| Message ID | AM6PR03MB51703199741A2C27A78980FFE4FF0@AM6PR03MB5170.eurprd03.prod.outlook.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [1/4] exec: Fix a deadlock in ptrace | expand |
On Tue, Mar 10, 2020 at 02:44:01PM +0100, Bernd Edlinger wrote: > This adds test cases for ptrace deadlocks. > > Additionally fixes a compile problem in get_syscall_info.c, > observed with gcc-4.8.4: > > get_syscall_info.c: In function 'get_syscall_info': > get_syscall_info.c:93:3: error: 'for' loop initial declarations are only > allowed in C99 mode > for (unsigned int i = 0; i < ARRAY_SIZE(args); ++i) { > ^ > get_syscall_info.c:93:3: note: use option -std=c99 or -std=gnu99 to compile > your code *discomfort noises* (see below) > > Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de> > --- > tools/testing/selftests/ptrace/Makefile | 4 +- > tools/testing/selftests/ptrace/vmaccess.c | 86 +++++++++++++++++++++++++++++++ > 2 files changed, 88 insertions(+), 2 deletions(-) > create mode 100644 tools/testing/selftests/ptrace/vmaccess.c > > diff --git a/tools/testing/selftests/ptrace/Makefile b/tools/testing/selftests/ptrace/Makefile > index c0b7f89..2f1f532 100644 > --- a/tools/testing/selftests/ptrace/Makefile > +++ b/tools/testing/selftests/ptrace/Makefile > @@ -1,6 +1,6 @@ > # SPDX-License-Identifier: GPL-2.0-only > -CFLAGS += -iquote../../../../include/uapi -Wall > +CFLAGS += -std=c99 -pthread -iquote../../../../include/uapi -Wall This isn't the common solution in the kernel (the variable declaration would just be lifted out of the loop), but as it's selftest code, which does lots of special things ... I *guess* this is okay. > > -TEST_GEN_PROGS := get_syscall_info peeksiginfo > +TEST_GEN_PROGS := get_syscall_info peeksiginfo vmaccess I love having this deadlock test added to the selftests. I think I need to make an improvement to the test harness, though, as the failure mode right now just blows up after the 30 second timeout and leaves this deadlocked: $ ./vmaccess [==========] Running 2 tests from 1 test cases. [ RUN ] global.vmaccess Alarm clock $ ps PID TTY TIME CMD 2605 pts/0 00:00:00 bash 23360 pts/0 00:00:00 vmaccess 23361 pts/0 00:00:00 vmaccess 23363 pts/0 00:00:00 ps But that's mostly unrelated to this code. Reviewed-by: Kees Cook <keescook@chromium.org> -Kees > > include ../lib.mk > diff --git a/tools/testing/selftests/ptrace/vmaccess.c b/tools/testing/selftests/ptrace/vmaccess.c > new file mode 100644 > index 0000000..4db327b > --- /dev/null > +++ b/tools/testing/selftests/ptrace/vmaccess.c > @@ -0,0 +1,86 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Copyright (c) 2020 Bernd Edlinger <bernd.edlinger@hotmail.de> > + * All rights reserved. > + * > + * Check whether /proc/$pid/mem can be accessed without causing deadlocks > + * when de_thread is blocked with ->cred_guard_mutex held. > + */ > + > +#include "../kselftest_harness.h" > +#include <stdio.h> > +#include <fcntl.h> > +#include <pthread.h> > +#include <signal.h> > +#include <unistd.h> > +#include <sys/ptrace.h> > + > +static void *thread(void *arg) > +{ > + ptrace(PTRACE_TRACEME, 0, 0L, 0L); > + return NULL; > +} > + > +TEST(vmaccess) > +{ > + int f, pid = fork(); > + char mm[64]; > + > + if (!pid) { > + pthread_t pt; > + > + pthread_create(&pt, NULL, thread, NULL); > + pthread_join(pt, NULL); > + execlp("true", "true", NULL); > + } > + > + sleep(1); > + sprintf(mm, "/proc/%d/mem", pid); > + f = open(mm, O_RDONLY); > + ASSERT_GE(f, 0); > + close(f); > + f = kill(pid, SIGCONT); > + ASSERT_EQ(f, 0); > +} > + > +TEST(attach) > +{ > + int s, k, pid = fork(); > + > + if (!pid) { > + pthread_t pt; > + > + pthread_create(&pt, NULL, thread, NULL); > + pthread_join(pt, NULL); > + execlp("sleep", "sleep", "2", NULL); > + } > + > + sleep(1); > + k = ptrace(PTRACE_ATTACH, pid, 0L, 0L); > + ASSERT_EQ(errno, EAGAIN); > + ASSERT_EQ(k, -1); > + k = waitpid(-1, &s, WNOHANG); > + ASSERT_NE(k, -1); > + ASSERT_NE(k, 0); > + ASSERT_NE(k, pid); > + ASSERT_EQ(WIFEXITED(s), 1); > + ASSERT_EQ(WEXITSTATUS(s), 0); > + sleep(1); > + k = ptrace(PTRACE_ATTACH, pid, 0L, 0L); > + ASSERT_EQ(k, 0); > + k = waitpid(-1, &s, 0); > + ASSERT_EQ(k, pid); > + ASSERT_EQ(WIFSTOPPED(s), 1); > + ASSERT_EQ(WSTOPSIG(s), SIGSTOP); > + k = ptrace(PTRACE_DETACH, pid, 0L, 0L); > + ASSERT_EQ(k, 0); > + k = waitpid(-1, &s, 0); > + ASSERT_EQ(k, pid); > + ASSERT_EQ(WIFEXITED(s), 1); > + ASSERT_EQ(WEXITSTATUS(s), 0); > + k = waitpid(-1, NULL, 0); > + ASSERT_EQ(k, -1); > + ASSERT_EQ(errno, ECHILD); > +} > + > +TEST_HARNESS_MAIN > -- > 1.9.1
On Tue, Mar 10, 2020 at 02:44:01PM +0100, Bernd Edlinger wrote: > This adds test cases for ptrace deadlocks. > > Additionally fixes a compile problem in get_syscall_info.c, > observed with gcc-4.8.4: > > get_syscall_info.c: In function 'get_syscall_info': > get_syscall_info.c:93:3: error: 'for' loop initial declarations are only > allowed in C99 mode > for (unsigned int i = 0; i < ARRAY_SIZE(args); ++i) { > ^ > get_syscall_info.c:93:3: note: use option -std=c99 or -std=gnu99 to compile > your code [...] > @@ -1,6 +1,6 @@ > # SPDX-License-Identifier: GPL-2.0-only > -CFLAGS += -iquote../../../../include/uapi -Wall > +CFLAGS += -std=c99 -pthread -iquote../../../../include/uapi -Wall Wouldn't it be better to choose -std=gnu99 over -std=c99?
