Re: Ptrace documentation, draft #1

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: Tejun Heo <tj@kernel.org>
Cc: Denys Vlasenko <vda.linux@googlemail.com>,
	jan.kratochvil@redhat.com, linux-kernel@vger.kernel.org,
	torvalds@linux-foundation.org, akpm@linux-foundation.org,
	indan@nul.nu
Subject: Re: Ptrace documentation, draft #1
Date: Mon, 16 May 2011 18:53:52 +0200	[thread overview]
Message-ID: <20110516165352.GA18727@redhat.com> (raw)
In-Reply-To: <20110516155253.GA20624@htj.dyndns.org>

On 05/16, Tejun Heo wrote:
>
> On Mon, May 16, 2011 at 05:31:22PM +0200, Oleg Nesterov wrote:
> > > Kernel delivers an extra SIGTRAP to tracee after execve syscall
> > > returns. This is an ordinary signal (similar to one generated by kill
> > > -TRAP), not a special kind of ptrace-stop. If PTRACE_O_TRACEEXEC option
> > > is in effect, a PTRACE_EVENT_EXEC-stop is generated instead.
> > >
> > > ??? can this SIGTRAP be distinguished from "real" user-generated SIGTRAP
> > >     by looking at its siginfo?
> >
> > Afaics no. Well, except .si_pid shows that the signal was sent by the
> > tracing process to itself.
>
> If you do GETSIGINFO and look at si->si_code, user generated signals
> can't have non-zero value there

Hmm. The can? sys_kill() sets si_code = 0, but tkill() or queueinfo()
can pass any si_code < 0. Also, the kernel can generate the signal
with si_code > 0.

> so, if si->si_code contains SIGTRAP |
> PTRACE_EVENT_* << 8,

But in this case (without PT_TRACE_EXEC) the tracee simply sends SIGTRAP
to itself. It will be reported later like a normal signal.

> > Yes. Except syscall entry/exit. But in this case SET_SIGINFO doesn't work
> > to add more confusion ;)
>
> Yeah, I hate these signal injections.

Welcome to the club!

> Maybe we can remove these if
> SEIZED?

Heh... I am not sure.

> > > 	ptrace(PTRACE_cmd, pid, 0, sig);
> > > where cmd is CONT, DETACH, SYSCALL, SINGLESTEP, SYSEMU,
> > > SYSEMU_SINGLESTEP. If tracee is in signal-delivery-stop, sig is the
> > > signal to be injected. Otherwise, sig is ignored.
> >
> > There is another special case. If the tracee single-stepps into the
> > signal handler, it reports SIGTRAP as if it recieved this SIGNAL.
> > But ptrace(PTRACE, ..., sig) doesn't inject after that.
>
> Ditto as PTRACE_SYSCALL.

Hmm. What do you mean? tracehook_report_syscall_exit() can skip
ptrace_report_syscall() if step, but this is another story. And in this
case the tracee sends the real signal to itself, unlike
tracehook_signal_handler() which does ptrace_notify().

> I think resuming from signal delivery trap
> should be the only place where @data means signo.

Agreed, it would be more clean/simple/understandable.

> > >     Is signal injected if they were in signal-delivery-stop?
> >
> > Yes, The tracee resumes and handles the previously reported signal.
>
> Please note that this one really isn't an injection.  It's just given
> a chance to either suppress or alter a signal which is being
> delivered.  It's not creating a new one.

Yes, agreed, we do not create the new one.

Oleg.

next prev parent reply	other threads:[~2011-05-16 17:07 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-05-15 20:35 Ptrace documentation, draft #1 Denys Vlasenko
2011-05-16  9:15 ` Tejun Heo
2011-05-16 15:31 ` Oleg Nesterov
2011-05-16 15:52   ` Tejun Heo
2011-05-16 16:53     ` Oleg Nesterov [this message]
2011-05-16 17:20       ` Tejun Heo
2011-05-16 17:48         ` Oleg Nesterov
2011-05-18 15:02       ` Denys Vlasenko
2011-05-18 15:02   ` Denys Vlasenko
2011-05-19 19:49     ` Oleg Nesterov
2011-05-20 18:02       ` Denys Vlasenko
2011-05-23 12:10         ` Oleg Nesterov
2011-05-23 14:10           ` ptrace_resume->wake_up_process (Was: Ptrace documentation, draft #1) Oleg Nesterov
2011-05-23 16:17             ` Linus Torvalds
2011-05-23 17:23               ` Oleg Nesterov
2011-05-25 20:08                 ` [GIT PULL] PTRACE_KILL/wakeup fix for v2.6.40 Oleg Nesterov
2011-05-23 17:05             ` [PATCH 0/2] Was: ptrace_resume->wake_up_process Oleg Nesterov
2011-05-23 17:05               ` [PATCH 1/2] ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread Oleg Nesterov
2011-05-23 17:05               ` [PATCH 2/2] signal: sys_pause() should check signal_pending() Oleg Nesterov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20110516165352.GA18727@redhat.com \
    --to=oleg@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=indan@nul.nu \
    --cc=jan.kratochvil@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=tj@kernel.org \
    --cc=torvalds@linux-foundation.org \
    --cc=vda.linux@googlemail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.