lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sat, 28 Mar 2009 12:31:52 +0100
From:	Markus Metzger <markus.t.metzger@...glemail.com>
To:	Oleg Nesterov <oleg@...hat.com>, Ingo Molnar <mingo@...e.hu>
Cc:	"Metzger, Markus T" <markus.t.metzger@...el.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"mingo@...e.hu" <mingo@...e.hu>,
	"tglx@...utronix.de" <tglx@...utronix.de>,
	"hpa@...or.com" <hpa@...or.com>,
	"roland@...hat.com" <roland@...hat.com>,
	"eranian@...glemail.com" <eranian@...glemail.com>,
	"Villacis, Juan" <juan.villacis@...el.com>,
	"ak@...ux.jf.intel.com" <ak@...ux.jf.intel.com>
Subject: Re: [patch 3/14] x86, ptrace, bts: stop bts tracing early in
	do_exit

On Fri, 2009-03-27 at 18:24 +0100, Oleg Nesterov wrote:
> On 03/27, Metzger, Markus T wrote:
> >
> > >-----Original Message-----
> > >From: Oleg Nesterov [mailto:oleg@...hat.com]
> > >Sent: Friday, March 27, 2009 3:35 PM
> >
> > >> +static void ptrace_bts_exit(void)
> > >> +{
> > >> +	if (unlikely(!list_empty(&current->ptraced)))
> > >> +		ptrace_bts_exit_tracer();
> > >> +
> > >> +	if (unlikely(current->bts))
> > >> +		ptrace_bts_exit_tracee();
> > >> +}
> > >
> > >Could you explain why do we need ptrace_bts_exit_tracee() ?
> > >
> > >If current is traced, the tracer should do ptrace_bts_release()
> > >eventually, no?
> >
> > If current is traced and exits, it may be reaped by another thread that is not
> > the tracer (that's actually your example you made in an earlier thread to
> > describe the race between a normal detach and an exiting tracee).
> >
> > The ptrace_unlink() call to detach the tracer is executed with irq's disabled.
> > I need irq's enabled (see the other discussion, to wait for the traced task).
> 
> OK,
> 
> > Therefore, I have the tracee disable bts tracing itself when it exits.
> >
> >
> > >And if we really need to do ptrace_bts_exit_tracee(), then
> > >"if (unlikely(current->bts))" check is racy. The tracer
> > >can do PTRACE_BTS_CONFIG right after the check.
> >
> > The ptrace system call to do this would require the tracee to be stopped.
> 
> Yes, but this doesn't matter.
> 
> The tracer starts ptrace(PTRACE_BTS_CONFIG) and stops the tracee.
> But when the tracer calls ptrace_bts_config() the tracee can be already
> killed, and it can exit and bypass ptrace_bts_exit_tracee().

Could something like that work?

ds_release_bts(struct bts_tracer *tracer)
{
	struct task_struct *task =
		tracer->ds.context->task;

	do {
		set_task_state(task, TASK_UNINTERRUPTIBLE);
	while (!wait_task_inactive(task, TASK_UNINTERRUPTIBLE));

	ds_suspend_bts(tracer);
	ds_free_bts(tracer);

	wake_up_process(task);
}

I guess it would not work in general, since task could already sleep
on some event and be woken up after the do loop.

I was thinking it might work for the exit race, since we don't sleep
during exit, but it might have started sleeping before the SIGKILL.


Isn't this a general problem for ptrace?

Ptrace uses a similar pattern in ptrace_check_attach().
It stops the traced task, but that task might wake up immediately after
that check. It might be scheduled in any time during a ptrace operation.

In that case, must I always assume I'm operating on a running task?


regards,
markus.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists