Skip to content

Commit

Permalink
Add WaitStatus::PtraceSyscall for use with PTRACE_O_TRACESYSGOOD
Browse files Browse the repository at this point in the history
The recommended way to trace syscalls with ptrace is to set the
PTRACE_O_TRACESYSGOOD option, to distinguish syscall stops from
receiving an actual SIGTRAP. In C, this would cause WSTOPSIG to return
SIGTRAP | 0x80, but nix wants to parse that as an actual signal.

Add another wait status type for syscall stops (in the language of the
ptrace(2) manpage, "PTRACE_EVENT stops" and "Syscall-stops" are
different things), and mask out bit 0x80 from signals before trying to
parse it.

Closes nix-rust#550
  • Loading branch information
geofft committed Jul 19, 2017
1 parent 07e6c2f commit bec319b
Show file tree
Hide file tree
Showing 3 changed files with 73 additions and 2 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ This project adheres to [Semantic Versioning](http://semver.org/).
and nix::Error::UnsupportedOperation}`
([#614](https://github.com/nix-rust/nix/pull/614))
- Added `cfmakeraw`, `cfsetspeed`, and `tcgetsid`. ([#527](https://github.com/nix-rust/nix/pull/527))
- Added a `PtraceSyscall` variant to `nix::sys::wait::WaitStatus`
to support `PTRACE_O_TRACESYSGOOD` events on Linux
([#566](https://github.com/nix-rust/nix/pull/566)).

### Changed
- Changed `ioctl!(write ...)` to take argument by value instead as pointer.
Expand Down
19 changes: 17 additions & 2 deletions src/sys/wait.rs
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ pub enum WaitStatus {
Stopped(Pid, Signal),
#[cfg(any(target_os = "linux", target_os = "android"))]
PtraceEvent(Pid, Signal, c_int),
#[cfg(any(target_os = "linux", target_os = "android"))]
PtraceSyscall(Pid),
Continued(Pid),
StillAlive
}
Expand All @@ -56,6 +58,7 @@ pub enum WaitStatus {
mod status {
use sys::signal::Signal;
use libc::c_int;
use libc::SIGTRAP;

pub fn exited(status: i32) -> bool {
(status & 0x7F) == 0
Expand All @@ -82,7 +85,17 @@ mod status {
}

pub fn stop_signal(status: i32) -> Signal {
Signal::from_c_int((status & 0xFF00) >> 8).unwrap()
// Keep only 7 bits of the signal: the high bit
// is used to indicate syscall stops, below.
Signal::from_c_int((status & 0x7F00) >> 8).unwrap()
}

pub fn syscall_stop(status: i32) -> bool {
// From ptrace(2), setting PTRACE_O_TRACESYSGOOD has the effect
// of delivering SIGTRAP | 0x80 as the signal number for syscall
// stops. This allows easily distinguishing syscall stops from
// genuine SIGTRAP signals.
((status & 0xFF00) >> 8) == SIGTRAP | 0x80
}

pub fn stop_additional(status: i32) -> c_int {
Expand Down Expand Up @@ -196,7 +209,9 @@ fn decode(pid : Pid, status: i32) -> WaitStatus {
if #[cfg(any(target_os = "linux", target_os = "android"))] {
fn decode_stopped(pid: Pid, status: i32) -> WaitStatus {
let status_additional = status::stop_additional(status);
if status_additional == 0 {
if status::syscall_stop(status) {
WaitStatus::PtraceSyscall(pid)
} else if status_additional == 0 {
WaitStatus::Stopped(pid, status::stop_signal(status))
} else {
WaitStatus::PtraceEvent(pid, status::stop_signal(status), status::stop_additional(status))
Expand Down
53 changes: 53 additions & 0 deletions test/sys/test_wait.rs
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,56 @@ fn test_wait_exit() {
Err(_) => panic!("Error: Fork Failed")
}
}

#[cfg(any(target_os = "linux", target_os = "android"))]
// FIXME: qemu-user doesn't implement ptrace on most arches
#[cfg_attr(not(any(target_arch = "x86", target_arch = "x86_64")), ignore)]
mod ptrace {
use nix::Result;
use nix::sys::ptrace::*;
use nix::sys::ptrace::ptrace::*;
use nix::sys::signal::*;
use nix::sys::wait::*;
use nix::unistd::*;
use nix::unistd::ForkResult::*;
use libc::_exit;
use std::ptr;

fn ptrace_child() -> Result<()> {
try!(ptrace(PTRACE_TRACEME, Pid::from_raw(0), ptr::null_mut(), ptr::null_mut()));
// As recommended by ptrace(2), raise SIGTRAP to pause the child
// until the parent is ready to continue
try!(raise(SIGTRAP));
unsafe {_exit(0)}
}

fn ptrace_parent(child: Pid) -> Result<()> {
// Wait for the raised SIGTRAP
assert_eq!(waitpid(child, None), Ok(WaitStatus::Stopped(child, SIGTRAP)));
// We want to test a syscall stop and a PTRACE_EVENT stop
try!(ptrace_setoptions(child, PTRACE_O_TRACESYSGOOD | PTRACE_O_TRACEEXIT));

// First, stop on the next system call, which will be exit()
try!(ptrace(PTRACE_SYSCALL, child, ptr::null_mut(), ptr::null_mut()));
assert_eq!(waitpid(child, None), Ok(WaitStatus::PtraceSyscall(child)));
// Then get the ptrace event for the process exiting
try!(ptrace(PTRACE_CONT, child, ptr::null_mut(), ptr::null_mut()));
assert_eq!(waitpid(child, None), Ok(WaitStatus::PtraceEvent(child, SIGTRAP, PTRACE_EVENT_EXIT)));
// Finally get the normal wait() result, now that the process has exited
try!(ptrace(PTRACE_CONT, child, ptr::null_mut(), ptr::null_mut()));
assert_eq!(waitpid(child, None), Ok(WaitStatus::Exited(child, 0)));
Ok(())
}

#[test]
fn test_wait_ptrace() {
#[allow(unused_variables)]
let m = ::FORK_MTX.lock().expect("Mutex got poisoned by another test");

match fork() {
Ok(Child) => ptrace_child().unwrap(),
Ok(Parent { child }) => ptrace_parent(child).unwrap(),
Err(_) => panic!("Error: Fork Failed")
}
}
}

0 comments on commit bec319b

Please sign in to comment.