| 1 | /* |
| 2 | * Copyright (c) 1989, 1993 |
| 3 | * The Regents of the University of California. All rights reserved. |
| 4 | * |
| 5 | * Redistribution and use in source and binary forms, with or without |
| 6 | * modification, are permitted provided that the following conditions |
| 7 | * are met: |
| 8 | * 1. Redistributions of source code must retain the above copyright |
| 9 | * notice, this list of conditions and the following disclaimer. |
| 10 | * 2. Redistributions in binary form must reproduce the above copyright |
| 11 | * notice, this list of conditions and the following disclaimer in the |
| 12 | * documentation and/or other materials provided with the distribution. |
| 13 | * 3. All advertising materials mentioning features or use of this software |
| 14 | * must display the following acknowledgement: |
| 15 | * This product includes software developed by the University of |
| 16 | * California, Berkeley and its contributors. |
| 17 | * 4. Neither the name of the University nor the names of its contributors |
| 18 | * may be used to endorse or promote products derived from this software |
| 19 | * without specific prior written permission. |
| 20 | * |
| 21 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
| 22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
| 25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 31 | * SUCH DAMAGE. |
| 32 | * |
| 33 | * @(#)kern_ktrace.c 8.2 (Berkeley) 9/23/93 |
| 34 | * $FreeBSD: src/sys/kern/kern_ktrace.c,v 1.35.2.6 2002/07/05 22:36:38 darrenr Exp $ |
| 35 | * $DragonFly: src/sys/kern/kern_ktrace.c,v 1.30 2008/04/14 12:01:50 dillon Exp $ |
| 36 | */ |
| 37 | |
| 38 | #include "opt_ktrace.h" |
| 39 | |
| 40 | #include <sys/param.h> |
| 41 | #include <sys/systm.h> |
| 42 | #include <sys/sysproto.h> |
| 43 | #include <sys/kernel.h> |
| 44 | #include <sys/proc.h> |
| 45 | #include <sys/fcntl.h> |
| 46 | #include <sys/lock.h> |
| 47 | #include <sys/nlookup.h> |
| 48 | #include <sys/vnode.h> |
| 49 | #include <sys/ktrace.h> |
| 50 | #include <sys/malloc.h> |
| 51 | #include <sys/syslog.h> |
| 52 | #include <sys/sysent.h> |
| 53 | |
| 54 | #include <vm/vm_zone.h> |
| 55 | static MALLOC_DEFINE(M_KTRACE, "KTRACE", "KTRACE"); |
| 56 | |
| 57 | #ifdef KTRACE |
| 58 | static struct ktr_header *ktrgetheader (int type); |
| 59 | static void ktrwrite (struct lwp *, struct ktr_header *, struct uio *); |
| 60 | static int ktrcanset (struct thread *,struct proc *); |
| 61 | static int ktrsetchildren (struct thread *,struct proc *,int,int, ktrace_node_t); |
| 62 | static int ktrops (struct thread *,struct proc *,int,int, ktrace_node_t); |
| 63 | |
| 64 | /* |
| 65 | * MPSAFE |
| 66 | */ |
| 67 | static struct ktr_header * |
| 68 | ktrgetheader(int type) |
| 69 | { |
| 70 | struct ktr_header *kth; |
| 71 | struct proc *p = curproc; /* XXX */ |
| 72 | struct lwp *lp = curthread->td_lwp; |
| 73 | |
| 74 | MALLOC(kth, struct ktr_header *, sizeof (struct ktr_header), |
| 75 | M_KTRACE, M_WAITOK); |
| 76 | kth->ktr_type = type; |
| 77 | /* XXX threaded flag is a hack at the moment */ |
| 78 | kth->ktr_flags = (p->p_nthreads > 1) ? KTRH_THREADED : 0; |
