From 2f9046fb059e94fe254c9a4ff5bcd52182069e44 Mon Sep 17 00:00:00 2001
From: Stefan Liebler <stli@linux.ibm.com>
Date: Wed, 18 Sep 2019 12:40:00 +0200
Subject: Add UNSUPPORTED check in elf/tst-pldd.

The testcase forks a child process and runs pldd with PID of
this child.  On systems where /proc/sys/kernel/yama/ptrace_scope
differs from zero, pldd will fail with
/usr/bin/pldd: cannot attach to process 3: Operation not permitted

This patch checks if ptrace_scope exists, is zero "classic ptrace permissions"
or one "restricted ptrace".  If ptrace_scope exists and has a higher
restriction, then the test is marked as UNSUPPORTED.

The case "restricted ptrace" is handled by rearranging the processes involved
during the test.  Now we have the following process tree:
-parent: do_test (performs output checks)
--subprocess 1: pldd_process (becomes pldd via execve)
---subprocess 2: target_process (ptraced via pldd)

ChangeLog:

	* elf/tst-pldd.c (do_test): Add UNSUPPORTED check.
	Rearrange subprocesses.
	(pldd_process): New function.
	* support/Makefile (libsupport-routines): Add support_ptrace.
	* support/xptrace.h: New file.
	* support/support_ptrace.c: Likewise.
---
 support/Makefile         |  1 +
 support/support_ptrace.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
 support/xptrace.h        | 32 ++++++++++++++++++++++++++++++++
 3 files changed, 77 insertions(+)
 create mode 100644 support/support_ptrace.c
 create mode 100644 support/xptrace.h

(limited to 'support')

diff --git a/support/Makefile b/support/Makefile
index be90043..ca238ee 100644
--- a/support/Makefile
+++ b/support/Makefile
@@ -56,6 +56,7 @@ libsupport-routines = \
   support_format_hostent \
   support_format_netent \
   support_isolate_in_subprocess \
+  support_ptrace \
   support_openpty \
   support_paths \
   support_quote_blob \
diff --git a/support/support_ptrace.c b/support/support_ptrace.c
new file mode 100644
index 0000000..616b08c
--- /dev/null
+++ b/support/support_ptrace.c
@@ -0,0 +1,44 @@
+/* Support functions handling ptrace_scope.
+   Copyright (C) 2019 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <support/check.h>
+#include <support/xstdio.h>
+#include <support/xptrace.h>
+#include <sys/prctl.h>
+
+int
+support_ptrace_scope (void)
+{
+  int ptrace_scope = -1;
+
+#ifdef __linux__
+  /* YAMA may be not enabled.  Otherwise it contains a value from 0 to 3:
+     - 0 classic ptrace permissions
+     - 1 restricted ptrace
+     - 2 admin-only attach
+     - 3 no attach  */
+  FILE *f = fopen ("/proc/sys/kernel/yama/ptrace_scope", "r");
+  if (f != NULL)
+    {
+      TEST_COMPARE (fscanf (f, "%d", &ptrace_scope), 1);
+      xfclose (f);
+    }
+#endif
+
+  return ptrace_scope;
+}
diff --git a/support/xptrace.h b/support/xptrace.h
new file mode 100644
index 0000000..7af8926
--- /dev/null
+++ b/support/xptrace.h
@@ -0,0 +1,32 @@
+/* Support functions handling ptrace_scope.
+   Copyright (C) 2019 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#ifndef SUPPORT_PTRACE_H
+#define SUPPORT_PTRACE_H
+
+#include <sys/cdefs.h>
+
+__BEGIN_DECLS
+
+/* Return the current YAMA mode set on the machine (0 to 3) or -1
+   if YAMA is not supported.  */
+int support_ptrace_scope (void);
+
+__END_DECLS
+
+#endif
-- 
cgit v1.1