| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Mar 2012 20:02:33 +0100 From: Denys Vlasenko <vda.linux@...glemail.com> To: Tim Bird <tim.bird@...sony.com> Cc: Andi Kleen <andi@...stfloor.org>, Oleg Nesterov <oleg@...hat.com>, linux kernel <linux-kernel@...r.kernel.org>, tj@...nel.org Subject: Re: Questions about ptrace on a dying process On Thu, Mar 1, 2012 at 7:30 PM, Tim Bird <tim.bird@...sony.com> wrote: >>> Yeah - I may be doing something new here. Android uses ptrace >>> in debuggerd, which is their crash reporting tool, but they wake >>> it up with signals before the dying program goes into coredump. >> >> I think ptrace API does not provide guarantees that it is possible >> to attach to the process when it coredumps. >> >> It might work in current kernels, but might break in new ones. > > If it's not too much trouble, it would be nice to continue > this behaviour. Admittedly, my style of crash handling appears > to be new, and I don't want to unnecessarily burden the code, > but so far it works really well, and currently requires very > minimal change to the existing ptrace code. One thing that's > nice about what I'm doing, is that I don't rely on the > whole signal state machine of the process to interact with it > (since a dying process can't respond correctly). > > So hopefully, continuing to support ptrace for a dying process > won't interfere or burden the existing (rather complex) > state processing in the current code. > > Just for reference, below is the patch I settled on for my own kernel. You added yet another quirk to ptrace API - and this API already has no shortage of quirks. Of course you can maintain it for your kernel, but adding it in mainline is a bizarre proposition. I'm not even sure that _if_ PTRACE_SEIZE with PTRACE_O_TRACEEXIT option works on semi-dead core-dumping process today without patching, it is guaranteed to do so in the future. > I'm planning taking a look at the PTRACE_SEIZE code to see if it > accomplishes what I need, but haven't done that yet. > > I do have a question, though - how will a tracer know that it can > use PTRACE_SEIZE? By looking at kernel version. -- vda -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists