HardenedBSD/usr.bin/kdump/mksubr
John Baldwin 55648840de Extend the support for exempting processes from being killed when swap is
exhausted.
- Add a new protect(1) command that can be used to set or revoke protection
  from arbitrary processes.  Similar to ktrace it can apply a change to all
  existing descendants of a process as well as future descendants.
- Add a new procctl(2) system call that provides a generic interface for
  control operations on processes (as opposed to the debugger-specific
  operations provided by ptrace(2)).  procctl(2) uses a combination of
  idtype_t and an id to identify the set of processes on which to operate
  similar to wait6().
- Add a PROC_SPROTECT control operation to manage the protection status
  of a set of processes.  MADV_PROTECT still works for backwards
  compatability.
- Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc)
  the first bit of which is used to track if P_PROTECT should be inherited
  by new child processes.

Reviewed by:	kib, jilles (earlier version)
Approved by:	re (delphij)
MFC after:	1 month
2013-09-19 18:53:42 +00:00

702 lines
18 KiB
Bash

#!/bin/sh
#
# Copyright (c) 2006 "David Kirchner" <dpk@dpk.net>. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# $FreeBSD$
#
# Generates kdump_subr.c
# mkioctls is a special-purpose script, and works fine as it is
# now, so it remains independent. The idea behind how it generates
# its list was heavily borrowed here.
#
# Some functions here are automatically generated. This can mean
# the user will see unusual kdump output or errors while building
# if the underlying .h files are changed significantly.
#
# Key:
# AUTO: Completely auto-generated with either the "or" or the "switch"
# method.
# AUTO - Special: Generated automatically, but with some extra commands
# that the auto_*_type() functions are inappropriate for.
# MANUAL: Manually entered and must therefore be manually updated.
set -e
LC_ALL=C; export LC_ALL
if [ -z "$1" ]
then
echo "usage: sh $0 include-dir"
exit 1
fi
include_dir=$1
#
# Automatically generates a C function that will print out the
# numeric input as a pipe-delimited string of the appropriate
# #define keys. ex:
# S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH
# The XOR is necessary to prevent including the "0"-value in every
# line.
#
auto_or_type () {
local name grep file
name=$1
grep=$2
file=$3
cat <<_EOF_
/* AUTO */
void
$name(intmax_t arg)
{
int or = 0;
printf("%#jx<", (uintmax_t)arg);
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+"${grep}"[[:space:]]*" \
$include_dir/$file | \
awk '{ for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
printf "\tif (!((arg > 0) ^ ((%s) > 0)))\n\t\tif_print_or(arg, %s, or);\n", $i, $i }'
cat <<_EOF_
printf(">");
if (or == 0)
printf("<invalid>%jd", arg);
}
_EOF_
}
#
# Automatically generates a C function used when the argument
# maps to a single, specific #definition
#
auto_switch_type () {
local name grep file
name=$1
grep=$2
file=$3
cat <<_EOF_
/* AUTO */
void
$name(intmax_t arg)
{
switch (arg) {
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+"${grep}"[[:space:]]*" \
$include_dir/$file | \
awk '{ for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
printf "\tcase %s:\n\t\tprintf(\"%s\");\n\t\tbreak;\n", $i, $i }'
cat <<_EOF_
default: /* Should not reach */
printf("<invalid=%jd>", arg);
}
}
_EOF_
}
#
# Automatically generates a C function used when the argument
# maps to a #definition
#
auto_if_type () {
local name grep file
name=$1
grep=$2
file=$3
cat <<_EOF_
/* AUTO */
void
$name(intmax_t arg)
{
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+"${grep}"[[:space:]]*" \
$include_dir/$file | \
awk '{ printf "\t"; \
if (NR > 1) \
printf "else " ; \
printf "if (arg == %s) \n\t\tprintf(\"%s\");\n", $2, $2 }'
cat <<_EOF_
else /* Should not reach */
printf("<invalid=%jd>", arg);
}
_EOF_
}
# C start
cat <<_EOF_
#include <stdint.h>
#include <stdio.h>
#include <sys/fcntl.h>
#include <sys/stat.h>
#include <sys/unistd.h>
#include <sys/mman.h>
#include <sys/wait.h>
#define _KERNEL
#include <sys/socket.h>
#undef _KERNEL
#include <netinet/in.h>
#include <sys/param.h>
#include <sys/mount.h>
#include <sys/procctl.h>
#include <sys/ptrace.h>
#include <sys/resource.h>
#include <sys/reboot.h>
#include <sched.h>
#include <sys/linker.h>
#define _KERNEL
#include <sys/thr.h>
#undef _KERNEL
#include <sys/extattr.h>
#include <sys/acl.h>
#include <aio.h>
#include <sys/sem.h>
#include <sys/ipc.h>
#include <sys/rtprio.h>
#include <sys/shm.h>
#include <nfsserver/nfs.h>
#include <ufs/ufs/quota.h>
#include <sys/capability.h>
#include <vm/vm.h>
#include <vm/vm_param.h>
#include "kdump_subr.h"
/*
* These are simple support macros. print_or utilizes a variable
* defined in the calling function to track whether or not it should
* print a logical-OR character ('|') before a string. if_print_or
* simply handles the necessary "if" statement used in many lines
* of this file.
