There is a generic (i.e. not architecture specific) problem in the
ptrace code in 2.4.0, which I have seen on on x86.
If a debugger attempts to use a ptrace call to read from a process'
BSS page which has not yet been modified the ptrace call fails (with
EIO) rather than returning zero bytes as it should.
The reason is that in this case the process will either already have
the (one and only) ZERO_PAGE mapped, or the call to handle_mm_fault in
access_one_page will cause the ZERO_PAGE to be mapped. However, the
ZERO_PAGE has the status PageReserved. Therefore access_one_page
believes that user level access to the page is forbidden, and fails
the access via ptrace.
Here's a patch which fixes the problem by explicitly allowing
access_one_page to use the ZERO_PAGE.
--- kernel/ptrace.c Fri Sep 8 09:01:14 2000
+++ kernel/ptrace-2.4.0-test7.c Fri Sep 8 08:56:13 2000
@@ -44,7 +44,7 @@
if (write && (!pte_write(*pgtable) || !pte_dirty(*pgtable)))
goto fault_in_page;
page = pte_page(*pgtable);
- if ((!VALID_PAGE(page)) || (PageReserved(page) && page != ZERO_PAGE(addr))
+ if ((!VALID_PAGE(page)) || PageReserved(page))
return 0;
flush_cache_page(vma, addr);
p.s. Please CC me on any replies since I am not currently subscribed
to the linux-kernel list, and I'm out all next week so don't want to
subscribe right now :-(
Thanks.
-- Jim
James Cownie <jcownie@etnus.com>
Etnus, LLC. +44 117 9071438
http://www.etnus.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Sep 15 2000 - 21:00:10 EST