From b05be03ceea0a95f7783ddc890885f34bb4023d4 Mon Sep 17 00:00:00 2001 From: Konstantin Belousov Date: Sat, 14 Feb 2026 18:38:23 +0200 Subject: [PATCH] pdrfork(2): do require RFPROCDESC | RFPROC when RFSPAWN is not specified, as stated in the man page. rfork(2) cannot modify non-curproc, which is why RFPROC is required, the syscall cannot act on arbitrary process descriptor. If RFPROCDESC is not specified, the syscall does not make sense, use rfork(2). Reported and tested by: pho Reviewed by: markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D55306 --- lib/libsys/pdfork.2 | 8 +++++--- sys/kern/kern_fork.c | 5 +++++ 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/lib/libsys/pdfork.2 b/lib/libsys/pdfork.2 index ad7eecb00da..9cbeb65bc4f 100644 --- a/lib/libsys/pdfork.2 +++ b/lib/libsys/pdfork.2 @@ -114,11 +114,13 @@ for a description of the possible flags. The .Fn pdrfork -system call requires that the +system call requires that both the .Va RFPROC -or +and +.Va RFPROCDESC +flags, or .Va RFSPAWN -flag is specified. +flag are specified. .Pp .Fn pdgetpid queries the process ID (PID) in the process descriptor diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 6313bf3bb65..36647ae44f0 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -214,6 +214,11 @@ sys_pdrfork(struct thread *td, struct pdrfork_args *uap) fr.fr_flags = RFFDG | RFPROC | RFPPWAIT | RFMEM | RFPROCDESC; fr.fr_flags2 = FR2_DROPSIG_CAUGHT; } else { + if ((uap->rfflags & (RFPROC | RFPROCDESC)) != + (RFPROC | RFPROCDESC)) { + return (EXTERROR(EINVAL, + "RFPROC|RFPROCDESC required %#jx", uap->rfflags)); + } fr.fr_flags = uap->rfflags; }