*/
#define print_or(str,orflag) do { \\
if (orflag) putchar('|'); else orflag = 1; \\
printf (str); } \\
while (0)
#define if_print_or(i,flag,orflag) do { \\
if ((i & flag) == flag) \\
print_or(#flag,orflag); } \\
while (0)
/* MANUAL */
void
atfdname(int fd, int decimal)
{
if (fd == AT_FDCWD)
printf("AT_FDCWD");
else if (decimal)
printf("%d", fd);
else
printf("%#x", fd);
}
/* MANUAL */
extern char *signames[]; /* from kdump.c */
void
signame(int sig)
{
if (sig > 0 && sig < NSIG)
printf("SIG%s",signames[sig]);
else
printf("SIG %d", sig);
}
/* MANUAL */
void
semctlname(int cmd)
{
switch (cmd) {
case GETNCNT:
printf("GETNCNT");
break;
case GETPID:
printf("GETPID");
break;
case GETVAL:
printf("GETVAL");
break;
case GETALL:
printf("GETALL");
break;
case GETZCNT:
printf("GETZCNT");
break;
case SETVAL:
printf("SETVAL");
break;
case SETALL:
printf("SETALL");
break;
case IPC_RMID:
printf("IPC_RMID");
break;
case IPC_SET:
printf("IPC_SET");
break;
case IPC_STAT:
printf("IPC_STAT");
break;
default: /* Should not reach */
printf("<invalid=%d>", cmd);
}
}
/* MANUAL */
void
shmctlname(int cmd)
{
switch (cmd) {
case IPC_RMID:
printf("IPC_RMID");
break;
case IPC_SET:
printf("IPC_SET");
break;
case IPC_STAT:
printf("IPC_STAT");
break;
default: /* Should not reach */
printf("<invalid=%d>", cmd);
}
}
/* MANUAL */
void
semgetname(int flag)
{
int or = 0;
if_print_or(flag, IPC_CREAT, or);
if_print_or(flag, IPC_EXCL, or);
if_print_or(flag, SEM_R, or);
if_print_or(flag, SEM_A, or);
if_print_or(flag, (SEM_R>>3), or);
if_print_or(flag, (SEM_A>>3), or);
if_print_or(flag, (SEM_R>>6), or);
if_print_or(flag, (SEM_A>>6), or);
}
/*
* MANUAL
*
* Only used by SYS_open. Unless O_CREAT is set in flags, the
* mode argument is unused (and often bogus and misleading).
*/
void
flagsandmodename(int flags, int mode, int decimal)
{
flagsname(flags);
putchar(',');
if ((flags & O_CREAT) == O_CREAT) {
modename (mode);
} else {
if (decimal) {
printf("<unused>%d", mode);
} else {
printf("<unused>%#x", (unsigned int)mode);
}
}
}
/* MANUAL */
void
idtypename(idtype_t idtype, int decimal)
{
switch(idtype) {
case P_PID:
printf("P_PID");
break;
case P_PPID:
printf("P_PPID");
break;
case P_PGID:
printf("P_PGID");
break;
case P_SID:
printf("P_SID");
break;
case P_CID:
printf("P_CID");
break;
case P_UID:
printf("P_UID");
break;
case P_GID:
printf("P_GID");
break;
case P_ALL:
printf("P_ALL");
break;
case P_LWPID:
printf("P_LWPID");
break;
case P_TASKID:
printf("P_TASKID");
break;
case P_PROJID:
printf("P_PROJID");
break;
case P_POOLID:
printf("P_POOLID");
break;
case P_JAILID:
printf("P_JAILID");
break;
case P_CTID:
printf("P_CTID");
break;
case P_CPUID:
printf("P_CPUID");
break;
case P_PSETID:
printf("P_PSETID");
break;
default:
if (decimal) {
printf("%d", idtype);
} else {
printf("%#x", idtype);
}
}
}
/*
* MANUAL
*
* [g|s]etsockopt's level argument can either be SOL_SOCKET or a value
* referring to a line in /etc/protocols . It might be appropriate
* to use getprotoent(3) here.
