* [PATCH 1/2] dtprobed: handle a crashed parser child better
@ 2025-01-16 21:33 Nick Alcock
2025-01-16 21:33 ` [PATCH 2/2] libcommon: turn off FORTIFY_SOURCE more aggressively Nick Alcock
2025-01-16 22:08 ` [DTrace-devel] [PATCH 1/2] dtprobed: handle a crashed parser child better Kris Van Hees
0 siblings, 2 replies; 4+ messages in thread
From: Nick Alcock @ 2025-01-16 21:33 UTC (permalink / raw)
To: dtrace, dtrace-devel
When a parser child crashes and is restarted, its file handles
might change: we should pick up the new fhes if so.
Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
---
dtprobed/dtprobed.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/dtprobed/dtprobed.c b/dtprobed/dtprobed.c
index 86865eb467b67..c0597b7329d37 100644
--- a/dtprobed/dtprobed.c
+++ b/dtprobed/dtprobed.c
@@ -769,7 +769,13 @@ process_dof(pid_t pid, int out, int in, dev_t dev, ino_t inum, dev_t exec_dev,
if (!provider) {
if (tries++ > 1)
goto err;
+ /*
+ * Tidying reopens the parser in and out pipes: catch
+ * up with this.
+ */
dof_parser_tidy(1);
+ out = parser_out_pipe;
+ in = parser_in_pipe;
continue;
}
if (provider->type != DIT_PROVIDER && provider->type != DIT_EOF)
--
2.47.1.279.g84c5f4e78e
^ permalink raw reply related [flat|nested] 4+ messages in thread* [PATCH 2/2] libcommon: turn off FORTIFY_SOURCE more aggressively
2025-01-16 21:33 [PATCH 1/2] dtprobed: handle a crashed parser child better Nick Alcock
@ 2025-01-16 21:33 ` Nick Alcock
2025-01-16 22:09 ` Kris Van Hees
2025-01-16 22:08 ` [DTrace-devel] [PATCH 1/2] dtprobed: handle a crashed parser child better Kris Van Hees
1 sibling, 1 reply; 4+ messages in thread
From: Nick Alcock @ 2025-01-16 21:33 UTC (permalink / raw)
To: dtrace, dtrace-devel
This is incompatible with dof_parser_t's use of trailing strings of
variable length, and buys us nothing anyway since we're running in a
seccomped parser child and any buffer overruns are harmless and cannot
result in anything other than a dying child. We were already -U'ing
FORTIFY_SOURCE in libcommon_CPPFLAGS, but that precedes CFLAGS on the
command line, so if the build system passes -D_FORTIFY_SOURCE there, it
still takes effect.
Use _NOCFLAGS and _NOCPPFLAGS to explicitly disable every level of
fortification that currently exists.
Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
---
libcommon/Build | 2 ++
1 file changed, 2 insertions(+)
diff --git a/libcommon/Build b/libcommon/Build
index fd54dc044f9af..00c0d46d125e4 100644
--- a/libcommon/Build
+++ b/libcommon/Build
@@ -10,4 +10,6 @@ libcommon_TARGET = libcommon
libcommon_DIR := $(current-dir)
libcommon_CPPFLAGS := -Ilibcommon -Ilibproc -U_FORTIFY_SOURCE
libcommon_SOURCES = dof_parser.c dof_parser_host.c dt_list.c
+libcommon_NOCFLAGS := -D_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=3
+libcommon_NOCPPFLAGS := -D_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=3
libcommon_LIBSOURCES = libcommon
--
2.47.1.279.g84c5f4e78e
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 2/2] libcommon: turn off FORTIFY_SOURCE more aggressively
2025-01-16 21:33 ` [PATCH 2/2] libcommon: turn off FORTIFY_SOURCE more aggressively Nick Alcock
@ 2025-01-16 22:09 ` Kris Van Hees
0 siblings, 0 replies; 4+ messages in thread
From: Kris Van Hees @ 2025-01-16 22:09 UTC (permalink / raw)
To: Nick Alcock; +Cc: dtrace, dtrace-devel
On Thu, Jan 16, 2025 at 09:33:32PM +0000, Nick Alcock wrote:
> This is incompatible with dof_parser_t's use of trailing strings of
> variable length, and buys us nothing anyway since we're running in a
> seccomped parser child and any buffer overruns are harmless and cannot
> result in anything other than a dying child. We were already -U'ing
> FORTIFY_SOURCE in libcommon_CPPFLAGS, but that precedes CFLAGS on the
> command line, so if the build system passes -D_FORTIFY_SOURCE there, it
> still takes effect.
