From d228fdf4773dceeaa39f7c0ab59cfb7a12bba684 Mon Sep 17 00:00:00 2001 From: sgf Date: Fri, 24 Nov 2023 15:50:55 +0300 Subject: [PATCH] chg(ptrace): Add trace with TRACEME. --- .../guide_to_syscalls/myStrace/ptrace-chain.c | 33 ++++++++++++++----- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/containers_from_scratch/guide_to_syscalls/myStrace/ptrace-chain.c b/containers_from_scratch/guide_to_syscalls/myStrace/ptrace-chain.c index e52f0c2..9b2ed72 100644 --- a/containers_from_scratch/guide_to_syscalls/myStrace/ptrace-chain.c +++ b/containers_from_scratch/guide_to_syscalls/myStrace/ptrace-chain.c @@ -15,20 +15,26 @@ // https://stackoverflow.com/questions/2359581/calling-ptrace-inside-a-ptraced-linux-process // https://stackoverflow.com/questions/18437779/do-i-need-to-do-anything-with-a-sigchld-handler-if-i-am-just-using-wait-to-wai +#define TRACEME + extern const char * const sys_siglist[]; static pid_t child_pid = 0; +#ifndef TRACEME // Whether SIGSTOP send to tracee right after PTRACE_ATTACH was seen or not. static bool attach_stop = false; +#else +static bool attach_stop = true; +#endif // Is tracee now inside syscall (syscall-enter-stop was seen) or outside // (the last syscall-stop was syscall-exit-stop). static bool in_syscall = false; // How to restart ptrace-stopped tracee. -const enum __ptrace_request ptrace_restart = PTRACE_SYSCALL; -//const enum __ptrace_request ptrace_restart = PTRACE_CONT; +//const enum __ptrace_request ptrace_restart = PTRACE_SYSCALL; +const enum __ptrace_request ptrace_restart = PTRACE_CONT; // Representation of each process. typedef struct worker { @@ -107,7 +113,7 @@ static void child_has_stopped(pid_t cpid, int status) { pref = realloc(pref, n_pref); snprintf(pref, n_pref, "[Child %d] (%d)", cpid, csig); - if (csig == SIGTRAP|0x80) { + if (csig == (SIGTRAP|0x80)) { printf("%s: Child is traced and and is about to receive '%s' (%d|0x80 = %d)\n", pref, sys_siglist[csig^0x80], csig^0x80, csig); } else { printf("%s: Child is traced and and is about to receive '%s' (%d)\n", pref, sys_siglist[csig], csig); @@ -213,9 +219,9 @@ static void child_has_stopped(pid_t cpid, int status) { printf("%s: STOP: stop signal after attach\n", pref); attach_stop = true; printf("%s: STOP: Enabling event tracing\n", pref); - //if(ptrace(PTRACE_SETOPTIONS, child_pid, NULL, PTRACE_O_TRACEEXIT) == -1) { if(ptrace(PTRACE_SETOPTIONS, child_pid, NULL, PTRACE_O_TRACEEXIT | PTRACE_O_TRACESYSGOOD) == -1) { + //PTRACE_O_TRACEEXIT) == -1) { perror("ptrace setopts"); abort(); } @@ -326,7 +332,8 @@ int main(int argc, char **argv){ int i = 0; char *myname = workers[i].name; void (*mywork) (char*) = workers[i].work; - printf("pid%s = %d\n", myname, getpid()); + pid_t mypid = getpid(); + printf("pid%s = %d\n", myname, mypid); for (++i; i < n_workers; i++) { char *childname = workers[i].name; @@ -335,18 +342,28 @@ int main(int argc, char **argv){ if (child_pid) { printf("pid%s = %d\n", childname, child_pid); - sleep(1); - printf("[%d]: attaching to %s..\n", getpid(), childname); + sleep(2); +#ifndef TRACEME + printf("[%d]: attaching to %s..\n", mypid, childname); if(ptrace(PTRACE_ATTACH, child_pid, NULL, NULL) == -1){ perror("PTRACE_ATTACH"); } +#endif break; } else { myname = workers[i].name; mywork = workers[i].work; - printf("%s: My pid %d\n", myname, getpid()); + mypid = getpid(); + printf("%s: My pid %d\n", myname, mypid); +#ifdef TRACEME + printf("[%d]: requesting trace from parent %d and raising SIGSTOP\n", mypid, getppid()); + if(ptrace(PTRACE_TRACEME, 0, NULL, NULL) == -1){ + perror("PTRACE_TRACEME"); + } + raise(SIGSTOP); +#endif } } -- 2.20.1