xref: /freebsd/sys/kern/kern_sig.c (revision 7f3dea244c40159a41ab22da77a434d7c5b5e85a)
1 /*
2  * Copyright (c) 1982, 1986, 1989, 1991, 1993
3  *	The Regents of the University of California.  All rights reserved.
4  * (c) UNIX System Laboratories, Inc.
5  * All or some portions of this file are derived from material licensed
6  * to the University of California by American Telephone and Telegraph
7  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
8  * the permission of UNIX System Laboratories, Inc.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. All advertising materials mentioning features or use of this software
19  *    must display the following acknowledgement:
20  *	This product includes software developed by the University of
21  *	California, Berkeley and its contributors.
22  * 4. Neither the name of the University nor the names of its contributors
23  *    may be used to endorse or promote products derived from this software
24  *    without specific prior written permission.
25  *
26  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36  * SUCH DAMAGE.
37  *
38  *	@(#)kern_sig.c	8.7 (Berkeley) 4/18/94
39  * $Id: kern_sig.c,v 1.60 1999/08/16 18:13:38 billf Exp $
40  */
41 
42 #include "opt_compat.h"
43 #include "opt_ktrace.h"
44 
45 #define	SIGPROP		/* include signal properties table */
46 #include <sys/param.h>
47 #include <sys/kernel.h>
48 #include <sys/sysproto.h>
49 #include <sys/signalvar.h>
50 #include <sys/resourcevar.h>
51 #include <sys/namei.h>
52 #include <sys/vnode.h>
53 #include <sys/proc.h>
54 #include <sys/pioctl.h>
55 #include <sys/systm.h>
56 #include <sys/acct.h>
57 #include <sys/fcntl.h>
58 #include <sys/wait.h>
59 #include <sys/ktrace.h>
60 #include <sys/syslog.h>
61 #include <sys/stat.h>
62 #include <sys/sysent.h>
63 #include <sys/sysctl.h>
64 #include <sys/malloc.h>
65 
66 #include <machine/cpu.h>
67 #ifdef SMP
68 #include <machine/smp.h>
69 #endif
70 
71 static int killpg1	__P((struct proc *cp, int signum, int pgid, int all));
72 static void setsigvec	__P((struct proc *p, int signum, struct sigaction *sa));
73 static void stop	__P((struct proc *));
74 
75 static int	kern_logsigexit = 1;
76 SYSCTL_INT(_kern, KERN_LOGSIGEXIT, logsigexit, CTLFLAG_RW,
77     &kern_logsigexit, 0,
78     "Log processes quitting on abnormal signals to syslog(3)");
79 
80 /*
81  * Can process p, with pcred pc, send the signal signum to process q?
82  */
83 #define CANSIGNAL(p, pc, q, signum) \
84 	(PRISON_CHECK(p, q) && ((pc)->pc_ucred->cr_uid == 0 || \
85 	    (pc)->p_ruid == (q)->p_cred->p_ruid || \
86 	    (pc)->pc_ucred->cr_uid == (q)->p_cred->p_ruid || \
87 	    (pc)->p_ruid == (q)->p_ucred->cr_uid || \
88 	    (pc)->pc_ucred->cr_uid == (q)->p_ucred->cr_uid || \
89 	    ((signum) == SIGCONT && (q)->p_session == (p)->p_session)))
90 
91 /*
92  * Policy -- Can real uid ruid with ucred uc send a signal to process q?
93  */
94 #define CANSIGIO(ruid, uc, q) \
95 	((uc)->cr_uid == 0 || \
96 	    (ruid) == (q)->p_cred->p_ruid || \
97 	    (uc)->cr_uid == (q)->p_cred->p_ruid || \
98 	    (ruid) == (q)->p_ucred->cr_uid || \
99 	    (uc)->cr_uid == (q)->p_ucred->cr_uid)
100 
101 int sugid_coredump;
102 SYSCTL_INT(_kern, OID_AUTO, sugid_coredump, CTLFLAG_RW,
103     &sugid_coredump, 0, "Enable coredumping set user/group ID processes");
104 
105 #ifndef _SYS_SYSPROTO_H_
106 struct sigaction_args {
107 	int	signum;
108 	struct	sigaction *nsa;
109 	struct	sigaction *osa;
110 };
111 #endif
112 /* ARGSUSED */
113 int
114 sigaction(p, uap)
115 	struct proc *p;
116 	register struct sigaction_args *uap;
117 {
118 	struct sigaction vec;
119 	register struct sigaction *sa;
120 	register struct sigacts *ps = p->p_sigacts;
121 	register int signum;
122 	int bit, error;
123 
124 	signum = uap->signum;
125 	if (signum <= 0 || signum >= NSIG)
126 		return (EINVAL);
127 	sa = &vec;
128 	if (uap->osa) {
129 		bit = sigmask(signum);
130 		if ((ps->ps_siginfo & bit) != 0)
131 			sa->sa_sigaction =
132 			    (__siginfohandler_t *)ps->ps_sigact[signum];
133 		else
134 			sa->sa_handler = ps->ps_sigact[signum];
135 		sa->sa_mask = ps->ps_catchmask[signum];
136 		sa->sa_flags = 0;
137 		if ((ps->ps_sigonstack & bit) != 0)
138 			sa->sa_flags |= SA_ONSTACK;
139 		if ((ps->ps_sigintr & bit) == 0)
140 			sa->sa_flags |= SA_RESTART;
141 		if ((ps->ps_sigreset & bit) != 0)
142 			sa->sa_flags |= SA_RESETHAND;
143 		if ((ps->ps_signodefer & bit) != 0)
144 			sa->sa_flags |= SA_NODEFER;
145 		if ((ps->ps_siginfo & bit) != 0)
146 			sa->sa_flags |= SA_SIGINFO;
147 		if (signum == SIGCHLD && p->p_procsig->ps_flag & P_NOCLDSTOP)
148 			sa->sa_flags |= SA_NOCLDSTOP;
149 		if (signum == SIGCHLD && p->p_procsig->ps_flag & P_NOCLDWAIT)
150 			sa->sa_flags |= SA_NOCLDWAIT;
151 		if ((error = copyout((caddr_t)sa, (caddr_t)uap->osa,
152 		    sizeof (vec))))
153 			return (error);
154 	}
155 	if (uap->nsa) {
156 		if ((error = copyin((caddr_t)uap->nsa, (caddr_t)sa,
157 		    sizeof (vec))))
158 			return (error);
159 		if ((signum == SIGKILL || signum == SIGSTOP) &&
160 		    sa->sa_handler != SIG_DFL)
161 			return (EINVAL);
162 		setsigvec(p, signum, sa);
163 	}
164 	return (0);
165 }
166 
167 static void
168 setsigvec(p, signum, sa)
169 	register struct proc *p;
170 	int signum;
171 	register struct sigaction *sa;
172 {
173 	register struct sigacts *ps = p->p_sigacts;
174 	register int bit;
175 
176 	bit = sigmask(signum);
177 	/*
178 	 * Change setting atomically.
179 	 */
180 	(void) splhigh();
181 	ps->ps_catchmask[signum] = sa->sa_mask &~ sigcantmask;
182 	if (sa->sa_flags & SA_SIGINFO) {
183 		ps->ps_sigact[signum] = sa->sa_handler;
184 		ps->ps_siginfo |= bit;
185 	} else {
186 		ps->ps_sigact[signum] = (__sighandler_t *)sa->sa_sigaction;
187 		ps->ps_siginfo &= ~bit;
188 	}
189 	if ((sa->sa_flags & SA_RESTART) == 0)
190 		ps->ps_sigintr |= bit;
191 	else
192 		ps->ps_sigintr &= ~bit;
193 	if (sa->sa_flags & SA_ONSTACK)
194 		ps->ps_sigonstack |= bit;
195 	else
196 		ps->ps_sigonstack &= ~bit;
197 	if (sa->sa_flags & SA_RESETHAND)
198 		ps->ps_sigreset |= bit;
199 	else
200 		ps->ps_sigreset &= ~bit;
201 	if (sa->sa_flags & SA_NODEFER)
202 		ps->ps_signodefer |= bit;
203 	else
204 		ps->ps_signodefer &= ~bit;
205 #ifdef COMPAT_SUNOS
206 	if (sa->sa_flags & SA_USERTRAMP)
207 		ps->ps_usertramp |= bit;
208 	else
209 		ps->ps_usertramp &= ~bit;
210 #endif
211 	if (signum == SIGCHLD) {
212 		if (sa->sa_flags & SA_NOCLDSTOP)
213 			p->p_procsig->ps_flag |= P_NOCLDSTOP;
214 		else
215 			p->p_procsig->ps_flag &= ~P_NOCLDSTOP;
216 		if (sa->sa_flags & SA_NOCLDWAIT) {
217 			/*
218 			 * Paranoia: since SA_NOCLDWAIT is implemented by
219 			 * reparenting the dying child to PID 1 (and
220 			 * trust it to reap the zombie), PID 1 itself is
221 			 * forbidden to set SA_NOCLDWAIT.
222 			 */
223 			if (p->p_pid == 1)
224 				p->p_procsig->ps_flag &= ~P_NOCLDWAIT;
225 			else
226 				p->p_procsig->ps_flag |= P_NOCLDWAIT;
227 		} else
228 			p->p_procsig->ps_flag &= ~P_NOCLDWAIT;
229 	}
230 	/*
231 	 * Set bit in p_sigignore for signals that are set to SIG_IGN,
232 	 * and for signals set to SIG_DFL where the default is to ignore.
233 	 * However, don't put SIGCONT in p_sigignore,
234 	 * as we have to restart the process.
235 	 */
236 	if (ps->ps_sigact[signum] == SIG_IGN ||
237 	    (sigprop[signum] & SA_IGNORE && ps->ps_sigact[signum] == SIG_DFL)) {
238 		p->p_siglist &= ~bit;		/* never to be seen again */
239 		if (signum != SIGCONT)
240 			p->p_sigignore |= bit;	/* easier in psignal */
241 		p->p_sigcatch &= ~bit;
242 	} else {
243 		p->p_sigignore &= ~bit;
244 		if (ps->ps_sigact[signum] == SIG_DFL)
245 			p->p_sigcatch &= ~bit;
246 		else
247 			p->p_sigcatch |= bit;
248 	}
249 	(void) spl0();
250 }
251 
252 /*
253  * Initialize signal state for process 0;
254  * set to ignore signals that are ignored by default.
255  */
256 void
257 siginit(p)
258 	struct proc *p;
259 {
260 	register int i;
261 
262 	for (i = 0; i < NSIG; i++)
263 		if (sigprop[i] & SA_IGNORE && i != SIGCONT)
264 			p->p_sigignore |= sigmask(i);
265 }
266 
267 /*
268  * Reset signals for an exec of the specified process.
269  */
270 void
271 execsigs(p)
272 	register struct proc *p;
273 {
274 	register struct sigacts *ps = p->p_sigacts;
275 	register int nc, mask;
276 
277 	/*
278 	 * Reset caught signals.  Held signals remain held
279 	 * through p_sigmask (unless they were caught,
280 	 * and are now ignored by default).
281 	 */
282 	while (p->p_sigcatch) {
283 		nc = ffs((long)p->p_sigcatch);
284 		mask = sigmask(nc);
285 		p->p_sigcatch &= ~mask;
286 		if (sigprop[nc] & SA_IGNORE) {
287 			if (nc != SIGCONT)
288 				p->p_sigignore |= mask;
289 			p->p_siglist &= ~mask;
290 		}
291 		ps->ps_sigact[nc] = SIG_DFL;
292 	}
293 	/*
294 	 * Reset stack state to the user stack.
295 	 * Clear set of signals caught on the signal stack.
296 	 */
297 	ps->ps_sigstk.ss_flags = SS_DISABLE;
298 	ps->ps_sigstk.ss_size = 0;
299 	ps->ps_sigstk.ss_sp = 0;
300 	ps->ps_flags = 0;
301 	/*
302 	 * Reset no zombies if child dies flag as Solaris does.
303 	 */
304 	p->p_procsig->ps_flag &= ~P_NOCLDWAIT;
305 }
306 
307 /*
308  * Manipulate signal mask.
309  * Note that we receive new mask, not pointer,
310  * and return old mask as return value;
311  * the library stub does the rest.
