Home | History | Annotate | Download | only in procfs
History log of /src/sys/miscfs/procfs/procfs_subr.c
RevisionDateAuthorComments
 1.120  01-Jul-2024  christos Add linux POSIX message queue support (Ricardo Branco)
 1.119  12-May-2024  christos PR/58227: Ricardo Branco: Add support for proc/sysvipc in Linux emulator
 1.118  12-May-2024  christos PR/58240: Ricardo Branco: Add support for proc/self/limits as used by Linux
 1.117  17-Jan-2024  hannken Using the exechook to revoke procfs nodes is racy and may deadlock:

one thread runs doexechooks() -> procfs_revoke_vnodes() and wants to suspend
the file system for vgone(), while another thread runs a forced unmount,
has the file system suspended, tries to disestablish the exechook and
waits for doexechooks() to complete.

Establish/disestablish the exechook on module load/unload instead
mount/unmount and use the hashmap to access all procfs nodes for this pid.

May fix PR kern/57775 ""panic: unmount: dangling vnode" while umounting procfs"
 1.116  23-May-2020  ad branches: 1.116.20;
Move proc_lock into the data segment. It was dynamically allocated because
at the time we had mutex_obj_alloc() but not __cacheline_aligned.
 1.115  29-Apr-2020  thorpej If the procfs mount is marked as linux-compat, then allow proc lookup
by any LWP ID in the proc, not just the canonical PID.
 1.114  26-Sep-2019  christos fix sign-compare issues: uio->uio_offset (off_t) is compared with (size_t):
cast the offset to size_t.
 1.113  30-Mar-2019  christos add a node for the process resource limits.
 1.112  16-Apr-2018  hannken branches: 1.112.2;
Change procfs_revoke_vnodes() to use vrecycle()/vgone() instead
of VOP_REVOKE().

Gets rid of a bunch of suspensions on /proc as vrecycle() will
succeed most time and we suspend at most once per call.
 1.111  31-Dec-2017  christos branches: 1.111.2;
rename some "cmdline" stuff now that it is used to print environment too
 1.110  31-Dec-2017  christos Add an environ node
 1.109  28-Aug-2017  kamil Remove the filesystem tracing feature

This is a legacy interface from 4.4BSD, and it was
introduced to overcome shortcomings of ptrace(2) at that time, which are
no longer relevant (performance). Today /proc/#/ctl offers a narrow
subset of ptrace(2) commands and is not applicable for modern
applications use beyond simplistic tracing scenarios.

This removal will simplify kernel internals. Users will still be able to
use all the other /proc files.

This change won't affect other procfs files neither Linux compat
features within mount_procfs(8). /proc/#/ctl isn't available on Linux.

Remove:
- /proc/#/ctl from mount_procfs(8)
- P_FSTRACE note from the documentation of ps(1)
- /proc/#/ctl and filesystem tracing documentation from mount_procfs(8)
- KAUTH_REQ_PROCESS_PROCFS_CTL documentation from kauth(9)
- source code file miscfs/procfs/procfs_ctl.c
- PFSctl and procfs_doctl() from sys/miscfs/procfs/procfs.h
- KAUTH_REQ_PROCESS_PROCFS_CTL from sys/sys/kauth.h
- PSL_FSTRACE (0x00010000) from sys/sys/proc.h
- P_FSTRACE (0x00010000) from sys/sys/sysctl.h

Reduce code complexity after removal of this functionality.

Update TODO.ptrace accordingly: remove two entries about /proc tracing.

Do not keep legacy notes as comments in the headers about removed
PSL_FSTRACE / P_FSTRACE, as this interface had little number of users
(close or equal to zero).

Proposed on tech-kern@.

All filesystem tracing utility users are encouraged to switch to ptrace(2).

Sponsored by <The NetBSD Foundation>
 1.108  01-Apr-2017  riastradh branches: 1.108.6;
KASSERT(mutex_owned(vp->v_interlock)) in vnode iterator selector.
 1.107  30-Mar-2017  christos add an auxv node.
 1.106  10-Nov-2014  maxv branches: 1.106.2; 1.106.4; 1.106.6;
Do not uselessly include <sys/malloc.h>.
 1.105  27-Jul-2014  hannken branches: 1.105.2;
Change procfs from hashlist to vcache.
- Key is (type, pid, fd)
- Remove argument "p" from procfs_allocvp(). It is only used
when "type == PFSfd". Lookup the proc with proc_find() when
procfs_loadvnode() needs it.
- Use a vfs_vnode_iterator for procfs_revoke_vnodes().
 1.104  07-Feb-2014  hannken branches: 1.104.2;
Change vnode operation lookup to return the resulting vnode *vpp unlocked.
Change cache_lookup() to return an unlocked vnode.

Discussed on tech-kern@

Welcome to 6.99.31
 1.103  29-Oct-2013  hannken Vnode API cleanup pass 1.

- Make these defines and functions private to vfs_vnode.c:

VC_MASK, VC_LOCK, DOCLOSE, VI_IANCTREDO and VI_INACTNOW
vclean() and vrelel()

- Remove the long time unused lwp argument from vrecycle().

- Remove vtryget(), it is responsible for ugly hacks and doesn't
look that effective.

Presented on tech-kern.

Welcome to 6.99.25
 1.102  25-Nov-2012  christos branches: 1.102.2;
do something reasonable with kernel semaphores.
 1.101  28-May-2012  christos branches: 1.101.2;
add a task process subdirectory for emul linux
 1.100  04-Sep-2011  jmcneill branches: 1.100.2; 1.100.6;
PR# kern/45021: Please support /emul/linux/proc/version

Add /proc/version for procfs with -o linux. The version reported depends
on the emulation type of the calling process:

$ cat /proc/version
NetBSD version 5.99.55 (netbsd@localhost) (gcc version 4.1.3 20080704 prerelease (NetBSD nb2 20081120)) NetBSD 5.99.55 (GENERIC) #39: Sun Sep 4 09:10:05 EDT 2011

$ /emul/linux/bin/cat /proc/version
Linux version 2.6.18 (linux@localhost) (gcc version 4.1.3 20080704 prerelease (NetBSD nb2 20081120)) #0 Wed Mar 3 03:03:03 PST 2010

$ /emul/linux32/bin/cat /proc/version
Linux version 2.6.18 (linux32@localhost) (gcc version 4.1.3 20080704 prerelease (NetBSD nb2 20081120)) #0 Wed Mar 3 03:03:03 PST 2010
 1.99  12-Jun-2011  rmind Welcome to 5.99.53! Merge rmind-uvmplock branch:

- Reorganize locking in UVM and provide extra serialisation for pmap(9).
New lock order: [vmpage-owner-lock] -> pmap-lock.

- Simplify locking in some pmap(9) modules by removing P->V locking.

- Use lock object on vmobjlock (and thus vnode_t::v_interlock) to share
the locks amongst UVM objects where necessary (tmpfs, layerfs, unionfs).

- Rewrite and optimise x86 TLB shootdown code, make it simpler and cleaner.
Add TLBSTATS option for x86 to collect statistics about TLB shootdowns.

- Unify /dev/mem et al in MI code and provide required locking (removes
kernel-lock on some ports). Also, avoid cache-aliasing issues.

Thanks to Andrew Doran and Joerg Sonnenberger, as their initial patches
formed the core changes of this branch.
 1.98  21-Jul-2010  hannken branches: 1.98.6;
Make holding v_interlock mandatory for callers of vget().

Announced some time ago on tech-kern.
 1.97  01-Jul-2010  hannken Remove vlockmgr(). Generic vnode lock operations now use a rwlock located
in the vnode. All LK_* flags move from sys/lock.h to sys/vnode.h. Calls
to vlockmgr() in file systems get replaced with VOP_LOCK() or VOP_UNLOCK().

Welcome to 5.99.34.

Discussed on tech-kern.
 1.96  01-Jul-2010  rmind Remove pfind() and pgfind(), fix locking in various broken uses of these.
Rename real routines to proc_find() and pgrp_find(), remove PFIND_* flags
and have consistent behaviour. Provide proc_find_raw() for special cases.
Fix memory leak in sysctl_proc_corename().

COMPAT_LINUX: rework ptrace() locking, minimise differences between
different versions per-arch.

Note: while this change adds some formal cosmetics for COMPAT_DARWIN and
COMPAT_IRIX - locking there is utterly broken (for ages).

Fixes PR/43176.
 1.95  15-Mar-2009  cegger branches: 1.95.2; 1.95.4;
ansify function definitions
 1.94  14-Mar-2009  dsl Change about 4500 of the K&R function definitions to ANSI ones.
There are still about 1600 left, but they have ',' or /* ... */
in the actual variable definitions - which my awk script doesn't handle.
There are also many that need () -> (void).
(The script does handle misordered arguments.)
 1.93  17-Dec-2008  cegger branches: 1.93.2;
kill MALLOC and FREE macros.
 1.92  05-Sep-2008  skrll branches: 1.92.2;
PR/39324 kernel diagnostic assertion "l->l_stat != LSZOMB" failed.

Ignore procs with zero or all LSZOMB LWPs. Get a non-LSZOMB LWP to perform
operations against as part of the deal.

procfs really needs to be updated to support multi-threading fully.
Hi Antti!
 1.91  02-Jul-2008  rmind branches: 1.91.2;
Remove proc_representative_lwp(), use a simple LIST_FIRST() instead.
OK by <ad>.
 1.90  05-May-2008  ad branches: 1.90.2; 1.90.4;
- Convert hashinit() to use kmem_alloc(). The hash tables can be large
and it's better to not have them in kmem_map.
- Convert a couple of minor items along the way to kmem_alloc().
- Fix some memory leaks.
 1.89  28-Apr-2008  martin Remove clause 3 and 4 from TNF licenses
 1.88  24-Apr-2008  ad branches: 1.88.2;
Merge proc::p_mutex and proc::p_smutex into a single adaptive mutex, since
we no longer need to guard against access from hardware interrupt handlers.

Additionally, if cloning a process with CLONE_SIGHAND, arrange to have the
child process share the parent's lock so that signal state may be kept in
sync. Partially addresses PR kern/37437.
 1.87  24-Apr-2008  ad Network protocol interrupts can now block on locks, so merge the globals
proclist_mutex and proclist_lock into a single adaptive mutex (proc_lock).
Implications:

- Inspecting process state requires thread context, so signals can no longer
be sent from a hardware interrupt handler. Signal activity must be
deferred to a soft interrupt or kthread.

- As the proc state locking is simplified, it's now safe to take exit()
and wait() out from under kernel_lock.

- The system spends less time at IPL_SCHED, and there is less lock activity.
 1.86  21-Mar-2008  ad branches: 1.86.2;
Catch up with descriptor handling changes. See kern_descrip.c revision
1.173 for details.
 1.85  30-Jan-2008  ad branches: 1.85.6;
Replace struct lock on vnodes with a simpler lock object built on
krwlock_t. This is a step towards removing lockmgr and simplifying
vnode locking. Discussed on tech-kern.
 1.84  23-Jan-2008  elad Tons of process scope changes.

- Add a KAUTH_PROCESS_SCHEDULER action, to handle scheduler related
requests, and add specific requests for set/get scheduler policy and
set/get scheduler parameters.

- Add a KAUTH_PROCESS_KEVENT_FILTER action, to handle kevent(2) related
requests.

- Add a KAUTH_DEVICE_TTY_STI action to handle requests to TIOCSTI.

- Add requests for the KAUTH_PROCESS_CANSEE action, indicating what
process information is being looked at (entry itself, args, env,
open files).

- Add requests for the KAUTH_PROCESS_RLIMIT action indicating set/get.

- Add requests for the KAUTH_PROCESS_CORENAME action indicating set/get.

- Make bsd44 secmodel code handle the newly added rqeuests appropriately.

All of the above make it possible to issue finer-grained kauth(9) calls in
many places, removing some KAUTH_GENERIC_ISSUSER requests.

- Remove the "CAN" from KAUTH_PROCESS_CAN{KTRACE,PROCFS,PTRACE,SIGNAL}.

Discussed with christos@ and yamt@.
 1.83  02-Jan-2008  ad Merge vmlocking2 to head.
 1.82  07-Nov-2007  ad branches: 1.82.2; 1.82.6;
Merge from vmlocking:

- pool_cache changes.
- Debugger/procfs locking fixes.
- Other minor changes.
 1.81  10-Oct-2007  ad branches: 1.81.2; 1.81.4;
Merge from vmlocking:

- Split vnode::v_flag into three fields, depending on field locking.
- simple_lock -> kmutex in a few places.
- Fix some simple locking problems.
 1.80  24-May-2007  agc branches: 1.80.6; 1.80.8; 1.80.10;
Extend the Linux emulation of /proc to include

/proc/stat
/proc/loadavg and
/proc/<pid>/statm.

These are only present when -o linux is specified as a mount option
to procfs.

Factor out some common code so that it can be used by a number of
functions.

XXX The values returned in the statm emulation need to be verified.
 1.79  09-Mar-2007  ad branches: 1.79.2; 1.79.4;
- Make the proclist_lock a mutex. The write:read ratio is unfavourable,
and mutexes are cheaper use than RW locks.
- LOCK_ASSERT -> KASSERT in some places.
- Hold proclist_lock/kernel_lock longer in a couple of places.
 1.78  27-Feb-2007  ad Destroy the hash locks on final unmount.
 1.77  17-Feb-2007  pavel Change the process/lwp flags seen by userland via sysctl back to the
P_*/L_* naming convention, and rename the in-kernel flags to avoid
conflict. (P_ -> PK_, L_ -> LW_ ). Add back the (now unused) LSDEAD
constant.

Restores source compatibility with pre-newlock2 tools like ps or top.

Reviewed by Andrew Doran.
 1.76  15-Feb-2007  ad branches: 1.76.2;
Replace some uses of lockmgr() / simplelocks.
 1.75  09-Feb-2007  ad Merge newlock2 to head.
 1.74  24-Dec-2006  christos fix permissions on /proc/<pid> node. From elad.
 1.73  28-Nov-2006  elad Move ktrace, ptrace, systrace, and procfs to use kauth(9).

First, remove process_checkioperm() calls from MD code. Similar checks
using kauth(9) routines (on the process scope, using appropriate action)
are done in the callers.

Add secmodel back-end to handle each subsystem.
 1.72  16-Nov-2006  christos __unused removal on arguments; approved by core.
 1.71  29-Oct-2006  christos add an "emul" file node.
 1.70  25-Oct-2006  christos 1. fix procfs_validfile{,_linux} to test for NULL pointers properly.
2. make "exe" entry be a symlink to the executable, instead of pointing
directly to the vnode of the executable.
3. factor out commonly used code.
 1.69  20-Sep-2006  manu Emulate Linux's /proc/devices
 1.68  01-Mar-2006  yamt branches: 1.68.14; 1.68.16;
merge yamt-uio_vmspace branch.

- use vmspace rather than proc or lwp where appropriate.
the latter is more natural to specify an address space.
(and less likely to be abused for random purposes.)
- fix a swdmover race.
 1.67  11-Dec-2005  christos branches: 1.67.2; 1.67.4; 1.67.6;
merge ktrace-lwp.
 1.66  01-Oct-2005  atatat Add "cwd" and "root" symlinks to each process's directory. The cwd
link points to the process's current working directory, and the root
link points to the process's root directory. What else would you
expect?

For directories that are out of reach (caller is in a chroot, target
process is in a different chroot, etc), the links point to "/"
instead.
 1.65  30-Aug-2005  xtraeme Remove __P()
 1.64  29-May-2005  christos branches: 1.64.2;
- sprinkle const
- avoid shadowed variables.
 1.63  26-Feb-2005  perry nuke trailing whitespace
 1.62  20-Sep-2004  jdolecek branches: 1.62.4; 1.62.6;
add 'mounts' file for -o linux, which lists all currently mounted
filesystems; Linux glibc statvfs() uses this to get some of mount flags,
and this file is also useful as /emul/linux/etc/mtab (via symlink)
 1.61  27-Aug-2004  skrll Do previous slightly differently - just pass a struct lwp * and derive the
struct proc *.

OK'd by Jaromir.
 1.60  21-Aug-2004  jdolecek fix process used for /proc/<pid>/stat contents - it should be process
<pid>, not the current process looking at the information
 1.59  14-May-2004  christos Simplify the code by:
1. Checking for a negative uio_offset at the beginning. This really does
not affect us in most cases because we check that later too.
2. Checking for attempts to write to init sooner and in all cases.
 1.58  27-Sep-2003  darcy branches: 1.58.2; 1.58.4;
Changes as discussed with itojun on tech-kern. I have modified the enums
to have KFS or PFS differentiators. Further I have wrapped the enum in
procfs in "#ifdef _KERNEL" as it is done in kernfs.

To see the discussion go to http://mail-index.NetBSD.org/tech-kern/2003/09/
and look for "Mismatched enums in include files" in the list.
 1.57  07-Aug-2003  agc Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22364, verified by myself.
 1.56  29-Jun-2003  fvdl branches: 1.56.2;
Back out the lwp/ktrace changes. They contained a lot of colateral damage,
and need to be examined and discussed more.
 1.55  29-Jun-2003  thorpej Undo part of the ktrace/lwp changes. In particular:
* Remove the "lwp *" argument that was added to vget(). Turns out
that nothing actually used it!
* Remove the "lwp *" arguments that were added to VFS_ROOT(), VFS_VGET(),
and VFS_FHTOVP(); all they did was pass it to vget() (which, as noted
above, didn't use it).
* Remove all of the "lwp *" arguments to internal functions that were added
just to appease the above.
 1.54  28-Jun-2003  darrenr Pass lwp pointers throughtout the kernel, as required, so that the lwpid can
be inserted into ktrace records. The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.

Bump the kernel rev up to 1.6V
 1.53  28-May-2003  christos Add /proc/<pid>/stat for linux compat. j2sdk1.4.2 depends on it.
 1.52  18-Apr-2003  christos Make the mode of /proc/<pid>/fd dr-x------
 1.51  18-Apr-2003  christos Make symlinks for directories that point to the actual directory.
Make symlinks to [kqueue] and [misc] for kqueue and misc fds.
 1.50  17-Apr-2003  jdolecek do not show nodes corresponding to directory descriptors for process
in fd/ subdirectory, nor allow lookup/open for the nodes
this fixes PR kern/21187 for good, and also avoids interesting directory
locking issues
 1.49  17-Apr-2003  jdolecek use fd_getfile() in procfs_getfp(), and FILE_USE()/FILE_UNUSE() the
returned file descriptor pointer appropriately
 1.48  15-Mar-2003  enami Release the hash lock on failure.
 1.47  04-Mar-2003  tron Teach procfs_allocvp() about Puptime to avoid panics if "/proc/uptime"
is opened.
 1.46  25-Feb-2003  jrf This addresses PR kerm/19989. Thanks to hamajima@nagoya.ydc.co.jp for submitting this patch which enables /proc/uptime for linux emul. Patch reviewed by atatat@netbsd.org and tron@netbsd.org, approved by tron@netbsd.org.
 1.45  03-Feb-2003  jdolecek don't bother special-casing DTYPE_KQUEUE/DTYPE_MISC nor panic for unknown
descriptors; just return with EOPNOTSUPP for any unsupported descriptor type
 1.44  03-Feb-2003  jdolecek procfs_allocvp():
* do not set *vpp unless successful, otherwise we'd trigger
DIAGNOSTIC panic in lookup(9) on error return
* on error, make sure to free malloc'ed memory and ungetnewvnode() the
previously acquired vnode

this fixes panic on 'tail -f <file> &; ls -l /proc/$!/fd' reported by
Andrew Brown

fix reviewed by Christos Zoulas
 1.43  18-Jan-2003  thorpej Merge the nathanw_sa branch.
 1.42  03-Jan-2003  christos Implement /proc/<pid>/fd/<n>. This is work in progress. Questionable things:
- Is it ok to convert DTYPE_PIPE to VFIFO and DTYPE_SOCKET to VSOCK?
- XXX: Avoid locking issue in ls -Rl /proc by avoiding curproc
- Does I/O to pipes work?
- XXX: Are there security implications?
 1.41  07-Nov-2002  thorpej Fix a signed/unsigned comparison warning.
 1.40  05-Dec-2001  thorpej * Allow machine-dependent code to specify hooks for ptrace(2)
(__HAVE_PTRACE_MACHDEP) and procfs (__HAVE_PROCFS_MACHDEP).
These changes will allow platforms like x86 (XMM) and PowerPC
(AltiVec) to export extended register sets in a sane manner.

