//! Bindings for the FreeBSD `procctl` system call. //! //! There are similarities (but also differences) with Linux's `prctl` system //! call, whose interface is located in the `prctl.rs` file. #![allow(unsafe_code)] use alloc::vec; use alloc::vec::Vec; use core::mem::MaybeUninit; use core::ptr; use bitflags::bitflags; use crate::backend::c::{c_int, c_uint, c_void}; use crate::backend::process::syscalls; use crate::backend::process::types::RawId; use crate::io; use crate::process::{Pid, RawPid}; use crate::signal::Signal; use crate::utils::{as_mut_ptr, as_ptr}; // // Helper functions. // /// Subset of `idtype_t` C enum, with only the values allowed by `procctl`. #[repr(i32)] pub enum IdType { /// Process id. Pid = 0, /// Process group id. Pgid = 2, } /// A process selector for use with the `procctl` interface. /// /// `None` represents the current process. `Some((IdType::Pid, pid))` /// represents the process with pid `pid`. `Some((IdType::Pgid, pgid))` /// represents the control processes belonging to the process group with id /// `pgid`. pub type ProcSelector = Option<(IdType, Pid)>; fn proc_selector_to_raw(selector: ProcSelector) -> (IdType, RawPid) { match selector { Some((idtype, id)) => (idtype, id.as_raw_nonzero().get()), None => (IdType::Pid, 0), } } #[inline] pub(crate) unsafe fn procctl( option: c_int, process: ProcSelector, data: *mut c_void, ) -> io::Result<()> { let (idtype, id) = proc_selector_to_raw(process); syscalls::procctl(idtype as c_uint, id as RawId, option, data) } #[inline] pub(crate) unsafe fn procctl_set

( option: c_int, process: ProcSelector, data: &P, ) -> io::Result<()> { procctl(option, process, (as_ptr(data) as *mut P).cast()) } #[inline] pub(crate) unsafe fn procctl_get_optional

( option: c_int, process: ProcSelector, ) -> io::Result

{ let mut value: MaybeUninit

= MaybeUninit::uninit(); procctl(option, process, value.as_mut_ptr().cast())?; Ok(value.assume_init()) } // // PROC_PDEATHSIG_STATUS/PROC_PDEATHSIG_CTL // const PROC_PDEATHSIG_STATUS: c_int = 12; /// Get the current value of the parent process death signal. /// /// # References /// - [Linux: `prctl(PR_GET_PDEATHSIG,...)`] /// - [FreeBSD: `procctl(PROC_PDEATHSIG_STATUS,...)`] /// /// [Linux: `prctl(PR_GET_PDEATHSIG,...)`]: https://man7.org/linux/man-pages/man2/prctl.2.html /// [FreeBSD: `procctl(PROC_PDEATHSIG_STATUS,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn parent_process_death_signal() -> io::Result> { unsafe { procctl_get_optional::(PROC_PDEATHSIG_STATUS, None) }.map(Signal::from_raw) } const PROC_PDEATHSIG_CTL: c_int = 11; /// Set the parent-death signal of the calling process. /// /// # References /// - [Linux: `prctl(PR_SET_PDEATHSIG,...)`] /// - [FreeBSD: `procctl(PROC_PDEATHSIG_CTL,...)`] /// /// [Linux: `prctl(PR_SET_PDEATHSIG,...)`]: https://man7.org/linux/man-pages/man2/prctl.2.html /// [FreeBSD: `procctl(PROC_PDEATHSIG_CTL,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn set_parent_process_death_signal(signal: Option) -> io::Result<()> { let signal = signal.map_or(0, |signal| signal as c_int); unsafe { procctl_set::(PROC_PDEATHSIG_CTL, None, &signal) } } // // PROC_TRACE_CTL // const PROC_TRACE_CTL: c_int = 7; const PROC_TRACE_CTL_ENABLE: i32 = 1; const PROC_TRACE_CTL_DISABLE: i32 = 2; const PROC_TRACE_CTL_DISABLE_EXEC: i32 = 3; /// `PROC_TRACE_CTL_*`. #[derive(Copy, Clone, Debug, Eq, PartialEq)] #[repr(i32)] pub enum DumpableBehavior { /// Not dumpable. NotDumpable = PROC_TRACE_CTL_DISABLE, /// Dumpable. Dumpable = PROC_TRACE_CTL_ENABLE, /// Not dumpable, and this behaviour is preserved across `execve` calls. NotDumpableExecPreserved = PROC_TRACE_CTL_DISABLE_EXEC, } /// Set the state of the `dumpable` attribute for the process indicated by /// `idtype` and `id`. This determines whether the process can be traced and /// whether core dumps are produced for the process upon delivery of a signal /// whose default behavior is to produce a core dump. /// /// This is similar to `set_dumpable_behavior` on Linux, with the exception /// that on FreeBSD there is an extra argument `process`. When `process` is set /// to `None`, the operation is performed for the current process, like on /// Linux. /// /// # References /// - [FreeBSD `procctl(PROC_TRACE_CTL,...)