312  */
313 #ifndef _SYS_SYSPROTO_H_
314 struct sigprocmask_args {
315 	int	how;
316 	sigset_t mask;
317 };
318 #endif
319 int
320 sigprocmask(p, uap)
321 	register struct proc *p;
322 	struct sigprocmask_args *uap;
323 {
324 	int error = 0;
325 
326 	p->p_retval[0] = p->p_sigmask;
327 	(void) splhigh();
328 
329 	switch (uap->how) {
330 	case SIG_BLOCK:
331 		p->p_sigmask |= uap->mask &~ sigcantmask;
332 		break;
333 
334 	case SIG_UNBLOCK:
335 		p->p_sigmask &= ~uap->mask;
336 		break;
337 
338 	case SIG_SETMASK:
339 		p->p_sigmask = uap->mask &~ sigcantmask;
340 		break;
341 
342 	default:
343 		error = EINVAL;
344 		break;
345 	}
346 	(void) spl0();
347 	return (error);
348 }
349 
350 #ifndef _SYS_SYSPROTO_H_
351 struct sigpending_args {
352 	int	dummy;
353 };
354 #endif
355 /* ARGSUSED */
356 int
357 sigpending(p, uap)
358 	struct proc *p;
359 	struct sigpending_args *uap;
360 {
361 
362 	p->p_retval[0] = p->p_siglist;
363 	return (0);
364 }
365 
366 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
367 /*
368  * Generalized interface signal handler, 4.3-compatible.
369  */
370 #ifndef _SYS_SYSPROTO_H_
371 struct osigvec_args {
372 	int	signum;
373 	struct	sigvec *nsv;
374 	struct	sigvec *osv;
375 };
376 #endif
377 /* ARGSUSED */
378 int
379 osigvec(p, uap)
380 	struct proc *p;
381 	register struct osigvec_args *uap;
382 {
383 	struct sigvec vec;
384 	register struct sigacts *ps = p->p_sigacts;
385 	register struct sigvec *sv;
386 	register int signum;
387 	int bit, error;
388 
389 	signum = uap->signum;
390 	if (signum <= 0 || signum >= NSIG)
391 		return (EINVAL);
392 	sv = &vec;
393 	if (uap->osv) {
394 		*(sig_t *)&sv->sv_handler = ps->ps_sigact[signum];
395 		sv->sv_mask = ps->ps_catchmask[signum];
396 		bit = sigmask(signum);
397 		sv->sv_flags = 0;
398 		if ((ps->ps_sigonstack & bit) != 0)
399 			sv->sv_flags |= SV_ONSTACK;
400 		if ((ps->ps_sigintr & bit) != 0)
401 			sv->sv_flags |= SV_INTERRUPT;
402 		if ((ps->ps_sigreset & bit) != 0)
403 			sv->sv_flags |= SV_RESETHAND;
404 		if ((ps->ps_signodefer & bit) != 0)
405 			sv->sv_flags |= SV_NODEFER;
406 		if ((ps->ps_siginfo & bit) != 0)
407 			sv->sv_flags |= SV_SIGINFO;
408 #ifndef COMPAT_SUNOS
409 		if (signum == SIGCHLD && p->p_procsig->ps_flag & P_NOCLDSTOP)
410 			sv->sv_flags |= SV_NOCLDSTOP;
411 #endif
412 		if ((error = copyout((caddr_t)sv, (caddr_t)uap->osv,
413 		    sizeof (vec))))
414 			return (error);
415 	}
416 	if (uap->nsv) {
417 		if ((error = copyin((caddr_t)uap->nsv, (caddr_t)sv,
418 		    sizeof (vec))))
419 			return (error);
420 		if ((signum == SIGKILL || signum == SIGSTOP) &&
421 		    sv->sv_handler != SIG_DFL)
422 			return (EINVAL);
423 #ifdef COMPAT_SUNOS
424 		sv->sv_flags |= SA_USERTRAMP;
425 #endif
426 		sv->sv_flags ^= SA_RESTART;	/* opposite of SV_INTERRUPT */
427 		setsigvec(p, signum, (struct sigaction *)sv);
428 	}
429 	return (0);
430 }
431 
432 #ifndef _SYS_SYSPROTO_H_
433 struct osigblock_args {
434 	int	mask;
435 };
436 #endif
437 int
438 osigblock(p, uap)
439 	register struct proc *p;
440 	struct osigblock_args *uap;
441 {
442 
443 	(void) splhigh();
444 	p->p_retval[0] = p->p_sigmask;
445 	p->p_sigmask |= uap->mask &~ sigcantmask;
446 	(void) spl0();
447 	return (0);
448 }
449 
450 #ifndef _SYS_SYSPROTO_H_
451 struct osigsetmask_args {
452 	int	mask;
453 };
454 #endif
455 int
456 osigsetmask(p, uap)
457 	struct proc *p;
458 	struct osigsetmask_args *uap;
459 {
460 
461 	(void) splhigh();
462 	p->p_retval[0] = p->p_sigmask;
463 	p->p_sigmask = uap->mask &~ sigcantmask;
464 	(void) spl0();
465 	return (0);
466 }
467 #endif /* COMPAT_43 || COMPAT_SUNOS */
468 
469 /*
470  * Suspend process until signal, providing mask to be set
471  * in the meantime.  Note nonstandard calling convention:
472  * libc stub passes mask, not pointer, to save a copyin.
473  */
474 #ifndef _SYS_SYSPROTO_H_
475 struct sigsuspend_args {
476 	sigset_t mask;
477 };
478 #endif
479 /* ARGSUSED */
480 int
481 sigsuspend(p, uap)
482 	register struct proc *p;
483 	struct sigsuspend_args *uap;
484 {
485 	register struct sigacts *ps = p->p_sigacts;
486 
487 	/*
488 	 * When returning from sigpause, we want
489 	 * the old mask to be restored after the
490 	 * signal handler has finished.  Thus, we
491 	 * save it here and mark the sigacts structure
492 	 * to indicate this.
493 	 */
494 	p->p_oldsigmask = p->p_sigmask;
495 	p->p_sigmask = uap->mask &~ sigcantmask;
496 	while (tsleep((caddr_t) ps, PPAUSE|PCATCH, "pause", 0) == 0)
497 		/* void */;
498 	/* always return EINTR rather than ERESTART... */
499 	return (EINTR);
500 }
501 
502 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
503 #ifndef _SYS_SYSPROTO_H_
504 struct osigstack_args {
505 	struct	sigstack *nss;
506 	struct	sigstack *oss;
507 };
508 #endif
509 /* ARGSUSED */
510 int
511 osigstack(p, uap)
512 	struct proc *p;
513 	register struct osigstack_args *uap;
514 {
515 	struct sigstack ss;
516 	struct sigacts *psp;
517 	int error = 0;
518 
519 	psp = p->p_sigacts;
520 	ss.ss_sp = psp->ps_sigstk.ss_sp;
521 	ss.ss_onstack = psp->ps_sigstk.ss_flags & SS_ONSTACK;
522 	if (uap->oss && (error = copyout((caddr_t)&ss, (caddr_t)uap->oss,
523 	    sizeof (struct sigstack))))
524 		return (error);
525 	if (uap->nss && (error = copyin((caddr_t)uap->nss, (caddr_t)&ss,
526 	    sizeof (ss))) == 0) {
527 		psp->ps_sigstk.ss_sp = ss.ss_sp;
528 		psp->ps_sigstk.ss_size = 0;
529 		psp->ps_sigstk.ss_flags |= ss.ss_onstack & SS_ONSTACK;
530 		psp->ps_flags |= SAS_ALTSTACK;
531 	}
532 	return (error);
533 }
534 #endif /* COMPAT_43 || COMPAT_SUNOS */
535 
536 #ifndef _SYS_SYSPROTO_H_
537 struct sigaltstack_args {
538 	struct	sigaltstack *nss;
539 	struct	sigaltstack *oss;
540 };
541 #endif
542 /* ARGSUSED */
543 int
544 sigaltstack(p, uap)
545 	struct proc *p;
546 	register struct sigaltstack_args *uap;
547 {
548 	struct sigacts *psp;
549 	struct sigaltstack ss;
550 	int error;
551 
552 	psp = p->p_sigacts;
553 	if ((psp->ps_flags & SAS_ALTSTACK) == 0)
554 		psp->ps_sigstk.ss_flags |= SS_DISABLE;
555 	if (uap->oss && (error = copyout((caddr_t)&psp->ps_sigstk,
556 	    (caddr_t)uap->oss, sizeof (struct sigaltstack))))
557 		return (error);
558 	if (uap->nss == 0)
559 		return (0);
560 	if ((error = copyin((caddr_t)uap->nss, (caddr_t)&ss, sizeof (ss))))
561 		return (error);
562 	if (ss.ss_flags & SS_DISABLE) {
563 		if (psp->ps_sigstk.ss_flags & SS_ONSTACK)
564 			return (EINVAL);
565 		psp->ps_flags &= ~SAS_ALTSTACK;
566 		psp->ps_sigstk.ss_flags = ss.ss_flags;
567 		return (0);
568 	}
569 	if (ss.ss_size < MINSIGSTKSZ)
570 		return (ENOMEM);
571 	psp->ps_flags |= SAS_ALTSTACK;
572 	psp->ps_sigstk= ss;
573 	return (0);
574 }
575 
576 /*
577  * Common code for kill process group/broadcast kill.
578  * cp is calling process.
579  */
580 int
581 killpg1(cp, signum, pgid, all)
582 	register struct proc *cp;
583 	int signum, pgid, all;
584 {
585 	register struct proc *p;
586 	register struct pcred *pc = cp->p_cred;
587 	struct pgrp *pgrp;
588 	int nfound = 0;
589 
590 	if (all)
591 		/*
592 		 * broadcast
593 		 */
594 		for (p = allproc.lh_first; p != 0; p = p->p_list.le_next) {
595 			if (p->p_pid <= 1 || p->p_flag & P_SYSTEM ||
596 			    p == cp || !CANSIGNAL(cp, pc, p, signum))
597 				continue;
598 			nfound++;
599 			if (signum)
600 				psignal(p, signum);
601 		}
602 	else {
603 		if (pgid == 0)
604 			/*
605 			 * zero pgid means send to my process group.
606 			 */
607 			pgrp = cp->p_pgrp;
608 		else {
609 			pgrp = pgfind(pgid);
610 			if (pgrp == NULL)
611 				return (ESRCH);
612 		}
613 		for (p = pgrp->pg_members.lh_first; p != 0;
614 		     p = p->p_pglist.le_next) {
615 			if (p->p_pid <= 1 || p->p_flag & P_SYSTEM ||
616 			    p->p_stat == SZOMB ||
617 			    !CANSIGNAL(cp, pc, p, signum))
618 				continue;
619 			nfound++;
620 			if (signum)
621 				psignal(p, signum);
622 		}
623 	}
624 	return (nfound ? 0 : ESRCH);
625 }
626 
627 #ifndef _SYS_SYSPROTO_H_
628 struct kill_args {
629 	int	pid;
630 	int	signum;
631 };
632 #endif
633 /* ARGSUSED */
634 int
635 kill(cp, uap)
636 	register struct proc *cp;
637 	register struct kill_args *uap;
638 {
639 	register struct proc *p;
640 	register struct pcred *pc = cp->p_cred;
641 
642 	if ((u_int)uap->signum >= NSIG)
643 		return (EINVAL);
644 	if (uap->pid > 0) {
645 		/* kill single process */
646 		if ((p = pfind(uap->pid)) == NULL)
647 			return (ESRCH);
648 		if (!CANSIGNAL(cp, pc, p, uap->signum))
649 			return (EPERM);
650 		if (uap->signum)
651 			psignal(p, uap->signum);
652 		return (0);
653 	}
654 	switch (uap->pid) {
655 	case -1:		/* broadcast signal */
656 		return (killpg1(cp, uap->signum, 0, 1));
657 	case 0:			/* signal own process group */
658 		return (killpg1(cp, uap->signum, 0, 0));
659 	default:		/* negative explicit process group */
660 		return (killpg1(cp, uap->signum, -uap->pid, 0));
661 	}
662 	/* NOTREACHED */
663 }
664 
665 #if defined(COMPAT_43) || defined(COMPAT_SUNOS)
666 #ifndef _SYS_SYSPROTO_H_
667 struct okillpg_args {
668 	int	pgid;
669 	int	signum;
670 };
671 #endif
672 /* ARGSUSED */
673 int
674 okillpg(p, uap)
675 	struct proc *p;
676 	register struct okillpg_args *uap;
677 {
678 
679 	if ((u_int)uap->signum >= NSIG)
680 		return (EINVAL);
681 	return (killpg1(p, uap->signum, uap->pgid, 0));
682 }
683 #endif /* COMPAT_43 || COMPAT_SUNOS */
684 
685 /*
686  * Send a signal to a process group.
687  */
688 void
689 gsignal(pgid, signum)
690 	int pgid, signum;
691 {
692 	struct pgrp *pgrp;
693 
694 	if (pgid && (pgrp = pgfind(pgid)))
695 		pgsignal(pgrp, signum, 0);
696 }
697 
698 /*
699  * Send a signal to a process group.  If checktty is 1,
700  * limit to members which have a controlling terminal.
701  */
702 void
703 pgsignal(pgrp, signum, checkctty)
704 	struct pgrp *pgrp;
705 	int signum, checkctty;
706 {
707 	register struct proc *p;
708 
709 	if (pgrp)
710 		for (p = pgrp->pg_members.lh_first; p != 0;
711 		     p = p->p_pglist.le_next)
712 			if (checkctty == 0 || p->p_flag & P_CONTROLT)
713 				psignal(p, signum);
714 }
715 
716 /*
717  * Send a signal caused by a trap to the current process.
718  * If it will be caught immediately, deliver it with correct code.
719  * Otherwise, post it normally.
720  */
721 void
722 trapsignal(p, signum, code)
723 	struct proc *p;
724 	register int signum;
725 	u_long code;
726 {
727 	register struct sigacts *ps = p->p_sigacts;
728 	int mask;
729 
730 	mask = sigmask(signum);
731 	if ((p->p_flag & P_TRACED) == 0 && (p->p_sigcatch & mask) != 0 &&
732 	    (p->p_sigmask & mask) == 0) {
733 		p->p_stats->p_ru.ru_nsignals++;
734 #ifdef KTRACE
735 		if (KTRPOINT(p, KTR_PSIG))
736 			ktrpsig(p->p_tracep, signum, ps->ps_sigact[signum],
737 				p->p_sigmask, code);
738 #endif
739 		(*p->p_sysent->sv_sendsig)(ps->ps_sigact[signum], signum,
740 						p->p_sigmask, code);
741 		p->p_sigmask |= ps->ps_catchmask[signum] |
742 				(mask & ~ps->ps_signodefer);
743 		if ((ps->ps_sigreset & mask) != 0) {
744 			/*
745 			 * See setsigvec() for origin of this code.
746 			 */
747 			p->p_sigcatch &= ~mask;
748 			if (signum != SIGCONT && sigprop[signum] & SA_IGNORE)
749 				p->p_sigignore |= mask;
750 			ps->ps_sigact[signum] = SIG_DFL;
751 		}
752 	} else {
753 		p->p_code = code;	/* XXX for core dump/debugger */
754 		p->p_sig = signum;	/* XXX to verify code */
755 		psignal(p, signum);
756 	}
757 }
758 
759 /*
760  * Send the signal to the process.  If the signal has an action, the action
761  * is usually performed by the target process rather than the caller; we add
762  * the signal to the set of pending signals for the process.
763  *
764  * Exceptions:
765  *   o When a stop signal is sent to a sleeping process that takes the
766  *     default action, the process is stopped without awakening it.
767  *   o SIGCONT restarts stopped processes (or puts them back to sleep)
768  *     regardless of the signal action (eg, blocked or ignored).
769  *
770  * Other ignored signals are discarded immediately.
771  */
772 void
773 psignal(p, signum)
774 	register struct proc *p;
775 	register int signum;
776 {
777 	register int s, prop;
778 	register sig_t action;
779 	int mask;
780 
781 	if ((u_int)signum >= NSIG || signum == 0) {
782 		printf("psignal: signum %d\n", signum);
783 		panic("psignal signal number");
784 	}
785 	mask = sigmask(signum);
786 	prop = sigprop[signum];
787 
788 	/*
789 	 * If proc is traced, always give parent a chance;
790 	 * if signal event is tracked by procfs, give *that*
791 	 * a chance, as well.
792 	 */
793 	if ((p->p_flag & P_TRACED) || (p->p_stops & S_SIG))
794 		action = SIG_DFL;
795 	else {
796 		/*
797 		 * If the signal is being ignored,
798 		 * then we forget about it immediately.
799 		 * (Note: we don't set SIGCONT in p_sigignore,
800 		 * and if it is set to SIG_IGN,
801 		 * action will be SIG_DFL here.)
802 		 */
803 		if ((p->p_sigignore & mask) || (p->p_flag & P_WEXIT))
804 			return;
805 		if (p->p_sigmask & mask)
806 			action = SIG_HOLD;
807 		else if (p->p_sigcatch & mask)
808 			action = SIG_CATCH;
809 		else
810 			action = SIG_DFL;
811 	}
812 
813 	if (p->p_nice > NZERO && action == SIG_DFL && (prop & SA_KILL) &&
814 	    (p->p_flag & P_TRACED) == 0)
815 		p->p_nice = NZERO;
816 
817 	if (prop & SA_CONT)
818 		p->p_siglist &= ~stopsigmask;
819 
820 	if (prop & SA_STOP) {
821 		/*
822 		 * If sending a tty stop signal to a member of an orphaned
823 		 * process group, discard the signal here if the action
824 		 * is default; don't stop the process below if sleeping,
825 		 * and don't clear any pending SIGCONT.
826 		 */
827 		if (prop & SA_TTYSTOP && p->p_pgrp->pg_jobc == 0 &&
828 		    action == SIG_DFL)
829 		        return;
830 		p->p_siglist &= ~contsigmask;
831 	}
832 	p->p_siglist |= mask;
833 
834 	/*
835 	 * Defer further processing for signals which are held,
836 	 * except that stopped processes must be continued by SIGCONT.
837 	 */
838 	if (action == SIG_HOLD && ((prop & SA_CONT) == 0 || p->p_stat != SSTOP))
839 		return;
840 	s = splhigh();
841 	switch (p->p_stat) {
842 
843 	case SSLEEP:
844 		/*
845 		 * If process is sleeping uninterruptibly
846 		 * we can't interrupt the sleep... the signal will
847 		 * be noticed when the process returns through
848 		 * trap() or syscall().
849 		 */
850 		if ((p->p_flag & P_SINTR) == 0)
851 			goto out;
852 		/*
853 		 * Process is sleeping and traced... make it runnable
854 		 * so it can discover the signal in issignal() and stop
855 		 * for the parent.
856 		 */
857 		if (p->p_flag & P_TRACED)
858 			goto run;
859 		/*
860 		 * If SIGCONT is default (or ignored) and process is
861 		 * asleep, we are finished; the process should not
862 		 * be awakened.
863 		 */
864 		if ((prop & SA_CONT) && action == SIG_DFL) {
865 			p->p_siglist &= ~mask;
866 			goto out;
867 		}
868 		/*
869 		 * When a sleeping process receives a stop
870 		 * signal, process immediately if possible.
871 		 * All other (caught or default) signals
872 		 * cause the process to run.
873 		 */
874 		if (prop & SA_STOP) {
875 			if (action != SIG_DFL)
876 				goto runfast;
877 			/*
878 			 * If a child holding parent blocked,
879 			 * stopping could cause deadlock.
