xref: /freebsd/sys/sys/procctl.h (revision dabf006a638fdc44cdcf69731de8ac83959db731)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2013 Hudson River Trading LLC
5  * Copyright (c) 2014, 2016 The FreeBSD Foundation
6  * Written by: John H. Baldwin <jhb@FreeBSD.org>
7  * All rights reserved.
8  *
9  * Portions of this software were developed by Konstantin Belousov
10  * under sponsorship from the FreeBSD Foundation.
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #ifndef	_SYS_PROCCTL_H_
35 #define	_SYS_PROCCTL_H_
36 
37 #ifndef _KERNEL
38 #include <sys/types.h>
39 #include <sys/wait.h>
40 #endif
41 
42 /* MD PROCCTL verbs start at 0x10000000 */
43 #define	PROC_PROCCTL_MD_MIN	0x10000000
44 #include <machine/procctl.h>
45 
46 #define	PROC_SPROTECT		1	/* set protected state */
47 #define	PROC_REAP_ACQUIRE	2	/* reaping enable */
48 #define	PROC_REAP_RELEASE	3	/* reaping disable */
49 #define	PROC_REAP_STATUS	4	/* reaping status */
50 #define	PROC_REAP_GETPIDS	5	/* get descendants */
51 #define	PROC_REAP_KILL		6	/* kill descendants */
52 #define	PROC_TRACE_CTL		7	/* en/dis ptrace and coredumps */
53 #define	PROC_TRACE_STATUS	8	/* query tracing status */
54 #define	PROC_TRAPCAP_CTL	9	/* trap capability errors */
55 #define	PROC_TRAPCAP_STATUS	10	/* query trap capability status */
56 #define	PROC_PDEATHSIG_CTL	11	/* set parent death signal */
57 #define	PROC_PDEATHSIG_STATUS	12	/* get parent death signal */
58 #define	PROC_ASLR_CTL		13	/* en/dis ASLR */
59 #define	PROC_ASLR_STATUS	14	/* query ASLR status */
60 #define	PROC_PROTMAX_CTL	15	/* en/dis implicit PROT_MAX */
61 #define	PROC_PROTMAX_STATUS	16	/* query implicit PROT_MAX status */
62 #define	PROC_STACKGAP_CTL	17	/* en/dis stack gap on MAP_STACK */
63 #define	PROC_STACKGAP_STATUS	18	/* query stack gap */
64 #define	PROC_NO_NEW_PRIVS_CTL	19	/* disable setuid/setgid */
65 #define	PROC_NO_NEW_PRIVS_STATUS 20	/* query suid/sgid disabled status */
66 #define	PROC_WXMAP_CTL		21	/* control W^X */
67 #define	PROC_WXMAP_STATUS	22	/* query W^X */
68 #define	PROC_LOGSIGEXIT_CTL	23	/* en/dis logging on sigexit */
69 #define	PROC_LOGSIGEXIT_STATUS	24	/* query logging on sigexit */
70 
71 /* Operations for PROC_SPROTECT (passed in integer arg). */
72 #define	PPROT_OP(x)	((x) & 0xf)
73 #define	PPROT_SET	1
74 #define	PPROT_CLEAR	2
75 
76 /* Flags for PROC_SPROTECT (ORed in with operation). */
77 #define	PPROT_FLAGS(x)	((x) & ~0xf)
78 #define	PPROT_DESCEND	0x10
79 #define	PPROT_INHERIT	0x20
80 
81 /* Result of PREAP_STATUS (returned by value). */
82 struct procctl_reaper_status {
83 	u_int	rs_flags;
84 	u_int	rs_children;
85 	u_int	rs_descendants;
86 	pid_t	rs_reaper;
87 	pid_t	rs_pid;
88 	u_int	rs_pad0[15];
89 };
90 
91 /* struct procctl_reaper_status rs_flags */
92 #define	REAPER_STATUS_OWNED	0x00000001
93 #define	REAPER_STATUS_REALINIT	0x00000002
94 
95 struct procctl_reaper_pidinfo {
96 	pid_t	pi_pid;
97 	pid_t	pi_subtree;
98 	u_int	pi_flags;
99 	u_int	pi_pad0[15];
100 };
101 
102 #define	REAPER_PIDINFO_VALID	0x00000001
103 #define	REAPER_PIDINFO_CHILD	0x00000002
104 #define	REAPER_PIDINFO_REAPER	0x00000004
105 #define	REAPER_PIDINFO_ZOMBIE	0x00000008
106 #define	REAPER_PIDINFO_STOPPED	0x00000010
107 #define	REAPER_PIDINFO_EXITING	0x00000020
108 
109 struct procctl_reaper_pids {
110 	u_int	rp_count;
111 	u_int	rp_pad0[15];
112 	struct procctl_reaper_pidinfo *rp_pids;
113 };
114 
115 struct procctl_reaper_kill {
116 	int	rk_sig;		/* in  - signal to send */
117 	u_int	rk_flags;	/* in  - REAPER_KILL flags */
118 	pid_t	rk_subtree;	/* in  - subtree, if REAPER_KILL_SUBTREE */
119 	u_int	rk_killed;	/* out - count of processes successfully
120 				   killed */
121 	pid_t	rk_fpid;	/* out - first failed pid for which error
122 				   is returned */
123 	u_int	rk_pad0[15];
124 };
125 
126 #define	REAPER_KILL_CHILDREN	0x00000001
127 #define	REAPER_KILL_SUBTREE	0x00000002
128 
129 #define	PROC_TRACE_CTL_ENABLE		1
130 #define	PROC_TRACE_CTL_DISABLE		2
131 #define	PROC_TRACE_CTL_DISABLE_EXEC	3
132 
133 #define	PROC_TRAPCAP_CTL_ENABLE		1
134 #define	PROC_TRAPCAP_CTL_DISABLE	2
135 
136 #define	PROC_ASLR_FORCE_ENABLE		1
137 #define	PROC_ASLR_FORCE_DISABLE		2
138 #define	PROC_ASLR_NOFORCE		3
139 #define	PROC_ASLR_ACTIVE		0x80000000
140 
141 #define	PROC_PROTMAX_FORCE_ENABLE	1
142 #define	PROC_PROTMAX_FORCE_DISABLE	2
143 #define	PROC_PROTMAX_NOFORCE		3
144 #define	PROC_PROTMAX_ACTIVE		0x80000000
145 
146 #define	PROC_STACKGAP_ENABLE		0x0001
147 #define	PROC_STACKGAP_DISABLE		0x0002
148 #define	PROC_STACKGAP_ENABLE_EXEC	0x0004
149 #define	PROC_STACKGAP_DISABLE_EXEC	0x0008
150 
151 #define	PROC_NO_NEW_PRIVS_ENABLE	1
152 #define	PROC_NO_NEW_PRIVS_DISABLE	2
153 
154 #define	PROC_WX_MAPPINGS_PERMIT		0x0001
155 #define	PROC_WX_MAPPINGS_DISALLOW_EXEC	0x0002
156 #define	PROC_WXORX_ENFORCE		0x80000000
157 
158 #define	PROC_LOGSIGEXIT_CTL_NOFORCE		1
159 #define	PROC_LOGSIGEXIT_CTL_FORCE_ENABLE	2
160 #define	PROC_LOGSIGEXIT_CTL_FORCE_DISABLE	3
161 
162 #ifndef _KERNEL
163 __BEGIN_DECLS
164 int	procctl(idtype_t, id_t, int, void *);
165 __END_DECLS
166 
167 #endif
168 
169 #endif /* !_SYS_PROCCTL_H_ */
170