Disable tracing on FreeBSD using procctl. (OpenSSH Portable 8.8)
Bryan Drewery
bdrewery at FreeBSD.org
Sat Oct 16 04:00:28 AEDT 2021
On 10/14/2021 5:44 PM, Darren Tucker wrote:
> On Fri, 15 Oct 2021 at 10:48, mike tancsa <mike at sentex.net> wrote:
>> With the commit below, OpenSSH portable 8.8 doesnt seem to work
>> with sftp on FreeBSD with RELENG_12 and RELENG_13. sftp errors out with
>>
>> sftp-server[89445]: fatal: unable to make the process untraceable
>
> As a data point,our github CI tests on FreeBSD 12 & 13 VMs and our
> test suite passes on them. I have confirmed that both set
> HAVE_PROCCTL and that the code is being compiled in and just run a
> manual test on 13 which worked.
>
> FreeBSD fbsd12 12.2-RELEASE-p3 FreeBSD 12.2-RELEASE-p3 GENERIC amd64
>
> FreeBSD fbsd13 13.0-RELEASE FreeBSD 13.0-RELEASE #0
> releng/13.0-n244733-ea31abc261f: Fri Apr 9 04:24:09 UTC 2021
> root at releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC
> amd64
>
I think the tests may need to be improved as pid==0 represents a pseudo
kernel process.
> #include <sys/procctl.h>
> #include <err.h>
> #include <unistd.h>
>
> int
> main(void)
> {
> int disable_trace = PROC_TRACE_CTL_DISABLE;
>
> if (procctl(P_PID, getpid(), PROC_TRACE_CTL, &disable_trace))
> err(1, "procctl");
>
> return 0;
> }
With 0 it runs through truss fine. (Which I don't think it should but
I'll take that up with FreeBSD)
> procctl(P_PID,0,PROC_TRACE_CTL,0x7fffffffe478) = 0 (0x0)
With getpid() truss gives an error since the process is already traced.
> getpid() = 77976 (0x13098)
> procctl(P_PID,77976,PROC_TRACE_CTL,0x7fffffffe478) ERR#16 'Device busy'
--
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20211015/6ffe3fda/attachment-0001.asc>
More information about the openssh-unix-dev
mailing list