All of lore.kernel.org
 help / color / mirror / Atom feed
* [REGRESSION] 5.16rc1: SA_IMMUTABLE breaks debuggers
@ 2021-11-17 18:47 Kyle Huey
  2021-11-17 18:51 ` Kees Cook
  2021-11-18  5:43 ` Thorsten Leemhuis
  0 siblings, 2 replies; 44+ messages in thread
From: Kyle Huey @ 2021-11-17 18:47 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: Andrea Righi, Kees Cook, Shuah Khan, Alexei Starovoitov,
	Andy Lutomirski, Will Drewry,
	open list:KERNEL SELFTEST FRAMEWORK, bpf, open list,
	linux-hardening, Linus Torvalds, Robert O'Callahan

rr, a userspace record and replay debugger[0], is completely broken on
5.16rc1. I bisected this to 00b06da29cf9dc633cdba87acd3f57f4df3fd5c7.

That patch makes two changes, it blocks sigaction from changing signal
handlers once the kernel has decided to force the program to take a
signal and it also stops notifying ptracers of the signal in the same
circumstances. The latter behavior is just wrong. There's no reason
that ptrace should not be able to observe and even change
(non-SIGKILL) forced signals.  It should be reverted.

This behavior change is also observable in gdb. If you take a program
that sets SIGSYS to SIG_IGN and then raises a SIGSYS via
SECCOMP_RET_TRAP and run it under gdb on a good kernel gdb will stop
when the SIGSYS is raised, let you inspect program state, etc. After
the SA_IMMUTABLE change gdb won't stop until the program has already
died of SIGSYS.

- Kyle

[0] https://rr-project.org/

^ permalink raw reply	[flat|nested] 44+ messages in thread

end of thread, other threads:[~2021-11-20  6:13 UTC | newest]

Thread overview: 44+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-17 18:47 [REGRESSION] 5.16rc1: SA_IMMUTABLE breaks debuggers Kyle Huey
2021-11-17 18:51 ` Kees Cook
2021-11-17 19:05   ` Kyle Huey
2021-11-17 19:09     ` Kyle Huey
2021-11-17 21:04       ` Eric W. Biederman
2021-11-17 21:54         ` Kees Cook
2021-11-17 23:24           ` Linus Torvalds
2021-11-18  0:05             ` Kees Cook
2021-11-18  0:15               ` Linus Torvalds
2021-11-18  0:37             ` Kyle Huey
2021-11-18  1:11               ` Linus Torvalds
2021-11-18  1:20                 ` Kyle Huey
2021-11-18  1:32                   ` Kees Cook
2021-11-18 16:10                     ` Eric W. Biederman
2021-11-19 16:07                       ` Kyle Huey
2021-11-19 16:35                         ` Kees Cook
2021-11-19 16:58                           ` Kyle Huey
2021-11-18 21:58                     ` [PATCH 0/2] SA_IMMUTABLE fixes Eric W. Biederman
2021-11-18 21:58                       ` Eric W. Biederman
2021-11-18 22:04                       ` [PATCH 1/2] signal: Don't always set SA_IMMUTABLE for forced signals Eric W. Biederman
2021-11-18 22:04                         ` Eric W. Biederman
2021-11-18 23:52                         ` Kees Cook
2021-11-18 23:52                           ` Kees Cook
2021-11-18 23:54                         ` Kees Cook
2021-11-18 23:54                           ` Kees Cook
2021-11-19 15:08                           ` Eric W. Biederman
2021-11-19 15:08                             ` Eric W. Biederman
2021-11-19  1:13                         ` Kyle Huey
2021-11-19  1:13                           ` Kyle Huey
2021-11-19 15:03                           ` Eric W. Biederman
2021-11-19 15:03                             ` Eric W. Biederman
2021-11-18 22:05                       ` [PATCH 2/2] signal: Replace force_fatal_sig with force_exit_sig when in doubt Eric W. Biederman
2021-11-18 22:05                         ` Eric W. Biederman
2021-11-18 23:53                         ` Kees Cook
2021-11-18 23:53                           ` Kees Cook
2021-11-19  1:12                       ` [PATCH 0/2] SA_IMMUTABLE fixes Kyle Huey
2021-11-19  1:12                         ` Kyle Huey
2021-11-19 15:41                         ` [GIT PULL] SA_IMMUTABLE fixes for v5.16-rc2 Eric W. Biederman
2021-11-19 15:41                           ` Eric W. Biederman
2021-11-19 19:46                           ` pr-tracker-bot
2021-11-19 19:46                             ` pr-tracker-bot
2021-11-17 22:29         ` [REGRESSION] 5.16rc1: SA_IMMUTABLE breaks debuggers Kyle Huey
2021-11-18  5:43 ` Thorsten Leemhuis
2021-11-20  6:13   ` Thorsten Leemhuis

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.