Add O_EXITKILL to ptrace options.

This prevents a race before PDEATH_SIG can take effect during a sentry crash. Discovered and solution by avagin@. PiperOrigin-RevId: 254871534
author: Adin Scannell <ascannell@google.com> 2019-06-24 17:28:46 -0700
committer: gVisor bot <gvisor-bot@google.com> 2019-06-24 17:30:01 -0700
commit: 7f5d0afe525af4728ed5ec75193e9e4560d9558c (patch)
tree: f721f563a477325e4addfadca979fa3c406b4a85 /pkg/sentry/platform
parent: 94a6bfab5d0a2a1950915d7db9cd5e1502de8c13 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/pkg/sentry/platform/ptrace/subprocess.go b/pkg/sentry/platform/ptrace/subprocess.go
index 3656611ed..f15b3415a 100644
--- a/pkg/sentry/platform/ptrace/subprocess.go
+++ b/pkg/sentry/platform/ptrace/subprocess.go
@@ -370,13 +370,16 @@ func (t *thread) destroy() {
 
 // init initializes trace options.
 func (t *thread) init() {
-	// Set our TRACESYSGOOD option to differeniate real SIGTRAP.
+	// Set our TRACESYSGOOD option to differeniate real SIGTRAP. We also
+	// set PTRACE_O_EXITKILL to ensure that the unexpected exit of the
+	// sentry will immediately kill the associated stubs.
+	const PTRACE_O_EXITKILL = 0x100000
 	_, _, errno := syscall.RawSyscall6(
 		syscall.SYS_PTRACE,
 		syscall.PTRACE_SETOPTIONS,
 		uintptr(t.tid),
 		0,
-		syscall.PTRACE_O_TRACESYSGOOD|syscall.PTRACE_O_TRACEEXIT,
+		syscall.PTRACE_O_TRACESYSGOOD|syscall.PTRACE_O_TRACEEXIT|PTRACE_O_EXITKILL,
 		0, 0)
 	if errno != 0 {
 		panic(fmt.Sprintf("ptrace set options failed: %v", errno))
author	Adin Scannell <ascannell@google.com>	2019-06-24 17:28:46 -0700
committer	gVisor bot <gvisor-bot@google.com>	2019-06-24 17:30:01 -0700
commit	7f5d0afe525af4728ed5ec75193e9e4560d9558c (patch)
tree	f721f563a477325e4addfadca979fa3c406b4a85 /pkg/sentry/platform
parent	94a6bfab5d0a2a1950915d7db9cd5e1502de8c13 (diff)