Delete fktrace(2). The consequences of it were not thought through

sufficiently and at least one horrific security hole was the result.

ok deraadt@ beck@

diff --git a/lib/libc/sys/Makefile.inc b/lib/libc/sys/Makefile.inc
index 3942aaa..40cbd96 100644 (file)
--- a/lib/libc/sys/Makefile.inc
+++ b/lib/libc/sys/Makefile.inc
@@ -1,4 +1,4 @@
-#      $OpenBSD: Makefile.inc,v 1.152 2017/08/13 19:34:12 tedu Exp $
+#      $OpenBSD: Makefile.inc,v 1.153 2017/11/28 06:03:41 guenther Exp $
 #      $NetBSD: Makefile.inc,v 1.35 1995/10/16 23:49:07 jtc Exp $
 #      @(#)Makefile.inc        8.1 (Berkeley) 6/17/93
 
@@ -47,7 +47,7 @@ ASM=  __semctl.o __syscall.o __thrsigdivert.o \
        dup.o dup2.o dup3.o \
        execve.o \
        faccessat.o fchdir.o fchflags.o fchmod.o fchmodat.o fchown.o \
-       fchownat.o fhopen.o fhstat.o fhstatfs.o fktrace.o \
+       fchownat.o fhopen.o fhstat.o fhstatfs.o \
        flock.o fpathconf.o fstat.o fstatat.o fstatfs.o \
        futimens.o futimes.o \
        getentropy.o getdents.o getfh.o getfsstat.o \

diff --git a/lib/libc/sys/ktrace.2 b/lib/libc/sys/ktrace.2
index da5d5fd..400c38f 100644 (file)
--- a/lib/libc/sys/ktrace.2
+++ b/lib/libc/sys/ktrace.2
@@ -1,4 +1,4 @@
-.\"    $OpenBSD: ktrace.2,v 1.34 2017/10/08 19:21:10 guenther Exp $
+.\"    $OpenBSD: ktrace.2,v 1.35 2017/11/28 06:03:41 guenther Exp $
 .\"    $NetBSD: ktrace.2,v 1.2 1995/02/27 12:33:58 cgd Exp $
 .\"
 .\" Copyright (c) 1993
@@ -30,12 +30,11 @@
 .\"
 .\"     @(#)ktrace.2   8.1 (Berkeley) 6/4/93
 .\"
-.Dd $Mdocdate: October 8 2017 $
+.Dd $Mdocdate: November 28 2017 $
 .Dt KTRACE 2
 .Os
 .Sh NAME
-.Nm ktrace ,
-.Nm fktrace
+.Nm ktrace
 .Nd process tracing
 .Sh SYNOPSIS
 .In sys/types.h
@@ -44,31 +43,20 @@
 .In sys/ktrace.h
 .Ft int
 .Fn ktrace "const char *tracefile" "int ops" "int trpoints" "pid_t pid"
-.Ft int
-.Fn fktrace "int tracefd" "int ops" "int trpoints" "pid_t pid"
 .Sh DESCRIPTION
 The
 .Fn ktrace
-and
-.Fn fktrace
-functions enable or disable tracing of one or more processes.
+function enables or disables tracing of one or more processes.
 Users may only trace their own processes.
 Only the superuser can trace setuid or setgid programs.
-These functions are only available on kernels compiled with the
+This function is only available on kernels compiled with the
 .Cm KTRACE
 option.
 .Pp
-For
-.Fn ktrace ,
 .Fa tracefile
 gives the pathname of the file to be used for tracing.
 The file must exist, be writable by the calling process, and
 not be a symbolic link.
-For
-.Fn fktrace ,
-an existing file descriptor
-.Fa tracefd
-gives the open file descriptor to which the trace records are written.
 If tracing points are being disabled (see
 .Dv KTROP_CLEAR
 below),
@@ -188,8 +176,6 @@ include file.
 .Rv -std
 .Sh ERRORS
 .Fn ktrace
-and
-.Fn fktrace
 will fail if:
 .Bl -tag -width EINVALAA
 .It Bq Er EINVAL
@@ -240,17 +226,6 @@ Too many symbolic links were encountered in translating the pathname.
 .Fa tracefile
 points outside the process's allocated address space.
 .El
-.Pp
-.Fn fktrace
-will fail if:
-.Bl -tag -width EINVALAA
-.It Bq Er EBADF
-.Fa tracefd
-does not refer to a valid descriptor open for writing.
-.It Bq Er EINVAL
-.Fa tracefd
-refers to a socket, pipe, or kqueue, not a file.
-.El
 .Sh SEE ALSO
 .Xr kdump 1 ,
 .Xr ktrace 1 ,
@@ -260,11 +235,3 @@ A
 .Fn ktrace
 function call first appeared in
 .Bx 4.4 .
-The
-.Fn fktrace
-function first appeared in
-.Nx 1.4 .
-It was added to
-.Ox
-in
-.Ox 6.2 .

diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 99bc48f..08eab39 100644 (file)
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_ktrace.c,v 1.92 2017/08/12 00:03:10 tedu Exp $   */
+/*     $OpenBSD: kern_ktrace.c,v 1.93 2017/11/28 06:03:41 guenther Exp $       */
 /*     $NetBSD: kern_ktrace.c,v 1.23 1996/02/09 18:59:36 christos Exp $        */
 
 /*
@@ -522,36 +522,6 @@ sys_ktrace(struct proc *p, void *v, register_t *retval)
        return error;
 }
 
-int
-sys_fktrace(struct proc *p, void *v, register_t *retval)
-{
-       struct sys_fktrace_args /* {
-               syscallarg(int) fd;
-               syscallarg(int) ops;
-               syscallarg(int) facs;
-               syscallarg(pid_t) pid;
-       } */ *uap = v;
-       struct vnode *vp = NULL;
-       int fd = SCARG(uap, fd);
-       struct file *fp;
-       int error;
-
-       if (fd != -1) {
-               if ((error = getvnode(p, fd, &fp)) != 0)
-                       return error;
-               vp = fp->f_data;
-               vref(vp);
-               FRELE(fp, p);
-       }
-
-       error = doktrace(vp, SCARG(uap, ops), SCARG(uap, facs),
-           SCARG(uap, pid), p);
-       if (vp != NULL)
-               vrele(vp);
-       
-       return error;
-}
-
 int
 ktrops(struct proc *curp, struct process *pr, int ops, int facs,
     struct vnode *vp, struct ucred *cred)

diff --git a/sys/kern/syscalls.master b/sys/kern/syscalls.master
index 9708ae8..eb3e0b7 100644 (file)
--- a/sys/kern/syscalls.master
+++ b/sys/kern/syscalls.master
@@ -1,4 +1,4 @@
-;      $OpenBSD: syscalls.master,v 1.178 2017/09/25 23:00:33 espie Exp $
+;      $OpenBSD: syscalls.master,v 1.179 2017/11/28 06:03:41 guenther Exp $
 ;      $NetBSD: syscalls.master,v 1.32 1996/04/23 10:24:21 mycroft Exp $
 
 ;      @(#)syscalls.master     8.2 (Berkeley) 1/13/94
@@ -237,12 +237,7 @@
 111    STD             { int sys_sigsuspend(int mask); }
 112    STD             { int sys_sendsyslog(const char *buf, size_t nbyte, \
                            int flags); }
-#ifdef KTRACE
-113    STD             { int sys_fktrace(int fd, int ops, \
-                           int facs, pid_t pid); }
-#else
 113    UNIMPL          fktrace
-#endif
 114    OBSOL           osendmsg
 115    OBSOL           vtrace
 116    OBSOL           t32_gettimeofday