`] /// /// [FreeBSD `procctl(PROC_TRACE_CTL,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn set_dumpable_behavior(process: ProcSelector, config: DumpableBehavior) -> io::Result<()> { unsafe { procctl(PROC_TRACE_CTL, process, config as usize as *mut _) } } // // PROC_TRACE_STATUS // const PROC_TRACE_STATUS: c_int = 8; /// Tracing status as returned by [`trace_status`]. #[derive(Copy, Clone, Debug, Eq, PartialEq)] pub enum TracingStatus { /// Tracing is disabled for the process. NotTraceble, /// Tracing is not disabled for the process, but not debugger/tracer is /// attached. Tracable, /// The process is being traced by the process whose pid is stored in the /// first component of this variant. BeingTraced(Pid), } /// Get the tracing status of the process indicated by `idtype` and `id`. /// /// # References /// - [FreeBSD `procctl(PROC_TRACE_STATUS,...)`] /// /// [FreeBSD `procctl(PROC_TRACE_STATUS,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn trace_status(process: ProcSelector) -> io::Result { let val = unsafe { procctl_get_optional::(PROC_TRACE_STATUS, process) }?; match val { -1 => Ok(TracingStatus::NotTraceble), 0 => Ok(TracingStatus::Tracable), pid => { let pid = Pid::from_raw(pid as RawPid).ok_or(io::Errno::RANGE)?; Ok(TracingStatus::BeingTraced(pid)) } } } // // PROC_REAP_* // const PROC_REAP_ACQUIRE: c_int = 2; const PROC_REAP_RELEASE: c_int = 3; /// Acquire or release the reaper status of the calling process. /// /// # References /// - [FreeBSD: `procctl(PROC_REAP_ACQUIRE/RELEASE,...)`] /// /// [FreeBSD: `procctl(PROC_REAP_ACQUIRE/RELEASE,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn set_reaper_status(reaper: bool) -> io::Result<()> { unsafe { procctl( if reaper { PROC_REAP_ACQUIRE } else { PROC_REAP_RELEASE }, None, ptr::null_mut(), ) } } const PROC_REAP_STATUS: c_int = 4; bitflags! { /// `REAPER_STATUS_*`. #[repr(transparent)] #[derive(Copy, Clone, Eq, PartialEq, Hash, Debug)] pub struct ReaperStatusFlags: c_uint { /// The process has acquired reaper status. const OWNED = 1; /// The process is the root of the reaper tree (pid 1). const REALINIT = 2; } } #[repr(C)] struct procctl_reaper_status { rs_flags: c_uint, rs_children: c_uint, rs_descendants: c_uint, rs_reaper: RawPid, rs_pid: RawPid, rs_pad0: [c_uint; 15], } /// Reaper status as returned by [`get_reaper_status`]. #[derive(Copy, Clone, Debug, Eq, PartialEq)] pub struct ReaperStatus { /// The flags. pub flags: ReaperStatusFlags, /// The number of children of the reaper among the descendants. pub children: usize, /// The total number of descendants of the reaper(s), not counting /// descendants of the reaper in the subtree. pub descendants: usize, /// The pid of the reaper for the specified process id. pub reaper: Pid, /// The pid of one reaper child if there are any descendants. pub pid: Option, } /// Get information about the reaper of the specified process (or the process /// itself if it is a reaper). /// /// # References /// - [FreeBSD: `procctl(PROC_REAP_STATUS,...)