| 79 | microtime(&kth->ktr_time); |
| 80 | kth->ktr_pid = p->p_pid; |
| 81 | kth->ktr_tid = lp->lwp_tid; |
| 82 | bcopy(p->p_comm, kth->ktr_comm, MAXCOMLEN + 1); |
| 83 | return (kth); |
| 84 | } |
| 85 | |
| 86 | void |
| 87 | ktrsyscall(struct lwp *lp, int code, int narg, register_t args[]) |
| 88 | { |
| 89 | struct ktr_header *kth; |
| 90 | struct ktr_syscall *ktp; |
| 91 | int len; |
| 92 | register_t *argp; |
| 93 | int i; |
| 94 | |
| 95 | len = offsetof(struct ktr_syscall, ktr_args) + |
| 96 | (narg * sizeof(register_t)); |
| 97 | |
| 98 | /* |
| 99 | * Setting the active bit prevents a ktrace recursion from the |
| 100 | * ktracing op itself. |
| 101 | */ |
| 102 | lp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 103 | kth = ktrgetheader(KTR_SYSCALL); |
| 104 | MALLOC(ktp, struct ktr_syscall *, len, M_KTRACE, M_WAITOK); |
| 105 | ktp->ktr_code = code; |
| 106 | ktp->ktr_narg = narg; |
| 107 | argp = &ktp->ktr_args[0]; |
| 108 | for (i = 0; i < narg; i++) |
| 109 | *argp++ = args[i]; |
| 110 | kth->ktr_buf = (caddr_t)ktp; |
| 111 | kth->ktr_len = len; |
| 112 | ktrwrite(lp, kth, NULL); |
| 113 | FREE(ktp, M_KTRACE); |
| 114 | FREE(kth, M_KTRACE); |
| 115 | lp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 116 | } |
| 117 | |
| 118 | void |
| 119 | ktrsysret(struct lwp *lp, int code, int error, register_t retval) |
| 120 | { |
| 121 | struct ktr_header *kth; |
| 122 | struct ktr_sysret ktp; |
| 123 | |
| 124 | lp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 125 | kth = ktrgetheader(KTR_SYSRET); |
| 126 | ktp.ktr_code = code; |
| 127 | ktp.ktr_error = error; |
| 128 | ktp.ktr_retval = retval; /* what about val2 ? */ |
| 129 | |
| 130 | kth->ktr_buf = (caddr_t)&ktp; |
| 131 | kth->ktr_len = sizeof(struct ktr_sysret); |
| 132 | |
| 133 | ktrwrite(lp, kth, NULL); |
| 134 | FREE(kth, M_KTRACE); |
| 135 | lp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 136 | } |
| 137 | |
| 138 | void |
| 139 | ktrnamei(struct lwp *lp, char *path) |
| 140 | { |
| 141 | struct ktr_header *kth; |
| 142 | |
| 143 | lp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 144 | kth = ktrgetheader(KTR_NAMEI); |
| 145 | kth->ktr_len = strlen(path); |
| 146 | kth->ktr_buf = path; |
| 147 | |
| 148 | ktrwrite(lp, kth, NULL); |
| 149 | FREE(kth, M_KTRACE); |
| 150 | lp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 151 | } |
| 152 | |
| 153 | void |
| 154 | ktrgenio(struct lwp *lp, int fd, enum uio_rw rw, struct uio *uio, int error) |
| 155 | { |
| 156 | struct ktr_header *kth; |
| 157 | struct ktr_genio ktg; |
| 158 | |
| 159 | if (error) |
| 160 | return; |
| 161 | lp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 162 | kth = ktrgetheader(KTR_GENIO); |
| 163 | ktg.ktr_fd = fd; |
| 164 | ktg.ktr_rw = rw; |
| 165 | kth->ktr_buf = (caddr_t)&ktg; |
| 166 | kth->ktr_len = sizeof(struct ktr_genio); |
| 167 | uio->uio_offset = 0; |
| 168 | uio->uio_rw = UIO_WRITE; |
| 169 | |
| 170 | ktrwrite(lp, kth, uio); |
| 171 | FREE(kth, M_KTRACE); |
| 172 | lp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 173 | } |
| 174 | |
| 175 | void |
| 176 | ktrpsig(struct lwp *lp, int sig, sig_t action, sigset_t *mask, int code) |
