1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1982, 1986, 1989, 1991, 1993 5 * The Regents of the University of California. All rights reserved. 6 * (c) UNIX System Laboratories, Inc. 7 * All or some portions of this file are derived from material licensed 8 * to the University of California by American Telephone and Telegraph 9 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 10 * the permission of UNIX System Laboratories, Inc. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)kern_sig.c 8.7 (Berkeley) 4/18/94 37 */ 38 39#include <sys/cdefs.h> 40__FBSDID("$FreeBSD$"); 41 42#include "opt_ktrace.h" 43 44#include <sys/param.h> 45#include <sys/ctype.h> 46#include <sys/systm.h> 47#include <sys/signalvar.h> 48#include <sys/vnode.h> 49#include <sys/acct.h> 50#include <sys/capsicum.h> 51#include <sys/compressor.h> 52#include <sys/condvar.h> 53#include <sys/devctl.h> 54#include <sys/event.h> 55#include <sys/fcntl.h> 56#include <sys/imgact.h> 57#include <sys/kernel.h> 58#include <sys/ktr.h> 59#include <sys/ktrace.h> 60#include <sys/limits.h> 61#include <sys/lock.h> 62#include <sys/malloc.h> 63#include <sys/mutex.h> 64#include <sys/refcount.h> 65#include <sys/namei.h> 66#include <sys/proc.h> 67#include <sys/procdesc.h> 68#include <sys/ptrace.h> 69#include <sys/posix4.h> 70#include <sys/racct.h> 71#include <sys/resourcevar.h> 72#include <sys/sdt.h> 73#include <sys/sbuf.h> 74#include <sys/sleepqueue.h> 75#include <sys/smp.h> 76#include <sys/stat.h> 77#include <sys/sx.h> 78#include <sys/syscallsubr.h> 79#include <sys/sysctl.h> 80#include <sys/sysent.h> 81#include <sys/syslog.h> 82#include <sys/sysproto.h> 83#include <sys/timers.h> 84#include <sys/unistd.h> 85#include <sys/wait.h> 86#include <vm/vm.h> 87#include <vm/vm_extern.h> 88#include <vm/uma.h> 89 90#include <sys/jail.h> 91 92#include <machine/cpu.h> 93 94#include <security/audit/audit.h> 95 96#define ONSIG 32 /* NSIG for osig* syscalls. XXX. */ 97 98SDT_PROVIDER_DECLARE(proc); 99SDT_PROBE_DEFINE3(proc, , , signal__send, 100 "struct thread *", "struct proc *", "int"); 101SDT_PROBE_DEFINE2(proc, , , signal__clear, 102 "int", "ksiginfo_t *"); 103SDT_PROBE_DEFINE3(proc, , , signal__discard, 104 "struct thread *", "struct proc *", "int"); 105 106static int coredump(struct thread *); 107static int killpg1(struct thread *td, int sig, int pgid, int all, 108 ksiginfo_t *ksi); 109static int issignal(struct thread *td); 110static void reschedule_signals(struct proc *p, sigset_t block, int flags); 111static int sigprop(int sig); 112static void tdsigwakeup(struct thread *, int, sig_t, int); 113static int sig_suspend_threads(struct thread *, struct proc *, int); 114static int filt_sigattach(struct knote *kn); 115static void filt_sigdetach(struct knote *kn); 116static int filt_signal(struct knote *kn, long hint); 117static struct thread *sigtd(struct proc *p, int sig, bool fast_sigblock); 118static void sigqueue_start(void); 119 120static uma_zone_t ksiginfo_zone = NULL; 121struct filterops sig_filtops = { 122 .f_isfd = 0, 123 .f_attach = filt_sigattach, 124 .f_detach = filt_sigdetach, 125 .f_event = filt_signal, 126}; 127 128static int kern_logsigexit = 1; 129SYSCTL_INT(_kern, KERN_LOGSIGEXIT, logsigexit, CTLFLAG_RW, 130 &kern_logsigexit, 0, 131 "Log processes quitting on abnormal signals to syslog(3)"); 132 133static int kern_forcesigexit = 1; 134SYSCTL_INT(_kern, OID_AUTO, forcesigexit, CTLFLAG_RW, 135 &kern_forcesigexit, 0, "Force trap signal to be handled"); 136 137static SYSCTL_NODE(_kern, OID_AUTO, sigqueue, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 138 "POSIX real time signal"); 139 140static int max_pending_per_proc = 128; 141SYSCTL_INT(_kern_sigqueue, OID_AUTO, max_pending_per_proc, CTLFLAG_RW, 142 &max_pending_per_proc, 0, "Max pending signals per proc"); 143 144static int preallocate_siginfo = 1024; 145SYSCTL_INT(_kern_sigqueue, OID_AUTO, preallocate, CTLFLAG_RDTUN, 146 &preallocate_siginfo, 0, "Preallocated signal memory size"); 147 148static int signal_overflow = 0; 149SYSCTL_INT(_kern_sigqueue, OID_AUTO, overflow, CTLFLAG_RD, 150 &signal_overflow, 0, "Number of signals overflew"); 151 152static int signal_alloc_fail = 0; 153SYSCTL_INT(_kern_sigqueue, OID_AUTO, alloc_fail, CTLFLAG_RD, 154 &signal_alloc_fail, 0, "signals failed to be allocated"); 155 156static int kern_lognosys = 0; 157SYSCTL_INT(_kern, OID_AUTO, lognosys, CTLFLAG_RWTUN, &kern_lognosys, 0, 158 "Log invalid syscalls"); 159 160__read_frequently bool sigfastblock_fetch_always = false; 161SYSCTL_BOOL(_kern, OID_AUTO, sigfastblock_fetch_always, CTLFLAG_RWTUN, 162 &sigfastblock_fetch_always, 0, 163 "Fetch sigfastblock word on each syscall entry for proper " 164 "blocking semantic"); 165 166static bool kern_sig_discard_ign = true; 167SYSCTL_BOOL(_kern, OID_AUTO, sig_discard_ign, CTLFLAG_RWTUN, 168 &kern_sig_discard_ign, 0, 169 "Discard ignored signals on delivery, otherwise queue them to " 170 "the target queue"); 171 172SYSINIT(signal, SI_SUB_P1003_1B, SI_ORDER_FIRST+3, sigqueue_start, NULL); 173 174/* 175 * Policy -- Can ucred cr1 send SIGIO to process cr2? 176 * Should use cr_cansignal() once cr_cansignal() allows SIGIO and SIGURG 177 * in the right situations. 178 */ 179#define CANSIGIO(cr1, cr2) \ 180 ((cr1)->cr_uid == 0 || \ 181 (cr1)->cr_ruid == (cr2)->cr_ruid || \ 182 (cr1)->cr_uid == (cr2)->cr_ruid || \ 183 (cr1)->cr_ruid == (cr2)->cr_uid || \ 184 (cr1)->cr_uid == (cr2)->cr_uid) 185 186static int sugid_coredump; 187SYSCTL_INT(_kern, OID_AUTO, sugid_coredump, CTLFLAG_RWTUN, 188 &sugid_coredump, 0, "Allow setuid and setgid processes to dump core"); 189 190static int capmode_coredump; 191SYSCTL_INT(_kern, OID_AUTO, capmode_coredump, CTLFLAG_RWTUN, 192 &capmode_coredump, 0, "Allow processes in capability mode to dump core"); 193 194static int do_coredump = 1; 195SYSCTL_INT(_kern, OID_AUTO, coredump, CTLFLAG_RW, 196 &do_coredump, 0, "Enable/Disable coredumps"); 197 198static int set_core_nodump_flag = 0; 199SYSCTL_INT(_kern, OID_AUTO, nodump_coredump, CTLFLAG_RW, &set_core_nodump_flag, 200 0, "Enable setting the NODUMP flag on coredump files"); 201 202static int coredump_devctl = 0; 203SYSCTL_INT(_kern, OID_AUTO, coredump_devctl, CTLFLAG_RW, &coredump_devctl, 204 0, "Generate a devctl notification when processes coredump"); 205 206/* 207 * Signal properties and actions. 208 * The array below categorizes the signals and their default actions 209 * according to the following properties: 210 */ 211#define SIGPROP_KILL 0x01 /* terminates process by default */ 212#define SIGPROP_CORE 0x02 /* ditto and coredumps */ 213#define SIGPROP_STOP 0x04 /* suspend process */ 214#define SIGPROP_TTYSTOP 0x08 /* ditto, from tty */ 215#define SIGPROP_IGNORE 0x10 /* ignore by default */ 216#define SIGPROP_CONT 0x20 /* continue if suspended */ 217#define SIGPROP_CANTMASK 0x40 /* non-maskable, catchable */ 218 219static int sigproptbl[NSIG] = { 220 [SIGHUP] = SIGPROP_KILL, 221 [SIGINT] = SIGPROP_KILL, 222 [SIGQUIT] = SIGPROP_KILL | SIGPROP_CORE, 223 [SIGILL] = SIGPROP_KILL | SIGPROP_CORE, 224 [SIGTRAP] = SIGPROP_KILL | SIGPROP_CORE, 225 [SIGABRT] = SIGPROP_KILL | SIGPROP_CORE, 226 [SIGEMT] = SIGPROP_KILL | SIGPROP_CORE, 227 [SIGFPE] = SIGPROP_KILL | SIGPROP_CORE, 228 [SIGKILL] = SIGPROP_KILL, 229 [SIGBUS] = SIGPROP_KILL | SIGPROP_CORE, 230 [SIGSEGV] = SIGPROP_KILL | SIGPROP_CORE, 231 [SIGSYS] = SIGPROP_KILL | SIGPROP_CORE, 232 [SIGPIPE] = SIGPROP_KILL, 233 [SIGALRM] = SIGPROP_KILL, 234 [SIGTERM] = SIGPROP_KILL, 235 [SIGURG] = SIGPROP_IGNORE, 236 [SIGSTOP] = SIGPROP_STOP, 237 [SIGTSTP] = SIGPROP_STOP | SIGPROP_TTYSTOP, 238 [SIGCONT] = SIGPROP_IGNORE | SIGPROP_CONT, 239 [SIGCHLD] = SIGPROP_IGNORE, 240 [SIGTTIN] = SIGPROP_STOP | SIGPROP_TTYSTOP, 241 [SIGTTOU] = SIGPROP_STOP | SIGPROP_TTYSTOP, 242 [SIGIO] = SIGPROP_IGNORE, 243 [SIGXCPU] = SIGPROP_KILL, 244 [SIGXFSZ] = SIGPROP_KILL, 245 [SIGVTALRM] = SIGPROP_KILL, 246 [SIGPROF] = SIGPROP_KILL, 247 [SIGWINCH] = SIGPROP_IGNORE, 248 [SIGINFO] = SIGPROP_IGNORE, 249 [SIGUSR1] = SIGPROP_KILL, 250 [SIGUSR2] = SIGPROP_KILL, 251}; 252 253sigset_t fastblock_mask; 254 255static void 256sigqueue_start(void) 257{ 258 ksiginfo_zone = uma_zcreate("ksiginfo", sizeof(ksiginfo_t), 259 NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); 260 uma_prealloc(ksiginfo_zone, preallocate_siginfo); 261 p31b_setcfg(CTL_P1003_1B_REALTIME_SIGNALS, _POSIX_REALTIME_SIGNALS); 262 p31b_setcfg(CTL_P1003_1B_RTSIG_MAX, SIGRTMAX - SIGRTMIN + 1); 263 p31b_setcfg(CTL_P1003_1B_SIGQUEUE_MAX, max_pending_per_proc); 264 SIGFILLSET(fastblock_mask); 265 SIG_CANTMASK(fastblock_mask); 266} 267 268ksiginfo_t * 269ksiginfo_alloc(int wait) 270{ 271 int flags; 272 273 flags = M_ZERO; 274 if (! wait) 275 flags |= M_NOWAIT; 276 if (ksiginfo_zone != NULL) 277 return ((ksiginfo_t *)uma_zalloc(ksiginfo_zone, flags)); 278 return (NULL); 279} 280 281void 282ksiginfo_free(ksiginfo_t *ksi) 283{ 284 uma_zfree(ksiginfo_zone, ksi); 285} 286 287static __inline int 288ksiginfo_tryfree(ksiginfo_t *ksi) 289{ 290 if (!(ksi->ksi_flags & KSI_EXT)) { 291 uma_zfree(ksiginfo_zone, ksi); 292 return (1); 293 } 294 return (0); 295} 296 297void 298sigqueue_init(sigqueue_t *list, struct proc *p) 299{ 300 SIGEMPTYSET(list->sq_signals); 301 SIGEMPTYSET(list->sq_kill); 302 SIGEMPTYSET(list->sq_ptrace); 303 TAILQ_INIT(&list->sq_list); 304 list->sq_proc = p; 305 list->sq_flags = SQ_INIT; 306} 307 308/* 309 * Get a signal's ksiginfo. 310 * Return: 311 * 0 - signal not found 312 * others - signal number 313 */ 314static int 315sigqueue_get(sigqueue_t *sq, int signo, ksiginfo_t *si) 316{ 317 struct proc *p = sq->sq_proc; 318 struct ksiginfo *ksi, *next; 319 int count = 0; 320 321 KASSERT(sq->sq_flags & SQ_INIT, ("sigqueue not inited")); 322 323 if (!SIGISMEMBER(sq->sq_signals, signo)) 324 return (0); 325 326 if (SIGISMEMBER(sq->sq_ptrace, signo)) { 327 count++; 328 SIGDELSET(sq->sq_ptrace, signo); 329 si->ksi_flags |= KSI_PTRACE; 330 } 331 if (SIGISMEMBER(sq->sq_kill, signo)) { 332 count++; 333 if (count == 1) 334 SIGDELSET(sq->sq_kill, signo); 335 } 336 337 TAILQ_FOREACH_SAFE(ksi, &sq->sq_list, ksi_link, next) { 338 if (ksi->ksi_signo == signo) { 339 if (count == 0) { 340 TAILQ_REMOVE(&sq->sq_list, ksi, ksi_link); 341 ksi->ksi_sigq = NULL; 342 ksiginfo_copy(ksi, si); 343 if (ksiginfo_tryfree(ksi) && p != NULL) 344 p->p_pendingcnt--; 345 } 346 if (++count > 1) 347 break; 348 } 349 } 350 351 if (count <= 1) 352 SIGDELSET(sq->sq_signals, signo); 353 si->ksi_signo = signo; 354 return (signo); 355} 356 357void 358sigqueue_take(ksiginfo_t *ksi) 359{ 360 struct ksiginfo *kp; 361 struct proc *p; 362 sigqueue_t *sq; 363 364 if (ksi == NULL || (sq = ksi->ksi_sigq) == NULL) 365 return; 366 367 p = sq->sq_proc; 368 TAILQ_REMOVE(&sq->sq_list, ksi, ksi_link); 369 ksi->ksi_sigq = NULL; 370 if (!(ksi->ksi_flags & KSI_EXT) && p != NULL) 371 p->p_pendingcnt--; 372 373 for (kp = TAILQ_FIRST(&sq->sq_list); kp != NULL; 374 kp = TAILQ_NEXT(kp, ksi_link)) { 375 if (kp->ksi_signo == ksi->ksi_signo) 376 break; 377 } 378 if (kp == NULL && !SIGISMEMBER(sq->sq_kill, ksi->ksi_signo) && 379 !SIGISMEMBER(sq->sq_ptrace, ksi->ksi_signo)) 380 SIGDELSET(sq->sq_signals, ksi->ksi_signo); 381} 382 383static int 384sigqueue_add(sigqueue_t *sq, int signo, ksiginfo_t *si) 385{ 386 struct proc *p = sq->sq_proc; 387 struct ksiginfo *ksi; 388 int ret = 0; 389 390 KASSERT(sq->sq_flags & SQ_INIT, ("sigqueue not inited")); 391 392 /* 393 * SIGKILL/SIGSTOP cannot be caught or masked, so take the fast path 394 * for these signals. 395 */ 396 if (signo == SIGKILL || signo == SIGSTOP || si == NULL) { 397 SIGADDSET(sq->sq_kill, signo); 398 goto out_set_bit; 399 } 400 401 /* directly insert the ksi, don't copy it */ 402 if (si->ksi_flags & KSI_INS) { 403 if (si->ksi_flags & KSI_HEAD) 404 TAILQ_INSERT_HEAD(&sq->sq_list, si, ksi_link); 405 else 406 TAILQ_INSERT_TAIL(&sq->sq_list, si, ksi_link); 407 si->ksi_sigq = sq; 408 goto out_set_bit; 409 } 410 411 if (__predict_false(ksiginfo_zone == NULL)) { 412 SIGADDSET(sq->sq_kill, signo); 413 goto out_set_bit; 414 } 415 416 if (p != NULL && p->p_pendingcnt >= max_pending_per_proc) { 417 signal_overflow++; 418 ret = EAGAIN; 419 } else if ((ksi = ksiginfo_alloc(0)) == NULL) { 420 signal_alloc_fail++; 421 ret = EAGAIN; 422 } else { 423 if (p != NULL) 424 p->p_pendingcnt++; 425 ksiginfo_copy(si, ksi); 426 ksi->ksi_signo = signo; 427 if (si->ksi_flags & KSI_HEAD) 428 TAILQ_INSERT_HEAD(&sq->sq_list, ksi, ksi_link); 429 else 430 TAILQ_INSERT_TAIL(&sq->sq_list, ksi, ksi_link); 431 ksi->ksi_sigq = sq; 432 } 433 434 if (ret != 0) { 435 if ((si->ksi_flags & KSI_PTRACE) != 0) { 436 SIGADDSET(sq->sq_ptrace, signo); 437 ret = 0; 438 goto out_set_bit; 439 } else if ((si->ksi_flags & KSI_TRAP) != 0 || 440 (si->ksi_flags & KSI_SIGQ) == 0) { 441 SIGADDSET(sq->sq_kill, signo); 442 ret = 0; 443 goto out_set_bit; 444 } 445 return (ret); 446 } 447 448out_set_bit: 449 SIGADDSET(sq->sq_signals, signo); 450 return (ret); 451} 452 453void 454sigqueue_flush(sigqueue_t *sq) 455{ 456 struct proc *p = sq->sq_proc; 457 ksiginfo_t *ksi; 458 459 KASSERT(sq->sq_flags & SQ_INIT, ("sigqueue not inited")); 460 461 if (p != NULL) 462 PROC_LOCK_ASSERT(p, MA_OWNED); 463 464 while ((ksi = TAILQ_FIRST(&sq->sq_list)) != NULL) { 465 TAILQ_REMOVE(&sq->sq_list, ksi, ksi_link); 466 ksi->ksi_sigq = NULL; 467 if (ksiginfo_tryfree(ksi) && p != NULL) 468 p->p_pendingcnt--; 469 } 470 471 SIGEMPTYSET(sq->sq_signals); 472 SIGEMPTYSET(sq->sq_kill); 473 SIGEMPTYSET(sq->sq_ptrace); 474} 475 476static void 477sigqueue_move_set(sigqueue_t *src, sigqueue_t *dst, const sigset_t *set) 478{ 479 sigset_t tmp; 480 struct proc *p1, *p2; 481 ksiginfo_t *ksi, *next; 482 483 KASSERT(src->sq_flags & SQ_INIT, ("src sigqueue not inited")); 484 KASSERT(dst->sq_flags & SQ_INIT, ("dst sigqueue not inited")); 485 p1 = src->sq_proc; 486 p2 = dst->sq_proc; 487 /* Move siginfo to target list */ 488 TAILQ_FOREACH_SAFE(ksi, &src->sq_list, ksi_link, next) { 489 if (SIGISMEMBER(*set, ksi->ksi_signo)) { 490 TAILQ_REMOVE(&src->sq_list, ksi, ksi_link); 491 if (p1 != NULL) 492 p1->p_pendingcnt--; 493 TAILQ_INSERT_TAIL(&dst->sq_list, ksi, ksi_link); 494 ksi->ksi_sigq = dst; 495 if (p2 != NULL) 496 p2->p_pendingcnt++; 497 } 498 } 499 500 /* Move pending bits to target list */ 501 tmp = src->sq_kill; 502 SIGSETAND(tmp, *set); 503 SIGSETOR(dst->sq_kill, tmp); 504 SIGSETNAND(src->sq_kill, tmp); 505 506 tmp = src->sq_ptrace; 507 SIGSETAND(tmp, *set); 508 SIGSETOR(dst->sq_ptrace, tmp); 509 SIGSETNAND(src->sq_ptrace, tmp); 510 511 tmp = src->sq_signals; 512 SIGSETAND(tmp, *set); 513 SIGSETOR(dst->sq_signals, tmp); 514 SIGSETNAND(src->sq_signals, tmp); 515} 516 517#if 0 518static void 519sigqueue_move(sigqueue_t *src, sigqueue_t *dst, int signo) 520{ 521 sigset_t set; 522 523 SIGEMPTYSET(set); 524 SIGADDSET(set, signo); 525 sigqueue_move_set(src, dst, &set); 526} 527#endif 528 529static void 530sigqueue_delete_set(sigqueue_t *sq, const sigset_t *set) 531{ 532 struct proc *p = sq->sq_proc; 533 ksiginfo_t *ksi, *next; 534 535 KASSERT(sq->sq_flags & SQ_INIT, ("src sigqueue not inited")); 536 537 /* Remove siginfo queue */ 538 TAILQ_FOREACH_SAFE(ksi, &sq->sq_list, ksi_link, next) { 539 if (SIGISMEMBER(*set, ksi->ksi_signo)) { 540 TAILQ_REMOVE(&sq->sq_list, ksi, ksi_link); 541 ksi->ksi_sigq = NULL; 542 if (ksiginfo_tryfree(ksi) && p != NULL) 543 p->p_pendingcnt--; 544 } 545 } 546 SIGSETNAND(sq->sq_kill, *set); 547 SIGSETNAND(sq->sq_ptrace, *set); 548 SIGSETNAND(sq->sq_signals, *set); 549} 550 551void 552sigqueue_delete(sigqueue_t *sq, int signo) 553{ 554 sigset_t set; 555 556 SIGEMPTYSET(set); 557 SIGADDSET(set, signo); 558 sigqueue_delete_set(sq, &set); 559} 560 561/* Remove a set of signals for a process */ 562static void 563sigqueue_delete_set_proc(struct proc *p, const sigset_t *set) 564{ 565 sigqueue_t worklist; 566 struct thread *td0; 567 568 PROC_LOCK_ASSERT(p, MA_OWNED); 569 570 sigqueue_init(&worklist, NULL); 571 sigqueue_move_set(&p->p_sigqueue, &worklist, set); 572 573 FOREACH_THREAD_IN_PROC(p, td0) 574 sigqueue_move_set(&td0->td_sigqueue, &worklist, set); 575 576 sigqueue_flush(&worklist); 577} 578 579void 580sigqueue_delete_proc(struct proc *p, int signo) 581{ 582 sigset_t set; 583 584 SIGEMPTYSET(set); 585 SIGADDSET(set, signo); 586 sigqueue_delete_set_proc(p, &set); 587} 588 589static void 590sigqueue_delete_stopmask_proc(struct proc *p) 591{ 592 sigset_t set; 593 594 SIGEMPTYSET(set); 595 SIGADDSET(set, SIGSTOP); 596 SIGADDSET(set, SIGTSTP); 597 SIGADDSET(set, SIGTTIN); 598 SIGADDSET(set, SIGTTOU); 599 sigqueue_delete_set_proc(p, &set); 600} 601 602/* 603 * Determine signal that should be delivered to thread td, the current 604 * thread, 0 if none. If there is a pending stop signal with default 605 * action, the process stops in issignal(). 