1 .\" Copyright (c) 2013 Hudson River Trading LLC
2 .\" Written by: John H. Baldwin <jhb@FreeBSD.org>
3 .\" All rights reserved.
5 .\" Copyright (c) 2014 The FreeBSD Foundation
6 .\" Portions of this documentation were written by Konstantin Belousov
7 .\" under sponsorship from the FreeBSD Foundation.
9 .\" Redistribution and use in source and binary forms, with or without
10 .\" modification, are permitted provided that the following conditions
12 .\" 1. Redistributions of source code must retain the above copyright
13 .\" notice, this list of conditions and the following disclaimer.
14 .\" 2. Redistributions in binary form must reproduce the above copyright
15 .\" notice, this list of conditions and the following disclaimer in the
16 .\" documentation and/or other materials provided with the distribution.
18 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
43 .Fn procctl "idtype_t idtype" "id_t id" "int cmd" "void *arg"
47 system call provides for control over processes.
52 arguments specify the set of processes to control.
53 If multiple processes match the identifier,
57 to control as many of the selected processes as possible.
58 An error is only returned if no selected processes successfully complete
60 The following identifier types are supported:
61 .Bl -tag -width "Dv P_PGID"
63 Control the process with the process ID
66 Control processes belonging to the process group with the ID
70 The control request to perform is specified by the
73 The following commands are supported:
74 .Bl -tag -width "Dv PROC_REAP_GETPIDS"
76 Set process protection state.
77 This is used to mark a process as protected from being killed if the system
78 exhausts available memory and swap.
81 parameter must point to an integer containing an operation and zero or more
83 The following operations are supported:
84 .Bl -tag -width "Dv PPROT_CLEAR"
86 Mark the selected processes as protected.
88 Clear the protected state of selected processes.
91 The following optional flags are supported:
92 .Bl -tag -width "Dv PPROT_DESCE"
94 Apply the requested operation to all child processes of each selected process
95 in addition to each selected process.
99 mark all future child processes of each selected process as protected.
100 Future child processes will also mark all of their future child processes.
102 .It Dv PROC_REAP_ACQUIRE
103 Acquires the reaper status for the current process.
104 The status means that children orphaned by the reaper's descendants
105 that were forked after the acquisition of the status are reparented to the
107 After the system initialization,
109 is the default reaper.
111 .It Dv PROC_REAP_RELEASE
112 Releases the reaper state for the current process.
113 The reaper of the current process becomes the new reaper of the
114 current process's descendants.
115 .It Dv PROC_REAP_STATUS
116 Provides the information about the reaper of the specified process,
117 or the process itself when it is a reaper.
120 argument must point to a
121 .Vt procctl_reaper_status
122 structure which is filled in by the syscall on successful return.
124 struct procctl_reaper_status {
127 u_int rs_descendants;
134 may have the following flags returned:
135 .Bl -tag -width "Dv REAPER_STATUS_REALINIT"
136 .It Dv REAPER_STATUS_OWNED
137 The specified process has acquired the reaper status and has not
139 When the flag is returned, the specified process
141 pid, identifies the reaper, otherwise the
143 field of the structure is set to the pid of the reaper
144 for the specified process id.
145 .It Dv REAPER_STATUS_REALINIT
146 The specified process is the root of the reaper tree, i.e.
151 field returns the number of children of the reaper.
154 field returns the total number of descendants of the reaper(s),
155 not counting descendants of the reaper in the subtree.
158 field returns the reaper pid.
161 returns the pid of one reaper child if there are any descendants.
162 .It Dv PROC_REAP_GETPIDS
163 Queries the list of descendants of the reaper of the specified process.
164 The request takes a pointer to a
165 .Vt procctl_reaper_pids
170 struct procctl_reaper_pids {
172 struct procctl_reaper_pidinfo *rp_pids;
177 field must point to an array of
178 .Vt procctl_reaper_pidinfo
179 structures, to be filled in on return,
182 field must specify the size of the array,
183 into which no more than
185 elements will be filled in by the kernel.
188 .Vt "struct procctl_reaper_pidinfo"
189 structure provides some information about one of the reaper's descendants.
190 Note that for a descendant that is not a child, it may be incorrectly
191 identified because of a race in which the original child process exited
192 and the exited process's pid was reused for an unrelated process.
194 struct procctl_reaper_pidinfo {
202 field is the process id of the descendant.
