| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 3 Jun 2008 14:31:50 -0700
From: "Luck, Tony" <tony.luck@...el.com>
To: "Roland McGrath" <roland@...hat.com>,
"Petr Tesarik" <ptesarik@...e.cz>
Cc: "Luming Yu" <luming.yu@...il.com>,
"LKML" <linux-kernel@...r.kernel.org>, <linux-ia64@...r.kernel.org>
Subject: RE: [RFC PATCH] set TASK_TRACED before arch_ptrace code to fix a race
> What do you mean by "extra"? There is a SIGTRAP sent after execve
> completes when ptraced, even when PTRACE_SYSCALL is not being used.
> So for an execve that succeeds under PTRACE_SYSCALL, there is a
> ptrace_notify at syscall entry, then a SIGTRAP queued (i.e., not seen
> by ptrace if blocked), then a ptrace_notify at syscall exit. If
> that's what's happening (including the blocked SIGTRAP not being seen
> by the ptracer, i.e. strace), then there is no mystery (and no bug).
This might not be the same bug ... but I do have a definite 100%
reproducible bug (latest git kernel, old version of strace (4.5.15-1.el4.1))
Run:
$ strace -o logit -f make
in any directory where make is actually going to have to do some
work. You'll see that the command hangs after make outputs the
first action that it will take. Looking at the stack traces of
the 3 processes involved it seems that make forked, the child
stopped in ptrace waiting for some action from strace, but strace
isn't woken from its sleep in wait().
Backtrace of pid 6442 (strace)
Call Trace:
[<a0000001007069b0>] schedule+0x11f0/0x1380
sp=e0000001b28cfdb0 bsp=e0000001b28c0e00
[<a0000001000842d0>] do_wait+0x1110/0x1520
sp=e0000001b28cfdd0 bsp=e0000001b28c0d58
[<a0000001000849c0>] sys_wait4+0x140/0x1a0
sp=e0000001b28cfe30 bsp=e0000001b28c0cd8
[<a00000010000aa60>] ia64_ret_from_syscall+0x0/0x20
sp=e0000001b28cfe30 bsp=e0000001b28c0cd8
[<a000000000010740>] __kernel_syscall_via_break+0x0/0x20
sp=e0000001b28d0000 bsp=e0000001b28c0cd8
Backtrace of pid 6443 (make)
Call Trace:
[<a0000001007069b0>] schedule+0x11f0/0x1380
sp=e0000001b768fb40 bsp=e0000001b7680d58
[<a000000100707800>] schedule_timeout+0x40/0x180
sp=e0000001b768fb60 bsp=e0000001b7680d28
[<a000000100706d60>] wait_for_common+0x220/0x380
sp=e0000001b768fb90 bsp=e0000001b7680cd8
[<a000000100706f00>] wait_for_completion+0x40/0x60
sp=e0000001b768fbf0 bsp=e0000001b7680cb8
[<a0000001000794d0>] do_fork+0x430/0x4a0
sp=e0000001b768fbf0 bsp=e0000001b7680c60
[<a00000010000a340>] sys_clone+0x60/0x80
sp=e0000001b768fc20 bsp=e0000001b7680c10
[<a00000010000a990>] ia64_trace_syscall+0xd0/0x110
sp=e0000001b768fe30 bsp=e0000001b7680c10
[<a000000000010740>] __kernel_syscall_via_break+0x0/0x20
sp=e0000001b7690000 bsp=e0000001b7680c10
Backtrace of pid 6444 (make)
Call Trace:
[<a0000001007069b0>] schedule+0x11f0/0x1380
sp=e0000001b803fd60 bsp=e0000001b8030dd8
[<a000000100097590>] ptrace_stop+0x2d0/0x380
sp=e0000001b803fd80 bsp=e0000001b8030da0
[<a000000100097c90>] get_signal_to_deliver+0x1d0/0x6a0
sp=e0000001b803fd80 bsp=e0000001b8030d38
[<a000000100034a10>] ia64_do_signal+0xb0/0xd00
sp=e0000001b803fd80 bsp=e0000001b8030c90
[<a000000100012c60>] do_notify_resume_user+0x100/0x180
sp=e0000001b803fe20 bsp=e0000001b8030c60
[<a00000010000b0c0>] notify_resume_user+0x40/0x60
sp=e0000001b803fe20 bsp=e0000001b8030c10
[<a00000010000aff0>] skip_rbs_switch+0xe0/0x110
sp=e0000001b803fe30 bsp=e0000001b8030c10
[<a000000000010740>] __kernel_syscall_via_break+0x0/0x20
sp=e0000001b8040000 bsp=e0000001b8030c10
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists