lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110302073727.GD19669@htj.dyndns.org>
Date:	Wed, 2 Mar 2011 08:37:27 +0100
From:	Tejun Heo <tj@...nel.org>
To:	Denys Vlasenko <vda.linux@...glemail.com>
Cc:	Oleg Nesterov <oleg@...hat.com>,
	Roland McGrath <roland@...hat.com>, jan.kratochvil@...hat.com,
	linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org,
	akpm@...ux-foundation.org
Subject: Re: [RFC] Proposal for ptrace improvements

On Wed, Mar 02, 2011 at 12:16:23AM +0100, Denys Vlasenko wrote:
> Let's spell this out in detail. Please correct me if
> I misunderstood your proposal:
> 
> We have a stopped task under ptrace.
> (More precisely: debugger got a WSTOPPED notification via waitpid.
> Debugger decided to emulate the job control stop, therefore it
> keeps tracee stopped, therefore it just waits on waitpid
> without doing any PTRACE_CONTs).
> 
> Another task sends SIGCONT to the tracee.
> 
> Debugger gets waitpid notification of the
> WSTOPPED, WSTOPSIG == SIGCONT form.

I think WSTOPSIG should be SIGTRAP as the tracee left group stop and
entered ptrace trap.

> Debugger can check PTRACE_GETSIGINFO, which succeeds.
> Debugger now knows it's a signal delivery notification.

No, it's not a signal delivery notification.  It's a ptrace trap
notification.  SIGCONT may not be delivered to this task.  Please
remember that it's the emission of SIGCONT which ends a group stop,
not delivery.

> (This step looks optional, since currently
> WSTOPPED, WSTOPSIG == SIGCONT combination is only possible
> on signal delivery, unlike, for example,
> WSTOPPED, WSTOPSIG == SIGSTOP, which is ambiguous).
> 
> Debugger performs PTRACE_CONT(SIGCONT) - it injects the signal.
> [Question: what if debugger doesn't? IOW: is it possible
> for debugger to suppress SIGCONTs, or not?

SIGCONT shouldn't be used here and wouldn't make any difference.
We're not in signal delivery path.

> IOW2: what should happen if debugger
> (a) does not do any PTRACE_CONT at all? or

The tracee stays stopped.

> (b) does PTRACE_CONT(<other_sig>)? or
> (c) does PTRACE_CONT(0)?

See above.

> Debugger gets WCONTINUED waitpid notification.
> [question: do we need this?]

I don't think we need this.  The tracer needs all the stopped
notifications but it doesn't need the continued notification because a
tracee is never continued without the tracer saying so.

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