Commit Graph

127 Commits

Author SHA1 Message Date
Alan Somers
809a8352dd Drop "All rights reserved" from the files I own
Also, add SPDX tags where needed.

MFC after:	2 weeks
2019-03-11 22:23:56 +00:00
John Baldwin
2e43efd0bb Drop "All rights reserved" from my copyright statements.
Reviewed by:	rgrimes
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D19485
2019-03-06 22:11:45 +00:00
Andrew Turner
bdffe3b5bf Allow the kcov buffer to be mmaped multiple times.
After r344391 this restriction is no longer needed.

Sponsored by:	DARPA, AFRL
2019-02-21 10:11:15 +00:00
Andrew Turner
bd52577899 Use KCOV_ENTRY_SIZE for the entry size.
Previously it was sizeof(uint64_t). While this is currently true, it may
not be on all future architectures.

Sponsored by:	DARPA, AFRL
2019-02-21 09:43:14 +00:00
Andrew Turner
c1bc2f7a02 Temporarily disable the kcov tests. Not all architectures have
atomic_store_64 and atomic_store_64.

Sponsored by:	DARPA, AFRL
2019-01-12 11:50:39 +00:00
Andrew Turner
b3c0d957a2 Add support for the Clang Coverage Sanitizer in the kernel (KCOV).
When building with KCOV enabled the compiler will insert function calls
to probes allowing us to trace the execution of the kernel from userspace.
These probes are on function entry (trace-pc) and on comparison operations
(trace-cmp).

Userspace can enable the use of these probes on a single kernel thread with
an ioctl interface. It can allocate space for the probe with KIOSETBUFSIZE,
then mmap the allocated buffer and enable tracing with KIOENABLE, with the
trace mode being passed in as the int argument. When complete KIODISABLE
is used to disable tracing.

The first item in the buffer is the number of trace event that have
happened. Userspace can write 0 to this to reset the tracing, and is
expected to do so on first use.

The format of the buffer depends on the trace mode. When in PC tracing just
the return address of the probe is stored. Under comparison tracing the
comparison type, the two arguments, and the return address are traced. The
former method uses on entry per trace event, while the later uses 4. As
such they are incompatible so only a single mode may be enabled.

KCOV is expected to help fuzzing the kernel, and while in development has
already found a number of issues. It is required for the syzkaller system
call fuzzer [1]. Other kernel fuzzers could also make use of it, either
with the current interface, or by extending it with new modes.

A man page is currently being worked on and is expected to be committed
soon, however having the code in the kernel now is useful for other
developers to use.

[1] https://github.com/google/syzkaller

Submitted by:	Mitchell Horne <mhorne063@gmail.com> (Earlier version)
Reviewed by:	kib
Testing by:	tuexen
Sponsored by:	DARPA, AFRL
Sponsored by:	The FreeBSD Foundation (Mitchell Horne)
Differential Revision:	https://reviews.freebsd.org/D14599
2019-01-12 11:21:28 +00:00
John Baldwin
c5786670ac Don't report stale signal information for non-signal events in ptrace_lwpinfo.
Once a signal's siginfo was copied to 'td_si' as part of the signal
exchange in issignal(), it was never cleared.  This caused future
thread events that are reported as SIGTRAP events without signal
information to report the stale siginfo in 'td_si'.  For example, if a
debugger created a new process and used SIGSTOP to stop it after
PT_ATTACH, future system call entry / exit events would set PL_FLAG_SI
with the SIGSTOP siginfo in pl_siginfo.  This broke 'catch syscall' in
current versions of gdb as it assumed PL_FLAG_SI with SIGTRAP
indicates a breakpoint or single step trap.

Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D18487
2018-12-10 19:39:24 +00:00
Eric van Gyzen
de7417c40c Maybe make gcc happy
According to Jenkins, the GCC architectures were unhappy because:

    sigaltstack.c:82: warning: missing initializer
    sigaltstack.c:82: warning: (near initialization for 'oss.ss_size')

MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2018-11-30 23:47:57 +00:00
Eric van Gyzen
984969cd96 Fix reporting of SS_ONSTACK
Fix reporting of SS_ONSTACK in nested signal delivery when sigaltstack()
is used on some architectures.

Add a unit test for this.  I tested the test by introducing the bug
on amd64.  I did not test it on other architectures.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D18347
2018-11-30 22:44:33 +00:00
Mark Johnston
ddab8c351a Reparent a child of pdfork(2) to its reaper when the procdesc is closed.
Unconditionally reparenting to PID 1 breaks the procctl(2) reaper
functionality.

Add a regression test for this case.

Reviewed by:	kib
Approved by:	re (gjb)
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D17589
2018-10-16 20:06:56 +00:00
Alan Somers
88fa3a7649 Revert r337929
FreeBSD's mkstemp sets the temporary file's permissions to 600, and has ever
since mkstemp was added in 1987.  Coverity's warning is still relevant for
portable programs since OpenGroup does not require that behavior, and POSIX
didn't until 2008.  But none of these programs are portable.
2018-08-16 22:04:00 +00:00
Alan Somers
76f2606181 Fix Coverity warnings about mkstemp in tests
umask(2) should always be used prior to mkstemp(3) so the temporary file
won't be created with insecure permissions.

Reported by:	Coverity
CID:		1331605 1347173 1375366 1339800 1331604 1296056 1296060
CID:		1296057 1296062
MFC after:	2 weeks
2018-08-16 21:36:19 +00:00
Mark Johnston
ffb8b43ec2 Update PR 131876 regression tests after r337423.
- Add some more cases to the truncation test.
- Remove the "expect fail" annotations.

PR:		131876
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D16562
2018-08-07 16:39:07 +00:00
Mark Johnston
9f21643182 Fix the regression test for PR 181741.
With r337328, the test hangs becase the sendmsg() call will block until
the receive buffer is at least partially drained.  Fix the problem by
using a non-blocking socket and allowing short writes.  Also assert
that a SCM_CREDS message was received if one was expected.

PR:		181741
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D16516
2018-08-04 20:29:58 +00:00
Alan Somers
da4465506d Fix LOCAL_PEERCRED with socketpair(2)
Enable the LOCAL_PEERCRED socket option for unix domain stream sockets
created with socketpair(2). Previously, it only worked with unix domain
stream sockets created with socket(2)/listen(2)/connect(2)/accept(2).

PR:		176419
Reported by:	Nicholas Wilson <nicholas@nicholaswilson.me.uk>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16350
2018-08-03 01:37:00 +00:00
Mark Johnston
48729f75e1 Fix some nits in the unix_passfd tests.
- Remove return statements in functions with a void return type.
- Allocate enough space for the SCM_CREDS and SCM_RIGHTS messages
  received in the rights_creds_payload test.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-08-01 19:45:04 +00:00
Mark Johnston
9f9dd0523b Add a regression test related to PR 131876.
If an error occurs while copying a SCM_RIGHTS message to userspace,
we free the mbuf containing externalized rights, leaking them.

PR:		131876
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2018-07-31 00:48:08 +00:00
Mark Johnston
6984a7b8bb Add a regression test for PR 131876.
PR:		131876
MFC after:	1 week
2018-07-22 18:07:08 +00:00
John Baldwin
a9c91abd3b Export a breakpoint() function to userland for arm and arm64.
Enable ptrace() tests using breakpoint() on these architectures.

Reviewed by:	andrew
Differential Revision:	https://reviews.freebsd.org/D15191
2018-07-06 23:49:17 +00:00
John Baldwin
ca75fa17ee Export a breakpoint() function to userland for riscv.
As a result, enable tests using breakpoint() on riscv.

Reviewed by:	br
Differential Revision:	https://reviews.freebsd.org/D15191
2018-05-16 16:56:35 +00:00
Konstantin Belousov
1187fc2dc6 Remove redundant pipe from pdeathsig.c test.
A pipe was was left over from a development version of pdeathsig.c and
is not needed.

