procctl.2: Fix names of PROC_LOGSIGEXIT_CTL constants

The headers contain constants that start with PROC_LOGSIGEXIT_CTL_*, but the
man page elided the _CTL portion.

Fixes: dabf006 ("Add per-process

procctl.2: Fix names of PROC_LOGSIGEXIT_CTL constants

The headers contain constants that start with PROC_LOGSIGEXIT_CTL_*, but the
man page elided the _CTL portion.

Fixes: dabf006 ("Add per-process flag to disable logsigexit")
Reviewed by: imp, jlduran
Pull Request: https://github.com/freebsd/freebsd-src/pull/1610

show more ...

Add per-process flag to disable logsigexit

I added a third value for kern.logsigexit to mean 'auto' as an abundance
of caution, but I don't know how much it matters -- that can be easily
consolidate

Add per-process flag to disable logsigexit

I added a third value for kern.logsigexit to mean 'auto' as an abundance
of caution, but I don't know how much it matters -- that can be easily
consolidated back to boolean-ish.

This is primarily targeted towards people running test suites under CI
(e.g. buildbot, jenkins). Oftentimes tests entail segfaults that are
expected, and logs get spammed -- this can be particularly high volume
depending on the application. Per-process control of this behavior is
desirable because they may still want to be logging legitimate
segfaults, so the system-wide atomic bomb kern.logsigexit=0 is not a
great option.

This adds a process flag to disable it, controllable via
procctl(2)/proccontrol(1); the latter knows it as "sigexitlog" due to
its length, but it's referred to almost everywhere else as
"sigexit_log."

Reviewed by: kib (earlier version), pstef
Differential Revision: https://reviews.freebsd.org/D21903

show more ...

procctl.2: Editing pass

- Add some missing .Pp macros after the end of literal blocks and some
lists to ensure there is a blank line before the following text.

- Use an indent of Ds for nested li

procctl.2: Editing pass

- Add some missing .Pp macros after the end of literal blocks and some
lists to ensure there is a blank line before the following text.

- Use an indent of Ds for nested lists to reduce excessive indentation and
make the bodies of the nested list items easier to read.

- Various and sundry rewordings and clarifications.

Reviewed by: kib, emaste
Differential Revision: https://reviews.freebsd.org/D47782

show more ...

procctl(2): Clarify the ESRCH error code case

Approved by: kib
Differential Revision: https://reviews.freebsd.org/D47010

manuals: Misc macro typos

These were reported by `mandoc -T lint` as
ERROR: skipping unknown macro
When these pages were rendered with `man`, the "unknown macro" meant
that the entire line was o

manuals: Misc macro typos

These were reported by `mandoc -T lint` as
ERROR: skipping unknown macro
When these pages were rendered with `man`, the "unknown macro" meant
that the entire line was omitted from the output.

Obvious typos in:
lib/libsys/swapon.2
lib/libsys/procctl.2
share/man/man9/firmware.9

lib/libcasper/services/cap_net/cap_net.3: 'mode' describes a function
argument.

lib/libsys/statfs.2: there's no .Tm command ("trademark?"), and
.Tn ("tradename") is deprecated, so remove the macro entirely.

usr.sbin/mfiutil/mfiutil.8: man was interpreting '/dev/' as a macro
(which it didn't recognize).

share/man/man4/qat.4: same issue as above, but with '0'. In this case,
given the context of the previous line, rewriting as "Value '0'"
seemed more appropriate.

usr.sbin/mlx5tool/mlx5tool.8: typo in .Xr

Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Sponsored by: Tarsnap Backup Inc.
Reviewed by: concussious, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1417

show more ...

manuals: Fix errors in .2 pages

These were reported by `mandoc -T lint ...` as errors.

fhlink.2, fhreadlink.2: remove unneeded block closing.

getfh.2, procctl.2: add necessary block closing.

ptra

manuals: Fix errors in .2 pages

These were reported by `mandoc -T lint ...` as errors.

fhlink.2, fhreadlink.2: remove unneeded block closing.

getfh.2, procctl.2: add necessary block closing.

ptrace.2: -width only takes one argument.

swapon.2: <sys/vmparam.h> and <vm/swap_pager.h> weren't being displayed,
because .It is for a list item whereas .In is for included files.
Also, we want a blank line between <sys/ > headers and the other
one.

Signed-off-by: Graham Percival <gperciva@tarsnap.com>
PR: 281597
Reviewed by: mhorne
Sponsored by: Tarsnap Backup Inc.

show more ...

procctl(2) actually appeared in 9.3

libsys: relocate implementations and manpages

Remove core system call implementations and documentation to lib/libsys
and lib/libsys/<arch> from lib/libc/sys and lib/libc/<arch>/<sys>.
Update paths

libsys: relocate implementations and manpages

Remove core system call implementations and documentation to lib/libsys
and lib/libsys/<arch> from lib/libc/sys and lib/libc/<arch>/<sys>.
Update paths to allow libc to find them in their new home.

Reviewed by: kib, emaste, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/908

show more ...

procctl.2: improve phrasing for ASLR disable

Reported by: jrtc27
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D42364

Remove $FreeBSD$: two-line nroff pattern

Remove /^\.\\"\n\.\\"\s*\$FreeBSD\$$\n/

procctl: add state flags to PROC_REAP_GETPIDS reports

For a process supervisor using the reaper API to track process subtrees,
it is very useful to know the state of the processes on the list.

Spon

procctl: add state flags to PROC_REAP_GETPIDS reports

For a process supervisor using the reaper API to track process subtrees,
it is very useful to know the state of the processes on the list.

Sponsored by: https://www.patreon.com/valpackett
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39585

show more ...

procctl: actually require debug privileges over target

for state control over TRACE, TRAPCAP, ASLR, PROTMAX, STACKGAP,
NO_NEWPRIVS, and WXMAP.

