[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-panel-devel
Subject:    [Differential] [Request, 23 lines] D1425: Disallow ptrace on greeter and kwin_wayland process on Fre
From:       "tcberner (Tobias C. Berner)" <noreply () phabricator ! kde ! org>
Date:       2016-04-15 17:03:18
Message-ID: differential-rev-PHID-DREV-absrt3c7ffihoj3ba56m-req () phabricator ! kde ! org
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


tcberner created this revision.
tcberner added reviewers: rakuco, graesslin.
tcberner set the repository for this revision to rKWIN KWin.
Restricted Application added a project: Plasma.
Restricted Application added a subscriber: plasma-devel.

REVISION SUMMARY
  Similar to[[ https://phabricator.kde.org/D1216 |  https://phabricator.kde.org/D1216 \
]] add procctl call to disable ptrace on FreeBSD.  
  We cannot do the procfs-lookup to check whether the process is already being run \
inside gdb -- however, on FreeBSD, we could use the P_TRACED flag of the process to \
figure this out:  
  > sys/proc.h:#define P_TRACED        0x00800 /* Debugged process being traced. */
  
  And the code would look something similar to
  
    pid_t pid = getpid();
    struct procstat *prstat = procstat_open_sysctl();
    struct kinfo_proc *procinfo;
    unsigned int cnt;
    procinfo = procstat_getprocs(prstat, KERN_PROC_PID, pid, &cnt);
    long p_flags = procinfo->ki_flag;
    int p_traced = p_flags & P_TRACED; 
    if (p_traced != P_TRACED) {
        mode = PROC_TRACE_CTL_DISABLE;
        procctl(P_PID, getpid(), PROC_TRACE_CTL, &mode);
    }
    procstat_freeprocs(prstat,procinfo);
    procstat_close(prstat); 
  
  But as wayland is [far] in the future on FreeBSD, and that check above is a bit \
lengthy, I think it is enough if we add it once it is needed.

REPOSITORY
  rKWIN KWin

REVISION DETAIL
  https://phabricator.kde.org/D1425

AFFECTED FILES
  CMakeLists.txt
  config-kwin.h.cmake
  main_wayland.cpp

EMAIL PREFERENCES
  https://phabricator.kde.org/settings/panel/emailpreferences/

To: tcberner, rakuco, graesslin
Cc: plasma-devel, sebas


[Attachment #5 (text/html)]

<div>tcberner created this revision.<br />
tcberner added reviewers: rakuco, graesslin.<br />
tcberner set the repository for this revision to rKWIN KWin.<br />
Restricted Application added a project: Plasma.<br />
Restricted Application added a subscriber: plasma-devel.</div><br \
/><div><strong>REVISION SUMMARY</strong><div><p>Similar to[[ <a \
href="https://phabricator.kde.org/D1216" class="remarkup-link" target="_blank" \
rel="noreferrer">https://phabricator.kde.org/D1216</a> |  <a \
href="https://phabricator.kde.org/D1216" style="background-color: #e7e7e7;  \
border-color: #e7e7e7;  border-radius: 3px;
          padding: 0 4px;
          font-weight: bold;
          color: black;text-decoration: line-through;" rel="noreferrer">D1216</a> ]] \
add procctl call to disable ptrace on FreeBSD.</p>

<p>We cannot do the procfs-lookup to check whether the process is already being run \
inside gdb -- however, on FreeBSD, we could use the P_TRACED flag of the process to \
figure this out:</p>

<blockquote><p>sys/proc.h:#define P_TRACED        0x00800 /* Debugged process being \
traced. */</p></blockquote>

<p>And the code would look something similar to</p>

<div class="remarkup-code-block" data-code-lang="text" \
data-sigil="remarkup-code-block"><pre class="remarkup-code" style="border: 1px solid \
#f1c40f;  background: #fdf5d4;
          font-size: 10x;
          padding: 8px;">pid_t pid = getpid();
struct procstat *prstat = procstat_open_sysctl();
struct kinfo_proc *procinfo;
unsigned int cnt;
procinfo = procstat_getprocs(prstat, KERN_PROC_PID, pid, &amp;cnt);
long p_flags = procinfo-&gt;ki_flag;
int p_traced = p_flags &amp; P_TRACED; 
if (p_traced != P_TRACED) {
    mode = PROC_TRACE_CTL_DISABLE;
    procctl(P_PID, getpid(), PROC_TRACE_CTL, &amp;mode);
}
procstat_freeprocs(prstat,procinfo);
procstat_close(prstat);</pre></div>

<p>But as wayland is [far] in the future on FreeBSD, and that check above is a bit \
lengthy, I think it is enough if we add it once it is needed.</p></div></div><br \
/><div><strong>REPOSITORY</strong><div><div>rKWIN KWin</div></div></div><br \
/><div><strong>REVISION DETAIL</strong><div><a \
href="https://phabricator.kde.org/D1425" \
rel="noreferrer">https://phabricator.kde.org/D1425</a></div></div><br \
/><div><strong>AFFECTED FILES</strong><div><div>CMakeLists.txt<br /> \
config-kwin.h.cmake<br /> main_wayland.cpp</div></div></div><br /><div><strong>EMAIL \
PREFERENCES</strong><div><a \
href="https://phabricator.kde.org/settings/panel/emailpreferences/" \
rel="noreferrer">https://phabricator.kde.org/settings/panel/emailpreferences/</a></div></div><br \
/><div><strong>To: </strong>tcberner, rakuco, graesslin<br /><strong>Cc: \
</strong>plasma-devel, sebas<br /></div>


[Attachment #6 (text/plain)]

_______________________________________________
Plasma-devel mailing list
Plasma-devel@kde.org
https://mail.kde.org/mailman/listinfo/plasma-devel


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic