From: Oleg Nesterov <oleg@redhat.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Chris Wright <chrisw@sous-sol.org>,
Roland McGrath <roland@redhat.com>,
linux-kernel@vger.kernel.org
Subject: [PATCH 1/3] ptrace: ptrace_attach: check PF_KTHREAD + exit_state instead of ->mm
Date: Wed, 6 May 2009 00:47:22 +0200 [thread overview]
Message-ID: <20090505224722.GA954@redhat.com> (raw)
- Add PF_KTHREAD check to prevent attaching to the kernel thread
with a borrowed ->mm.
With or without this change we can race with daemonize() which
can set PF_KTHREAD or clear ->mm after ptrace_attach() does the
check, but this doesn't matter because reparent_to_kthreadd()
does ptrace_unlink().
- Kill "!task->mm" check. We don't really care about ->mm != NULL,
and the task can call exit_mm() right after we drop task_lock().
What we need is to make sure we can't attach after exit_notify(),
check task->exit_state != 0 instead.
Also, move the "already traced" check down for cosmetic reasons.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
kernel/ptrace.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
--- PTRACE/kernel/ptrace.c~1_KTHREADS 2009-05-05 21:37:26.000000000 +0200
+++ PTRACE/kernel/ptrace.c 2009-05-05 23:17:53.000000000 +0200
@@ -182,6 +182,8 @@ int ptrace_attach(struct task_struct *ta
audit_ptrace(task);
retval = -EPERM;
+ if (unlikely(task->flags & PF_KTHREAD))
+ goto out;
if (same_thread_group(task, current))
goto out;
@@ -191,8 +193,6 @@ int ptrace_attach(struct task_struct *ta
retval = mutex_lock_interruptible(&task->cred_exec_mutex);
if (retval < 0)
goto out;
-
- retval = -EPERM;
repeat:
/*
* Nasty, nasty.
@@ -212,23 +212,24 @@ repeat:
goto repeat;
}
- if (!task->mm)
- goto bad;
- /* the same process cannot be attached many times */
- if (task->ptrace & PT_PTRACED)
- goto bad;
retval = __ptrace_may_access(task, PTRACE_MODE_ATTACH);
if (retval)
goto bad;
- /* Go */
+ retval = -EPERM;
+ if (unlikely(task->exit_state))
+ goto bad;
+ if (task->ptrace & PT_PTRACED)
+ goto bad;
+
task->ptrace |= PT_PTRACED;
if (capable(CAP_SYS_PTRACE))
task->ptrace |= PT_PTRACE_CAP;
__ptrace_link(task, current);
-
send_sig_info(SIGSTOP, SEND_SIG_FORCED, task);
+
+ retval = 0;
bad:
write_unlock_irqrestore(&tasklist_lock, flags);
task_unlock(task);
next reply other threads:[~2009-05-05 22:54 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-05 22:47 Oleg Nesterov [this message]
2009-05-05 23:47 ` [PATCH 1/3] ptrace: ptrace_attach: check PF_KTHREAD + exit_state instead of ->mm Andrew Morton
2009-05-05 23:57 ` Oleg Nesterov
2009-05-06 1:24 ` Andrew Morton
2009-05-06 2:06 ` Roland McGrath
2009-05-06 4:56 ` Oleg Nesterov
2009-05-06 5:03 ` Andrew Morton
2009-05-06 7:08 ` Christoph Hellwig
2009-05-06 7:41 ` Ingo Molnar
2009-05-06 2:02 ` Roland McGrath
2009-05-06 4:52 ` Oleg Nesterov
2009-05-07 5:51 ` Roland McGrath
2009-05-09 18:43 ` Oleg Nesterov
2009-05-10 23:11 ` Roland McGrath
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090505224722.GA954@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=chrisw@sous-sol.org \
--cc=linux-kernel@vger.kernel.org \
--cc=roland@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.