1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
/* $OpenBSD: procfs_mem.c,v 1.18 2003/03/09 01:34:00 millert Exp $ */
/* $NetBSD: procfs_mem.c,v 1.8 1996/02/09 22:40:50 christos Exp $ */
/*
* Copyright (c) 1993 Jan-Simon Pendry
* Copyright (c) 1993 Sean Eric Fagan
* Copyright (c) 1993
* The Regents of the University of California. All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Jan-Simon Pendry and Sean Eric Fagan.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)procfs_mem.c 8.5 (Berkeley) 6/15/94
*/
/*
* This is a lightly hacked and merged version
* of sef's pread/pwrite functions
*/
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/proc.h>
#include <sys/vnode.h>
#include <miscfs/procfs/procfs.h>
#include <uvm/uvm_extern.h>
/*
* Copy data in and out of the target process.
* We do this by mapping the process's page into
* the kernel and then doing a uiomove direct
* from the kernel address space.
*/
int
procfs_domem(curp, p, pfs, uio)
struct proc *curp; /* tracer */
struct proc *p; /* traced */
struct pfsnode *pfs;
struct uio *uio;
{
int error;
if (uio->uio_resid == 0)
return (0);
if ((error = procfs_checkioperm(curp, p)) != 0)
return (error);
/* XXXCDC: how should locking work here? */
if ((p->p_flag & P_WEXIT) || (p->p_vmspace->vm_refcnt < 1))
return(EFAULT);
p->p_vmspace->vm_refcnt++; /* XXX */
error = uvm_io(&p->p_vmspace->vm_map, uio);
uvmspace_free(p->p_vmspace);
return error;
}
/*
* Ensure that a process has permission to perform I/O on another.
* Arguments:
* p The process wishing to do the I/O (the tracer).
* t The process who's memory/registers will be read/written.
*
* You cannot attach to a process's mem/regs if:
*
* (1) It's not owned by you, or the last exec
* gave us setuid/setgid privs (unless
* you're root), or...
*
* (2) It's init, which controls the security level
* of the entire system, and the system was not
* compiled with permanently insecure mode turned
* on.
*
* (3) It's currently execing.
*/
int
procfs_checkioperm(p, t)
struct proc *p, *t;
{
int error;
if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
ISSET(t->p_flag, P_SUGIDEXEC) ||
ISSET(t->p_flag, P_SUGID)) &&
(error = suser(p->p_ucred, &p->p_acflag)) != 0)
return (error);
if ((t->p_pid == 1) && (securelevel > -1))
return (EPERM);
if (t->p_flag & P_INEXEC)
return (EAGAIN);
return (0);
}
|