Author: cem Date: Tue Nov 3 02:10:54 2020 New Revision: 367290 URL: https://svnweb.freebsd.org/changeset/base/367290
Log: linux(4) prctl(2): Implement PR_[GS]ET_DUMPABLE Proxy the flag to the roughly analogous FreeBSD procctl 'TRACE'. TRACE-disabled processes are not coredumped, and Linux !DUMPABLE processes can not be ptraced. There are some additional semantics around ownership of files in the /proc/[pid] pseudo-filesystem, which we do not attempt to emulate correctly at this time. Reviewed by: markj (earlier version) Differential Revision: https://reviews.freebsd.org/D27015 Modified: head/sys/compat/linux/linux_misc.c head/sys/compat/linux/linux_misc.h Modified: head/sys/compat/linux/linux_misc.c ============================================================================== --- head/sys/compat/linux/linux_misc.c Tue Nov 3 01:38:16 2020 (r367289) +++ head/sys/compat/linux/linux_misc.c Tue Nov 3 02:10:54 2020 (r367290) @@ -1937,7 +1937,7 @@ linux_prctl(struct thread *td, struct linux_prctl_args int error = 0, max_size; struct proc *p = td->td_proc; char comm[LINUX_MAX_COMM_LEN]; - int pdeath_signal; + int pdeath_signal, trace_state; switch (args->option) { case LINUX_PR_SET_PDEATHSIG: @@ -1955,10 +1955,46 @@ linux_prctl(struct thread *td, struct linux_prctl_args return (copyout(&pdeath_signal, (void *)(register_t)args->arg2, sizeof(pdeath_signal))); + /* + * In Linux, this flag controls if set[gu]id processes can coredump. + * There are additional semantics imposed on processes that cannot + * coredump: + * - Such processes can not be ptraced. + * - There are some semantics around ownership of process-related files + * in the /proc namespace. + * + * In FreeBSD, we can (and by default, do) disable setuid coredump + * system-wide with 'sugid_coredump.' We control tracability on a + * per-process basis with the procctl PROC_TRACE (=> P2_NOTRACE flag). + * By happy coincidence, P2_NOTRACE also prevents coredumping. So the + * procctl is roughly analogous to Linux's DUMPABLE. + * + * So, proxy these knobs to the corresponding PROC_TRACE setting. + */ + case LINUX_PR_GET_DUMPABLE: + error = kern_procctl(td, P_PID, p->p_pid, PROC_TRACE_STATUS, + &trace_state); + if (error != 0) + return (error); + td->td_retval[0] = (trace_state != -1); + return (0); case LINUX_PR_SET_DUMPABLE: - linux_msg(td, "unsupported prctl PR_SET_DUMPABLE"); - error = EINVAL; - break; + /* + * It is only valid for userspace to set one of these two + * flags, and only one at a time. + */ + switch (args->arg2) { + case LINUX_SUID_DUMP_DISABLE: + trace_state = PROC_TRACE_CTL_DISABLE_EXEC; + break; + case LINUX_SUID_DUMP_USER: + trace_state = PROC_TRACE_CTL_ENABLE; + break; + default: + return (EINVAL); + } + return (kern_procctl(td, P_PID, p->p_pid, PROC_TRACE_CTL, + &trace_state)); case LINUX_PR_GET_KEEPCAPS: /* * Indicate that we always clear the effective and Modified: head/sys/compat/linux/linux_misc.h ============================================================================== --- head/sys/compat/linux/linux_misc.h Tue Nov 3 01:38:16 2020 (r367289) +++ head/sys/compat/linux/linux_misc.h Tue Nov 3 02:10:54 2020 (r367290) @@ -50,6 +50,7 @@ * Second arg is a ptr to return the * signal. */ +#define LINUX_PR_GET_DUMPABLE 3 #define LINUX_PR_SET_DUMPABLE 4 #define LINUX_PR_GET_KEEPCAPS 7 /* Get drop capabilities on setuid */ #define LINUX_PR_SET_KEEPCAPS 8 /* Set drop capabilities on setuid */ @@ -61,6 +62,11 @@ #define LINUX_PR_SET_PTRACER 1499557217 #define LINUX_MAX_COMM_LEN 16 /* Maximum length of the process name. */ + +/* For GET/SET DUMPABLE */ +#define LINUX_SUID_DUMP_DISABLE 0 /* Don't coredump setuid processes. */ +#define LINUX_SUID_DUMP_USER 1 /* Dump as user of process. */ +#define LINUX_SUID_DUMP_ROOT 2 /* Dump as root. */ #define LINUX_MREMAP_MAYMOVE 1 #define LINUX_MREMAP_FIXED 2 _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
