strace.spec: lower CentOS version requirement for pkgconfig(bluez)
bluez-libs-devel provides pkgconfig(bluez) and the actual headers both
in RHEL 6 and RHEL 7, so the version condition for enablement
of pkgconfig(bluez) in spec file can be lowered. However, the package
in question is in the "optional" repository in RHEL, and there seems to be
no easy way to enable it in OBS (where this spec file is mainly used)
so only %centos check is actually changed for now.
* strace.spec.in: Change "0%{?centos} >= 8" to "0%{?centos} >= 6"
for "BuildRequires: pkgconfig(bluez)" enablement.
strace.1.in: try to be more clear with -e trace=class deprecation notice
It was reported that the current way of labelling of the percent-less
-e trace=class syntax variant may be confusing, as it can be read
as deprecation of the whole option and not specific syntax; try to be
more clear by moving the deprecation notices into the option
descriptions.
* strace.1.in (.SS Filtering): Move the deprecation notice
of -e trace={file,process,network,signal,ipc,desc,memory} syntax
to the descriptions of the respective options.
Dmitry V. Levin [Thu, 15 Aug 2019 20:23:19 +0000 (20:23 +0000)]
Fix syscall tampering when PTRACE_GET_SYSCALL_INFO is in use on some architectures
When PTRACE_GET_SYSCALL_INFO is in use on those architectures
that invoke set_regs in arch_set_scno, get_regs is not called,
so it has to be invoked explicitly before tampering.
Dmitry V. Levin [Thu, 15 Aug 2019 20:23:19 +0000 (20:23 +0000)]
sparc, sparc64: fix redundant get_regs invocation
An explicit get_regs invocation was added to arch_set_error and
arch_set_success on sparc/sparc64 by commit v5.2~27 in attempt to fix
syscall tampering on these architectures when PTRACE_GET_SYSCALL_INFO
is in use.
That change, however, did not fix the bug because set_error and
set_success already invoke get_regs on all architectures where
ptrace_setregset_or_setregs is defined, this includes sparc and sparc64.
* linux/sparc/set_error.c (sparc_set_o0_psr): Do not invoke get_regs.
* linux/sparc64/set_error.c (sparc64_set_o0_tstate): Likewise.
* NEWS (5.2): Remove the statement about syscall tampering fix
on sparc and sparc64 when PTRACE_GET_SYSCALL_INFO is in use.
Replace direct usage of err_name/errnoent with print_err
Introduce print_err function that prints error number respecting current
xlat verbosity settings, and switch err_name/errnoent callers to use
this new function instead.
* defs.h (err_name): Remove.
(print_err): New declaration.
* print_fields.h (PRINT_FIELD_ERR_D, PRINT_FIELD_ERR_U): New macros.
* syscall.c (err_name): Add static qualifier, change argument type
to uint64_t.
(print_err): New function.
* keyctl.c (keyctl_reject_key): Use print_err for printing error
argument.
* net.c (print_get_error): Use print_err for printing err.
* numa.c (print_status): Use print_err for printing errno.
* netlink.c: Include "print_fields.h".
(decode_nlmsgerr): Use PRINT_FIELD_ERR_D for printing errno field.
* printsiginfo.c: Include "print_fields.h".
(print_si_info): Use PRINT_FIELD_ERR_U for printing si_errno field.
* ptrace_syscall_info.c (print_ptrace_syscall_info): Use
PRINT_FIELD_ERR_D for printing info.exit.rval.
* tests/pidfd_send_signal.c (main): Update expected output.
* tests/ptrace.c (main): Likewise.
Co-Authored-by: Dmitry V. Levin <ldv@altlinux.org>
Dmitry V. Levin [Tue, 13 Aug 2019 11:06:57 +0000 (11:06 +0000)]
xlat: update *_MAGIC constants
* xlat/fsmagic.in (Z3FOLD_MAGIC): New constant introduced
by Linux kernel commit v5.3-rc1~31^2~30.
(DMA_BUF_MAGIC): New constant introduced by Linux kernel commit
v5.3-rc1~22^2~20^2~42.
* NEWS: Mention this.
Dmitry V. Levin [Tue, 13 Aug 2019 11:06:57 +0000 (11:06 +0000)]
xlat: update KEYCTL_* constants
* xlat/keyctl_commands.in (KEYCTL_PKEY_QUERY, KEYCTL_PKEY_ENCRYPT,
KEYCTL_PKEY_DECRYPT, KEYCTL_PKEY_SIGN, KEYCTL_PKEY_VERIFY): New
constants introduced by Linux kernel commit v4.20-rc1~29^2~20.
(KEYCTL_MOVE): New constant introduced by Linux kernel commit
v5.3-rc1~189^2~3.
(KEYCTL_CAPABILITIES): New constant introduced by Linux kernel commit
v5.3-rc1~189^2.
* NEWS: Mention this.
Dmitry V. Levin [Sun, 11 Aug 2019 13:11:10 +0000 (13:11 +0000)]
xlat: update SO_* constants
* xlat/sock_options.in (SO_BINDTOIFINDEX): New constant introduced
by Linux commit v5.1-rc1~178^2~508.
(SO_RCVTIMEO_NEW, SO_SNDTIMEO_NEW): New constants introduced by Linux
commit v5.1-rc1~178^2~363^2.
(SO_DETACH_REUSEPORT_BPF): New constant introduced by Linux commit
v5.3-rc1~140^2~179^2~12.
syscall: track syscall system time a bit more explicitly
Before, it relied on implicit assumptions that syscall-exit event is
right the next one after syscall-enter. Also, there's some additional
debugging output that might help someone someday.
* count.c (count_syscall): Calculate system time as difference of tcp's
stime and ltime.
* defs.h (struct tcb): Add ltime, atime fields, remove dtime.
* strace.c (droptcb): Print total system time spent by a tcb.
(startup_tcb): Store initial system time in atime.
(next_event): Update stime directly.
* syscall.c (syscall_entering_finish): Store current system time in
tcb's ltime field.
(syscall_exiting_finish): Likewise.
* count.c (zero_ts): New variable.
(count_syscall): Calculate the spent time in the wts variable, then add
it to cc->time.
(call_summary_pers): Do not perform overhead correction.
* count.c (set_overhead): Change argument type to const char *, call
parse_ts to parse it and set to overhead.
* defs.h (set_overhead): Update declaration.
* strace.c: (init) <case 'O'>: do not parse argument, pass optarg to
set_overhead call.
* tests/count.test (GENERIC, WALLCLOCK, WALLCLOCK1, HALFCLOCK): New
variables with expected patterns.
Add checks for the new -O syntax.
* delay.c (fill_delay_data): Change intval argument to struct timespec
*val, assign val to ts.
* delay.h (fill_delay_data): Update function declaration.
* filter_qualify.c (parse_delay_token): Parse input with parse_ts,
supply the resulting struct timespec to fill_delay_data.
* tests/delay.c (check_): New function for providing diagnostic in case
of check failure.
(check_delay): Use it.
* tests/delay.test: Check new delay syntax.
* count.c (time_cmp. syscall_cmp): Change arguments type
to "const void *", change indices cast type to "unsigned int *".
(count cmp): Likewise. Change count variables type to unsigned int.
(sortfun): Specify types of arguments.
Co-Authored-by: Dmitry V. Levin <ldv@altlinux.org>
Control ID space is hierarchical, so, higher bits provide information
about control class.
* v4l2.c (print_v4l2_cid): New function.
(print_v4l2_control): Use print_v4l2_cid for printing control ID field.
* tests/ioctl_v4l2.c: Add checks for control ID printing.
* syslog.c (SYS_FUNC(syslog)): Store conversion to int of tcp->u_arg[2]
in len; print address using printaddr64 (as syslog doesn't use compat
for x32), and third argument as int (as it has this type in the syscall
handler).