diff --git a/tools/testing/selftests/ptrace/Makefile b/tools/testing/selftests/ptrace/Makefile index c0b7f89..2f1f532 100644 --- a/tools/testing/selftests/ptrace/Makefile +++ b/tools/testing/selftests/ptrace/Makefile @@ -1,6 +1,6 @@ # SPDX-License-Identifier: GPL-2.0-only -CFLAGS += -iquote../../../../include/uapi -Wall +CFLAGS += -std=c99 -pthread -iquote../../../../include/uapi -Wall -TEST_GEN_PROGS := get_syscall_info peeksiginfo +TEST_GEN_PROGS := get_syscall_info peeksiginfo vmaccess include ../lib.mk diff --git a/tools/testing/selftests/ptrace/vmaccess.c b/tools/testing/selftests/ptrace/vmaccess.c new file mode 100644 index 0000000..4db327b --- /dev/null +++ b/tools/testing/selftests/ptrace/vmaccess.c @@ -0,0 +1,86 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2020 Bernd Edlinger <bernd.edlinger@hotmail.de> + * All rights reserved. + * + * Check whether /proc/$pid/mem can be accessed without causing deadlocks + * when de_thread is blocked with ->cred_guard_mutex held. + */ + +#include "../kselftest_harness.h" +#include <stdio.h> +#include <fcntl.h> +#include <pthread.h> +#include <signal.h> +#include <unistd.h> +#include <sys/ptrace.h> + +static void *thread(void *arg) +{ + ptrace(PTRACE_TRACEME, 0, 0L, 0L); + return NULL; +} + +TEST(vmaccess) +{ + int f, pid = fork(); + char mm[64]; + + if (!pid) { + pthread_t pt; + + pthread_create(&pt, NULL, thread, NULL); + pthread_join(pt, NULL); + execlp("true", "true", NULL); + } + + sleep(1); + sprintf(mm, "/proc/%d/mem", pid); + f = open(mm, O_RDONLY); + ASSERT_GE(f, 0); + close(f); + f = kill(pid, SIGCONT); + ASSERT_EQ(f, 0); +} + +TEST(attach) +{ + int s, k, pid = fork(); + + if (!pid) { + pthread_t pt; + + pthread_create(&pt, NULL, thread, NULL); + pthread_join(pt, NULL); + execlp("sleep", "sleep", "2", NULL); + } + + sleep(1); + k = ptrace(PTRACE_ATTACH, pid, 0L, 0L); + ASSERT_EQ(errno, EAGAIN); + ASSERT_EQ(k, -1); + k = waitpid(-1, &s, WNOHANG); + ASSERT_NE(k, -1); + ASSERT_NE(k, 0); + ASSERT_NE(k, pid); + ASSERT_EQ(WIFEXITED(s), 1); + ASSERT_EQ(WEXITSTATUS(s), 0); + sleep(1); + k = ptrace(PTRACE_ATTACH, pid, 0L, 0L); + ASSERT_EQ(k, 0); + k = waitpid(-1, &s, 0); + ASSERT_EQ(k, pid); + ASSERT_EQ(WIFSTOPPED(s), 1); + ASSERT_EQ(WSTOPSIG(s), SIGSTOP); + k = ptrace(PTRACE_DETACH, pid, 0L, 0L); + ASSERT_EQ(k, 0); + k = waitpid(-1, &s, 0); + ASSERT_EQ(k, pid); + ASSERT_EQ(WIFEXITED(s), 1); + ASSERT_EQ(WEXITSTATUS(s), 0); + k = waitpid(-1, NULL, 0); + ASSERT_EQ(k, -1); + ASSERT_EQ(errno, ECHILD); +} + +TEST_HARNESS_MAIN
This adds test cases for ptrace deadlocks. Additionally fixes a compile problem in get_syscall_info.c, observed with gcc-4.8.4: get_syscall_info.c: In function 'get_syscall_info': get_syscall_info.c:93:3: error: 'for' loop initial declarations are only allowed in C99 mode for (unsigned int i = 0; i < ARRAY_SIZE(args); ++i) { ^ get_syscall_info.c:93:3: note: use option -std=c99 or -std=gnu99 to compile your code Signed-off-by: Bernd Edlinger <bernd.edlinger@hotmail.de> --- tools/testing/selftests/ptrace/Makefile | 4 +- tools/testing/selftests/ptrace/vmaccess.c | 86 +++++++++++++++++++++++++++++++ 2 files changed, 88 insertions(+), 2 deletions(-) create mode 100644 tools/testing/selftests/ptrace/vmaccess.c