[PATCH 1/2] ptrace: the killed tracee should not enter the syscall

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: Denys Vlasenko <vda.linux@googlemail.com>,
	Andrew Morton <akpm@linux-foundation.org>
Cc: Tejun Heo <tj@kernel.org>, Pedro Alves <palves@redhat.com>,
	Jan Kratochvil <jan.kratochvil@redhat.com>,
	linux-kernel@vger.kernel.org, Chris Evans <scarybeasts@gmail.com>,
	Indan Zupancic <indan@nul.nu>
Subject: [PATCH 1/2] ptrace: the killed tracee should not enter the syscall
Date: Fri, 10 Feb 2012 18:32:59 +0100	[thread overview]
Message-ID: <20120210173259.GG8908@redhat.com> (raw)
In-Reply-To: <20120210173237.GF8908@redhat.com>

Another old/known problem. If the tracee is killed after it reports
syscall_entry, it starts the syscall and debugger can't control this.
This confuses the users and this creates the security problems for
ptrace jailers.

Change tracehook_report_syscall_entry() to return non-zero if killed,
this instructs syscall_trace_enter() to abort the syscall.

Reported-by: Chris Evans <scarybeasts@gmail.com>
Tested-by: Indan Zupancic <indan@nul.nu>
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
 include/linux/tracehook.h |    9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/include/linux/tracehook.h b/include/linux/tracehook.h
index a71a292..51bd91d 100644
--- a/include/linux/tracehook.h
+++ b/include/linux/tracehook.h
@@ -54,12 +54,12 @@ struct linux_binprm;
 /*
  * ptrace report for syscall entry and exit looks identical.
  */
-static inline void ptrace_report_syscall(struct pt_regs *regs)
+static inline int ptrace_report_syscall(struct pt_regs *regs)
 {
 	int ptrace = current->ptrace;
 
 	if (!(ptrace & PT_PTRACED))
-		return;
+		return 0;
 
 	ptrace_notify(SIGTRAP | ((ptrace & PT_TRACESYSGOOD) ? 0x80 : 0));
 
@@ -72,6 +72,8 @@ static inline void ptrace_report_syscall(struct pt_regs *regs)
 		send_sig(current->exit_code, current, 1);
 		current->exit_code = 0;
 	}
+
+	return fatal_signal_pending(current);
 }
 
 /**
@@ -96,8 +98,7 @@ static inline void ptrace_report_syscall(struct pt_regs *regs)
 static inline __must_check int tracehook_report_syscall_entry(
 	struct pt_regs *regs)
 {
-	ptrace_report_syscall(regs);
-	return 0;
+	return ptrace_report_syscall(regs);
 }
 
 /**
-- 
1.5.5.1

next prev parent reply	other threads:[~2012-02-10 17:39 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-02-10 14:43 [PATCH 0/5] ptrace tweaks Denys Vlasenko
2012-02-10 14:43 ` [PATCH 1/5] ptrace: don't modify flags on PTRACE_SETOPTIONS failure Denys Vlasenko
2012-02-10 14:43   ` [PATCH 2/5] ptrace: simplify PTRACE_foo constants and PTRACE_SETOPTIONS code Denys Vlasenko
2012-02-10 14:43     ` [PATCH 3/5] ptrace: make PTRACE_SEIZE set ptrace options specified in 'data' parameter Denys Vlasenko
2012-02-10 14:43       ` [PATCH 4/5] ptrace: renumber PTRACE_EVENT_STOP so that future new options and events can match Denys Vlasenko
2012-02-10 14:43         ` [PATCH 5/5] ptrace: remove PTRACE_SEIZE_DEVEL bit Denys Vlasenko
2012-02-10 17:24           ` Oleg Nesterov
2012-02-10 17:46             ` Pedro Alves
2012-02-10 17:42               ` Oleg Nesterov
2012-02-10 17:49                 ` Pedro Alves
2012-02-10 19:21             ` Tejun Heo
2012-02-10 17:19         ` [PATCH 4/5] ptrace: renumber PTRACE_EVENT_STOP so that future new options and events can match Oleg Nesterov
2012-02-10 15:57       ` [PATCH 3/5] ptrace: make PTRACE_SEIZE set ptrace options specified in 'data' parameter Oleg Nesterov
2012-02-10 16:34         ` Denys Vlasenko
2012-02-10 16:36         ` [PATCH v2 " Denys Vlasenko
2012-02-10 17:20           ` Oleg Nesterov
2012-02-10 17:17     ` [PATCH 2/5] ptrace: simplify PTRACE_foo constants and PTRACE_SETOPTIONS code Oleg Nesterov
2012-02-10 17:17   ` [PATCH 1/5] ptrace: don't modify flags on PTRACE_SETOPTIONS failure Oleg Nesterov
2012-02-10 17:32 ` [PATCH 0/2] more tweaks (Was: ptrace tweaks) Oleg Nesterov
2012-02-10 17:32   ` Oleg Nesterov [this message]
2012-02-10 17:33   ` [PATCH 2/2] ptrace: don't send SIGTRAP on exec if SEIZED Oleg Nesterov
2012-02-10 17:48   ` [PATCH 0/2] more tweaks (Was: ptrace tweaks) Pedro Alves

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:a71a292 dfblob:51bd91d )
 OR (
bs:"[PATCH 1/2] ptrace: the killed tracee should not enter the syscall" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120210173259.GG8908@redhat.com \
    --to=oleg@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=indan@nul.nu \
    --cc=jan.kratochvil@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=palves@redhat.com \
    --cc=scarybeasts@gmail.com \
    --cc=tj@kernel.org \
    --cc=vda.linux@googlemail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.