From: Oleg Nesterov <oleg@redhat.com>
To: Tejun Heo <tj@kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Cc: vda.linux@googlemail.com, jan.kratochvil@redhat.com,
pedro@codesourcery.com, linux-kernel@vger.kernel.org
Subject: [PATCH 1/3] ptrace: ptrace_reparented() should check same_thread_group()
Date: Fri, 24 Jun 2011 17:34:06 +0200 [thread overview]
Message-ID: <20110624153406.GB9346@redhat.com> (raw)
In-Reply-To: <20110624153330.GA9346@redhat.com>
ptrace_reparented() naively does parent != real_parent, this means
it returns true even if the tracer _is_ the real parent. This is per
process thing, not per-thread. The only reason ->real_parent can
point to the non-leader thread is that we have __WNOTHREAD.
Change it to check !same_thread_group(parent, real_parent).
It has two callers, and in both cases the current check does not
look right.
exit_notify: we should respect ->exit_signal if the exiting leader
is traced by any thread from the parent thread group. It is the
child of the whole group, and we are going to send the signal to
the whole group.
wait_task_zombie: without __WNOTHREAD do_wait() should do the same
for any thread, only sys_ptrace() is "bound" to the single thread.
However do_wait(WEXITED) succeeds but does not release a traced
natural child unless the caller is the tracer.
Test-case:
void *tfunc(void *arg)
{
assert(ptrace(PTRACE_ATTACH, (long)arg, 0,0) == 0);
pause();
return NULL;
}
int main(void)
{
pthread_t thr;
pid_t pid, stat, ret;
pid = fork();
if (!pid) {
pause();
assert(0);
}
assert(pthread_create(&thr, NULL, tfunc, (void*)(long)pid) == 0);
assert(waitpid(-1, &stat, 0) == pid);
assert(WIFSTOPPED(stat));
kill(pid, SIGKILL);
assert(waitpid(-1, &stat, 0) == pid);
assert(WIFSIGNALED(stat) && WTERMSIG(stat) == SIGKILL);
ret = waitpid(pid, &stat, 0);
if (ret < 0)
return 0;
printf("WTF? %d is dead, but: wait=%d stat=%x\n",
pid, ret, stat);
return 1;
}
Note that the main thread simply does
pid = fork();
kill(pid, SIGKILL);
and then without the patch wait4(WEXITED) succeeds twice and reports
WTERMSIG(stat) == SIGKILL.
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
---
include/linux/ptrace.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- ptrace/include/linux/ptrace.h~9_ptrace_reparanted_sg 2011-06-22 19:24:13.000000000 +0200
+++ ptrace/include/linux/ptrace.h 2011-06-23 19:21:00.000000000 +0200
@@ -136,7 +136,7 @@ extern bool ptrace_may_access(struct tas
static inline int ptrace_reparented(struct task_struct *child)
{
- return child->real_parent != child->parent;
+ return !same_thread_group(child->real_parent, child->parent);
}
static inline void ptrace_unlink(struct task_struct *child)
next prev parent reply other threads:[~2011-06-24 15:36 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-24 15:33 [PATCH 0/3] ptrace_reparented fixes/cleanups Oleg Nesterov
2011-06-24 15:34 ` Oleg Nesterov [this message]
2011-06-25 13:43 ` [PATCH 1/3] ptrace: ptrace_reparented() should check same_thread_group() Tejun Heo
2011-06-26 21:08 ` Oleg Nesterov
2011-06-24 15:34 ` [PATCH 2/3] ptrace: kill real_parent_is_ptracer() in in favor of ptrace_reparented() Oleg Nesterov
2011-06-25 13:49 ` Tejun Heo
2011-06-24 15:34 ` [PATCH 3/3] ptrace: wait_consider_task: s/same_thread_group/ptrace_reparented/ Oleg Nesterov
2011-06-25 13:52 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110624153406.GB9346@redhat.com \
--to=oleg@redhat.com \
--cc=jan.kratochvil@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=pedro@codesourcery.com \
--cc=tj@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vda.linux@googlemail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox