sys-apps/sandbox/files/sandbox-2.11-retry-PTRACE_GETREGS.patch - third_party/overlays/chromiumos-overlay - Git at Google

 From 9b5da65034da5489edcd0c12330bbf3faf032d71 Mon Sep 17 00:00:00 2001
 From: Jian Cai <jiancai@google.com>
 Date: Thu, 1 Apr 2021 11:37:15 -0700
 Subject: [PATCH] libsandbox: retry ptrace when PTRACE_GETREGS is used.

 Call ptrace again if it fails when the request type is PTRACE_GETREGS.

 Signed-off-by: Jian Cai <jiancai@google.com>
 ---
  libsandbox/trace.c    | 12 +++++++++++-
  libsandbox/wrappers.h |  2 ++
  2 files changed, 13 insertions(+), 1 deletion(-)

 diff --git a/libsandbox/trace.c b/libsandbox/trace.c
 index 3efef23..c87c4eb 100644
 --- a/libsandbox/trace.c
 +++ b/libsandbox/trace.c
 @@ -56,6 +56,7 @@ static void trace_exit(int status)
  static long _do_ptrace(sb_ptrace_req_t request, const char *srequest, void *addr, void *data)
  {
  	long ret;
 +	bool retried = false;
   try_again:
  	errno = 0;
  	ret = ptrace(request, trace_pid, addr, data);
 @@ -74,11 +75,20 @@ static long _do_ptrace(sb_ptrace_req_t request, const char *srequest, void *addr
  			 * That's not something the sandbox should abort on. #560396
  			 */
  			return ret;
 -		} else if (!errno)
 +		} else if (!errno) {
  			if (request == PTRACE_PEEKDATA ||
  			    request == PTRACE_PEEKTEXT ||
  			    request == PTRACE_PEEKUSER)
  				return ret;
 +			// Retry once when PTRACE_GETREGS is used. #1188969
 +			if (request == PTRACE_GETREGS) {
 +				if (!retried && (random() % 10) != 0) {
 +					retried = true;
 +					goto try_again;
 +				}
 +				sb_unwrapped_system("(set -x; uname -a; ps af -o pgid,ppid,pid,etime,cputime,%cpu,command; dmesg | tail -n100;) >/dev/tty 2>&1");
 +			}
 +		}

  		sb_ebort("ISE:_do_ptrace: ptrace(%s, ..., %p, %p): %s\n",
  			srequest, addr, data, strerror(errno));
 diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
 index bf5bf64..5f4ac2a 100644
 --- a/libsandbox/wrappers.h
 +++ b/libsandbox/wrappers.h
 @@ -21,6 +21,8 @@ attribute_hidden char *sb_unwrapped_getcwd (char *, size_t);
  attribute_hidden int   sb_unwrapped_open   (const char *, int, mode_t);
  #define                sb_unwrapped_popen  sb_unwrapped_popen_DEFAULT
  attribute_hidden FILE *sb_unwrapped_popen  (const char *, const char *);
 +#define                sb_unwrapped_system sb_unwrapped_system_DEFAULT
 +attribute_hidden int   sb_unwrapped_system  (const char *);

  attribute_hidden bool sb_fopen_pre_check    (const char *func, const char *pathname, const char *mode);
  attribute_hidden bool sb_fopen64_pre_check  (const char *func, const char *pathname, const char *mode);
 --
 2.31.1.498.g6c1eba8ee3d-goog
	From 9b5da65034da5489edcd0c12330bbf3faf032d71 Mon Sep 17 00:00:00 2001
	From: Jian Cai <jiancai@google.com>
	Date: Thu, 1 Apr 2021 11:37:15 -0700
	Subject: [PATCH] libsandbox: retry ptrace when PTRACE_GETREGS is used.

	Call ptrace again if it fails when the request type is PTRACE_GETREGS.

	Signed-off-by: Jian Cai <jiancai@google.com>
	---
	libsandbox/trace.c \| 12 +++++++++++-
	libsandbox/wrappers.h \| 2 ++
	2 files changed, 13 insertions(+), 1 deletion(-)

	diff --git a/libsandbox/trace.c b/libsandbox/trace.c
	index 3efef23..c87c4eb 100644
	--- a/libsandbox/trace.c
	+++ b/libsandbox/trace.c
	@@ -56,6 +56,7 @@ static void trace_exit(int status)
	static long _do_ptrace(sb_ptrace_req_t request, const char srequest, void addr, void *data)
	{
	long ret;
	+ bool retried = false;
	try_again:
	errno = 0;
	ret = ptrace(request, trace_pid, addr, data);
	@@ -74,11 +75,20 @@ static long _do_ptrace(sb_ptrace_req_t request, const char srequest, void addr
	* That's not something the sandbox should abort on. #560396
	*/
	return ret;
	- } else if (!errno)
	+ } else if (!errno) {
	if (request == PTRACE_PEEKDATA \|\|
	request == PTRACE_PEEKTEXT \|\|
	request == PTRACE_PEEKUSER)
	return ret;
	+ // Retry once when PTRACE_GETREGS is used. #1188969
	+ if (request == PTRACE_GETREGS) {
	+ if (!retried && (random() % 10) != 0) {
	+ retried = true;
	+ goto try_again;
	+ }
	+ sb_unwrapped_system("(set -x; uname -a; ps af -o pgid,ppid,pid,etime,cputime,%cpu,command; dmesg \| tail -n100;) >/dev/tty 2>&1");
	+ }
	+ }

	sb_ebort("ISE:_do_ptrace: ptrace(%s, ..., %p, %p): %s\n",
	srequest, addr, data, strerror(errno));
	diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
	index bf5bf64..5f4ac2a 100644
	--- a/libsandbox/wrappers.h
	+++ b/libsandbox/wrappers.h
	@@ -21,6 +21,8 @@ attribute_hidden char sb_unwrapped_getcwd (char , size_t);
	attribute_hidden int sb_unwrapped_open (const char *, int, mode_t);
	#define sb_unwrapped_popen sb_unwrapped_popen_DEFAULT
	attribute_hidden FILE sb_unwrapped_popen (const char , const char *);
	+#define sb_unwrapped_system sb_unwrapped_system_DEFAULT
	+attribute_hidden int sb_unwrapped_system (const char *);

	attribute_hidden bool sb_fopen_pre_check (const char func, const char pathname, const char *mode);
	attribute_hidden bool sb_fopen64_pre_check (const char func, const char pathname, const char *mode);
	--
	2.31.1.498.g6c1eba8ee3d-goog