* tests/syslog.c: Add checks.
syslog: do not print bufp and len for commands that ignore them
* syslog.c (SYS_FUNC(syslog)): Defer printing of comma after the first
argument to the specific command handlers, return RVAL_DECODED without
additional printing for SYSLOG_ACTION_CLOSE, SYSLOG_ACTION_OPEN,
SYSLOG_ACTION_CLEAR, SYSLOG_ACTION_CONSOLE_OFF,
SYSLOG_ACTION_CONSOLE_ON, SYSLOG_ACTION_SIZE_UNREAD,
SYSLOG_ACTION_SIZE_BUFFER.
* tests/syslog.c: Add checks.
* strace.1.in (.SH SYNOPSIS): add second "-q", "-w", second "-y", "-z",
and "-Z" to normal call variant; add "-w", "-z" and "-Z" to syscall
statistics call variant.
The current implementation doesn't work as intended since in case the
condition is false, .ig has no effect and it results in "warning: macro
'end_unwind_opt' not defined". Rewrite it into something more dumb and
verbose, but hopefully correct.
* strace.1.in (.SH SYNOPSYS, .SS Output format): Prepend each
conditional line with respective ".if" instead of trying to wrap
it in ".ig".
* strace.1.in (.SH OPTIONS): Insert ".SS General" at the beginning of
the section; move ".SS Startup" after ".SS General"; move ".SS Tracing"
after ".SS Startup"; move ".SS Filtering" after ".SS Startup"; insert
".SS Tampering" after ".SS Statistics"; move "-e expr" from ".SS
Filtering" to ".SS General"; move "-e abbrev", "-e verbose", "-e raw",
"-e read", "-e write", "-e kvm=vcpu" and "-v" from ".SS Filtering"
to ".SS Output format"; move "-e inject" and "-e fault" from
".SS Filtering" to ".SS Tampering".
Pierre Marsais [Sun, 4 Aug 2019 15:39:29 +0000 (16:39 +0100)]
Fix invalid free in trace_close_memstream
In maybe_switch_tcbs we exchange the pointers to the memstream's buffers
between 2 tcb, however the libc doesn't know and keeps updating the
tcb->memfptr as if the exchange didn't happen. This leads to
unsynchronized tcb->memfptr and tcb->outf and invalid frees.
Adding a new indirection fixes the problem.
* stage_output.c (struct staged_output_data): New struct.
(strace_open_memstream, strace_close_memstream): Use it.
* defs.h (struct tcb): Replace real_outf, memfptr, and memfloc
with a pointer to struct staged_output_data.
* strace.c (maybe_switch_tcbs): Use it.
* syscall.c (print_syscall_resume): Ditto.
Signed-off-by: Pierre Marsais <pierre.marsais@lse.epita.fr>
Jeremy Kerr [Fri, 2 Aug 2019 03:01:29 +0000 (11:01 +0800)]
net: Fix access beyond tracee buffer for MSG_TRUNC receives
The recv(), recvfrom() and recvmsg() calls allow a MSG_TRUNC flag, which
indicates that the kernel should return the available size of an
incoming message, rather than the received size.
When strace-ing a truncated recv(), strace will try to access a
return-value size area of the tracee's buffer, which may be larger than
the actual buffer:
Rename struct xlat to struct xlat_data and make struct xlat an xlat
descriptor that contains various information about xlat.
So far it's the type and the number of items.
As a result, xlookup/printxval now have enough information for handling
xlat depending on its type, so *index/*_search API is not needed any
longer.
* xlat.h (struct xlat_data): Rename from struct xlat.
(struct xlat): New type definition.
* xlat.c (xlat_search, printxval_sized, printxval_searchn_ex, xlat_idx,
printxval_indexn_ex, printxval_dispatch_ex): Remove.
(xlookup): Handle xlat_data based on xlat type.
(xlat_search_eq_or_less, xlookup_le): New functions.
(sprintflags_ex, printflags_ex): Update.
* xlat/gen.sh (gen_header): Add handling for #sorted, generate new
struct xlat descriptor.
* defs.h (arp_hardware_types_size, ethernet_protocols_size,
inet_protocols_size, evdev_abs_size, xlat_search, xlat_idx,
printxval_searchn_ex, printxval_searchn, printxval_search,
printxval_search_ex, printxval_indexn_ex, printxval_indexn,
printxval_index, printxval_index_ex, printxval_dispatch_ex,
printxval_dispatch): Remove.
