kern: send parent a SIGCHLD when the debugger has detached

The practical scenario that leads to this is porch(1) spawning some
utility and sending it a SIGSTOP as a debugging aide. The user then
at

kern: send parent a SIGCHLD when the debugger has detached

The practical scenario that leads to this is porch(1) spawning some
utility and sending it a SIGSTOP as a debugging aide. The user then
attaches a debugger and walks through how some specific input is
processed, then detaches to allow the script to continue. When ptrace
is detached, the process resumes execution but the parent is never
notified and may be stuck in wait(2) for it to continue or terminate.

Other platforms seem to re-suspend the process after the debugger is
detached, but neither behavior seems unreasonable. Just notifying the
parent that the child has resumed is a relatively low-risk departure
from our current behavior and had apparently been considered in the
past, based on pre-existing comments.

Move p_flag and p_xsig handling into childproc_continued(), as just
sending the SIGCHLD here isn't really useful without P_CONTINUED set
and the other caller already sets these up as well.

Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D50917

show more ...

ptrace: Rename the internal command range constants

No functional change intended.

Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D50866

linux: Fix usage of ptrace(PT_GET_SC_ARGS)

The native handler expects the argument to be a pointer to an array of 8
syscall arguments, whereas the emulation provided an array that holds up
to 6.

Ha

linux: Fix usage of ptrace(PT_GET_SC_ARGS)

The native handler expects the argument to be a pointer to an array of 8
syscall arguments, whereas the emulation provided an array that holds up
to 6.

Handle this by adding a new range of Linuxulator-specific ptrace
commands. In particular, introduce PTLINUX_GET_SC_ARGS, which always
copies exactly six arguments. This fixes the problem and removes the
hack of checking the target thread ABI to decide whether to apply a
Linux-specific quirk to PT_GET_SC_ARGS.

Reviewed by: kib
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D50758

show more ...

PT_CONTINUE: undo transparent attach consequences

PR: 287050
Reported and tested by: Paul Floyd <pjfloyd@wanadoo.fr>
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differe

PT_CONTINUE: undo transparent attach consequences

PR: 287050
Reported and tested by: Paul Floyd <pjfloyd@wanadoo.fr>
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D50556

show more ...

PT_CONTINUE: if pc is set, mark the thread state as modified by user

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differrential revision: https://reviews.freebsd.org/D50

PT_CONTINUE: if pc is set, mark the thread state as modified by user

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differrential revision: https://reviews.freebsd.org/D50556

show more ...

ptrace(): p_xthread could be NULL for P_STOPPED_TRACE

Suppose that ptrace(PT_ATTACH) is called on mt process, and the thread
arbitrary selected as leader (p_xthread) by the attach code, is already
i

ptrace(): p_xthread could be NULL for P_STOPPED_TRACE

Suppose that ptrace(PT_ATTACH) is called on mt process, and the thread
arbitrary selected as leader (p_xthread) by the attach code, is already
in kernel preparing to exit as the process lock becomes available. Then
the thread_exit() function clears p->p_xthread, and we end up with the
traced signal-stopped process with NULL p_xthread.

This state is legitimate, and really p_xthread must point to a thread
that is inside ptracestop(). If p_xthread is NULL, but ptrace code
requires some leader thread, arbitrarly designate it as needed.

Reported and tested by: pho
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D49961

show more ...

ptrace: Do not pass a negative resid to proc_rwmem()

While here, avoid truncting uio_resid in proc_rwmem().

Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D4

ptrace: Do not pass a negative resid to proc_rwmem()

While here, avoid truncting uio_resid in proc_rwmem().

Reviewed by: kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49479

show more ...

ptrace(2): expand ability to fetch syscall parameters

Do not limit lwpinfo reporting of syscall number and args to SCE/SCX
events. When td_sa holds the values, we can report them. Clear
td_sa.code i

ptrace(2): expand ability to fetch syscall parameters

Do not limit lwpinfo reporting of syscall number and args to SCE/SCX
events. When td_sa holds the values, we can report them. Clear
td_sa.code in TDA_SIG ast handler: this handler is run when the process
is traced, and it is run with the last ptracestop() points before the
return to userspace.