Process C waits for a signal that'll be generated when process B
exists. Process B waits for process D to send it a byte via pipe_db
before it exits. Process D sends the byte after it has started
ptrace()ing process C. The point of the test is to show that process C
receives the signal because process B exited, even though C has been
reparented to process D. The pipe pipe_cd isn't doing anything useful
(though in an earlier version of the patch it did). Clean that up by
removing the useless pipe.

Submitted by:	Thomas Munro
MFC after:	6 days
Differential revision:	https://reviews.freebsd.org/D15214
2018-04-27 16:34:28 +00:00
John Baldwin
e71d9c1f33 Shorten some recently-added lines that are an extra indent over 80 columns. 2018-04-24 23:22:45 +00:00
John Baldwin
643ce7de72 Add two tests for TRAP_* signal codes for SIGTRAP.
- ptrace__breakpoint_siginfo tests that a SIGTRAP for a software breakpoint
  in userland triggers a SIGTRAP with a signal code of TRAP_BRKPT.
- ptrace__step_siginfo tests that a SIGTRAP reported for a step after
  stepping via PT_STEP or PT_SETSTEP has a signal code of TRAP_TRACE.
2018-04-24 05:30:05 +00:00
John Baldwin
bd061c3998 Expose breakpoint() to userland from <machine/cpufunc.h> on MIPS.
Enable ptrace() tests using breakpoint on MIPS as well.

Tested on:	mips64
MFC after:	1 month
2018-04-24 05:26:28 +00:00
John Baldwin
403e331d54 Extend support for ptrace() tests using breakpoints.
- Use a single list of platforms to define HAVE_BREAKPOINT for platforms
  that expose a functional breakpoint() inline to userland.  Replace
  existing lists of platform tests with HAVE_BREAKPOINT instead.
- Add support for advancing PC past a breakpoint inserted via breakpoint()
  to support the existing ptrace__PT_CONTINUE_different_thread test on
  non-x86 platforms (x86 advances the PC past the breakpoint instruction,
  but other platforms do not).  This is implemented by defining a new
  SKIP_BREAK macro which accepts a pointer to a 'struct reg' as its sole
  argument and modifies the contents to advance the PC.  The intention is
  to use it in between PT_GETREGS and PT_SETREGS.

Tested on:	amd64, i386, mips (after adding a breakpoint() to mips)
MFC after:	1 month
2018-04-24 05:20:16 +00:00
Konstantin Belousov
1302eea7bb Rename PROC_PDEATHSIG_SET -> PROC_PDEATHSIG_CTL and PROC_PDEATHSIG_GET
-> PROC_PDEATHSIG_STATUS for consistency with other procctl(2)
operations names.

Requested by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	13 days
2018-04-20 15:19:27 +00:00
Konstantin Belousov
b940886338 Add PROC_PDEATHSIG_SET to procctl interface.
Allow processes to request the delivery of a signal upon death of
their parent process.  Supposed consumer of the feature is PostgreSQL.

Submitted by:	Thomas Munro
Reviewed by:	jilles, mjg
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D15106
2018-04-18 21:31:13 +00:00
Conrad Meyer
855c2cbe07 Appease GCC 4.2
It mistakenly believes the 'static' keyword must come first.  Fix PPC,
Sparc64, and maybe MIPS world.  Fallout from r331279.

Reported by:	tinderbox (results come slowly)
2018-03-21 04:44:19 +00:00
Conrad Meyer
e9ac27430c Implement getrandom(2) and getentropy(3)
The general idea here is to provide userspace programs with well-defined
sources of entropy, in a fashion that doesn't require opening a new file
descriptor (ulimits) or accessing paths (/dev/urandom may be restricted
by chroot or capsicum).

getrandom(2) is the more general API, and comes from the Linux world.
Since our urandom and random devices are identical, the GRND_RANDOM flag
is ignored.

getentropy(3) is added as a compatibility shim for the OpenBSD API.

truss(1) support is included.

Tests for both system calls are provided.  Coverage is believed to be at
least as comprehensive as LTP getrandom(2) test coverage.  Additionally,
instructions for running the LTP tests directly against FreeBSD are provided
in the "Test Plan" section of the Differential revision linked below.  (They
pass, of course.)

