Gitiles
Code Review Sign In
gerrit.omnirom.org / android_bionic / 95646e66666113a5463085ef34da345b0fb7e5e9 / . / tests / sys_ptrace_test.cpp
blob: 93daac327e56de48c19f4c7cc6f736cf799390cc [file] [log] [blame]
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <sys/ptrace.h>
18
19#include <elf.h>
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]20#include <err.h>
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]21#include <fcntl.h>
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]22#include <sched.h>
23#include <sys/prctl.h>
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]24#include <sys/ptrace.h>
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]25#include <sys/uio.h>
26#include <sys/user.h>
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]27#include <sys/wait.h>
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]28#include <unistd.h>
29
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]30#include <chrono>
31#include <thread>
32
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]33#include <gtest/gtest.h>
34
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]35#include <android-base/macros.h>
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]36#include <android-base/unique_fd.h>
37
Evgenii Stepanov7cc67062019-02-05 18:43:34 -0800[diff] [blame]38#include "utils.h"
39
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]40using namespace std::chrono_literals;
41
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]42using android::base::unique_fd;
43
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]44// Host libc does not define this.
45#ifndef TRAP_HWBKPT
46#define TRAP_HWBKPT 4
47#endif
48
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]49class ChildGuard {
50 public:
Chih-Hung Hsieh62e3a072016-05-03 12:08:05 -0700[diff] [blame]51 explicit ChildGuard(pid_t pid) : pid(pid) {}
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]52
53 ~ChildGuard() {
54 kill(pid, SIGKILL);
55 int status;
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]56 TEMP_FAILURE_RETRY(waitpid(pid, &status, 0));
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]57 }
58
59 private:
60 pid_t pid;
61};
62
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]63enum class HwFeature { Watchpoint, Breakpoint };
64
Elliott Hughesbcaa4542019-03-08 15:20:23 -0800[diff] [blame]65static void check_hw_feature_supported(pid_t child, HwFeature feature) {
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]66#if defined(__arm__)
Elliott Hughes95646e62023-09-21 14:11:19 -0700[diff] [blame^]67 errno = 0;
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]68 long capabilities;
69 long result = ptrace(PTRACE_GETHBPREGS, child, 0, &capabilities);
70 if (result == -1) {
Elliott Hughes95646e62023-09-21 14:11:19 -0700[diff] [blame^]71 EXPECT_ERRNO(EIO);
Elliott Hughesbcaa4542019-03-08 15:20:23 -0800[diff] [blame]72 GTEST_SKIP() << "Hardware debug support disabled at kernel configuration time";
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]73 }
Pavel Labath95d8fb12017-07-07 11:42:34 +0100[diff] [blame]74 uint8_t hb_count = capabilities & 0xff;
75 capabilities >>= 8;
76 uint8_t wp_count = capabilities & 0xff;
77 capabilities >>= 8;
78 uint8_t max_wp_size = capabilities & 0xff;
79 if (max_wp_size == 0) {
Elliott Hughesbcaa4542019-03-08 15:20:23 -0800[diff] [blame]80 GTEST_SKIP() << "Kernel reports zero maximum watchpoint size";
81 } else if (feature == HwFeature::Watchpoint && wp_count == 0) {
82 GTEST_SKIP() << "Kernel reports zero hardware watchpoints";
83 } else if (feature == HwFeature::Breakpoint && hb_count == 0) {
84 GTEST_SKIP() << "Kernel reports zero hardware breakpoints";
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]85 }
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]86#elif defined(__aarch64__)
87 user_hwdebug_state dreg_state;
88 iovec iov;
89 iov.iov_base = &dreg_state;
90 iov.iov_len = sizeof(dreg_state);
91
Elliott Hughes95646e62023-09-21 14:11:19 -0700[diff] [blame^]92 errno = 0;
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]93 long result = ptrace(PTRACE_GETREGSET, child,
94 feature == HwFeature::Watchpoint ? NT_ARM_HW_WATCH : NT_ARM_HW_BREAK, &iov);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]95 if (result == -1) {
Elliott Hughes95646e62023-09-21 14:11:19 -0700[diff] [blame^]96 ASSERT_ERRNO(EINVAL);
Evgeny Eltsinbd1c6302019-12-11 15:30:16 +0100[diff] [blame]97 GTEST_SKIP() << "Hardware support missing";
98 } else if ((dreg_state.dbg_info & 0xff) == 0) {
99 if (feature == HwFeature::Watchpoint) {
100 GTEST_SKIP() << "Kernel reports zero hardware watchpoints";
101 } else {
102 GTEST_SKIP() << "Kernel reports zero hardware breakpoints";
103 }
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]104 }
Elliott Hughesbcaa4542019-03-08 15:20:23 -0800[diff] [blame]105#else
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]106 // We assume watchpoints and breakpoints are always supported on x86.
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]107 UNUSED(child);
108 UNUSED(feature);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]109#endif
110}
111
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]112static void set_watchpoint(pid_t child, uintptr_t address, size_t size) {
113 ASSERT_EQ(0u, address & 0x7) << "address: " << address;
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]114#if defined(__arm__) || defined(__aarch64__)
115 const unsigned byte_mask = (1 << size) - 1;
116 const unsigned type = 2; // Write.
117 const unsigned enable = 1;
118 const unsigned control = byte_mask << 5 | type << 3 | enable;
119
120#ifdef __arm__
121 ASSERT_EQ(0, ptrace(PTRACE_SETHBPREGS, child, -1, &address)) << strerror(errno);
122 ASSERT_EQ(0, ptrace(PTRACE_SETHBPREGS, child, -2, &control)) << strerror(errno);
123#else // aarch64
124 user_hwdebug_state dreg_state;
125 memset(&dreg_state, 0, sizeof dreg_state);
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]126 dreg_state.dbg_regs[0].addr = address;
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]127 dreg_state.dbg_regs[0].ctrl = control;
128
129 iovec iov;
130 iov.iov_base = &dreg_state;
131 iov.iov_len = offsetof(user_hwdebug_state, dbg_regs) + sizeof(dreg_state.dbg_regs[0]);
132
133 ASSERT_EQ(0, ptrace(PTRACE_SETREGSET, child, NT_ARM_HW_WATCH, &iov)) << strerror(errno);
134#endif
135#elif defined(__i386__) || defined(__x86_64__)
136 ASSERT_EQ(0, ptrace(PTRACE_POKEUSER, child, offsetof(user, u_debugreg[0]), address)) << strerror(errno);
137 errno = 0;
138 unsigned data = ptrace(PTRACE_PEEKUSER, child, offsetof(user, u_debugreg[7]), nullptr);
Elliott Hughes95646e62023-09-21 14:11:19 -0700[diff] [blame^]139 ASSERT_ERRNO(0);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]140
141 const unsigned size_flag = (size == 8) ? 2 : size - 1;
142 const unsigned enable = 1;
143 const unsigned type = 1; // Write.
144
145 const unsigned mask = 3 << 18 | 3 << 16 | 1;
146 const unsigned value = size_flag << 18 | type << 16 | enable;
147 data &= mask;
148 data |= value;
149 ASSERT_EQ(0, ptrace(PTRACE_POKEUSER, child, offsetof(user, u_debugreg[7]), data)) << strerror(errno);
150#else
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]151 UNUSED(child);
152 UNUSED(address);
153 UNUSED(size);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]154#endif
155}
156
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]157template <typename T>
158static void run_watchpoint_test(std::function<void(T&)> child_func, size_t offset, size_t size) {
159 alignas(16) T data{};
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]160
161 pid_t child = fork();
162 ASSERT_NE(-1, child) << strerror(errno);
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]163 if (child == 0) {
164 // Extra precaution: make sure we go away if anything happens to our parent.
165 if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0) == -1) {
166 perror("prctl(PR_SET_PDEATHSIG)");
167 _exit(1);
168 }
169
170 if (ptrace(PTRACE_TRACEME, 0, nullptr, nullptr) == -1) {
171 perror("ptrace(PTRACE_TRACEME)");
172 _exit(2);
173 }
174
175 child_func(data);
176 _exit(0);
177 }
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]178
179 ChildGuard guard(child);
180
181 int status;
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]182 ASSERT_EQ(child, TEMP_FAILURE_RETRY(waitpid(child, &status, __WALL))) << strerror(errno);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]183 ASSERT_TRUE(WIFSTOPPED(status)) << "Status was: " << status;
184 ASSERT_EQ(SIGSTOP, WSTOPSIG(status)) << "Status was: " << status;
185
Elliott Hughesbcaa4542019-03-08 15:20:23 -0800[diff] [blame]186 check_hw_feature_supported(child, HwFeature::Watchpoint);
Christopher Ferris103b9982019-09-23 09:03:10 -0700[diff] [blame]187 if (::testing::Test::IsSkipped()) {
188 return;
189 }
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]190
Evgenii Stepanov7cc67062019-02-05 18:43:34 -0800[diff] [blame]191 set_watchpoint(child, uintptr_t(untag_address(&data)) + offset, size);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]192
193 ASSERT_EQ(0, ptrace(PTRACE_CONT, child, nullptr, nullptr)) << strerror(errno);
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]194 ASSERT_EQ(child, TEMP_FAILURE_RETRY(waitpid(child, &status, __WALL))) << strerror(errno);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]195 ASSERT_TRUE(WIFSTOPPED(status)) << "Status was: " << status;
196 ASSERT_EQ(SIGTRAP, WSTOPSIG(status)) << "Status was: " << status;
197
198 siginfo_t siginfo;
199 ASSERT_EQ(0, ptrace(PTRACE_GETSIGINFO, child, nullptr, &siginfo)) << strerror(errno);
200 ASSERT_EQ(TRAP_HWBKPT, siginfo.si_code);
201#if defined(__arm__) || defined(__aarch64__)
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]202 ASSERT_LE(&data, siginfo.si_addr);
203 ASSERT_GT((&data) + 1, siginfo.si_addr);
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]204#endif
205}
206
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]207template <typename T>
208static void watchpoint_stress_child(unsigned cpu, T& data) {
209 cpu_set_t cpus;
210 CPU_ZERO(&cpus);
211 CPU_SET(cpu, &cpus);
212 if (sched_setaffinity(0, sizeof cpus, &cpus) == -1) {
213 perror("sched_setaffinity");
214 _exit(3);
215 }
216 raise(SIGSTOP); // Synchronize with the tracer, let it set the watchpoint.
217
218 data = 1; // Now trigger the watchpoint.
219}
220
221template <typename T>
222static void run_watchpoint_stress(size_t cpu) {
223 run_watchpoint_test<T>(std::bind(watchpoint_stress_child<T>, cpu, std::placeholders::_1), 0,
224 sizeof(T));
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]225}
226
227// Test watchpoint API. The test is considered successful if our watchpoints get hit OR the
228// system reports that watchpoint support is not present. We run the test for different
229// watchpoint sizes, while pinning the process to each cpu in turn, for better coverage.
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]230TEST(sys_ptrace, watchpoint_stress) {
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]231 cpu_set_t available_cpus;
232 ASSERT_EQ(0, sched_getaffinity(0, sizeof available_cpus, &available_cpus));
233
234 for (size_t cpu = 0; cpu < CPU_SETSIZE; ++cpu) {
235 if (!CPU_ISSET(cpu, &available_cpus)) continue;
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]236
237 run_watchpoint_stress<uint8_t>(cpu);
Christopher Ferris103b9982019-09-23 09:03:10 -0700[diff] [blame]238 if (::testing::Test::IsSkipped()) {
239 // Only check first case, since all others would skip for same reason.