606 */ 607int 608cursig(struct thread *td) 609{ 610 PROC_LOCK_ASSERT(td->td_proc, MA_OWNED); 611 mtx_assert(&td->td_proc->p_sigacts->ps_mtx, MA_OWNED); 612 THREAD_LOCK_ASSERT(td, MA_NOTOWNED); 613 return (SIGPENDING(td) ? issignal(td) : 0); 614} 615 616/* 617 * Arrange for ast() to handle unmasked pending signals on return to user 618 * mode. This must be called whenever a signal is added to td_sigqueue or 619 * unmasked in td_sigmask. 620 */ 621void 622signotify(struct thread *td) 623{ 624 625 PROC_LOCK_ASSERT(td->td_proc, MA_OWNED); 626 627 if (SIGPENDING(td)) { 628 thread_lock(td); 629 td->td_flags |= TDF_NEEDSIGCHK | TDF_ASTPENDING; 630 thread_unlock(td); 631 } 632} 633 634/* 635 * Returns 1 (true) if altstack is configured for the thread, and the 636 * passed stack bottom address falls into the altstack range. Handles 637 * the 43 compat special case where the alt stack size is zero. 638 */ 639int 640sigonstack(size_t sp) 641{ 642 struct thread *td; 643 644 td = curthread; 645 if ((td->td_pflags & TDP_ALTSTACK) == 0) 646 return (0); 647#if defined(COMPAT_43) 648 if (SV_PROC_FLAG(td->td_proc, SV_AOUT) && td->td_sigstk.ss_size == 0) 649 return ((td->td_sigstk.ss_flags & SS_ONSTACK) != 0); 650#endif 651 return (sp >= (size_t)td->td_sigstk.ss_sp && 652 sp < td->td_sigstk.ss_size + (size_t)td->td_sigstk.ss_sp); 653} 654 655static __inline int 656sigprop(int sig) 657{ 658 659 if (sig > 0 && sig < nitems(sigproptbl)) 660 return (sigproptbl[sig]); 661 return (0); 662} 663 664int 665sig_ffs(sigset_t *set) 666{ 667 int i; 668 669 for (i = 0; i < _SIG_WORDS; i++) 670 if (set->__bits[i]) 671 return (ffs(set->__bits[i]) + (i * 32)); 672 return (0); 673} 674 675static bool 676sigact_flag_test(const struct sigaction *act, int flag) 677{ 678 679 /* 680 * SA_SIGINFO is reset when signal disposition is set to 681 * ignore or default. Other flags are kept according to user 682 * settings. 683 */ 684 return ((act->sa_flags & flag) != 0 && (flag != SA_SIGINFO || 685 ((__sighandler_t *)act->sa_sigaction != SIG_IGN && 686 (__sighandler_t *)act->sa_sigaction != SIG_DFL))); 687} 688 689/* 690 * kern_sigaction 691 * sigaction 692 * freebsd4_sigaction 693 * osigaction 694 */ 695int 696kern_sigaction(struct thread *td, int sig, const struct sigaction *act, 697 struct sigaction *oact, int flags) 698{ 699 struct sigacts *ps; 700 struct proc *p = td->td_proc; 701 702 if (!_SIG_VALID(sig)) 703 return (EINVAL); 704 if (act != NULL && act->sa_handler != SIG_DFL && 705 act->sa_handler != SIG_IGN && (act->sa_flags & ~(SA_ONSTACK | 706 SA_RESTART | SA_RESETHAND | SA_NOCLDSTOP | SA_NODEFER | 707 SA_NOCLDWAIT | SA_SIGINFO)) != 0) 708 return (EINVAL); 709 710 PROC_LOCK(p); 711 ps = p->p_sigacts; 712 mtx_lock(&ps->ps_mtx); 713 if (oact) { 714 memset(oact, 0, sizeof(*oact)); 715 oact->sa_mask = ps->ps_catchmask[_SIG_IDX(sig)]; 716 if (SIGISMEMBER(ps->ps_sigonstack, sig)) 717 oact->sa_flags |= SA_ONSTACK; 718 if (!SIGISMEMBER(ps->ps_sigintr, sig)) 719 oact->sa_flags |= SA_RESTART; 720 if (SIGISMEMBER(ps->ps_sigreset, sig)) 721 oact->sa_flags |= SA_RESETHAND; 722 if (SIGISMEMBER(ps->ps_signodefer, sig)) 723 oact->sa_flags |= SA_NODEFER; 724 if (SIGISMEMBER(ps->ps_siginfo, sig)) { 725 oact->sa_flags |= SA_SIGINFO; 726 oact->sa_sigaction = 727 (__siginfohandler_t *)ps->ps_sigact[_SIG_IDX(sig)]; 728 } else 729 oact->sa_handler = ps->ps_sigact[_SIG_IDX(sig)]; 730 if (sig == SIGCHLD && ps->ps_flag & PS_NOCLDSTOP) 731 oact->sa_flags |= SA_NOCLDSTOP; 732 if (sig == SIGCHLD && ps->ps_flag & PS_NOCLDWAIT) 733 oact->sa_flags |= SA_NOCLDWAIT; 734 } 735 if (act) { 736 if ((sig == SIGKILL || sig == SIGSTOP) && 737 act->sa_handler != SIG_DFL) { 738 mtx_unlock(&ps->ps_mtx); 739 PROC_UNLOCK(p); 740 return (EINVAL); 741 } 742 743 /* 744 * Change setting atomically. 745 */ 746 747 ps->ps_catchmask[_SIG_IDX(sig)] = act->sa_mask; 748 SIG_CANTMASK(ps->ps_catchmask[_SIG_IDX(sig)]); 749 if (sigact_flag_test(act, SA_SIGINFO)) { 750 ps->ps_sigact[_SIG_IDX(sig)] = 751 (__sighandler_t *)act->sa_sigaction; 752 SIGADDSET(ps->ps_siginfo, sig); 753 } else { 754 ps->ps_sigact[_SIG_IDX(sig)] = act->sa_handler; 755 SIGDELSET(ps->ps_siginfo, sig); 756 } 757 if (!sigact_flag_test(act, SA_RESTART)) 758 SIGADDSET(ps->ps_sigintr, sig); 759 else 760 SIGDELSET(ps->ps_sigintr, sig); 761 if (sigact_flag_test(act, SA_ONSTACK)) 762 SIGADDSET(ps->ps_sigonstack, sig); 763 else 764 SIGDELSET(ps->ps_sigonstack, sig); 765 if (sigact_flag_test(act, SA_RESETHAND)) 766 SIGADDSET(ps->ps_sigreset, sig); 767 else 768 SIGDELSET(ps->ps_sigreset, sig); 769 if (sigact_flag_test(act, SA_NODEFER)) 770 SIGADDSET(ps->ps_signodefer, sig); 771 else 772 SIGDELSET(ps->ps_signodefer, sig); 773 if (sig == SIGCHLD) { 774 if (act->sa_flags & SA_NOCLDSTOP) 775 ps->ps_flag |= PS_NOCLDSTOP; 776 else 777 ps->ps_flag &= ~PS_NOCLDSTOP; 778 if (act->sa_flags & SA_NOCLDWAIT) { 779 /* 780 * Paranoia: since SA_NOCLDWAIT is implemented 781 * by reparenting the dying child to PID 1 (and 782 * trust it to reap the zombie), PID 1 itself 783 * is forbidden to set SA_NOCLDWAIT. 784 */ 785 if (p->p_pid == 1) 786 ps->ps_flag &= ~PS_NOCLDWAIT; 787 else 788 ps->ps_flag |= PS_NOCLDWAIT; 789 } else 790 ps->ps_flag &= ~PS_NOCLDWAIT; 791 if (ps->ps_sigact[_SIG_IDX(SIGCHLD)] == SIG_IGN) 792 ps->ps_flag |= PS_CLDSIGIGN; 793 else 794 ps->ps_flag &= ~PS_CLDSIGIGN; 795 } 796 /* 797 * Set bit in ps_sigignore for signals that are set to SIG_IGN, 798 * and for signals set to SIG_DFL where the default is to 799 * ignore. However, don't put SIGCONT in ps_sigignore, as we 800 * have to restart the process. 801 */ 802 if (ps->ps_sigact[_SIG_IDX(sig)] == SIG_IGN || 803 (sigprop(sig) & SIGPROP_IGNORE && 804 ps->ps_sigact[_SIG_IDX(sig)] == SIG_DFL)) { 805 /* never to be seen again */ 806 sigqueue_delete_proc(p, sig); 807 if (sig != SIGCONT) 808 /* easier in psignal */ 809 SIGADDSET(ps->ps_sigignore, sig); 810 SIGDELSET(ps->ps_sigcatch, sig); 811 } else { 812 SIGDELSET(ps->ps_sigignore, sig); 813 if (ps->ps_sigact[_SIG_IDX(sig)] == SIG_DFL) 814 SIGDELSET(ps->ps_sigcatch, sig); 815 else 816 SIGADDSET(ps->ps_sigcatch, sig); 817 } 818#ifdef COMPAT_FREEBSD4 819 if (ps->ps_sigact[_SIG_IDX(sig)] == SIG_IGN || 820 ps->ps_sigact[_SIG_IDX(sig)] == SIG_DFL || 821 (flags & KSA_FREEBSD4) == 0) 822 SIGDELSET(ps->ps_freebsd4, sig); 823 else 824 SIGADDSET(ps->ps_freebsd4, sig); 825#endif 826#ifdef COMPAT_43 827 if (ps->ps_sigact[_SIG_IDX(sig)] == SIG_IGN || 828 ps->ps_sigact[_SIG_IDX(sig)] == SIG_DFL || 829 (flags & KSA_OSIGSET) == 0) 830 SIGDELSET(ps->ps_osigset, sig); 831 else 832 SIGADDSET(ps->ps_osigset, sig); 833#endif 834 } 835 mtx_unlock(&ps->ps_mtx); 836 PROC_UNLOCK(p); 837 return (0); 838} 839 840#ifndef _SYS_SYSPROTO_H_ 841struct sigaction_args { 842 int sig; 843 struct sigaction *act; 844 struct sigaction *oact; 845}; 846#endif 847int 848sys_sigaction(struct thread *td, struct sigaction_args *uap) 849{ 850 struct sigaction act, oact; 851 struct sigaction *actp, *oactp; 852 int error; 853 854 actp = (uap->act != NULL) ? &act : NULL; 855 oactp = (uap->oact != NULL) ? &oact : NULL; 856 if (actp) { 857 error = copyin(uap->act, actp, sizeof(act)); 858 if (error) 859 return (error); 860 } 861 error = kern_sigaction(td, uap->sig, actp, oactp, 0); 862 if (oactp && !error) 863 error = copyout(oactp, uap->oact, sizeof(oact)); 864 return (error); 865} 866 867#ifdef COMPAT_FREEBSD4 868#ifndef _SYS_SYSPROTO_H_ 869struct freebsd4_sigaction_args { 870 int sig; 871 struct sigaction *act; 872 struct sigaction *oact; 873}; 874#endif 875int 876freebsd4_sigaction(struct thread *td, struct freebsd4_sigaction_args *uap) 877{ 878 struct sigaction act, oact; 879 struct sigaction *actp, *oactp; 880 int error; 881 882 actp = (uap->act != NULL) ? &act : NULL; 883 oactp = (uap->oact != NULL) ? &oact : NULL; 884 if (actp) { 885 error = copyin(uap->act, actp, sizeof(act)); 886 if (error) 887 return (error); 888 } 889 error = kern_sigaction(td, uap->sig, actp, oactp, KSA_FREEBSD4); 890 if (oactp && !error) 891 error = copyout(oactp, uap->oact, sizeof(oact)); 892 return (error); 893} 894#endif /* COMAPT_FREEBSD4 */ 895 896#ifdef COMPAT_43 /* XXX - COMPAT_FBSD3 */ 897#ifndef _SYS_SYSPROTO_H_ 898struct osigaction_args { 899 int signum; 900 struct osigaction *nsa; 901 struct osigaction *osa; 902}; 903#endif 904int 905osigaction(struct thread *td, struct osigaction_args *uap) 906{ 907 struct osigaction sa; 908 struct sigaction nsa, osa; 909 struct sigaction *nsap, *osap; 910 int error; 911 912 if (uap->signum <= 0 || uap->signum >= ONSIG) 913 return (EINVAL); 914 915 nsap = (uap->nsa != NULL) ? &nsa : NULL; 916 osap = (uap->osa != NULL) ? &osa : NULL; 917 918 if (nsap) { 919 error = copyin(uap->nsa, &sa, sizeof(sa)); 920 if (error) 921 return (error); 922 nsap->sa_handler = sa.sa_handler; 923 nsap->sa_flags = sa.sa_flags; 924 OSIG2SIG(sa.sa_mask, nsap->sa_mask); 925 } 926 error = kern_sigaction(td, uap->signum, nsap, osap, KSA_OSIGSET); 927 if (osap && !error) { 928 sa.sa_handler = osap->sa_handler; 929 sa.sa_flags = osap->sa_flags; 930 SIG2OSIG(osap->sa_mask, sa.sa_mask); 931 error = copyout(&sa, uap->osa, sizeof(sa)); 932 } 933 return (error); 934} 935 936#if !defined(__i386__) 937/* Avoid replicating the same stub everywhere */ 938int 939osigreturn(struct thread *td, struct osigreturn_args *uap) 940{ 941 942 return (nosys(td, (struct nosys_args *)uap)); 943} 944#endif 945#endif /* COMPAT_43 */ 946 947/* 948 * Initialize signal state for process 0; 949 * set to ignore signals that are ignored by default. 950 */ 951void 952siginit(struct proc *p) 953{ 954 int i; 955 struct sigacts *ps; 956 957 PROC_LOCK(p); 958 ps = p->p_sigacts; 959 mtx_lock(&ps->ps_mtx); 960 for (i = 1; i <= NSIG; i++) { 961 if (sigprop(i) & SIGPROP_IGNORE && i != SIGCONT) { 962 SIGADDSET(ps->ps_sigignore, i); 963 } 964 } 965 mtx_unlock(&ps->ps_mtx); 966 PROC_UNLOCK(p); 967} 968 969/* 970 * Reset specified signal to the default disposition. 971 */ 972static void 973sigdflt(struct sigacts *ps, int sig) 974{ 975 976 mtx_assert(&ps->ps_mtx, MA_OWNED); 977 SIGDELSET(ps->ps_sigcatch, sig); 978 if ((sigprop(sig) & SIGPROP_IGNORE) != 0 && sig != SIGCONT) 979 SIGADDSET(ps->ps_sigignore, sig); 980 ps->ps_sigact[_SIG_IDX(sig)] = SIG_DFL; 981 SIGDELSET(ps->ps_siginfo, sig); 982} 983 984/* 985 * Reset signals for an exec of the specified process. 986 */ 987void 988execsigs(struct proc *p) 989{ 990 sigset_t osigignore; 991 struct sigacts *ps; 992 int sig; 993 struct thread *td; 994 995 /* 996 * Reset caught signals. Held signals remain held 997 * through td_sigmask (unless they were caught, 998 * and are now ignored by default). 999 */ 1000 PROC_LOCK_ASSERT(p, MA_OWNED); 1001 ps = p->p_sigacts; 1002 mtx_lock(&ps->ps_mtx); 1003 sig_drop_caught(p); 1004 1005 /* 1006 * As CloudABI processes cannot modify signal handlers, fully 1007 * reset all signals to their default behavior. Do ignore 1008 * SIGPIPE, as it would otherwise be impossible to recover from 1009 * writes to broken pipes and sockets. 1010 */ 1011 if (SV_PROC_ABI(p) == SV_ABI_CLOUDABI) { 1012 osigignore = ps->ps_sigignore; 1013 while (SIGNOTEMPTY(osigignore)) { 1014 sig = sig_ffs(&osigignore); 1015 SIGDELSET(osigignore, sig); 1016 if (sig != SIGPIPE) 1017 sigdflt(ps, sig); 1018 } 1019 SIGADDSET(ps->ps_sigignore, SIGPIPE); 1020 } 1021 1022 /* 1023 * Reset stack state to the user stack. 1024 * Clear set of signals caught on the signal stack. 1025 */ 1026 td = curthread; 1027 MPASS(td->td_proc == p); 1028 td->td_sigstk.ss_flags = SS_DISABLE; 1029 td->td_sigstk.ss_size = 0; 1030 td->td_sigstk.ss_sp = 0; 1031 td->td_pflags &= ~TDP_ALTSTACK; 1032 /* 1033 * Reset no zombies if child dies flag as Solaris does. 1034 */ 1035 ps->ps_flag &= ~(PS_NOCLDWAIT | PS_CLDSIGIGN); 1036 if (ps->ps_sigact[_SIG_IDX(SIGCHLD)] == SIG_IGN) 1037 ps->ps_sigact[_SIG_IDX(SIGCHLD)] = SIG_DFL; 1038 mtx_unlock(&ps->ps_mtx); 1039} 1040 1041/* 1042 * kern_sigprocmask() 1043 * 1044 * Manipulate signal mask. 1045 */ 1046int 1047kern_sigprocmask(struct thread *td, int how, sigset_t *set, sigset_t *oset, 1048 int flags) 1049{ 1050 sigset_t new_block, oset1; 1051 struct proc *p; 1052 int error; 1053 1054 p = td->td_proc; 1055 if ((flags & SIGPROCMASK_PROC_LOCKED) != 0) 1056 PROC_LOCK_ASSERT(p, MA_OWNED); 1057 else 1058 PROC_LOCK(p); 1059 mtx_assert(&p->p_sigacts->ps_mtx, (flags & SIGPROCMASK_PS_LOCKED) != 0 1060 ? MA_OWNED : MA_NOTOWNED); 1061 if (oset != NULL) 1062 *oset = td->td_sigmask; 1063 1064 error = 0; 1065 if (set != NULL) { 1066 switch (how) { 1067 case SIG_BLOCK: 1068 SIG_CANTMASK(*set); 1069 oset1 = td->td_sigmask; 1070 SIGSETOR(td->td_sigmask, *set); 1071 new_block = td->td_sigmask; 1072 SIGSETNAND(new_block, oset1); 1073 break; 1074 case SIG_UNBLOCK: 1075 SIGSETNAND(td->td_sigmask, *set); 1076 signotify(td); 1077 goto out; 1078 case SIG_SETMASK: 1079 SIG_CANTMASK(*set); 1080 oset1 = td->td_sigmask; 1081 if (flags & SIGPROCMASK_OLD) 1082 SIGSETLO(td->td_sigmask, *set); 1083 else 1084 td->td_sigmask = *set; 1085 new_block = td->td_sigmask; 1086 SIGSETNAND(new_block, oset1); 1087 signotify(td); 1088 break; 1089 default: 1090 error = EINVAL; 1091 goto out; 1092 } 1093 1094 /* 1095 * The new_block set contains signals that were not previously 1096 * blocked, but are blocked now. 1097 * 1098 * In case we block any signal that was not previously blocked 1099 * for td, and process has the signal pending, try to schedule 1100 * signal delivery to some thread that does not block the 1101 * signal, possibly waking it up. 1102 */ 1103 if (p->p_numthreads != 1) 1104 reschedule_signals(p, new_block, flags); 1105 } 1106 1107out: 1108 if (!(flags & SIGPROCMASK_PROC_LOCKED)) 1109 PROC_UNLOCK(p); 1110 return (error); 1111} 1112 1113#ifndef _SYS_SYSPROTO_H_ 1114struct sigprocmask_args { 1115 int how; 1116 const sigset_t *set; 1117 sigset_t *oset; 1118}; 1119#endif 1120int 1121sys_sigprocmask(struct thread *td, struct sigprocmask_args *uap) 1122{ 1123 sigset_t set, oset; 1124 sigset_t *setp, *osetp; 1125 int error; 1126 1127 setp = (uap->set != NULL) ? &set : NULL; 1128 osetp = (uap->oset != NULL) ? &oset : NULL; 1129 if (setp) { 1130 error = copyin(uap->set, setp, sizeof(set)); 1131 if (error) 1132 return (error); 1133 } 1134 error = kern_sigprocmask(td, uap->how, setp, osetp, 0); 1135 if (osetp && !error) { 1136 error = copyout(osetp, uap->oset, sizeof(oset)); 1137 } 1138 return (error); 1139} 1140 1141#ifdef COMPAT_43 /* XXX - COMPAT_FBSD3 */ 1142#ifndef _SYS_SYSPROTO_H_ 1143struct osigprocmask_args { 1144 int how; 1145 osigset_t mask; 1146}; 1147#endif 1148int 1149osigprocmask(struct thread *td, struct osigprocmask_args *uap) 1150{ 1151 sigset_t set, oset; 1152 int error; 1153 1154 OSIG2SIG(uap->mask, set); 1155 error = kern_sigprocmask(td, uap->how, &set, &oset, 1); 1156 SIG2OSIG(oset, td->td_retval[0]); 1157 return (error); 1158} 1159#endif /* COMPAT_43 */ 1160 1161int 1162sys_sigwait(struct thread *td, struct sigwait_args *uap) 1163{ 1164 ksiginfo_t ksi; 1165 sigset_t set; 1166 int error; 1167 1168 error = copyin(uap->set, &set, sizeof(set)); 1169 if (error) { 1170 td->td_retval[0] = error; 1171 return (0); 1172 } 1173 1174 error = kern_sigtimedwait(td, set, &ksi, NULL); 1175 if (error) { 1176 /* 1177 * sigwait() function shall not return EINTR, but 1178 * the syscall does. Non-ancient libc provides the 1179 * wrapper which hides EINTR. Otherwise, EINTR return 1180 * is used by libthr to handle required cancellation 1181 * point in the sigwait(). 1182 */ 1183 if (error == EINTR && td->td_proc->p_osrel < P_OSREL_SIGWAIT) 1184 return (ERESTART); 1185 td->td_retval[0] = error; 1186 return (0); 1187 } 1188 1189 error = copyout(&ksi.ksi_signo, uap->sig, sizeof(ksi.ksi_signo)); 1190 td->td_retval[0] = error; 1191 return (0); 1192} 1193 1194int 1195sys_sigtimedwait(struct thread *td, struct sigtimedwait_args *uap) 1196{ 1197 struct timespec ts; 1198 struct timespec *timeout; 1199 sigset_t set; 1200 ksiginfo_t ksi; 1201 int error; 1202 1203 if (uap->timeout) { 1204 error = copyin(uap->timeout, &ts, sizeof(ts)); 1205 if (error) 1206 return (error); 1207 1208 timeout = &ts; 1209 } else 1210 timeout = NULL; 1211 1212 error = copyin(uap->set, &set, sizeof(set)); 1213 if (error) 1214 return (error); 1215 1216 error = kern_sigtimedwait(td, set, &ksi, timeout); 1217 if (error) 1218 return (error); 1219 1220 if (uap->info) 1221 error = copyout(&ksi.ksi_info, uap->info, sizeof(siginfo_t)); 1222 1223 if (error == 0) 1224 td->td_retval[0] = ksi.ksi_signo; 1225 return (error); 1226} 1227 1228int 1229sys_sigwaitinfo(struct thread *td, struct sigwaitinfo_args *uap) 1230{ 1231 ksiginfo_t ksi; 1232 sigset_t set; 1233 int error; 1234 1235 error = copyin(uap->set, &set, sizeof(set)); 1236 if (error) 1237 return (error); 1238 1239 error = kern_sigtimedwait(td, set, &ksi, NULL); 1240 if (error) 1241 return (error); 1242 1243 if (uap->info) 1244 error = copyout(&ksi.ksi_info, uap->info, sizeof(siginfo_t)); 1245 1246 if (error == 0) 1247 td->td_retval[0] = ksi.ksi_signo; 1248 return (error); 1249} 1250 1251static void 1252proc_td_siginfo_capture(struct thread *td, siginfo_t *si) 1253{ 1254 struct thread *thr; 1255 1256 FOREACH_THREAD_IN_PROC(td->td_proc, thr) { 1257 if (thr == td) 1258 thr->td_si = *si; 1259 else 1260 thr->td_si.si_signo = 0; 1261 } 1262} 1263 1264int 1265kern_sigtimedwait(struct thread *td, sigset_t waitset, ksiginfo_t *ksi, 1266 struct timespec *timeout) 1267{ 1268 struct sigacts *ps; 1269 sigset_t saved_mask, new_block; 1270 struct proc *p; 1271 int error, sig, timo, timevalid = 0; 1272 struct timespec rts, ets, ts; 1273 struct timeval tv; 1274 bool traced; 1275 1276 p = td->td_proc; 1277 error = 0; 1278 ets.tv_sec = 0; 1279 ets.tv_nsec = 0; 1280 traced = false; 1281 1282 /* Ensure the sigfastblock value is up to date. */ 1283 sigfastblock_fetch(td); 1284 1285 if (timeout != NULL) { 1286 if (timeout->tv_nsec >= 0 && timeout->tv_nsec < 1000000000) { 1287 timevalid = 1; 1288 getnanouptime(&rts); 1289 timespecadd(&rts, timeout, &ets); 1290 } 1291 } 1292 ksiginfo_init(ksi); 1293 /* Some signals can not be waited for. */ 1294 SIG_CANTMASK(waitset); 1295 ps = p->p_sigacts; 1296 PROC_LOCK(p); 1297 saved_mask = td->td_sigmask; 1298 SIGSETNAND(td->td_sigmask, waitset); 1299 if ((p->p_sysent->sv_flags & SV_SIG_DISCIGN) != 0 || 1300 !kern_sig_discard_ign) 1301 td->td_pflags2 |= TDP2_SIGWAIT; 1302 for (;;) { 1303 mtx_lock(&ps->ps_mtx); 1304 sig = cursig(td); 1305 mtx_unlock(&ps->ps_mtx); 1306 KASSERT(sig >= 0, ("sig %d", sig)); 1307 if (sig != 0 && SIGISMEMBER(waitset, sig)) { 1308 if (sigqueue_get(&td->td_sigqueue, sig, ksi) != 0 || 1309 sigqueue_get(&p->p_sigqueue, sig, ksi) != 0) { 1310 error = 0; 1311 break; 1312 } 1313 } 1314 1315 if (error != 0) 1316 break; 1317 1318 /* 1319 * POSIX says this must be checked after looking for pending 1320 * signals. 1321 */ 1322 if (timeout != NULL) { 1323 if (!timevalid) { 1324 error = EINVAL; 1325 break; 1326 } 1327 getnanouptime(&rts); 1328 if (timespeccmp(&rts, &ets, >=)) { 1329 error = EAGAIN; 1330 break; 1331 } 1332 timespecsub(&ets, &rts, &ts); 1333 TIMESPEC_TO_TIMEVAL(&tv, &ts); 1334 timo = tvtohz(&tv); 1335 } else { 1336 timo = 0; 1337 } 1338 1339 if (traced) { 1340 error = EINTR; 1341 break; 1342 } 1343 1344 error = msleep(ps, &p->p_mtx, PPAUSE|PCATCH, "sigwait", timo); 1345 1346 /* The syscalls can not be restarted. */ 1347 if (error == ERESTART) 1348 error = EINTR; 1349 1350 /* We will calculate timeout by ourself. */ 1351 if (timeout != NULL && error == EAGAIN) 1352 error = 0; 1353 1354 /* 1355 * If PTRACE_SCE or PTRACE_SCX were set after 1356 * userspace entered the syscall, return spurious 1357 * EINTR after wait was done. Only do this as last 1358 * resort after rechecking for possible queued signals 1359 * and expired timeouts. 1360 */ 1361 if (error == 0 && (p->p_ptevents & PTRACE_SYSCALL) != 0) 1362 traced = true; 1363 } 1364 td->td_pflags2 &= ~TDP2_SIGWAIT; 1365 1366 new_block = saved_mask; 1367 SIGSETNAND(new_block, td->td_sigmask); 1368 td->td_sigmask = saved_mask; 1369 /* 1370 * Fewer signals can be delivered to us, reschedule signal 1371 * notification. 1372 */ 1373 if (p->p_numthreads != 1) 1374 reschedule_signals(p, new_block, 0); 1375 1376 if (error == 0) { 1377 SDT_PROBE2(proc, , , signal__clear, sig, ksi); 1378 1379 if (ksi->ksi_code == SI_TIMER) 1380 itimer_accept(p, ksi->ksi_timerid, ksi); 1381 1382#ifdef KTRACE 1383 if (KTRPOINT(td, KTR_PSIG)) { 1384 sig_t action; 1385 1386 mtx_lock(&ps->ps_mtx); 1387 action = ps->ps_sigact[_SIG_IDX(sig)]; 1388 mtx_unlock(&ps->ps_mtx); 1389 ktrpsig(sig, action, &td->td_sigmask, ksi->ksi_code); 1390 } 1391#endif 1392 if (sig == SIGKILL) { 1393 proc_td_siginfo_capture(td, &ksi->ksi_info); 1394 sigexit(td, sig); 1395 } 1396 } 1397 PROC_UNLOCK(p); 1398 return (error); 1399} 1400 1401#ifndef _SYS_SYSPROTO_H_ 1402struct sigpending_args { 1403 sigset_t *set; 1404}; 1405#endif 1406int 1407sys_sigpending(struct thread *td, struct sigpending_args *uap) 1408{ 1409 struct proc *p = td->td_proc; 1410 sigset_t pending; 1411 1412 PROC_LOCK(p); 1413 pending = p->p_sigqueue.sq_signals; 1414 SIGSETOR(pending, td->td_sigqueue.sq_signals); 1415 PROC_UNLOCK(p); 1416 return (copyout(&pending, uap->set, sizeof(sigset_t))); 1417} 1418 1419#ifdef COMPAT_43 /* XXX - COMPAT_FBSD3 */ 1420#ifndef _SYS_SYSPROTO_H_ 1421struct osigpending_args { 1422 int dummy; 1423}; 1424#endif 1425int 1426osigpending(struct thread *td, struct osigpending_args *uap) 1427{ 1428 struct proc *p = td->td_proc; 1429 sigset_t pending; 1430 1431 PROC_LOCK(p); 1432 pending = p->p_sigqueue.sq_signals; 1433 SIGSETOR(pending, td->td_sigqueue.sq_signals); 1434 PROC_UNLOCK(p); 1435 SIG2OSIG(pending, td->td_retval[0]); 1436 return (0); 1437} 1438#endif /* COMPAT_43 */ 1439 1440#if defined(COMPAT_43) 1441/* 1442 * Generalized interface signal handler, 4.3-compatible. 1443 */ 1444#ifndef _SYS_SYSPROTO_H_ 1445struct osigvec_args { 1446 int signum; 1447 struct sigvec *nsv; 1448 struct sigvec *osv; 1449}; 1450#endif 1451/* ARGSUSED */ 1452int 1453osigvec(struct thread *td, struct osigvec_args *uap) 1454{ 1455 struct sigvec vec; 1456 struct sigaction nsa, osa; 1457 struct sigaction *nsap, *osap; 1458 int error; 1459 1460 if (uap->signum <= 0 || uap->signum >= ONSIG) 1461 return (EINVAL); 1462 nsap = (uap->nsv != NULL) ? &nsa : NULL; 1463 osap = (uap->osv != NULL) ? &osa : NULL; 1464 if (nsap) { 1465 error = copyin(uap->nsv, &vec, sizeof(vec)); 1466 if (error) 1467 return (error); 1468 nsap->sa_handler = vec.sv_handler; 1469 OSIG2SIG(vec.sv_mask, nsap->sa_mask); 1470 nsap->sa_flags = vec.sv_flags; 1471 nsap->sa_flags ^= SA_RESTART; /* opposite of SV_INTERRUPT */ 1472 } 1473 error = kern_sigaction(td, uap->signum, nsap, osap, KSA_OSIGSET); 1474 if (osap && !error) { 1475 vec.sv_handler = osap->sa_handler; 1476 SIG2OSIG(osap->sa_mask, vec.sv_mask); 1477 vec.sv_flags = osap->sa_flags; 1478 vec.sv_flags &= ~SA_NOCLDWAIT; 1479 vec.sv_flags ^= SA_RESTART; 1480 error = copyout(&vec, uap->osv, sizeof(vec)); 1481 } 1482 return (error); 1483} 1484 1485#ifndef _SYS_SYSPROTO_H_ 1486struct osigblock_args { 1487 int mask; 1488}; 1489#endif 1490int 1491osigblock(struct thread *td, struct osigblock_args *uap) 1492{ 1493 sigset_t set, oset; 1494 1495 OSIG2SIG(uap->mask, set); 1496 kern_sigprocmask(td, SIG_BLOCK, &set, &oset, 0); 1497 SIG2OSIG(oset, td->td_retval[0]); 1498 return (0); 1499} 1500 1501#ifndef _SYS_SYSPROTO_H_ 1502struct osigsetmask_args { 1503 int mask; 1504}; 1505#endif 1506int 1507osigsetmask(struct thread *td, struct osigsetmask_args *uap) 1508{ 1509 sigset_t set, oset; 1510 1511 OSIG2SIG(uap->mask, set); 1512 kern_sigprocmask(td, SIG_SETMASK, &set, &oset, 0); 1513 SIG2OSIG(oset, td->td_retval[0]); 1514 return (0); 1515} 1516#endif /* COMPAT_43 */ 1517 1518/* 1519 * Suspend calling thread until signal, providing mask to be set in the 1520 * meantime. 1521 */ 1522#ifndef _SYS_SYSPROTO_H_ 1523struct sigsuspend_args { 1524 const sigset_t *sigmask; 1525}; 1526#endif 1527/* ARGSUSED */ 1528int 1529sys_sigsuspend(struct thread *td, struct sigsuspend_args *uap) 1530{ 1531 sigset_t mask; 1532 int error; 1533 1534 error = copyin(uap->sigmask, &mask, sizeof(mask)); 1535 if (error) 1536 return (error); 1537 return (kern_sigsuspend(td, mask)); 1538} 1539 1540int 1541kern_sigsuspend(struct thread *td, sigset_t mask) 1542{ 1543 struct proc *p = td->td_proc; 1544 int has_sig, sig; 1545 1546 /* Ensure the sigfastblock value is up to date. */ 1547 sigfastblock_fetch(td); 1548 1549 /* 1550 * When returning from sigsuspend, we want 1551 * the old mask to be restored after the 1552 * signal handler has finished. Thus, we 1553 * save it here and mark the sigacts structure 1554 * to indicate this. 1555 */ 1556 PROC_LOCK(p); 1557 kern_sigprocmask(td, SIG_SETMASK, &mask, &td->td_oldsigmask, 1558 SIGPROCMASK_PROC_LOCKED); 1559 td->td_pflags |= TDP_OLDMASK; 1560 1561 /* 1562 * Process signals now. Otherwise, we can get spurious wakeup 1563 * due to signal entered process queue, but delivered to other 1564 * thread. But sigsuspend should return only on signal 1565 * delivery. 1566 */ 1567 (p->p_sysent->sv_set_syscall_retval)(td, EINTR); 1568 for (has_sig = 0; !has_sig;) { 1569 while (msleep(&p->p_sigacts, &p->p_mtx, PPAUSE|PCATCH, "pause", 1570 0) == 0) 1571 /* void */; 1572 thread_suspend_check(0); 1573 mtx_lock(&p->p_sigacts->ps_mtx); 1574 while ((sig = cursig(td)) != 0) { 1575 KASSERT(sig >= 0, ("sig %d", sig)); 1576 has_sig += postsig(sig); 1577 } 1578 mtx_unlock(&p->p_sigacts->ps_mtx); 1579 1580 /* 1581 * If PTRACE_SCE or PTRACE_SCX were set after 1582 * userspace entered the syscall, return spurious 1583 * EINTR. 1584 */ 1585 if ((p->p_ptevents & PTRACE_SYSCALL) != 0) 1586 has_sig += 1; 1587 } 1588 PROC_UNLOCK(p); 1589 td->td_errno = EINTR; 1590 td->td_pflags |= TDP_NERRNO; 1591 return (EJUSTRETURN); 1592} 1593 1594#ifdef COMPAT_43 /* XXX - COMPAT_FBSD3 */ 1595/* 1596 * Compatibility sigsuspend call for old binaries. Note nonstandard calling 1597 * convention: libc stub passes mask, not pointer, to save a copyin. 1598 */ 1599#ifndef _SYS_SYSPROTO_H_ 1600struct osigsuspend_args { 1601 osigset_t mask; 1602}; 1603#endif 1604/* ARGSUSED */ 1605int 1606osigsuspend(struct thread *td, struct osigsuspend_args *uap) 1607{ 1608 sigset_t mask; 1609 1610 OSIG2SIG(uap->mask, mask); 1611 return (kern_sigsuspend(td, mask)); 1612} 1613#endif /* COMPAT_43 */ 1614 1615#if defined(COMPAT_43) 1616#ifndef _SYS_SYSPROTO_H_ 1617struct osigstack_args { 1618 struct sigstack *nss; 1619 struct sigstack *oss; 1620}; 1621#endif 1622/* ARGSUSED */ 1623int 1624osigstack(struct thread *td, struct osigstack_args *uap) 1625{ 1626 struct sigstack nss, oss; 1627 int error = 0; 1628 1629 if (uap->nss != NULL) { 1630 error = copyin(uap->nss, &nss, sizeof(nss)); 1631 if (error) 1632 return (error); 1633 } 1634 oss.ss_sp = td->td_sigstk.ss_sp; 1635 oss.ss_onstack = sigonstack(cpu_getstack(td)); 1636 if (uap->nss != NULL) { 1637 td->td_sigstk.ss_sp = nss.ss_sp; 1638 td->td_sigstk.ss_size = 0; 1639 td->td_sigstk.ss_flags |= nss.ss_onstack & SS_ONSTACK; 1640 td->td_pflags |= TDP_ALTSTACK; 1641 } 1642 if (uap->oss != NULL) 1643 error = copyout(&oss, uap->oss, sizeof(oss)); 1644 1645 return (error); 1646} 1647#endif /* COMPAT_43 */ 1648 1649#ifndef _SYS_SYSPROTO_H_ 1650struct sigaltstack_args { 1651 stack_t *ss; 1652 stack_t *oss; 1653}; 1654#endif 1655/* ARGSUSED */ 1656int 1657sys_sigaltstack(struct thread *td, struct sigaltstack_args *uap) 1658{ 1659 stack_t ss, oss; 1660 int error; 1661 1662 if (uap->ss != NULL) { 1663 error = copyin(uap->ss, &ss, sizeof(ss)); 1664 if (error) 1665 return (error); 1666 } 1667 error = kern_sigaltstack(td, (uap->ss != NULL) ? &ss : NULL, 1668 (uap->oss != NULL) ? &oss : NULL); 1669 if (error) 1670 return (error); 1671 if (uap->oss != NULL) 1672 error = copyout(&oss, uap->oss, sizeof(stack_t)); 1673 return (error); 1674} 1675 1676int 1677kern_sigaltstack(struct thread *td, stack_t *ss, stack_t *oss) 1678{ 1679 struct proc *p = td->td_proc; 1680 int oonstack; 1681 1682 oonstack = sigonstack(cpu_getstack(td)); 1683 1684 if (oss != NULL) { 1685 *oss = td->td_sigstk; 1686 oss->ss_flags = (td->td_pflags & TDP_ALTSTACK) 1687 ? ((oonstack) ? SS_ONSTACK : 0) : SS_DISABLE; 1688 } 1689 1690 if (ss != NULL) { 1691 if (oonstack) 1692 return (EPERM); 1693 if ((ss->ss_flags & ~SS_DISABLE) != 0) 1694 return (EINVAL); 1695 if (!