From 69a8340f12df3f5bf599c74fffa539de27704a17 Mon Sep 17 00:00:00 2001 From: jD91mZM2 Date: Tue, 7 Jul 2020 10:51:57 +0200 Subject: [PATCH 1/2] Add PTRACE_STOP_SIGNAL_HANDLER Not entirely a useful thing, one *could* also put a breakpoint on the handler address... I'll need to think about this some more. --- src/flag.rs | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/flag.rs b/src/flag.rs index 942482e..9d1b31f 100644 --- a/src/flag.rs +++ b/src/flag.rs @@ -184,19 +184,43 @@ impl PartialAllocStrategy { bitflags! { pub struct PtraceFlags: u64 { + /// Stop before a syscall is handled. Send PTRACE_FLAG_IGNORE to not + /// handle the syscall. const PTRACE_STOP_PRE_SYSCALL = 0x0000_0000_0000_0001; + /// Stop after a syscall is handled. const PTRACE_STOP_POST_SYSCALL = 0x0000_0000_0000_0002; + /// Stop after exactly one instruction. TODO: This may not handle + /// fexec/signal boundaries. Should it? const PTRACE_STOP_SINGLESTEP = 0x0000_0000_0000_0004; + /// Stop before a signal is handled. Send PTRACE_FLAG_IGNORE to not + /// handle signal. const PTRACE_STOP_SIGNAL = 0x0000_0000_0000_0008; + /// Stop on a software breakpoint, such as the int3 instruction for + /// x86_64. const PTRACE_STOP_BREAKPOINT = 0x0000_0000_0000_0010; + /// Stop just before exiting for good. const PTRACE_STOP_EXIT = 0x0000_0000_0000_0020; + /// Stop before running a program switched to using `fexec`. const PTRACE_STOP_EXEC = 0x0000_0000_0000_0040; + /// Stop before a signal is handled in userspace. This will always + /// happen after a PTRACE_STOP_SIGNAL, if the `handler` argument wasn't + /// SIG_DFL or SIG_IGN. Send PTRACE_FLAG_IGNORE to not handle signal. + const PTRACE_STOP_SIGNAL_HANDLER = 0x0000_0000_0000_0080; + const PTRACE_STOP_MASK = 0x0000_0000_0000_00FF; + + /// Sent when a child is cloned, giving you the opportunity to trace it. + /// If you don't catch this, the child is started as normal. const PTRACE_EVENT_CLONE = 0x0000_0000_0000_0100; + const PTRACE_EVENT_MASK = 0x0000_0000_0000_0F00; + + /// Special meaning, depending on the event. Usually, when fired before + /// an action, it will skip performing that action. const PTRACE_FLAG_IGNORE = 0x0000_0000_0000_1000; + const PTRACE_FLAG_MASK = 0x0000_0000_0000_F000; } } From a1af645cbf426c2ff66b3d06d04dd2aceb538128 Mon Sep 17 00:00:00 2001 From: jD91mZM2 Date: Tue, 7 Jul 2020 13:37:44 +0200 Subject: [PATCH 2/2] Remove bloated ptrace flags I have had a think, and these flags are pointless. Since this is a microkernel, there should always be exactly one way to do something, and it should be the most flexible and simplest to implement. And you can already just set breakpoints on the address provided by the signal handler, and we'll give the entrypoint as an address to the fexec call. --- src/flag.rs | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/flag.rs b/src/flag.rs index 9d1b31f..4566765 100644 --- a/src/flag.rs +++ b/src/flag.rs @@ -200,12 +200,6 @@ bitflags! { const PTRACE_STOP_BREAKPOINT = 0x0000_0000_0000_0010; /// Stop just before exiting for good. const PTRACE_STOP_EXIT = 0x0000_0000_0000_0020; - /// Stop before running a program switched to using `fexec`. - const PTRACE_STOP_EXEC = 0x0000_0000_0000_0040; - /// Stop before a signal is handled in userspace. This will always - /// happen after a PTRACE_STOP_SIGNAL, if the `handler` argument wasn't - /// SIG_DFL or SIG_IGN. Send PTRACE_FLAG_IGNORE to not handle signal. - const PTRACE_STOP_SIGNAL_HANDLER = 0x0000_0000_0000_0080; const PTRACE_STOP_MASK = 0x0000_0000_0000_00FF;