NetBSD Problem Report #51918

From www@NetBSD.org  Thu Jan 26 01:56:10 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id A3D5A7A167
	for <gnats-bugs@gnats.NetBSD.org>; Thu, 26 Jan 2017 01:56:10 +0000 (UTC)
Message-Id: <20170126015609.4881A7A295@mollari.NetBSD.org>
Date: Thu, 26 Jan 2017 01:56:09 +0000 (UTC)
From: n54@gmx.com
Reply-To: n54@gmx.com
To: gnats-bugs@NetBSD.org
Subject: Tracee can prevent tracer to get its signals by masking
X-Send-Pr-Version: www-1.0

>Number:         51918
>Category:       kern
>Synopsis:       Tracee can prevent tracer to get its signals by masking
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jan 26 02:00:00 +0000 2017
>Last-Modified:  Fri Jan 27 16:40:01 +0000 2017
>Originator:     Kamil Rytarowski
>Release:        NetBSD 7.99.59 amd64
>Organization:
TNF
>Environment:
NetBSD chieftec 7.99.59 NetBSD 7.99.59 (GENERIC) #2: Thu Jan 26 00:00:12 CET 2017  root@chieftec:/public/netbsd-tmp-root/sys/arch/amd64/compile/GENERIC amd64

>Description:
Tracee can prevent tracer to get its signals by masking

This causes harm, as e.g. an application can silently disable SIGTRAP and breakpoints won't be triggered.

This scenario works correctly on Linux and FreeBSD, by not limiting a signal from being received by a debugger.

Reported by Chuck Silvers in a private mail.
>How-To-Repeat:
#include <sys/wait.h>
#include <sys/ptrace.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <err.h>

int
main(int argc, char **argv)
{
        int child;
        int status;
        int wpid;
        sigset_t intmask;

        child = fork();
        if (child == 0) {
                ptrace(PT_TRACE_ME, 0, NULL, 0);

                sigemptyset(&intmask);
                sigaddset(&intmask, SIGTRAP);
                sigprocmask(SIG_BLOCK, &intmask, NULL);

                raise(SIGSTOP);

                __asm__ __volatile__("int3;\n");

                raise(SIGSTOP);

                _exit(0);
        }

        wpid = wait(&status);
        if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGSTOP)
                errx(EXIT_FAILURE, "SIGSTOP not met");

        ptrace(PT_CONTINUE, child, (void*)1, 0);

        wpid = wait(&status);
        if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGTRAP)
                errx(EXIT_FAILURE, "SIGTRAP not met");

        ptrace(PT_CONTINUE, child, (void*)1, 0);

        wpid = wait(&status);
        if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGSTOP)
                errx(EXIT_FAILURE, "SIGSTOP not met");

        return 0;
}
>Fix:
N/A

>Audit-Trail:
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Thu, 26 Jan 2017 20:15:44 +0000

 Module Name:	src
 Committed By:	kamil
 Date:		Thu Jan 26 20:15:44 UTC 2017

 Modified Files:
 	src/tests/kernel: t_ptrace_wait.c

 Log Message:
 Add new tests signal[23] in t_ptrace_wait{,3,4,6,id,pid}

 signal2:
     Verify that masking SIGTRAP in tracee stops tracer from
     catching this raised signal

 signal3:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching software breakpoints

 signal3 is marked as failing and refrenced with PR kern/51918
 Currently signal3 requires code for other architectures than x86_64

 Sponsored by <The NetBSD Foundation>


 To generate a diff of this commit:
 cvs rdiff -u -r1.62 -r1.63 src/tests/kernel/t_ptrace_wait.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Thu, 26 Jan 2017 22:32:49 +0000

 Module Name:	src
 Committed By:	kamil
 Date:		Thu Jan 26 22:32:48 UTC 2017

 Modified Files:
 	src/tests/kernel: t_ptrace_wait.c

 Log Message:
 Add new test signal4 in t_ptrace_wait{,3,4,6,id,pid}

 signal4:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching single step trap

 signal4 is marked as failing and referenced with PR kern/51918.

 Sponsored by <The NetBSD Foundation>


 To generate a diff of this commit:
 cvs rdiff -u -r1.63 -r1.64 src/tests/kernel/t_ptrace_wait.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Thu, 26 Jan 2017 22:46:19 +0000

 Module Name:	src
 Committed By:	kamil
 Date:		Thu Jan 26 22:46:19 UTC 2017

 Modified Files:
 	src/tests/kernel: t_ptrace_wait.c

 Log Message:
 Add new test signal5 in t_ptrace_wait{,3,4,6,id,pid}

 signal5:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching exec() breakpoint

 signal5 is failing and linked with PR kern/51918

 Sponsored by <The NetBSD Foundation>


 To generate a diff of this commit:
 cvs rdiff -u -r1.64 -r1.65 src/tests/kernel/t_ptrace_wait.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Fri, 27 Jan 2017 00:34:52 +0000

 Module Name:	src
 Committed By:	kamil
 Date:		Fri Jan 27 00:34:52 UTC 2017

 Modified Files:
 	src/tests/kernel: t_ptrace_wait.c

 Log Message:
 Add new tests signal[67] in t_ptrace_wait{4,6,id,pid}

 signal6:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching PTRACE_FORK breakpoint

 signal7:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching PTRACE_VFORK breakpoint

 signal6 fails due to PR kern/51918
 signal6 fails due to PR kern/51918 and PR kern/51630

 Sponsored by <The NetBSD Foundation>


 To generate a diff of this commit:
 cvs rdiff -u -r1.65 -r1.66 src/tests/kernel/t_ptrace_wait.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Fri, 27 Jan 2017 16:06:23 +0000

 Module Name:	src
 Committed By:	kamil
 Date:		Fri Jan 27 16:06:23 UTC 2017

 Modified Files:
 	src/tests/kernel: t_ptrace_wait.c

 Log Message:
 Add new test signal8 in t_ptrace_wait{,3,4,6,id,pid}

 signal8:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching PTRACE_VFORK_DONE breakpoint

 This test is marked as broken and linked with PR kern/51918.

 Sponsored by <The NetBSD Foundation>


 To generate a diff of this commit:
 cvs rdiff -u -r1.66 -r1.67 src/tests/kernel/t_ptrace_wait.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Fri, 27 Jan 2017 16:35:47 +0000

 Module Name:	src
 Committed By:	kamil
 Date:		Fri Jan 27 16:35:47 UTC 2017

 Modified Files:
 	src/tests/kernel: t_ptrace_wait.c

 Log Message:
 Add new tests signal{9,10} in t_ptrace_wait{,3,4,6,id,pid}

 signal9:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching PTRACE_LWP_CREATE breakpoint

 signal10:
     Verify that masking SIGTRAP in tracee does not stop tracer from
     catching PTRACE_LWP_EXIT breakpoint

 Both tests are broken and linked with PR kern/51918.

 Sponsored by <The NetBSD Foundation>


 To generate a diff of this commit:
 cvs rdiff -u -r1.67 -r1.68 src/tests/kernel/t_ptrace_wait.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.