Closed
Bug 1334132
Opened 7 years ago
Closed 7 years ago
Consider using `prctl(PR_SET_PTRACER, ...)` to ease e10s debugging on Linux
Categories
(Core :: Security: Process Sandboxing, defect)
Tracking
()
RESOLVED
FIXED
mozilla54
| Tracking | Status | |
|---|---|---|
| firefox54 | --- | fixed |
People
(Reporter: padenot, Assigned: padenot)
References
(Blocks 1 open bug)
Details
(Whiteboard: sb+)
Attachments
(1 file, 1 obsolete file)
See https://www.kernel.org/doc/Documentation/security/Yama.txt. Maybe it would be worth it to pass `PR_SET_PTRACER_ANY` in debug, or to do something else? Is there a way to allow to `ptrace` to a gecko child process when the parent has been started with gdb ? The current scenario looks like this: - MOZ_DEBUG_CHILD_PROCESS=1 ./mach run --debugger=gdb - Look for the PID in the output of the parent - Open another terminal - gdb objdir/dist/bin/firefox $PID - This does not work because of YAMA Now, locally, you can do: > `sudo gdb objdit/dist/bin/firefox $PID` or > `echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope` because you're in `sudoers`. On taskcluster one-click-loaner, `/proc/sys` is read only and can't be remounted in rw because of docker. On a machine where you're not root, nothing can be done as far as I know.
|
||
Updated•7 years ago
|
Whiteboard: sb+
|
||
Comment 1•7 years ago
|
||
We're already doing this on debug builds when we crash: http://searchfox.org/mozilla-central/rev/7da3c9dcf467964f2fb82f3a4c63972ee79bf696/toolkit/xre/nsSigHandlers.cpp#101 And PR_SET_PTRACER is allowed by the sandbox policy for that reason: http://searchfox.org/mozilla-central/rev/bf98cd4315b5efa1b28831001ad27d54df7bbb68/security/sandbox/linux/SandboxFilter.cpp#149 So this would just need the PR_SET_PTRACER to happen earlier, during startup; for example, here: http://searchfox.org/mozilla-central/rev/7da3c9dcf467964f2fb82f3a4c63972ee79bf696/toolkit/xre/nsEmbedFunctions.cpp#567 There's also a use case of starting the browser normally, attaching a debugger to some process, and then doing the steps-to-reproduce manually. In that case you'd want the early PR_SET_PTRACER but not the child pausing, but I don't know how common it is to do that without having root access.
|
Assignee | |
Comment 2•7 years ago
|
||
This works fine, and would allow debugging child processes on one-click-loaner. How does it look ?
Attachment #8831135 -
Flags: review?(jld)
|
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → padenot
Status: NEW → ASSIGNED
|
|
||
Updated•7 years ago
|
Attachment #8831135 -
Flags: review?(jld) → review+
|
|
Assignee | |
Comment 3•7 years ago
|
||
We need to defined the arguments to `prctl` manually because they are not present in the header available on our builders (Ubuntu 14.04 - linux 3.13).
|
|
Assignee | |
Comment 4•7 years ago
|
||
Comment on attachment 8832025 [details] [diff] [review] Allow attaching to a child process on Linux when MOZ_DEBUG_CHILD_PROCESS is set and YAMA is activated and ptrace_scope is > 0 Same patch with the #define added, taken from another box that has a more recent kernel.
Attachment #8832025 -
Flags: review?(jld)
|
|
Assignee | |
Updated•7 years ago
|
Attachment #8831135 -
Attachment is obsolete: true
|
|
||
Comment 5•7 years ago
|
||
Comment on attachment 8832025 [details] [diff] [review] Allow attaching to a child process on Linux when MOZ_DEBUG_CHILD_PROCESS is set and YAMA is activated and ptrace_scope is > 0 Review of attachment 8832025 [details] [diff] [review]: ----------------------------------------------------------------- Sorry about that; I'd confused PR_SET_PTRACER with something else I was looking at that's been in the kernel for longer. For reference: PR_SET_PTRACER was added in 3.4, according to the man page, and last I heard our builders are CentOS 6, which is on 2.6.32 (with a lot of patches but maybe not the Yama LSM), so that would explain the build failures. Ubuntu still supports a 3.2-based kernel for 12.04 LTS, but that includes some backported security features including Yama (and seccomp-bpf), and all of the newer releases are ≥ 3.4.
Attachment #8832025 -
Flags: review?(jld) → review+
Pushed by paul@paul.cx: https://hg.mozilla.org/integration/mozilla-inbound/rev/81fe225a5ffe Allow attaching to a child process on Linux when MOZ_DEBUG_CHILD_PROCESS is set and YAMA is activated and ptrace_scope is > 0. r=jld
|
||
Comment 7•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/81fe225a5ffe
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
You need to log in
before you can comment on or make changes to this bug.
Description
•