Message ID | 20220505182645.497868-8-ebiederm@xmission.com |
---|---|
State | Not Applicable |
Headers | show
Return-Path: <linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=DHyOdgiM; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=<UNKNOWN>) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4KvMcx6bS1z9sBB for <incoming@patchwork.ozlabs.org>; Fri, 6 May 2022 04:27:45 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:References: In-Reply-To:Message-Id:Date:Cc:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Owner; bh=BqC4wWnhseZ7V8/LuG2Cae1xVLvdpXnu6D9S6Yvu/pg=; b=DHyOdgiMF+B6LDZ6gkWu/+FFQw p2Vcx1aq3JUS593mZJjH8uDzIRa5jmQkolm6/SCiODCfhdfnAzsQq8f/ArcpweZRjcmViNXpf5cqY yWIK7VnDSKMd23A1xpVbSlY2K6Um0fpMUxFfkTApIw1BMphxrNkYinDLBszGhsZmAE0lG2bgXjWdN vqSiGHS9wXo3x+eeOb53ybX3QWPrepuiUKj0if7OS3kIYY4gcAIN5Z3gYcOAwG3SSMA17JDmoxz3d fHNP8hfN6gRWpXjGmiLoGEJirtc8WAf5mK13VgoIIdCT/Y27vBQL6j2xHNFk3KwG1WCKAtNuGj0k8 ECuBL7dg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nmgCR-00HKq0-Re; Thu, 05 May 2022 18:27:39 +0000 Received: from out02.mta.xmission.com ([166.70.13.232]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nmgCP-00HKns-25 for linux-um@lists.infradead.org; Thu, 05 May 2022 18:27:38 +0000 Received: from in01.mta.xmission.com ([166.70.13.51]:53624) by out02.mta.xmission.com with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <ebiederm@xmission.com>) id 1nmgCO-007Bzy-6p; Thu, 05 May 2022 12:27:36 -0600 Received: from ip68-227-174-4.om.om.cox.net ([68.227.174.4]:37118 helo=localhost.localdomain) by in01.mta.xmission.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <ebiederm@xmission.com>) id 1nmgCN-002BtP-4R; Thu, 05 May 2022 12:27:35 -0600 From: "Eric W. Biederman" <ebiederm@xmission.com> To: linux-kernel@vger.kernel.org Cc: rjw@rjwysocki.net, Oleg Nesterov <oleg@redhat.com>, mingo@kernel.org, vincent.guittot@linaro.org, dietmar.eggemann@arm.com, rostedt@goodmis.org, mgorman@suse.de, bigeasy@linutronix.de, Will Deacon <will@kernel.org>, tj@kernel.org, linux-pm@vger.kernel.org, Peter Zijlstra <peterz@infradead.org>, Richard Weinberger <richard@nod.at>, Anton Ivanov <anton.ivanov@cambridgegreys.com>, Johannes Berg <johannes@sipsolutions.net>, linux-um@lists.infradead.org, Chris Zankel <chris@zankel.net>, Max Filippov <jcmvbkbc@gmail.com>, linux-xtensa@linux-xtensa.org, Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>, linux-ia64@vger.kernel.org, "Eric W. Biederman" <ebiederm@xmission.com> Date: Thu, 5 May 2022 13:26:41 -0500 Message-Id: <20220505182645.497868-8-ebiederm@xmission.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <87a6bv6dl6.fsf_-_@email.froward.int.ebiederm.org> References: <87a6bv6dl6.fsf_-_@email.froward.int.ebiederm.org> MIME-Version: 1.0 X-XM-SPF: eid=1nmgCN-002BtP-4R; ; ; mid=<20220505182645.497868-8-ebiederm@xmission.com>; ; ; hst=in01.mta.xmission.com; ; ; ip=68.227.174.4; ; ; frm=ebiederm@xmission.com; ; ; spf=softfail X-XM-AID: U2FsdGVkX18Tux0nNErfiXQBul/5mZQkdooHVQSmtjM= X-SA-Exim-Connect-IP: 68.227.174.4 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa06.xmission.com X-Spam-Level: *** X-Spam-Status: No, score=3.0 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TooManySym_01,T_TooManySym_02,XMSubLong, XM_SPF_SoftFail autolearn=disabled version=3.4.2 X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * 0.7 XMSubLong Long Subject * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_02 5+ unique symbols in subject * 2.5 XM_SPF_SoftFail SPF-SoftFail * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ***;linux-kernel@vger.kernel.org X-Spam-Relay-Country: X-Spam-Timing: total 458 ms - load_scoreonly_sql: 0.06 (0.0%), signal_user_changed: 12 (2.5%), b_tie_ro: 10 (2.2%), parse: 1.13 (0.2%), extract_message_metadata: 13 (2.7%), get_uri_detail_list: 1.58 (0.3%), tests_pri_-1000: 15 (3.3%), tests_pri_-950: 1.39 (0.3%), tests_pri_-900: 1.17 (0.3%), tests_pri_-90: 107 (23.3%), check_bayes: 105 (23.0%), b_tokenize: 8 (1.8%), b_tok_get_all: 7 (1.6%), b_comp_prob: 2.6 (0.6%), b_tok_touch_all: 83 (18.2%), b_finish: 0.93 (0.2%), tests_pri_0: 291 (63.6%), check_dkim_signature: 0.63 (0.1%), check_dkim_adsp: 2.6 (0.6%), poll_dns_idle: 0.85 (0.2%), tests_pri_10: 2.2 (0.5%), tests_pri_500: 11 (2.4%), rewrite_mail: 0.00 (0.0%) Subject: [PATCH v4 08/12] ptrace: Document that wait_task_inactive can't fail X-SA-Exim-Version: 4.2.1 (built Sat, 08 Feb 2020 21:53:50 +0000) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220505_112737_159961_E132D422 X-CRM114-Status: GOOD ( 17.48 ) X-Spam-Score: -0.7 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: After ptrace_freeze_traced succeeds it is known that the the tracee has a __state value of __TASK_TRACED and that no __ptrace_unlink will happen because the tracer is waiting for the tracee, and the t [...] Content analysis details: (-0.7 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [166.70.13.232 listed in wl.mailspike.net] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [166.70.13.232 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: linux-um@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: <linux-um.lists.infradead.org> List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-um>, <mailto:linux-um-request@lists.infradead.org?subject=unsubscribe> List-Archive: <http://lists.infradead.org/pipermail/linux-um/> List-Post: <mailto:linux-um@lists.infradead.org> List-Help: <mailto:linux-um-request@lists.infradead.org?subject=help> List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-um>, <mailto:linux-um-request@lists.infradead.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-um" <linux-um-bounces@lists.infradead.org> Errors-To: linux-um-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org |
Series |
ptrace: cleaning up ptrace_stop
|
expand
|
On 2022-05-05 13:26:41 [-0500], Eric W. Biederman wrote: > After ptrace_freeze_traced succeeds it is known that the the tracee the > has a __state value of __TASK_TRACED and that no __ptrace_unlink will > happen because the tracer is waiting for the tracee, and the tracee is > in ptrace_stop. Sebastian
diff --git a/kernel/ptrace.c b/kernel/ptrace.c index 7105821595bc..05953ac9f7bd 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c @@ -266,17 +266,9 @@ static int ptrace_check_attach(struct task_struct *child, bool ignore_state) } read_unlock(&tasklist_lock); - if (!ret && !ignore_state) { - if (!wait_task_inactive(child, __TASK_TRACED)) { - /* - * This can only happen if may_ptrace_stop() fails and - * ptrace_stop() changes ->state back to TASK_RUNNING, - * so we should not worry about leaking __TASK_TRACED. - */ - WARN_ON(READ_ONCE(child->__state) == __TASK_TRACED); - ret = -ESRCH; - } - } + if (!ret && !ignore_state && + WARN_ON_ONCE(!wait_task_inactive(child, __TASK_TRACED))) + ret = -ESRCH; return ret; }
After ptrace_freeze_traced succeeds it is known that the the tracee has a __state value of __TASK_TRACED and that no __ptrace_unlink will happen because the tracer is waiting for the tracee, and the tracee is in ptrace_stop. The function ptrace_freeze_traced can succeed at any point after ptrace_stop has set TASK_TRACED and dropped siglock. The read_lock on tasklist_lock only excludes ptrace_attach. This means that the !current->ptrace which executes under a read_lock of tasklist_lock will never see a ptrace_freeze_trace as the tracer must have gone away before the tasklist_lock was taken and ptrace_attach can not occur until the read_lock is dropped. As ptrace_freeze_traced depends upon ptrace_attach running before it can run that excludes ptrace_freeze_traced until __state is set to TASK_RUNNING. This means that task_is_traced will fail in ptrace_freeze_attach and ptrace_freeze_attached will fail. On the current->ptrace branch of ptrace_stop which will be reached any time after ptrace_freeze_traced has succeed it is known that __state is __TASK_TRACED and schedule() will be called with that state. Use a WARN_ON_ONCE to document that wait_task_inactive(TASK_TRACED) should never fail. Remove the stale comment about may_ptrace_stop. Strictly speaking this is not true because if PREEMPT_RT is enabled wait_task_inactive can fail because __state can be changed. I don't see this as a problem as the ptrace code is currently broken on PREMPT_RT, and this is one of the issues. Failing and warning when the assumptions of the code are broken is good. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> --- kernel/ptrace.c | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-)