205 field provides the pid of the child of the reaper, which is the (grand-)parent
209 field returns the following flags, further describing the descendant:
210 .Bl -tag -width "Dv REAPER_PIDINFO_VALID"
211 .It Dv REAPER_PIDINFO_VALID
212 Set to indicate that the
213 .Vt procctl_reaper_pidinfo
214 structure was filled in by the kernel.
217 array and testing the
218 .Dv REAPER_PIDINFO_VALID
219 flag allows the caller to detect the end
220 of the returned array.
221 .It Dv REAPER_PIDINFO_CHILD
224 field identifies the direct child of the reaper.
226 .It Dv PROC_REAP_KILL
227 Request to deliver a signal to some subset of the descendants of the reaper.
230 parameter must point to a
231 .Vt procctl_reaper_kill
232 structure, which is used both for parameters and status return.
234 struct procctl_reaper_kill {
244 field specifies the signal to be delivered.
245 Zero is not a valid signal number, unlike
249 field further directs the operation.
250 It is or-ed from the following flags:
251 .Bl -tag -width "Dv REAPER_KILL_CHILDREN"
252 .It Dv REAPER_KILL_CHILDREN
253 Deliver the specified signal only to direct children of the reaper.
254 .It Dv REAPER_KILL_SUBTREE
255 Deliver the specified signal only to descendants that were forked by
256 the direct child with pid specified in the
261 .Dv REAPER_KILL_CHILDREN
263 .Dv REAPER_KILL_SUBTREE
264 flags are specified, all current descendants of the reaper are signalled.
266 If a signal was delivered to any process, the return value from the request
270 field identifies the number of processes signalled.
273 field is set to the pid of the first process for which signal
274 delivery failed, e.g. due to the permission problems.
275 If no such process exist, the
278 .It Dv PROC_TRACE_CTL
279 Enable or disable tracing of the specified process(es), according to the
280 value of the integer argument.
281 Tracing includes attachment to the process using
289 Possible values for the
292 .Bl -tag -width "Dv PROC_TRACE_CTL_DISABLE_EXEC"
293 .It Dv PROC_TRACE_CTL_ENABLE
294 Enable tracing, after it was disabled by
295 .Dv PROC_TRACE_CTL_DISABLE .
296 Only allowed for self.
297 .It Dv PROC_TRACE_CTL_DISABLE
298 Disable tracing for the specified process.
299 Tracing is re-enabled when the process changes the executing
303 A child inherits the trace settings from the parent on
305 .It Dv PROC_TRACE_CTL_DISABLE_EXEC
307 .Dv PROC_TRACE_CTL_DISABLE ,
308 but the setting persist for the process even after
311 .It Dv PROC_TRACE_STATUS
312 Returns the current tracing status for the specified process in
313 the integer variable pointed to by
315 If tracing is disabled,
318 If tracing is enabled, but no debugger is attached by
323 If a debugger is attached,
325 is set to the pid of the debugger process.
328 Disabling tracing on a process should not be considered a security
329 feature, as it is bypassable both by the kernel and privileged processes,
330 and via other system mechanisms.
331 As such, it should not be relied on to reliably protect cryptographic
332 keying material or other confidential data.
334 If an error occurs, a value of -1 is returned and
336 is set to indicate the error.
346 parameter points outside the process's allocated address space.
350 argument specifies an unsupported command.
354 argument specifies an unsupported identifier type.
356 The calling process does not have permission to perform the requested
357 operation on any of the selected processes.
359 No processes matched the requested
364 An invalid operation or flag was passed in
372 argument is not equal to
376 is not equal to the pid of the calling process, for
377 .Dv PROC_REAP_ACQUIRE
379 .Dv PROC_REAP_RELEASE
382 Invalid or undefined flags were passed to a
386 An invalid or zero signal number was requested for a
391 .Dv PROC_REAP_RELEASE
392 request was issued by the
397 .Dv PROC_REAP_ACQUIRE
398 request was issued by a process that had already acquired reaper status
399 and has not yet released it.
403 request was issued for a process already being traced.
407 request to re-enable tracing of the process (
408 .Dv PROC_TRACE_CTL_ENABLE ) ,
409 or to disable persistence of the
410 .Dv PROC_TRACE_CTL_DISABLE
413 was issued for a non-current process.
415 The value of the integer
434 The reaper facility is based on a similar feature of Linux and
435 DragonflyBSD, and first appeared in