*/
void
sockoptlevelname(int level, int decimal)
{
if (level == SOL_SOCKET) {
printf("SOL_SOCKET");
} else {
if (decimal) {
printf("%d", level);
} else {
printf("%#x", (unsigned int)level);
}
}
}
/*
* MANUAL
*
* Used for page fault type. Cannot use auto_or_type since the macro
* values contain a cast. Also, VM_PROT_NONE has to be handled specially.
*/
void
vmprotname (int type)
{
int or = 0;
if (type == VM_PROT_NONE) {
(void)printf("VM_PROT_NONE");
return;
}
if_print_or(type, VM_PROT_READ, or);
if_print_or(type, VM_PROT_WRITE, or);
if_print_or(type, VM_PROT_EXECUTE, or);
if_print_or(type, VM_PROT_COPY, or);
}
/*
* MANUAL
*/
void
socktypenamewithflags(int type)
{
if (type & SOCK_CLOEXEC)
printf("SOCK_CLOEXEC|"), type &= ~SOCK_CLOEXEC;
if (type & SOCK_NONBLOCK)
printf("SOCK_NONBLOCK|"), type &= ~SOCK_NONBLOCK;
socktypename(type);
}
_EOF_
auto_or_type "accessmodename" "[A-Z]_OK[[:space:]]+0?x?[0-9A-Fa-f]+" "sys/unistd.h"
auto_switch_type "acltypename" "ACL_TYPE_[A-Z4_]+[[:space:]]+0x[0-9]+" "sys/acl.h"
auto_or_type "capfcntlname" "CAP_FCNTL_[A-Z]+[[:space:]]+\(1" "sys/capability.h"
auto_switch_type "extattrctlname" "EXTATTR_NAMESPACE_[A-Z]+[[:space:]]+0x[0-9]+" "sys/extattr.h"
auto_switch_type "fadvisebehavname" "POSIX_FADV_[A-Z]+[[:space:]]+[0-9]+" "sys/fcntl.h"
auto_or_type "flagsname" "O_[A-Z]+[[:space:]]+0x[0-9A-Fa-f]+" "sys/fcntl.h"
auto_or_type "flockname" "LOCK_[A-Z]+[[:space:]]+0x[0-9]+" "sys/fcntl.h"
auto_or_type "getfsstatflagsname" "MNT_[A-Z]+[[:space:]]+[1-9][0-9]*" "sys/mount.h"
auto_switch_type "kldsymcmdname" "KLDSYM_[A-Z]+[[:space:]]+[0-9]+" "sys/linker.h"
auto_switch_type "kldunloadfflagsname" "LINKER_UNLOAD_[A-Z]+[[:space:]]+[0-9]+" "sys/linker.h"
auto_switch_type "lio_listioname" "LIO_(NO)?WAIT[[:space:]]+[0-9]+" "aio.h"
auto_switch_type "madvisebehavname" "_?MADV_[A-Z]+[[:space:]]+[0-9]+" "sys/mman.h"
auto_switch_type "minheritname" "INHERIT_[A-Z]+[[:space:]]+[0-9]+" "sys/mman.h"
auto_or_type "mlockallname" "MCL_[A-Z]+[[:space:]]+0x[0-9]+" "sys/mman.h"
auto_or_type "mmapprotname" "PROT_[A-Z]+[[:space:]]+0x[0-9A-Fa-f]+" "sys/mman.h"
auto_or_type "modename" "S_[A-Z]+[[:space:]]+[0-6]{7}" "sys/stat.h"
auto_or_type "mountflagsname" "MNT_[A-Z]+[[:space:]]+0x[0-9]+" "sys/mount.h"
auto_switch_type "msyncflagsname" "MS_[A-Z]+[[:space:]]+0x[0-9]+" "sys/mman.h"
auto_or_type "nfssvcname" "NFSSVC_[A-Z0-9]+[[:space:]]+0x[0-9]+" "nfs/nfssvc.h"
auto_switch_type "prioname" "PRIO_[A-Z]+[[:space:]]+[0-9]" "sys/resource.h"
auto_switch_type "procctlcmdname" "PROC_[A-Z]+[[:space:]]+[0-9]" "sys/procctl.h"
auto_switch_type "ptraceopname" "PT_[[:alnum:]_]+[[:space:]]+[0-9]+" "sys/ptrace.h"
auto_switch_type "quotactlname" "Q_[A-Z]+[[:space:]]+0x[0-9]+" "ufs/ufs/quota.h"
auto_or_type "rebootoptname" "RB_[A-Z]+[[:space:]]+0x[0-9]+" "sys/reboot.h"
