summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorAdin Scannell <ascannell@google.com>2019-06-24 17:28:46 -0700
committergVisor bot <gvisor-bot@google.com>2019-06-24 17:30:01 -0700
commit7f5d0afe525af4728ed5ec75193e9e4560d9558c (patch)
treef721f563a477325e4addfadca979fa3c406b4a85
parent94a6bfab5d0a2a1950915d7db9cd5e1502de8c13 (diff)
Add O_EXITKILL to ptrace options.
This prevents a race before PDEATH_SIG can take effect during a sentry crash. Discovered and solution by avagin@. PiperOrigin-RevId: 254871534
-rw-r--r--pkg/sentry/platform/ptrace/subprocess.go7
1 files changed, 5 insertions, 2 deletions
diff --git a/pkg/sentry/platform/ptrace/subprocess.go b/pkg/sentry/platform/ptrace/subprocess.go
index 3656611ed..f15b3415a 100644
--- a/pkg/sentry/platform/ptrace/subprocess.go
+++ b/pkg/sentry/platform/ptrace/subprocess.go
@@ -370,13 +370,16 @@ func (t *thread) destroy() {
// init initializes trace options.
func (t *thread) init() {
- // Set our TRACESYSGOOD option to differeniate real SIGTRAP.
+ // Set our TRACESYSGOOD option to differeniate real SIGTRAP. We also
+ // set PTRACE_O_EXITKILL to ensure that the unexpected exit of the
+ // sentry will immediately kill the associated stubs.
+ const PTRACE_O_EXITKILL = 0x100000
_, _, errno := syscall.RawSyscall6(
syscall.SYS_PTRACE,
syscall.PTRACE_SETOPTIONS,
uintptr(t.tid),
0,
- syscall.PTRACE_O_TRACESYSGOOD|syscall.PTRACE_O_TRACEEXIT,
+ syscall.PTRACE_O_TRACESYSGOOD|syscall.PTRACE_O_TRACEEXIT|PTRACE_O_EXITKILL,
0, 0)
if errno != 0 {
panic(fmt.Sprintf("ptrace set options failed: %v", errno))