diff options
Diffstat (limited to 'kernel/ptrace.c')
-rw-r--r-- | kernel/ptrace.c | 64 |
1 files changed, 54 insertions, 10 deletions
diff --git a/kernel/ptrace.c b/kernel/ptrace.c index 62f7c2774b16..6cbeaae4406d 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c | |||
@@ -122,6 +122,40 @@ void __ptrace_unlink(struct task_struct *child) | |||
122 | spin_unlock(&child->sighand->siglock); | 122 | spin_unlock(&child->sighand->siglock); |
123 | } | 123 | } |
124 | 124 | ||
125 | /* Ensure that nothing can wake it up, even SIGKILL */ | ||
126 | static bool ptrace_freeze_traced(struct task_struct *task) | ||
127 | { | ||
128 | bool ret = false; | ||
129 | |||
130 | /* Lockless, nobody but us can set this flag */ | ||
131 | if (task->jobctl & JOBCTL_LISTENING) | ||
132 | return ret; | ||
133 | |||
134 | spin_lock_irq(&task->sighand->siglock); | ||
135 | if (task_is_traced(task) && !__fatal_signal_pending(task)) { | ||
136 | task->state = __TASK_TRACED; | ||
137 | ret = true; | ||
138 | } | ||
139 | spin_unlock_irq(&task->sighand->siglock); | ||
140 | |||
141 | return ret; | ||
142 | } | ||
143 | |||
144 | static void ptrace_unfreeze_traced(struct task_struct *task) | ||
145 | { | ||
146 | if (task->state != __TASK_TRACED) | ||
147 | return; | ||
148 | |||
149 | WARN_ON(!task->ptrace || task->parent != current); | ||
150 | |||
151 | spin_lock_irq(&task->sighand->siglock); | ||
152 | if (__fatal_signal_pending(task)) | ||
153 | wake_up_state(task, __TASK_TRACED); | ||
154 | else | ||
155 | task->state = TASK_TRACED; | ||
156 | spin_unlock_irq(&task->sighand->siglock); | ||
157 | } | ||
158 | |||
125 | /** | 159 | /** |
126 | * ptrace_check_attach - check whether ptracee is ready for ptrace operation | 160 | * ptrace_check_attach - check whether ptracee is ready for ptrace operation |
127 | * @child: ptracee to check for | 161 | * @child: ptracee to check for |
@@ -151,24 +185,29 @@ static int ptrace_check_attach(struct task_struct *child, bool ignore_state) | |||
151 | * be changed by us so it's not changing right after this. | 185 | * be changed by us so it's not changing right after this. |
152 | */ | 186 | */ |
153 | read_lock(&tasklist_lock); | 187 | read_lock(&tasklist_lock); |
154 | if ((child->ptrace & PT_PTRACED) && child->parent == current) { | 188 | if (child->ptrace && child->parent == current) { |
189 | WARN_ON(child->state == __TASK_TRACED); | ||
155 | /* | 190 | /* |
156 | * child->sighand can't be NULL, release_task() | 191 | * child->sighand can't be NULL, release_task() |
157 | * does ptrace_unlink() before __exit_signal(). | 192 | * does ptrace_unlink() before __exit_signal(). |
158 | */ | 193 | */ |
159 | spin_lock_irq(&child->sighand->siglock); | 194 | if (ignore_state || ptrace_freeze_traced(child)) |
160 | WARN_ON_ONCE(task_is_stopped(child)); | ||
161 | if (ignore_state || (task_is_traced(child) && | ||
162 | !(child->jobctl & JOBCTL_LISTENING))) | ||
163 | ret = 0; | 195 | ret = 0; |
164 | spin_unlock_irq(&child->sighand->siglock); | ||
165 | } | 196 | } |
166 | read_unlock(&tasklist_lock); | 197 | read_unlock(&tasklist_lock); |
167 | 198 | ||
168 | if (!ret && !ignore_state) | 199 | if (!ret && !ignore_state) { |
169 | ret = wait_task_inactive(child, TASK_TRACED) ? 0 : -ESRCH; | 200 | if (!wait_task_inactive(child, __TASK_TRACED)) { |
201 | /* | ||
202 | * This can only happen if may_ptrace_stop() fails and | ||
203 | * ptrace_stop() changes ->state back to TASK_RUNNING, | ||
204 | * so we should not worry about leaking __TASK_TRACED. | ||
205 | */ | ||
206 | WARN_ON(child->state == __TASK_TRACED); | ||
207 | ret = -ESRCH; | ||
208 | } | ||
209 | } | ||
170 | 210 | ||
171 | /* All systems go.. */ | ||
172 | return ret; | 211 | return ret; |
173 | } | 212 | } |
174 | 213 | ||
@@ -900,6 +939,8 @@ SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr, | |||
900 | goto out_put_task_struct; | 939 | goto out_put_task_struct; |
901 | 940 | ||
902 | ret = arch_ptrace(child, request, addr, data); | 941 | ret = arch_ptrace(child, request, addr, data); |
942 | if (ret || request != PTRACE_DETACH) | ||
943 | ptrace_unfreeze_traced(child); | ||
903 | 944 | ||
904 | out_put_task_struct: | 945 | out_put_task_struct: |
905 | put_task_struct(child); | 946 | put_task_struct(child); |
@@ -1039,8 +1080,11 @@ asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid, | |||
1039 | 1080 | ||
1040 | ret = ptrace_check_attach(child, request == PTRACE_KILL || | 1081 | ret = ptrace_check_attach(child, request == PTRACE_KILL || |
1041 | request == PTRACE_INTERRUPT); | 1082 | request == PTRACE_INTERRUPT); |
1042 | if (!ret) | 1083 | if (!ret) { |
1043 | ret = compat_arch_ptrace(child, request, addr, data); | 1084 | ret = compat_arch_ptrace(child, request, addr, data); |
1085 | if (ret || request != PTRACE_DETACH) | ||
1086 | ptrace_unfreeze_traced(child); | ||
1087 | } | ||
1044 | 1088 | ||
1045 | out_put_task_struct: | 1089 | out_put_task_struct: |
1046 | put_task_struct(child); | 1090 | put_task_struct(child); |