| 177 | { |
| 178 | struct ktr_header *kth; |
| 179 | struct ktr_psig kp; |
| 180 | |
| 181 | lp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 182 | kth = ktrgetheader(KTR_PSIG); |
| 183 | kp.signo = (char)sig; |
| 184 | kp.action = action; |
| 185 | kp.mask = *mask; |
| 186 | kp.code = code; |
| 187 | kth->ktr_buf = (caddr_t)&kp; |
| 188 | kth->ktr_len = sizeof (struct ktr_psig); |
| 189 | |
| 190 | ktrwrite(lp, kth, NULL); |
| 191 | FREE(kth, M_KTRACE); |
| 192 | lp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 193 | } |
| 194 | |
| 195 | void |
| 196 | ktrcsw(struct lwp *lp, int out, int user) |
| 197 | { |
| 198 | struct ktr_header *kth; |
| 199 | struct ktr_csw kc; |
| 200 | |
| 201 | lp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 202 | kth = ktrgetheader(KTR_CSW); |
| 203 | kc.out = out; |
| 204 | kc.user = user; |
| 205 | kth->ktr_buf = (caddr_t)&kc; |
| 206 | kth->ktr_len = sizeof (struct ktr_csw); |
| 207 | |
| 208 | ktrwrite(lp, kth, NULL); |
| 209 | FREE(kth, M_KTRACE); |
| 210 | lp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 211 | } |
| 212 | #endif |
| 213 | |
| 214 | /* Interface and common routines */ |
| 215 | |
| 216 | #ifdef KTRACE |
| 217 | /* |
| 218 | * ktrace system call |
| 219 | */ |
| 220 | struct ktrace_clear_info { |
| 221 | ktrace_node_t tracenode; |
| 222 | int rootclear; |
| 223 | int error; |
| 224 | }; |
| 225 | |
| 226 | static int ktrace_clear_callback(struct proc *p, void *data); |
| 227 | |
| 228 | #endif |
| 229 | |
| 230 | /* |
| 231 | * MPALMOSTSAFE |
| 232 | */ |
| 233 | int |
| 234 | sys_ktrace(struct ktrace_args *uap) |
| 235 | { |
| 236 | #ifdef KTRACE |
| 237 | struct ktrace_clear_info info; |
| 238 | struct thread *td = curthread; |
| 239 | struct proc *curp = td->td_proc; |
| 240 | struct proc *p; |
| 241 | struct pgrp *pg; |
| 242 | int facs = uap->facs & ~KTRFAC_ROOT; |
| 243 | int ops = KTROP(uap->ops); |
| 244 | int descend = uap->ops & KTRFLAG_DESCEND; |
| 245 | int ret = 0; |
| 246 | int error = 0; |
| 247 | struct nlookupdata nd; |
| 248 | ktrace_node_t tracenode = NULL; |
| 249 | |
| 250 | get_mplock(); |
| 251 | curp->p_traceflag |= KTRFAC_ACTIVE; |
| 252 | if (ops != KTROP_CLEAR) { |
| 253 | /* |
| 254 | * an operation which requires a file argument. |
| 255 | */ |
| 256 | error = nlookup_init(&nd, uap->fname, |
| 257 | UIO_USERSPACE, NLC_LOCKVP); |
| 258 | if (error == 0) |
| 259 | error = vn_open(&nd, NULL, FREAD|FWRITE|O_NOFOLLOW, 0); |
| 260 | if (error == 0 && nd.nl_open_vp->v_type != VREG) |
| 261 | error = EACCES; |
| 262 | if (error) { |
| 263 | curp->p_traceflag &= ~KTRFAC_ACTIVE; |
| 264 | nlookup_done(&nd); |
| 265 | goto done; |
| 266 | } |
| 267 | MALLOC(tracenode, ktrace_node_t, sizeof (struct ktrace_node), |
| 268 | M_KTRACE, M_WAITOK | M_ZERO); |
| 269 | tracenode->kn_vp = nd.nl_open_vp; |
| 270 | tracenode->kn_refs = 1; |
| 271 | nd.nl_open_vp = NULL; |
| 272 | nlookup_done(&nd); |
| 273 | vn_unlock(tracenode->kn_vp); |
| 274 | } |
| 275 | /* |
| 276 | * Clear all uses of the tracefile. Not the most efficient operation |
| 277 | * in the world. |
| 278 | */ |
| 279 | if (ops == KTROP_CLEARFILE) { |