(ss->ss_flags & SS_DISABLE)) { 1696 if (ss->ss_size < p->p_sysent->sv_minsigstksz) 1697 return (ENOMEM); 1698 1699 td->td_sigstk = *ss; 1700 td->td_pflags |= TDP_ALTSTACK; 1701 } else { 1702 td->td_pflags &= ~TDP_ALTSTACK; 1703 } 1704 } 1705 return (0); 1706} 1707 1708struct killpg1_ctx { 1709 struct thread *td; 1710 ksiginfo_t *ksi; 1711 int sig; 1712 bool sent; 1713 bool found; 1714 int ret; 1715}; 1716 1717static void 1718killpg1_sendsig(struct proc *p, bool notself, struct killpg1_ctx *arg) 1719{ 1720 int err; 1721 1722 if (p->p_pid <= 1 || (p->p_flag & P_SYSTEM) != 0 || 1723 (notself && p == arg->td->td_proc) || p->p_state == PRS_NEW) 1724 return; 1725 PROC_LOCK(p); 1726 err = p_cansignal(arg->td, p, arg->sig); 1727 if (err == 0 && arg->sig != 0) 1728 pksignal(p, arg->sig, arg->ksi); 1729 PROC_UNLOCK(p); 1730 if (err != ESRCH) 1731 arg->found = true; 1732 if (err == 0) 1733 arg->sent = true; 1734 else if (arg->ret == 0 && err != ESRCH && err != EPERM) 1735 arg->ret = err; 1736} 1737 1738/* 1739 * Common code for kill process group/broadcast kill. 1740 * cp is calling process. 1741 */ 1742static int 1743killpg1(struct thread *td, int sig, int pgid, int all, ksiginfo_t *ksi) 1744{ 1745 struct proc *p; 1746 struct pgrp *pgrp; 1747 struct killpg1_ctx arg; 1748 1749 arg.td = td; 1750 arg.ksi = ksi; 1751 arg.sig = sig; 1752 arg.sent = false; 1753 arg.found = false; 1754 arg.ret = 0; 1755 if (all) { 1756 /* 1757 * broadcast 1758 */ 1759 sx_slock(&allproc_lock); 1760 FOREACH_PROC_IN_SYSTEM(p) { 1761 killpg1_sendsig(p, true, &arg); 1762 } 1763 sx_sunlock(&allproc_lock); 1764 } else { 1765 sx_slock(&proctree_lock); 1766 if (pgid == 0) { 1767 /* 1768 * zero pgid means send to my process group. 1769 */ 1770 pgrp = td->td_proc->p_pgrp; 1771 PGRP_LOCK(pgrp); 1772 } else { 1773 pgrp = pgfind(pgid); 1774 if (pgrp == NULL) { 1775 sx_sunlock(&proctree_lock); 1776 return (ESRCH); 1777 } 1778 } 1779 sx_sunlock(&proctree_lock); 1780 LIST_FOREACH(p, &pgrp->pg_members, p_pglist) { 1781 killpg1_sendsig(p, false, &arg); 1782 } 1783 PGRP_UNLOCK(pgrp); 1784 } 1785 MPASS(arg.ret != 0 || arg.found || !arg.sent); 1786 if (arg.ret == 0 && !arg.sent) 1787 arg.ret = arg.found ? EPERM : ESRCH; 1788 return (arg.ret); 1789} 1790 1791#ifndef _SYS_SYSPROTO_H_ 1792struct kill_args { 1793 int pid; 1794 int signum; 1795}; 1796#endif 1797/* ARGSUSED */ 1798int 1799sys_kill(struct thread *td, struct kill_args *uap) 1800{ 1801 1802 return (kern_kill(td, uap->pid, uap->signum)); 1803} 1804 1805int 1806kern_kill(struct thread *td, pid_t pid, int signum) 1807{ 1808 ksiginfo_t ksi; 1809 struct proc *p; 1810 int error; 1811 1812 /* 1813 * A process in capability mode can send signals only to himself. 1814 * The main rationale behind this is that abort(3) is implemented as 1815 * kill(getpid(), SIGABRT). 1816 */ 1817 if (IN_CAPABILITY_MODE(td) && pid != td->td_proc->p_pid) 1818 return (ECAPMODE); 1819 1820 AUDIT_ARG_SIGNUM(signum); 1821 AUDIT_ARG_PID(pid); 1822 if ((u_int)signum > _SIG_MAXSIG) 1823 return (EINVAL); 1824 1825 ksiginfo_init(&ksi); 1826 ksi.ksi_signo = signum; 1827 ksi.ksi_code = SI_USER; 1828 ksi.ksi_pid = td->td_proc->p_pid; 1829 ksi.ksi_uid = td->td_ucred->cr_ruid; 1830 1831 if (pid > 0) { 1832 /* kill single process */ 1833 if ((p = pfind_any(pid)) == NULL) 1834 return (ESRCH); 1835 AUDIT_ARG_PROCESS(p); 1836 error = p_cansignal(td, p, signum); 1837 if (error == 0 && signum) 1838 pksignal(p, signum, &ksi); 1839 PROC_UNLOCK(p); 1840 return (error); 1841 } 1842 switch (pid) { 1843 case -1: /* broadcast signal */ 1844 return (killpg1(td, signum, 0, 1, &ksi)); 1845 case 0: /* signal own process group */ 1846 return (killpg1(td, signum, 0, 0, &ksi)); 1847 default: /* negative explicit process group */ 1848 return (killpg1(td, signum, -pid, 0, &ksi)); 1849 } 1850 /* NOTREACHED */ 1851} 1852 1853int 1854sys_pdkill(struct thread *td, struct pdkill_args *uap) 1855{ 1856 struct proc *p; 1857 int error; 1858 1859 AUDIT_ARG_SIGNUM(uap->signum); 1860 AUDIT_ARG_FD(uap->fd); 1861 if ((u_int)uap->signum > _SIG_MAXSIG) 1862 return (EINVAL); 1863 1864 error = procdesc_find(td, uap->fd, &cap_pdkill_rights, &p); 1865 if (error) 1866 return (error); 1867 AUDIT_ARG_PROCESS(p); 1868 error = p_cansignal(td, p, uap->signum); 1869 if (error == 0 && uap->signum) 1870 kern_psignal(p, uap->signum); 1871 PROC_UNLOCK(p); 1872 return (error); 1873} 1874 1875#if defined(COMPAT_43) 1876#ifndef _SYS_SYSPROTO_H_ 1877struct okillpg_args { 1878 int pgid; 1879 int signum; 1880}; 1881#endif 1882/* ARGSUSED */ 1883int 1884okillpg(struct thread *td, struct okillpg_args *uap) 1885{ 1886 ksiginfo_t ksi; 1887 1888 AUDIT_ARG_SIGNUM(uap->signum); 1889 AUDIT_ARG_PID(uap->pgid); 1890 if ((u_int)uap->signum > _SIG_MAXSIG) 1891 return (EINVAL); 1892 1893 ksiginfo_init(&ksi); 1894 ksi.ksi_signo = uap->signum; 1895 ksi.ksi_code = SI_USER; 1896 ksi.ksi_pid = td->td_proc->p_pid; 1897 ksi.ksi_uid = td->td_ucred->cr_ruid; 1898 return (killpg1(td, uap->signum, uap->pgid, 0, &ksi)); 1899} 1900#endif /* COMPAT_43 */ 1901 1902#ifndef _SYS_SYSPROTO_H_ 1903struct sigqueue_args { 1904 pid_t pid; 1905 int signum; 1906 /* union sigval */ void *value; 1907}; 1908#endif 1909int 1910sys_sigqueue(struct thread *td, struct sigqueue_args *uap) 1911{ 1912 union sigval sv; 1913 1914 sv.sival_ptr = uap->value; 1915 1916 return (kern_sigqueue(td, uap->pid, uap->signum, &sv)); 1917} 1918 1919int 1920kern_sigqueue(struct thread *td, pid_t pid, int signum, union sigval *value) 1921{ 1922 ksiginfo_t ksi; 1923 struct proc *p; 1924 int error; 1925 1926 if ((u_int)signum > _SIG_MAXSIG) 1927 return (EINVAL); 1928 1929 /* 1930 * Specification says sigqueue can only send signal to 1931 * single process. 1932 */ 1933 if (pid <= 0) 1934 return (EINVAL); 1935 1936 if ((p = pfind_any(pid)) == NULL) 1937 return (ESRCH); 1938 error = p_cansignal(td, p, signum); 1939 if (error == 0 && signum != 0) { 1940 ksiginfo_init(&ksi); 1941 ksi.ksi_flags = KSI_SIGQ; 1942 ksi.ksi_signo = signum; 1943 ksi.ksi_code = SI_QUEUE; 1944 ksi.ksi_pid = td->td_proc->p_pid; 1945 ksi.ksi_uid = td->td_ucred->cr_ruid; 1946 ksi.ksi_value = *value; 1947 error = pksignal(p, ksi.ksi_signo, &ksi); 1948 } 1949 PROC_UNLOCK(p); 1950 return (error); 1951} 1952 1953/* 1954 * Send a signal to a process group. 1955 */ 1956void 1957gsignal(int pgid, int sig, ksiginfo_t *ksi) 1958{ 1959 struct pgrp *pgrp; 1960 1961 if (pgid != 0) { 1962 sx_slock(&proctree_lock); 1963 pgrp = pgfind(pgid); 1964 sx_sunlock(&proctree_lock); 1965 if (pgrp != NULL) { 1966 pgsignal(pgrp, sig, 0, ksi); 1967 PGRP_UNLOCK(pgrp); 1968 } 1969 } 1970} 1971 1972/* 1973 * Send a signal to a process group. If checktty is 1, 1974 * limit to members which have a controlling terminal. 1975 */ 1976void 1977pgsignal(struct pgrp *pgrp, int sig, int checkctty, ksiginfo_t *ksi) 1978{ 1979 struct proc *p; 1980 1981 if (pgrp) { 1982 PGRP_LOCK_ASSERT(pgrp, MA_OWNED); 1983 LIST_FOREACH(p, &pgrp->pg_members, p_pglist) { 1984 PROC_LOCK(p); 1985 if (p->p_state == PRS_NORMAL && 1986 (checkctty == 0 || p->p_flag & P_CONTROLT)) 1987 pksignal(p, sig, ksi); 1988 PROC_UNLOCK(p); 1989 } 1990 } 1991} 1992 1993/* 1994 * Recalculate the signal mask and reset the signal disposition after 1995 * usermode frame for delivery is formed. Should be called after 1996 * mach-specific routine, because sysent->sv_sendsig() needs correct 1997 * ps_siginfo and signal mask. 1998 */ 1999static void 2000postsig_done(int sig, struct thread *td, struct sigacts *ps) 2001{ 2002 sigset_t mask; 2003 2004 mtx_assert(&ps->ps_mtx, MA_OWNED); 2005 td->td_ru.ru_nsignals++; 2006 mask = ps->ps_catchmask[_SIG_IDX(sig)]; 2007 if (!SIGISMEMBER(ps->ps_signodefer, sig)) 2008 SIGADDSET(mask, sig); 2009 kern_sigprocmask(td, SIG_BLOCK, &mask, NULL, 2010 SIGPROCMASK_PROC_LOCKED | SIGPROCMASK_PS_LOCKED); 2011 if (SIGISMEMBER(ps->ps_sigreset, sig)) 2012 sigdflt(ps, sig); 2013} 2014 2015/* 2016 * Send a signal caused by a trap to the current thread. If it will be 2017 * caught immediately, deliver it with correct code. Otherwise, post it 2018 * normally. 2019 */ 2020void 2021trapsignal(struct thread *td, ksiginfo_t *ksi) 2022{ 2023 struct sigacts *ps; 2024 struct proc *p; 2025 sigset_t sigmask; 2026 int code, sig; 2027 2028 p = td->td_proc; 2029 sig = ksi->ksi_signo; 2030 code = ksi->ksi_code; 2031 KASSERT(_SIG_VALID(sig), ("invalid signal")); 2032 2033 sigfastblock_fetch(td); 2034 PROC_LOCK(p); 2035 ps = p->p_sigacts; 2036 mtx_lock(&ps->ps_mtx); 2037 sigmask = td->td_sigmask; 2038 if (td->td_sigblock_val != 0) 2039 SIGSETOR(sigmask, fastblock_mask); 2040 if ((p->p_flag & P_TRACED) == 0 && SIGISMEMBER(ps->ps_sigcatch, sig) && 2041 !SIGISMEMBER(sigmask, sig)) { 2042#ifdef KTRACE 2043 if (KTRPOINT(curthread, KTR_PSIG)) 2044 ktrpsig(sig, ps->ps_sigact[_SIG_IDX(sig)], 2045 &td->td_sigmask, code); 2046#endif 2047 (*p->p_sysent->sv_sendsig)(ps->ps_sigact[_SIG_IDX(sig)], 2048 ksi, &td->td_sigmask); 2049 postsig_done(sig, td, ps); 2050 mtx_unlock(&ps->ps_mtx); 2051 } else { 2052 /* 2053 * Avoid a possible infinite loop if the thread 2054 * masking the signal or process is ignoring the 2055 * signal. 2056 */ 2057 if (kern_forcesigexit && (SIGISMEMBER(sigmask, sig) || 2058 ps->ps_sigact[_SIG_IDX(sig)] == SIG_IGN)) { 2059 SIGDELSET(td->td_sigmask, sig); 2060 SIGDELSET(ps->ps_sigcatch, sig); 2061 SIGDELSET(ps->ps_sigignore, sig); 2062 ps->ps_sigact[_SIG_IDX(sig)] = SIG_DFL; 2063 td->td_pflags &= ~TDP_SIGFASTBLOCK; 2064 td->td_sigblock_val = 0; 2065 } 2066 mtx_unlock(&ps->ps_mtx); 2067 p->p_sig = sig; /* XXX to verify code */ 2068 tdsendsignal(p, td, sig, ksi); 2069 } 2070 PROC_UNLOCK(p); 2071} 2072 2073static struct thread * 2074sigtd(struct proc *p, int sig, bool fast_sigblock) 2075{ 2076 struct thread *td, *signal_td; 2077 2078 PROC_LOCK_ASSERT(p, MA_OWNED); 2079 MPASS(!fast_sigblock || p == curproc); 2080 2081 /* 2082 * Check if current thread can handle the signal without 2083 * switching context to another thread. 2084 */ 2085 if (curproc == p && !SIGISMEMBER(curthread->td_sigmask, sig) && 2086 (!fast_sigblock || curthread->td_sigblock_val == 0)) 2087 return (curthread); 2088 signal_td = NULL; 2089 FOREACH_THREAD_IN_PROC(p, td) { 2090 if (!SIGISMEMBER(td->td_sigmask, sig) && (!fast_sigblock || 2091 td != curthread || td->td_sigblock_val == 0)) { 2092 signal_td = td; 2093 break; 2094 } 2095 } 2096 if (signal_td == NULL) 2097 signal_td = FIRST_THREAD_IN_PROC(p); 2098 return (signal_td); 2099} 2100 2101/* 2102 * Send the signal to the process. If the signal has an action, the action 2103 * is usually performed by the target process rather than the caller; we add 2104 * the signal to the set of pending signals for the process. 2105 * 2106 * Exceptions: 2107 * o When a stop signal is sent to a sleeping process that takes the 2108 * default action, the process is stopped without awakening it. 2109 * o SIGCONT restarts stopped processes (or puts them back to sleep) 2110 * regardless of the signal action (eg, blocked or ignored). 2111 * 2112 * Other ignored signals are discarded immediately. 2113 * 2114 * NB: This function may be entered from the debugger via the "kill" DDB 2115 * command. There is little that can be done to mitigate the possibly messy 2116 * side effects of this unwise possibility. 2117 */ 2118void 2119kern_psignal(struct proc *p, int sig) 2120{ 2121 ksiginfo_t ksi; 2122 2123 ksiginfo_init(&ksi); 2124 ksi.ksi_signo = sig; 2125 ksi.ksi_code = SI_KERNEL; 2126 (void) tdsendsignal(p, NULL, sig, &ksi); 2127} 2128 2129int 2130pksignal(struct proc *p, int sig, ksiginfo_t *ksi) 2131{ 2132 2133 return (tdsendsignal(p, NULL, sig, ksi)); 2134} 2135 2136/* Utility function for finding a thread to send signal event to. */ 2137int 2138sigev_findtd(struct proc *p ,struct sigevent *sigev, struct thread **ttd) 2139{ 2140 struct thread *td; 2141 2142 if (sigev->sigev_notify == SIGEV_THREAD_ID) { 2143 td = tdfind(sigev->sigev_notify_thread_id, p->p_pid); 2144 if (td == NULL) 2145 return (ESRCH); 2146 *ttd = td; 2147 } else { 2148 *ttd = NULL; 2149 PROC_LOCK(p); 2150 } 2151 return (0); 2152} 2153 2154void 2155tdsignal(struct thread *td, int sig) 2156{ 2157 ksiginfo_t ksi; 2158 2159 ksiginfo_init(&ksi); 2160 ksi.ksi_signo = sig; 2161 ksi.ksi_code = SI_KERNEL; 2162 (void) tdsendsignal(td->td_proc, td, sig, &ksi); 2163} 2164 2165void 2166tdksignal(struct thread *td, int sig, ksiginfo_t *ksi) 2167{ 2168 2169 (void) tdsendsignal(td->td_proc, td, sig, ksi); 2170} 2171 2172int 2173tdsendsignal(struct proc *p, struct thread *td, int sig, ksiginfo_t *ksi) 2174{ 2175 sig_t action; 2176 sigqueue_t *sigqueue; 2177 int prop; 2178 struct sigacts *ps; 2179 int intrval; 2180 int ret = 0; 2181 int wakeup_swapper; 2182 2183 MPASS(td == NULL || p == td->td_proc); 2184 PROC_LOCK_ASSERT(p, MA_OWNED); 2185 2186 if (!_SIG_VALID(sig)) 2187 panic("%s(): invalid signal %d", __func__, sig); 2188 2189 KASSERT(ksi == NULL || !KSI_ONQ(ksi), ("%s: ksi on queue", __func__)); 2190 2191 /* 2192 * IEEE Std 1003.1-2001: return success when killing a zombie. 