lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTin1ufNRPx173HgxD5jbPy3m6kK2-2ppU-jqPx0F@mail.gmail.com>
Date:	Mon, 14 Feb 2011 18:05:03 +0100
From:	Denys Vlasenko <vda.linux@...glemail.com>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	Tejun Heo <tj@...nel.org>, Roland McGrath <roland@...hat.com>,
	jan.kratochvil@...hat.com, linux-kernel@...r.kernel.org,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org
Subject: Re: [PATCH 1/1] ptrace: make sure do_wait() won't hang after PTRACE_ATTACH

On Mon, Feb 14, 2011 at 4:06 PM, Oleg Nesterov <oleg@...hat.com> wrote:
> On 02/13, Denys Vlasenko wrote:
>>
>> For example, PTRACE_DETACH requires tracee to be stopped to succeed.
>> If debugger tries to detach while the tracee is running, it will get
>> an error. This forces debugger to do stupid things like sending SIGSTOP,
>> then waiting for tracee to stop, then doing PTRACE_DETACH, then
>> sending SIGCONT. Of course, while this dance is performed,
>> any SIGSTOPs/SIGCONTs which may be  sent to the tracee by other processes
>> are totally disrupted by this.
>
> Yes.
>
>> The natural (for me) fix is to make PTRACE_DETACH work even on running
>> tracee. It simply makes a lot of sense. Why on earth do we need tracee
>> to be stopped? There is no reason.
>
> Agreed, but
>
>> But this is a change in ptrace behavior, and therefore is not acceptable
>> for Roland.
>
> I agree with Roland. Not only this is too visible change, it is not clear
> what detach-with-signal can do if the tracee is not stopped.
>
> This was (very briefly) discussed recently. Probably we can implement
> PTRACE_DETACH_RUNNING (the name is random) which doesn't require the
> stopped tracee but ignores the "data" argument.

IIRC data argument is already ignored by PTRACE_CONT if it is issued in
the ptrace stop which wasn't caused by signal delivery to the tracee.

Basically, *if debugger sees SIGfoo*, it can either allow it:
ptrace(PTRACE_CONT, ...,  SIGfoo);
ignore it:
ptrace(PTRACE_CONT, ...,  0);
or even inject some other signal:
ptrace(PTRACE_CONT, ...,  SIGbar);

but if it resumes tracee from, say, post-execve ptrace stop,
it can't inject a signal: last ptrace() argument will be ignored.

So, it isn't a new precedent to make
ptrace(PTRACE_DETACH, ...,  <something>);
to ignore <something> if tracee isn't in signal-delivery-induced ptrace stop.
In particular, if it isn't in any stop at all, if it's running.

-- 
vda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