From adaa7979be6feabbd356d11fafba4766a225a4fc Mon Sep 17 00:00:00 2001 From: Kir Kolyshkin Date: Wed, 8 Feb 2017 06:36:10 -0800 Subject: [PATCH] compel: split sanitize ptrace.h We have ptrace defines and functions that are part of UAPI, and we have some internal stuff not to be exposed. Split ptrace.h into two files accordingly. While at it, do some cleanups: - add ptrace_ prefix to some functions and macros - remove (duplicated) PTRACE_* defines from .c files - rename ptrace_seccomp(), remove its duplicate - remove unused ptrace defines - remove unneeded (ptrace-related) includes travis-ci: success for compel uapi cleanups Signed-off-by: Kir Kolyshkin Reviewed-by: Cyrill Gorcunov Signed-off-by: Pavel Emelyanov Signed-off-by: Andrei Vagin --- compel/arch/x86/src/lib/infect.c | 8 +---- compel/include/ptrace.h | 17 ++++++++++ compel/include/uapi/ptrace.h | 53 ++++++++++++-------------------- compel/src/lib/infect.c | 26 ++-------------- compel/src/lib/ptrace.c | 5 ++- criu/arch/x86/crtools.c | 1 - criu/cr-dump.c | 1 - criu/cr-restore.c | 2 +- criu/include/ptrace-compat.h | 4 +-- criu/parasite-syscall.c | 1 - 10 files changed, 45 insertions(+), 73 deletions(-) create mode 100644 compel/include/ptrace.h diff --git a/compel/arch/x86/src/lib/infect.c b/compel/arch/x86/src/lib/infect.c index 9a3b1fb75..2c6b6e191 100644 --- a/compel/arch/x86/src/lib/infect.c +++ b/compel/arch/x86/src/lib/infect.c @@ -1,4 +1,3 @@ -#include #include #include #include @@ -14,10 +13,9 @@ #include "errno.h" #include #include -#include "asm/ptrace.h" #include "common/err.h" #include "asm/infect-types.h" -#include "uapi/compel/ptrace.h" +#include "ptrace.h" #include "infect.h" #include "infect-priv.h" #include "log.h" @@ -159,10 +157,6 @@ int get_task_regs(pid_t pid, user_regs_struct_t regs, save_regs_t save, void *ar } } -#ifndef PTRACE_GETREGSET -# define PTRACE_GETREGSET 0x4204 -#endif - if (!cpu_has_feature(X86_FEATURE_FPU)) goto out; diff --git a/compel/include/ptrace.h b/compel/include/ptrace.h new file mode 100644 index 000000000..30dc74441 --- /dev/null +++ b/compel/include/ptrace.h @@ -0,0 +1,17 @@ +#ifndef COMPEL_PTRACE_H__ +#define COMPEL_PTRACE_H__ + +#include +#include +#include + +#define PTRACE_SI_EVENT(_si_code) (((_si_code) & 0xFFFF) >> 8) + +extern int ptrace_peek_area(pid_t pid, void *dst, void *addr, long bytes); +extern int ptrace_poke_area(pid_t pid, void *src, void *addr, long bytes); +extern int ptrace_swap_area(pid_t pid, void *dst, void *src, long bytes); + +extern int ptrace_get_regs(pid_t pid, user_regs_struct_t *regs); +extern int ptrace_set_regs(pid_t pid, user_regs_struct_t *regs); + +#endif /* COMPEL_PTRACE_H__ */ diff --git a/compel/include/uapi/ptrace.h b/compel/include/uapi/ptrace.h index 2ab9e1c76..d249bd99f 100644 --- a/compel/include/uapi/ptrace.h +++ b/compel/include/uapi/ptrace.h @@ -1,13 +1,21 @@ #ifndef UAPI_COMPEL_PTRACE_H__ #define UAPI_COMPEL_PTRACE_H__ -#include +/* + * We'd want to include both sys/ptrace.h and linux/ptrace.h, + * hoping that most definitions come from either one or another. + * Alas, on Alpine/musl both files declare struct ptrace_peeksiginfo_args, + * so there is no way they can be used together. Let's rely on libc one. + */ #include -#include #include -/* some constants for ptrace */ +/* + * Some constants for ptrace that might be missing from the + * standard library includes due to being (relatively) new. + */ + #ifndef PTRACE_SEIZE # define PTRACE_SEIZE 0x4206 #endif @@ -20,10 +28,6 @@ # define PTRACE_INTERRUPT 0x4207 #endif -#ifndef PTRACE_LISTEN -#define PTRACE_LISTEN 0x4208 -#endif - #ifndef PTRACE_PEEKSIGINFO #define PTRACE_PEEKSIGINFO 0x4209 @@ -45,32 +49,15 @@ #define PTRACE_SECCOMP_GET_FILTER 0x420c #endif -#define PTRACE_SEIZE_DEVEL 0x80000000 +#ifdef PTRACE_EVENT_STOP +# if PTRACE_EVENT_STOP == 7 /* Bad value from Linux 3.1-3.3, fixed in 3.4 */ +# undef PTRACE_EVENT_STOP +# endif +#endif +#ifndef PTRACE_EVENT_STOP +# define PTRACE_EVENT_STOP 128 +#endif -#define PTRACE_EVENT_FORK 1 -#define PTRACE_EVENT_VFORK 2 -#define PTRACE_EVENT_CLONE 3 -#define PTRACE_EVENT_EXEC 4 -#define PTRACE_EVENT_VFORK_DONE 5 -#define PTRACE_EVENT_EXIT 6 -#define PTRACE_EVENT_STOP 128 - -#define PTRACE_O_TRACESYSGOOD 0x00000001 -#define PTRACE_O_TRACEFORK 0x00000002 -#define PTRACE_O_TRACEVFORK 0x00000004 -#define PTRACE_O_TRACECLONE 0x00000008 -#define PTRACE_O_TRACEEXEC 0x00000010 -#define PTRACE_O_TRACEVFORKDONE 0x00000020 -#define PTRACE_O_TRACEEXIT 0x00000040 - -#define SI_EVENT(_si_code) (((_si_code) & 0xFFFF) >> 8) - -extern int suspend_seccomp(pid_t pid); -extern int ptrace_peek_area(pid_t pid, void *dst, void *addr, long bytes); -extern int ptrace_poke_area(pid_t pid, void *src, void *addr, long bytes); -extern int ptrace_swap_area(pid_t pid, void *dst, void *src, long bytes); - -extern int ptrace_get_regs(pid_t pid, user_regs_struct_t *regs); -extern int ptrace_set_regs(pid_t pid, user_regs_struct_t *regs); +extern int ptrace_suspend_seccomp(pid_t pid); #endif /* UAPI_COMPEL_PTRACE_H__ */ diff --git a/compel/src/lib/infect.c b/compel/src/lib/infect.c index 2ffd2de63..5a45a1a09 100644 --- a/compel/src/lib/infect.c +++ b/compel/src/lib/infect.c @@ -1,6 +1,5 @@ #include #include -#include #include #include #include @@ -17,12 +16,11 @@ #include #include -#include "asm/ptrace.h" #include "uapi/compel/plugins/std/syscall.h" #include "asm/infect-types.h" #include "asm/sigframe.h" #include "infect.h" -#include "uapi/compel/ptrace.h" +#include "ptrace.h" #include "infect-rpc.h" #include "infect-priv.h" #include "infect-util.h" @@ -41,18 +39,10 @@ #define PARASITE_STACK_SIZE (16 << 10) -#define PTRACE_EVENT_STOP 128 - #ifndef SECCOMP_MODE_DISABLED #define SECCOMP_MODE_DISABLED 0 #endif -#ifndef PTRACE_O_SUSPEND_SECCOMP -# define PTRACE_O_SUSPEND_SECCOMP (1 << 21) -#endif - -#define SI_EVENT(_si_code) (((_si_code) & 0xFFFF) >> 8) - static int prepare_thread(int pid, struct thread_ctx *ctx); static inline void close_safe(int *pfd) @@ -195,16 +185,6 @@ static int skip_sigstop(int pid, int nr_signals) return 0; } -static int do_suspend_seccomp(pid_t pid) -{ - if (ptrace(PTRACE_SETOPTIONS, pid, NULL, PTRACE_O_SUSPEND_SECCOMP) < 0) { - pr_perror("suspending seccomp failed"); - return -1; - } - - return 0; -} - /* * This routine seizes task putting it into a special * state where we can manipulate the task via ptrace @@ -278,7 +258,7 @@ try_again: goto err; } - if (SI_EVENT(si.si_code) != PTRACE_EVENT_STOP) { + if (PTRACE_SI_EVENT(si.si_code) != PTRACE_EVENT_STOP) { /* * Kernel notifies us about the task being seized received some * event other than the STOP, i.e. -- a signal. Let the task @@ -295,7 +275,7 @@ try_again: goto try_again; } - if (ss->seccomp_mode != SECCOMP_MODE_DISABLED && do_suspend_seccomp(pid) < 0) + if (ss->seccomp_mode != SECCOMP_MODE_DISABLED && ptrace_suspend_seccomp(pid) < 0) goto err; nr_sigstop = 0; diff --git a/compel/src/lib/ptrace.c b/compel/src/lib/ptrace.c index c2991b5d8..9142bac42 100644 --- a/compel/src/lib/ptrace.c +++ b/compel/src/lib/ptrace.c @@ -9,7 +9,6 @@ #include #include #include -#include #include #include #include @@ -18,11 +17,11 @@ #include "common/compiler.h" #include "uapi/compel/asm/infect-types.h" -#include "uapi/compel/ptrace.h" +#include "ptrace.h" #include "log.h" -int suspend_seccomp(pid_t pid) +int ptrace_suspend_seccomp(pid_t pid) { if (ptrace(PTRACE_SETOPTIONS, pid, NULL, PTRACE_O_SUSPEND_SECCOMP) < 0) { pr_perror("suspending seccomp failed"); diff --git a/criu/arch/x86/crtools.c b/criu/arch/x86/crtools.c index 0c3851adc..e1cfb1952 100644 --- a/criu/arch/x86/crtools.c +++ b/criu/arch/x86/crtools.c @@ -15,7 +15,6 @@ #include "cr_options.h" #include "common/compiler.h" #include "restorer.h" -#include #include "parasite-syscall.h" #include "util.h" #include "cpu.h" diff --git a/criu/cr-dump.c b/criu/cr-dump.c index 588e37f4d..d0639f398 100644 --- a/criu/cr-dump.c +++ b/criu/cr-dump.c @@ -42,7 +42,6 @@ #include "cr_options.h" #include "servicefd.h" #include "string.h" -#include #include "ptrace-compat.h" #include "util.h" #include "namespaces.h" diff --git a/criu/cr-restore.c b/criu/cr-restore.c index d0dd6371a..92964d7ee 100644 --- a/criu/cr-restore.c +++ b/criu/cr-restore.c @@ -1572,7 +1572,7 @@ static int attach_to_tasks(bool root_seized) * doing an munmap in the process, which may be blocked by * seccomp and cause the task to be killed. */ - if (rsti(item)->has_seccomp && suspend_seccomp(pid) < 0) + if (rsti(item)->has_seccomp && ptrace_suspend_seccomp(pid) < 0) pr_err("failed to suspend seccomp, restore will probably fail...\n"); if (ptrace(PTRACE_CONT, pid, NULL, NULL) ) { diff --git a/criu/include/ptrace-compat.h b/criu/include/ptrace-compat.h index 295fb01c6..b23df2dfd 100644 --- a/criu/include/ptrace-compat.h +++ b/criu/include/ptrace-compat.h @@ -1,10 +1,8 @@ #ifndef __CR_PTRACE_H__ #define __CR_PTRACE_H__ +#include #include -#include - -#include "types.h" #include "config.h" #ifndef CONFIG_HAS_PTRACE_PEEKSIGINFO diff --git a/criu/parasite-syscall.c b/criu/parasite-syscall.c index a7a26adf4..fef902de9 100644 --- a/criu/parasite-syscall.c +++ b/criu/parasite-syscall.c @@ -15,7 +15,6 @@ #include "images/pagemap.pb-c.h" #include "imgset.h" -#include #include "parasite-syscall.h" #include "parasite.h" #include "crtools.h"