[patch] Log signals and kills generated by traps

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[patch] Log signals and kills generated by traps

Aaron Vodney
Maybe I'm missing something, but it makes sense to me to log SEGV and
friends in the same manner pledge(2) kills are logged.

Index: kern/kern_sig.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sig.c,v
retrieving revision 1.212
diff -u -p -u -r1.212 kern_sig.c
--- kern/kern_sig.c 8 Jun 2017 17:14:02 -0000 1.212
+++ kern/kern_sig.c 6 Dec 2017 04:33:49 -0000
@@ -39,7 +39,9 @@
  */

 #define SIGPROP /* include signal properties table */
+#define SIG_NAMES /* include signal names for logging */
 #include <sys/param.h>
+#include <sys/signal.h>
 #include <sys/signalvar.h>
 #include <sys/resourcevar.h>
 #include <sys/queue.h>
@@ -758,6 +760,9 @@ trapsignal(struct proc *p, int signum, u
  struct process *pr = p->p_p;
  struct sigacts *ps = pr->ps_sigacts;
  int mask;
+
+ log(LOG_ERR, "%s(%d): trap signal %d \"%s\"\n", p->p_p->ps_comm,
+    p->p_p->ps_pid, signum, sig_names[signum]);

  switch (signum) {
  case SIGILL:
Index: sys/signal.h
===================================================================
RCS file: /cvs/src/sys/sys/signal.h,v
retrieving revision 1.26
diff -u -p -u -r1.26 signal.h
--- sys/signal.h 29 Apr 2013 17:06:20 -0000 1.26
+++ sys/signal.h 6 Dec 2017 04:33:49 -0000
@@ -90,6 +90,44 @@
 #define SIGTHR  32 /* thread library AST */
 #endif

+#ifdef SIG_NAMES
+char* sig_names[NSIG + 1] = {
+ "",
+ "SIGHUP",
+ "SIGINT",
+ "SIGQUIT",
+ "SIGILL",
+ "SIGTRAP",
+ "SIGABRT",
+ "SIGEMT",
+ "SIGFPE",
+ "SIGKILL",
+ "SIGBUS",
+ "SIGSEGV",
+ "SIGSYS",
+ "SIGPIPE",
+ "SIGALRM",
+ "SIGTERM",
+ "SIGURG",
+ "SIGSTOP",
+ "SIGTSTP",
+ "SIGCONT",
+ "SIGCHLD",
+ "SIGTTIN",
+ "SIGTTOU",
+ "SIGIO",
+ "SIGXCPU",
+ "SIGXFSZ",
+ "SIGVTALRM",
+ "SIGPROF",
+ "SIGWINCH",
+ "SIGINFO",
+ "SIGUSR1",
+ "SIGUSR2",
+ "SIGTHR"
+};
+#endif
+
 /*
  * Language spec says we must list exactly one parameter, even though we
  * actually supply three.  Ugh!

Reply | Threaded
Open this post in threaded view
|

Re: [patch] Log signals and kills generated by traps

Theo de Raadt-2
You've done absolutely nothing to justify it.

> Maybe I'm missing something, but it makes sense to me to log SEGV and
> friends in the same manner pledge(2) kills are logged.
>
> Index: kern/kern_sig.c
> ===================================================================
> RCS file: /cvs/src/sys/kern/kern_sig.c,v
> retrieving revision 1.212
> diff -u -p -u -r1.212 kern_sig.c
> --- kern/kern_sig.c 8 Jun 2017 17:14:02 -0000 1.212
> +++ kern/kern_sig.c 6 Dec 2017 04:33:49 -0000
> @@ -39,7 +39,9 @@
>   */
>
>  #define SIGPROP /* include signal properties table */
> +#define SIG_NAMES /* include signal names for logging */
>  #include <sys/param.h>
> +#include <sys/signal.h>
>  #include <sys/signalvar.h>
>  #include <sys/resourcevar.h>
>  #include <sys/queue.h>
> @@ -758,6 +760,9 @@ trapsignal(struct proc *p, int signum, u
>   struct process *pr = p->p_p;
>   struct sigacts *ps = pr->ps_sigacts;
>   int mask;
> +
> + log(LOG_ERR, "%s(%d): trap signal %d \"%s\"\n", p->p_p->ps_comm,
> +    p->p_p->ps_pid, signum, sig_names[signum]);
>
>   switch (signum) {
>   case SIGILL:
> Index: sys/signal.h
> ===================================================================
> RCS file: /cvs/src/sys/sys/signal.h,v
> retrieving revision 1.26
> diff -u -p -u -r1.26 signal.h
> --- sys/signal.h 29 Apr 2013 17:06:20 -0000 1.26
> +++ sys/signal.h 6 Dec 2017 04:33:49 -0000
> @@ -90,6 +90,44 @@
>  #define SIGTHR  32 /* thread library AST */
>  #endif
>
> +#ifdef SIG_NAMES
> +char* sig_names[NSIG + 1] = {
> + "",
> + "SIGHUP",
> + "SIGINT",
> + "SIGQUIT",
> + "SIGILL",
> + "SIGTRAP",
> + "SIGABRT",
> + "SIGEMT",
> + "SIGFPE",
> + "SIGKILL",
> + "SIGBUS",
> + "SIGSEGV",
> + "SIGSYS",
> + "SIGPIPE",
> + "SIGALRM",
> + "SIGTERM",
> + "SIGURG",
> + "SIGSTOP",
> + "SIGTSTP",
> + "SIGCONT",
> + "SIGCHLD",
> + "SIGTTIN",
> + "SIGTTOU",
> + "SIGIO",
> + "SIGXCPU",
> + "SIGXFSZ",
> + "SIGVTALRM",
> + "SIGPROF",
> + "SIGWINCH",
> + "SIGINFO",
> + "SIGUSR1",
> + "SIGUSR2",
> + "SIGTHR"
> +};
> +#endif
> +
>  /*
>   * Language spec says we must list exactly one parameter, even though we
>   * actually supply three.  Ugh!
>