| 280 | info.tracenode = tracenode; |
| 281 | info.error = 0; |
| 282 | info.rootclear = 0; |
| 283 | allproc_scan(ktrace_clear_callback, &info); |
| 284 | error = info.error; |
| 285 | goto done; |
| 286 | } |
| 287 | /* |
| 288 | * need something to (un)trace (XXX - why is this here?) |
| 289 | */ |
| 290 | if (!facs) { |
| 291 | error = EINVAL; |
| 292 | goto done; |
| 293 | } |
| 294 | /* |
| 295 | * do it |
| 296 | */ |
| 297 | if (uap->pid < 0) { |
| 298 | /* |
| 299 | * by process group |
| 300 | */ |
| 301 | pg = pgfind(-uap->pid); |
| 302 | if (pg == NULL) { |
| 303 | error = ESRCH; |
| 304 | goto done; |
| 305 | } |
| 306 | LIST_FOREACH(p, &pg->pg_members, p_pglist) { |
| 307 | if (descend) |
| 308 | ret |= ktrsetchildren(td, p, ops, facs, tracenode); |
| 309 | else |
| 310 | ret |= ktrops(td, p, ops, facs, tracenode); |
| 311 | } |
| 312 | } else { |
| 313 | /* |
| 314 | * by pid |
| 315 | */ |
| 316 | p = pfind(uap->pid); |
| 317 | if (p == NULL) { |
| 318 | error = ESRCH; |
| 319 | goto done; |
| 320 | } |
| 321 | if (descend) |
| 322 | ret |= ktrsetchildren(td, p, ops, facs, tracenode); |
| 323 | else |
| 324 | ret |= ktrops(td, p, ops, facs, tracenode); |
| 325 | } |
| 326 | if (!ret) |
| 327 | error = EPERM; |
| 328 | done: |
| 329 | if (tracenode) |
| 330 | ktrdestroy(&tracenode); |
| 331 | curp->p_traceflag &= ~KTRFAC_ACTIVE; |
| 332 | rel_mplock(); |
| 333 | return (error); |
| 334 | #else |
| 335 | return ENOSYS; |
| 336 | #endif |
| 337 | } |
| 338 | |
| 339 | #ifdef KTRACE |
| 340 | |
| 341 | /* |
| 342 | * NOTE: NOT MPSAFE (yet) |
| 343 | */ |
| 344 | static int |
| 345 | ktrace_clear_callback(struct proc *p, void *data) |
| 346 | { |
| 347 | struct ktrace_clear_info *info = data; |
| 348 | |
| 349 | if (p->p_tracenode) { |
| 350 | if (info->rootclear) { |
| 351 | if (p->p_tracenode == info->tracenode) { |
| 352 | ktrdestroy(&p->p_tracenode); |
| 353 | p->p_traceflag = 0; |
| 354 | } |
| 355 | } else { |
| 356 | if (p->p_tracenode->kn_vp == info->tracenode->kn_vp) { |
| 357 | if (ktrcanset(curthread, p)) { |
| 358 | ktrdestroy(&p->p_tracenode); |
| 359 | p->p_traceflag = 0; |
| 360 | } else { |
| 361 | info->error = EPERM; |
| 362 | } |
| 363 | } |
| 364 | } |
| 365 | } |
| 366 | return(0); |
| 367 | } |
| 368 | |
| 369 | #endif |
| 370 | |
| 371 | /* |
| 372 | * utrace system call |
| 373 | * |
| 374 | * MPALMOSTSAFE |
| 375 | */ |
| 376 | int |
| 377 | sys_utrace(struct utrace_args *uap) |
| 378 | { |
| 379 | #ifdef KTRACE |
| 380 | struct ktr_header *kth; |
| 381 | struct thread *td = curthread; /* XXX */ |
| 382 | caddr_t cp; |
| 383 | |
| 384 | if (!KTRPOINT(td, KTR_USER)) |
| 385 | return (0); |
| 386 | if (uap->len > KTR_USER_MAXLEN) |
| 387 | return (EINVAL); |
| 388 | td->td_lwp->lwp_traceflag |= KTRFAC_ACTIVE; |
| 389 | kth = ktrgetheader(KTR_USER); |
| 390 | MALLOC(cp, caddr_t, uap->len, M_KTRACE, M_WAITOK); |
| 391 | if (!copyin(uap->addr, cp, uap->len)) { |
| 392 | kth->ktr_buf = cp; |
| 393 | kth->ktr_len = uap->len; |
| 394 | get_mplock(); |
| 395 | ktrwrite(td->td_lwp, kth, NULL); |
| 396 | rel_mplock(); |
| 397 | } |
| 398 | FREE(kth, M_KTRACE); |
| 399 | FREE(cp, M_KTRACE); |
| 400 | td->td_lwp->lwp_traceflag &= ~KTRFAC_ACTIVE; |
| 401 | |
| 402 | return (0); |
| 403 | #else |
| 404 | return (ENOSYS); |
| 405 | #endif |
| 406 | } |
| 407 | |
| 408 | void |
| 409 | ktrdestroy(struct ktrace_node **tracenodep) |
| 410 | { |
| 411 | ktrace_node_t tracenode; |
| 412 | |
| 413 | if ((tracenode = *tracenodep) != NULL) { |
| 414 | *tracenodep = NULL; |
| 415 | KKASSERT(tracenode->kn_refs > 0); |
| 416 | /* XXX not MP safe yet */ |
| 417 | --tracenode->kn_refs; |
| 418 | if (tracenode->kn_refs == 0) { |
| 419 | vn_close(tracenode->kn_vp, FREAD|FWRITE); |
| 420 | tracenode->kn_vp = NULL; |
| 421 | FREE(tracenode, M_KTRACE); |
| 422 | } |
| 423 | } |
| 424 | } |
| 425 | |
| 426 | /* |
| 427 | * This allows a process to inherit a ref on a tracenode and is also used |
| 428 | * as a temporary ref to prevent a tracenode from being destroyed out from |
| 429 | * under an active operation. |
| 430 | */ |
| 431 | ktrace_node_t |
| 432 | ktrinherit(ktrace_node_t tracenode) |
| 433 | { |
| 434 | if (tracenode) { |
| 435 | KKASSERT(tracenode->kn_refs > 0); |
| 436 | ++tracenode->kn_refs; |
| 437 | } |
| 438 | return(tracenode); |
| 439 | } |
| 440 | |
| 441 | #ifdef KTRACE |
| 442 | static int |
| 443 | ktrops(struct thread *td, struct proc *p, int ops, int facs, |
| 444 | ktrace_node_t tracenode) |
| 445 | { |
| 446 | ktrace_node_t oldnode; |
| 447 | |
| 448 | if (!ktrcanset(td, p)) |
| 449 | return (0); |
| 450 | if (ops == KTROP_SET) { |
| 451 | if ((oldnode = p->p_tracenode) != tracenode) { |
| 452 | p->p_tracenode = ktrinherit(tracenode); |
| 453 | ktrdestroy(&oldnode); |
| 454 | } |
| 455 | p->p_traceflag |= facs; |
| 456 | if (td->td_ucred->cr_uid == 0) |
| 457 | p->p_traceflag |= KTRFAC_ROOT; |
| 458 | } else { |
| 459 | /* KTROP_CLEAR */ |
| 460 | if (((p->p_traceflag &= ~facs) & KTRFAC_MASK) == 0) { |
| 461 | /* no more tracing */ |
| 462 | p->p_traceflag = 0; |
| 463 | ktrdestroy(&p->p_tracenode); |
| 464 | } |
| 465 | } |
| 466 | |
| 467 | return (1); |
| 468 | } |
| 469 | |
| 470 | static int |
| 471 | ktrsetchildren(struct thread *td, struct proc *top, int ops, int facs, |
| 472 | ktrace_node_t tracenode) |
| 473 | { |
| 474 | struct proc *p; |
| 475 | int ret = 0; |
| 476 | |
| 477 | p = top; |
| 478 | for (;;) { |
| 479 | ret |= ktrops(td, p, ops, facs, tracenode); |
| 480 | /* |
| 481 | * If this process has children, descend to them next, |
| 482 | * otherwise do any siblings, and if done with this level, |
| 483 | * follow back up the tree (but not past top). |
| 484 | */ |
| 485 | if (!LIST_EMPTY(&p->p_children)) |
| 486 | p = LIST_FIRST(&p->p_children); |
| 487 | else for (;;) { |
| 488 | if (p == top) |
| 489 | return (ret); |
| 490 | if (LIST_NEXT(p, p_sibling)) { |
| 491 | p = LIST_NEXT(p, p_sibling); |
| 492 | break; |
| 493 | } |
| 494 | p = p->p_pptr; |
| 495 | } |
| 496 | } |
| 497 | /*NOTREACHED*/ |
| 498 | } |
| 499 | |
| 500 | static void |
| 501 | ktrwrite(struct lwp *lp, struct ktr_header *kth, struct uio *uio) |
| 502 | { |
| 503 | struct ktrace_clear_info info; |
| 504 | struct uio auio; |
| 505 | struct iovec aiov[2]; |