(enum xlat_style_private_flag_bits): Remove PAF_INDEX_XLAT_SORTED_BIT
and PAF_INDEX_XLAT_VALUE_INDEXED_BIT.
(enum xlat_style_private_flag): Remove PAF_INDEX_XLAT_SORTED and
PAF_INDEX_XLAT_VALUE_INDEXED.
(print_array_ex): Remove index_xlat_size argument.
(xlookup_le): New declaration.
(printxval_ex): New macro.
* dyxlat.c (struct dyxlat): Remove used field (use xlat.size instead),
embed struct xlat, add pointer to struct xlat_data.
(MARK_END): Remove.
(dyxlat_alloc, dyxlat_free, dyxlat_get, dyxlat_add_pair): Update in
accordance with the structure changes.
* evdev.c (evdev_abs_size): Remove.
(keycode_ioctl): Use printxval instead of printxval_index.
(decode_bitset): Remove.
(decode_bitset_): Rename to decode_bitset, remove decode_nr_size and xt
arguments, call printxval instead of printxval_dispatch.
(bit_ioctl, evdev_read_ioctl): Do not pass xlat type to decode_bitset.
* fsconfig.c (SYS_FUNC(fsconfig)): Use printxval instead of
printxval_index.
* print_fields.h (PRINT_FIELD_XVAL_SORTED_SIZED,
PRINT_FIELD_XVAL_INDEX): Remove.
* nlattr.h (struct decode_nla_xlat_opts): Remove xlat_size and xt
fields.
* nlattr.c (decode_nla_meminfo): Do not pass
PAF_INDEX_XLAT_VALUE_INDEXED flag and netlink_sk_meminfo_indices size
in a print_array_ex call.
(decode_nla_xval): Call printxval_ex instead of printxval_dispatch_ex.
(decode_nla_ether_proto, decode_nla_ip_proto): Do not pass xlat_size and
xt fields in opts.
(decode_nla_flags): Remove XT_INDEXED unsupported warning.
* process.c (struct_user_offsets_data): Rename from struct_user_offsets,
change type to struct xlat_data[].
(struct_user_offsets): New xlat description.
(print_user_offset_addr): Rewrite using xlookup_le.
* util.c (print_array_ex): Remove index_xlat_size argument, simply call
printxval_ex for index printing.
* aio.c (tprint_lio_opcode): Use printxval_ex instead of
printxval_indexn_ex.
* bpf.c: Use printxval instead of printxval_index; use PRINT_FIELD_XVAL
instead of PRINT_FIELD_XVAL_INDEX.
* bpf_filter.c (print_bpf_filter_code): Use printxval instead of
printxval_index.
* ioctl.c (evdev_decode_number): Use printxval instead of
printxval_indexn.
* kvm.c (kvm_ioctl_decode_check_extension): Use printxval64 instead of
printxval_index.
(kvm_ioctl_run_attach_auxstr): Use xlookup instead of xlat_idx.
* net.c: Use printxval instead of printxval_search/printxval_index, use
printxval_ex instead of printxval_searchn_ex.
* netlink.c (get_fd_nl_family): Rewrite using xlat descriptor structure.
* netlink_packet_diag.c (decode_packet_diag_msg): Use PRINT_FIELD_XVAL
instead of PRINT_FIELD_XVAL_SORTED_SIZED.
* netlink_smc_diag.c (decode_smc_diag_shutdown): Remove ARRSZ_PAIR
wrapper.
(decode_smc_diag_fallback): Use printxval_ex instead of
printxval_search_ex.
(decode_smc_diag_msg): Use PRINT_FIELD_XVAL instead of
PRINT_FIELD_XVAL_INDEX.
* print_statfs.c (print_statfs_type): Use printxval instead of
printxval_search.
* ptrace_syscall_info.c (print_ptrace_syscall_info): Use
PRINT_FIELD_XVAL instead of PRINT_FIELD_XVAL_INDEX.