240 return;
241 }
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]242 run_watchpoint_stress<uint16_t>(cpu);
243 run_watchpoint_stress<uint32_t>(cpu);
244#if defined(__LP64__)
245 run_watchpoint_stress<uint64_t>(cpu);
246#endif
Pavel Labath1faca6c2016-04-21 15:13:22 +0100[diff] [blame]247 }
248}
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]249
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]250struct Uint128_t {
251 uint64_t data[2];
252};
253static void watchpoint_imprecise_child(Uint128_t& data) {
254 raise(SIGSTOP); // Synchronize with the tracer, let it set the watchpoint.
255
256#if defined(__i386__) || defined(__x86_64__)
257 asm volatile("movdqa %%xmm0, %0" : : "m"(data));
258#elif defined(__arm__)
259 asm volatile("stm %0, { r0, r1, r2, r3 }" : : "r"(&data));
260#elif defined(__aarch64__)
261 asm volatile("stp x0, x1, %0" : : "m"(data));
Elliott Hughes89719df2022-11-11 22:54:02 +0000[diff] [blame]262#elif defined(__riscv)
263 UNUSED(data);
264 GTEST_LOG_(INFO) << "missing riscv64 instruction to store > 64 bits in one instruction";
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]265#endif
266}
267
268// Test that the kernel is able to handle the case when the instruction writes
269// to a larger block of memory than the one we are watching. If you see this
270// test fail on arm64, you will likely need to cherry-pick fdfeff0f into your
271// kernel.
272TEST(sys_ptrace, watchpoint_imprecise) {
Yabin Cui143b4542017-11-29 10:34:24 -0800[diff] [blame]273 // This test relies on the infrastructure to timeout if the test hangs.
Pavel Labath4a620262017-04-26 11:30:06 +0100[diff] [blame]274 run_watchpoint_test<Uint128_t>(watchpoint_imprecise_child, 8, sizeof(void*));
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]275}
276
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]277static void __attribute__((noinline)) breakpoint_func() {
278 asm volatile("");
279}
280
281static void __attribute__((noreturn)) breakpoint_fork_child() {
282 // Extra precaution: make sure we go away if anything happens to our parent.
283 if (prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0) == -1) {
284 perror("prctl(PR_SET_PDEATHSIG)");
285 _exit(1);
286 }
287
288 if (ptrace(PTRACE_TRACEME, 0, nullptr, nullptr) == -1) {
289 perror("ptrace(PTRACE_TRACEME)");
290 _exit(2);
291 }
292
293 raise(SIGSTOP); // Synchronize with the tracer, let it set the breakpoint.
294
295 breakpoint_func(); // Now trigger the breakpoint.
296
297 _exit(0);
298}
299
300static void set_breakpoint(pid_t child) {
301 uintptr_t address = uintptr_t(breakpoint_func);
302#if defined(__arm__) || defined(__aarch64__)
303 address &= ~3;
304 const unsigned byte_mask = 0xf;
305 const unsigned enable = 1;
306 const unsigned control = byte_mask << 5 | enable;
307
308#ifdef __arm__
309 ASSERT_EQ(0, ptrace(PTRACE_SETHBPREGS, child, 1, &address)) << strerror(errno);
310 ASSERT_EQ(0, ptrace(PTRACE_SETHBPREGS, child, 2, &control)) << strerror(errno);
311#else // aarch64
312 user_hwdebug_state dreg_state;
313 memset(&dreg_state, 0, sizeof dreg_state);
314 dreg_state.dbg_regs[0].addr = reinterpret_cast<uintptr_t>(address);
315 dreg_state.dbg_regs[0].ctrl = control;
316
317 iovec iov;
318 iov.iov_base = &dreg_state;
319 iov.iov_len = offsetof(user_hwdebug_state, dbg_regs) + sizeof(dreg_state.dbg_regs[0]);
320
321 ASSERT_EQ(0, ptrace(PTRACE_SETREGSET, child, NT_ARM_HW_BREAK, &iov)) << strerror(errno);
322#endif
323#elif defined(__i386__) || defined(__x86_64__)
324 ASSERT_EQ(0, ptrace(PTRACE_POKEUSER, child, offsetof(user, u_debugreg[0]), address))
325 << strerror(errno);
326 errno = 0;
327 unsigned data = ptrace(PTRACE_PEEKUSER, child, offsetof(user, u_debugreg[7]), nullptr);
Elliott Hughes95646e62023-09-21 14:11:19 -0700[diff] [blame^]328 ASSERT_ERRNO(0);
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]329
330 const unsigned size = 0;
331 const unsigned enable = 1;
332 const unsigned type = 0; // Execute
333
334 const unsigned mask = 3 << 18 | 3 << 16 | 1;
335 const unsigned value = size << 18 | type << 16 | enable;
336 data &= mask;
337 data |= value;
338 ASSERT_EQ(0, ptrace(PTRACE_POKEUSER, child, offsetof(user, u_debugreg[7]), data))
339 << strerror(errno);
340#else
Pavel Labath3dad8d52017-02-22 18:22:46 +0000[diff] [blame]341 UNUSED(child);
342 UNUSED(address);
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]343#endif
344}
345
346// Test hardware breakpoint API. The test is considered successful if the breakpoints get hit OR the
347// system reports that hardware breakpoint support is not present.
348TEST(sys_ptrace, hardware_breakpoint) {
349 pid_t child = fork();
350 ASSERT_NE(-1, child) << strerror(errno);
351 if (child == 0) breakpoint_fork_child();
352
353 ChildGuard guard(child);
354
355 int status;
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]356 ASSERT_EQ(child, TEMP_FAILURE_RETRY(waitpid(child, &status, __WALL))) << strerror(errno);
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]357 ASSERT_TRUE(WIFSTOPPED(status)) << "Status was: " << status;
358 ASSERT_EQ(SIGSTOP, WSTOPSIG(status)) << "Status was: " << status;
359
Elliott Hughesbcaa4542019-03-08 15:20:23 -0800[diff] [blame]360 check_hw_feature_supported(child, HwFeature::Breakpoint);
Christopher Ferris103b9982019-09-23 09:03:10 -0700[diff] [blame]361 if (::testing::Test::IsSkipped()) {
362 return;
363 }
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]364
365 set_breakpoint(child);
366
367 ASSERT_EQ(0, ptrace(PTRACE_CONT, child, nullptr, nullptr)) << strerror(errno);
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]368 ASSERT_EQ(child, TEMP_FAILURE_RETRY(waitpid(child, &status, __WALL))) << strerror(errno);
Pavel Labathfb082ee2017-01-23 15:41:35 +0000[diff] [blame]369 ASSERT_TRUE(WIFSTOPPED(status)) << "Status was: " << status;
370 ASSERT_EQ(SIGTRAP, WSTOPSIG(status)) << "Status was: " << status;
371
372 siginfo_t siginfo;
373 ASSERT_EQ(0, ptrace(PTRACE_GETSIGINFO, child, nullptr, &siginfo)) << strerror(errno);
374 ASSERT_EQ(TRAP_HWBKPT, siginfo.si_code);
375}
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]376
377class PtraceResumptionTest : public ::testing::Test {
378 public:
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]379 unique_fd worker_pipe_write;
380
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]381 pid_t worker = -1;
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]382 pid_t tracer = -1;
383
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]384 PtraceResumptionTest() {
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]385 unique_fd worker_pipe_read;
Luis Hector Chavez7300d832018-04-04 10:13:25 -0700[diff] [blame]386 if (!android::base::Pipe(&worker_pipe_read, &worker_pipe_write)) {
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]387 err(1, "failed to create pipe");
388 }
389
Luis Hector Chavez7300d832018-04-04 10:13:25 -0700[diff] [blame]390 // Second pipe to synchronize the Yama ptracer setup.
