Page MenuHomeFreeBSD
Differential D7044

Add a mask of optional ptrace() events.
ClosedPublic
Actions

Authored by jhb on Jul 1 2016, 1:47 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mar 19 2024, 6:00 PM
Unknown Object (File)
Mar 12 2024, 8:05 AM
Unknown Object (File)
Feb 27 2024, 10:26 AM
Unknown Object (File)
Feb 27 2024, 10:13 AM
Unknown Object (File)
Jan 9 2024, 1:26 PM
Unknown Object (File)
Jan 8 2024, 9:18 PM
Unknown Object (File)
Jan 8 2024, 9:18 PM
Unknown Object (File)
Jan 8 2024, 9:18 PM
View All 63 Files
Subscribers
emaste
imp

Details

Reviewers
kib
Group Reviewers
manpages
Commits
rS302902: Add a mask of optional ptrace() events.
Summary

Add a mask of optional ptrace() events.

ptrace() now stores a mask of optional events in p_ptevents. Currently
this mask is a single integer, but it can be expanded into an array of
integers in the future.

Two new ptrace requests can be used to manipulate the event mask:
PT_GET_EVENT_MASK fetches the current event mask and PT_SET_EVENT_MASK
sets the current event mask.

The current set of events include:

  • PTRACE_EXEC: trace calls to execve().
  • PTRACE_SIG: trace signals.
  • PTRACE_SCE: trace system call entries.
  • PTRACE_SCX: trace syscam call exits.
  • PTRACE_FORK: trace forks and auto-attach to new child processes.
  • PTRACE_LWP: trace LWP events.

The S_PT_SCX and S_PT_SCE events in the procfs p_stops flags have
been replaced by PTRACE_SCE and PTRACE_SCX. PTRACE_FORK replaces
P_FOLLOW_FORK and PTRACE_LWP replaces P2_LWP_EVENTS.

Assuming I can't fit this into 11.0, I may try to request the p_ptevents
slot in the pre-zeroed area at least. Its not the end of the world if
it has to wait though.

Test Plan
  • Run new tests as well as existing ptrace tests.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jhb updated this revision to Diff 18051.Jul 1 2016, 1:47 AM
jhb retitled this revision from to Add a mask of optional ptrace() events..
jhb updated this object.
jhb edited the test plan for this revision. (Show Details)
jhb added a reviewer: kib.
Herald added subscribers: emaste, imp. · View Herald TranscriptJul 1 2016, 1:47 AM
kib edited edge metadata.Jul 1 2016, 3:29 AM

Does P_TRACED implies that PTRACE_SIG must be set ? I would expect this, but this is not enforced by the PT_SET_EVENT_MASK interface.

Is P_TRACED flag needed ? What would the behaviour if debugger clears the mask ?

sys/kern/kern_exit.c
341 ↗(On Diff #18051)

Why is this needed ?

sys/kern/sys_process.c
994 ↗(On Diff #18051)

You don't check that only supported bits are set in the user supplied mask.

jhb marked an inline comment as done.Jul 1 2016, 5:55 PM
jhb added inline comments.
sys/kern/kern_exit.c
341 ↗(On Diff #18051)

I explicitly cleared p_ptevents to 0 in all the places that cleared P_TRACED so that I could just use 'p->p_ptevents & PTRACE_FOO' without also having to check if P_TRACED was still set.

jhb added a comment.Jul 1 2016, 6:15 PM
In D7044#147411, @kib wrote:

Does P_TRACED implies that PTRACE_SIG must be set ? I would expect this, but this is not enforced by the PT_SET_EVENT_MASK interface.

Is P_TRACED flag needed ? What would the behaviour if debugger clears the mask ?

The idea is for P_TRACED to not imply PTRACE_SIG. In theory if PTRACE_SIG is clear, then signals are passed to the debugee transparently without any notice to the debugger. Explicit events like SCE/SCX that call ptracestop() directly will still post events. SIGTRAP due to breakpoints or watchpoints should always register a stop as well regardless of PTRACE_SIG (I suspect I might not be handling that correctly in the current patch, in fact I'm almost certainly not.) It may be that it is just too hard to get that right (and of limited usefulness). If so, I can drop PTRACE_SIG and just leave signal catching always enabled. procfs treats S_SIG as a flag, so I was trying to provide an equivalent level of granularity. It does seem that blocking S_SIG in procfs might also break breakpoints in debuggers though.

jhb updated this revision to Diff 18058.Jul 1 2016, 6:17 PM
jhb edited edge metadata.
  • Check for invalid events.
jhb updated this revision to Diff 18218.Jul 8 2016, 2:26 AM
  • Drop PTRACE_SIG.
  • Add a test for a user signal delivery.
  • Renumber after dropping PTRACE_SIG.
kib accepted this revision.Jul 8 2016, 2:36 AM
kib edited edge metadata.
This revision is now accepted and ready to land.Jul 8 2016, 2:36 AM
jhb updated this revision to Diff 18437.Jul 15 2016, 2:18 AM
jhb edited edge metadata.
  • New child processes should not inherit the event mask.
  • Update the manpage for the event mask.
This revision now requires review to proceed.Jul 15 2016, 2:18 AM
Herald added a reviewer: manpages. · View Herald TranscriptJul 15 2016, 2:18 AM
kib accepted this revision.Jul 15 2016, 2:53 AM
kib edited edge metadata.
kib added inline comments.
lib/libc/sys/ptrace.2
152 ↗(On Diff #18437)

'kernel-scheduled threads' ?

155 ↗(On Diff #18437)

lowercase N in new.

'Stop _and_ report an event. ' Initially I read it as the statement that PL_FLAG_BORN reporting is not performed anymore.

sys/kern/sys_process.c
659 ↗(On Diff #18437)

A comment stating that uap->data is sanity checked elsewhere could be useful.

This revision is now accepted and ready to land.Jul 15 2016, 2:53 AM
jhb updated this revision to Diff 18470.Jul 15 2016, 3:20 PM
jhb edited edge metadata.
jhb marked an inline comment as done.
  • Note that uap->data is validated in kern_ptrace().
  • Suggestions from Konstantin.
This revision now requires review to proceed.Jul 15 2016, 3:20 PM
Herald edited edge metadata. · View Herald TranscriptJul 15 2016, 3:20 PM
jhb marked an inline comment as done.Jul 15 2016, 3:22 PM
jhb added inline comments.
lib/libc/sys/ptrace.2
152 ↗(On Diff #18437)

Most places I'm familiar with (textbooks, etc.) just use "kernel threads" for LWPs (vs "user threads" for scheduler activations / libc_r, etc.).

jhb mentioned this in rS302900: Add a test for user signal delivery..Jul 15 2016, 3:28 PM
Closed by commit rS302902: Add a mask of optional ptrace() events. (authored by jhb). · Explain WhyJul 15 2016, 3:32 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
head/
lib/
libc/
sys/
209 lines
sys/
kern/
4 lines
2 lines
9 lines
3 lines
5 lines
4 lines
77 lines
sys/
4 lines
20 lines
tests/
sys/
kern/
136 lines

Diff 18472

View Options

head/lib/libc/sys/ptrace.2

Loading...
View Options

head/sys/kern/kern_exec.c

Loading...
View Options

head/sys/kern/kern_exit.c

Loading...
View Options

head/sys/kern/kern_fork.c

Loading...
View Options

head/sys/kern/kern_sig.c

Loading...
View Options

head/sys/kern/kern_thr.c

Loading...
View Options

head/sys/kern/subr_syscall.c

Loading...
View Options

head/sys/kern/sys_process.c

Loading...
View Options

head/sys/sys/proc.h

Loading...
View Options

head/sys/sys/ptrace.h

Loading...
View Options

head/tests/sys/kern/ptrace_test.c

Loading...