2193 */ 2194 if (p->p_state == PRS_ZOMBIE) { 2195 if (ksi && (ksi->ksi_flags & KSI_INS)) 2196 ksiginfo_tryfree(ksi); 2197 return (ret); 2198 } 2199 2200 ps = p->p_sigacts; 2201 KNOTE_LOCKED(p->p_klist, NOTE_SIGNAL | sig); 2202 prop = sigprop(sig); 2203 2204 if (td == NULL) { 2205 td = sigtd(p, sig, false); 2206 sigqueue = &p->p_sigqueue; 2207 } else 2208 sigqueue = &td->td_sigqueue; 2209 2210 SDT_PROBE3(proc, , , signal__send, td, p, sig); 2211 2212 /* 2213 * If the signal is being ignored, then we forget about it 2214 * immediately, except when the target process executes 2215 * sigwait(). (Note: we don't set SIGCONT in ps_sigignore, 2216 * and if it is set to SIG_IGN, action will be SIG_DFL here.) 2217 */ 2218 mtx_lock(&ps->ps_mtx); 2219 if (SIGISMEMBER(ps->ps_sigignore, sig)) { 2220 if (kern_sig_discard_ign && 2221 (p->p_sysent->sv_flags & SV_SIG_DISCIGN) == 0) { 2222 SDT_PROBE3(proc, , , signal__discard, td, p, sig); 2223 2224 mtx_unlock(&ps->ps_mtx); 2225 if (ksi && (ksi->ksi_flags & KSI_INS)) 2226 ksiginfo_tryfree(ksi); 2227 return (ret); 2228 } else { 2229 action = SIG_CATCH; 2230 } 2231 } else if (SIGISMEMBER(td->td_sigmask, sig)) 2232 action = SIG_HOLD; 2233 else if (SIGISMEMBER(ps->ps_sigcatch, sig)) 2234 action = SIG_CATCH; 2235 else 2236 action = SIG_DFL; 2237 if (SIGISMEMBER(ps->ps_sigintr, sig)) 2238 intrval = EINTR; 2239 else 2240 intrval = ERESTART; 2241 mtx_unlock(&ps->ps_mtx); 2242 2243 if (prop & SIGPROP_CONT) 2244 sigqueue_delete_stopmask_proc(p); 2245 else if (prop & SIGPROP_STOP) { 2246 /* 2247 * If sending a tty stop signal to a member of an orphaned 2248 * process group, discard the signal here if the action 2249 * is default; don't stop the process below if sleeping, 2250 * and don't clear any pending SIGCONT. 2251 */ 2252 if ((prop & SIGPROP_TTYSTOP) != 0 && 2253 (p->p_pgrp->pg_flags & PGRP_ORPHANED) != 0 && 2254 action == SIG_DFL) { 2255 if (ksi && (ksi->ksi_flags & KSI_INS)) 2256 ksiginfo_tryfree(ksi); 2257 return (ret); 2258 } 2259 sigqueue_delete_proc(p, SIGCONT); 2260 if (p->p_flag & P_CONTINUED) { 2261 p->p_flag &= ~P_CONTINUED; 2262 PROC_LOCK(p->p_pptr); 2263 sigqueue_take(p->p_ksi); 2264 PROC_UNLOCK(p->p_pptr); 2265 } 2266 } 2267 2268 ret = sigqueue_add(sigqueue, sig, ksi); 2269 if (ret != 0) 2270 return (ret); 2271 signotify(td); 2272 /* 2273 * Defer further processing for signals which are held, 2274 * except that stopped processes must be continued by SIGCONT. 2275 */ 2276 if (action == SIG_HOLD && 2277 !((prop & SIGPROP_CONT) && (p->p_flag & P_STOPPED_SIG))) 2278 return (ret); 2279 2280 wakeup_swapper = 0; 2281 2282 /* 2283 * Some signals have a process-wide effect and a per-thread 2284 * component. Most processing occurs when the process next 2285 * tries to cross the user boundary, however there are some 2286 * times when processing needs to be done immediately, such as 2287 * waking up threads so that they can cross the user boundary. 2288 * We try to do the per-process part here. 2289 */ 2290 if (P_SHOULDSTOP(p)) { 2291 KASSERT(!(p->p_flag & P_WEXIT), 2292 ("signal to stopped but exiting process")); 2293 if (sig == SIGKILL) { 2294 /* 2295 * If traced process is already stopped, 2296 * then no further action is necessary. 2297 */ 2298 if (p->p_flag & P_TRACED) 2299 goto out; 2300 /* 2301 * SIGKILL sets process running. 2302 * It will die elsewhere. 2303 * All threads must be restarted. 2304 */ 2305 p->p_flag &= ~P_STOPPED_SIG; 2306 goto runfast; 2307 } 2308 2309 if (prop & SIGPROP_CONT) { 2310 /* 2311 * If traced process is already stopped, 2312 * then no further action is necessary. 2313 */ 2314 if (p->p_flag & P_TRACED) 2315 goto out; 2316 /* 2317 * If SIGCONT is default (or ignored), we continue the 2318 * process but don't leave the signal in sigqueue as 2319 * it has no further action. If SIGCONT is held, we 2320 * continue the process and leave the signal in 2321 * sigqueue. If the process catches SIGCONT, let it 2322 * handle the signal itself. If it isn't waiting on 2323 * an event, it goes back to run state. 2324 * Otherwise, process goes back to sleep state. 2325 */ 2326 p->p_flag &= ~P_STOPPED_SIG; 2327 PROC_SLOCK(p); 2328 if (p->p_numthreads == p->p_suspcount) { 2329 PROC_SUNLOCK(p); 2330 p->p_flag |= P_CONTINUED; 2331 p->p_xsig = SIGCONT; 2332 PROC_LOCK(p->p_pptr); 2333 childproc_continued(p); 2334 PROC_UNLOCK(p->p_pptr); 2335 PROC_SLOCK(p); 2336 } 2337 if (action == SIG_DFL) { 2338 thread_unsuspend(p); 2339 PROC_SUNLOCK(p); 2340 sigqueue_delete(sigqueue, sig); 2341 goto out_cont; 2342 } 2343 if (action == SIG_CATCH) { 2344 /* 2345 * The process wants to catch it so it needs 2346 * to run at least one thread, but which one? 2347 */ 2348 PROC_SUNLOCK(p); 2349 goto runfast; 2350 } 2351 /* 2352 * The signal is not ignored or caught. 2353 */ 2354 thread_unsuspend(p); 2355 PROC_SUNLOCK(p); 2356 goto out_cont; 2357 } 2358 2359 if (prop & SIGPROP_STOP) { 2360 /* 2361 * If traced process is already stopped, 2362 * then no further action is necessary. 2363 */ 2364 if (p->p_flag & P_TRACED) 2365 goto out; 2366 /* 2367 * Already stopped, don't need to stop again 2368 * (If we did the shell could get confused). 2369 * Just make sure the signal STOP bit set. 2370 */ 2371 p->p_flag |= P_STOPPED_SIG; 2372 sigqueue_delete(sigqueue, sig); 2373 goto out; 2374 } 2375 2376 /* 2377 * All other kinds of signals: 2378 * If a thread is sleeping interruptibly, simulate a 2379 * wakeup so that when it is continued it will be made 2380 * runnable and can look at the signal. However, don't make 2381 * the PROCESS runnable, leave it stopped. 2382 * It may run a bit until it hits a thread_suspend_check(). 2383 */ 2384 PROC_SLOCK(p); 2385 thread_lock(td); 2386 if (TD_CAN_ABORT(td)) 2387 wakeup_swapper = sleepq_abort(td, intrval); 2388 else 2389 thread_unlock(td); 2390 PROC_SUNLOCK(p); 2391 goto out; 2392 /* 2393 * Mutexes are short lived. Threads waiting on them will 2394 * hit thread_suspend_check() soon. 2395 */ 2396 } else if (p->p_state == PRS_NORMAL) { 2397 if (p->p_flag & P_TRACED || action == SIG_CATCH) { 2398 tdsigwakeup(td, sig, action, intrval); 2399 goto out; 2400 } 2401 2402 MPASS(action == SIG_DFL); 2403 2404 if (prop & SIGPROP_STOP) { 2405 if (p->p_flag & (P_PPWAIT|P_WEXIT)) 2406 goto out; 2407 p->p_flag |= P_STOPPED_SIG; 2408 p->p_xsig = sig; 2409 PROC_SLOCK(p); 2410 wakeup_swapper = sig_suspend_threads(td, p, 1); 2411 if (p->p_numthreads == p->p_suspcount) { 2412 /* 2413 * only thread sending signal to another 2414 * process can reach here, if thread is sending 2415 * signal to its process, because thread does 2416 * not suspend itself here, p_numthreads 2417 * should never be equal to p_suspcount. 2418 */ 2419 thread_stopped(p); 2420 PROC_SUNLOCK(p); 2421 sigqueue_delete_proc(p, p->p_xsig); 2422 } else 2423 PROC_SUNLOCK(p); 2424 goto out; 2425 } 2426 } else { 2427 /* Not in "NORMAL" state. discard the signal. */ 2428 sigqueue_delete(sigqueue, sig); 2429 goto out; 2430 } 2431 2432 /* 2433 * The process is not stopped so we need to apply the signal to all the 2434 * running threads. 2435 */ 2436runfast: 2437 tdsigwakeup(td, sig, action, intrval); 2438 PROC_SLOCK(p); 2439 thread_unsuspend(p); 2440 PROC_SUNLOCK(p); 2441out_cont: 2442 itimer_proc_continue(p); 2443 kqtimer_proc_continue(p); 2444out: 2445 /* If we jump here, proc slock should not be owned. */ 2446 PROC_SLOCK_ASSERT(p, MA_NOTOWNED); 2447 if (wakeup_swapper) 2448 kick_proc0(); 2449 2450 return (ret); 2451} 2452 2453/* 2454 * The force of a signal has been directed against a single 2455 * thread. We need to see what we can do about knocking it 2456 * out of any sleep it may be in etc. 2457 */ 2458static void 2459tdsigwakeup(struct thread *td, int sig, sig_t action, int intrval) 2460{ 2461 struct proc *p = td->td_proc; 2462 int prop, wakeup_swapper; 2463 2464 PROC_LOCK_ASSERT(p, MA_OWNED); 2465 prop = sigprop(sig); 2466 2467 PROC_SLOCK(p); 2468 thread_lock(td); 2469 /* 2470 * Bring the priority of a thread up if we want it to get 2471 * killed in this lifetime. Be careful to avoid bumping the 2472 * priority of the idle thread, since we still allow to signal 2473 * kernel processes. 2474 */ 2475 if (action == SIG_DFL && (prop & SIGPROP_KILL) != 0 && 2476 td->td_priority > PUSER && !TD_IS_IDLETHREAD(td)) 2477 sched_prio(td, PUSER); 2478 if (TD_ON_SLEEPQ(td)) { 2479 /* 2480 * If thread is sleeping uninterruptibly 2481 * we can't interrupt the sleep... the signal will 2482 * be noticed when the process returns through 2483 * trap() or syscall(). 2484 */ 2485 if ((td->td_flags & TDF_SINTR) == 0) 2486 goto out; 2487 /* 2488 * If SIGCONT is default (or ignored) and process is 2489 * asleep, we are finished; the process should not 2490 * be awakened. 2491 */ 2492 if ((prop & SIGPROP_CONT) && action == SIG_DFL) { 2493 thread_unlock(td); 2494 PROC_SUNLOCK(p); 2495 sigqueue_delete(&p->p_sigqueue, sig); 2496 /* 2497 * It may be on either list in this state. 2498 * Remove from both for now. 2499 */ 2500 sigqueue_delete(&td->td_sigqueue, sig); 2501 return; 2502 } 2503 2504 /* 2505 * Don't awaken a sleeping thread for SIGSTOP if the 2506 * STOP signal is deferred. 2507 */ 2508 if ((prop & SIGPROP_STOP) != 0 && (td->td_flags & (TDF_SBDRY | 2509 TDF_SERESTART | TDF_SEINTR)) == TDF_SBDRY) 2510 goto out; 2511 2512 /* 2513 * Give low priority threads a better chance to run. 2514 */ 2515 if (td->td_priority > PUSER && !TD_IS_IDLETHREAD(td)) 2516 sched_prio(td, PUSER); 2517 2518 wakeup_swapper = sleepq_abort(td, intrval); 2519 PROC_SUNLOCK(p); 2520 if (wakeup_swapper) 2521 kick_proc0(); 2522 return; 2523 } 2524 2525 /* 2526 * Other states do nothing with the signal immediately, 2527 * other than kicking ourselves if we are running. 2528 * It will either never be noticed, or noticed very soon. 2529 */ 2530#ifdef SMP 2531 if (TD_IS_RUNNING(td) && td != curthread) 2532 forward_signal(td); 2533#endif 2534 2535out: 2536 PROC_SUNLOCK(p); 2537 thread_unlock(td); 2538} 2539 2540static void 2541ptrace_coredump(struct thread *td) 2542{ 2543 struct proc *p; 2544 struct thr_coredump_req *tcq; 2545 void *rl_cookie; 2546 2547 MPASS(td == curthread); 2548 p = td->td_proc; 2549 PROC_LOCK_ASSERT(p, MA_OWNED); 2550 if ((td->td_dbgflags & TDB_COREDUMPRQ) == 0) 2551 return; 2552 KASSERT((p->p_flag & P_STOPPED_TRACE) != 0, ("not stopped")); 2553 2554 tcq = td->td_coredump; 2555 KASSERT(tcq != NULL, ("td_coredump is NULL")); 2556 2557 if (p->p_sysent->sv_coredump == NULL) { 2558 tcq->tc_error = ENOSYS; 2559 goto wake; 2560 } 2561 2562 PROC_UNLOCK(p); 2563 rl_cookie = vn_rangelock_wlock(tcq->tc_vp, 0, OFF_MAX); 2564 2565 tcq->tc_error = p->p_sysent->sv_coredump(td, tcq->tc_vp, 2566 tcq->tc_limit, tcq->tc_flags); 2567 2568 vn_rangelock_unlock(tcq->tc_vp, rl_cookie); 2569 PROC_LOCK(p); 2570wake: 2571 td->td_dbgflags &= ~TDB_COREDUMPRQ; 2572 td->td_coredump = NULL; 2573 wakeup(p); 2574} 2575 2576static int 2577sig_suspend_threads(struct thread *td, struct proc *p, int sending) 2578{ 2579 struct thread *td2; 2580 int wakeup_swapper; 2581 2582 PROC_LOCK_ASSERT(p, MA_OWNED); 2583 PROC_SLOCK_ASSERT(p, MA_OWNED); 2584 MPASS(sending || td == curthread); 2585 2586 wakeup_swapper = 0; 2587 FOREACH_THREAD_IN_PROC(p, td2) { 2588 thread_lock(td2); 2589 td2->td_flags |= TDF_ASTPENDING | TDF_NEEDSUSPCHK; 2590 if ((TD_IS_SLEEPING(td2) || TD_IS_SWAPPED(td2)) && 2591 (td2->td_flags & TDF_SINTR)) { 2592 if (td2->td_flags & TDF_SBDRY) { 2593 /* 2594 * Once a thread is asleep with 2595 * TDF_SBDRY and without TDF_SERESTART 2596 * or TDF_SEINTR set, it should never 2597 * become suspended due to this check. 2598 */ 2599 KASSERT(!TD_IS_SUSPENDED(td2), 2600 ("thread with deferred stops suspended")); 2601 if (TD_SBDRY_INTR(td2)) { 2602 wakeup_swapper |= sleepq_abort(td2, 2603 TD_SBDRY_ERRNO(td2)); 2604 continue; 2605 } 2606 } else if (!TD_IS_SUSPENDED(td2)) 2607 thread_suspend_one(td2); 2608 } else if (!TD_IS_SUSPENDED(td2)) { 2609 if (sending || td != td2) 2610 td2->td_flags |= TDF_ASTPENDING; 2611#ifdef SMP 2612 if (TD_IS_RUNNING(td2) && td2 != td) 2613 forward_signal(td2); 2614#endif 2615 } 2616 thread_unlock(td2); 2617 } 2618 return (wakeup_swapper); 2619} 2620 2621/* 2622 * Stop the process for an event deemed interesting to the debugger. If si is 2623 * non-NULL, this is a signal exchange; the new signal requested by the 2624 * debugger will be returned for handling. If si is NULL, this is some other 2625 * type of interesting event. The debugger may request a signal be delivered in 2626 * that case as well, however it will be deferred until it can be handled. 2627 */ 2628int 2629ptracestop(struct thread *td, int sig, ksiginfo_t *si) 2630{ 2631 struct proc *p = td->td_proc; 2632 struct thread *td2; 2633 ksiginfo_t ksi; 2634 2635 PROC_LOCK_ASSERT(p, MA_OWNED); 2636 KASSERT(!(p->p_flag & P_WEXIT), ("Stopping exiting process")); 2637 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, 2638 &p->p_mtx.lock_object, "Stopping for traced signal"); 2639 2640 td->td_xsig = sig; 2641 2642 if (si == NULL || (si->ksi_flags & KSI_PTRACE) == 0) { 2643 td->td_dbgflags |= TDB_XSIG; 2644 CTR4(KTR_PTRACE, "ptracestop: tid %d (pid %d) flags %#x sig %d", 2645 td->td_tid, p->p_pid, td->td_dbgflags, sig); 2646 PROC_SLOCK(p); 2647 while ((p->p_flag & P_TRACED) && (td->td_dbgflags & TDB_XSIG)) { 2648 if (P_KILLED(p)) { 2649 /* 2650 * Ensure that, if we've been PT_KILLed, the 2651 * exit status reflects that. Another thread 2652 * may also be in ptracestop(), having just 2653 * received the SIGKILL, but this thread was 2654 * unsuspended first. 2655 */ 2656 td->td_dbgflags &= ~TDB_XSIG; 2657 td->td_xsig = SIGKILL; 2658 p->p_ptevents = 0; 2659 break; 2660 } 2661 if (p->p_flag & P_SINGLE_EXIT && 2662 !(td->td_dbgflags & TDB_EXIT)) { 2663 /* 2664 * Ignore ptrace stops except for thread exit 2665 * events when the process exits. 2666 */ 2667 td->td_dbgflags &= ~TDB_XSIG; 2668 PROC_SUNLOCK(p); 2669 return (0); 2670 } 2671 2672 /* 2673 * Make wait(2) work. Ensure that right after the 2674 * attach, the thread which was decided to become the 2675 * leader of attach gets reported to the waiter. 2676 * Otherwise, just avoid overwriting another thread's 2677 * assignment to p_xthread. If another thread has 2678 * already set p_xthread, the current thread will get 2679 * a chance to report itself upon the next iteration. 2680 */ 2681 if ((td->td_dbgflags & TDB_FSTP) != 0 || 2682 ((p->p_flag2 & P2_PTRACE_FSTP) == 0 && 2683 p->p_xthread == NULL)) { 2684 p->p_xsig = sig; 2685 p->p_xthread = td; 2686 2687 /* 2688 * If we are on sleepqueue already, 2689 * let sleepqueue code decide if it 2690 * needs to go sleep after attach. 2691 */ 2692 if (td->td_wchan == NULL) 2693 td->td_dbgflags &= ~TDB_FSTP; 2694 2695 p->p_flag2 &= ~P2_PTRACE_FSTP; 2696 p->p_flag |= P_STOPPED_SIG | P_STOPPED_TRACE; 2697 sig_suspend_threads(td, p, 0); 2698 } 2699 if ((td->td_dbgflags & TDB_STOPATFORK) != 0) { 2700 td->td_dbgflags &= ~TDB_STOPATFORK; 2701 } 2702stopme: 2703 td->td_dbgflags |= TDB_SSWITCH; 2704 thread_suspend_switch(td, p); 2705 td->td_dbgflags &= ~TDB_SSWITCH; 2706 if ((td->td_dbgflags & TDB_COREDUMPRQ) != 0) { 2707 PROC_SUNLOCK(p); 2708 ptrace_coredump(td); 2709 PROC_SLOCK(p); 2710 goto stopme; 2711 } 2712 if (p->p_xthread == td) 2713 p->p_xthread = NULL; 2714 if (!(p->p_flag & P_TRACED)) 2715 break; 2716 if (td->td_dbgflags & TDB_SUSPEND) { 2717 if (p->p_flag & P_SINGLE_EXIT) 2718 break; 2719 goto stopme; 2720 } 2721 } 2722 PROC_SUNLOCK(p); 2723 } 2724 2725 if (si != NULL && sig == td->td_xsig) { 2726 /* Parent wants us to take the original signal unchanged. */ 2727 si->ksi_flags |= KSI_HEAD; 2728 if (sigqueue_add(&td->td_sigqueue, sig, si) != 0) 2729 si->ksi_signo = 0; 2730 } else if (td->td_xsig != 0) { 2731 /* 2732 * If parent wants us to take a new signal, then it will leave 2733 * it in td->td_xsig; otherwise we just look for signals again. 2734 */ 2735 ksiginfo_init(&ksi); 2736 ksi.ksi_signo = td->td_xsig; 2737 ksi.ksi_flags |= KSI_PTRACE; 2738 td2 = sigtd(p, td->td_xsig, false); 2739 tdsendsignal(p, td2, td->td_xsig, &ksi); 2740 if (td != td2) 2741 return (0); 2742 } 2743 2744 return (td->td_xsig); 2745} 2746 2747static void 2748reschedule_signals(struct proc *p, sigset_t block, int flags) 2749{ 2750 struct sigacts *ps; 2751 struct thread *td; 2752 int sig; 2753 bool fastblk, pslocked; 2754 2755 PROC_LOCK_ASSERT(p, MA_OWNED); 2756 ps = p->p_sigacts; 2757 pslocked = (flags & SIGPROCMASK_PS_LOCKED) != 0; 2758 mtx_assert(&ps->ps_mtx, pslocked ? MA_OWNED : MA_NOTOWNED); 2759 if (SIGISEMPTY(p->p_siglist)) 2760 return; 2761 SIGSETAND(block, p->p_siglist); 2762 fastblk = (flags & SIGPROCMASK_FASTBLK) != 0; 2763 while ((sig = sig_ffs(&block)) != 0) { 2764 SIGDELSET(block, sig); 2765 td = sigtd(p, sig, fastblk); 2766 2767 /* 2768 * If sigtd() selected us despite sigfastblock is 2769 * blocking, do not activate AST or wake us, to avoid 2770 * loop in AST handler. 2771 */ 2772 if (fastblk && td == curthread) 2773 continue; 2774 2775 signotify(td); 2776 if (!pslocked) 2777 mtx_lock(&ps->ps_mtx); 2778 if (p->p_flag & P_TRACED || 2779 (SIGISMEMBER(ps->ps_sigcatch, sig) && 2780 !SIGISMEMBER(td->td_sigmask, sig))) { 2781 tdsigwakeup(td, sig, SIG_CATCH, 2782 (SIGISMEMBER(ps->ps_sigintr, sig) ? EINTR : 2783 ERESTART)); 2784 } 2785 if (!pslocked) 2786 mtx_unlock(&ps->ps_mtx); 2787 } 2788} 2789 2790void 2791tdsigcleanup(struct thread *td) 2792{ 2793 struct proc *p; 2794 sigset_t unblocked; 2795 2796 p = td->td_proc; 2797 PROC_LOCK_ASSERT(p, MA_OWNED); 2798 2799 sigqueue_flush(&td->td_sigqueue); 2800 if (p->p_numthreads == 1) 2801 return; 2802 2803 /* 2804 * Since we cannot handle signals, notify signal post code 2805 * about this by filling the sigmask. 2806 * 2807 * Also, if needed, wake up thread(s) that do not block the 2808 * same signals as the exiting thread, since the thread might 2809 * have been selected for delivery and woken up. 2810 */ 2811 SIGFILLSET(unblocked); 2812 SIGSETNAND(unblocked, td->td_sigmask); 2813 SIGFILLSET(td->td_sigmask); 2814 reschedule_signals(p, unblocked, 0); 2815 2816} 2817 2818static int 2819sigdeferstop_curr_flags(int cflags) 2820{ 2821 2822 MPASS((cflags & (TDF_SEINTR | TDF_SERESTART)) == 0 || 2823 (cflags & TDF_SBDRY) != 0); 2824 return (cflags & (TDF_SBDRY | TDF_SEINTR | TDF_SERESTART)); 2825} 2826 2827/* 2828 * Defer the delivery of SIGSTOP for the current thread, according to 2829 * the requested mode. Returns previous flags, which must be restored 2830 * by sigallowstop(). 2831 * 2832 * TDF_SBDRY, TDF_SEINTR, and TDF_SERESTART flags are only set and 2833 * cleared by the current thread, which allow the lock-less read-only 2834 * accesses below. 2835 */ 2836int 2837sigdeferstop_impl(int mode) 2838{ 2839 struct thread *td; 2840 int cflags, nflags; 2841 2842 td = curthread; 2843 cflags = sigdeferstop_curr_flags(td->td_flags); 2844 switch (mode) { 2845 case SIGDEFERSTOP_NOP: 2846 nflags = cflags; 2847 break; 2848 case SIGDEFERSTOP_OFF: 2849 nflags = 0; 2850 break; 2851 case SIGDEFERSTOP_SILENT: 2852 nflags = (cflags | TDF_SBDRY) & ~(TDF_SEINTR | TDF_SERESTART); 2853 break; 2854 case SIGDEFERSTOP_EINTR: 2855 nflags = (cflags | TDF_SBDRY | TDF_SEINTR) & ~TDF_SERESTART; 2856 break; 2857 case SIGDEFERSTOP_ERESTART: 2858 nflags = (cflags | TDF_SBDRY | TDF_SERESTART) & ~TDF_SEINTR; 2859 break; 2860 default: 2861 panic("sigdeferstop: invalid mode %x", mode); 2862 break; 2863 } 2864 if (cflags == nflags) 2865 return (SIGDEFERSTOP_VAL_NCHG); 2866 thread_lock(td); 2867 td->td_flags = (td->td_flags & ~cflags) | nflags; 2868 thread_unlock(td); 2869 return (cflags); 2870} 2871 2872/* 2873 * Restores the STOP handling mode, typically permitting the delivery 2874 * of SIGSTOP for the current thread. This does not immediately 2875 * suspend if a stop was posted. Instead, the thread will suspend 2876 * either via ast() or a subsequent interruptible sleep. 2877 */ 2878void 2879sigallowstop_impl(int prev) 2880{ 2881 struct thread *td; 2882 int cflags; 2883 2884 KASSERT(prev != SIGDEFERSTOP_VAL_NCHG, ("failed sigallowstop")); 2885 KASSERT((prev & ~(TDF_SBDRY | TDF_SEINTR | TDF_SERESTART)) == 0, 2886 ("sigallowstop: incorrect previous mode %x", prev)); 2887 td = curthread; 2888 cflags = sigdeferstop_curr_flags(td->td_flags); 2889 if (cflags != prev) { 2890 thread_lock(td); 2891 td->td_flags = (td->td_flags & ~cflags) | prev; 2892 thread_unlock(td); 2893 } 2894} 2895 2896/* 2897 * If the current process has received a signal (should be caught or cause 2898 * termination, should interrupt current syscall), return the signal number. 2899 * Stop signals with default action are processed immediately, then cleared; 2900 * they aren't returned. This is checked after each entry to the system for 2901 * a syscall or trap (though this can usually be done without calling issignal 2902 * by checking the pending signal masks in cursig.) The normal call 2903 * sequence is 2904 * 2905 * while (sig = cursig(curthread)) 2906 * postsig(sig); 2907 */ 2908static int 2909issignal(struct thread *td) 2910{ 2911 struct proc *p; 2912 struct sigacts *ps; 2913 struct sigqueue *queue; 2914 sigset_t sigpending; 2915 ksiginfo_t ksi; 2916 int prop, sig; 2917 2918 p = td->td_proc; 2919 ps = p->p_sigacts; 2920 mtx_assert(&ps->ps_mtx, MA_OWNED); 2921 PROC_LOCK_ASSERT(p, MA_OWNED); 2922 for (;;) { 2923 sigpending = td->td_sigqueue.sq_signals; 2924 SIGSETOR(sigpending, p->p_sigqueue.sq_signals); 2925 SIGSETNAND(sigpending, td->td_sigmask); 2926 2927 if ((p->p_flag & P_PPWAIT) != 0 || (td->td_flags & 2928 (TDF_SBDRY | TDF_SERESTART | TDF_SEINTR)) == TDF_SBDRY) 2929 SIG_STOPSIGMASK(sigpending); 2930 if (SIGISEMPTY(sigpending)) /* no signal to send */ 2931 return (0); 2932 2933 /* 2934 * Do fast sigblock if requested by usermode. Since 2935 * we do know that there was a signal pending at this 2936 * point, set the FAST_SIGBLOCK_PEND as indicator for 2937 * usermode to perform a dummy call to 2938 * FAST_SIGBLOCK_UNBLOCK, which causes immediate 2939 * delivery of postponed pending signal. 2940 */ 2941 if ((td->td_pflags & TDP_SIGFASTBLOCK) != 0) { 2942 if (td->td_sigblock_val != 0) 2943 SIGSETNAND(sigpending, fastblock_mask); 2944 if (SIGISEMPTY(sigpending)) { 2945 td->td_pflags |= TDP_SIGFASTPENDING; 2946 return (0); 2947 } 2948 } 2949 2950 if ((p->p_flag & (P_TRACED | P_PPTRACE)) == P_TRACED && 2951 (p->p_flag2 & P2_PTRACE_FSTP) != 0 && 2952 SIGISMEMBER(sigpending, SIGSTOP)) { 2953 /* 2954 * If debugger just attached, always consume 2955 * SIGSTOP from ptrace(PT_ATTACH) first, to 2956 * execute the debugger attach ritual in 2957 * order. 2958 */ 2959 sig = SIGSTOP; 2960 td->td_dbgflags |= TDB_FSTP; 2961 } else { 2962 sig = sig_ffs(&sigpending); 2963 } 2964 2965 /* 2966 * We should allow pending but ignored signals below 2967 * only if there is sigwait() active, or P_TRACED was 2968 * on when they were posted. 2969 */ 2970 if (SIGISMEMBER(ps->ps_sigignore, sig) && 2971 (p->p_flag & P_TRACED) == 0 && 2972 (td->td_pflags2 & TDP2_SIGWAIT) == 0) { 2973 sigqueue_delete(&td->td_sigqueue, sig); 2974 sigqueue_delete(&p->p_sigqueue, sig); 2975 continue; 2976 } 2977 if ((p->p_flag & (P_TRACED | P_PPTRACE)) == P_TRACED) { 2978 /* 2979 * If traced, always stop. 2980 * Remove old signal from queue before the stop. 2981 * XXX shrug off debugger, it causes siginfo to 2982 * be thrown away. 2983 */ 2984 queue = &td->td_sigqueue; 2985 ksiginfo_init(&ksi); 2986 if (sigqueue_get(queue, sig, &ksi) == 0) { 2987 queue = &p->p_sigqueue; 2988 sigqueue_get(queue, sig, &ksi); 2989 } 2990 td->td_si = ksi.ksi_info; 2991 2992 mtx_unlock(&ps->ps_mtx); 2993 sig = ptracestop(td, sig, &ksi); 2994 mtx_lock(&ps->ps_mtx); 2995 2996 td->td_si.si_signo = 0; 2997 2998 /* 2999 * Keep looking if the debugger discarded or 3000 * replaced the signal. 3001 */ 3002 if (sig == 0) 3003 continue; 3004 3005 /* 3006 * If the signal became masked, re-queue it. 3007 */ 3008 if (SIGISMEMBER(td->td_sigmask, sig)) { 3009 ksi.ksi_flags |= KSI_HEAD; 3010 sigqueue_add(&p->p_sigqueue, sig, &ksi); 3011 continue; 3012 } 3013 3014 /* 3015 * If the traced bit got turned off, requeue 3016 * the signal and go back up to the top to 3017 * rescan signals. This ensures that p_sig* 3018 * and p_sigact are consistent. 3019 */ 3020 if ((p->p_flag & P_TRACED) == 0) { 3021 ksi.ksi_flags |= KSI_HEAD; 3022 sigqueue_add(queue, sig, &ksi); 3023 continue; 3024 } 3025 } 3026 3027 prop = sigprop(sig); 3028 3029 /* 3030 * Decide whether the signal should be returned. 3031 * Return the signal's number, or fall through 3032 * to clear it from the pending mask. 3033 */ 3034 switch ((intptr_t)p->p_sigacts->ps_sigact[_SIG_IDX(sig)]) { 3035 case (intptr_t)SIG_DFL: 3036 /* 3037 * Don't take default actions on system processes. 3038 */ 3039 if (p->p_pid <= 1) { 3040#ifdef DIAGNOSTIC 3041 /* 3042 * Are you sure you want to ignore SIGSEGV 3043 * in init? XXX 3044 */ 3045 printf("Process (pid %lu) got signal %d\n", 3046 (u_long)p->p_pid, sig); 3047#endif 3048 break; /* == ignore */ 3049 } 3050 /* 3051 * If there is a pending stop signal to process with 3052 * default action, stop here, then clear the signal. 3053 * Traced or exiting processes should ignore stops. 3054 * Additionally, a member of an orphaned process group 3055 * should ignore tty stops. 3056 */ 3057 if (prop & SIGPROP_STOP) { 3058 mtx_unlock(&ps->ps_mtx); 3059 if ((p->p_flag & (P_TRACED | P_WEXIT | 3060 P_SINGLE_EXIT)) != 0 || ((p->p_pgrp-> 3061 pg_flags & PGRP_ORPHANED) != 0 && 3062 (prop & SIGPROP_TTYSTOP) != 0)) { 3063 mtx_lock(&ps->ps_mtx); 3064 break; /* == ignore */ 3065 } 3066 if (TD_SBDRY_INTR(td)) { 3067 KASSERT((td->td_flags & TDF_SBDRY) != 0, 3068 ("lost TDF_SBDRY")); 3069 mtx_lock(&ps->ps_mtx); 3070 return (-1); 3071 } 3072 WITNESS_WARN(WARN_GIANTOK | WARN_SLEEPOK, 3073 &p->p_mtx.lock_object, "Catching SIGSTOP"); 3074 sigqueue_delete(&td->td_sigqueue, sig); 3075 sigqueue_delete(&p->p_sigqueue, sig); 3076 p->p_flag |= P_STOPPED_SIG; 3077 p->p_xsig = sig; 3078 PROC_SLOCK(p); 3079 sig_suspend_threads(td, p, 0); 3080 thread_suspend_switch(td, p); 3081 PROC_SUNLOCK(p); 3082 mtx_lock(&ps->ps_mtx); 3083 goto next; 3084 } else if ((prop & SIGPROP_IGNORE) != 0 && 3085 (td->td_pflags2 & TDP2_SIGWAIT) == 0) { 3086 /* 3087 * Default action is to ignore; drop it if 3088 * not in kern_sigtimedwait(). 3089 */ 3090 break; /* == ignore */ 3091 } else 3092 return (sig); 3093 /*NOTREACHED*/ 3094 3095 case (intptr_t)SIG_IGN: 3096 if ((td->td_pflags2 & TDP2_SIGWAIT) == 0) 3097 break; /* == ignore */ 3098 else 3099 return (sig); 3100 3101 default: 3102 /* 3103 * This signal has an action, let 3104 * postsig() process it. 3105 */ 3106 return (sig); 3107 } 3108 sigqueue_delete(&td->td_sigqueue, sig); /* take the signal! */ 3109 sigqueue_delete(&p->p_sigqueue, sig); 3110next:; 3111 } 3112 /* NOTREACHED */ 3113} 3114 3115void 3116thread_stopped(struct proc *p) 3117{ 3118 int n; 3119 3120 PROC_LOCK_ASSERT(p, MA_OWNED); 3121 PROC_SLOCK_ASSERT(p, MA_OWNED); 3122 n = p->p_suspcount; 3123 if (p == curproc) 3124 n++; 3125 if ((p->p_flag & P_STOPPED_SIG) && (n == p->p_numthreads)) { 3126 PROC_SUNLOCK(p); 3127 p->p_flag &= ~P_WAITED; 3128 PROC_LOCK(p->p_pptr); 3129 childproc_stopped(p, (p->p_flag & P_TRACED) ? 3130 CLD_TRAPPED : CLD_STOPPED); 3131 PROC_UNLOCK(p->p_pptr); 3132 PROC_SLOCK(p); 3133 } 3134} 3135 3136/* 3137 * Take the action for the specified signal 3138 * from the current set of pending signals. 3139 */ 3140int 3141postsig(int sig) 3142{ 3143 struct thread *td; 3144 struct proc *p; 3145 struct sigacts *ps; 3146 sig_t action; 3147 ksiginfo_t ksi; 3148 sigset_t returnmask; 3149 3150 KASSERT(sig != 0, ("postsig")); 3151 3152 td = curthread; 3153 p = td->td_proc; 3154 PROC_LOCK_ASSERT(p, MA_OWNED); 3155 ps = p->p_sigacts; 3156 mtx_assert(&ps->ps_mtx, MA_OWNED); 3157 ksiginfo_init(&ksi); 3158 if (sigqueue_get(&td->td_sigqueue, sig, &ksi) == 0 && 3159 sigqueue_get(&p->p_sigqueue, sig, &ksi) == 0) 3160 return (0); 3161 ksi.ksi_signo = sig; 3162 if (ksi.ksi_code == SI_TIMER) 3163 itimer_accept(p, ksi.ksi_timerid, &ksi); 3164 action = ps->ps_sigact[_SIG_IDX(sig)]; 3165#ifdef KTRACE 3166 if (KTRPOINT(td, KTR_PSIG)) 3167 ktrpsig(sig, action, td->td_pflags & TDP_OLDMASK ? 3168 &td->td_oldsigmask : &td->td_sigmask, ksi.ksi_code); 3169#endif 3170 3171 if (action == SIG_DFL) { 3172 /* 3173 * Default action, where the default is to kill 3174 * the process. (Other cases were ignored above.) 3175 */ 3176 mtx_unlock(&ps->ps_mtx); 3177 proc_td_siginfo_capture(td, &ksi.ksi_info); 3178 sigexit(td, sig); 3179 /* NOTREACHED */ 3180 } else { 3181 /* 3182 * If we get here, the signal must be caught. 3183 */ 3184 KASSERT(action != SIG_IGN, ("postsig action %p", action)); 3185 KASSERT(!SIGISMEMBER(td->td_sigmask, sig), 3186 ("postsig action: blocked sig %d", sig)); 3187 3188 /* 3189 * Set the new mask value and also defer further 3190 * occurrences of this signal. 3191 * 3192 * Special case: user has done a sigsuspend. Here the 3193 * current mask is not of interest, but rather the 3194 * mask from before the sigsuspend is what we want 3195 * restored after the signal processing is completed. 3196 */ 3197 if (td->td_pflags & TDP_OLDMASK) { 3198 returnmask = td->td_oldsigmask; 3199 td->td_pflags &= ~TDP_OLDMASK; 3200 } else 3201 returnmask = td->td_sigmask; 3202 3203 if (p->p_sig == sig) { 3204 p->p_sig = 0; 3205 } 3206 (*p->p_sysent->sv_sendsig)(action, &ksi, &returnmask); 3207 postsig_done(sig, td, ps); 3208 } 3209 return (1); 3210} 3211 3212int 3213sig_ast_checksusp(struct thread *td) 3214{ 3215 struct proc *p; 3216 int ret; 3217 3218 p = td->td_proc; 3219 PROC_LOCK_ASSERT(p, MA_OWNED); 3220 3221 if ((td->td_flags & TDF_NEEDSUSPCHK) == 0) 3222 return (0); 3223 3224 ret = thread_suspend_check(1); 3225 MPASS(ret == 0 || ret == EINTR || ret == ERESTART); 3226 return (ret); 3227} 3228 3229int 3230sig_ast_needsigchk(struct thread *td) 3231{ 3232 struct proc *p; 3233 struct sigacts *ps; 3234 int ret, sig; 3235 3236 p = td->td_proc; 3237 PROC_LOCK_ASSERT(p, MA_OWNED); 3238 3239 if ((td->td_flags & TDF_NEEDSIGCHK) == 0) 3240 return (0); 3241 3242 ps = p->p_sigacts; 3243 mtx_lock(&ps->ps_mtx); 3244 sig = cursig(td); 3245 if (sig == -1) { 3246 mtx_unlock(&ps->ps_mtx); 3247 KASSERT((td->td_flags & TDF_SBDRY) != 0, ("lost TDF_SBDRY")); 3248 KASSERT(TD_SBDRY_INTR(td), 3249 ("lost TDF_SERESTART of TDF_SEINTR")); 3250 KASSERT((td->td_flags & (TDF_SEINTR | TDF_SERESTART)) != 3251 (TDF_SEINTR | TDF_SERESTART), 3252 ("both TDF_SEINTR and TDF_SERESTART")); 3253 ret = TD_SBDRY_ERRNO(td); 3254 } else if (sig != 0) { 3255 ret = SIGISMEMBER(ps->ps_sigintr, sig) ? EINTR : ERESTART; 3256 mtx_unlock(&ps->ps_mtx); 3257 } else { 3258 mtx_unlock(&ps->ps_mtx); 3259 ret = 0; 3260 } 3261 3262 /* 3263 * Do not go into sleep if this thread was the ptrace(2) 3264 * attach leader. cursig() consumed SIGSTOP from PT_ATTACH, 3265 * but we usually act on the signal by interrupting sleep, and 3266 * should do that here as well. 3267 */ 3268 if ((td->td_dbgflags & TDB_FSTP) != 0) { 3269 if (ret == 0) 3270 ret = EINTR; 3271 td->td_dbgflags &= ~TDB_FSTP; 3272 } 3273 3274 return (ret); 3275} 3276 3277int 3278sig_intr(void) 3279{ 3280 struct thread *td; 3281 struct proc *p; 3282 int ret; 3283 3284 td = curthread; 3285 if ((td->td_flags & (TDF_NEEDSIGCHK | TDF_NEEDSUSPCHK)) == 0) 3286 return (0); 3287 3288 p = td->td_proc; 3289 3290 PROC_LOCK(p); 3291 ret = sig_ast_checksusp(td); 3292 if (ret == 0) 3293 ret = sig_ast_needsigchk(td); 3294 PROC_UNLOCK(p); 3295 return (ret); 3296} 3297 3298void 3299proc_wkilled(struct proc *p) 3300{ 3301 3302 PROC_LOCK_ASSERT(p, MA_OWNED); 3303 if ((p->p_flag & P_WKILLED) == 0) { 3304 p->p_flag |= P_WKILLED; 3305 /* 3306 * Notify swapper that there is a process to swap in. 3307 * The notification is racy, at worst it would take 10 3308 * seconds for the swapper process to notice. 3309 */ 3310 if ((p->p_flag & (P_INMEM | P_SWAPPINGIN)) == 0) 3311 wakeup(&proc0); 3312 } 3313} 3314 3315/* 3316 * Kill the current process for stated reason. 3317 */ 3318void 3319killproc(struct proc *p, const char *why) 3320{ 3321 3322 PROC_LOCK_ASSERT(p, MA_OWNED); 3323 CTR3(KTR_PROC, "killproc: proc %p (pid %d, %s)", p, p->p_pid, 3324 p->p_comm); 3325 log(LOG_ERR, "pid %d (%s), jid %d, uid %d, was killed: %s\n", 3326 p->p_pid, p->p_comm, p->p_ucred->cr_prison->pr_id, 3327 p->p_ucred->cr_uid, why); 3328 proc_wkilled(p); 3329 kern_psignal(p, SIGKILL); 3330} 3331 3332/* 3333 * Force the current process to exit with the specified signal, dumping core 3334 * if appropriate. We bypass the normal tests for masked and caught signals, 3335 * allowing unrecoverable failures to terminate the process without changing 3336 * signal state. Mark the accounting record with the signal termination. 3337 * If dumping core, save the signal number for the debugger. Calls exit and 3338 * does not return. 3339 */ 3340void 3341sigexit(struct thread *td, int sig) 3342{ 3343 struct proc *p = td->td_proc; 3344 3345 PROC_LOCK_ASSERT(p, MA_OWNED); 3346 p->p_acflag |= AXSIG; 3347 /* 3348 * We must be single-threading to generate a core dump. This 3349 * ensures that the registers in the core file are up-to-date. 3350 * Also, the ELF dump handler assumes that the thread list doesn't 3351 * change out from under it. 3352 * 3353 * XXX If another thread attempts to single-thread before us 3354 * (e.g. via fork()), we won't get a dump at all. 3355 */ 3356 if ((sigprop(sig) & SIGPROP_CORE) && 3357 thread_single(p, SINGLE_NO_EXIT) == 0) { 3358 p->p_sig = sig; 3359 /* 3360 * Log signals which would cause core dumps 3361 * (Log as LOG_INFO to appease those who don't want 3362 * these messages.) 3363 * XXX : Todo, as well as euid, write out ruid too 3364 * Note that coredump() drops proc lock. 3365 */ 3366 if (coredump(td) == 0) 3367 sig |= WCOREFLAG; 3368 if (kern_logsigexit) 3369 log(LOG_INFO, 3370 "pid %d (%s), jid %d, uid %d: exited on " 3371 "signal %d%s\n", p->p_pid, p->p_comm, 3372 p->p_ucred->cr_prison->pr_id, 3373 td->td_ucred->cr_uid, 3374 sig &~ WCOREFLAG, 3375 sig & WCOREFLAG ? " (core dumped)" : ""); 3376 } else 3377 PROC_UNLOCK(p); 3378 exit1(td, 0, sig); 3379 /* NOTREACHED */ 3380} 3381 3382/* 3383 * Send queued SIGCHLD to parent when child process's state 3384 * is changed. 3385 */ 3386static void 3387sigparent(struct proc *p, int reason, int status) 3388{ 3389 PROC_LOCK_ASSERT(p, MA_OWNED); 3390 PROC_LOCK_ASSERT(p->p_pptr, MA_OWNED); 3391 3392 if (p->p_ksi != NULL) { 3393 p->p_ksi->ksi_signo = SIGCHLD; 3394 p->p_ksi->ksi_code = reason; 3395 p->p_ksi->ksi_status = status; 3396 p->p_ksi->ksi_pid = p->p_pid; 3397 p->p_ksi->ksi_uid = p->p_ucred->cr_ruid; 3398 if (KSI_ONQ(p->p_ksi)) 3399 return; 3400 } 3401 pksignal(p->p_pptr, SIGCHLD, p->p_ksi); 3402} 3403 3404static void 3405childproc_jobstate(struct proc *p, int reason, int sig) 3406{ 3407 struct sigacts *ps; 3408 3409 PROC_LOCK_ASSERT(p, MA_OWNED); 3410 PROC_LOCK_ASSERT(p->p_pptr, MA_OWNED); 3411 3412 /* 3413 * Wake up parent sleeping in kern_wait(), also send 3414 * SIGCHLD to parent, but SIGCHLD does not guarantee 3415 * that parent will awake, because parent may masked 3416 * the signal. 3417 */ 3418 p->p_pptr->p_flag |= P_STATCHILD; 3419 wakeup(p->p_pptr); 3420 3421 ps = p->p_pptr->p_sigacts; 3422 mtx_lock(&ps->ps_mtx); 3423 if ((ps->ps_flag & PS_NOCLDSTOP) == 0) { 3424 mtx_unlock(&ps->ps_mtx); 3425 sigparent(p, reason, sig); 3426 } else 3427 mtx_unlock(&ps->ps_mtx); 3428} 3429 3430void 3431childproc_stopped(struct proc *p, int reason) 3432{ 3433 3434 childproc_jobstate(p, reason, p->p_xsig); 3435} 3436 3437void 3438childproc_continued(struct proc *p) 3439{ 3440 childproc_jobstate(p, CLD_CONTINUED, SIGCONT); 3441} 3442 3443void 3444childproc_exited(struct proc *p) 3445{ 3446 int reason, status; 3447 3448 if (WCOREDUMP(p->p_xsig)) { 3449 reason = CLD_DUMPED; 3450 status = WTERMSIG(p->p_xsig); 3451 } else if (WIFSIGNALED(p->p_xsig)) { 3452 reason = CLD_KILLED; 3453 status = WTERMSIG(p->p_xsig); 3454 } else { 3455 reason = CLD_EXITED; 3456 status = p->p_xexit; 3457 } 3458 /* 3459 * XXX avoid calling wakeup(p->p_pptr), the work is 3460 * done in exit1(). 3461 */ 3462 sigparent(p, reason, status); 3463} 3464 3465#define MAX_NUM_CORE_FILES 100000 3466#ifndef NUM_CORE_FILES 3467#define NUM_CORE_FILES 5 3468#endif 3469CTASSERT(NUM_CORE_FILES >= 0 && NUM_CORE_FILES <= MAX_NUM_CORE_FILES); 3470static int num_cores = NUM_CORE_FILES; 3471 3472static int 3473sysctl_debug_num_cores_check (SYSCTL_HANDLER_ARGS) 3474{ 3475 int error; 3476 int new_val; 3477 3478 new_val = num_cores; 3479 error = sysctl_handle_int(oidp, &new_val, 0, req); 3480 if (error != 0 || req->newptr == NULL) 3481 return (error); 3482 if (new_val > MAX_NUM_CORE_FILES) 3483 new_val = MAX_NUM_CORE_FILES; 3484 if (new_val < 0) 3485 new_val = 0; 3486 num_cores = new_val; 3487 return (0); 3488} 3489SYSCTL_PROC(_debug, OID_AUTO, ncores, 3490 CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, 0, sizeof(int), 3491 sysctl_debug_num_cores_check, "I", 3492 "Maximum number of generated process corefiles while using index format"); 3493 3494#define GZIP_SUFFIX ".gz" 3495#define ZSTD_SUFFIX ".zst" 3496 3497int compress_user_cores = 0; 3498 3499static int 3500sysctl_compress_user_cores(SYSCTL_HANDLER_ARGS) 3501{ 3502 int error, val; 3503 3504 val = compress_user_cores; 3505 error = sysctl_handle_int(oidp, &val, 0, req); 3506 if (error != 0 || req->newptr == NULL) 3507 return (error); 3508 if (val != 0 && !compressor_avail(val)) 3509 return (EINVAL); 3510 compress_user_cores = val; 3511 return (error); 3512} 3513SYSCTL_PROC(_kern, OID_AUTO, compress_user_cores, 3514 CTLTYPE_INT | CTLFLAG_RWTUN | CTLFLAG_NEEDGIANT, 0, sizeof(int), 3515 sysctl_compress_user_cores, "I", 3516 "Enable compression of user corefiles (" 3517 __XSTRING(COMPRESS_GZIP) " = gzip, " 3518 __XSTRING(COMPRESS_ZSTD) " = zstd)"); 3519 3520int compress_user_cores_level = 6; 3521SYSCTL_INT(_kern, OID_AUTO, compress_user_cores_level, CTLFLAG_RWTUN, 3522 &compress_user_cores_level, 0, 3523 "Corefile compression level"); 3524 3525/* 3526 * Protect the access to corefilename[] by allproc_lock. 3527 */ 3528#define corefilename_lock allproc_lock 3529 3530static char corefilename[MAXPATHLEN] = {"%N.core"}; 3531TUNABLE_STR("kern.corefile", corefilename, sizeof(corefilename)); 3532 3533static int 3534sysctl_kern_corefile(SYSCTL_HANDLER_ARGS) 3535{ 3536 int error; 3537 3538 sx_xlock(&corefilename_lock); 3539 error = sysctl_handle_string(oidp, corefilename, sizeof(corefilename), 3540 req); 3541 sx_xunlock(&corefilename_lock); 3542 3543 return (error); 3544} 3545SYSCTL_PROC(_kern, OID_AUTO, corefile, CTLTYPE_STRING | CTLFLAG_RW | 3546 CTLFLAG_MPSAFE, 0, 0, sysctl_kern_corefile, "A", 3547 "Process corefile name format string"); 3548 3549static void 3550vnode_close_locked(struct thread *td, struct vnode *vp) 3551{ 3552 3553 VOP_UNLOCK(vp); 3554 vn_close(vp, FWRITE, td->td_ucred, td); 3555} 3556 3557/* 3558 * If the core format has a %I in it, then we need to check 3559 * for existing corefiles before defining a name. 3560 * To do this we iterate over 0..ncores to find a 3561 * non-existing core file name to use. If all core files are 3562 * already used we choose the oldest one. 3563 */ 3564static int 3565corefile_open_last(struct thread *td, char *name, int indexpos, 3566 int indexlen, int ncores, struct vnode **vpp) 3567{ 3568 struct vnode *oldvp, *nextvp, *vp; 3569 struct vattr vattr; 3570 struct nameidata nd; 3571 int error, i, flags, oflags, cmode; 3572 char ch; 3573 struct timespec lasttime; 3574 3575 nextvp = oldvp = NULL; 3576 cmode = S_IRUSR | S_IWUSR; 3577 oflags = VN_OPEN_NOAUDIT | VN_OPEN_NAMECACHE | 3578 (capmode_coredump ? VN_OPEN_NOCAPCHECK : 0); 3579 3580 for (i = 0; i < ncores; i++) { 3581 flags = O_CREAT | FWRITE | O_NOFOLLOW; 3582 3583 ch = name[indexpos + indexlen]; 3584 (void)snprintf(name + indexpos, indexlen + 1, "%.*u", indexlen, 3585 i); 3586 name[indexpos + indexlen] = ch; 3587 3588 NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, td); 3589 error = vn_open_cred(&nd, &flags, cmode, oflags, td->td_ucred, 3590 NULL); 3591 if (error != 0) 3592 break; 3593 3594 vp = nd.ni_vp; 3595 NDFREE(&nd, NDF_ONLY_PNBUF); 3596 if ((flags & O_CREAT) == O_CREAT) { 3597 nextvp = vp; 3598 break; 3599 } 3600 3601 error = VOP_GETATTR(vp, &vattr, td->td_ucred); 3602 if (error != 0) { 3603 vnode_close_locked(td, vp); 3604 break; 3605 } 3606 3607 if (oldvp == NULL || 3608 lasttime.tv_sec > vattr.va_mtime.tv_sec || 3609 (lasttime.tv_sec == vattr.va_mtime.tv_sec && 3610 lasttime.tv_nsec >= vattr.va_mtime.tv_nsec)) { 3611 if (oldvp != NULL) 3612 vn_close(oldvp, FWRITE, td->td_ucred, td); 3613 oldvp = vp; 3614 VOP_UNLOCK(oldvp); 3615 lasttime = vattr.va_mtime; 3616 } else { 3617 vnode_close_locked(td, vp); 3618 } 3619 } 3620 3621 if (oldvp != NULL) { 3622 if (nextvp == NULL) { 3623 if ((td->td_proc->p_flag & P_SUGID) != 0) { 3624 error = EFAULT; 3625 vn_close(oldvp, FWRITE, td->td_ucred, td); 3626 } else { 3627 nextvp = oldvp; 3628 error = vn_lock(nextvp, LK_EXCLUSIVE); 3629 if (error != 0) { 3630 vn_close(nextvp, FWRITE, td->td_ucred, 3631 td); 3632 nextvp = NULL; 3633 } 3634 } 3635 } else { 3636 vn_close(oldvp, FWRITE, td->td_ucred, td); 3637 } 3638 } 3639 if (error != 0) { 3640 if (nextvp != NULL) 3641 vnode_close_locked(td, oldvp); 3642 } else { 3643 *vpp = nextvp; 3644 } 3645 3646 return (error); 3647} 3648 3649/* 3650 * corefile_open(comm, uid, pid, td, compress, vpp, namep) 3651 * Expand the name described in corefilename, using name, uid, and pid 3652 * and open/create core file. 3653 * corefilename is a printf-like string, with three format specifiers: 3654 * %N name of process ("name") 3655 * %P process id (pid) 3656 * %U user id (uid) 3657 * For example, "%N.core" is the default; they can be disabled completely 3658 * by using "/dev/null", or all core files can be stored in "/cores/%U/%N-%P". 3659 * This is controlled by the sysctl variable kern.corefile (see above). 3660 */ 3661static int 3662corefile_open(const char *comm, uid_t uid, pid_t pid, struct thread *td, 3663 int compress, int signum, struct vnode **vpp, char **namep) 3664{ 3665 struct sbuf sb; 3666 struct nameidata nd; 3667 const char *format; 3668 char *hostname, *name; 3669 int cmode, error, flags, i, indexpos, indexlen, oflags, ncores; 3670 3671 hostname = NULL; 3672 format = corefilename; 3673 name = malloc(MAXPATHLEN, M_TEMP, M_WAITOK | M_ZERO); 3674 indexlen = 0; 3675 indexpos = -1; 3676 ncores = num_cores; 3677 (void)sbuf_new(&sb, name, MAXPATHLEN, SBUF_FIXEDLEN); 3678 sx_slock(&corefilename_lock); 3679 for (i = 0; format[i] != '\0'; i++) { 3680 switch (format[i]) { 3681 case '%': /* Format character */ 3682 i++; 3683 switch (format[i]) { 3684 case '%': 3685 sbuf_putc(&sb, '%'); 3686 break; 3687 case 'H': /* hostname */ 3688 if (hostname == NULL) { 3689 hostname = malloc(MAXHOSTNAMELEN, 3690 M_TEMP, M_WAITOK); 3691 } 3692 getcredhostname(td->td_ucred, hostname, 3693 MAXHOSTNAMELEN); 3694 sbuf_printf(&sb, "%s", hostname); 3695 break; 3696 case 'I': /* autoincrementing index */ 3697 if (indexpos != -1) { 3698 sbuf_printf(&sb, "%%I"); 3699 break; 3700 } 3701 3702 indexpos = sbuf_len(&sb); 3703 sbuf_printf(&sb, "%u", ncores - 1); 3704 indexlen = sbuf_len(&sb) - indexpos; 3705 break; 3706 case 'N': /* process name */ 3707 sbuf_printf(&sb, "%s", comm); 3708 break; 3709 case 'P': /* process id */ 3710 sbuf_printf(&sb, "%u", pid); 3711 break; 3712 case 'S': /* signal number */ 3713 sbuf_printf(&sb, "%i", signum); 3714 break; 3715 case 'U': /* user id */ 3716 sbuf_printf(&sb, "%u", uid); 3717 break; 3718 default: 3719 log(LOG_ERR, 3720 "Unknown format character %c in " 3721 "corename `%s'\n", format[i], format); 3722 break; 3723 } 3724 break; 3725 default: 3726 sbuf_putc(&sb, format[i]); 3727 break; 3728 } 3729 } 3730 sx_sunlock(&corefilename_lock); 3731 free(hostname, M_TEMP); 3732 if (compress == COMPRESS_GZIP) 3733 sbuf_printf(&sb, GZIP_SUFFIX); 3734 else if (compress == COMPRESS_ZSTD) 3735 sbuf_printf(&sb, ZSTD_SUFFIX); 3736 if (sbuf_error(&sb) != 0) { 3737 log(LOG_ERR, "pid %ld (%s), uid (%lu): corename is too " 3738 "long\n", (long)pid, comm, (u_long)uid); 3739 sbuf_delete(&sb); 3740 free(name, M_TEMP); 3741 return (ENOMEM); 3742 } 3743 sbuf_finish(&sb); 3744 sbuf_delete(&sb); 3745 3746 if (indexpos != -1) { 3747 error = corefile_open_last(td, name, indexpos, indexlen, ncores, 3748 vpp); 3749 if (error != 0) { 3750 log(LOG_ERR, 3751 "pid %d (%s), uid (%u): Path `%s' failed " 3752 "on initial open test, error = %d\n", 3753 pid, comm, uid, name, error); 3754 } 3755 } else { 3756 cmode = S_IRUSR | S_IWUSR; 3757 oflags = VN_OPEN_NOAUDIT | VN_OPEN_NAMECACHE | 3758 (capmode_coredump ? VN_OPEN_NOCAPCHECK : 0); 3759 flags = O_CREAT | FWRITE | O_NOFOLLOW; 3760 if ((td->td_proc->p_flag & P_SUGID) != 0) 3761 flags |= O_EXCL; 3762 3763 NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, td); 3764 error = vn_open_cred(&nd, &flags, cmode, oflags, td->td_ucred, 3765 NULL); 3766 if (error == 0) { 3767 *vpp = nd.ni_vp; 3768 NDFREE(&nd, NDF_ONLY_PNBUF); 3769 } 3770 } 3771 3772 if (error != 0) { 3773#ifdef AUDIT 3774 audit_proc_coredump(td, name, error); 3775#endif 3776 free(name, M_TEMP); 3777 return (error); 3778 } 3779 *namep = name; 3780 return (0); 3781} 3782 3783/* 3784 * Dump a process' core. The main routine does some 3785 * policy checking, and creates the name of the coredump; 3786 * then it passes on a vnode and a size limit to the process-specific 3787 * coredump routine if there is one; if there _is not_ one, it returns 3788 * ENOSYS; otherwise it returns the error from the process-specific routine. 3789 */ 3790 3791static int 3792coredump(struct thread *td) 3793{ 3794 struct proc *p = td->td_proc; 3795 struct ucred *cred = td->td_ucred; 3796 struct vnode *vp; 3797 struct flock lf; 3798 struct vattr vattr; 3799 size_t fullpathsize; 3800 int error, error1, locked; 3801 char *name; /* name of corefile */ 3802 void *rl_cookie; 3803 off_t limit; 3804 char *fullpath, *freepath = NULL; 3805 struct sbuf *sb; 3806 3807 PROC_LOCK_ASSERT(p, MA_OWNED); 3808 MPASS((p->p_flag & P_HADTHREADS) == 0 || p->p_singlethread == td); 3809 3810 if (!do_coredump || (!sugid_coredump && (p->p_flag & P_SUGID) != 0) || 3811 (p->p_flag2 & P2_NOTRACE) != 0) { 3812 PROC_UNLOCK(p); 3813 return (EFAULT); 3814 } 3815 3816 /* 3817 * Note that the bulk of limit checking is done after 3818 * the corefile is created. The exception is if the limit 3819 * for corefiles is 0, in which case we don't bother 3820 * creating the corefile at all. This layout means that 3821 * a corefile is truncated instead of not being created, 3822 * if it is larger than the limit. 3823 */ 3824 limit = (off_t)lim_cur(td, RLIMIT_CORE); 3825 if (limit == 0 || racct_get_available(p, RACCT_CORE) == 0) { 3826 PROC_UNLOCK(p); 3827 return (EFBIG); 3828 } 3829 PROC_UNLOCK(p); 3830 3831 error = corefile_open(p->p_comm, cred->cr_uid, p->p_pid, td, 3832 compress_user_cores, p->p_sig, &vp, &name); 3833 if (error != 0) 3834 return (error); 3835 3836 /* 3837 * Don't dump to non-regular files or files with links. 3838 * Do not dump into system files. Effective user must own the corefile. 3839 */ 3840 if (vp->v_type != VREG || VOP_GETATTR(vp, &vattr, cred) != 0 || 3841 vattr.va_nlink != 1 || (vp->v_vflag & VV_SYSTEM) != 0 || 3842 vattr.va_uid != cred->cr_uid) { 3843 VOP_UNLOCK(vp); 3844 error = EFAULT; 3845 goto out; 3846 } 3847 3848 VOP_UNLOCK(vp); 3849 3850 /* Postpone other writers, including core dumps of other processes. */ 3851 rl_cookie = vn_rangelock_wlock(vp, 0, OFF_MAX); 3852 3853 lf.l_whence = SEEK_SET; 3854 lf.l_start = 0; 3855 lf.l_len = 0; 3856 lf.l_type = F_WRLCK; 3857 locked = (VOP_ADVLOCK(vp, (caddr_t)p, F_SETLK, &lf, F_FLOCK) == 0); 3858 3859 VATTR_NULL(&vattr); 3860 vattr.va_size = 0; 3861 if (set_core_nodump_flag) 3862 vattr.va_flags = UF_NODUMP; 3863 vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); 3864 VOP_SETATTR(vp, &vattr, cred); 3865 VOP_UNLOCK(vp); 3866 PROC_LOCK(p); 3867 p->p_acflag |= ACORE; 3868 PROC_UNLOCK(p); 3869 3870 if (p->p_sysent->sv_coredump != NULL) { 3871 error = p->p_sysent->sv_coredump(td, vp, limit, 0); 3872 } else { 3873 error = ENOSYS; 3874 } 3875 3876 if (locked) { 3877 lf.l_type = F_UNLCK; 3878 VOP_ADVLOCK(vp, (caddr_t)p, F_UNLCK, &lf, F_FLOCK); 3879 } 3880 vn_rangelock_unlock(vp, rl_cookie); 3881 3882 /* 3883 * Notify the userland helper that a process triggered a core dump. 3884 * This allows the helper to run an automated debugging session. 3885 */ 3886 if (error != 0 || coredump_devctl == 0) 3887 goto out; 3888 sb = sbuf_new_auto(); 3889 if (vn_fullpath_global(p->p_textvp, &fullpath, &freepath) != 0) 3890 goto out2; 3891 sbuf_printf(sb, "comm=\""); 3892 devctl_safe_quote_sb(sb, fullpath); 3893 free(freepath, M_TEMP); 3894 sbuf_printf(sb, "\" core=\""); 3895 3896 /* 3897 * We can't lookup core file vp directly. When we're replacing a core, and 3898 * other random times, we flush the name cache, so it will fail. Instead, 3899 * if the path of the core is relative, add the current dir in front if it. 3900 */ 3901 if (name[0] != '/') { 3902 fullpathsize = MAXPATHLEN; 3903 freepath = malloc(fullpathsize, M_TEMP, M_WAITOK); 3904 if (vn_getcwd(freepath, &fullpath, &fullpathsize) != 0) { 3905 free(freepath, M_TEMP); 3906 goto out2; 3907 } 3908 devctl_safe_quote_sb(sb, fullpath); 3909 free(freepath, M_TEMP); 3910 sbuf_putc(sb, '/'); 3911 } 3912 devctl_safe_quote_sb(sb, name); 3913 sbuf_printf(sb, "\""); 3914 if (sbuf_finish(sb) == 0) 3915 devctl_notify("kernel", "signal", "coredump", sbuf_data(sb)); 3916out2: 3917 sbuf_delete(sb); 3918out: 3919 error1 = vn_close(vp, FWRITE, cred, td); 3920 if (error == 0) 3921 error = error1; 3922#ifdef AUDIT 3923 audit_proc_coredump(td, name, error); 3924#endif 3925 free(name, M_TEMP); 3926 return (error); 3927} 3928 3929/* 3930 * Nonexistent system call-- signal process (may want to handle it). Flag 3931 * error in case process won't see signal immediately (blocked or ignored). 3932 */ 3933#ifndef _SYS_SYSPROTO_H_ 3934struct nosys_args { 3935 int dummy; 3936}; 3937#endif 3938/* ARGSUSED */ 3939int 3940nosys(struct thread *td, struct nosys_args *args) 3941{ 3942 struct proc *p; 3943 3944 p = td->td_proc; 3945 3946 PROC_LOCK(p); 3947 tdsignal(td, SIGSYS); 3948 PROC_UNLOCK(p); 3949 if (kern_lognosys == 1 || kern_lognosys == 3) { 3950 uprintf("pid %d comm %s: nosys %d\n", p->p_pid, p->p_comm, 3951 td->td_sa.code); 3952 } 3953 if (kern_lognosys == 2 || kern_lognosys == 3 || 3954 (p->p_pid == 1 && (kern_lognosys & 3) == 0)) { 3955 printf("pid %d comm %s: nosys %d\n", p->p_pid, p->p_comm, 3956 td->td_sa.code); 3957 } 3958 return (ENOSYS); 3959} 3960 3961/* 3962 * Send a SIGIO or SIGURG signal to a process or process group using stored 3963 * credentials rather than those of the current process. 3964 */ 3965void 3966pgsigio(struct sigio **sigiop, int sig, int checkctty) 3967{ 3968 ksiginfo_t ksi; 3969 struct sigio *sigio; 3970 3971 ksiginfo_init(&ksi); 3972 ksi.ksi_signo = sig; 3973 ksi.ksi_code = SI_KERNEL; 3974 3975 SIGIO_LOCK(); 3976 sigio = *sigiop; 3977 if (sigio == NULL) { 3978 SIGIO_UNLOCK(); 3979 return; 3980 } 3981 if (sigio->sio_pgid > 0) { 3982 PROC_LOCK(sigio->sio_proc); 3983 if (CANSIGIO(sigio->sio_ucred, sigio->sio_proc->p_ucred)) 3984 kern_psignal(sigio->sio_proc, sig); 3985 PROC_UNLOCK(sigio->sio_proc); 3986 } else if (sigio->sio_pgid < 0) { 3987 struct proc *p; 3988 3989 PGRP_LOCK(sigio->sio_pgrp); 3990 LIST_FOREACH(p, &sigio->sio_pgrp->pg_members, p_pglist) { 3991 PROC_LOCK(p); 3992 if (p->p_state == PRS_NORMAL && 3993 CANSIGIO(sigio->sio_ucred, p->p_ucred) && 3994 (checkctty == 0 || (p->p_flag & P_CONTROLT))) 3995 kern_psignal(p, sig); 3996 PROC_UNLOCK(p); 3997 } 3998 PGRP_UNLOCK(sigio->sio_pgrp); 3999 } 4000 SIGIO_UNLOCK(); 4001} 4002 4003static int 4004filt_sigattach(struct knote *kn) 4005{ 4006 struct proc *p = curproc; 4007 4008 kn->kn_ptr.p_proc = p; 4009 kn->kn_flags |= EV_CLEAR; /* automatically set */ 4010 4011 knlist_add(p->p_klist, kn, 0); 4012 4013 return (0); 4014} 4015 4016static void 4017filt_sigdetach(struct knote *kn) 4018{ 4019 struct proc *p = kn->kn_ptr.p_proc; 4020 4021 knlist_remove(p->p_klist, kn, 0); 4022} 4023 4024/* 4025 * signal knotes are shared with proc knotes, so we apply a mask to 4026 * the hint in order to differentiate them from process hints. This 4027 * could be avoided by using a signal-specific knote list, but probably 4028 * isn't worth the trouble. 4029 */ 4030static int 4031filt_signal(struct knote *kn, long hint) 4032{ 4033 4034 if (hint & NOTE_SIGNAL) { 4035 hint &= ~NOTE_SIGNAL; 4036 4037 if (kn->kn_id == hint) 4038 kn->kn_data++; 4039 } 4040 return (kn->kn_data != 0); 4041} 4042 4043struct sigacts * 4044sigacts_alloc(void) 4045{ 4046 struct sigacts *ps; 4047 4048 ps = malloc(sizeof(struct sigacts), M_SUBPROC, M_WAITOK | M_ZERO); 4049 refcount_init(&ps->ps_refcnt, 1); 4050 mtx_init(&ps->ps_mtx, "sigacts", NULL, MTX_DEF); 4051 return (ps); 4052} 4053 4054void 4055sigacts_free(struct sigacts *ps) 4056{ 4057 4058 if (refcount_release(&ps->ps_refcnt) == 0) 4059 return; 4060 mtx_destroy(&ps->ps_mtx); 4061 free(ps, M_SUBPROC); 4062} 4063 4064struct sigacts * 4065sigacts_hold(struct sigacts *ps) 4066{ 4067 4068 refcount_acquire(&ps->ps_refcnt); 4069 return (ps); 4070} 4071 4072void 4073sigacts_copy(struct sigacts *dest, struct sigacts *src) 4074{ 4075 4076 KASSERT(dest->ps_refcnt == 1, ("sigacts_copy to shared dest")); 4077 mtx_lock(&src->ps_mtx); 4078 bcopy(src, dest, offsetof(struct sigacts, ps_refcnt)); 4079 mtx_unlock(&src->ps_mtx); 4080} 4081 4082int 4083sigacts_shared(struct sigacts *ps) 4084{ 4085 4086 return (ps->ps_refcnt > 1); 4087} 4088 4089void 4090sig_drop_caught(struct proc *p) 4091{ 4092 int sig; 4093 struct sigacts *ps; 4094 4095 ps = p->p_sigacts; 4096 PROC_LOCK_ASSERT(p, MA_OWNED); 4097 mtx_assert(&ps->ps_mtx, MA_OWNED); 4098 while (SIGNOTEMPTY(ps->ps_sigcatch)) { 4099 sig = sig_ffs(&ps->ps_sigcatch); 4100 sigdflt(ps, sig); 4101 if ((sigprop(sig) & SIGPROP_IGNORE) != 0) 4102 sigqueue_delete_proc(p, sig); 4103 } 4104} 4105 4106static void 4107sigfastblock_failed(struct thread *td, bool sendsig, bool write) 4108{ 4109 ksiginfo_t ksi; 4110 4111 /* 4112 * Prevent further fetches and SIGSEGVs, allowing thread to 4113 * issue syscalls despite corruption. 4114 */ 4115 sigfastblock_clear(td); 4116 4117 if (!sendsig) 4118 return; 4119 ksiginfo_init_trap(&ksi); 4120 ksi.ksi_signo = SIGSEGV; 4121 ksi.ksi_code = write ? SEGV_ACCERR : SEGV_MAPERR; 4122 ksi.ksi_addr = td->td_sigblock_ptr; 4123 trapsignal(td, &ksi); 4124} 4125 4126static bool 4127sigfastblock_fetch_sig(struct thread *td, bool sendsig, uint32_t *valp) 4128{ 4129 uint32_t res; 4130 4131 if ((td->td_pflags & TDP_SIGFASTBLOCK) == 0) 4132 return (true); 4133 if (fueword32((void *)td->td_sigblock_ptr, &res) == -1) { 4134 sigfastblock_failed(td, sendsig, false); 4135 return (false); 4136 } 4137 *valp = res; 4138 td->td_sigblock_val = res & ~SIGFASTBLOCK_FLAGS; 4139 return (true); 4140} 4141 4142static void 4143sigfastblock_resched(struct thread *td, bool resched) 4144{ 4145 struct proc *p; 4146 4147 if (resched) { 4148 p = td->td_proc; 4149 PROC_LOCK(p); 4150 reschedule_signals(p, td->td_sigmask, 0); 4151 PROC_UNLOCK(p); 4152 } 4153 thread_lock(td); 4154 td->td_flags |= TDF_ASTPENDING | TDF_NEEDSIGCHK; 4155 thread_unlock(td); 4156} 4157 4158int 4159sys_sigfastblock(struct thread *td, struct sigfastblock_args *uap) 4160{ 4161 struct proc *p; 4162 int error, res; 4163 uint32_t oldval; 4164 4165 error = 0; 4166 p = td->td_proc; 4167 switch (uap->cmd) { 4168 case SIGFASTBLOCK_SETPTR: 4169 if ((td->td_pflags & TDP_SIGFASTBLOCK) != 0) { 4170 error = EBUSY; 4171 break; 4172 } 4173 if (((uintptr_t)(uap->ptr) & (sizeof(uint32_t) - 1)) != 0) { 4174 error = EINVAL; 4175 break; 4176 } 4177 td->td_pflags |= TDP_SIGFASTBLOCK; 4178 td->td_sigblock_ptr = uap->ptr; 4179 break; 4180 4181 case SIGFASTBLOCK_UNBLOCK: 4182 if ((td->td_pflags & TDP_SIGFASTBLOCK) == 0) { 4183 error = EINVAL; 4184 break; 4185 } 4186 4187 for (;;) { 4188 res = casueword32(td->td_sigblock_ptr, 4189 SIGFASTBLOCK_PEND, &oldval, 0); 4190 if (res == -1) { 4191 error = EFAULT; 4192 sigfastblock_failed(td, false, true); 4193 break; 4194 } 4195 if (res == 0) 4196 break; 4197 MPASS(res == 1); 4198 if (oldval != SIGFASTBLOCK_PEND) { 4199 error = EBUSY; 4200 break; 4201 } 4202 error = thread_check_susp(td, false); 4203 if (error != 0) 4204 break; 4205 } 4206 if (error != 0) 4207 break; 4208 4209 /* 4210 * td_sigblock_val is cleared there, but not on a 4211 * syscall exit. The end effect is that a single 4212 * interruptible sleep, while user sigblock word is 4213 * set, might return EINTR or ERESTART to usermode 4214 * without delivering signal. All further sleeps, 4215 * until userspace clears the word and does 4216 * sigfastblock(UNBLOCK), observe current word and no 4217 * longer get interrupted. It is slight 4218 * non-conformance, with alternative to have read the 4219 * sigblock word on each syscall entry. 4220 */ 4221 td->td_sigblock_val = 0; 4222 4223 /* 4224 * Rely on normal ast mechanism to deliver pending 4225 * signals to current thread. But notify others about 4226 * fake unblock. 4227 */ 4228 sigfastblock_resched(td, error == 0 && p->p_numthreads != 1); 4229 4230 break; 4231 4232 case SIGFASTBLOCK_UNSETPTR: 4233 if ((td->td_pflags & TDP_SIGFASTBLOCK) == 0) { 4234 error = EINVAL; 4235 break; 4236 } 4237 if (!sigfastblock_fetch_sig(td, false, &oldval)) { 4238 error = EFAULT; 4239 break; 4240 } 4241 if (oldval != 0 && oldval != SIGFASTBLOCK_PEND) { 4242 error = EBUSY; 4243 break; 4244 } 4245 sigfastblock_clear(td); 4246 break; 4247 4248 default: 4249 error = EINVAL; 4250 break; 4251 } 4252 return (error); 4253} 4254 4255void 4256sigfastblock_clear(struct thread *td) 4257{ 4258 bool resched; 4259 4260 if ((td->td_pflags & TDP_SIGFASTBLOCK) == 0) 4261 return; 4262 td->td_sigblock_val = 0; 4263 resched = (td->td_pflags & TDP_SIGFASTPENDING) != 0 || 4264 SIGPENDING(td); 4265 td->td_pflags &= ~(TDP_SIGFASTBLOCK | TDP_SIGFASTPENDING); 4266 sigfastblock_resched(td, resched); 4267} 4268 4269void 4270sigfastblock_fetch(struct thread *td) 4271{ 4272 uint32_t val; 4273 4274 (void)sigfastblock_fetch_sig(td, true, &val); 4275} 4276 4277static void 4278sigfastblock_setpend1(struct thread *td) 4279{ 4280 int res; 4281 uint32_t oldval; 4282 4283 if ((td->td_pflags & TDP_SIGFASTPENDING) == 0) 4284 return; 4285 res = fueword32((void *)td->td_sigblock_ptr, &oldval); 4286 if (res == -1) { 4287 sigfastblock_failed(td, true, false); 4288 return; 4289 } 4290 for (;;) { 4291 res = casueword32(td->td_sigblock_ptr, oldval, &oldval, 4292 oldval | SIGFASTBLOCK_PEND); 4293 if (res == -1) { 4294 sigfastblock_failed(td, true, true); 4295 return; 4296 } 4297 if (res == 0) { 4298 td->td_sigblock_val = oldval & ~SIGFASTBLOCK_FLAGS; 4299 td->td_pflags &= ~TDP_SIGFASTPENDING; 4300 break; 4301 } 4302 MPASS(res == 1); 4303 if (thread_check_susp(td, false) != 0) 4304 break; 4305 } 4306} 4307 4308void 4309sigfastblock_setpend(struct thread *td, bool resched) 4310{ 4311 struct proc *p; 4312 4313 sigfastblock_setpend1(td); 4314 if (resched) { 4315 p = td->td_proc; 4316 PROC_LOCK(p); 4317 reschedule_signals(p, fastblock_mask, SIGPROCMASK_FASTBLK); 4318 PROC_UNLOCK(p); 4319 } 4320} 4321