391 unique_fd worker_pipe_setup_read, worker_pipe_setup_write;
392 if (!android::base::Pipe(&worker_pipe_setup_read, &worker_pipe_setup_write)) {
393 err(1, "failed to create pipe");
394 }
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]395
396 worker = fork();
397 if (worker == -1) {
398 err(1, "failed to fork worker");
399 } else if (worker == 0) {
400 char buf;
Luis Hector Chavez7300d832018-04-04 10:13:25 -0700[diff] [blame]401 // Allow the tracer process, which is not a direct process ancestor, to
402 // be able to use ptrace(2) on this process when Yama LSM is active.
403 if (prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY, 0, 0, 0) == -1) {
404 // if Yama is off prctl(PR_SET_PTRACER) returns EINVAL - don't log in this
405 // case since it's expected behaviour.
406 if (errno != EINVAL) {
407 err(1, "prctl(PR_SET_PTRACER, PR_SET_PTRACER_ANY) failed for pid %d", getpid());
408 }
409 }
410 worker_pipe_setup_write.reset();
411
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]412 worker_pipe_write.reset();
413 TEMP_FAILURE_RETRY(read(worker_pipe_read.get(), &buf, sizeof(buf)));
414 exit(0);
Luis Hector Chavez7300d832018-04-04 10:13:25 -0700[diff] [blame]415 } else {
416 // Wait until the Yama ptracer is setup.
417 char buf;
418 worker_pipe_setup_write.reset();
419 TEMP_FAILURE_RETRY(read(worker_pipe_setup_read.get(), &buf, sizeof(buf)));
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]420 }
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]421 }
422
Yi Kong358603a2019-03-29 14:25:16 -0700[diff] [blame]423 ~PtraceResumptionTest() override {
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]424 }
425
426 void AssertDeath(int signo);
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]427
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]428 void StartTracer(std::function<void()> f) {
429 tracer = fork();
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]430 ASSERT_NE(-1, tracer);
431 if (tracer == 0) {
432 f();
433 if (HasFatalFailure()) {
434 exit(1);
435 }
436 exit(0);
437 }
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]438 }
439
440 bool WaitForTracer() {
441 if (tracer == -1) {
442 errx(1, "tracer not started");
443 }
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]444
445 int result;
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]446 pid_t rc = TEMP_FAILURE_RETRY(waitpid(tracer, &result, 0));
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]447 if (rc != tracer) {
448 printf("waitpid returned %d (%s)\n", rc, strerror(errno));
449 return false;
450 }
451
452 if (!WIFEXITED(result) && !WIFSIGNALED(result)) {
453 printf("!WIFEXITED && !WIFSIGNALED\n");
454 return false;
455 }
456
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]457 if (WIFEXITED(result)) {
458 if (WEXITSTATUS(result) != 0) {
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]459 printf("tracer failed\n");
460 return false;
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]461 }
462 }
463
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]464 return true;
465 }
466
467 bool WaitForWorker() {
468 if (worker == -1) {
469 errx(1, "worker not started");
470 }
471
472 int result;
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]473 pid_t rc = TEMP_FAILURE_RETRY(waitpid(worker, &result, WNOHANG));
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]474 if (rc != 0) {
475 printf("worker exited prematurely\n");
476 return false;
477 }
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]478
479 worker_pipe_write.reset();
480
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]481 rc = TEMP_FAILURE_RETRY(waitpid(worker, &result, 0));
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]482 if (rc != worker) {
483 printf("waitpid for worker returned %d (%s)\n", rc, strerror(errno));
484 return false;
485 }
486
487 if (!WIFEXITED(result)) {
488 printf("worker didn't exit\n");
489 return false;
490 }
491
492 if (WEXITSTATUS(result) != 0) {
493 printf("worker exited with status %d\n", WEXITSTATUS(result));
494 return false;
495 }
496
497 return true;
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]498 }
499};
500
501static void wait_for_ptrace_stop(pid_t pid) {
502 while (true) {
503 int status;
504 pid_t rc = TEMP_FAILURE_RETRY(waitpid(pid, &status, __WALL));
505 if (rc != pid) {
506 abort();
507 }
508 if (WIFSTOPPED(status)) {
509 return;
510 }
511 }
512}
513
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]514TEST_F(PtraceResumptionTest, smoke) {
515 // Make sure that the worker doesn't exit before the tracer stops tracing.