Reported by: emaste
Reviewed by: emaste, markj
Sponsor

procctl: actually require debug privileges over target

for state control over TRACE, TRAPCAP, ASLR, PROTMAX, STACKGAP,
NO_NEWPRIVS, and WXMAP.

Reported by: emaste
Reviewed by: emaste, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D32513

show more ...

procctl(2): add consistent shortcut P_ID:0 as curproc

Reported by: bdrewery, emaste
Reviewed by: emaste, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://r

procctl(2): add consistent shortcut P_ID:0 as curproc

Reported by: bdrewery, emaste
Reviewed by: emaste, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D32513

show more ...

procctl(2): Add PROC_WXMAP_CTL/STATUS

It allows to override kern.elf{32,64}.allow_wx on per-process basis.
In particular, it makes it possible to run binaries without PT_GNU_STACK
and without elfctl

procctl(2): Add PROC_WXMAP_CTL/STATUS

It allows to override kern.elf{32,64}.allow_wx on per-process basis.
In particular, it makes it possible to run binaries without PT_GNU_STACK
and without elfctl note while allow_wx = 0.

Reviewed by: brooks, emaste, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D31779

show more ...

Pass the syscall number to capsicum permission-denied signals

The syscall number is stored in the same register as the syscall return
on amd64 (and possibly other architectures) and so it is impossi

Pass the syscall number to capsicum permission-denied signals

The syscall number is stored in the same register as the syscall return
on amd64 (and possibly other architectures) and so it is impossible to
recover in the signal handler after the call has returned. This small
tweak delivers it in the `si_value` field of the signal, which is
sufficient to catch capability violations and emulate them with a call
to a more-privileged process in the signal handler.

This reapplies 3a522ba1bc852c3d4660a4fa32e4a94999d09a47 with a fix for
the static assertion failure on i386.

Approved by: markj (mentor)

Reviewed by: kib, bcr (manpages)

Differential Revision: https://reviews.freebsd.org/D29185

show more ...

Revert "Pass the syscall number to capsicum permission-denied signals"

This broke the i386 build.

This reverts commit 3a522ba1bc852c3d4660a4fa32e4a94999d09a47.

Pass the syscall number to capsicum permission-denied signals

The syscall number is stored in the same register as the syscall return
on amd64 (and possibly other architectures) and so it is impossi

Pass the syscall number to capsicum permission-denied signals

The syscall number is stored in the same register as the syscall return
on amd64 (and possibly other architectures) and so it is impossible to
recover in the signal handler after the call has returned. This small
tweak delivers it in the `si_value` field of the signal, which is
sufficient to catch capability violations and emulate them with a call
to a more-privileged process in the signal handler.

Approved by: markj (mentor)

Reviewed by: kib, bcr (manpages)

Differential Revision: https://reviews.freebsd.org/D29185

show more ...

procctl(2): add PROC_NO_NEW_PRIVS_CTL, PROC_NO_NEW_PRIVS_STATUS

This introduces a new, per-process flag, "NO_NEW_PRIVS", which
is inherited, preserved on exec, and cannot be cleared. The flag,
when

procctl(2): add PROC_NO_NEW_PRIVS_CTL, PROC_NO_NEW_PRIVS_STATUS

This introduces a new, per-process flag, "NO_NEW_PRIVS", which
is inherited, preserved on exec, and cannot be cleared. The flag,
when set, makes subsequent execs ignore any SUID and SGID bits,
instead executing those binaries as if they not set.

The main purpose of the flag is implementation of Linux
PROC_SET_NO_NEW_PRIVS prctl(2), and possibly also unpriviledged
chroot.

Reviewed By: kib
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D30939

show more ...

procctl(2): consistently refer to the last agrument as 'data'

Some older references called it 'arg'

Also fix a syntax error that was underlining an entire sentence.

PR: 247386
Reported by: Paul F

procctl(2): consistently refer to the last agrument as 'data'

Some older references called it 'arg'

Also fix a syntax error that was underlining an entire sentence.

PR: 247386
Reported by: Paul Floyd <paulf@free.fr>, PauAmma (research)
MFC after: 2 weeks
Sponsored by: Klara Inc.

show more ...

procctl(2): document PROC_KPTI

Reviewed by: bcr
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D25258

procctl(2): consistently refer to the data pointer as 'data'.

Reviewed by: bcr
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D25258

procctl(2): correct a minor cut-n-pasto

This is clearly describing PROC_PROTMAX_FORCE_DISABLE, rather than
PROC_ASL_FORCE_DISABLE.

Submitted by: sigsys@gmail.com

Fix a typo

Reported by: pstef
MFC after: 2 days

Add procctl(PROC_STACKGAP_CTL)

It allows a process to request that stack gap was not applied to its
stacks, retroactively. Also it is possible to control the gaps in the
process after exec.

PR: 23

Add procctl(PROC_STACKGAP_CTL)

It allows a process to request that stack gap was not applied to its
stacks, retroactively. Also it is possible to control the gaps in the
process after exec.

PR: 239894
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D21352

show more ...

Control implicit PROT_MAX() using procctl(2) and the FreeBSD note
feature bit.

In particular, allocate the bit to opt-out the image from implicit
PROTMAX enablement. Provide procctl(2) verbs to set

Control implicit PROT_MAX() using procctl(2) and the FreeBSD note
feature bit.

In particular, allocate the bit to opt-out the image from implicit
PROTMAX enablement. Provide procctl(2) verbs to set and query
implicit PROTMAX handling. The knobs mimic the same per-image flag
and per-process controls for ASLR.

Reviewed by: emaste, markj (previous version)
Discussed with: brooks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D20795

show more ...