auto_or_type "rforkname" "RF[A-Z]+[[:space:]]+\([0-9]+<<[0-9]+\)" "sys/unistd.h"
auto_switch_type "rlimitname" "RLIMIT_[A-Z]+[[:space:]]+[0-9]+" "sys/resource.h"
auto_switch_type "schedpolicyname" "SCHED_[A-Z]+[[:space:]]+[0-9]+" "sched.h"
auto_switch_type "sendfileflagsname" "SF_[A-Z]+[[:space:]]+[0-9]+" "sys/socket.h"
auto_or_type "shmatname" "SHM_[A-Z]+[[:space:]]+[0-9]{6}+" "sys/shm.h"
auto_switch_type "shutdownhowname" "SHUT_[A-Z]+[[:space:]]+[0-9]+" "sys/socket.h"
auto_switch_type "sigbuscodename" "BUS_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_switch_type "sigchldcodename" "CLD_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_switch_type "sigfpecodename" "FPE_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_switch_type "sigprocmaskhowname" "SIG_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_switch_type "sigillcodename" "ILL_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_switch_type "sigsegvcodename" "SEGV_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_switch_type "sigtrapcodename" "TRAP_[A-Z]+[[:space:]]+[0-9]+" "sys/signal.h"
auto_if_type "sockdomainname" "PF_[[:alnum:]]+[[:space:]]+" "sys/socket.h"
auto_if_type "sockfamilyname" "AF_[[:alnum:]]+[[:space:]]+" "sys/socket.h"
auto_if_type "sockipprotoname" "IPPROTO_[[:alnum:]]+[[:space:]]+" "netinet/in.h"
auto_switch_type "sockoptname" "SO_[A-Z]+[[:space:]]+0x[0-9]+" "sys/socket.h"
auto_switch_type "socktypename" "SOCK_[A-Z]+[[:space:]]+[1-9]+[0-9]*" "sys/socket.h"
auto_or_type "thrcreateflagsname" "THR_[A-Z]+[[:space:]]+0x[0-9]+" "sys/thr.h"
auto_switch_type "vmresultname" "KERN_[A-Z]+[[:space:]]+[0-9]+" "vm/vm_param.h"
auto_or_type "wait6optname" "W[A-Z]+[[:space:]]+[0-9]+" "sys/wait.h"
auto_switch_type "whencename" "SEEK_[A-Z]+[[:space:]]+[0-9]+" "sys/unistd.h"
cat <<_EOF_
/*
* AUTO - Special
* F_ is used to specify fcntl commands as well as arguments. Both sets are
* grouped in fcntl.h, and this awk script grabs the first group.
*/
void
fcntlcmdname(int cmd, int arg, int decimal)
{
switch (cmd) {
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+F_[A-Z0-9_]+[[:space:]]+[0-9]+[[:space:]]*" \
$include_dir/sys/fcntl.h | \
awk 'BEGIN { o=0 } { for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
if (o <= $(i+1)) \
printf "\tcase %s:\n\t\tprintf(\"%s\");\n\t\tbreak;\n", $i, $i; \
else \
exit; \
o = $(i+1) }'
cat <<_EOF_
default: /* Should not reach */
printf("<invalid=%d>", cmd);
}
putchar(',');
if (cmd == F_GETFD || cmd == F_SETFD) {
if (arg == FD_CLOEXEC)
printf("FD_CLOEXEC");
else if (arg == 0)
printf("0");
else {
if (decimal)
printf("<invalid>%d", arg);
else
printf("<invalid>%#x", (unsigned int)arg);
}
} else if (cmd == F_SETFL) {
flagsname(arg);
} else {
if (decimal)
printf("%d", arg);
else
printf("%#x", (unsigned int)arg);
}
}
/*
* AUTO - Special
*
* The MAP_ALIGNED flag requires special handling.
*/
void
mmapflagsname(int flags)
{
int align;
int or = 0;
printf("%#x<", flags);
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+MAP_[A-Z_]+[[:space:]]+0x[0-9A-Fa-f]+[[:space:]]*" \
$include_dir/sys/mman.h | grep -v MAP_ALIGNED | \
awk '{ for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
printf "\tif (!((flags > 0) ^ ((%s) > 0)))\n\t\tif_print_or(flags, %s, or);\n", $i, $i }'
cat <<_EOF_
#ifdef MAP_32BIT
if (!((flags > 0) ^ ((MAP_32BIT) > 0)))
if_print_or(flags, MAP_32BIT, or);
#endif
align = flags & MAP_ALIGNMENT_MASK;
if (align != 0) {
if (align == MAP_ALIGNED_SUPER)
print_or("MAP_ALIGNED_SUPER", or);
else {
print_or("MAP_ALIGNED", or);
printf("(%d)", align >> MAP_ALIGNMENT_SHIFT);
}
}
printf(">");
if (or == 0)
printf("<invalid>%d", flags);
}
/*
* AUTO - Special
*
* The only reason this is not fully automated is due to the
* grep -v RTP_PRIO statement. A better egrep line should
* make this capable of being a auto_switch_type() function.
*/
void
rtprioname(int func)
{
switch (func) {
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+RTP_[A-Z]+[[:space:]]+0x[0-9]+[[:space:]]*" \
$include_dir/sys/rtprio.h | grep -v RTP_PRIO | \
awk '{ for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
printf "\tcase %s:\n\t\tprintf(\"%s\");\n\t\tbreak;\n", $i, $i }'
cat <<_EOF_
default: /* Should not reach */
printf("<invalid=%d>", func);
}
}
/*
* AUTO - Special
*
* The send and recv functions have a flags argument which can be
* set to 0. There is no corresponding #define. The auto_ functions
* detect this as "invalid", which is incorrect here.
*/
void
sendrecvflagsname(int flags)
{
int or = 0;
if (flags == 0) {
printf("0");
return;
}
printf("%#x<", flags);
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+MSG_[A-Z]+[[:space:]]+0x[0-9]+[[:space:]]*" $include_dir/sys/socket.h | \
awk '{ for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
printf "\tif(!((flags>0)^((%s)>0)))\n\t\tif_print_or(flags, %s, or);\n", $i, $i }'
cat <<_EOF_
printf(">");
}
/*
* AUTO - Special
*
* Check general codes first, then defer to signal-specific codes.
*/
void
sigcodename(int sig, int code)
{
switch (code) {
_EOF_
egrep "^#[[:space:]]*define[[:space:]]+SI_[A-Z]+[[:space:]]+0(x[0-9abcdef]+)?[[:space:]]*" \
$include_dir/sys/signal.h | grep -v SI_UNDEFINED | \
awk '{ for (i = 1; i <= NF; i++) \
if ($i ~ /define/) \
break; \
++i; \
printf "\tcase %s:\n\t\tprintf(\"%s\");\n\t\tbreak;\n", $i, $i }'
cat <<_EOF_
default:
switch (sig) {
case SIGILL:
sigillcodename(code);
break;
case SIGBUS:
sigbuscodename(code);
break;
case SIGSEGV:
sigsegvcodename(code);
break;
case SIGFPE:
sigfpecodename(code);
break;
case SIGTRAP:
sigtrapcodename(code);
break;
case SIGCHLD:
sigchldcodename(code);
break;
default:
printf("<invalid=%#x>", code);
}
}
}
_EOF_
egrep '#define[[:space:]]+CAP_[A-Z_]+[[:space:]]+CAPRIGHT\([0-9],[[:space:]]+0x[0-9]{16}ULL\)' \
$include_dir/sys/capability.h | \
sed -E 's/[ ]+/ /g' | \
awk -F '[ \(,\)]' '
BEGIN {
printf "void\n"
printf "capname(const cap_rights_t *rightsp)\n"
printf "{\n"
printf "\tint comma = 0;\n\n"
printf "\tprintf(\"<\");\n"
}
{
printf "\tif ((rightsp->cr_rights[%s] & %s) == %s) {\n", $4, $2, $2
printf "\t\tif (comma) printf(\",\"); else comma = 1;\n"
printf "\t\tprintf(\"%s\");\n", $2
printf "\t}\n"
}
END {
printf "\tprintf(\">\");\n"
printf "}\n"
}'