* rtnl_link.c (decode_ifla_inet6_flags, decode_ifla_inet6_agm):
Likewise.
(decode_nla_tun_type, decode_ifla_xdp_attached): Remove xlat_size,
xt fields.
(decode_ifla_inet_conf, decode_ifla_inet6_conf, decode_ifla_inet6_stats,
decode_ifla_inet6_icmp6_stats): Remove PAF_INDEX_XLAT_VALUE_INDEXED flag
and ARRSZ_PAIR wrapper in print_array_ex calls.
(decode_ifinfomsg): Use PRINT_FIELD_XVAL instead of
PRINT_FIELD_XVAL_SORTED_SIZED.
* rtnl_route.c (decode_nla_rt_proto): Use printxval instead of
printxval_search.
* sock.c (print_ifreq): Use PRINT_FIELD_XVAL instead of
PRINT_FIELD_XVAL_SORTED_SIZED.
* sockaddr.c (print_sockaddr_data_ll, print_sockaddr_data_bt,
print_sockaddr): Use printxval instead of printxval_search and
printxval_index.
* time.c (getitimer, osf_getitimer, setitimer, osf_setitimer,
printclockname): Use printxval instead of printxval_index.
(do_adjtimex): Use xlookup instead of xlat_idx.
* tests/btrfs.c: Update xlat handling, use struct xlat_data instead of
struct xlat for XLAT() arrays.
* tests/ioctl_block.c: Likewise.
* tests/ioctl_rtc.c: Likewise.
* tests/printflags.c: Likewise.
* tests/printxval.c: Likewise.
* tests/prlimit64.c: Likewise.
* tests/setrlimit.c: Likewise.
* tests/socketcall.c: Likewise.
* tests/xgetrlimit.c: Likewise.
* tests/xstatfsx.c: Likewise.
* xlat/af_packet_versions.in: Add #value_indexed.
* xlat/arp_hardware_types.in: Add #sorted.
* xlat/ax25_protocols.in: Likewise.
* xlat/bluetooth_l2_cid.in: Likewise.
* xlat/bluetooth_l2_psm.in: Likewise.
* xlat/ethernet_protocols.in: Likewise.
* xlat/evdev_ff_types.in: Likewise.
* xlat/fsmagic.in: Likewise.
* xlat/hw_breakpoint_type.in: Likewise.
* xlat/iffflags.in: Likewise.
* xlat/inet6_if_flags.in: Likewise.
* xlat/inet_protocols.in: Likewise.
* xlat/msgctl_flags.in: Likewise.
* xlat/perf_hw_cache_id.in: Likewise.
* xlat/perf_hw_cache_op_id.in: Likewise.
* xlat/perf_hw_cache_op_result_id.in: Likewise.
* xlat/perf_hw_id.in: Likewise.
* xlat/perf_sw_ids.in: Likewise.
* xlat/perf_type_id.in: Likewise.
* xlat/routing_protocols.in: Likewise.
* xlat/semctl_flags.in: Likewise.
* xlat/shmctl_flags.in: Likewise.
* xlat/smc_decl_codes.in: Likewise.
* xlat/sock_ax25_options.in: Likewise.
* xlat/sock_bluetooth_options.in: Likewise.
* xlat/sock_dccp_options.in: Likewise.
* xlat/sock_tipc_options.in: Likewise.
* xlat/socketlayers.in: Likewise.
* xlat/v4l2_control_classes.in: Likewise.
* xlat/v4l2_pix_fmts.in: Likewise.
* xlat/v4l2_sdr_fmts.in: Likewise.
Co-Authored-by: Dmitry V. Levin <ldv@altlinux.org>
* defs.h [!MAX_ADDR_LEN] (MAX_ADDR_LEN): New macro.
(sprint_hwaddr): New declaration.
(print_hwaddr): New inline function, a wrapper for sprint_hwaddr.
* print_fields.h (PRINT_FIELD_HWADDR_SZ): New macro.
* print_mac.c: Include "xlat/arp_hardware_types.h" under
XLAT_MACROS_ONLY.
[!MAX_ADDR_LEN] (MAX_ADDR_LEN): Remove.
