From: Pavel Machek <pavel@ucw.cz>
To: Oleg Nesterov <oleg@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>,
LKML <linux-kernel@vger.kernel.org>,
Roland McGrath <roland@hack.frob.com>,
syzkaller@googlegroups.com, Kostya Serebryany <kcc@google.com>,
Alexander Potapenko <glider@google.com>,
Robert Swiecki <swiecki@google.com>,
Kees Cook <keescook@google.com>, Julien Tinnes <jln@google.com>,
Eric Dumazet <edumazet@google.com>
Subject: Re: Unkillable processes due to PTRACE_TRACEME
Date: Thu, 3 Dec 2015 21:56:13 +0100 [thread overview]
Message-ID: <20151203205613.GC14427@amd> (raw)
In-Reply-To: <20151020105539.GA27706@redhat.com>
Hi!
> > >> waitid(P_ALL, 0, {}, WNOHANG|WEXITED|WSTOPPED|WCONTINUED, NULL) = 0
> > >>
> > >> So what should be fixed here? Kernel of distro init?
> > >
> > > waitpid(__WALL) indeed joins these processes.
>
> Thanks. And I just checked Fedora 22, it doesn't use __WALL too.
>
> So I think we should change the kernel even if this is not a bug...
> I'll send the patch.
>
> > > But __WALL can't be used with waitid and Ubuntu init uses waitid...
>
> Yes, and I never understood why. Perhaps we should change this too.
>
> > #include <pthread.h>
> > #include <unistd.h>
> > #include <sys/ptrace.h>
> > #include <stdio.h>
> > #include <errno.h>
> > #include <signal.h>
> > #include <sys/types.h>
> > #include <sys/wait.h>
> >
> > void *thr(void *arg) {
> > ptrace(PTRACE_TRACEME, 0, 0, 0);
> > return 0;
> > }
> >
> > int main() {
> > int pid = fork();
> > if (pid == 0) {
> > pthread_t th;
> > pthread_create(&th, 0, thr, 0);
> > sleep(1);
> > return 0;
> > }
> > siginfo_t info = {};
> > int status = 0;
> > int res = waitpid(-1, &status, __WALL);
> > printf("pid=%d res=%d errno=%d\n", pid, res, errno);
> > res = waitpid(-1, &status, __WALL);
> > printf("pid=%d res=%d errno=%d\n", pid, res, errno);
> > return 0;
> > }
> >
> >
> > However, I need to wait for a particular child and if I change the
> > first waitpid to:
> >
> > int res = waitpid(pid, &status, __WALL);
> >
> > then it does not terminate.
> > So how can I wait for such child process?
>
> You can't. This is one of historical oddities. You need to reap the
> traced sub-thread first. And PTRACE_DETACH doesn't work.
If kill -9 does not take out the process, surely that sounds like a
security problem?
I know ptrace is old and tricky and ugly, but ....?
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
next prev parent reply other threads:[~2015-12-03 20:56 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-19 17:53 Unkillable processes due to PTRACE_TRACEME Dmitry Vyukov
2015-10-19 19:49 ` Oleg Nesterov
2015-10-19 20:17 ` Dmitry Vyukov
2015-10-20 8:34 ` Dmitry Vyukov
2015-10-20 8:39 ` Dmitry Vyukov
2015-10-20 10:55 ` Oleg Nesterov
2015-12-03 20:56 ` Pavel Machek [this message]
2015-12-04 19:02 ` Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151203205613.GC14427@amd \
--to=pavel@ucw.cz \
--cc=dvyukov@google.com \
--cc=edumazet@google.com \
--cc=glider@google.com \
--cc=jln@google.com \
--cc=kcc@google.com \
--cc=keescook@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=roland@hack.frob.com \
--cc=swiecki@google.com \
--cc=syzkaller@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.