il_7029-3 Sdiff usr/src/lib/libproc/common/proc_get

Print this page

7029 want per-process exploit mitigation features (secflags)
7030 want basic address space layout randomization (aslr)
7031 noexec_user_stack should be a secflag
7032 want a means to forbid mappings around NULL.

  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25 /*
  26  * Copyright 2015, Joyent, Inc.
  27  */
  28 
  29 #include <stdio.h>
  30 #include <stdlib.h>
  31 #include <unistd.h>
  32 #include <fcntl.h>
  33 #include <string.h>
  34 #include <limits.h>

  35 
  36 #include "Pcontrol.h"
  37 
  38 /*
  39  * These several routines simply get the indicated /proc structures
  40  * for a process identified by process ID.  They are convenience
  41  * functions for one-time operations.  They do the mechanics of
  42  * open() / read() / close() of the necessary /proc files so the
  43  * caller's code can look relatively less cluttered.
  44  */
  45 
  46 /*
  47  * 'ngroups' is the number of supplementary group entries allocated in
  48  * the caller's cred structure.  It should equal zero or one unless extra
  49  * space has been allocated for the group list by the caller, like this:
  50  *    credp = malloc(sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t));
  51  */
  52 int
  53 proc_get_cred(pid_t pid, prcred_t *credp, int ngroups)
  54 {
  55         char fname[PATH_MAX];
  56         int fd;
  57         int rv = -1;
  58         ssize_t minsize = sizeof (*credp) - sizeof (gid_t);
  59         size_t size = minsize + ngroups * sizeof (gid_t);
  60 
  61         (void) snprintf(fname, sizeof (fname), "%s/%d/cred",
  62             procfs_path, (int)pid);
  63         if ((fd = open(fname, O_RDONLY)) >= 0) {
  64                 if (read(fd, credp, size) >= minsize)
  65                         rv = 0;
  66                 (void) close(fd);
  67         }
  68         return (rv);
  69 }
  70 





















  71 void
  72 proc_free_priv(prpriv_t *prv)
  73 {
  74         free(prv);
  75 }
  76 
  77 /*
  78  * Malloc and return a properly sized structure.
  79  */
  80 prpriv_t *
  81 proc_get_priv(pid_t pid)
  82 {
  83         char fname[PATH_MAX];
  84         int fd;
  85         struct stat statb;
  86         prpriv_t *rv = NULL;
  87 
  88         (void) snprintf(fname, sizeof (fname), "%s/%d/priv",
  89             procfs_path, (int)pid);
  90         if ((fd = open(fname, O_RDONLY)) >= 0) {

  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25 /*
  26  * Copyright 2015, Joyent, Inc.
  27  */
  28 
  29 #include <stdio.h>
  30 #include <stdlib.h>
  31 #include <unistd.h>
  32 #include <fcntl.h>
  33 #include <string.h>
  34 #include <limits.h>
  35 #include <sys/secflags.h>
  36 
  37 #include "Pcontrol.h"
  38 
  39 /*
  40  * These several routines simply get the indicated /proc structures
  41  * for a process identified by process ID.  They are convenience
  42  * functions for one-time operations.  They do the mechanics of
  43  * open() / read() / close() of the necessary /proc files so the
  44  * caller's code can look relatively less cluttered.
  45  */
  46 
  47 /*
  48  * 'ngroups' is the number of supplementary group entries allocated in
  49  * the caller's cred structure.  It should equal zero or one unless extra
  50  * space has been allocated for the group list by the caller, like this:
  51  *    credp = malloc(sizeof (prcred_t) + (ngroups - 1) * sizeof (gid_t));
  52  */
  53 int
  54 proc_get_cred(pid_t pid, prcred_t *credp, int ngroups)
  55 {
  56         char fname[PATH_MAX];
  57         int fd;
  58         int rv = -1;
  59         ssize_t minsize = sizeof (*credp) - sizeof (gid_t);
  60         size_t size = minsize + ngroups * sizeof (gid_t);
  61 
  62         (void) snprintf(fname, sizeof (fname), "%s/%d/cred",
  63             procfs_path, (int)pid);
  64         if ((fd = open(fname, O_RDONLY)) >= 0) {
  65                 if (read(fd, credp, size) >= minsize)
  66                         rv = 0;
  67                 (void) close(fd);
  68         }
  69         return (rv);
  70 }
  71 
  72 int
  73 proc_get_secflags(pid_t pid, prsecflags_t **psf)
  74 {
  75         char fname[PATH_MAX];
  76         int fd;
  77         int rv = -1;
  78 
  79         if ((*psf = calloc(1, sizeof (prsecflags_t))) == NULL)
  80                 return (-1);
  81 
  82         (void) snprintf(fname, sizeof (fname), "%s/%d/secflags",
  83             procfs_path, (int)pid);
  84         if ((fd = open(fname, O_RDONLY)) >= 0) {
  85                 if (read(fd, *psf, sizeof (prsecflags_t)) ==
  86                     sizeof (prsecflags_t))
  87                         rv = 0;
  88                 (void) close(fd);
  89         }
  90         return (rv);
  91 }
  92 
  93 void
  94 proc_free_priv(prpriv_t *prv)
  95 {
  96         free(prv);
  97 }
  98 
  99 /*
 100  * Malloc and return a properly sized structure.
 101  */
 102 prpriv_t *
 103 proc_get_priv(pid_t pid)
 104 {
 105         char fname[PATH_MAX];
 106         int fd;
 107         struct stat statb;
 108         prpriv_t *rv = NULL;
 109 
 110         (void) snprintf(fname, sizeof (fname), "%s/%d/priv",
 111             procfs_path, (int)pid);
 112         if ((fd = open(fname, O_RDONLY)) >= 0) {