lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <201105201027.36688.pedro@codesourcery.com>
Date:	Fri, 20 May 2011 10:27:35 +0100
From:	Pedro Alves <pedro@...esourcery.com>
To:	Tejun Heo <tj@...nel.org>
Cc:	Denys Vlasenko <vda.linux@...glemail.com>, oleg@...hat.com,
	jan.kratochvil@...hat.com, linux-kernel@...r.kernel.org,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	indan@....nu, bdonlan@...il.com
Subject: Re: [PATCH 03/10] ptrace: implement PTRACE_SEIZE

On Friday 20 May 2011 10:07:18, Tejun Heo wrote:
> Hello, Pedro.
> 
> On Fri, May 20, 2011 at 12:00:17AM +0100, Pedro Alves wrote:
> > > > UUIC, that opens a race where between SEIZEing and
> > > > SETOPTIONS(O_TRACE FORK|VFORK|EXEC...), the tracee can
> > > > fork/vfork/clone/exec, without the tracer getting the
> > > > nice corresponding PTRACE_EVENT_ events.
> 
> Does it matter?  The order of execution isn't even well defined
> without synchronization border.  If you want full synchronization, you
> can INTERRUPT tracee.

The point I was trying to raise was not about the order of
execution, but about letting the old pre-nice PTRACE_EVENT_
events quirks stick through.

> 
> >  SEIZE,execvd,INTERRUPT (SETOPTS on interrupt)
> > 
> > will make the tracer see a SIGTRAP that 
> > 
> >  execvd,SEIZE,INTERRUPT
> > 
> > nor
> > 
> >  SEIZE,SETOPTS,execvd (SETOPTS on interrupt)
> > 
> > would cause, isn't it?
> 
> Yes, SIGTRAP on exec(2) is nasty but also is scheduled to be removed
> if SEIZED.

Okay, good to hear that.  Looks like the tracer can do:

 SEIZE,execve,SETOPTS,'readlink /proc/pid/exe'

and pretend it SEIZED after the execve.

I'm happy for now.

Thanks.

-- 
Pedro Alves
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