I believe I have found a bug in recent 2.4 linux kernels (at least 2.4.17)
running on x86 related to using ptrace to modify a processes memory. From
a quick scan of the 2.4.17 code it looks like ptrace.c:access_process_vm
is not checking to see if the page of memory it is writing to has write
permission, so it is not properly copy-on-write'ing. This means that if I
have a simple program like this:
main() {
int pid = fork();
while(1) {
printf("pid is: %d\n", pid);
sleep(1);
}
}
and I set a breakpoint on the printf() line in the parent both the parent
and the child will hit that breakpoint.
This bug was not present in any 2.2 kernel that I've tested or in 2.4.2 or
2.4.7 (RH stock kernels for 7.1 and 7.2). Looking at the code for 2.4.14 I
noticed that access_one_page, which is called through access_process_vm,
does a lot more work to make sure that page faults are handled correctly.
I haven't tested 2.4.14 though, so I can't say that it does the correct
thing. I'm not familiar with kernel source, but it looks to me like
get_user_pages is supposed to handle the fault, and it is being passed a
len of 1 rather than the len passed into access_process_vm. Not that I
think that's the bug, just an observation.
I'm more than willing to test out patches, provide more information, or
just have a fireside chat. Please CC replies to my address as I'm on the
daily digest list.
nathan
------------
Nathan Field Root is not something to be shared with strangers.
"It is commonly the case with technologies that you can get the best
insight about how they work by watching them fail."
-- Neal Stephenson
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jan 31 2002 - 21:01:33 EST