1 /*
2 * Check decoding of ptrace syscall.
3 *
4 * Copyright (c) 2016 Dmitry V. Levin <ldv@altlinux.org>
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 #include "tests.h"
31 #include <asm/unistd.h>
32
33 #ifdef __NR_rt_sigprocmask
34
35 # include <errno.h>
36 # include <signal.h>
37 # include <stdio.h>
38 # include <string.h>
39 # include <sys/wait.h>
40 # include <unistd.h>
41 # include "ptrace.h"
42 # include <linux/audit.h>
43
44 static const char *errstr;
45
46 static long
do_ptrace(unsigned long request,unsigned long pid,unsigned long addr,unsigned long data)47 do_ptrace(unsigned long request, unsigned long pid,
48 unsigned long addr, unsigned long data)
49 {
50 long rc = syscall(__NR_ptrace, request, pid, addr, data);
51 errstr = sprintrc(rc);
52 return rc;
53 }
54
55 static void
test_peeksiginfo(unsigned long pid,const unsigned long bad_request)56 test_peeksiginfo(unsigned long pid, const unsigned long bad_request)
57 {
58 do_ptrace(PTRACE_PEEKSIGINFO, pid, 0, bad_request);
59 printf("ptrace(PTRACE_PEEKSIGINFO, %u, NULL, %#lx) = %s\n",
60 (unsigned) pid, bad_request, errstr);
61
62 struct {
63 unsigned long long off;
64 unsigned int flags, nr;
65 } *const psi = tail_alloc(sizeof(*psi));
66
67 psi->off = 0xdeadbeeffacefeedULL;
68 psi->flags = 1;
69 psi->nr = 42;
70
71 do_ptrace(PTRACE_PEEKSIGINFO, pid, (unsigned long) psi, bad_request);
72 printf("ptrace(PTRACE_PEEKSIGINFO, %u, {off=%llu"
73 ", flags=PTRACE_PEEKSIGINFO_SHARED, nr=%u}, %#lx) = %s\n",
74 (unsigned) pid, psi->off, psi->nr, bad_request, errstr);
75
76 pid = fork();
77 if ((pid_t) pid < 0)
78 perror_msg_and_fail("fork");
79
80 if (!pid) {
81 sigset_t mask;
82 sigemptyset(&mask);
83 sigaddset(&mask, SIGUSR1);
84 sigaddset(&mask, SIGUSR2);
85 sigaddset(&mask, SIGALRM);
86
87 if (sigprocmask(SIG_BLOCK, &mask, NULL))
88 perror_msg_and_fail("sigprocmask");
89
90 raise(SIGUSR1);
91 raise(SIGUSR2);
92 raise(SIGALRM);
93
94 if (do_ptrace(PTRACE_TRACEME, 0, 0, 0))
95 perror_msg_and_fail("child: PTRACE_TRACEME");
96
97 raise(SIGSTOP);
98 _exit(0);
99 }
100
101 const unsigned int nsigs = 4;
102 const uid_t uid = geteuid();
103 siginfo_t *sigs = tail_alloc(sizeof(*sigs) * nsigs);
104
105 psi->off = 0;
106 psi->flags = 0;
107 psi->nr = nsigs;
108
109 for (;;) {
110 int status, tracee, saved;
111
112 errno = 0;
113 tracee = wait(&status);
114 if (tracee <= 0) {
115 if (errno == EINTR)
116 continue;
117 saved = errno;
118 kill (pid, SIGKILL);
119 errno = saved;
120 perror_msg_and_fail("wait");
121 }
122 if (WIFEXITED(status)) {
123 if (WEXITSTATUS(status) == 0)
124 break;
125 error_msg_and_fail("unexpected exit status %u",
126 WEXITSTATUS(status));
127 }
128 if (WIFSIGNALED(status))
129 error_msg_and_fail("unexpected signal %u",
130 WTERMSIG(status));
131 if (!WIFSTOPPED(status) || WSTOPSIG(status) != SIGSTOP) {
