xref: /illumos-gate/usr/src/uts/common/syscall/corectl.c (revision a61ed2ce7a86a4d6428f2a83eb4739fae945447e)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <sys/proc.h>
27 #include <sys/systm.h>
28 #include <sys/param.h>
29 #include <sys/atomic.h>
30 #include <sys/kmem.h>
31 #include <sys/sysmacros.h>
32 #include <sys/procset.h>
33 #include <sys/corectl.h>
34 #include <sys/zone.h>
35 #include <sys/cmn_err.h>
36 #include <sys/policy.h>
37 
38 /*
39  * Core File Settings
40  * ------------------
41  *
42  * A process's core file path and content live in separate reference-counted
43  * structures. The corectl_content_t structure is fairly straightforward --
44  * the only subtlety is that we only really _need_ the mutex on architectures
45  * on which 64-bit memory operations are not atomic. The corectl_path_t
46  * structure is slightly trickier in that it contains a refstr_t rather than
47  * just a char * string. This is to allow consumers of the data in that
48  * structure (the core dumping sub-system for example) to safely use the
49  * string without holding any locks on it in light of updates.
50  *
51  * At system and zone boot, init_core() sets init(1M)'s core file path and
52  * content to the same value as the fields core_default_path and
53  * core_default_content respectively (for the global zone). All subsequent
54  * children of init(1M) reference those same settings. During boot coreadm(1M)
55  * is invoked with the -u option to update the system settings from
56  * /etc/coreadm.conf. This has the effect of also changing the values in
57  * core_default_path and core_default_content which updates the core file
58  * settings for all processes in the zone.  Each zone has different default
59  * settings; when processes enter a non-global zone, their core file path and
60  * content are set to the zone's default path and content.
61  *
62  * Processes that have their core file settings explicitly overridden using
63  * coreadm(1M) no longer reference core_default_path or core_default_content
64  * so subsequent changes to the default will not affect them.
65  */
66 
67 zone_key_t	core_zone_key;
68 
69 static int set_proc_info(pid_t pid, const char *path, core_content_t content);
70 
71 static corectl_content_t *
72 corectl_content_alloc(core_content_t cc)
73 {
74 	corectl_content_t *ccp;
75 
76 	ccp = kmem_zalloc(sizeof (corectl_content_t), KM_SLEEP);
77 	ccp->ccc_content = cc;
78 	ccp->ccc_refcnt = 1;
79 
80 	return (ccp);
81 }
82 
83 core_content_t
84 corectl_content_value(corectl_content_t *ccp)
85 {
86 	core_content_t content;
87 
88 	mutex_enter(&ccp->ccc_mtx);
89 	content = ccp->ccc_content;
90 	mutex_exit(&ccp->ccc_mtx);
91 
92 	return (content);
93 }
94 
95 static void
96 corectl_content_set(corectl_content_t *ccp, core_content_t content)
97 {
98 	mutex_enter(&ccp->ccc_mtx);
99 	ccp->ccc_content = content;
100 	mutex_exit(&ccp->ccc_mtx);
101 }
102 
103 void
104 corectl_content_hold(corectl_content_t *ccp)
105 {
106 	atomic_inc_32(&ccp->ccc_refcnt);
107 }
108 
109 void
110 corectl_content_rele(corectl_content_t *ccp)
111 {
112 	if (atomic_dec_32_nv(&ccp->ccc_refcnt) == 0)
113 		kmem_free(ccp, sizeof (corectl_content_t));
114 }
115 
116 
117 static corectl_path_t *
118 corectl_path_alloc(const char *path)
119 {
120 	corectl_path_t *ccp;
121 
122 	ccp = kmem_zalloc(sizeof (corectl_path_t), KM_SLEEP);
123 	ccp->ccp_path = refstr_alloc(path);
124 	ccp->ccp_refcnt = 1;
125 
126 	return (ccp);
127 }
128 
129 refstr_t *
130 corectl_path_value(corectl_path_t *ccp)
131 {
132 	refstr_t *path;
133 
134 	mutex_enter(&ccp->ccp_mtx);
135 	refstr_hold(path = ccp->ccp_path);
136 	mutex_exit(&ccp->ccp_mtx);
137 
138 	return (path);
139 }
140 
141 static void
142 corectl_path_set(corectl_path_t *ccp, const char *path)
143 {
144 	refstr_t *npath = refstr_alloc(path);
145 
146 	mutex_enter(&ccp->ccp_mtx);
147 	refstr_rele(ccp->ccp_path);
148 	ccp->ccp_path = npath;
149 	mutex_exit(&ccp->ccp_mtx);
150 }
151 
152 void
153 corectl_path_hold(corectl_path_t *ccp)
154 {
155 	atomic_inc_32(&ccp->ccp_refcnt);
156 }
157 
158 void
159 corectl_path_rele(corectl_path_t *ccp)
160 {
161 	if (atomic_dec_32_nv(&ccp->ccp_refcnt) == 0) {
162 		refstr_rele(ccp->ccp_path);
163 		kmem_free(ccp, sizeof (corectl_path_t));
164 	}
165 }
166 
167 /*
168  * Constructor routine to be called when a zone is created.
