On Sun, Nov 06, 2022 at 09:34:05AM -0500, Ed Maste wrote:
> On Sat, 5 Nov 2022 at 21:02, Darren Tucker <dtucker@xxxxxxxxxxx> wrote:
> >
> > Maybe it should try the "0" version, then if that fails try the
> > getpid() version and only then fail if "strict" is set?
>
> Ah, yes that sounds like the way to do it, and with no extra overhead
> for the usual (recent kernel) case. Something like this?
I had something similar but a bit more compact and commented. Does this
also work?
diff --git a/platform-tracing.c b/platform-tracing.c
index c2810f2d..a8ce078b 100644
--- a/platform-tracing.c
+++ b/platform-tracing.c
@@ -32,6 +32,7 @@
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
+#include <unistd.h>
#include "log.h"
@@ -39,10 +40,16 @@ void
platform_disable_tracing(int strict)
{
#if defined(HAVE_PROCCTL) && defined(PROC_TRACE_CTL)
- /* On FreeBSD, we should make this process untraceable */
+ /*
+ * On FreeBSD, we should make this process untraceable.
+ * pid=0 means "this process" and but some older kernels do not
+ * understand that, so retry with our own pid before failing.
+ */
int disable_trace = PROC_TRACE_CTL_DISABLE;
- if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) && strict)
+ if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) == -1 &&
+ procctl(P_PID, getpid(), PROC_TRACE_CTL, &disable_trace) == -1 &&
+ strict)
fatal("unable to make the process untraceable: %s",
strerror(errno));
#endif
--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