132 kill(pid, SIGKILL);
133 error_msg_and_fail("unexpected wait status %x",
134 status);
135 }
136
137 long rc = do_ptrace(PTRACE_PEEKSIGINFO, pid,
138 (unsigned long) psi, (unsigned long) sigs);
139 if (rc < 0) {
140 printf("ptrace(PTRACE_PEEKSIGINFO, %u"
141 ", {off=%llu, flags=0, nr=%u}, %p) = %s\n",
142 (unsigned) pid, psi->off, psi->nr, sigs,
143 errstr);
144 } else {
145 printf("ptrace(PTRACE_PEEKSIGINFO, %u"
146 ", {off=%llu, flags=0, nr=%u}"
147 ", [{si_signo=SIGUSR1, si_code=SI_TKILL"
148 ", si_pid=%u, si_uid=%u}"
149 ", {si_signo=SIGUSR2, si_code=SI_TKILL"
150 ", si_pid=%u, si_uid=%u}"
151 ", {si_signo=SIGALRM, si_code=SI_TKILL"
152 ", si_pid=%u, si_uid=%u}"
153 "]) = %s\n",
154 (unsigned) pid, psi->off, psi->nr,
155 (unsigned) pid, (unsigned) uid,
156 (unsigned) pid, (unsigned) uid,
157 (unsigned) pid, (unsigned) uid,
158 errstr);
159 }
160
161 if (do_ptrace(PTRACE_CONT, pid, 0, 0)) {
162 saved = errno;
163 kill (pid, SIGKILL);
164 errno = saved;
165 perror_msg_and_fail("ptrace");
166 }
167 printf("ptrace(PTRACE_CONT, %ld, NULL, SIG_0) = 0\n", pid);
168 }
169 }
170
171 int
main(void)172 main(void)
173 {
174 const unsigned long bad_request =
175 (unsigned long) 0xdeadbeeffffffeedULL;
176 const unsigned long bad_data =
177 (unsigned long) 0xdeadcafefffff00dULL;
178 const unsigned long pid =
179 (unsigned long) 0xdefaced00000000ULL | (unsigned) getpid();
180
181 unsigned int sigset_size;
182
183 for (sigset_size = 1024 / 8; sigset_size; sigset_size >>= 1) {
184 if (!syscall(__NR_rt_sigprocmask,
185 SIG_SETMASK, NULL, NULL, sigset_size))
186 break;
187 }
188 if (!sigset_size)
189 perror_msg_and_fail("rt_sigprocmask");
190
191 void *const k_set = tail_alloc(sigset_size);
192 siginfo_t *const sip = tail_alloc(sizeof(*sip));
193
194 do_ptrace(bad_request, pid, 0, 0);
195 printf("ptrace(%#lx /* PTRACE_??? */, %u, NULL, NULL) = %s\n",
196 bad_request, (unsigned) pid, errstr);
197
198 do_ptrace(PTRACE_PEEKDATA, pid, bad_request, bad_data);
199 # ifdef IA64
200 printf("ptrace(PTRACE_PEEKDATA, %u, %#lx) = %s\n",
201 (unsigned) pid, bad_request, errstr);
202 # else
203 printf("ptrace(PTRACE_PEEKDATA, %u, %#lx, %#lx) = %s\n",
204 (unsigned) pid, bad_request, bad_data, errstr);
205 #endif
206
207 do_ptrace(PTRACE_PEEKTEXT, pid, bad_request, bad_data);
208 # ifdef IA64
209 printf("ptrace(PTRACE_PEEKTEXT, %u, %#lx) = %s\n",
210 (unsigned) pid, bad_request, errstr);
211 # else
212 printf("ptrace(PTRACE_PEEKTEXT, %u, %#lx, %#lx) = %s\n",
213 (unsigned) pid, bad_request, bad_data, errstr);
214 #endif
215
216 do_ptrace(PTRACE_PEEKUSER, pid, bad_request, bad_data);
217 # ifdef IA64
218 printf("ptrace(PTRACE_PEEKUSER, %u, %#lx) = %s\n",
219 (unsigned) pid, bad_request, errstr);
220 # else
221 printf("ptrace(PTRACE_PEEKUSER, %u, %#lx, %#lx) = %s\n",
222 (unsigned) pid, bad_request, bad_data, errstr);
223 #endif
224
225 do_ptrace(PTRACE_POKEUSER, pid, bad_request, bad_data);
226 printf("ptrace(PTRACE_POKEUSER, %u, %#lx, %#lx) = %s\n",
227 (unsigned) pid, bad_request, bad_data, errstr);
228
229 do_ptrace(PTRACE_ATTACH, pid, 0, 0);
230 printf("ptrace(PTRACE_ATTACH, %u) = %s\n", (unsigned) pid, errstr);
231
232 do_ptrace(PTRACE_INTERRUPT, pid, 0, 0);
233 printf("ptrace(PTRACE_INTERRUPT, %u) = %s\n", (unsigned) pid, errstr);
234
235 do_ptrace(PTRACE_KILL, pid, 0, 0);
236 printf("ptrace(PTRACE_KILL, %u) = %s\n", (unsigned) pid, errstr);
237
238 do_ptrace(PTRACE_LISTEN, pid, 0, 0);
239 printf("ptrace(PTRACE_LISTEN, %u) = %s\n", (unsigned) pid, errstr);
240
241 sigset_t libc_set;
242 sigemptyset(&libc_set);
243 sigaddset(&libc_set, SIGUSR1);
244 memcpy(k_set, &libc_set, sigset_size);
245
246 do_ptrace(PTRACE_SETSIGMASK, pid, sigset_size, (unsigned long) k_set);
247 printf("ptrace(PTRACE_SETSIGMASK, %u, %u, [USR1]) = %s\n",
248 (unsigned) pid, sigset_size, errstr);
249
250 do_ptrace(PTRACE_GETSIGMASK, pid, sigset_size, (unsigned long) k_set);
251 printf("ptrace(PTRACE_GETSIGMASK, %u, %u, %p) = %s\n",
252 (unsigned) pid, sigset_size, k_set, errstr);
253
254 do_ptrace(PTRACE_SECCOMP_GET_FILTER, pid, 42, 0);
255 printf("ptrace(PTRACE_SECCOMP_GET_FILTER, %u, 42, NULL) = %s\n",
256 (unsigned) pid, errstr);
257
258 do_ptrace(PTRACE_GETEVENTMSG, pid, bad_request, bad_data);
259 printf("ptrace(PTRACE_GETEVENTMSG, %u, %#lx, %#lx) = %s\n",
260 (unsigned) pid, bad_request, bad_data, errstr);
261
262 memset(sip, -1, sizeof(*sip));
263 sip->si_signo = SIGIO;
264 sip->si_code = 1;
265 sip->si_errno = ENOENT;
266 sip->si_band = -2;
267
268 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
269 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGIO"
270 ", si_code=POLL_IN, si_errno=ENOENT, si_band=-2}) = %s\n",
271 (unsigned) pid, bad_request, errstr);
272
273 memset(sip, -1, sizeof(*sip));
274 sip->si_signo = SIGTRAP;
275 sip->si_code = 1;
276 sip->si_errno = ENOENT;
277 sip->si_pid = 2;
278 sip->si_uid = 3;
279 sip->si_ptr = (void *) bad_request;
280
281 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
282 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGTRAP"
283 ", si_code=TRAP_BRKPT, si_errno=ENOENT, si_pid=2, si_uid=3"
284 ", si_value={int=%d, ptr=%p}}) = %s\n",
285 (unsigned) pid, bad_request, sip->si_int, sip->si_ptr,
286 errstr);
287
288 memset(sip, -1, sizeof(*sip));
289 sip->si_signo = SIGILL;
290 sip->si_code = 1;
291 sip->si_errno = ENOENT;
292 sip->si_addr = (void *) (unsigned long) 0xfacefeeddeadbeefULL;
293
294 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
295 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGILL"
296 ", si_code=ILL_ILLOPC, si_errno=ENOENT, si_addr=%p}) = %s\n",