* Use __HAVE_PTRACE_MACHDEP to export x86 XMM registers (standard
FP + SSE/SSE2) using PT_{GET,SET}XMMREGS (in the machdep
ptrace request space).
* Use __HAVE_PROCFS_MACHDEP to export x86 XMM registers via
/proc/N/xmmregs in procfs.
 1.39  10-Nov-2001  lukem add RCSIDs
 1.38  15-Sep-2001  chs branches: 1.38.2;
add a new VFS op, vfs_reinit, which is called when desiredvnodes is
adjusted via sysctl. file systems that have hash tables which are
sized based on the value of this variable now resize those hash tables
using the new value. the max number of FFS softdeps is also recalculated.

convert various file systems to use the <sys/queue.h> macros for
their hash tables.
 1.37  29-Mar-2001  fvdl branches: 1.37.2; 1.37.4;
For -o linux mounts, add some code to emulate /proc/#/maps.
Needs NAMECACHE_ENTER_REVERSE to include filenames.
 1.36  18-Jan-2001  jdolecek branches: 1.36.2;
constify
 1.35  17-Jan-2001  fvdl Add a few linux-style files, only enabled when -o linux is specified
for the mount. Currently these are /proc/cpuinfo and /proc/meminfo.
The former only does something on i386 right now.
 1.34  27-Nov-2000  chs Initial integration of the Unified Buffer Cache project.
 1.33  24-Nov-2000  chs remove dead code and other misc cleanup.
 1.32  08-Nov-2000  ad Update for hashinit() change.
 1.31  16-Mar-2000  jdolecek branches: 1.31.4;
Add new VFS op routine - vfs_done and call it on filesystem detach
in vfs_detach(). vfs_done may free global filesystem's resources,
typically those allocated in respective filesystem's init function.
Needed so those filesystems which went in via LKM have a chance to
clean after themselves before unloading. This fixes random panics
when LKM for filesystem using pools was loaded and unloaded several
times.

For each leaf filesystem, add appropriate vfs_done routine.
 1.30  25-Feb-2000  fvdl Fix pasto: some lines of the procfs hash code were copied from the
UFS code, and I forgot to rename the "ihash" variable, causing
weird effects, because 3/4th of the UFS hash table would become
unreachable after procfs was loaded as an LKM.
 1.29  25-Jan-2000  fvdl At mount/unmount time, add an exec hook to revoke all vnodes iff the
process is about to exec a sugid binary.

To speed up things, use hashing for vnode allocation, like other filesystems
do. This avoids walking the whole procfs node list in the revoke case too.
 1.28  02-Sep-1999  thorpej branches: 1.28.2;
Make /proc/self a symlink to /proc/curproc. I've observed Linux programs
that expect /proc/self/cmdline to exist.
 1.27  08-Jul-1999  wrstuden Bump osrelease to 1.4E. Add layerfs files, remove null_subr.c.

Update coda to new struct lock in struct vnode.

make fdescfs, kernfs, portalfs, and procfs actually lock their vnodes.
It's not that hard.

Make unionfs set v_vnlock = NULL so any overlayed fs will call its
VOP_LOCK.
 1.26  12-Mar-1999  christos branches: 1.26.2; 1.26.4;
PR/7143: Jaromir Docelek: Add procfs/cmdline from Linux emulation
 1.25  25-Jan-1999  msaitoh Add /proc/#/map. From FreeBSD.
 1.24  09-Aug-1998  perry bzero->memset, bcopy->memcpy, bcmp->memcmp
 1.23  01-Mar-1998  fvdl Merge with Lite2 + local changes
 1.22  30-Oct-1997  mycroft Make the curproc link executable.
 1.21  13-Aug-1997  explorer branches: 1.21.4;
Move procfs_checkioperm() from procvs_subr.c to procfs_mem.c, since _subr is
not included in a kernel without procfs, and it seems wrong to pull
all of procfs_subr.c in for just that one function. Perhaps this
should go into a new file instead?
 1.20  12-Aug-1997  thorpej Fix the procfs hole described on current-users, similar to a fix for
FreeBSD by Sean Eric Fagan, but a bit different. This makes the checks
in the same places as sef's FreeBSD patch, but does not hardcode the
"kmem" group into the kernel, and also does a check identical to the
(3) and (4) checks in the NetBSD ptrace(2):

(1) it's not owned by you, or is set-id on exec (unless
you're root), or

(2) it's init, which controls the security level of the
entire system, and the system was not compiled with
permanently insecure mode turned on.
 1.19  25-Jun-1997  mycroft branches: 1.19.4;
Don't allow writes to init's memory or registers while in secure mode.
 1.18  05-May-1997  mycroft Need stat.h.
 1.17  05-May-1997  mycroft Eliminate bogus uses of V{READ,WRITE,EXEC}. Use S_I[RWX]{USR,GRP,OTH} where
appropriate.
 1.16  25-Oct-1996  cgd remove bogus cast of second arg to bcmp(). (nm_name is a const char*,
and was being unnecessarily cast to 'char *'; -Wcast-qual.)
 1.15  12-Feb-1996  christos close PR/2063: procfs_rw prototyped twice with different prototypes
 1.14  09-Feb-1996  christos miscfs prototype changes
 1.13  29-Jun-1994  cgd New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD'
 1.12  15-Jun-1994  mycroft Minor update from JSP after merging my changes.
 1.11  08-Jun-1994  mycroft Update to 4.4-Lite fs code, with local changes.
 1.10  25-Apr-1994  cgd some prototype cleanup, eliminate/replace bogus types (e.g. quad and
u_quad) -> use better types (e.g. quad_t & u_quad_t in inodes),
some cleanup.
 1.9  28-Jan-1994  cgd make a fpregs file.
 1.8  20-Jan-1994  ws Make procfs really work for debugging.
Implement not & notepg files in procfs.
 1.7  10-Jan-1994  mycroft Add a missing break so my machine doesn't panic.
 1.6  09-Jan-1994  ws Bug fixes and enhancements:
Make NFS serving work (BUT DON'T USE "attach" TO /proc/*/ctl FOR NOW!!!)
Make `curproc' a symbolic link
Add `.' and `..' entries to the directories.
Return better guesses on the size of the files.
 1.5  05-Jan-1994  cgd add new procfs code, from Jan-Simon Pendry, jsp@sequent.com.
This is pretty-much "virgin", so that diffs can be done later.
 1.4  18-Dec-1993  mycroft Canonicalize all #includes.
 1.3  24-Aug-1993  pk branches: 1.3.2;
copyright update.
 1.2  24-Aug-1993  pk Rcs Id added.
 1.1  24-Aug-1993  pk branches: 1.1.1;
Initial version of a proc filesystem.
 1.1.1.2  01-Mar-1998  fvdl Import 4.4BSD-Lite2
 1.1.1.1  01-Mar-1998  fvdl Import 4.4BSD-Lite for reference
 1.3.2.1  14-Nov-1993  mycroft Canonicalize all #includes.
 1.19.4.1  23-Aug-1997  thorpej Update marc-pcmcia branch from trunk.
 1.21.4.1  30-Oct-1997  mellon Pull rev 1.22 up from trunk (mycroft)
 1.26.4.1  02-Aug-1999  thorpej Update from trunk.
 1.26.2.2  28-Feb-2000  he Pull up revision 1.30 (requested by fvdl):
Fix a critical typo in the earlier procfs security fix.
 1.26.2.1  01-Feb-2000  he Pull up revision 1.29 (via patch, requested by fvdl):
Close procfs security hole. Fixes SA#2000-001.
 1.28.2.6  21-Apr-2001  bouyer Sync with HEAD
 1.28.2.5  11-Feb-2001  bouyer Sync with HEAD.
 1.28.2.4  18-Jan-2001  bouyer Sync with head (for UBC+NFS fixes, mostly).
 1.28.2.3  08-Dec-2000  bouyer Sync with HEAD.
 1.28.2.2  22-Nov-2000  bouyer Sync with HEAD.
 1.28.2.1  20-Nov-2000  bouyer Update thorpej_scsipi to -current as of a month ago
 1.31.4.1  30-Mar-2001  he Pull up revision 1.35 (requested by fvdl):
Add some required Linux emulation bits to support the Linux
version of VMware.
 1.36.2.9  07-Jan-2003  thorpej Sync with HEAD.
 1.36.2.8  11-Nov-2002  nathanw Catch up to -current
 1.36.2.7  01-Apr-2002  nathanw procfs_domem() should take proc *, proc *; not proc *, lwp *.
 1.36.2.6  09-Jan-2002  nathanw Use proc_representative_lwp() instead of bailing out.
Adapt PROCFS_MACHDEP to lwps.
 1.36.2.5  08-Jan-2002  nathanw Catch up to -current.
 1.36.2.4  14-Nov-2001  nathanw Catch up to -current.
 1.36.2.3  21-Sep-2001  nathanw Catch up to -current.
 1.36.2.2  09-Apr-2001  nathanw Catch up with -current.
 1.36.2.1  05-Mar-2001  nathanw Initial commit of scheduler activations and lightweight process support.
 1.37.4.2  01-Oct-2001  fvdl Catch up with -current.
 1.37.4.1  26-Sep-2001  fvdl * add a VCLONED vnode flag that indicates a vnode representing a cloned
device.
* rename REVOKEALL to REVOKEALIAS, and add a REVOKECLONE flag, to pass
to VOP_REVOKE
* the revoke system call will revoke all aliases, as before, but not the
clones
* vdevgone is called when detaching a device, so make it use REVOKECLONE
to get rid of all clones as well
* clean up all uses of VOP_OPEN wrt. locking.
* add a few VOPS to spec_vnops that need to do something when it's a
clone vnode (access and getattr)
* add a copy of the vnode vattr structure of the original 'master' vnode
to the specinfo of a cloned vnode. could possibly redirect getattr to
the 'master' vnode, but this has issues with revoke
* add a vdev_reassignvp function that disassociates a vnode from its
original device, and reassociates it with the specified dev_t. to be
used by cloning devices only, in case a new minor is allocated.
* change all direct references in drivers to v_devcookie and v_rdev
to vdev_privdata(vp) and vdev_rdev(vp). for diagnostic purposes
when debugging race conditions that still exist wrt. locking and
revoking vnodes.
* make the locking state of a vnode consistent when passed to
d_open and d_close (unlocked). locked would be better, but has
some deadlock issues
 1.37.2.1  10-Jan-2002  thorpej Sync kqueue branch with -current.
 1.38.2.1  12-Nov-2001  thorpej Sync the thorpej-mips-cache branch with -current.
 1.56.2.9  10-Nov-2005  skrll Sync with HEAD. Here we go again...
 1.56.2.8  04-Mar-2005  skrll Sync with HEAD.

Hi Perry!
 1.56.2.7  24-Sep-2004  skrll Sync with HEAD.
 1.56.2.6  21-Sep-2004  skrll Fix the sync with head I botched.
 1.56.2.5  18-Sep-2004  skrll Sync with HEAD.
 1.56.2.4  24-Aug-2004  skrll Undo part of the ktrace/lwp changes. In particular:
* Remove the "lwp *" argument that was added to vget(). Turns out
that nothing actually used it!
* Remove the "lwp *" arguments that were added to VFS_ROOT(), VFS_VGET(),
and VFS_FHTOVP(); all they did was pass it to vget() (which, as noted
above, didn't use it).
* Remove all of the "lwp *" arguments to internal functions that were added
just to appease the above.
 1.56.2.3  18-Aug-2004  skrll Revert to passing struct proc for {exit,exec}hook.
 1.56.2.2  03-Aug-2004  skrll Sync with HEAD
 1.56.2.1  02-Jul-2003  darrenr Apply the aborted ktrace-lwp changes to a specific branch. This is just for
others to review, I'm concerned that patch fuziness may have resulted in some
errant code being generated but I'll look at that later by comparing the diff
from the base to the branch with the file I attempt to apply to it. This will,
at the very least, put the changes in a better context for others to review
them and attempt to tinker with removing passing of 'struct lwp' through
the kernel.
 1.58.4.1  31-Aug-2005  tron Pull up following revision(s) (requested by christos in ticket #5634):
sys/miscfs/procfs/procfs_subr.c: revision 1.59
Simplify the code by:
1. Checking for a negative uio_offset at the beginning. This really does
not affect us in most cases because we check that later too.
2. Checking for attempts to write to init sooner and in all cases.
 1.58.2.1  31-Aug-2005  tron Pull up following revision(s) (requested by christos in ticket #5634):
sys/miscfs/procfs/procfs_subr.c: revision 1.59
Simplify the code by:
1. Checking for a negative uio_offset at the beginning. This really does
not affect us in most cases because we check that later too.
2. Checking for attempts to write to init sooner and in all cases.
 1.62.6.1  19-Mar-2005  yamt sync with head. xen and whitespace. xen part is not finished.
 1.62.4.1  29-Apr-2005  kent sync with -current
 1.64.2.9  24-Mar-2008  yamt sync with head.
 1.64.2.8  04-Feb-2008  yamt sync with head.
 1.64.2.7  21-Jan-2008  yamt sync with head
 1.64.2.6  15-Nov-2007  yamt sync with head.
 1.64.2.5  27-Oct-2007  yamt sync with head.
 1.64.2.4  03-Sep-2007  yamt sync with head.
 1.64.2.3  26-Feb-2007  yamt sync with head.
 1.64.2.2  30-Dec-2006  yamt sync with head.
 1.64.2.1  21-Jun-2006  yamt sync with head.
 1.67.6.1  22-Apr-2006  simonb Sync with head.
 1.67.4.1  09-Sep-2006  rpaulo sync with head
 1.67.2.1  15-Jan-2006  yamt convert procfs.
 1.68.16.2  10-Dec-2006  yamt sync with head.
 1.68.16.1  22-Oct-2006  yamt sync with head
 1.68.14.6  12-Jan-2007  ad Sync with head.
 1.68.14.5  29-Dec-2006  ad Checkpoint work in progress.
 1.68.14.4  18-Nov-2006  ad Sync with head.
 1.68.14.3  17-Nov-2006  ad Checkpoint work in progress.
 1.68.14.2  24-Oct-2006  ad - Redo LWP locking slightly and fix some races.
- Fix some locking botches.
- Make signal mask / stack per-proc for SA processes.
- Add _lwp_kill().
 1.68.14.1  21-Oct-2006  ad - Make this compile. XXX Needs more work on locking.
- Do FILE_UNUSE() as the current LWP, otherwise we will wipe out the
target's advisory locks. XXX Double check.
 1.76.2.2  12-Mar-2007  rmind Sync with HEAD.
 1.76.2.1  27-Feb-2007  yamt - sync with head.
- move sched_changepri back to kern_synch.c as it doesn't know PPQ anymore.
 1.79.4.1  11-Jul-2007  mjf Sync with head.
 1.79.2.4  25-Oct-2007  ad - Simplify debugger/procfs reference counting of processes. Use a per-proc
rwlock: rw_tryenter(RW_READER) to gain a reference, and rw_enter(RW_WRITER)
by the process itself to drain out reference holders before major changes
like exiting.
- Fix numerous bugs and locking issues in procfs.
- Mark procfs MPSAFE.
 1.79.2.3  17-Jun-2007  ad - Increase the number of thread priorities from 128 to 256. How the space
is set up is to be revisited.
- Implement soft interrupts as kernel threads. A generic implementation
is provided, with hooks for fast-path MD code that can run the interrupt
threads over the top of other threads executing in the kernel.
- Split vnode::v_flag into three fields, depending on how the flag is
locked (by the interlock, by the vnode lock, by the file system).
- Miscellaneous locking fixes and improvements.
 1.79.2.2  08-Jun-2007  ad Sync with head.
 1.79.2.1  13-Mar-2007  ad Pull in the initial set of changes for the vmlocking branch.
 1.80.10.1  14-Oct-2007  yamt sync with head.
 1.80.8.4  23-Mar-2008  matt sync with HEAD
 1.80.8.3  09-Jan-2008  matt sync with HEAD
 1.80.8.2  08-Nov-2007  matt sync with -HEAD
 1.80.8.1  06-Nov-2007  matt sync with HEAD
 1.80.6.2  11-Nov-2007  joerg Sync with HEAD.
 1.80.6.1  26-Oct-2007  joerg Sync with HEAD.

Follow the merge of pmap.c on i386 and amd64 and move
pmap_init_tmp_pgtbl into arch/x86/x86/pmap.c. Modify the ACPI wakeup
code to restore CR4 before jumping back into kernel space as the large
page option might cover that.
 1.81.4.2  18-Feb-2008  mjf Sync with HEAD.
 1.81.4.1  19-Nov-2007  mjf Sync with HEAD.
 1.81.2.1  13-Nov-2007  bouyer Sync with HEAD
 1.82.6.2  23-Jan-2008  bouyer Sync with HEAD.
 1.82.6.1  02-Jan-2008  bouyer Sync with HEAD
 1.82.2.1  04-Dec-2007  ad Pull the vmlocking changes into a new branch.
 1.85.6.4  17-Jan-2009  mjf Sync with HEAD.
 1.85.6.3  28-Sep-2008  mjf Sync with HEAD.
 1.85.6.2  02-Jun-2008  mjf Sync with HEAD.
 1.85.6.1  03-Apr-2008  mjf Sync with HEAD.
 1.86.2.1  18-May-2008  yamt sync with head.
 1.88.2.3  11-Aug-2010  yamt sync with head.
 1.88.2.2  04-May-2009  yamt sync with head.
 1.88.2.1  16-May-2008  yamt sync with head.
 1.90.4.1  03-Jul-2008  simonb Sync with head.
 1.90.2.1  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.91.2.1  19-Oct-2008  haad Sync with HEAD.
 1.92.2.2  28-Apr-2009  skrll Sync with HEAD.
 1.92.2.1  19-Jan-2009  skrll Sync with HEAD.
 1.93.2.1  13-May-2009  jym Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.
 1.95.4.4  19-May-2011  rmind Implement sharing of vnode_t::v_interlock amongst vnodes:
- Lock is shared amongst UVM objects using uvm_obj_setlock() or getnewvnode().
- Adjust vnode cache to handle unsharing, add VI_LOCKSHARE flag for that.
- Use sharing in tmpfs and layerfs for underlying object.
- Simplify locking in ubc_fault().
- Sprinkle some asserts.