169  */
170 /*ARGSUSED*/
171 static void *
172 core_init_zone(zoneid_t zoneid)
173 {
174 	struct core_globals *cg;
175 
176 	cg = kmem_alloc(sizeof (*cg), KM_SLEEP);
177 	mutex_init(&cg->core_lock, NULL, MUTEX_DEFAULT, NULL);
178 	cg->core_file = NULL;
179 	cg->core_options = CC_PROCESS_PATH;
180 	cg->core_content = CC_CONTENT_DEFAULT;
181 	cg->core_rlimit = RLIM64_INFINITY;
182 	cg->core_default_path = corectl_path_alloc("core");
183 	cg->core_default_content = corectl_content_alloc(CC_CONTENT_DEFAULT);
184 
185 	return (cg);
186 }
187 
188 /*
189  * Destructor routine to be called when a zone is destroyed.
190  */
191 /*ARGSUSED*/
192 static void
193 core_free_zone(zoneid_t zoneid, void *arg)
194 {
195 	struct core_globals *cg = arg;
196 
197 	if (cg == NULL)
198 		return;
199 	if (cg->core_file != NULL)
200 		refstr_rele(cg->core_file);
201 	corectl_path_rele(cg->core_default_path);
202 	corectl_content_rele(cg->core_default_content);
203 	kmem_free(cg, sizeof (*cg));
204 }
205 
206 /*
207  * Called from start_init_common(), to set init's core file path and content.
208  */
209 void
210 init_core(void)
211 {
212 	struct core_globals *cg;
213 
214 	/*
215 	 * The first time we hit this, in the global zone, we have to
216 	 * initialize the zsd key.
217 	 */
218 	if (INGLOBALZONE(curproc)) {
219 		zone_key_create(&core_zone_key, core_init_zone, NULL,
220 		    core_free_zone);
221 	}
222 
223 	/*
224 	 * zone_key_create will have called core_init_zone for the
225 	 * global zone, which sets up the default path and content
226 	 * variables.
227 	 */
228 	VERIFY((cg = zone_getspecific(core_zone_key, curproc->p_zone)) != NULL);
229 
230 	corectl_path_hold(cg->core_default_path);
231 	corectl_content_hold(cg->core_default_content);
232 
233 	curproc->p_corefile = cg->core_default_path;
234 	curproc->p_content = cg->core_default_content;
235 }
236 
237 int
238 corectl(int subcode, uintptr_t arg1, uintptr_t arg2, uintptr_t arg3)
239 {
240 	int error = 0;
241 	proc_t *p;
242 	refstr_t *rp;
243 	size_t size;
244 	char *path;
245 	core_content_t content = CC_CONTENT_INVALID;
246 	struct core_globals *cg;
247 	zone_t *zone = curproc->p_zone;
248 
249 	cg = zone_getspecific(core_zone_key, zone);
250 	ASSERT(cg != NULL);
251 
252 	switch (subcode) {
253 	case CC_SET_OPTIONS:
254 		if ((error = secpolicy_coreadm(CRED())) == 0) {
255 			if (arg1 & ~CC_OPTIONS)
256 				error = EINVAL;
257 			else
258 				cg->core_options = (uint32_t)arg1;
259 		}
260 		break;
261 
262 	case CC_GET_OPTIONS:
263 		return (cg->core_options);
264 
265 	case CC_GET_GLOBAL_PATH:
266 	case CC_GET_DEFAULT_PATH:
267 	case CC_GET_PROCESS_PATH:
268 		if (subcode == CC_GET_GLOBAL_PATH) {
269 			mutex_enter(&cg->core_lock);
270 			if ((rp = cg->core_file) != NULL)
271 				refstr_hold(rp);
272 			mutex_exit(&cg->core_lock);
273 		} else if (subcode == CC_GET_DEFAULT_PATH) {
274 			rp = corectl_path_value(cg->core_default_path);
275 		} else {
276 			rp = NULL;
277 			mutex_enter(&pidlock);
278 			if ((p = prfind((pid_t)arg3)) == NULL ||
279 			    p->p_stat == SIDL) {
280 				mutex_exit(&pidlock);
281 				error = ESRCH;
282 			} else {
283 				mutex_enter(&p->p_lock);
284 				mutex_exit(&pidlock);
285 				mutex_enter(&p->p_crlock);
286 				if (!hasprocperm(p->p_cred, CRED()))
287 					error = EPERM;
288 				else if (p->p_corefile != NULL)
289 					rp = corectl_path_value(p->p_corefile);
290 				mutex_exit(&p->p_crlock);
291 				mutex_exit(&p->p_lock);
292 			}
293 		}
294 		if (rp == NULL) {
295 			if (error == 0 && suword8((void *)arg1, 0))