297 (unsigned) pid, bad_request, sip->si_addr, errstr);
298
299 memset(sip, -1, sizeof(*sip));
300 sip->si_signo = SIGFPE;
301 sip->si_code = 1;
302 sip->si_errno = ENOENT;
303 sip->si_addr = (void *) (unsigned long) 0xfacefeeddeadbeefULL;
304
305 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
306 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGFPE"
307 ", si_code=FPE_INTDIV, si_errno=ENOENT, si_addr=%p}) = %s\n",
308 (unsigned) pid, bad_request, sip->si_addr, errstr);
309
310 memset(sip, -1, sizeof(*sip));
311 sip->si_signo = SIGBUS;
312 sip->si_code = 1;
313 sip->si_errno = -2;
314 sip->si_addr = (void *) (unsigned long) 0xfacefeeddeadbeefULL;
315
316 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
317 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGBUS"
318 ", si_code=BUS_ADRALN, si_errno=%d, si_addr=%p}) = %s\n",
319 (unsigned) pid, bad_request, sip->si_errno, sip->si_addr,
320 errstr);
321
322 memset(sip, -1, sizeof(*sip));
323 sip->si_signo = SIGPROF;
324 sip->si_code = 0xbadc0ded;
325 sip->si_errno = -2;
326 sip->si_pid = 0;
327 sip->si_uid = 3;
328 sip->si_ptr = 0;
329
330 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
331 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGPROF"
332 ", si_code=%#x, si_errno=%d, si_pid=0, si_uid=3}) = %s\n",
333 (unsigned) pid, bad_request, sip->si_code, sip->si_errno,
334 errstr);
335
336 #ifdef HAVE_SIGINFO_T_SI_SYSCALL
337 memset(sip, -1, sizeof(*sip));
338 sip->si_signo = SIGSYS;
339 sip->si_code = 1;
340 sip->si_errno = ENOENT;
341 sip->si_call_addr = (void *) (unsigned long) 0xfacefeeddeadbeefULL;
342 sip->si_syscall = -1U;
343 sip->si_arch = AUDIT_ARCH_X86_64;
344
345 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
346 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGSYS"
347 ", si_code=SYS_SECCOMP, si_errno=ENOENT, si_call_addr=%p"
348 ", si_syscall=%u, si_arch=AUDIT_ARCH_X86_64})"
349 " = %s\n",
350 (unsigned) pid, bad_request, sip->si_call_addr, sip->si_syscall,
351 errstr);
352
353 sip->si_errno = 3141592653U;
354 sip->si_call_addr = NULL;
355 sip->si_syscall = __NR_read;
356 sip->si_arch = 0xda7a1057;
357
358 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
359 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGSYS"
360 ", si_code=SYS_SECCOMP, si_errno=%d, si_call_addr=NULL"
361 ", si_syscall=__NR_read, si_arch=%#x /* AUDIT_ARCH_??? */})"
362 " = %s\n",
363 (unsigned) pid, bad_request, sip->si_errno, sip->si_arch,
364 errstr);
365 #endif
366
367 #if defined HAVE_SIGINFO_T_SI_TIMERID && defined HAVE_SIGINFO_T_SI_OVERRUN
368 memset(sip, -1, sizeof(*sip));
369 sip->si_signo = SIGHUP;
370 sip->si_code = SI_TIMER;
371 sip->si_errno = ENOENT;
372 sip->si_timerid = 0xdeadbeef;
373 sip->si_overrun = -1;
374 sip->si_ptr = (void *) (unsigned long) 0xfacefeeddeadbeefULL;