PR:		194204
Reported by:	David CARLIER <david.carlier AT hardenedbsd.org>
Discussed with:	cperciva, delphij, jhb, markj
Relnotes:	maybe
Differential Revision:	https://reviews.freebsd.org/D14500
2018-03-21 01:15:45 +00:00
Brooks Davis
5e1e3ea237 Fix and enable SysV IPC tests.
Don't declare some types that FreeBSD incorrectly declares.

Fix an incorrect call to open() (missing mode).

ANSIfy prototypes.

Enable SysV message queue, semaphore, and shared memory tests.

With exception of the workaround for union semun, these fixes have been
committed to NetBSD.

Reviewed by:	asomers
Approved by:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D13471
2018-02-05 18:48:00 +00:00
John Baldwin
e0a40f3045 Mark the unused argument to continue_thread() as such.
clang in HEAD and 11 does not warn about this, but clang in 10 does.
2018-01-24 17:46:20 +00:00
Eitan Adler
9914452050 other: Fix several typos and minor errors
- duplicate words
- typos
- references to old versions of FreeBSD

Reviewed by:	imp, benno
2017-12-27 03:23:58 +00:00
John Baldwin
3a014c56c1 Catch up to r325719 which makes the kern.proc.pid sysctl "work" for zombies.
Some of the ptrace tests need to wait for a child process to become a
zombie before preceding.  The parent process polls the child process
via the kern.proc.pid sysctl to wait for it to become a zombie.
Previously the code polled until the sysctl failed with ESRCH.  Now it
will poll until either the sysctl fails with ESRCH (for compatiblity
with older kernels) or returns a kinfo_proc structure with the ki_stat
field set to SZOMB.

Reported by:	Jenkins
Tested by:	markj
Discussed with:	mjg
MFC after:	1 week
2017-12-18 23:35:14 +00:00
Bryan Drewery
ea825d0274 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
John Baldwin
e012fe34cb Discard the correct thread event reported for a ptrace stop.
When multiple threads wish to report a tracing event to a debugger,
both threads call ptracestop() and one thread will win the race to be
the reporting thread (p->p_xthread).  The debugger uses PT_LWPINFO
with the process ID to determine which thread / LWP is reporting an
event and the details of that event.  This event is cleared as a side
effect of the subsequent ptrace event that resumed the process
(PT_CONTINUE, PT_STEP, etc.).  However, ptrace() was clearing the
event identified by the LWP ID passed to the resume request even if
that wasn't the 'p_xthread'.  This could result in clearing an event
that had not yet been observed by the debugger and leaving the
existing event for 'p_thread' pending so that it was reported a second
time.

Specifically, if the debugger stopped due to a software breakpoint in
one thread, but then switched to another thread that was used to
resume (e.g. if the user switched to a different thread and issued a
step), the resume request (PT_STEP) cleared a pending event (if any)
for the thread being stepped.  However, the process immediately
stopped and the first thread reported it's breakpoint event a second
time.  The debugger decremented the PC for "both" breakpoint events
which resulted in the PC now pointing into the middle of an
instruction (on x86) and a SIGILL fault when the process was resumed a
second time.

To fix, always clear the pending event for 'p_xthread' when resuming a
process.  ptrace() still honors the requested LWP ID when enabling
single-stepping (PT_STEP) or setting a different PC (PT_CONTINUE).

Reported by:	GDB testsuite (gdb.threads/continue-pending-status.exp)
Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D12794
2017-10-27 03:16:19 +00:00
John Baldwin
54cfb29e3a Add a test for sending a signal while stepping a thread via PT_STEP.
MFC after:	1 week
2017-10-25 17:23:33 +00:00
Bryan Drewery
753e292217 Add a test for r324671 along with some other masked tests.
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-10-17 19:01:01 +00:00
Bryan Drewery
fc1e29dc35 This child is expected to exit on SIGTRAP, don't leave a core behind.
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-10-16 20:06:24 +00:00
Bryan Drewery
9643739121 Fix shadowed variable hidden by WARNS changing to 3 in r313006.
Sponsored by:	Dell EMC Isilon
MFC after:	1 week
2017-10-12 19:58:21 +00:00
Enji Cooper
d2ba5111c1 Make test scripts under tests/... non-executable
Executable bits should be set at install time instead of in the repo.
Setting executable bits on files triggers false positives with Phabricator.