`] /// /// [FreeBSD: `procctl(PROC_REAP_STATUS,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn get_reaper_status(process: ProcSelector) -> io::Result { let raw = unsafe { procctl_get_optional::(PROC_REAP_STATUS, process) }?; Ok(ReaperStatus { flags: ReaperStatusFlags::from_bits_retain(raw.rs_flags), children: raw.rs_children as _, descendants: raw.rs_descendants as _, reaper: Pid::from_raw(raw.rs_reaper).ok_or(io::Errno::RANGE)?, pid: if raw.rs_pid == -1 { None } else { Some(Pid::from_raw(raw.rs_pid).ok_or(io::Errno::RANGE)?) }, }) } const PROC_REAP_GETPIDS: c_int = 5; bitflags! { /// `REAPER_PIDINFO_*`. #[repr(transparent)] #[derive(Copy, Clone, Eq, PartialEq, Hash, Debug)] pub struct PidInfoFlags: c_uint { /// This structure was filled by the kernel. const VALID = 1; /// The pid field identifies a direct child of the reaper. const CHILD = 2; /// The reported process is itself a reaper. Descendants of a /// subordinate reaper are not reported. const REAPER = 4; /// The reported process is in the zombie state. const ZOMBIE = 8; /// The reported process is stopped by SIGSTOP/SIGTSTP. const STOPPED = 16; /// The reported process is in the process of exiting. const EXITING = 32; } } #[repr(C)] #[derive(Default, Clone)] struct procctl_reaper_pidinfo { pi_pid: RawPid, pi_subtree: RawPid, pi_flags: c_uint, pi_pad0: [c_uint; 15], } #[repr(C)] struct procctl_reaper_pids { rp_count: c_uint, rp_pad0: [c_uint; 15], rp_pids: *mut procctl_reaper_pidinfo, } /// A child process of a reaper. #[derive(Copy, Clone, Debug, Eq, PartialEq)] pub struct PidInfo { /// The flags of the process. pub flags: PidInfoFlags, /// The pid of the process. pub pid: Pid, /// The pid of the child of the reaper which is the (grand-..)parent of the /// process. pub subtree: Pid, } /// Get the list of descendants of the specified reaper process. /// /// # References /// - [FreeBSD: `procctl(PROC_REAP_GETPIDS,...)`] /// /// [FreeBSD: `procctl(PROC_REAP_GETPIDS,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 pub fn get_reaper_pids(process: ProcSelector) -> io::Result> { // Sadly no better way to guarantee that we get all the results than to // allocate ~8MB of memory.. const PID_MAX: usize = 99999; let mut pids: Vec = vec![Default::default(); PID_MAX]; let mut pinfo = procctl_reaper_pids { rp_count: PID_MAX as _, rp_pad0: [0; 15], rp_pids: pids.as_mut_slice().as_mut_ptr(), }; unsafe { procctl(PROC_REAP_GETPIDS, process, as_mut_ptr(&mut pinfo).cast())? }; let mut result = Vec::new(); for raw in pids.into_iter() { let flags = PidInfoFlags::from_bits_retain(raw.pi_flags); if !flags.contains(PidInfoFlags::VALID) { break; } result.push(PidInfo { flags, subtree: Pid::from_raw(raw.pi_subtree).ok_or(io::Errno::RANGE)?, pid: Pid::from_raw(raw.pi_pid).ok_or(io::Errno::RANGE)?, }); } Ok(result) } const PROC_REAP_KILL: c_int = 6; bitflags! { /// `REAPER_KILL_*`. #[repr(transparent)] #[derive(Copy, Clone, Eq, PartialEq, Hash, Debug)] struct KillFlags: c_uint { const CHILDREN = 1; const SUBTREE = 2; } } #[repr(C)] struct procctl_reaper_kill { rk_sig: c_int, rk_flags: c_uint, rk_subtree: RawPid, rk_killed: c_uint, rk_fpid: RawPid, rk_pad0: [c_uint; 15], } /// Reaper status as returned by [`get_reaper_status`]. #[derive(Copy, Clone, Debug, Eq, PartialEq)] pub struct KillResult { /// The number of processes that were signalled. pub killed: usize, /// The pid of the first process that wasn't successfully signalled. pub first_failed: Option, } /// Deliver a signal to some subset of /// /// # References /// - [FreeBSD: `procctl(PROC_REAP_KILL,...)