[Midnightbsd-cvs] src [11449] trunk/usr.bin/protect: add protect

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Sat Jul 7 12:42:22 EDT 2018 

Revision: 11449
          http://svnweb.midnightbsd.org/src/?rev=11449
Author:   laffer1
Date:     2018-07-07 12:42:22 -0400 (Sat, 07 Jul 2018)
Log Message:
-----------
add protect

Added Paths:
-----------
    trunk/usr.bin/protect/
    trunk/usr.bin/protect/Makefile
    trunk/usr.bin/protect/protect.1
    trunk/usr.bin/protect/protect.c

Added: trunk/usr.bin/protect/Makefile
===================================================================
--- trunk/usr.bin/protect/Makefile	                        (rev 0)
+++ trunk/usr.bin/protect/Makefile	2018-07-07 16:42:22 UTC (rev 11449)
@@ -0,0 +1,7 @@
+# $MidnightBSD$
+# $FreeBSD: stable/10/usr.bin/protect/Makefile 255708 2013-09-19 18:53:42Z jhb $
+
+PROG=   protect
+WARNS?=	6
+
+.include <bsd.prog.mk>


Property changes on: trunk/usr.bin/protect/Makefile
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/usr.bin/protect/protect.1
===================================================================
--- trunk/usr.bin/protect/protect.1	                        (rev 0)
+++ trunk/usr.bin/protect/protect.1	2018-07-07 16:42:22 UTC (rev 11449)
@@ -0,0 +1,90 @@
+.\" $MidnightBSD$
+.\" Copyright (c) 2013 Hudson River Trading LLC
+.\" Written by: John H. Baldwin <jhb at FreeBSD.org>
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD: stable/10/usr.bin/protect/protect.1 283927 2015-06-02 19:20:39Z jhb $
+.\"
+.Dd September 19, 2013
+.Dt PROTECT 1
+.Os
+.Sh NAME
+.Nm protect
+.Nd "protect processes from being killed when swap space is exhausted"
+.Sh SYNOPSIS
+.Nm
+.Op Fl i
+.Ar command
+.Nm
+.Op Fl cdi
+.Fl g Ar pgrp | Fl p Ar pid
+.Sh DESCRIPTION
+The
+.Nm
+command is used to mark processes as protected.
+The kernel does not kill protected processes when swap space is exhausted.
+Note that this protected state is not inherited by child processes by default.
+.Pp
+The options are:
+.Bl -tag -width XXXXXXXXXX
+.It Fl c
+Remove protection from the specified processes.
+.It Fl d
+Apply the operation to all current children of the specified processes.
+.It Fl i
+Apply the operation to all future children of the specified processes.
+.It Fl g Ar pgrp
+Apply the operation to all processes in the specified process group.
+.It Fl p Ar pid
+Apply the operation to the specified process.
+.It Ar command
+Execute
+.Ar command
+as a protected process.
+.El
+.Pp
+Note that only one of the
+.Fl p
+or
+.Fl g
+flags may be specified when adjusting the state of existing processes.
+.Sh EXIT STATUS
+.Ex -std
+.Sh EXAMPLES
+Mark the Xorg server as protected:
+.Pp
+.Dl "pgrep Xorg | xargs protect -p"
+.Pp
+Protect all ssh sessions and their child processes:
+.Pp
+.Dl "pgrep sshd | xargs protect -dip"
+.Pp
+Remove protection from all current and future processes:
+.Pp
+.Dl "protect -cdi -p 1"
+.Sh SEE ALSO
+.Xr procctl 2
+.Sh BUGS
+If you protect a runaway process that allocates all memory the system will
+deadlock.


Property changes on: trunk/usr.bin/protect/protect.1
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property
Added: trunk/usr.bin/protect/protect.c
===================================================================
--- trunk/usr.bin/protect/protect.c	                        (rev 0)
+++ trunk/usr.bin/protect/protect.c	2018-07-07 16:42:22 UTC (rev 11449)
@@ -0,0 +1,123 @@
+/* $MidnightBSD$ */
+/*-
+ * Copyright (c) 2013 Hudson River Trading LLC
+ * Written by: John H. Baldwin <jhb at FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD: stable/10/usr.bin/protect/protect.c 283927 2015-06-02 19:20:39Z jhb $");
+
+#include <sys/procctl.h>
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <err.h>
+#include <errno.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+static void
+usage(void)
+{
+
+	fprintf(stderr, "usage: protect [-i] command\n");
+	fprintf(stderr, "       protect [-cdi] -g pgrp | -p pid\n");
+	exit(1);
+}
+
+static id_t
+parse_id(char *id)
+{
+	static bool first = true;
+	long value;
+	char *ch;
+
+	if (!first) {
+		warnx("only one -g or -p flag is permitted");
+		usage();
+	}
+	value = strtol(id, &ch, 0);
+	if (*ch != '\0') {
+		warnx("invalid process id");
+		usage();
+	}
+	return (value);
+}
+
+int
+main(int argc, char *argv[])
+{
+	idtype_t idtype;
+	id_t id;
+	int ch, flags;
+	bool descend, inherit, idset;
+
+	idtype = P_PID;
+	id = getpid();
+	flags = PPROT_SET;
+	descend = inherit = idset = false;
+	while ((ch = getopt(argc, argv, "cdig:p:")) != -1)
+		switch (ch) {
+		case 'c':
+			flags = PPROT_CLEAR;
+			break;
+		case 'd':
+			descend = true;
+			break;
+		case 'i':
+			inherit = true;
+			break;
+		case 'g':
+			idtype = P_PGID;
+			id = parse_id(optarg);
+			idset = true;
+			break;
+		case 'p':
+			idtype = P_PID;
+			id = parse_id(optarg);
+			idset = true;
+			break;
+		}
+	argc -= optind;
+	argv += optind;
+
+	if ((idset && argc != 0) || (!idset && (argc == 0 || descend)))
+		usage();
+
+	if (descend)
+		flags |= PPROT_DESCEND;
+	if (inherit)
+		flags |= PPROT_INHERIT;
+	if (procctl(idtype, id, PROC_SPROTECT, &flags) == -1)
+		err(1, "procctl");
+
+	if (argc != 0) {
+		errno = 0;
+		execvp(*argv, argv);
+		err(errno == ENOENT ? 127 : 126, "%s", *argv);
+	}
+	return (0);
+}


Property changes on: trunk/usr.bin/protect/protect.c
___________________________________________________________________
Added: svn:eol-style
## -0,0 +1 ##
+native
\ No newline at end of property
Added: svn:keywords
## -0,0 +1 ##
+MidnightBSD=%H
\ No newline at end of property
Added: svn:mime-type
## -0,0 +1 ##
+text/plain
\ No newline at end of property

More information about the Midnightbsd-cvs mailing list