MFC after:	2 months
2017-08-08 04:59:16 +00:00
Enji Cooper
3cf56bb43a Annotate tests that require root privileges appropriately
This unbreaks running the tests with unprivileged users.

MFC after:	1 week
2017-08-02 22:19:45 +00:00
Enji Cooper
83f5e032b4 Clean up :coredump_phnum
- Use "atf_check -x 'cmd1 | cmd2'" instead of "cmd1 | atf_check cmd2". The
  two forms are idiomatically similar, but subtly different in the sense of
  what program invokes the other, and there could be unwanted side effects
  of the latter idiom dealing with forking, pipes, etc.
- Remove chmod and instead source coredump_phnum_restore_state.sh directly.
  This avoids the need to check the result of the chmod call.
- Fix indentation in an if-block (4 column space indentation -> hard tab).
2017-07-19 16:23:02 +00:00
Enji Cooper
fa562aca7a Remove expected failure for :coredump_phnum
The testcase no longer fails on ^/head because readelf has established parity
with binutils' copy of readelf.

This issue is not seen on Jenkins because
`test_suites.FreeBSD.allow_sysctl_side_effects` isn't set in kyua.conf on
the CI host, i.e., the test is skipped.

PR:	215019
Tested with:	binutils (amd64-binutils-2.28,1); elftoolchain (r3561M)
2017-07-19 16:08:08 +00:00
Enji Cooper
fa5e5f53c2 Send all of data, not just a portion of it
It was sending only a long's worth (4 or 8 bytes) of data previously
(instead of the entire buffer) via send(2).

MFC after:	1 week
Reported by:	Coverity
CID:		1229966, 1229967, 1230004, 1230005
Sponsored by:	Dell EMC Isilon
2017-05-28 09:21:28 +00:00
Mark Johnston
d74da94ce4 Add a regression test for r318191.
Reviewed by:	badger
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D10684
2017-05-12 18:02:57 +00:00
Brooks Davis
ea703329bf Don't pass size_t arguments to setsockopt(SO_SNDBUF/SO_RCVBUF).
These command take an int. The tests work by accident on little-endian,
64-bit systems.

PR:		218919
Tested with:	qemu-cheri and CheriBSD built for mips64
Reviewed by:	asomers, ngie
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10518
2017-04-28 17:58:15 +00:00
Michael Tuexen
d7f27102b5 armv8 has support for optional CRC32C instructions. This patch checks if they are
available and if that is true make use of them.
Thank you very much to Andrew Turner for providing help and review the patch!
Reviewed by:		andrew
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D10499
2017-04-27 17:53:05 +00:00
Bruce Evans
5be56374b6 Remove the unportable -msse4 here too after fixing crc32_sse42.c to not
depend on it.  This should have been part of r315983.
2017-04-02 09:24:58 +00:00
Eric Badger
bc2be1d35b ptrace_test: eliminate assumption about thread scheduling
A couple of the ptrace tests make assumptions about which thread in a
multithreaded process will run after a halt. This makes the tests less
portable across branches, and susceptible to future breakage. Instead,
twiddle thread scheduling and priorities to match the tests'
expectation.

X-MFC with:	r313992
Sponsored by:	Dell EMC
2017-03-18 15:25:51 +00:00
Eric Badger
b4d3325975 Don't clear p_ptevents on normal SIGKILL delivery
The ptrace() user has the option of discarding the signal. In such a
case, p_ptevents should not be modified. If the ptrace() user decides to
send a SIGKILL, ptevents will be cleared in ptracestop(). procfs events
do not have the capability to discard the signal, so continue to clear
the mask in that case.

Reviewed by:	jhb (initial revision)
MFC after:	1 week
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D9939
2017-03-16 13:03:31 +00:00