Re: [PATCH] fix PTRACE_ATTACH race with real parent's wait calls

[Chris Wright]

* Roland McGrath (roland@xxxxxxxxxx) wrote:
> There is a race between PTRACE_ATTACH and the real parent calling wait.
> For a moment, the task is put in PT_PTRACED but with its parent still
> pointing to its real_parent.  In this circumstance, if the real parent
> calls wait without the WUNTRACED flag, he can see a stopped child status,
> which wait should never return without WUNTRACED when the caller is not
> using ptrace.  Here it is not the caller that is using ptrace, but some
> third party.
> 
> This patch avoids this race condition by only setting PT_PTRACED while
> holding the tasklist_lock.
> 
> ptrace_attach used task_lock for this, and a comment in sched.h says that
> it covers ->ptrace.  But in fact, no other users of ->ptrace use task_lock
> for synchronization.  The places that clear ->ptrace all do so while

Well, checking for setuid during exec does.  I wonder if this opens a
race (again, this area is always touchy).  /me looks deeper

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/