296 				error = EFAULT;
297 		} else {
298 			error = copyoutstr(refstr_value(rp), (char *)arg1,
299 			    (size_t)arg2, NULL);
300 			refstr_rele(rp);
301 		}
302 		break;
303 
304 	case CC_SET_GLOBAL_PATH:
305 	case CC_SET_DEFAULT_PATH:
306 		if ((error = secpolicy_coreadm(CRED())) != 0)
307 			break;
308 
309 		/* FALLTHROUGH */
310 	case CC_SET_PROCESS_PATH:
311 		if ((size = MIN((size_t)arg2, MAXPATHLEN)) == 0) {
312 			error = EINVAL;
313 			break;
314 		}
315 		path = kmem_alloc(size, KM_SLEEP);
316 		error = copyinstr((char *)arg1, path, size, NULL);
317 		if (error == 0) {
318 			if (subcode == CC_SET_PROCESS_PATH) {
319 				error = set_proc_info((pid_t)arg3, path, 0);
320 			} else if (subcode == CC_SET_DEFAULT_PATH) {
321 				corectl_path_set(cg->core_default_path, path);
322 			} else if (*path != '\0' && *path != '/') {
323 				error = EINVAL;
324 			} else {
325 				refstr_t *nrp = refstr_alloc(path);
326 
327 				mutex_enter(&cg->core_lock);
328 				rp = cg->core_file;
329 				if (*path == '\0')
330 					cg->core_file = NULL;
331 				else
332 					refstr_hold(cg->core_file = nrp);
333 				mutex_exit(&cg->core_lock);
334 
335 				if (rp != NULL)
336 					refstr_rele(rp);
337 
338 				refstr_rele(nrp);
339 			}
340 		}
341 		kmem_free(path, size);
342 		break;
343 
344 	case CC_SET_GLOBAL_CONTENT:
345 	case CC_SET_DEFAULT_CONTENT:
346 		if ((error = secpolicy_coreadm(CRED())) != 0)
347 			break;
348 
349 		/* FALLTHROUGH */
350 	case CC_SET_PROCESS_CONTENT:
351 		error = copyin((void *)arg1, &content, sizeof (content));
352 		if (error != 0)
353 			break;
354 
355 		/*
356 		 * If any unknown bits are set, don't let this charade
357 		 * continue.
358 		 */
359 		if (content & ~CC_CONTENT_ALL) {
360 			error = EINVAL;
361 			break;
362 		}
363 
364 		if (subcode == CC_SET_PROCESS_CONTENT) {
365 			error = set_proc_info((pid_t)arg2, NULL, content);
366 		} else if (subcode == CC_SET_DEFAULT_CONTENT) {
367 			corectl_content_set(cg->core_default_content, content);
368 		} else {
369 			mutex_enter(&cg->core_lock);
370 			cg->core_content = content;
371 			mutex_exit(&cg->core_lock);
372 		}
373 
374 		break;
375 
376 	case CC_GET_GLOBAL_CONTENT:
377 		content = cg->core_content;
378 		error = copyout(&content, (void *)arg1, sizeof (content));
379 		break;
380 
381 	case CC_GET_DEFAULT_CONTENT:
382 		content = corectl_content_value(cg->core_default_content);
383 		error = copyout(&content, (void *)arg1, sizeof (content));
384 		break;
385 
386 	case CC_GET_PROCESS_CONTENT:
387 		mutex_enter(&pidlock);
388 		if ((p = prfind((pid_t)arg2)) == NULL || p->p_stat == SIDL) {
389 			mutex_exit(&pidlock);
390 			error = ESRCH;
391 			break;
392 		}
393 
394 		mutex_enter(&p->p_lock);
395 		mutex_exit(&pidlock);
396 		mutex_enter(&p->p_crlock);
397 		if (!hasprocperm(p->p_cred, CRED()))
398 			error = EPERM;
399 		else if (p->p_content == NULL)
400 			content = CC_CONTENT_NONE;
401 		else
402 			content = corectl_content_value(p->p_content);
403 		mutex_exit(&p->p_crlock);
404 		mutex_exit(&p->p_lock);
405 
406 		if (error == 0)
407 			error = copyout(&content, (void *)arg1,
408 			    sizeof (content));
409 		break;
410 
411 	default:
412 		error = EINVAL;
413 		break;
414 	}
415 
416 	if (error)
417 		return (set_errno(error));
418 	return (0);
419 }
420 
421 typedef struct {
422 	int			cc_count;
423 	corectl_path_t		*cc_path;
424 	corectl_content_t	*cc_content;
425 } counter_t;
426 
427 static int
428 set_one_proc_info(proc_t *p, counter_t *counterp)
429 {
430 	corectl_path_t *corefile;
431 	corectl_content_t *content;
432 
433 	mutex_enter(&p->p_crlock);
434 
435 	if (!(p->p_flag & SSYS) && hasprocperm(p->p_cred, CRED())) {
436 		mutex_exit(&p->p_crlock);
437 		counterp->cc_count++;
438 		if (counterp->cc_path != NULL) {
439 			corectl_path_hold(counterp->cc_path);
440 			mutex_enter(&p->p_lock);
441 			corefile = p->p_corefile;
442 			p->p_corefile = counterp->cc_path;
443 			mutex_exit(&p->p_lock);
444 			if (corefile != NULL)
445 				corectl_path_rele(corefile);
446 		} else {
447 			corectl_content_hold(counterp->cc_content);
448 			mutex_enter(&p->p_lock);
449 			content = p->p_content;
450 			p->p_content = counterp->cc_content;
451 			mutex_exit(&p->p_lock);
452 			if (content != NULL)
453 				corectl_content_rele(content);
454 		}
455 	} else {
456 		mutex_exit(&p->p_crlock);
457 	}
458 
459 	return (0);
460 }
461 
462 static int
463 set_proc_info(pid_t pid, const char *path, core_content_t content)
464 {
465 	proc_t *p;
466 	counter_t counter;
467 	int error = 0;
468 
469 	counter.cc_count = 0;
470 	/*
471 	 * Only one of the core file path or content can be set at a time.
472 	 */
473 	if (path != NULL) {
474 		counter.cc_path = corectl_path_alloc(path);
475 		counter.cc_content = NULL;
476 	} else {
477 		counter.cc_path = NULL;
478 		counter.cc_content = corectl_content_alloc(content);
479 	}
480 
481 	if (pid == -1) {
482 		procset_t set;
483 
484 		setprocset(&set, POP_AND, P_ALL, P_MYID, P_ALL, P_MYID);
485 		error = dotoprocs(&set, set_one_proc_info, (char *)&counter);
486 		if (error == 0 && counter.cc_count == 0)
487 			error = EPERM;
488 	} else if (pid > 0) {
489 		mutex_enter(&pidlock);
490 		if ((p = prfind(pid)) == NULL || p->p_stat == SIDL) {
491 			error = ESRCH;
492 		} else {
493 			(void) set_one_proc_info(p, &counter);
494 			if (counter.cc_count == 0)
495 				error = EPERM;
496 		}
497 		mutex_exit(&pidlock);
498 	} else {
499 		int nfound = 0;
500 		pid_t pgid;
501 
502 		if (pid == 0)
503 			pgid = curproc->p_pgrp;
504 		else
505 			pgid = -pid;
506 
507 		mutex_enter(&pidlock);
508 		for (p = pgfind(pgid); p != NULL; p = p->p_pglink) {
509 			if (p->p_stat != SIDL) {
510 				nfound++;
511 				(void) set_one_proc_info(p, &counter);
512 			}
513 		}
514 		mutex_exit(&pidlock);
515 		if (nfound == 0)
516 			error = ESRCH;
517 		else if (counter.cc_count == 0)
518 			error = EPERM;
519 	}
520 
521 	if (path != NULL)
522 		corectl_path_rele(counter.cc_path);
523 	else
524 		corectl_content_rele(counter.cc_content);
525 
526 	if (error)
527 		return (set_errno(error));
528 	return (0);
529 }
530 
531 /*
532  * Give current process the default core settings for its current zone;
533  * used for processes entering a zone via zone_enter.
534  */
535 void
536 set_core_defaults(void)
537 {
538 	proc_t *p = curproc;
539 	struct core_globals *cg;
540 	corectl_path_t *oldpath, *newpath;
541 	corectl_content_t *oldcontent, *newcontent;
542 
543 	cg = zone_getspecific(core_zone_key, p->p_zone);
544 
545 	/* make local copies of default values to protect against change */
546 	newpath = cg->core_default_path;
547 	newcontent = cg->core_default_content;
548 
549 	corectl_path_hold(newpath);
550 	corectl_content_hold(newcontent);
551 	mutex_enter(&p->p_lock);
552 	oldpath = p->p_corefile;
553 	p->p_corefile = newpath;
554 	oldcontent = p->p_content;
555 	p->p_content = newcontent;
556 	mutex_exit(&p->p_lock);
557 	if (oldpath != NULL)
558 		corectl_path_rele(oldpath);
559 	if (oldcontent != NULL)
560 		corectl_content_rele(oldcontent);
561 }
562