NetBSD Problem Report #51918
From www@NetBSD.org Thu Jan 26 01:56:10 2017
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id A3D5A7A167
for <gnats-bugs@gnats.NetBSD.org>; Thu, 26 Jan 2017 01:56:10 +0000 (UTC)
Message-Id: <20170126015609.4881A7A295@mollari.NetBSD.org>
Date: Thu, 26 Jan 2017 01:56:09 +0000 (UTC)
From: n54@gmx.com
Reply-To: n54@gmx.com
To: gnats-bugs@NetBSD.org
Subject: ptrace tracee can prevent tracer to get its signals by masking
X-Send-Pr-Version: www-1.0
>Number: 51918
>Category: kern
>Synopsis: ptrace tracee can prevent tracer to get its signals by masking
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kamil
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jan 26 02:00:00 +0000 2017
>Closed-Date: Wed Dec 12 23:55:20 +0000 2018
>Last-Modified: Wed May 01 22:00:01 +0000 2019
>Originator: Kamil Rytarowski
>Release: NetBSD 7.99.59 amd64
>Organization:
TNF
>Environment:
NetBSD chieftec 7.99.59 NetBSD 7.99.59 (GENERIC) #2: Thu Jan 26 00:00:12 CET 2017 root@chieftec:/public/netbsd-tmp-root/sys/arch/amd64/compile/GENERIC amd64
>Description:
Tracee can prevent tracer to get its signals by masking
This causes harm, as e.g. an application can silently disable SIGTRAP and breakpoints won't be triggered.
This scenario works correctly on Linux and FreeBSD, by not limiting a signal from being received by a debugger.
Reported by Chuck Silvers in a private mail.
>How-To-Repeat:
#include <sys/wait.h>
#include <sys/ptrace.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <err.h>
int
main(int argc, char **argv)
{
int child;
int status;
int wpid;
sigset_t intmask;
child = fork();
if (child == 0) {
ptrace(PT_TRACE_ME, 0, NULL, 0);
sigemptyset(&intmask);
sigaddset(&intmask, SIGTRAP);
sigprocmask(SIG_BLOCK, &intmask, NULL);
raise(SIGSTOP);
__asm__ __volatile__("int3;\n");
raise(SIGSTOP);
_exit(0);
}
wpid = wait(&status);
if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGSTOP)
errx(EXIT_FAILURE, "SIGSTOP not met");
ptrace(PT_CONTINUE, child, (void*)1, 0);
wpid = wait(&status);
if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGTRAP)
errx(EXIT_FAILURE, "SIGTRAP not met");
ptrace(PT_CONTINUE, child, (void*)1, 0);
wpid = wait(&status);
if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGSTOP)
errx(EXIT_FAILURE, "SIGSTOP not met");
return 0;
}
>Fix:
N/A
>Release-Note:
>Audit-Trail:
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Thu, 26 Jan 2017 20:15:44 +0000
Module Name: src
Committed By: kamil
Date: Thu Jan 26 20:15:44 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Add new tests signal[23] in t_ptrace_wait{,3,4,6,id,pid}
signal2:
Verify that masking SIGTRAP in tracee stops tracer from
catching this raised signal
signal3:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching software breakpoints
signal3 is marked as failing and refrenced with PR kern/51918
Currently signal3 requires code for other architectures than x86_64
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.62 -r1.63 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Thu, 26 Jan 2017 22:32:49 +0000
Module Name: src
Committed By: kamil
Date: Thu Jan 26 22:32:48 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Add new test signal4 in t_ptrace_wait{,3,4,6,id,pid}
signal4:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching single step trap
signal4 is marked as failing and referenced with PR kern/51918.
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.63 -r1.64 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Thu, 26 Jan 2017 22:46:19 +0000
Module Name: src
Committed By: kamil
Date: Thu Jan 26 22:46:19 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Add new test signal5 in t_ptrace_wait{,3,4,6,id,pid}
signal5:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching exec() breakpoint
signal5 is failing and linked with PR kern/51918
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.64 -r1.65 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Fri, 27 Jan 2017 00:34:52 +0000
Module Name: src
Committed By: kamil
Date: Fri Jan 27 00:34:52 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Add new tests signal[67] in t_ptrace_wait{4,6,id,pid}
signal6:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching PTRACE_FORK breakpoint
signal7:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching PTRACE_VFORK breakpoint
signal6 fails due to PR kern/51918
signal6 fails due to PR kern/51918 and PR kern/51630
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.65 -r1.66 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Fri, 27 Jan 2017 16:06:23 +0000
Module Name: src
Committed By: kamil
Date: Fri Jan 27 16:06:23 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Add new test signal8 in t_ptrace_wait{,3,4,6,id,pid}
signal8:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching PTRACE_VFORK_DONE breakpoint
This test is marked as broken and linked with PR kern/51918.
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.66 -r1.67 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Fri, 27 Jan 2017 16:35:47 +0000
Module Name: src
Committed By: kamil
Date: Fri Jan 27 16:35:47 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Add new tests signal{9,10} in t_ptrace_wait{,3,4,6,id,pid}
signal9:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching PTRACE_LWP_CREATE breakpoint
signal10:
Verify that masking SIGTRAP in tracee does not stop tracer from
catching PTRACE_LWP_EXIT breakpoint
Both tests are broken and linked with PR kern/51918.
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.67 -r1.68 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Tue, 28 Mar 2017 01:00:33 +0000
Module Name: src
Committed By: kamil
Date: Tue Mar 28 01:00:33 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Mark signal6 as failing due to timeout not regular failure
This test is marked as PR kern/51918.
Timeout has been reported on i386, amd64, alpha, sparc, sparc64, evbarm.
xen.
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.78 -r1.79 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/kernel
Date: Tue, 28 Mar 2017 01:40:40 +0000
Module Name: src
Committed By: kamil
Date: Tue Mar 28 01:40:40 UTC 2017
Modified Files:
src/tests/kernel: t_ptrace_wait.c
Log Message:
Optimize signal6 in t_ptrace_wait
Reduce timeout to 5 seconds. This tests timeouts and this change saves
time.
PR kern/51918
Sponsored by <The NetBSD Foundation>
To generate a diff of this commit:
cvs rdiff -u -r1.79 -r1.80 src/tests/kernel/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/lib/libc/sys
Date: Sun, 16 Apr 2017 12:03:26 +0000
Module Name: src
Committed By: kamil
Date: Sun Apr 16 12:03:26 UTC 2017
Modified Files:
src/tests/lib/libc/sys: t_ptrace_wait.c
Log Message:
Restore atf_tc_expect_fail in signal4 of t_ptrace_wait*
Accidentally there was removed a PR, it was never fixed.
PR 51918 "ptrace tracee can prevent tracer to get its signals by masking"
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/tests/lib/libc/sys/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/lib/libc/sys
Date: Sun, 16 Apr 2017 12:50:59 +0000
Module Name: src
Committed By: kamil
Date: Sun Apr 16 12:50:59 UTC 2017
Modified Files:
src/tests/lib/libc/sys: t_ptrace_wait.c
Log Message:
Mark signal3/t_ptrace_wait* with timeout on sparc 32-bit
PR kern/52167 signal3/t_ptrace_wait* timeouts on sparc 32-bit
This test is also marked as failure on other platforms:
PR kern/51918 ptrace tracee can prevent tracer to get its signals by masking
Both issues are valid on sparc 32-bit, but the timeout one wins.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/tests/lib/libc/sys/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Responsible-Changed-From-To: kern-bug-people->kamil
Responsible-Changed-By: kamil@NetBSD.org
Responsible-Changed-When: Fri, 06 Oct 2017 23:13:03 +0200
Responsible-Changed-Why:
Take.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/lib/libc/sys
Date: Wed, 27 Dec 2017 13:38:51 +0000
Module Name: src
Committed By: kamil
Date: Wed Dec 27 13:38:51 UTC 2017
Modified Files:
src/tests/lib/libc/sys: t_ptrace_wait.c
Log Message:
atf: ptrace: Temporarily disable signal3 as it breaks now on some ports
This test is marked as failing with: PR kern/51918.
To generate a diff of this commit:
cvs rdiff -u -r1.19 -r1.20 src/tests/lib/libc/sys/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Soren Jacobsen" <snj@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: [netbsd-8] src/tests/lib/libc/sys
Date: Sun, 25 Feb 2018 20:59:47 +0000
Module Name: src
Committed By: snj
Date: Sun Feb 25 20:59:46 UTC 2018
Modified Files:
src/tests/lib/libc/sys [netbsd-8]: t_ptrace_amd64_wait.h
t_ptrace_i386_wait.h t_ptrace_wait.c t_ptrace_x86_wait.h
Log Message:
Pull up following revision(s) (requested by martin in ticket #586):
tests/lib/libc/sys/t_ptrace_amd64_wait.h: 1.2
tests/lib/libc/sys/t_ptrace_i386_wait.h: 1.2
tests/lib/libc/sys/t_ptrace_wait.c: 1.10-1.20
tests/lib/libc/sys/t_ptrace_x86_wait.h: 1.2-1.3
PR kern/52167 strikes on sparc64 too.
--
Temporarily disable t_ptrace_wait*::resume1 in ATF tests
It hangs forever on releng machines.
Sponsored by <The NetBSD Foundation>
--
Remove expected failure (fixed in kern_sig.c 1.339)
--
sync a bit more with reality; some things still fail, some new failures.
reduce spewage, be more explanatory about syscall errors.
--
Add expected failures.
--
make it fail instead of hang under qemu; XXX: need to investigate.
--
t_ptrace_wait*: Disable suspend* tests
These tests can hang the system. These interfaces will be improved and
temporarily disable them.
--
ptrace atf: Clanup reports of failures
Mark resume* suspend* tests as expected failure and link with PR 51995.
Sponsored by <The NetBSD Foundation>
--
report which errno failed
--
atf: t_ptrace_wait: Mark attach2 as racy
--
atf: ptrace: Temporarily disable signal3 as it breaks now on some ports
This test is marked as failing with: PR kern/51918.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.1.8.1 src/tests/lib/libc/sys/t_ptrace_amd64_wait.h \
src/tests/lib/libc/sys/t_ptrace_i386_wait.h \
src/tests/lib/libc/sys/t_ptrace_x86_wait.h
cvs rdiff -u -r1.9 -r1.9.2.1 src/tests/lib/libc/sys/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: kamil@NetBSD.org
State-Changed-When: Thu, 13 Dec 2018 00:55:20 +0100
State-Changed-Why:
Addressed in HEAD, but not without faulty side effects.
From: "Kamil Rytarowski" <kamil@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/51918 CVS commit: src/tests/lib/libc/sys
Date: Wed, 1 May 2019 21:59:32 +0000
Module Name: src
Committed By: kamil
Date: Wed May 1 21:59:32 UTC 2019
Modified Files:
src/tests/lib/libc/sys: t_ptrace_wait.c
Log Message:
ATF ptrace(2) tests signal9 and signal10 now pass
PR kern/51918
To generate a diff of this commit:
cvs rdiff -u -r1.116 -r1.117 src/tests/lib/libc/sys/t_ptrace_wait.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home