| 506 | int error; |
| 507 | ktrace_node_t tracenode; |
| 508 | |
| 509 | /* |
| 510 | * We have to ref our tracenode to prevent it from being ripped out |
| 511 | * from under us while we are trying to use it. p_tracenode can |
| 512 | * go away at any time if another process gets a write error. |
| 513 | * |
| 514 | * XXX not MP safe |
| 515 | */ |
| 516 | if (lp->lwp_proc->p_tracenode == NULL) |
| 517 | return; |
| 518 | tracenode = ktrinherit(lp->lwp_proc->p_tracenode); |
| 519 | auio.uio_iov = &aiov[0]; |
| 520 | auio.uio_offset = 0; |
| 521 | auio.uio_segflg = UIO_SYSSPACE; |
| 522 | auio.uio_rw = UIO_WRITE; |
| 523 | aiov[0].iov_base = (caddr_t)kth; |
| 524 | aiov[0].iov_len = sizeof(struct ktr_header); |
| 525 | auio.uio_resid = sizeof(struct ktr_header); |
| 526 | auio.uio_iovcnt = 1; |
| 527 | auio.uio_td = curthread; |
| 528 | if (kth->ktr_len > 0) { |
| 529 | auio.uio_iovcnt++; |
| 530 | aiov[1].iov_base = kth->ktr_buf; |
| 531 | aiov[1].iov_len = kth->ktr_len; |
| 532 | auio.uio_resid += kth->ktr_len; |
| 533 | if (uio != NULL) |
| 534 | kth->ktr_len += uio->uio_resid; |
| 535 | } |
| 536 | vn_lock(tracenode->kn_vp, LK_EXCLUSIVE | LK_RETRY); |
| 537 | error = VOP_WRITE(tracenode->kn_vp, &auio, |
| 538 | IO_UNIT | IO_APPEND, lp->lwp_thread->td_ucred); |
| 539 | if (error == 0 && uio != NULL) { |
| 540 | error = VOP_WRITE(tracenode->kn_vp, uio, |
| 541 | IO_UNIT | IO_APPEND, lp->lwp_thread->td_ucred); |
| 542 | } |
| 543 | vn_unlock(tracenode->kn_vp); |
| 544 | if (error) { |
| 545 | /* |
| 546 | * If an error occured, give up tracing on all processes |
| 547 | * using this tracenode. This is not MP safe but is |
| 548 | * blocking-safe. |
| 549 | */ |
| 550 | log(LOG_NOTICE, |
| 551 | "ktrace write failed, errno %d, tracing stopped\n", error); |
| 552 | info.tracenode = tracenode; |
| 553 | info.error = 0; |
| 554 | info.rootclear = 1; |
| 555 | allproc_scan(ktrace_clear_callback, &info); |
| 556 | } |
| 557 | ktrdestroy(&tracenode); |
| 558 | } |
| 559 | |
| 560 | /* |
| 561 | * Return true if caller has permission to set the ktracing state |
| 562 | * of target. Essentially, the target can't possess any |
| 563 | * more permissions than the caller. KTRFAC_ROOT signifies that |
| 564 | * root previously set the tracing status on the target process, and |
| 565 | * so, only root may further change it. |
| 566 | * |
| 567 | * TODO: check groups. use caller effective gid. |
| 568 | */ |
| 569 | static int |
| 570 | ktrcanset(struct thread *calltd, struct proc *targetp) |
| 571 | { |
| 572 | struct ucred *caller = calltd->td_ucred; |
| 573 | struct ucred *target = targetp->p_ucred; |
| 574 | |
| 575 | if (!PRISON_CHECK(caller, target)) |
| 576 | return (0); |
| 577 | if ((caller->cr_uid == target->cr_ruid && |
| 578 | target->cr_ruid == target->cr_svuid && |
| 579 | caller->cr_rgid == target->cr_rgid && /* XXX */ |
| 580 | target->cr_rgid == target->cr_svgid && |
| 581 | (targetp->p_traceflag & KTRFAC_ROOT) == 0 && |
| 582 | (targetp->p_flag & P_SUGID) == 0) || |
| 583 | caller->cr_uid == 0) |
| 584 | return (1); |
| 585 | |
| 586 | return (0); |
| 587 | } |
| 588 | |
| 589 | #endif /* KTRACE */ |