diff options
| author | Jake Freeland <jfree@FreeBSD.org> | 2024-04-06 18:31:21 +0000 |
|---|---|---|
| committer | Jake Freeland <jfree@FreeBSD.org> | 2024-04-07 23:52:51 +0000 |
| commit | 6a4616a529c1e387d87376e48ceb670eef8141e7 (patch) | |
| tree | e7bee27b00f277e76f9baa6d90e36bfb0931d60f | |
| parent | 05296a0ff615566d25c77c5e6619b08724d2eecb (diff) | |
ktrace: Record signal violations with KTR_CAPFAIL
Report the delivery of signals to processes other than self while
Capsicum violation tracing with CAPFAIL_SIGNAL.
Reviewed by: markj
Approved by: markj (mentor)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D40679
| -rw-r--r-- | sys/kern/kern_procctl.c | 4 | ||||
| -rw-r--r-- | sys/kern/kern_sig.c | 8 |
2 files changed, 10 insertions, 2 deletions
diff --git a/sys/kern/kern_procctl.c b/sys/kern/kern_procctl.c index 4d145f9737a0..46ddfaf709bd 100644 --- a/sys/kern/kern_procctl.c +++ b/sys/kern/kern_procctl.c @@ -27,6 +27,8 @@ * SUCH DAMAGE. */ +#include "opt_ktrace.h" + #include <sys/param.h> #include <sys/_unrhdr.h> #include <sys/systm.h> @@ -542,6 +544,8 @@ reap_kill(struct thread *td, struct proc *p, void *data) rk = data; sx_assert(&proctree_lock, SX_LOCKED); + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SIGNAL, &rk->rk_sig); if (IN_CAPABILITY_MODE(td)) return (ECAPMODE); if (rk->rk_sig <= 0 || rk->rk_sig > _SIG_MAXSIG || diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 8fa0942a5496..11b3a3374a4d 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1906,8 +1906,12 @@ kern_kill(struct thread *td, pid_t pid, int signum) * The main rationale behind this is that abort(3) is implemented as * kill(getpid(), SIGABRT). */ - if (IN_CAPABILITY_MODE(td) && pid != td->td_proc->p_pid) - return (ECAPMODE); + if (pid != td->td_proc->p_pid) { + if (CAP_TRACING(td)) + ktrcapfail(CAPFAIL_SIGNAL, &signum); + if (IN_CAPABILITY_MODE(td)) + return (ECAPMODE); + } AUDIT_ARG_SIGNUM(signum); AUDIT_ARG_PID(pid); |