Discussed with ad@.
 1.95.4.3  05-Mar-2011  rmind sync with head
 1.95.4.2  03-Jul-2010  rmind sync with head
 1.95.4.1  16-Mar-2010  rmind Change struct uvm_object::vmobjlock to be dynamically allocated with
mutex_obj_alloc(). It allows us to share the locks among UVM objects.
 1.95.2.1  17-Aug-2010  uebayasi Sync with HEAD.
 1.98.6.1  23-Jun-2011  cherry Catchup with rmind-uvmplock merge.
 1.100.6.1  02-Jun-2012  mrg sync to latest -current.
 1.100.2.3  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.100.2.2  16-Jan-2013  yamt sync with (a bit old) head
 1.100.2.1  30-Oct-2012  yamt sync with head
 1.101.2.3  03-Dec-2017  jdolecek update from HEAD
 1.101.2.2  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.101.2.1  25-Feb-2013  tls resync with head
 1.102.2.1  18-May-2014  rmind sync with head
 1.104.2.1  10-Aug-2014  tls Rebase.
 1.105.2.1  17-Jan-2015  martin Pull up following revision(s) (requested by maxv in ticket #427):
sys/compat/svr4/svr4_schedctl.c: revision 1.8
sys/netinet/tcp_timer.c: revision 1.88
sys/miscfs/genfs/layer_vfsops.c: revision 1.45
sys/compat/svr4/svr4_ioctl.c: revision 1.37
sys/ufs/chfs/chfs_vfsops.c: revision 1.14
sys/miscfs/fdesc/fdesc_vfsops.c: revision 1.91
sys/compat/linux/arch/i386/linux_ptrace.c: revision 1.30
sys/compat/common/kern_time_50.c: revision 1.28
sys/netinet6/ip6_forward.c: revision 1.74
sys/miscfs/umapfs/umap_vnops.c: revision 1.57
sys/compat/svr4/svr4_fcntl.c: revision 1.74
distrib/sets/lists/comp/mi: revision 1.1931
sys/netinet6/udp6_output.c: revision 1.46
sys/fs/puffs/puffs_compat.c: revision 1.3
sys/fs/udf/udf_rename.c: revision 1.11
sys/compat/svr4/svr4_filio.c: revision 1.24
sys/fs/udf/udf_rename.c: revision 1.12
sys/netinet/tcp_usrreq.c: revision 1.202
sys/miscfs/umapfs/umap_subr.c: revision 1.29
sys/compat/linux/common/linux_fadvise64.c: revision 1.3
sys/netinet/if_atm.c: revision 1.34
sys/miscfs/procfs/procfs_subr.c: revision 1.106
sys/miscfs/genfs/layer_subr.c: revision 1.37
sys/netinet/tcp_sack.c: revision 1.30
sys/compat/freebsd/freebsd_misc.c: revision 1.33
sys/compat/freebsd/freebsd_file.c: revision 1.33
sys/ufs/chfs/chfs_vnode.c: revision 1.12
sys/compat/svr4/svr4_ttold.c: revision 1.34
sys/compat/linux/common/linux_file.c: revision 1.114
sys/compat/linux/arch/mips/linux_machdep.c: revision 1.43
sys/compat/linux/common/linux_signal.c: revision 1.76
sys/compat/common/compat_util.c: revision 1.46
sys/compat/linux/arch/arm/linux_ptrace.c: revision 1.18
sys/compat/svr4/svr4_sockio.c: revision 1.36
sys/compat/linux/arch/arm/linux_machdep.c: revision 1.32
sys/compat/svr4/svr4_signal.c: revision 1.66
sys/kern/kern_exec.c: revision 1.410
sys/fs/puffs/puffs_vfsops.c: revision 1.115
sys/compat/svr4/svr4_exec_elf64.c: revision 1.15
sys/compat/linux/arch/i386/linux_machdep.c: revision 1.159
sys/compat/linux/arch/alpha/linux_machdep.c: revision 1.50
sys/compat/linux32/common/linux32_misc.c: revision 1.24
sys/netinet/in_pcb.c: revision 1.153
sys/sys/malloc.h: revision 1.116
sys/compat/common/if_43.c: revision 1.9
share/man/man9/Makefile: revision 1.380
sys/netinet/tcp_vtw.c: revision 1.12
sys/miscfs/umapfs/umap_vfsops.c: revision 1.95
sys/ufs/ext2fs/ext2fs_vfsops.c: revision 1.186
sys/compat/common/uipc_syscalls_43.c: revision 1.46
sys/ufs/ext2fs/ext2fs_vnops.c: revision 1.115
sys/fs/puffs/puffs_msgif.c: revision 1.97
sys/compat/svr4/svr4_ipc.c: revision 1.27
sys/compat/linux/common/linux_exec.c: revision 1.117
sys/ufs/ext2fs/ext2fs_readwrite.c: revision 1.66
sys/netinet/tcp_output.c: revision 1.179
sys/compat/svr4/svr4_termios.c: revision 1.28
sys/fs/udf/udf_strat_bootstrap.c: revision 1.4
sys/fs/puffs/puffs_subr.c: revision 1.67
sys/fs/puffs/puffs_node.c: revision 1.36
sys/miscfs/overlay/overlay_vnops.c: revision 1.21
sys/fs/cd9660/cd9660_node.c: revision 1.34
sys/netinet/raw_ip.c: revision 1.146
sys/sys/mallocvar.h: revision 1.13
sys/miscfs/overlay/overlay_vfsops.c: revision 1.63
share/man/man9/malloc.9: revision 1.50
sys/netinet6/dest6.c: revision 1.18
sys/compat/linux/common/linux_uselib.c: revision 1.33
sys/compat/linux/common/linux_socket.c: revision 1.120
share/man/man9/malloc.9: revision 1.51
sys/netinet/tcp_subr.c: revision 1.257
sys/compat/linux/common/linux_socketcall.c: revision 1.45
sys/compat/linux/common/linux_fadvise64_64.c: revision 1.3
sys/compat/freebsd/freebsd_ipc.c: revision 1.17
sys/compat/linux/common/linux_misc_notalpha.c: revision 1.109
sys/compat/linux/arch/alpha/linux_pipe.c: revision 1.17
sys/netinet6/in6_pcb.c: revision 1.132
sys/netinet6/in6_ifattach.c: revision 1.94
sys/compat/svr4/svr4_exec_elf32.c: revision 1.15
sys/miscfs/nullfs/null_vfsops.c: revision 1.90
sys/fs/cd9660/cd9660_util.c: revision 1.12
sys/compat/linux/arch/powerpc/linux_machdep.c: revision 1.48
sys/compat/freebsd/freebsd_exec_elf32.c: revision 1.20
sys/miscfs/procfs/procfs_vfsops.c: revision 1.94
sys/compat/linux/arch/powerpc/linux_ptrace.c: revision 1.28
sys/compat/linux/common/linux_sched.c: revision 1.67
sys/compat/linux/common/linux_exec_aout.c: revision 1.67
sys/compat/linux/common/linux_pipe.c: revision 1.67
sys/compat/linux/common/linux_llseek.c: revision 1.34
sys/compat/linux/arch/mips/linux_ptrace.c: revision 1.10
Do not uselessly include <sys/malloc.h>.
Cleanup:
- remove struct kmembuckets (dead)
- correctly deadify MALLOC_XX
- remove MALLOC_DEFINE_LIMIT and MALLOC_JUSTDEFINE_LIMIT (dead)
- remove malloc_roundup(), malloc_type_setlimit(), MALLOC_DEFINE_LIMIT()
and MALLOC_JUSTDEFINE_LIMIT() from man 9 malloc
New sentence, new line. Bump date for previous.
Obsolete malloc_roundup(9), malloc_type_setlimit(9) and MALLOC_DEFINE_LIMIT(9)
man pages.
 1.106.6.1  21-Apr-2017  bouyer Sync with HEAD
 1.106.4.1  26-Apr-2017  pgoyette Sync with HEAD
 1.106.2.1  28-Aug-2017  skrll Sync with HEAD
 1.108.6.2  17-Apr-2018  martin Pull up following revision(s) (requested by hannken in ticket #772):

sys/miscfs/procfs/procfs_subr.c: revision 1.112

Change procfs_revoke_vnodes() to use vrecycle()/vgone() instead
of VOP_REVOKE().

Gets rid of a bunch of suspensions on /proc as vrecycle() will
succeed most time and we suspend at most once per call.
 1.108.6.1  12-Apr-2018  martin Pull up following revision(s) (requested by kamil in ticket #713):

