1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2013 Hudson River Trading LLC 5 * Copyright (c) 2014, 2016 The FreeBSD Foundation 6 * Written by: John H. Baldwin <jhb@FreeBSD.org> 7 * All rights reserved. 8 * 9 * Portions of this software were developed by Konstantin Belousov 10 * under sponsorship from the FreeBSD Foundation. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef _SYS_PROCCTL_H_ 35 #define _SYS_PROCCTL_H_ 36 37 #ifndef _KERNEL 38 #include <sys/types.h> 39 #include <sys/wait.h> 40 #endif 41 42 /* MD PROCCTL verbs start at 0x10000000 */ 43 #define PROC_PROCCTL_MD_MIN 0x10000000 44 #include <machine/procctl.h> 45 46 #define PROC_SPROTECT 1 /* set protected state */ 47 #define PROC_REAP_ACQUIRE 2 /* reaping enable */ 48 #define PROC_REAP_RELEASE 3 /* reaping disable */ 49 #define PROC_REAP_STATUS 4 /* reaping status */ 50 #define PROC_REAP_GETPIDS 5 /* get descendants */ 51 #define PROC_REAP_KILL 6 /* kill descendants */ 52 #define PROC_TRACE_CTL 7 /* en/dis ptrace and coredumps */ 53 #define PROC_TRACE_STATUS 8 /* query tracing status */ 54 #define PROC_TRAPCAP_CTL 9 /* trap capability errors */ 55 #define PROC_TRAPCAP_STATUS 10 /* query trap capability status */ 56 #define PROC_PDEATHSIG_CTL 11 /* set parent death signal */ 57 #define PROC_PDEATHSIG_STATUS 12 /* get parent death signal */ 58 #define PROC_ASLR_CTL 13 /* en/dis ASLR */ 59 #define PROC_ASLR_STATUS 14 /* query ASLR status */ 60 #define PROC_PROTMAX_CTL 15 /* en/dis implicit PROT_MAX */ 61 #define PROC_PROTMAX_STATUS 16 /* query implicit PROT_MAX status */ 62 #define PROC_STACKGAP_CTL 17 /* en/dis stack gap on MAP_STACK */ 63 #define PROC_STACKGAP_STATUS 18 /* query stack gap */ 64 #define PROC_NO_NEW_PRIVS_CTL 19 /* disable setuid/setgid */ 65 #define PROC_NO_NEW_PRIVS_STATUS 20 /* query suid/sgid disabled status */ 66 #define PROC_WXMAP_CTL 21 /* control W^X */ 67 #define PROC_WXMAP_STATUS 22 /* query W^X */ 68 #define PROC_LOGSIGEXIT_CTL 23 /* en/dis logging on sigexit */ 69 #define PROC_LOGSIGEXIT_STATUS 24 /* query logging on sigexit */ 70 71 /* Operations for PROC_SPROTECT (passed in integer arg). */ 72 #define PPROT_OP(x) ((x) & 0xf) 73 #define PPROT_SET 1 74 #define PPROT_CLEAR 2 75 76 /* Flags for PROC_SPROTECT (ORed in with operation). */ 77 #define PPROT_FLAGS(x) ((x) & ~0xf) 78 #define PPROT_DESCEND 0x10 79 #define PPROT_INHERIT 0x20 80 81 /* Result of PREAP_STATUS (returned by value). */ 82 struct procctl_reaper_status { 83 u_int rs_flags; 84 u_int rs_children; 85 u_int rs_descendants; 86 pid_t rs_reaper; 87 pid_t rs_pid; 88 u_int rs_pad0[15]; 89 }; 90 91 /* struct procctl_reaper_status rs_flags */ 92 #define REAPER_STATUS_OWNED 0x00000001 93 #define REAPER_STATUS_REALINIT 0x00000002 94 95 struct procctl_reaper_pidinfo { 96 pid_t pi_pid; 97 pid_t pi_subtree; 98 u_int pi_flags; 99 u_int pi_pad0[15]; 100 }; 101 102 #define REAPER_PIDINFO_VALID 0x00000001 103 #define REAPER_PIDINFO_CHILD 0x00000002 104 #define REAPER_PIDINFO_REAPER 0x00000004 105 #define REAPER_PIDINFO_ZOMBIE 0x00000008 106 #define REAPER_PIDINFO_STOPPED 0x00000010 107 #define REAPER_PIDINFO_EXITING 0x00000020 108 109 struct procctl_reaper_pids { 110 u_int rp_count; 111 u_int rp_pad0[15]; 112 struct procctl_reaper_pidinfo *rp_pids; 113 }; 114 115 struct procctl_reaper_kill { 116 int rk_sig; /* in - signal to send */ 117 u_int rk_flags; /* in - REAPER_KILL flags */ 118 pid_t rk_subtree; /* in - subtree, if REAPER_KILL_SUBTREE */ 119 u_int rk_killed; /* out - count of processes successfully 120 killed */ 121 pid_t rk_fpid; /* out - first failed pid for which error 122 is returned */ 123 u_int rk_pad0[15]; 124 }; 125 126 #define REAPER_KILL_CHILDREN 0x00000001 127 #define REAPER_KILL_SUBTREE 0x00000002 128 129 #define PROC_TRACE_CTL_ENABLE 1 130 #define PROC_TRACE_CTL_DISABLE 2 131 #define PROC_TRACE_CTL_DISABLE_EXEC 3 132 133 #define PROC_TRAPCAP_CTL_ENABLE 1 134 #define PROC_TRAPCAP_CTL_DISABLE 2 135 136 #define PROC_ASLR_FORCE_ENABLE 1 137 #define PROC_ASLR_FORCE_DISABLE 2 138 #define PROC_ASLR_NOFORCE 3 139 #define PROC_ASLR_ACTIVE 0x80000000 140 141 #define PROC_PROTMAX_FORCE_ENABLE 1 142 #define PROC_PROTMAX_FORCE_DISABLE 2 143 #define PROC_PROTMAX_NOFORCE 3 144 #define PROC_PROTMAX_ACTIVE 0x80000000 145 146 #define PROC_STACKGAP_ENABLE 0x0001 147 #define PROC_STACKGAP_DISABLE 0x0002 148 #define PROC_STACKGAP_ENABLE_EXEC 0x0004 149 #define PROC_STACKGAP_DISABLE_EXEC 0x0008 150 151 #define PROC_NO_NEW_PRIVS_ENABLE 1 152 #define PROC_NO_NEW_PRIVS_DISABLE 2 153 154 #define PROC_WX_MAPPINGS_PERMIT 0x0001 155 #define PROC_WX_MAPPINGS_DISALLOW_EXEC 0x0002 156 #define PROC_WXORX_ENFORCE 0x80000000 157 158 #define PROC_LOGSIGEXIT_CTL_NOFORCE 1 159 #define PROC_LOGSIGEXIT_CTL_FORCE_ENABLE 2 160 #define PROC_LOGSIGEXIT_CTL_FORCE_DISABLE 3 161 162 #ifndef _KERNEL 163 __BEGIN_DECLS 164 int procctl(idtype_t, id_t, int, void *); 165 __END_DECLS 166 167 #endif 168 169 #endif /* !_SYS_PROCCTL_H_ */ 170