(sprint_hwaddr): New function.
* sock.c (print_ifreq) <SIOCSIFHWADDR, SIOCGIFHWADDR>: Print hardware
address using PRINT_FIELD_HWADDR_SZ.
open: implement sprint_open_modes using sprintflags_ex
* defs.h (sprintflags_ex): Add "sep" argument.
(sprintflags): Pass '\0' in "sep" argument.
* open.c (sprint_open_modes): Use sprintflags_ex for printing
open_mode_flags.
* xlat.c (sprintflags_ex): Add "sep" argument, use it as initial
separator (if not nul).
The current syslog test covers only those cases where the type parameter
is one of SYSLOG_ACTION_READ, SYSLOG_ACTION_READ_ALL,
SYSLOG_ACTION_READ_CLEAR as per codecov.
Add test case to cover the default case.
* tests/syslog.c (SYSLOG_ACTION_SIZE_BUFFER): New macro.
(main): Check SYSLOG_ACTION_SIZE_BUFFER decoding.
* xlat/aio_iocb_flags.in: New file.
* defs.h (pollflags, rwf_flags): New declarations.
* configure.ac (AC_CHECK_MEMBERS): Check for aio_flags and aio_rw_flags
fields of struct iocb.
* aio.c [HAVE_STRUCT_IOCB_AIO_FLAGS]: Include "xlat/aio_iocb_flags.h".
(AIO_RW_FLAGS_FIELD): New macro definition, defined based on the
presence of HAVE_STRUCT_IOCB_AIO_RW_FLAGS macro.
(iocb_sub): Add SUB_POLL.
(tprint_lio_opcode): Change IOCB_CMD_POLL subtype to SUB_POLL.
(print_common_flags): Conditionalize on HAVE_STRUCT_IOCB_AIO_FLAGS
instead of IOCB_FLAG_RESFD. Print aio_flags using aio_iocb_flags xlat.
(print_iocb_header): Always print aio_data. Print aio_rw_flags if it
is non-zero. Print aio_reqprio based on the presence of
IOCB_FLAG_IOPRIO flag in aio_flags (use print_ioprio if it set and print
as a signed integer otherwise).
(print_iocb): Decode SUB_POLL subtype.
* tests/aio.c: Update expected output.
Co-Authored-by: Dmitry V. Levin <ldv@altlinux.org>
tests: serialize bpf-obj_get_info_by_fd based executables
Concurrent execution of many bpf-obj_get_info_by_fd based tests may
lead to a temporary resource shortage that causes them to fail with
the following error diagnostics:
BPF_MAP_CREATE failed: Operation not permitted
Avoid this issue by serializing execution of all relevant tests.
* tests/lock_file.c: New file.
* tests/Makefile.am (libtests_a_SOURCES): Add lock_file.c
* tests/tests.h (lock_file_by_dirname): New prototype.
* tests/bpf-obj_get_info_by_fd.c (main): Call lock_file_by_dirname
to obtain an exclusive lock on bpf-obj_get_info_by_fd executable.
* tests/ioctl_evdev-success-v.test: Inject various values.
* tests/ioctl_evdev-success.test: Likewise.
* tests/ioctl_evdev-success.c (NUM_WORDS): New macro.
(struct evdev_check): Constify arg_ptr and print_arg args.
(invoke_test_syscall, test_evdev, print_input_absinfo, print_input_id,
print_mtslots): Add const qualifiers.
(print_getbit): Add const qualifiers, rewrite to expect trailing NULL
in the string array instead of leading string count.
(main): Set size for ev_more, ev_less, ev_zero arrays; replace leading
count element in ev_more_str, ev_less_str, ev_zero_str with trailing
NULL; replace ev_more_str and ev_less_str with ev_more_str_2/ev_less_str_2
and ev_more_str_3/ev_less_str_3 that differ by presence of flags that reside
beyond first two bytes; add static and const qualifiers where possible;
add key/key_sts_8/key_str_16 values; update a to provide either ev_more_str_2
or ev_more_str_3 and either key_str_8 or key_str_16 depending on inject_retval
value.