`] /// /// [FreeBSD: `procctl(PROC_REAP_KILL,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 pub fn reaper_kill( process: ProcSelector, signal: Signal, direct_children: bool, subtree: Option, ) -> io::Result { let mut flags = KillFlags::empty(); flags.set(KillFlags::CHILDREN, direct_children); flags.set(KillFlags::SUBTREE, subtree.is_some()); let mut req = procctl_reaper_kill { rk_sig: signal as c_int, rk_flags: flags.bits(), rk_subtree: subtree.map(|p| p.as_raw_nonzero().into()).unwrap_or(0), rk_killed: 0, rk_fpid: 0, rk_pad0: [0; 15], }; unsafe { procctl(PROC_REAP_KILL, process, as_mut_ptr(&mut req).cast())? }; Ok(KillResult { killed: req.rk_killed as _, first_failed: Pid::from_raw(req.rk_fpid), }) } // // PROC_TRAPCAP_STATUS/PROC_TRAPCAP_CTL // const PROC_TRAPCAP_CTL: c_int = 9; const PROC_TRAPCAP_CTL_ENABLE: i32 = 1; const PROC_TRAPCAP_CTL_DISABLE: i32 = 2; /// `PROC_TRAPCAP_CTL_*`. #[derive(Copy, Clone, Debug, Eq, PartialEq)] #[repr(i32)] pub enum TrapCapBehavior { /// Disable the [`Signal::Trap`] signal delivery on capability mode access /// violations. Disable = PROC_TRAPCAP_CTL_DISABLE, /// Enable the [`Signal::Trap`] signal delivery on capability mode access /// violations. Enable = PROC_TRAPCAP_CTL_ENABLE, } /// Set the current value of the capability mode violation trapping behavior. /// If this behavior is enabled, the kernel would deliver a [`Signal::Trap`] /// signal on any return from a system call that would result in a /// [`io::Errno::NOTCAPABLE`]` or [`io::Errno::CAPMODE`] error. /// /// This behavior is inherited by the children of the process and is kept /// across `execve` calls. /// /// # References /// - [FreeBSD: `procctl(PROC_TRAPCAP_CTL,...)`] /// /// [FreeBSD: `procctl(PROC_TRAPCAP_CTL,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn set_trap_cap_behavior(process: ProcSelector, config: TrapCapBehavior) -> io::Result<()> { let config = config as c_int; unsafe { procctl_set::(PROC_TRAPCAP_CTL, process, &config) } } const PROC_TRAPCAP_STATUS: c_int = 10; /// Get the current value of the capability mode violation trapping behavior. /// /// # References /// - [FreeBSD: `procctl(PROC_TRAPCAP_STATUS,...)`] /// /// [FreeBSD: `procctl(PROC_TRAPCAP_STATUS,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn trap_cap_behavior(process: ProcSelector) -> io::Result { let val = unsafe { procctl_get_optional::(PROC_TRAPCAP_STATUS, process) }?; match val { PROC_TRAPCAP_CTL_DISABLE => Ok(TrapCapBehavior::Disable), PROC_TRAPCAP_CTL_ENABLE => Ok(TrapCapBehavior::Enable), _ => Err(io::Errno::RANGE), } } // // PROC_NO_NEW_PRIVS_STATUS/PROC_NO_NEW_PRIVS_CTL // const PROC_NO_NEW_PRIVS_CTL: c_int = 19; const PROC_NO_NEW_PRIVS_ENABLE: c_int = 1; /// Enable the `no_new_privs` mode that ignores SUID and SGID bits /// on `execve` in the specified process and its future descendants. /// /// This is similar to `set_no_new_privs` on Linux, with the exception /// that on FreeBSD there is no argument `no_new_privs` argument as it's /// only possible to enable this mode and there's no going back. /// /// # References /// - [Linux: `prctl(PR_SET_NO_NEW_PRIVS,...)`] /// - [FreeBSD: `procctl(PROC_NO_NEW_PRIVS_CTL,...)`] /// /// [Linux: `prctl(PR_SET_NO_NEW_PRIVS,...)`]: https://man7.org/linux/man-pages/man2/prctl.2.html /// [FreeBSD: `procctl(PROC_NO_NEW_PRIVS_CTL,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn set_no_new_privs(process: ProcSelector) -> io::Result<()> { unsafe { procctl_set::(PROC_NO_NEW_PRIVS_CTL, process, &PROC_NO_NEW_PRIVS_ENABLE) } } const PROC_NO_NEW_PRIVS_STATUS: c_int = 20; /// Check the `no_new_privs` mode of the specified process. /// /// # References /// - [Linux: `prctl(PR_GET_NO_NEW_PRIVS,...)`] /// - [FreeBSD: `procctl(PROC_NO_NEW_PRIVS_STATUS,...)`] /// /// [Linux: `prctl(PR_GET_NO_NEW_PRIVS,...)`]: https://man7.org/linux/man-pages/man2/prctl.2.html /// [FreeBSD: `procctl(PROC_NO_NEW_PRIVS_STATUS,...)`]: https://man.freebsd.org/cgi/man.cgi?query=procctl&sektion=2 #[inline] pub fn no_new_privs(process: ProcSelector) -> io::Result { unsafe { procctl_get_optional::(PROC_NO_NEW_PRIVS_STATUS, process) } .map(|x| x == PROC_NO_NEW_PRIVS_ENABLE) }