375
376 do_ptrace(PTRACE_SETSIGINFO, pid, bad_request, (unsigned long) sip);
377 printf("ptrace(PTRACE_SETSIGINFO, %u, %#lx, {si_signo=SIGHUP"
378 ", si_code=SI_TIMER, si_errno=ENOENT, si_timerid=%#x"
379 ", si_overrun=%d, si_value={int=%d, ptr=%p}}) = %s\n",
380 (unsigned) pid, bad_request, sip->si_timerid, sip->si_overrun,
381 sip->si_int, sip->si_ptr, errstr);
382 #endif
383
384 do_ptrace(PTRACE_GETSIGINFO, pid, bad_request, (unsigned long) sip);
385 printf("ptrace(PTRACE_GETSIGINFO, %u, %#lx, %p)"
386 " = %s\n", (unsigned) pid, bad_request, sip, errstr);
387
388 do_ptrace(PTRACE_CONT, pid, 0, SIGUSR1);
389 printf("ptrace(PTRACE_CONT, %u, NULL, SIGUSR1) = %s\n",
390 (unsigned) pid, errstr);
391
392 do_ptrace(PTRACE_DETACH, pid, 0, SIGUSR2);
393 printf("ptrace(PTRACE_DETACH, %u, NULL, SIGUSR2) = %s\n",
394 (unsigned) pid, errstr);
395
396 do_ptrace(PTRACE_SYSCALL, pid, 0, SIGUSR1);
397 printf("ptrace(PTRACE_SYSCALL, %u, NULL, SIGUSR1) = %s\n",
398 (unsigned) pid, errstr);
399
400 #ifdef PTRACE_SINGLESTEP
401 do_ptrace(PTRACE_SINGLESTEP, pid, 0, SIGUSR2);
402 printf("ptrace(PTRACE_SINGLESTEP, %u, NULL, SIGUSR2) = %s\n",
403 (unsigned) pid, errstr);
404 #endif
405
406 #ifdef PTRACE_SINGLEBLOCK
407 do_ptrace(PTRACE_SINGLEBLOCK, pid, 0, SIGUSR1);
408 printf("ptrace(PTRACE_SINGLEBLOCK, %u, NULL, SIGUSR1) = %s\n",
409 (unsigned) pid, errstr);
410 #endif
411
412 #ifdef PTRACE_SYSEMU
413 do_ptrace(PTRACE_SYSEMU, pid, 0, SIGUSR2);
414 printf("ptrace(PTRACE_SYSEMU, %u, NULL, SIGUSR2) = %s\n",
415 (unsigned) pid, errstr);
416 #endif
417 #ifdef PTRACE_SYSEMU_SINGLESTEP
418 do_ptrace(PTRACE_SYSEMU_SINGLESTEP, pid, 0, SIGUSR1);
419 printf("ptrace(PTRACE_SYSEMU_SINGLESTEP, %u, NULL, SIGUSR1) = %s\n",
420 (unsigned) pid, errstr);
421 #endif
422
423 do_ptrace(PTRACE_SETOPTIONS,
424 pid, 0, PTRACE_O_TRACEFORK|PTRACE_O_TRACECLONE);
425 printf("ptrace(PTRACE_SETOPTIONS, %u, NULL"
426 ", PTRACE_O_TRACEFORK|PTRACE_O_TRACECLONE) = %s\n",
427 (unsigned) pid, errstr);
428
429 do_ptrace(PTRACE_SEIZE, pid, bad_request, PTRACE_O_TRACESYSGOOD);
430 printf("ptrace(PTRACE_SEIZE, %u, %#lx, PTRACE_O_TRACESYSGOOD) = %s\n",
431 (unsigned) pid, bad_request, errstr);
432
433 do_ptrace(PTRACE_SETREGSET, pid, 1, bad_request);
434 printf("ptrace(PTRACE_SETREGSET, %u, NT_PRSTATUS, %#lx) = %s\n",
435 (unsigned) pid, bad_request, errstr);
436
437 do_ptrace(PTRACE_GETREGSET, pid, 3, bad_request);
438 printf("ptrace(PTRACE_GETREGSET, %u, NT_PRPSINFO, %#lx) = %s\n",
439 (unsigned) pid, bad_request, errstr);
440
441 test_peeksiginfo(pid, bad_request);
442
443 do_ptrace(PTRACE_TRACEME, 0, 0, 0);
444 printf("ptrace(PTRACE_TRACEME) = %s\n", errstr);
445
446 puts("+++ exited with 0 +++");
447 return 0;
448 }
449
450
451 #else
452
453 SKIP_MAIN_UNDEFINED("__NR_rt_sigprocmask")
454
455 #endif
456