This allows debugger to infer the interrupted syscall immediately after
PT_ATTACH without the need to loose control to the debuggee' thread. It
should work even when the debuggee is stopped in AST.

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D49430

show more ...

kern: Fix a typo in a source code comment

- s/explicity/explicitly/

MFC after: 3 days

proc_rwmem check PRIV_PROC_MEM_WRITE when writing

This will fail when mac_veriexec is enforced.

Move the check from procfs_doprocmem to proc_rwmem to ensure all
cases are covered.

Reviewed by: olc

proc_rwmem check PRIV_PROC_MEM_WRITE when writing

This will fail when mac_veriexec is enforced.

Move the check from procfs_doprocmem to proc_rwmem to ensure all
cases are covered.

Reviewed by: olce, markj
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D47484

show more ...

ptrace(PT_VM_ENTRY): report max protection

Reviewed by: brooks, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D46971

proc: Remove kernel stack swapping support, part 6

- Remove most checks of the P_INMEM flag.
- Some uses remain since a few userspace tools, e.g., ps(1) and top(1)
expect the flag to be set. Thes

proc: Remove kernel stack swapping support, part 6

- Remove most checks of the P_INMEM flag.
- Some uses remain since a few userspace tools, e.g., ps(1) and top(1)
expect the flag to be set. These can be cleaned up but the code has
most likely been copy-pasted elsewhere and while linger for a long
time.

Tested by: pho
Reviewed by: alc, imp, kib
Differential Revision: https://reviews.freebsd.org/D46117

show more ...

sys: Automated cleanup of cdefs and other formatting

Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.

Remov

sys: Automated cleanup of cdefs and other formatting

Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.

Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/

Sponsored by: Netflix

show more ...

Support dynamically sized register sets

We don't always know the size of the register set at compile time,
e.g. on arm64 the size of the SVE registers need to be queried on boot.
To support register

Support dynamically sized register sets

We don't always know the size of the register set at compile time,
e.g. on arm64 the size of the SVE registers need to be queried on boot.
To support register sets that needs to be calculated at run time
query the correct size when it is zero.

Reviewed by: markj, kib (earlier version)
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D41302

show more ...

sys: Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

ptrace: Clear TDB_BORN during PT_DETACH.

If a debugger detaches from a process that has a new thread that has
not yet executed, the new thread will raise a SIGTRAP signal to report
it's thread birth

ptrace: Clear TDB_BORN during PT_DETACH.

If a debugger detaches from a process that has a new thread that has
not yet executed, the new thread will raise a SIGTRAP signal to report
it's thread birth event even after the detach. With the debugger
detached, this results in a SIGTRAP sent to the process and typically
a core dump. Fix this by clearing TDB_BORN from any new threads
during detach.

Bump __FreeBSD_version for debuggers to notice when the fix is
present.

Reported by: GDB's testsuite
Reviewed by: kib, markj (previous version)
Differential Revision: https://reviews.freebsd.org/D39856

show more ...

ptrace(2): add PT_SC_REMOTE remote syscall request

Reviewed by: markj
Discussed with: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D3

ptrace(2): add PT_SC_REMOTE remote syscall request

Reviewed by: markj
Discussed with: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D37590

show more ...

sys: rename td_coredump to td_remotereq

and TDB_COREDUMPRQ to TDB_COREDUMPREQ

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebs

sys: rename td_coredump to td_remotereq

and TDB_COREDUMPRQ to TDB_COREDUMPREQ

Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D37590

show more ...

AST: rework

Make most AST handlers dynamically registered. This allows to have
subsystem-specific handler source located in the subsystem files,
instead of making subr_trap.c aware of it. For inst

AST: rework

Make most AST handlers dynamically registered. This allows to have
subsystem-specific handler source located in the subsystem files,
instead of making subr_trap.c aware of it. For instance, signal
delivery code on return to userspace is now moved to kern_sig.c.

Also, it allows to have some handlers designated as the cleanup (kclear)
type, which are called both at AST and on thread/process exit. For
instance, ast(), exit1(), and NFS server no longer need to be aware
about UFS softdep processing.

The dynamic registration also allows third-party modules to register AST
handlers if needed. There is one caveat with loadable modules: the
code does not make any effort to ensure that the module is not unloaded
before all threads processed through AST handler in it. In fact, this
is already present behavior for hwpmc.ko and ufs.ko. I do not think it
is worth the efforts and the runtime overhead to try to fix it.

Reviewed by: markj
Tested by: emaste (arm64), pho
Discussed with: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D35888

show more ...

syscallarg_t: Add a type for system call arguments

This more clearly differentiates system call arguments from integer
registers and return values. On current architectures it has no effect,
but on

syscallarg_t: Add a type for system call arguments

This more clearly differentiates system call arguments from integer
registers and return values. On current architectures it has no effect,
but on architectures where pointers are not integers (CHERI) and may
not even share registers (CHERI-MIPS) it is necessiary to differentiate
between system call arguments (syscallarg_t) and integer register values
(register_t).

Obtained from: CheriBSD

Reviewed by: imp, kib
Differential Revision: https://reviews.freebsd.org/D33780

show more ...

proc: Remove assertion that P_WEXIT is not set in proc_rwmem()

exit1() sets P_WEXIT before waiting for holding threads to finish,
rather than after, so this assertion is racy.

Fixes: 12fb39ec3e6b (

proc: Remove assertion that P_WEXIT is not set in proc_rwmem()

exit1() sets P_WEXIT before waiting for holding threads to finish,
rather than after, so this assertion is racy.

Fixes: 12fb39ec3e6b ("proc: Relax proc_rwmem()'s assertion on the process hold count")
Reported by: Jenkins

show more ...

proc: Relax proc_rwmem()'s assertion on the process hold count

This reference ensures that the process and its associated vmspace will
not be destroyed while proc_rwmem() is executing. If, however,

proc: Relax proc_rwmem()'s assertion on the process hold count

This reference ensures that the process and its associated vmspace will
not be destroyed while proc_rwmem() is executing. If, however, the
calling thread belongs to the target process, then it is unnecessary to
hold the process. In particular, fasttrap - a module which enables
userspace dtrace - may frequently call proc_rwmem(), and we'd prefer to
avoid the overhead of locking and bumping the hold count when possible.

Thus, make the assertion conditional on "p != curproc". Also assert
that the process is not already exiting. No functional change intended.

MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation

show more ...

Trim duplicate code for copying in iovecs for PT_[GS]ETREGSET.

Reviewed by: andrew, emaste
Differential Revision: https://reviews.freebsd.org/D34177

Add PT_GETREGSET

This adds the PT_GETREGSET and PT_SETREGSET ptrace types. These can be
used to access all the registers from a specified core dump note type.
The NT_PRSTATUS and NT_FPREGSET notes a

Add PT_GETREGSET

This adds the PT_GETREGSET and PT_SETREGSET ptrace types. These can be
used to access all the registers from a specified core dump note type.
The NT_PRSTATUS and NT_FPREGSET notes are initially supported. Other
machine-dependant types are expected to be added in the future.

The ptrace addr points to a struct iovec pointing at memory to hold the
registers along with its length. On success the length in the iovec is
updated to tell userspace the actual length the kernel wrote or, if the
base address is NULL, the length the kernel would have written.

Because the data field is an int the arguments are backwards when
compared to the Linux PTRACE_GETREGSET call.

Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19831

show more ...

Add security.bsd.allow_ptrace sysctl

that disables any access to ptrace(2) for all processes.

Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https

Add security.bsd.allow_ptrace sysctl

that disables any access to ptrace(2) for all processes.

Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D33986

show more ...