git: a34a4807c9f7 - stable/13 - ktrace: add a kern.ktrace.filesize_limit_signal knob

Konstantin Belousov kib at FreeBSD.org
Sun Jun 13 01:45:05 UTC 2021 

The branch stable/13 has been updated by kib:

URL: https://cgit.FreeBSD.org/src/commit/?id=a34a4807c9f7fa4001e4b4fa8bf319b08b51390f

commit a34a4807c9f7fa4001e4b4fa8bf319b08b51390f
Author:     Konstantin Belousov <kib at FreeBSD.org>
AuthorDate: 2021-05-18 16:05:39 +0000
Commit:     Konstantin Belousov <kib at FreeBSD.org>
CommitDate: 2021-06-13 01:22:33 +0000

    ktrace: add a kern.ktrace.filesize_limit_signal knob
    
    (cherry picked from commit ea2b64c2413355ac0d5fc6ff597342e9437a34d4)
---
 sys/kern/kern_ktrace.c | 10 ++++++++++
 sys/kern/vfs_vnops.c   | 10 +++++++---
 sys/sys/ktrace.h       |  1 +
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index d44f6b9ab994..9568a752d820 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -142,6 +142,16 @@ u_int ktr_geniosize = PAGE_SIZE;
 SYSCTL_UINT(_kern_ktrace, OID_AUTO, genio_size, CTLFLAG_RWTUN, &ktr_geniosize,
     0, "Maximum size of genio event payload");
 
+/*
+ * Allow to not to send signal to traced process, in which context the
+ * ktr record is written.  The limit is applied from the process that
+ * set up ktrace, so killing the traced process is not completely fair.
+ */
+int ktr_filesize_limit_signal = 0;
+SYSCTL_INT(_kern_ktrace, OID_AUTO, filesize_limit_signal, CTLFLAG_RWTUN,
+    &ktr_filesize_limit_signal, 0,
+    "Send SIGXFSZ to the traced process when the log size limit is exceeded");
+
 static int print_message = 1;
 static struct mtx ktrace_mtx;
 static struct sx ktrace_sx;
diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c
index fb94b1470a2d..9c3d261a25c4 100644
--- a/sys/kern/vfs_vnops.c
+++ b/sys/kern/vfs_vnops.c
@@ -79,6 +79,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/syslog.h>
 #include <sys/unistd.h>
 #include <sys/user.h>
+#include <sys/ktrace.h>
 
 #include <security/audit/audit.h>
 #include <security/mac/mac_framework.h>
@@ -2361,6 +2362,7 @@ vn_rlimit_fsize(const struct vnode *vp, const struct uio *uio,
     struct thread *td)
 {
 	off_t lim;
+	bool ktr_write;
 
 	if (vp->v_type != VREG || td == NULL ||
 	    (td->td_pflags2 & TDP2_ACCT) != 0)
@@ -2370,9 +2372,11 @@ vn_rlimit_fsize(const struct vnode *vp, const struct uio *uio,
 	if ((uoff_t)uio->uio_offset + uio->uio_resid < lim)
 		return (0);
 
-	PROC_LOCK(td->td_proc);
-	kern_psignal(td->td_proc, SIGXFSZ);
-	PROC_UNLOCK(td->td_proc);
+	if (!ktr_write || ktr_filesize_limit_signal) {
+		PROC_LOCK(td->td_proc);
+		kern_psignal(td->td_proc, SIGXFSZ);
+		PROC_UNLOCK(td->td_proc);
+	}
 	return (EFBIG);
 }
 
diff --git a/sys/sys/ktrace.h b/sys/sys/ktrace.h
index c4ab985722c0..50030d002f97 100644
--- a/sys/sys/ktrace.h
+++ b/sys/sys/ktrace.h
@@ -299,6 +299,7 @@ void	ktrcapfail(enum ktr_cap_fail_type, const cap_rights_t *,
 #define ktrstat_error(s, error) \
 	ktrstruct_error("stat", (s), sizeof(struct stat), error)
 extern u_int ktr_geniosize;
+extern int ktr_filesize_limit_signal;
 #else
 
 #include <sys/cdefs.h>

More information about the dev-commits-src-branches mailing list