CVS commit: src/sys/kern

Tue, 01 May 2018 07:10:23 -0700 

Module Name:    src
Committed By:   kamil
Date:           Tue May  1 14:09:53 UTC 2018

Modified Files:
        src/sys/kern: sys_ptrace_common.c

Log Message:
Add additional hardening in PT_TRACE_ME and PT_ATTACH

Prohibit:
 - calling PT_TRACE_ME by initproc (PID1),
 - calling PT_ATTACH by initproc (PID1).

PID1 and its parent cannot become a tracer.

Sponsored by <The NetBSD Foundation>


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 src/sys/kern/sys_ptrace_common.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/sys_ptrace_common.c
diff -u src/sys/kern/sys_ptrace_common.c:1.38 src/sys/kern/sys_ptrace_common.c:1.39
--- src/sys/kern/sys_ptrace_common.c:1.38	Sun Apr 29 04:28:09 2018
+++ src/sys/kern/sys_ptrace_common.c	Tue May  1 14:09:53 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_ptrace_common.c,v 1.38 2018/04/29 04:28:09 kamil Exp $	*/
+/*	$NetBSD: sys_ptrace_common.c,v 1.39 2018/05/01 14:09:53 kamil Exp $	*/
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -118,7 +118,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_ptrace_common.c,v 1.38 2018/04/29 04:28:09 kamil Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_ptrace_common.c,v 1.39 2018/05/01 14:09:53 kamil Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ptrace.h"
@@ -385,7 +385,13 @@ ptrace_allowed(struct lwp *l, int req, s
 			return EPERM;
 
 		/*
-		 *	(2) the child is already traced.
+		 *	(2) the process is initproc, or
+		 */
+		if (p == initproc)
+			return EPERM;
+
+		/*
+		 *	(3) the child is already traced.
 		 */
 		if (ISSET(p->p_slflag, PSL_TRACED))
 			return EBUSY;
@@ -401,19 +407,25 @@ ptrace_allowed(struct lwp *l, int req, s
 			return EINVAL;
 
 		/*
-		 *	(2) it's a system process
+		 *	(2) it's a system process,
 		 */
 		if (t->p_flag & PK_SYSTEM)
 			return EPERM;
 
 		/*
-		 *	(3) it's already being traced, or
+		 *	(3) the tracer is initproc,
+		 */
+		if (p == initproc)
+			return EPERM;
+
+		/*
+		 *	(4) it's already being traced, or
 		 */
 		if (ISSET(t->p_slflag, PSL_TRACED))
 			return EBUSY;
 
 		/*
-		 * 	(4) the tracer is chrooted, and its root directory is
+		 * 	(5) the tracer is chrooted, and its root directory is
 		 * 	    not at or above the root directory of the tracee
 		 */
 		mutex_exit(t->p_lock);	/* XXXSMP */

Reply via email to