sys/modules/procfs/Makefile: revision 1.4
sys/miscfs/procfs/procfs_vfsops.c: revision 1.98
bin/ps/ps.1: revision 1.108
sys/compat/linux/arch/i386/linux_ptrace.c: revision 1.32
sys/miscfs/procfs/procfs_vnops.c: revision 1.198
sys/kern/sys_ptrace_common.c: revision 1.23
sys/kern/sys_ptrace_common.c: revision 1.24
sbin/mount_procfs/mount_procfs.8: revision 1.36
sys/kern/sys_ptrace_common.c: revision 1.25
sys/kern/sys_ptrace.c: revision 1.5
sys/compat/linux/arch/powerpc/linux_ptrace.c: revision 1.30
sys/sys/proc.h: revision 1.342
sys/kern/sys_ptrace_common.c: revision 1.26
sys/miscfs/procfs/procfs_ctl.c: file removal
sys/kern/sys_ptrace_common.c: revision 1.27
sys/miscfs/procfs/procfs_subr.c: revision 1.109
sys/kern/sys_ptrace_common.c: revision 1.28
sys/secmodel/extensions/secmodel_extensions.c: revision 1.8
sys/kern/sys_ptrace_common.c: revision 1.29
sys/sys/ptrace.h: revision 1.62
sys/compat/netbsd32/netbsd32_signal.c: revision 1.45
share/man/man9/kauth.9: revision 1.109
sys/miscfs/procfs/files.procfs: revision 1.12
sys/compat/netbsd32/netbsd32.h: revision 1.115
sys/miscfs/procfs/procfs.h: revision 1.72
sys/compat/netbsd32/netbsd32_ptrace.c: revision 1.5
sys/kern/kern_sig.c: revision 1.337
sys/sys/kauth.h: revision 1.75
sys/sys/sysctl.h: revision 1.224
sys/kern/sys_ptrace_common.c: revision 1.30
sys/kern/sys_ptrace_common.c: revision 1.31
sys/kern/sys_ptrace_common.c: revision 1.32
sys/kern/sys_ptrace_common.c: revision 1.33
sys/compat/linux/arch/arm/linux_ptrace.c: revision 1.20
sys/kern/sys_ptrace_common.c: revision 1.34
sys/kern/sys_ptrace_common.c: revision 1.36
sys/kern/kern_proc.c: revision 1.207
sys/kern/kern_exit.c: revision 1.269
doc/TODO.ptrace: revision 1.29

Make {s,g}et{db,fp,}regs work again for PK_32 processes
XXX: pullup-8

add disgusting magic to handle compat_netbsd32 as a module.

use process_*reg32 instead of struct *reg32.

Remove the filesystem tracing feature

This is a legacy interface from 4.4BSD, and it was
introduced to overcome shortcomings of ptrace(2) at that time, which are
no longer relevant (performance). Today /proc/#/ctl offers a narrow
subset of ptrace(2) commands and is not applicable for modern
applications use beyond simplistic tracing scenarios.

This removal will simplify kernel internals. Users will still be able to
use all the other /proc files.

This change won't affect other procfs files neither Linux compat
features within mount_procfs(8). /proc/#/ctl isn't available on Linux.

Remove:
- /proc/#/ctl from mount_procfs(8)
- P_FSTRACE note from the documentation of ps(1)
- /proc/#/ctl and filesystem tracing documentation from mount_procfs(8)
- KAUTH_REQ_PROCESS_PROCFS_CTL documentation from kauth(9)
- source code file miscfs/procfs/procfs_ctl.c
- PFSctl and procfs_doctl() from sys/miscfs/procfs/procfs.h
- KAUTH_REQ_PROCESS_PROCFS_CTL from sys/sys/kauth.h
- PSL_FSTRACE (0x00010000) from sys/sys/proc.h
- P_FSTRACE (0x00010000) from sys/sys/sysctl.h

Reduce code complexity after removal of this functionality.

Update TODO.ptrace accordingly: remove two entries about /proc tracing.

Do not keep legacy notes as comments in the headers about removed

PSL_FSTRACE / P_FSTRACE, as this interface had little number of users
(close or equal to zero).
Proposed on tech-kern@.

All filesystem tracing utility users are encouraged to switch to ptrace(2).

Sponsored by <The NetBSD Foundation>

untangle the mess:
- factor out common code
- break each ptrace subcall to its own sub-function
.. more to come ...
- reduce ifdef ugliness by moving it up top.
- factor out PT_IO and make PT_{READ,WRITE}_{I,D} use it
- factor out PT_DUMPCORE
- factor out sendsig code
.. more to come ...

handle siginfo requests for ptrace32

ptrace: Partially undo PT_{READ,WRITE}_{I,D} and unbreak these commands

The refactored code did not work and was generating EFAULT.

Sponsored by <The NetBSD Foundation>

Merge the code back; the problem was that since we are reading/writing
to a kernel address for PT_{READ,WRITE}_{I,D} we need the kernel vmspace.
provide separate read and write functions to accomodate register functions
that need a size argument.

don't ignore error from copyout_piod

Use the proper process (the tracee) to get information about lwps and
registers and the tracer for vmspace.

Add new sysctl(3) entry: security.models.extensions.user_set_dbregs

Model this new sysctl(3) entry after "user_set_cpu_affinity" in the same
level of sysctl(3) switches.

Allow to read unconditionally Debug Registers (no change here). This is
convenient as even if a user of a debugger does not use hardware assisted
watchpoints/breakpoints, a debugger can still prompt these values to store
in an internal cache with context of registers. Reading them should have
no security concerns.

Add a paranoid MI switch that prohibits by default setting these registers
by a regular user (non-superuser). Make this switch disabled by default.
There are enough reserved bits out there to allow using them
unconditionally on hardened hosts.

Features shipped with Debug Registers are optional features in debuggers.
There is no reduction in elementary functionality.

Reviewed by <christos>

Sponsored by <The NetBSD Foundation>
 1.111.2.1  22-Apr-2018  pgoyette Sync with HEAD
 1.112.2.2  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.112.2.1  10-Jun-2019  christos Sync with HEAD
 1.116.20.1  18-Apr-2024  martin Pull up following revision(s) (requested by hannken in ticket #668):

sys/miscfs/procfs/procfs.h: revision 1.83
sys/miscfs/procfs/procfs.h: revision 1.84
sys/kern/vfs_mount.c: revision 1.104
sys/miscfs/procfs/procfs_vnops.c: revision 1.230
sys/kern/init_main.c: revision 1.547
sys/kern/kern_hook.c: revision 1.15
sys/miscfs/procfs/procfs_vfsops.c: revision 1.112
sys/miscfs/procfs/procfs_vfsops.c: revision 1.113
sys/miscfs/procfs/procfs_vfsops.c: revision 1.114
sys/miscfs/procfs/procfs_subr.c: revision 1.117

Print dangling vnode before panic() to help debug.

PR kern/57775 ""panic: unmount: dangling vnode" while umounting procfs"
Protect kernel hooks exechook, exithook and forkhook with rwlock.

Lock as writer on establish/disestablish and as reader on list traverse.

For exechook ride "exec_lock" as it is already take as reader when
traversing the list. Add local locks for exithook and forkhook.

Move exec_init before signal_init as signal_init calls exechook_establish()
that needs "exec_lock".

PR kern/39913 "exec, fork, exit hooks need locking"

Add a hashmap to access all procfs nodes by pid.

Using the exechook to revoke procfs nodes is racy and may deadlock:
one thread runs doexechooks() -> procfs_revoke_vnodes() and wants to suspend
the file system for vgone(), while another thread runs a forced unmount,
has the file system suspended, tries to disestablish the exechook and
waits for doexechooks() to complete.

Establish/disestablish the exechook on module load/unload instead
mount/unmount and use the hashmap to access all procfs nodes for this pid.

May fix PR kern/57775 ""panic: unmount: dangling vnode" while umounting procfs"

Remove all procfs nodes for this process on process exit.

RSS XML Feed