lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 28 Mar 2009 12:31:52 +0100 From: Markus Metzger <markus.t.metzger@...glemail.com> To: Oleg Nesterov <oleg@...hat.com>, Ingo Molnar <mingo@...e.hu> Cc: "Metzger, Markus T" <markus.t.metzger@...el.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "mingo@...e.hu" <mingo@...e.hu>, "tglx@...utronix.de" <tglx@...utronix.de>, "hpa@...or.com" <hpa@...or.com>, "roland@...hat.com" <roland@...hat.com>, "eranian@...glemail.com" <eranian@...glemail.com>, "Villacis, Juan" <juan.villacis@...el.com>, "ak@...ux.jf.intel.com" <ak@...ux.jf.intel.com> Subject: Re: [patch 3/14] x86, ptrace, bts: stop bts tracing early in do_exit On Fri, 2009-03-27 at 18:24 +0100, Oleg Nesterov wrote: > On 03/27, Metzger, Markus T wrote: > > > > >-----Original Message----- > > >From: Oleg Nesterov [mailto:oleg@...hat.com] > > >Sent: Friday, March 27, 2009 3:35 PM > > > > >> +static void ptrace_bts_exit(void) > > >> +{ > > >> + if (unlikely(!list_empty(¤t->ptraced))) > > >> + ptrace_bts_exit_tracer(); > > >> + > > >> + if (unlikely(current->bts)) > > >> + ptrace_bts_exit_tracee(); > > >> +} > > > > > >Could you explain why do we need ptrace_bts_exit_tracee() ? > > > > > >If current is traced, the tracer should do ptrace_bts_release() > > >eventually, no? > > > > If current is traced and exits, it may be reaped by another thread that is not > > the tracer (that's actually your example you made in an earlier thread to > > describe the race between a normal detach and an exiting tracee). > > > > The ptrace_unlink() call to detach the tracer is executed with irq's disabled. > > I need irq's enabled (see the other discussion, to wait for the traced task). > > OK, > > > Therefore, I have the tracee disable bts tracing itself when it exits. > > > > > > >And if we really need to do ptrace_bts_exit_tracee(), then > > >"if (unlikely(current->bts))" check is racy. The tracer > > >can do PTRACE_BTS_CONFIG right after the check. > > > > The ptrace system call to do this would require the tracee to be stopped. > > Yes, but this doesn't matter. > > The tracer starts ptrace(PTRACE_BTS_CONFIG) and stops the tracee. > But when the tracer calls ptrace_bts_config() the tracee can be already > killed, and it can exit and bypass ptrace_bts_exit_tracee(). Could something like that work? ds_release_bts(struct bts_tracer *tracer) { struct task_struct *task = tracer->ds.context->task; do { set_task_state(task, TASK_UNINTERRUPTIBLE); while (!wait_task_inactive(task, TASK_UNINTERRUPTIBLE)); ds_suspend_bts(tracer); ds_free_bts(tracer); wake_up_process(task); } I guess it would not work in general, since task could already sleep on some event and be woken up after the do loop. I was thinking it might work for the exit race, since we don't sleep during exit, but it might have started sleeping before the SIGKILL. Isn't this a general problem for ptrace? Ptrace uses a similar pattern in ptrace_check_attach(). It stops the traced task, but that task might wake up immediately after that check. It might be scheduled in any time during a ptrace operation. In that case, must I always assume I'm operating on a running task? regards, markus. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists