[compiler-rt] [compiler-rt][rtsan] ptrace interception on Linux. (PR #123941)
David CARLIER via llvm-commits
llvm-commits at lists.llvm.org
Mon Feb 3 07:04:23 PST 2025
================
@@ -1319,6 +1323,39 @@ INTERCEPTOR(ssize_t, process_vm_writev, pid_t pid,
#define RTSAN_MAYBE_INTERCEPT_PROCESS_VM_WRITEV
#endif
+#if SANITIZER_INTERCEPT_PTRACE
+#if SANITIZER_MUSL
+INTERCEPTOR(long, ptrace, int request, ...) {
+#else
+INTERCEPTOR(long, ptrace, enum __ptrace_request request, ...) {
+#endif // SANITIZER_MUSL
+ __rtsan_notify_intercepted_call("ptrace");
+ va_list args;
+
+ // A handful of ptrace requests need an additional argument on Linux/sparc
+ // (e.g. PTRACE_READDATA) but we only intercept the standard calls at the
+ // moment. We might need to rework all if rtsan is supported on BSD,
+ // interfaces differ vastly, data is read in word size on Linux vs large
+ // chunks on freebsd and so on ...
+ va_start(args, request);
+ pid_t pid = va_arg(args, pid_t);
----------------
devnexen wrote:
prctl is often used to alter the current process behavior, e.g. PR_*_DUMPABLE/PR_*_NAME to name some of the most used, PR_*_THP_DISABLE you can typically find it in memory allocators for example. However, ptrace is really only for debugging, e.g. malware analysis or interacting with a debugger ; so it has definitively a less broad usage.
https://github.com/llvm/llvm-project/pull/123941
More information about the llvm-commits
mailing list