Disable tracing on FreeBSD using procctl.

Placed at the start of platform_disable_tracing() to prevent declaration
after code errors from strict C89 compilers (in the unlikely event that
more than one method is enabled).

2 files changed, 12 insertions, 0 deletions

diff --git a/configure.ac b/configure.ac
index f0eb24b8..413913a7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -454,6 +454,7 @@ AC_CHECK_HEADERS([ \
 	sys/ndir.h \
 	sys/poll.h \
 	sys/prctl.h \
+	sys/procctl.h \
 	sys/pstat.h \
 	sys/ptrace.h \
 	sys/random.h \
@@ -1868,6 +1869,7 @@ AC_CHECK_FUNCS([ \
 	pledge \
 	poll \
 	prctl \
+	procctl \
 	pselect \
 	pstat \
 	raise \
diff --git a/platform-tracing.c b/platform-tracing.c
index 4c80a282..0daf2a86 100644
--- a/platform-tracing.c
+++ b/platform-tracing.c
@@ -17,6 +17,9 @@
 #include "includes.h"
 
 #include <sys/types.h>
+#ifdef HAVE_SYS_PROCCTL_H
+#include <sys/procctl.h>
+#endif
 #if defined(HAVE_SYS_PRCTL_H)
 #include <sys/prctl.h>	/* For prctl() and PR_SET_DUMPABLE */
 #endif
@@ -33,6 +36,13 @@
 void
 platform_disable_tracing(int strict)
 {
+#if defined(HAVE_PROCCTL) && defined(PROC_TRACE_CTL)
+	/* On FreeBSD, we should make this process untraceable */
+	int disable_trace = PROC_TRACE_CTL_DISABLE;
+
+	if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) && strict)
+		fatal("unable to make the process untraceable");
+#endif
 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
 	/* Disable ptrace on Linux without sgid bit */
 	if (prctl(PR_SET_DUMPABLE, 0) != 0 && strict)