880 			 */
881 			if (p->p_flag & P_PPWAIT)
882 				goto out;
883 			p->p_siglist &= ~mask;
884 			p->p_xstat = signum;
885 			if ((p->p_pptr->p_procsig->ps_flag & P_NOCLDSTOP) == 0)
886 				psignal(p->p_pptr, SIGCHLD);
887 			stop(p);
888 			goto out;
889 		} else
890 			goto runfast;
891 		/*NOTREACHED*/
892 
893 	case SSTOP:
894 		/*
895 		 * If traced process is already stopped,
896 		 * then no further action is necessary.
897 		 */
898 		if (p->p_flag & P_TRACED)
899 			goto out;
900 
901 		/*
902 		 * Kill signal always sets processes running.
903 		 */
904 		if (signum == SIGKILL)
905 			goto runfast;
906 
907 		if (prop & SA_CONT) {
908 			/*
909 			 * If SIGCONT is default (or ignored), we continue the
910 			 * process but don't leave the signal in p_siglist, as
911 			 * it has no further action.  If SIGCONT is held, we
912 			 * continue the process and leave the signal in
913 			 * p_siglist.  If the process catches SIGCONT, let it
914 			 * handle the signal itself.  If it isn't waiting on
915 			 * an event, then it goes back to run state.
916 			 * Otherwise, process goes back to sleep state.
917 			 */
918 			if (action == SIG_DFL)
919 				p->p_siglist &= ~mask;
920 			if (action == SIG_CATCH)
921 				goto runfast;
922 			if (p->p_wchan == 0)
923 				goto run;
924 			p->p_stat = SSLEEP;
925 			goto out;
926 		}
927 
928 		if (prop & SA_STOP) {
929 			/*
930 			 * Already stopped, don't need to stop again.
931 			 * (If we did the shell could get confused.)
932 			 */
933 			p->p_siglist &= ~mask;		/* take it away */
934 			goto out;
935 		}
936 
937 		/*
938 		 * If process is sleeping interruptibly, then simulate a
939 		 * wakeup so that when it is continued, it will be made
940 		 * runnable and can look at the signal.  But don't make
941 		 * the process runnable, leave it stopped.
942 		 */
943 		if (p->p_wchan && p->p_flag & P_SINTR)
944 			unsleep(p);
945 		goto out;
946 
947 	default:
948 		/*
949 		 * SRUN, SIDL, SZOMB do nothing with the signal,
950 		 * other than kicking ourselves if we are running.
951 		 * It will either never be noticed, or noticed very soon.
952 		 */
953 		if (p == curproc)
954 			signotify(p);
955 #ifdef SMP
956 		else if (p->p_stat == SRUN)
957 			forward_signal(p);
958 #endif
959 		goto out;
960 	}
961 	/*NOTREACHED*/
962 
963 runfast:
964 	/*
965 	 * Raise priority to at least PUSER.
966 	 */
967 	if (p->p_priority > PUSER)
968 		p->p_priority = PUSER;
969 run:
970 	setrunnable(p);
971 out:
972 	splx(s);
973 }
974 
975 /*
976  * If the current process has received a signal (should be caught or cause
977  * termination, should interrupt current syscall), return the signal number.
978  * Stop signals with default action are processed immediately, then cleared;
979  * they aren't returned.  This is checked after each entry to the system for
980  * a syscall or trap (though this can usually be done without calling issignal
981  * by checking the pending signal masks in the CURSIG macro.) The normal call
982  * sequence is
983  *
984  *	while (signum = CURSIG(curproc))
985  *		postsig(signum);
986  */
987 int
988 issignal(p)
989 	register struct proc *p;
990 {
991 	register int signum, mask, prop;
992 
993 	for (;;) {
994 		int traced = (p->p_flag & P_TRACED) || (p->p_stops & S_SIG);
995 
996 		mask = p->p_siglist & ~p->p_sigmask;
997 		if (p->p_flag & P_PPWAIT)
998 			mask &= ~stopsigmask;
999 		if (mask == 0)	 	/* no signal to send */
1000 			return (0);
1001 		signum = ffs((long)mask);
1002 		mask = sigmask(signum);
1003 		prop = sigprop[signum];
1004 
1005 		STOPEVENT(p, S_SIG, signum);
1006 
1007 		/*
1008 		 * We should see pending but ignored signals
1009 		 * only if P_TRACED was on when they were posted.
1010 		 */
1011 		if ((mask & p->p_sigignore) && (traced == 0)) {
1012 			p->p_siglist &= ~mask;
1013 			continue;
1014 		}
1015 		if (p->p_flag & P_TRACED && (p->p_flag & P_PPWAIT) == 0) {
1016 			/*
1017 			 * If traced, always stop, and stay
1018 			 * stopped until released by the parent.
1019 			 */
1020 			p->p_xstat = signum;
1021 			psignal(p->p_pptr, SIGCHLD);
1022 			do {
1023 				stop(p);
1024 				mi_switch();
1025 			} while (!trace_req(p)
1026 				 && p->p_flag & P_TRACED);
1027 
1028 			/*
1029 			 * If the traced bit got turned off, go back up
1030 			 * to the top to rescan signals.  This ensures
1031 			 * that p_sig* and ps_sigact are consistent.
1032 			 */
1033 			if ((p->p_flag & P_TRACED) == 0)
1034 				continue;
1035 
1036 			/*
1037 			 * If parent wants us to take the signal,
1038 			 * then it will leave it in p->p_xstat;
1039 			 * otherwise we just look for signals again.
1040 			 */
1041 			p->p_siglist &= ~mask;	/* clear the old signal */
1042 			signum = p->p_xstat;
1043 			if (signum == 0)
1044 				continue;
1045 
1046 			/*
1047 			 * Put the new signal into p_siglist.  If the
1048 			 * signal is being masked, look for other signals.
1049 			 */
1050 			mask = sigmask(signum);
1051 			p->p_siglist |= mask;
1052 			if (p->p_sigmask & mask)
1053 				continue;
1054 		}
1055 
1056 		/*
1057 		 * Decide whether the signal should be returned.
1058 		 * Return the signal's number, or fall through
1059 		 * to clear it from the pending mask.
1060 		 */
1061 		switch ((int)(intptr_t)p->p_sigacts->ps_sigact[signum]) {
1062 
1063 		case (int)SIG_DFL:
1064 			/*
1065 			 * Don't take default actions on system processes.
