_ucred)) 1642 goto done; 1643 1644 if (req->newptr && curproc != p) { 1645 error = EPERM; 1646 goto done; 1647 } 1648 if (req->oldptr) { 1649 if (p->p_upmap != NULL && p->p_upmap->proc_title[0]) { 1650 /* 1651 * Args set via writable user process mmap. 1652 * We must calculate the string length manually 1653 * because the user data can change at any time. 1654 */ 1655 size_t n; 1656 char *base; 1657 1658 base = p->p_upmap->proc_title; 1659 for (n = 0; n < UPMAP_MAXPROCTITLE - 1; ++n) { 1660 if (base[n] == 0) 1661 break; 1662 } 1663 error = SYSCTL_OUT(req, base, n); 1664 if (error == 0) 1665 error = SYSCTL_OUT(req, "", 1); 1666 } else if ((pa = p->p_args) != NULL) { 1667 /* 1668 * Args set by setproctitle() sysctl. 1669 */ 1670 refcount_acquire(&pa->ar_ref); 1671 error = SYSCTL_OUT(req, pa->ar_args, pa->ar_length); 1672 if (refcount_release(&pa->ar_ref)) 1673 kfree(pa, M_PARGS); 1674 } 1675 } 1676 if (req->newptr == NULL) 1677 goto done; 1678 1679 if (req->newlen + sizeof(struct pargs) > ps_arg_cache_limit) { 1680 goto done; 1681 } 1682 1683 pa = kmalloc(sizeof(struct pargs) + req->newlen, M_PARGS, M_WAITOK); 1684 refcount_init(&pa->ar_ref, 1); 1685 pa->ar_length = req->newlen; 1686 error = SYSCTL_IN(req, pa->ar_args, req->newlen); 1687 if (error) { 1688 kfree(pa, M_PARGS); 1689 goto done; 1690 } 1691 1692 1693 /* 1694 * Replace p_args with the new pa. p_args may have previously 1695 * been NULL. 1696 */ 1697 opa = p->p_args; 1698 p->p_args = pa; 1699 1700 if (opa) { 1701 KKASSERT(opa->ar_ref > 0); 1702 if (refcount_release(&opa->ar_ref)) { 1703 kfree(opa, M_PARGS); 1704 /* opa = NULL; */ 1705 } 1706 } 1707 done: 1708 if (p) { 1709 lwkt_reltoken(&p->p_token); 1710 PRELE(p); 1711 } 1712 return (error); 1713 } 1714 1715 static int 1716 sysctl_kern_proc_cwd(SYSCTL_HANDLER_ARGS) 1717 { 1718 int *name = (int*) arg1; 1719 u_int namelen = arg2; 1720 struct proc *p; 1721 int error = 0; 1722 char *fullpath, *freepath; 1723 struct ucred *cr1 = curproc->p_ucred; 1724 1725 if (namelen != 1) 1726 return (EINVAL); 1727 1728 p = pfind((pid_t)name[0]); 1729 if (p == NULL) 1730 goto done; 1731 lwkt_gettoken_shared(&p->p_token); 1732 1733 /* 1734 * If we are not allowed to see other args, we certainly shouldn't 1735 * get the cwd either. Also check the usual trespassing. 1736 */ 1737 if ((!ps_argsopen) && p_trespass(cr1, p->p_ucred)) 1738 goto done; 1739 1740 if (req->oldptr && p->p_fd != NULL && p->p_fd->fd_ncdir.ncp) { 1741 struct nchandle nch; 1742 1743 cache_copy(&p->p_fd->fd_ncdir, &nch); 1744 error = cache_fullpath(p, &nch, NULL, 1745 &fullpath, &freepath, 0); 1746 cache_drop(&nch); 1747 if (error) 1748 goto done; 1749 error = SYSCTL_OUT(req, fullpath, strlen(fullpath) + 1); 1750 kfree(freepath, M_TEMP); 1751 } 1752 1753 done: 1754 if (p) { 1755 lwkt_reltoken(&p->p_token); 1756 PRELE(p); 1757 } 1758 return (error); 1759 } 1760 1761 /* 1762 * This sysctl allows a process to retrieve the path of the executable for 1763 * itself or another process. 