516 StartTracer([this]() {
517 ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno);
518 ASSERT_EQ(0, ptrace(PTRACE_INTERRUPT, worker, 0, 0)) << strerror(errno);
519 wait_for_ptrace_stop(worker);
520 std::this_thread::sleep_for(500ms);
521 });
522
523 worker_pipe_write.reset();
524 std::this_thread::sleep_for(250ms);
525
526 int result;
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]527 ASSERT_EQ(0, TEMP_FAILURE_RETRY(waitpid(worker, &result, WNOHANG)));
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]528 ASSERT_TRUE(WaitForTracer());
Elliott Hughescabc77f2017-11-28 12:55:19 -0800[diff] [blame]529 ASSERT_EQ(worker, TEMP_FAILURE_RETRY(waitpid(worker, &result, 0)));
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]530}
531
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]532TEST_F(PtraceResumptionTest, seize) {
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]533 StartTracer([this]() { ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno); });
534 ASSERT_TRUE(WaitForTracer());
535 ASSERT_TRUE(WaitForWorker());
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]536}
537
538TEST_F(PtraceResumptionTest, seize_interrupt) {
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]539 StartTracer([this]() {
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]540 ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno);
541 ASSERT_EQ(0, ptrace(PTRACE_INTERRUPT, worker, 0, 0)) << strerror(errno);
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]542 wait_for_ptrace_stop(worker);
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]543 });
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]544 ASSERT_TRUE(WaitForTracer());
545 ASSERT_TRUE(WaitForWorker());
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]546}
547
548TEST_F(PtraceResumptionTest, seize_interrupt_cont) {
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]549 StartTracer([this]() {
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]550 ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno);
551 ASSERT_EQ(0, ptrace(PTRACE_INTERRUPT, worker, 0, 0)) << strerror(errno);
552 wait_for_ptrace_stop(worker);
553 ASSERT_EQ(0, ptrace(PTRACE_CONT, worker, 0, 0)) << strerror(errno);
554 });
Josh Gaobc055ca2017-03-29 15:01:15 -0700[diff] [blame]555 ASSERT_TRUE(WaitForTracer());
556 ASSERT_TRUE(WaitForWorker());
557}
558
559TEST_F(PtraceResumptionTest, zombie_seize) {
560 StartTracer([this]() { ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno); });
561 ASSERT_TRUE(WaitForWorker());
562 ASSERT_TRUE(WaitForTracer());
563}
564
565TEST_F(PtraceResumptionTest, zombie_seize_interrupt) {
566 StartTracer([this]() {
567 ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno);
568 ASSERT_EQ(0, ptrace(PTRACE_INTERRUPT, worker, 0, 0)) << strerror(errno);
569 wait_for_ptrace_stop(worker);
570 });
571 ASSERT_TRUE(WaitForWorker());
572 ASSERT_TRUE(WaitForTracer());
573}
574
575TEST_F(PtraceResumptionTest, zombie_seize_interrupt_cont) {
576 StartTracer([this]() {
577 ASSERT_EQ(0, ptrace(PTRACE_SEIZE, worker, 0, 0)) << strerror(errno);
578 ASSERT_EQ(0, ptrace(PTRACE_INTERRUPT, worker, 0, 0)) << strerror(errno);
579 wait_for_ptrace_stop(worker);
580 ASSERT_EQ(0, ptrace(PTRACE_CONT, worker, 0, 0)) << strerror(errno);
581 });
582 ASSERT_TRUE(WaitForWorker());
583 ASSERT_TRUE(WaitForTracer());
Josh Gao5e3fe952017-02-16 14:12:41 -0800[diff] [blame]584}