1066 			 */
1067 			if (p->p_pid <= 1) {
1068 #ifdef DIAGNOSTIC
1069 				/*
1070 				 * Are you sure you want to ignore SIGSEGV
1071 				 * in init? XXX
1072 				 */
1073 				printf("Process (pid %lu) got signal %d\n",
1074 					(u_long)p->p_pid, signum);
1075 #endif
1076 				break;		/* == ignore */
1077 			}
1078 			/*
1079 			 * If there is a pending stop signal to process
1080 			 * with default action, stop here,
1081 			 * then clear the signal.  However,
1082 			 * if process is member of an orphaned
1083 			 * process group, ignore tty stop signals.
1084 			 */
1085 			if (prop & SA_STOP) {
1086 				if (p->p_flag & P_TRACED ||
1087 		    		    (p->p_pgrp->pg_jobc == 0 &&
1088 				    prop & SA_TTYSTOP))
1089 					break;	/* == ignore */
1090 				p->p_xstat = signum;
1091 				stop(p);
1092 				if ((p->p_pptr->p_procsig->ps_flag & P_NOCLDSTOP) == 0)
1093 					psignal(p->p_pptr, SIGCHLD);
1094 				mi_switch();
1095 				break;
1096 			} else if (prop & SA_IGNORE) {
1097 				/*
1098 				 * Except for SIGCONT, shouldn't get here.
1099 				 * Default action is to ignore; drop it.
1100 				 */
1101 				break;		/* == ignore */
1102 			} else
1103 				return (signum);
1104 			/*NOTREACHED*/
1105 
1106 		case (int)SIG_IGN:
1107 			/*
1108 			 * Masking above should prevent us ever trying
1109 			 * to take action on an ignored signal other
1110 			 * than SIGCONT, unless process is traced.
1111 			 */
1112 			if ((prop & SA_CONT) == 0 &&
1113 			    (p->p_flag & P_TRACED) == 0)
1114 				printf("issignal\n");
1115 			break;		/* == ignore */
1116 
1117 		default:
1118 			/*
1119 			 * This signal has an action, let
1120 			 * postsig() process it.
1121 			 */
1122 			return (signum);
1123 		}
1124 		p->p_siglist &= ~mask;		/* take the signal! */
1125 	}
1126 	/* NOTREACHED */
1127 }
1128 
1129 /*
1130  * Put the argument process into the stopped state and notify the parent
1131  * via wakeup.  Signals are handled elsewhere.  The process must not be
1132  * on the run queue.
1133  */
1134 void
1135 stop(p)
1136 	register struct proc *p;
1137 {
1138 
1139 	p->p_stat = SSTOP;
1140 	p->p_flag &= ~P_WAITED;
1141 	wakeup((caddr_t)p->p_pptr);
1142 }
1143 
1144 /*
1145  * Take the action for the specified signal
1146  * from the current set of pending signals.
1147  */
1148 void
1149 postsig(signum)
1150 	register int signum;
1151 {
1152 	register struct proc *p = curproc;
1153 	register struct sigacts *ps = p->p_sigacts;
1154 	register sig_t action;
1155 	int code, mask, returnmask;
1156 
1157 	KASSERT(signum != 0, ("postsig"));
1158 
1159 	mask = sigmask(signum);
1160 	p->p_siglist &= ~mask;
1161 	action = ps->ps_sigact[signum];
1162 #ifdef KTRACE
1163 	if (KTRPOINT(p, KTR_PSIG))
1164 		ktrpsig(p->p_tracep,
1165 		    signum, action, p->p_oldsigmask ?
1166 		    p->p_oldsigmask : p->p_sigmask, 0);
1167 #endif
1168 	STOPEVENT(p, S_SIG, signum);
1169 
1170 	if (action == SIG_DFL) {
1171 		/*
1172 		 * Default action, where the default is to kill
1173 		 * the process.  (Other cases were ignored above.)
1174 		 */
1175 		sigexit(p, signum);
1176 		/* NOTREACHED */
1177 	} else {
1178 		/*
1179 		 * If we get here, the signal must be caught.
1180 		 */
1181 		KASSERT(action != SIG_IGN && (p->p_sigmask & mask) == 0,
1182 		    ("postsig action"));
1183 		/*
1184 		 * Set the new mask value and also defer further
1185 		 * occurences of this signal.
1186 		 *
1187 		 * Special case: user has done a sigpause.  Here the
1188 		 * current mask is not of interest, but rather the
1189 		 * mask from before the sigpause is what we want
1190 		 * restored after the signal processing is completed.
1191 		 */
1192 		(void) splhigh();
1193 		if (p->p_oldsigmask) {
1194 			returnmask = p->p_oldsigmask;
1195 			p->p_oldsigmask = 0;
1196 		} else
1197 			returnmask = p->p_sigmask;
1198 		p->p_sigmask |= ps->ps_catchmask[signum] |
1199 				(mask & ~ps->ps_signodefer);
1200 		if ((ps->ps_sigreset & mask) != 0) {
1201 			/*
1202 			 * See setsigvec() for origin of this code.
1203 			 */
1204 			p->p_sigcatch &= ~mask;
1205 			if (signum != SIGCONT && sigprop[signum] & SA_IGNORE)
1206 				p->p_sigignore |= mask;
1207 			ps->ps_sigact[signum] = SIG_DFL;
1208 		}
1209 		(void) spl0();
1210 		p->p_stats->p_ru.ru_nsignals++;
1211 		if (p->p_sig != signum) {
1212 			code = 0;
1213 		} else {
1214 			code = p->p_code;
1215 			p->p_code = 0;
1216 			p->p_sig = 0;
1217 		}
1218 		(*p->p_sysent->sv_sendsig)(action, signum, returnmask, code);
1219 	}
1220 }
1221 
1222 /*
1223  * Kill the current process for stated reason.
1224  */
1225 void
1226 killproc(p, why)
1227 	struct proc *p;
1228 	char *why;
1229 {
1230 	log(LOG_ERR, "pid %d (%s), uid %d, was killed: %s\n", p->p_pid, p->p_comm,
1231 		p->p_cred && p->p_ucred ? p->p_ucred->cr_uid : -1, why);
1232 	psignal(p, SIGKILL);
1233 }
1234 
1235 /*
1236  * Force the current process to exit with the specified signal, dumping core
1237  * if appropriate.  We bypass the normal tests for masked and caught signals,
1238  * allowing unrecoverable failures to terminate the process without changing
1239  * signal state.  Mark the accounting record with the signal termination.
1240  * If dumping core, save the signal number for the debugger.  Calls exit and
1241  * does not return.
1242  */
1243 void
1244 sigexit(p, signum)
1245 	register struct proc *p;
1246 	int signum;
1247 {
1248 
1249 	p->p_acflag |= AXSIG;
1250 	if (sigprop[signum] & SA_CORE) {
1251 		p->p_sig = signum;
1252 		/*
1253 		 * Log signals which would cause core dumps
1254 		 * (Log as LOG_INFO to appease those who don't want
1255 		 * these messages.)
1256 		 * XXX : Todo, as well as euid, write out ruid too
1257 		 */
1258 		if (p->p_sysent->sv_coredump != NULL &&
1259 		    (*p->p_sysent->sv_coredump)(p) == 0)
1260 			signum |= WCOREFLAG;
1261 		if (kern_logsigexit)
1262 			log(LOG_INFO,
1263 			    "pid %d (%s), uid %d: exited on signal %d%s\n",
1264 			    p->p_pid, p->p_comm,
1265 			    p->p_cred && p->p_ucred ? p->p_ucred->cr_uid : -1,
1266 			    signum &~ WCOREFLAG,
1267 			    signum & WCOREFLAG ? " (core dumped)" : "");
1268 	}
1269 	exit1(p, W_EXITCODE(0, signum));
1270 	/* NOTREACHED */
1271 }
1272 
1273 static char corefilename[MAXPATHLEN+1] = {"%N.core"};
1274 SYSCTL_STRING(_kern, OID_AUTO, corefile, CTLFLAG_RW, corefilename,
1275 	      sizeof(corefilename), "process corefile name format string");
1276 
1277 /*
1278  * expand_name(name, uid, pid)
1279  * Expand the name described in corefilename, using name, uid, and pid.
1280  * corefilename is a printf-like string, with three format specifiers:
1281  *	%N	name of process ("name")
1282  *	%P	process id (pid)
1283  *	%U	user id (uid)
1284  * For example, "%N.core" is the default; they can be disabled completely
1285  * by using "/dev/null", or all core files can be stored in "/cores/%U/%N-%P".
1286  * This is controlled by the sysctl variable kern.corefile (see above).
1287  */
1288 
1289 char *
1290 expand_name(name, uid, pid)
1291 const char *name; uid_t uid; pid_t pid; {
1292 	char *temp;
1293 	char buf[11];		/* Buffer for pid/uid -- max 4B */
1294 	int i, n;
1295 	char *format = corefilename;
1296 	size_t namelen;
1297 
1298 	temp = malloc(MAXPATHLEN + 1, M_TEMP, M_NOWAIT);
1299 	if (temp == NULL)
1300 		return NULL;
1301 	namelen = strlen(name);
1302 	for (i = 0, n = 0; n < MAXPATHLEN && format[i]; i++) {
1303 		int l;
1304 		switch (format[i]) {
1305 		case '%':	/* Format character */
1306 			i++;
1307 			switch (format[i]) {
1308 			case '%':
1309 				temp[n++] = '%';
1310 				break;
1311 			case 'N':	/* process name */
1312 				if ((n + namelen) > MAXPATHLEN) {
1313 					log(LOG_ERR, "pid %d (%s), uid (%u):  Path `%s%s' is too long\n",
1314 					    pid, name, uid, temp, name);
1315 					free(temp, M_TEMP);
1316 					return NULL;
1317 				}
1318 				memcpy(temp+n, name, namelen);
1319 				n += namelen;
1320 				break;
1321 			case 'P':	/* process id */
1322 				l = sprintf(buf, "%u", pid);
1323 				if ((n + l) > MAXPATHLEN) {
1324 					log(LOG_ERR, "pid %d (%s), uid (%u):  Path `%s%s' is too long\n",
1325 					    pid, name, uid, temp, name);
1326 					free(temp, M_TEMP);
1327 					return NULL;
1328 				}
1329 				memcpy(temp+n, buf, l);
1330 				n += l;
1331 				break;
1332 			case 'U':	/* user id */
1333 				l = sprintf(buf, "%u", uid);
1334 				if ((n + l) > MAXPATHLEN) {
1335 					log(LOG_ERR, "pid %d (%s), uid (%u):  Path `%s%s' is too long\n",
1336 					    pid, name, uid, temp, name);
1337 					free(temp, M_TEMP);
1338 					return NULL;
1339 				}
1340 				memcpy(temp+n, buf, l);
1341 				n += l;
1342 				break;
1343 			default:
1344 			  	log(LOG_ERR, "Unknown format character %c in `%s'\n", format[i], format);
1345 			}
1346 			break;
1347 		default:
1348 			temp[n++] = format[i];
1349 		}
1350 	}
1351 	temp[n] = '\0';
1352 	return temp;
1353 }
1354 
1355 /*
1356  * Nonexistent system call-- signal process (may want to handle it).
1357  * Flag error in case process won't see signal immediately (blocked or ignored).
1358  */
1359 #ifndef _SYS_SYSPROTO_H_
1360 struct nosys_args {
1361 	int	dummy;
1362 };
1363 #endif
1364 /* ARGSUSED */
1365 int
1366 nosys(p, args)
1367 	struct proc *p;
1368 	struct nosys_args *args;
1369 {
1370 
1371 	psignal(p, SIGSYS);
1372 	return (EINVAL);
1373 }
1374 
1375 /*
1376  * Send a signal to a SIGIO or SIGURG to a process or process group using
1377  * stored credentials rather than those of the current process.
1378  */
1379 void
1380 pgsigio(sigio, signum, checkctty)
1381 	struct sigio *sigio;
1382 	int signum, checkctty;
1383 {
1384 	if (sigio == NULL)
1385 		return;
1386 
1387 	if (sigio->sio_pgid > 0) {
1388 		if (CANSIGIO(sigio->sio_ruid, sigio->sio_ucred,
1389 		             sigio->sio_proc))
1390 			psignal(sigio->sio_proc, signum);
1391 	} else if (sigio->sio_pgid < 0) {
1392 		struct proc *p;
1393 
1394 		for (p = sigio->sio_pgrp->pg_members.lh_first; p != NULL;
1395 		     p = p->p_pglist.le_next)
1396 			if (CANSIGIO(sigio->sio_ruid, sigio->sio_ucred, p) &&
1397 			    (checkctty == 0 || (p->p_flag & P_CONTROLT)))
1398 				psignal(p, signum);
1399 	}
1400 }
1401