1764 */ 1765 static int 1766 sysctl_kern_proc_pathname(SYSCTL_HANDLER_ARGS) 1767 { 1768 pid_t *pidp = (pid_t *)arg1; 1769 unsigned int arglen = arg2; 1770 struct proc *p; 1771 struct vnode *vp; 1772 char *retbuf, *freebuf; 1773 int error = 0; 1774 1775 if (arglen != 1) 1776 return (EINVAL); 1777 if (*pidp == -1) { /* -1 means this process */ 1778 p = curproc; 1779 } else { 1780 p = pfind(*pidp); 1781 if (p == NULL) 1782 return (ESRCH); 1783 } 1784 1785 vp = p->p_textvp; 1786 if (vp == NULL) 1787 goto done; 1788 1789 vref(vp); 1790 error = vn_fullpath(p, vp, &retbuf, &freebuf, 0); 1791 vrele(vp); 1792 if (error) 1793 goto done; 1794 error = SYSCTL_OUT(req, retbuf, strlen(retbuf) + 1); 1795 kfree(freebuf, M_TEMP); 1796 done: 1797 if(*pidp != -1) 1798 PRELE(p); 1799 1800 return (error); 1801 } 1802 1803 SYSCTL_NODE(_kern, KERN_PROC, proc, CTLFLAG_RD, 0, "Process table"); 1804 1805 SYSCTL_PROC(_kern_proc, KERN_PROC_ALL, all, CTLFLAG_RD|CTLTYPE_STRUCT, 1806 0, 0, sysctl_kern_proc, "S,proc", "Return entire process table"); 1807 1808 SYSCTL_NODE(_kern_proc, KERN_PROC_PGRP, pgrp, CTLFLAG_RD, 1809 sysctl_kern_proc, "Process table"); 1810 1811 SYSCTL_NODE(_kern_proc, KERN_PROC_TTY, tty, CTLFLAG_RD, 1812 sysctl_kern_proc, "Process table"); 1813 1814 SYSCTL_NODE(_kern_proc, KERN_PROC_UID, uid, CTLFLAG_RD, 1815 sysctl_kern_proc, "Process table"); 1816 1817 SYSCTL_NODE(_kern_proc, KERN_PROC_RUID, ruid, CTLFLAG_RD, 1818 sysctl_kern_proc, "Process table"); 1819 1820 SYSCTL_NODE(_kern_proc, KERN_PROC_PID, pid, CTLFLAG_RD, 1821 sysctl_kern_proc, "Process table"); 1822 1823 SYSCTL_NODE(_kern_proc, (KERN_PROC_ALL | KERN_PROC_FLAG_LWP), all_lwp, CTLFLAG_RD, 1824 sysctl_kern_proc, "Process table"); 1825 1826 SYSCTL_NODE(_kern_proc, (KERN_PROC_PGRP | KERN_PROC_FLAG_LWP), pgrp_lwp, CTLFLAG_RD, 1827 sysctl_kern_proc, "Process table"); 1828 1829 SYSCTL_NODE(_kern_proc, (KERN_PROC_TTY | KERN_PROC_FLAG_LWP), tty_lwp, CTLFLAG_RD, 1830 sysctl_kern_proc, "Process table"); 1831 1832 SYSCTL_NODE(_kern_proc, (KERN_PROC_UID | KERN_PROC_FLAG_LWP), uid_lwp, CTLFLAG_RD, 1833 sysctl_kern_proc, "Process table"); 1834 1835 SYSCTL_NODE(_kern_proc, (KERN_PROC_RUID | KERN_PROC_FLAG_LWP), ruid_lwp, CTLFLAG_RD, 1836 sysctl_kern_proc, "Process table"); 1837 1838 SYSCTL_NODE(_kern_proc, (KERN_PROC_PID | KERN_PROC_FLAG_LWP), pid_lwp, CTLFLAG_RD, 1839 sysctl_kern_proc, "Process table"); 1840 1841 SYSCTL_NODE(_kern_proc, KERN_PROC_ARGS, args, CTLFLAG_RW | CTLFLAG_ANYBODY, 1842 sysctl_kern_proc_args, "Process argument list"); 1843 1844 SYSCTL_NODE(_kern_proc, KERN_PROC_CWD, cwd, CTLFLAG_RD | CTLFLAG_ANYBODY, 1845 sysctl_kern_proc_cwd, "Process argument list"); 1846 1847 static SYSCTL_NODE(_kern_proc, KERN_PROC_PATHNAME, pathname, CTLFLAG_RD, 1848 sysctl_kern_proc_pathname, "Process executable path"); 1849