lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 20 May 2011 00:00:17 +0100
From:	Pedro Alves <pedro@...esourcery.com>
To:	Denys Vlasenko <vda.linux@...glemail.com>
Cc:	Tejun Heo <tj@...nel.org>, oleg@...hat.com,
	jan.kratochvil@...hat.com, linux-kernel@...r.kernel.org,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	indan@....nu, bdonlan@...il.com
Subject: Re: [PATCH 03/10] ptrace: implement PTRACE_SEIZE

On Thursday 19 May 2011 23:42:12, Denys Vlasenko wrote:
> On Thursday 19 May 2011 21:31, Pedro Alves wrote:
> > On Thursday 19 May 2011 15:17:28, Tejun Heo wrote:
> > > But making SEIZE not trigger INTERRUPT and SETOPTIONS without
> > > requiring TRACED don't seem too difficult.  Jan, would that be enough?
> > > Oleg, what do you think?
> > 
> > UUIC, that opens a race where between SEIZEing and
> > SETOPTIONS(O_TRACE FORK|VFORK|EXEC...), the tracee can
> > fork/vfork/clone/exec, without the tracer getting the
> > nice corresponding PTRACE_EVENT_ events.
> 
> SEIZE,fork-in-tracee,INTERRUPT sequence is indistinguishable
> from SEIZE happening two microseconds later:
> 
> fork-in-tracee,SEIZE,INTERRUPT

 SEIZE,execvd,INTERRUPT (SETOPTS on interrupt)

will make the tracer see a SIGTRAP that 

 execvd,SEIZE,INTERRUPT

nor

 SEIZE,SETOPTS,execvd (SETOPTS on interrupt)

would cause, isn't it?

Now, if it were possible for the tracer to set the
default OPTS _before_ PTRACE_ATTACH/PTRACE_SEIZE...

> 
> > In GDBs case, GDB will want to poke at memory
> > right after attaching
> 
> ...where "right after attaching" is defined as "when the first ptrace-stop
> is reported". Which will happen very soon.

Hmm?  Why would it happen very soon?  Isn't the point of SEIZE not
interrupting that you'd not get any INTERRUPT or stop at all?
Where is the ptrace-stop coming from?

-- 
Pedro Alves
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists