ptrace: clear TIF_SYSCALL_TRACE on ptrace detach - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Ales Novak <alnovak@suse.cz>	2016-10-11 13:53:46 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	2016-10-11 15:06:32 -0700
commit	0a5bf409d3eefc1ca64cedf0bc1c0673164cacc1 (patch)
tree	21c48f939afc592ecd4273ec956d8a17bf4ff1e8 /kernel/audit.c
parent	086e774a57fba4695f14383c0818994c0b31da7c (diff)
download	linux-0a5bf409d3eefc1ca64cedf0bc1c0673164cacc1.tar.bz2

ptrace: clear TIF_SYSCALL_TRACE on ptrace detach

On __ptrace_detach(), called from do_exit()->exit_notify()-> forget_original_parent()->exit_ptrace(), the TIF_SYSCALL_TRACE in thread->flags of the tracee is not cleared up. This results in the tracehook_report_syscall_* being called (though there's no longer a tracer listening to that) upon its further syscalls. Example scenario - attach "strace" to a running process and kill it (the strace) with SIGKILL. You'll see that the syscall trace hooks are still being called. The clearing of this flag should be moved from ptrace_detach() to __ptrace_detach(). Link: http://lkml.kernel.org/r/1472759493-20554-1-git-send-email-alnovak@suse.cz Signed-off-by: Ales Novak <alnovak@suse.cz> Acked-by: Oleg Nesterov <oleg@redhat.com> Cc: Jiri Kosina <jkosina@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Diffstat (limited to 'kernel/audit.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: