Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1096176ybh; Tue, 10 Mar 2020 14:37:44 -0700 (PDT) X-Google-Smtp-Source: ADFU+vvAS8EkTrPX7HiRJto3m8f1A7L8Wop7Hz2pKV/N6vayktmqIViRaemGreda01o2115VmzFd X-Received: by 2002:a9d:7392:: with SMTP id j18mr7253952otk.186.1583876264318; Tue, 10 Mar 2020 14:37:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583876264; cv=none; d=google.com; s=arc-20160816; b=vGzmW3Ji75zNWEduz3drmCTjuEVVbhDb6PYsrQ7EmocGuCW/YXG8CXqy7ZoJTZHR4M 7B81T0OAAqfLBoxyiRR8hNJnPbOashzOkqBdRSjMuCYNjAJ4AOeXayEuY9C5uYFRKya6 ntejUuD70NJCVza/CccHKnRG8ZXlUotf4jLOE3P2bh+pEJZd+s7NaoWlFJ3SUovX59R8 Fp65hJdahfIoAUMAD4oIkMZS4mgDK8Fd7K/TtdUZ20SaCA7GDwfFSp6ms9O209lD2e/i 7OoBWmHVugWr0apBFOjmsDwIjoHy/ZqnhQMBxNfCpbPaMWffPMsaaOBg51JSKJC3sWgU Kqlg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature; bh=NWf0TdeJvck0pCGGb01hva0XMggef5ubqIU9iaLUhUA=; b=fD37eBw2nN1DPOwSLVPB7JDcJFac8SGP1HCn5dZ6g8ESr5FVxwjIFCel1T/0IsdNEC 82zrTOiQ5MzHx1ntt3sBZqA4XHpd7+rDCI5lUXTbydR8UQ933L2CVvm/swiaSi0lTJKH oK9r0TQh+cBrdJp4vz/Ft87w4bP/YRJXu9EYq6t/rVTj41mFjFariaODvsFg+Ss44riL zfxTVuNGC+Hnfq9wD/GjGb3DiiJcczCN4CdDT3kTgTmQZL64NVmzqVNw2hHpqTOFlfHz 0OvSpqo3QDNxY5IHpECl71PSlBRwPxMqDVsdRXis1yjZD/4ujxirdvVUg2/FWpdgAyDn fM8g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NXdmMClg; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c11si12392644ots.280.2020.03.10.14.37.31; Tue, 10 Mar 2020 14:37:44 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=NXdmMClg; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726426AbgCJVg0 (ORCPT + 99 others); Tue, 10 Mar 2020 17:36:26 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:41124 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726307AbgCJVg0 (ORCPT ); Tue, 10 Mar 2020 17:36:26 -0400 Received: by mail-pf1-f194.google.com with SMTP id z65so76052pfz.8 for ; Tue, 10 Mar 2020 14:36:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=NWf0TdeJvck0pCGGb01hva0XMggef5ubqIU9iaLUhUA=; b=NXdmMClgabWQioF4yjl5Jwd3G2+POPv9SbUzVwujJhh2o2BxjxxPsjmZx+RtR3ZTkT fid8mFGefGZRDOe9uPgT1YkjFUTL2YObjeqf7oy5iWafQQpc/Nr/eBX6Dqq2cvpJd3wt zEwIhTLVA6qRzzVmFGqNT3JOmI0cC8+6pR2cc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=NWf0TdeJvck0pCGGb01hva0XMggef5ubqIU9iaLUhUA=; b=CDkkjGN0n6AW79RSe7lfpw+6on+Hm1J13UoMPd1Aznt6yfbfKDDAJPSZLLhe0ijBwy 6GvvXlK/1th4lG/Sj6Im44PUDc4I9rIY1O8Fr4sypizcWe7SYmJ0rGXlmRzBY1hJO7nc FPgoUXXcUK8nLE3unU/EYs9KmqAIZmxfG8HzeUIOncaMf948umKLGr1gxYuYeA8nqD2d zwBaiLlq54q/i8vE6bfi+aFcKsI1eJFjmBlBIVuM5IDPfs0kB6xvFfLn7LADstLx3iLO Smv3xyQ7wBKP4sIHW45eoAOHbCnem6CaZS6GbeqISGoMCqyDgJD3OvxjLYGoZcnE0X02 9dJg== X-Gm-Message-State: ANhLgQ3t6CRRbft0XxLsxa56Ayq93e5z/Zo7Vu3mJqXcjFGSDxzc3Un5 h9spks7SUNjw/PTuha/QhnUJcw== X-Received: by 2002:a65:44cd:: with SMTP id g13mr23586615pgs.365.1583876182960; Tue, 10 Mar 2020 14:36:22 -0700 (PDT) Received: from www.outflux.net (smtp.outflux.net. [198.145.64.163]) by smtp.gmail.com with ESMTPSA id g11sm20159100pfo.184.2020.03.10.14.36.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 10 Mar 2020 14:36:21 -0700 (PDT) Date: Tue, 10 Mar 2020 14:36:20 -0700 From: Kees Cook To: Bernd Edlinger Cc: "Eric W. Biederman" , Christian Brauner , Jann Horn , Jonathan Corbet , Alexander Viro , Andrew Morton , Alexey Dobriyan , Thomas Gleixner , Oleg Nesterov , Frederic Weisbecker , Andrei Vagin , Ingo Molnar , "Peter Zijlstra (Intel)" , Yuyang Du , David Hildenbrand , Sebastian Andrzej Siewior , Anshuman Khandual , David Howells , James Morris , Greg Kroah-Hartman , Shakeel Butt , Jason Gunthorpe , Christian Kellner , Andrea Arcangeli , Aleksa Sarai , "Dmitry V. Levin" , "linux-doc@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "linux-mm@kvack.org" , "stable@vger.kernel.org" , "linux-api@vger.kernel.org" Subject: Re: [PATCH 2/4] selftests/ptrace: add test cases for dead-locks Message-ID: <202003101401.9A4FD3F@keescook> References: <878sk94eay.fsf@x220.int.ebiederm.org> <87r1y12yc7.fsf@x220.int.ebiederm.org> <87k13t2xpd.fsf@x220.int.ebiederm.org> <87d09l2x5n.fsf@x220.int.ebiederm.org> <871rq12vxu.fsf@x220.int.ebiederm.org> <877dzt1fnf.fsf@x220.int.ebiederm.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 10, 2020 at 02:44:01PM +0100, Bernd Edlinger wrote: > This adds test cases for ptrace deadlocks. > > Additionally fixes a compile problem in get_syscall_info.c, > observed with gcc-4.8.4: > > get_syscall_info.c: In function 'get_syscall_info': > get_syscall_info.c:93:3: error: 'for' loop initial declarations are only > allowed in C99 mode > for (unsigned int i = 0; i < ARRAY_SIZE(args); ++i) { > ^ > get_syscall_info.c:93:3: note: use option -std=c99 or -std=gnu99 to compile > your code *discomfort noises* (see below) > > Signed-off-by: Bernd Edlinger > --- > tools/testing/selftests/ptrace/Makefile | 4 +- > tools/testing/selftests/ptrace/vmaccess.c | 86 +++++++++++++++++++++++++++++++ > 2 files changed, 88 insertions(+), 2 deletions(-) > create mode 100644 tools/testing/selftests/ptrace/vmaccess.c > > diff --git a/tools/testing/selftests/ptrace/Makefile b/tools/testing/selftests/ptrace/Makefile > index c0b7f89..2f1f532 100644 > --- a/tools/testing/selftests/ptrace/Makefile > +++ b/tools/testing/selftests/ptrace/Makefile > @@ -1,6 +1,6 @@ > # SPDX-License-Identifier: GPL-2.0-only > -CFLAGS += -iquote../../../../include/uapi -Wall > +CFLAGS += -std=c99 -pthread -iquote../../../../include/uapi -Wall This isn't the common solution in the kernel (the variable declaration would just be lifted out of the loop), but as it's selftest code, which does lots of special things ... I *guess* this is okay. > > -TEST_GEN_PROGS := get_syscall_info peeksiginfo > +TEST_GEN_PROGS := get_syscall_info peeksiginfo vmaccess I love having this deadlock test added to the selftests. I think I need to make an improvement to the test harness, though, as the failure mode right now just blows up after the 30 second timeout and leaves this deadlocked: $ ./vmaccess [==========] Running 2 tests from 1 test cases. [ RUN ] global.vmaccess Alarm clock $ ps PID TTY TIME CMD 2605 pts/0 00:00:00 bash 23360 pts/0 00:00:00 vmaccess 23361 pts/0 00:00:00 vmaccess 23363 pts/0 00:00:00 ps But that's mostly unrelated to this code. Reviewed-by: Kees Cook -Kees > > include ../lib.mk > diff --git a/tools/testing/selftests/ptrace/vmaccess.c b/tools/testing/selftests/ptrace/vmaccess.c > new file mode 100644 > index 0000000..4db327b > --- /dev/null > +++ b/tools/testing/selftests/ptrace/vmaccess.c > @@ -0,0 +1,86 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Copyright (c) 2020 Bernd Edlinger > + * All rights reserved. > + * > + * Check whether /proc/$pid/mem can be accessed without causing deadlocks > + * when de_thread is blocked with ->cred_guard_mutex held. > + */ > + > +#include "../kselftest_harness.h" > +#include > +#include > +#include > +#include > +#include > +#include > + > +static void *thread(void *arg) > +{ > + ptrace(PTRACE_TRACEME, 0, 0L, 0L); > + return NULL; > +} > + > +TEST(vmaccess) > +{ > + int f, pid = fork(); > + char mm[64]; > + > + if (!pid) { > + pthread_t pt; > + > + pthread_create(&pt, NULL, thread, NULL); > + pthread_join(pt, NULL); > + execlp("true", "true", NULL); > + } > + > + sleep(1); > + sprintf(mm, "/proc/%d/mem", pid); > + f = open(mm, O_RDONLY); > + ASSERT_GE(f, 0); > + close(f); > + f = kill(pid, SIGCONT); > + ASSERT_EQ(f, 0); > +} > + > +TEST(attach) > +{ > + int s, k, pid = fork(); > + > + if (!pid) { > + pthread_t pt; > + > + pthread_create(&pt, NULL, thread, NULL); > + pthread_join(pt, NULL); > + execlp("sleep", "sleep", "2", NULL); > + } > + > + sleep(1); > + k = ptrace(PTRACE_ATTACH, pid, 0L, 0L); > + ASSERT_EQ(errno, EAGAIN); > + ASSERT_EQ(k, -1); > + k = waitpid(-1, &s, WNOHANG); > + ASSERT_NE(k, -1); > + ASSERT_NE(k, 0); > + ASSERT_NE(k, pid); > + ASSERT_EQ(WIFEXITED(s), 1); > + ASSERT_EQ(WEXITSTATUS(s), 0); > + sleep(1); > + k = ptrace(PTRACE_ATTACH, pid, 0L, 0L); > + ASSERT_EQ(k, 0); > + k = waitpid(-1, &s, 0); > + ASSERT_EQ(k, pid); > + ASSERT_EQ(WIFSTOPPED(s), 1); > + ASSERT_EQ(WSTOPSIG(s), SIGSTOP); > + k = ptrace(PTRACE_DETACH, pid, 0L, 0L); > + ASSERT_EQ(k, 0); > + k = waitpid(-1, &s, 0); > + ASSERT_EQ(k, pid); > + ASSERT_EQ(WIFEXITED(s), 1); > + ASSERT_EQ(WEXITSTATUS(s), 0); > + k = waitpid(-1, NULL, 0); > + ASSERT_EQ(k, -1); > + ASSERT_EQ(errno, ECHILD); > +} > + > +TEST_HARNESS_MAIN > -- > 1.9.1 -- Kees Cook