Re: [PATCH v3 0/3] ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL

Tue, 22 Jan 2013 09:53:09 -0800 

On 01/21, Oleg Nesterov wrote:
>
> On 01/21, Linus Torvalds wrote:
> >
> > I guess that works then. It's a bit sad, but at least I see why you did it.
>
> OK, please see v3 rebased on top of "unexport ptrace_check_attach()" you
> already applied.
>
> I tried to update the comment in ptrace_check_attach(), and changed unfreeze()
> to simply do WARN_ON() without if/return.

Damn. But the current "if (request != PTRACE_DETACH)" is not right,
somehow I forgot that it can fail.

I am sending "[PATCH v4 2/3]" in reply to 2/3. Or see the fixlet below.

And perhaps you were right, ptrace_unfreeze_traced() should prevent the
attach-after-detach race itself... but iiuc then it needs the full mb(),
rmb() if not enough for transitivity.

Sorry for confusion.

Oleg.

------------------------------------------------------------------------------
[PATCH v3 4/3] ptrace: if PTRACE_DETACH fails we need ptrace_unfreeze_traced()

Somehow I forgot that PTRACE_DETACH can fail if !valid_signal(data).
Fix the check before ptrace_unfreeze_traced().

Signed-off-by: Oleg Nesterov <[email protected]>
---
 kernel/ptrace.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index b6c22b5..6cbeaae 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -939,7 +939,7 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned 
long, addr,
                goto out_put_task_struct;
 
        ret = arch_ptrace(child, request, addr, data);
-       if (request != PTRACE_DETACH)
+       if (ret || request != PTRACE_DETACH)
                ptrace_unfreeze_traced(child);
 
  out_put_task_struct:
@@ -1082,7 +1082,7 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, 
compat_long_t pid,
                                  request == PTRACE_INTERRUPT);
        if (!ret) {
                ret = compat_arch_ptrace(child, request, addr, data);
-               if (request != PTRACE_DETACH)
+               if (ret || request != PTRACE_DETACH)
                        ptrace_unfreeze_traced(child);
        }
 
-- 
1.5.5.1


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Reply via email to