From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932995AbdBVR4u (ORCPT ); Wed, 22 Feb 2017 12:56:50 -0500 Received: from mail-pg0-f49.google.com ([74.125.83.49]:34445 "EHLO mail-pg0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932705AbdBVR4n (ORCPT ); Wed, 22 Feb 2017 12:56:43 -0500 From: bsegall@google.com To: Oleg Nesterov Cc: linux-kernel@vger.kernel.org, Roland McGrath Subject: Re: [PATCH] ptrace: fix PTRACE_LISTEN race corrupting task->state References: <20170222165538.GA15968@redhat.com> Date: Wed, 22 Feb 2017 09:56:40 -0800 In-Reply-To: <20170222165538.GA15968@redhat.com> (Oleg Nesterov's message of "Wed, 22 Feb 2017 17:55:39 +0100") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Oleg Nesterov writes: > On 02/21, bsegall@google.com wrote: >> >> In PT_SEIZED + LISTEN mode SIGSTOP/SIGCONT signals cause a wakeup >> against __TASK_TRACED. If this races with the ptrace_unfreeze_traced at >> the end of a PTRACE_LISTEN, this can wake the task /after/ the check >> against __TASK_TRACED, but before the reset of state to TASK_TRACED. > > Oh, thanks... > > note also that PTRACE_LISTEN itself can do ptrace_signal_wake_up(true), > >> This causes it to instead clobber TASK_WAKING, > > even if it is already TASK_RUNNING it is simply wrong to set TASK_TRACED > in both cases, right? Yeah, that's also wrong and could possibly lead to different errors, but is likely to work out by accident when say ttwu checks on_rq and sees true. > > Thanks. The patch looks good at first glance, but let me think a bit... > perhaps we should change PTRACE_LISTEN instead, not sure. > > Oleg.