>
> Use _NOCFLAGS and _NOCPPFLAGS to explicitly disable every level of
> fortification that currently exists.
>
> Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees@oracle.com>
> ---
> libcommon/Build | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/libcommon/Build b/libcommon/Build
> index fd54dc044f9af..00c0d46d125e4 100644
> --- a/libcommon/Build
> +++ b/libcommon/Build
> @@ -10,4 +10,6 @@ libcommon_TARGET = libcommon
> libcommon_DIR := $(current-dir)
> libcommon_CPPFLAGS := -Ilibcommon -Ilibproc -U_FORTIFY_SOURCE
> libcommon_SOURCES = dof_parser.c dof_parser_host.c dt_list.c
> +libcommon_NOCFLAGS := -D_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=3
> +libcommon_NOCPPFLAGS := -D_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 -D_FORTIFY_SOURCE=2 -D_FORTIFY_SOURCE=3
> libcommon_LIBSOURCES = libcommon
> --
> 2.47.1.279.g84c5f4e78e
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [DTrace-devel] [PATCH 1/2] dtprobed: handle a crashed parser child better
2025-01-16 21:33 [PATCH 1/2] dtprobed: handle a crashed parser child better Nick Alcock
2025-01-16 21:33 ` [PATCH 2/2] libcommon: turn off FORTIFY_SOURCE more aggressively Nick Alcock
@ 2025-01-16 22:08 ` Kris Van Hees
1 sibling, 0 replies; 4+ messages in thread
From: Kris Van Hees @ 2025-01-16 22:08 UTC (permalink / raw)
To: Nick Alcock; +Cc: dtrace, dtrace-devel
On Thu, Jan 16, 2025 at 09:33:31PM +0000, Nick Alcock via DTrace-devel wrote:
> When a parser child crashes and is restarted, its file handles
> might change: we should pick up the new fhes if so.
>
> Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees@oracle.com>
> ---
> dtprobed/dtprobed.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/dtprobed/dtprobed.c b/dtprobed/dtprobed.c
> index 86865eb467b67..c0597b7329d37 100644
> --- a/dtprobed/dtprobed.c
> +++ b/dtprobed/dtprobed.c
> @@ -769,7 +769,13 @@ process_dof(pid_t pid, int out, int in, dev_t dev, ino_t inum, dev_t exec_dev,
> if (!provider) {
> if (tries++ > 1)
> goto err;
> + /*
> + * Tidying reopens the parser in and out pipes: catch
> + * up with this.
> + */
> dof_parser_tidy(1);
> + out = parser_out_pipe;
> + in = parser_in_pipe;
> continue;
> }
> if (provider->type != DIT_PROVIDER && provider->type != DIT_EOF)
> --
> 2.47.1.279.g84c5f4e78e
>
>
> _______________________________________________
> DTrace-devel mailing list
> DTrace-devel@oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/dtrace-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2025-01-16 22:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-01-16 21:33 [PATCH 1/2] dtprobed: handle a crashed parser child better Nick Alcock
2025-01-16 21:33 ` [PATCH 2/2] libcommon: turn off FORTIFY_SOURCE more aggressively Nick Alcock
2025-01-16 22:09 ` Kris Van Hees
2025-01-16 22:08 ` [DTrace-devel] [PATCH 1/2] dtprobed: handle a crashed parser child better Kris Van Hees
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox