lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 May 2011 11:01:42 +0100
From:	Pedro Alves <pedro@...esourcery.com>
To:	Tejun Heo <tj@...nel.org>
Cc:	Oleg Nesterov <oleg@...hat.com>,
	Denys Vlasenko <vda.linux@...glemail.com>,
	jan.kratochvil@...hat.com, linux-kernel@...r.kernel.org,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	indan@....nu, bdonlan@...il.com
Subject: Re: [PATCH 03/10] ptrace: implement PTRACE_SEIZE

On Thursday 26 May 2011 10:10:41, Tejun Heo wrote:
> > Btw. Speaking of SEIZE->execvd->INTERRUPT which makes the tracee see
> > a SIGTRAP. 

I was told before that when SEIZE was in effect, there's no magic
SIGTRAP on exec.

> > Stupid question. Perhaps PTRACE_SEIZE should set
> > PT_TRACESYSGOOD | PT_TRACE_EXEC along with PT_SEIZED automatically?
> > PT_SEIZED implies the new behaviour anyway.
> 
> Yeap, it makes sense to set them by default.  

SYSGOOD makes sense, it just enables a means to distinguish syscall
SIGTRAPs from regular SIGTRAPs -- it doesn't cause child stops itself.
TRACE_EXEC, I'm not so sure.  (and it appears to have been proposed
on the premise that SEIZE would still report the SIGTRAP).
Why would that make sense, and not TRACE_FORK, for example?  I can imagine
a tracer only caring for syscall entry/exit, and not needing a special
event on exec.  IMO, any kind of event that forces a child stop that
would't happen if the child wasn't traced should have to be enabled
explicitly.

Heck, GDB passes a subset of signals straight down to
the child without informing the user (e.g., see "handle SIGALRM"
command), and it would be an improvement in
the tracer-affects-tracee's-scheduling department to have a means to
let ptrace know a tracer isn't interested in such-and-such signals.
Conversely, going with the non-intrusive tracing theme, it would
even make sense for the tracer to have to request "let me know
about signals (all or a subset) sent to tracee too"

-- 
Pedro Alves
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