[Bug 24193] New: Winedbg does not work on Ubuntu Maverick (ptrace protection)
http://bugs.winehq.org/show_bug.cgi?id=24193 Summary: Winedbg does not work on Ubuntu Maverick (ptrace protection) Product: Wine Version: 1.3.1 Platform: x86-64 OS/Version: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: winedbg AssignedTo: wine-bugs(a)winehq.org ReportedBy: adys.wh(a)gmail.com https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#PTRACE%20Protec... Offending kernel commit: http://kernel.ubuntu.com/git?p=kees/linux-2.6.git;a=commit;h=11617d9baedfa56... Winedbg breaks with "Internal errors - invalid parameters received" because of this. It makes debugging in Maverick pretty much impossible. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |austinenglish(a)gmail.com -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Jerome Leclanche <adys.wh(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, source -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Jerome Leclanche <adys.wh(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- URL| |https://wiki.ubuntu.com/Sec | |urityTeam/Roadmap/KernelHar | |dening#PTRACE%20Protection -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Eric Pouech <eric.pouech(a)orange.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |eric.pouech(a)orange.fr Component|winedbg |wineserver --- Comment #1 from Eric Pouech <eric.pouech(a)orange.fr> 2010-08-29 02:29:31 CDT --- I don't see what can simply be done here, as Linux kernel evolution forbids a debugger to attach to a running program the "easy" solution would be to let wineserver get the ptrace capability the other only viable solution would be to modify the current process startup scheme so that wineserver (which is the only place where we call ptrace) is the parent (or grand*-parent) of every wine process anyway, issue is located in wineserver, not winedbg (so changed component) -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Scott Ritchie <scott(a)open-vote.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |scott(a)open-vote.org --- Comment #2 from Scott Ritchie <scott(a)open-vote.org> 2010-08-29 17:46:27 CDT ---
From the wiki, it seems like this can be worked around with a runtime override:
This behavior is controlled via the /proc/sys/kernel/yama/ptrace_scope sysctl value. The default is "1" to block non-child ptrace. A value of "0" restores the prior more permissive behavior, which may be more appropriate for some development systems and servers with only admin accounts. Using "sudo" can also grant temporarily ptrace permissions via the CAP_SYS_PTRACE capability, though this method allows the ptrace of any process. This can also probably be set with a variable in /etc/sysctl.d/ -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #3 from Eric Pouech <eric.pouech(a)orange.fr> 2010-09-01 14:35:56 CDT --- I don't think setting /proc/sys/kernel/yama/ptrace_scope is a viable workaround let's consider three regular cases of wine usage: A/ a program crashes, and default fault handler starts winedbg on this process B/ a program sets its own stack unwinder (likely in a fault handler) C/ a programmer fires winedbg foo in all three cases above, the calls to ptrace are made inside wineserver, so, in all the cases, the unix process (wineserver) which does the calls to ptrace is the (grand*)-parent of the process being ptraced as a conclusion, installing Wine on ubuntu should reset ptrace_scope to 0, which is not acceptable IMO to cover the cases A, B and C (setting ptrace_scope to 0 could be acceptable in usecase C, for developpers) so we need a better (finer grain) solution: - either rearchitecture Wine process management so that wineserver is always a (grand*)-parent of any wine process (oouch) - rework the kernel evolution so that an exec can get the ptrace_scope capability (I assume gdb is likely to ask for the same stuff), and set it to wineserver A+ -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #4 from Jerome Leclanche <adys.wh(a)gmail.com> 2010-09-06 13:20:15 CDT --- Please note that this breaks World of Warcraft (all versions). With ptrace protection set to ON, logging in results in an instant crash. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #5 from Jerome Leclanche <adys.wh(a)gmail.com> 2010-09-12 05:40:58 CDT --- (In reply to comment #3)
I don't think setting /proc/sys/kernel/yama/ptrace_scope is a viable workaround
let's consider three regular cases of wine usage: A/ a program crashes, and default fault handler starts winedbg on this process B/ a program sets its own stack unwinder (likely in a fault handler) C/ a programmer fires winedbg foo
I didn't analyse anything just yet but it just hit me that the crash-on-login is likely due to warden looking around the game. Seeing as Warden is a different process than wow; with your solution, it would have the same grandparent (wineserver), but would it be looking at WoW's memory (a sister process) or wineserver's memory? Wouldn't it still crash if it looked at WoW's memory? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Jerome Leclanche <adys.wh(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Winedbg does not work on |ptrace protection in Ubuntu |Ubuntu Maverick (ptrace |10.10 breaks debuggers |protection) |(affects winedbg, wow, ...) -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Kees Cook <kees(a)outflux.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kees(a)outflux.net --- Comment #6 from Kees Cook <kees(a)outflux.net> 2010-09-13 10:10:51 CDT --- Ubuntu has added prctl(PR_SET_PTRACER, debugger_pid, 0, 0, 0); as the way to declare PTRACE relationships for crash handlers (or wardens). For an example, see how kdelibs was patched: http://launchpadlibrarian.net/51487035/kde4libs_4%3A4.4.90-0ubuntu2_4%3A4.4.... It should be possible for a process to specify which process families are allowed to PTRACE it. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #7 from Henri Verbeet <hverbeet(a)gmail.com> 2010-09-13 12:10:59 CDT --- (In reply to comment #6)
Ubuntu has added prctl(PR_SET_PTRACER, debugger_pid, 0, 0, 0); as the way to declare PTRACE relationships for crash handlers (or wardens). For an example, see how kdelibs was patched:
http://launchpadlibrarian.net/51487035/kde4libs_4%3A4.4.90-0ubuntu2_4%3A4.4....
It should be possible for a process to specify which process families are allowed to PTRACE it.
Did PR_SET_PTRACER actually make it into the mainline kernel then? 0x59616d61 / "Yama" certainly looks magic. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #8 from Kees Cook <kees(a)outflux.net> 2010-09-13 12:25:49 CDT --- Unfortunately no, PR_SET_PTRACER is not upstream yet. But that's what's nice about prctl(), it'll just ignore unknown options. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Thomas Spear <Speeddymon(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rmlipman(a)gmail.com --- Comment #9 from Thomas Spear <Speeddymon(a)gmail.com> 2010-09-14 13:01:06 CDT --- *** Bug 24401 has been marked as a duplicate of this bug. *** -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #10 from Kees Cook <kees(a)outflux.net> 2010-09-14 14:04:40 CDT --- Worst-case situation would be to have all Wine applications just give up PTRACE protections at start-time by declaring that init and all children can PTRACE_ATTACH: #ifndef PR_SET_PTRACER # define PR_SET_PTRACER 0x59616d61 #endif prctl(PR_SET_PTRACER, 1, 0, 0, 0); -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Mahen <mahen(a)free.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mahen(a)free.fr --- Comment #11 from Mahen <mahen(a)free.fr> 2010-09-24 06:18:26 CDT --- When switching to Maverick, I noticed many games ceased to work (such as Starcraft 2) ; I worked around the issue by editing /etc/sysctl.d/10-ptrace.conf and setting kernel.yama.ptrace_scope = 0. Thanks for the tip, even though I guess this change may have other consequences... -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Pascal Hartig <boyerchen(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |boyerchen(a)gmail.com --- Comment #12 from Pascal Hartig <boyerchen(a)gmail.com> 2010-09-25 05:24:56 CDT --- (In reply to comment #11)
When switching to Maverick, I noticed many games ceased to work (such as Starcraft 2) ; I worked around the issue by editing /etc/sysctl.d/10-ptrace.conf and setting kernel.yama.ptrace_scope = 0.
Thanks for the tip, even though I guess this change may have other consequences...
The release notes for maverick meerkat comment on that ptrace change: http://www.ubuntu.com/content/maverick-meerkat-alpha-3#Linux%20kernel%202.6.... -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Alex Stanev <alex(a)stanev.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |alex(a)stanev.org -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #13 from Alexandre Julliard <julliard(a)winehq.org> 2010-09-30 12:40:58 CDT --- I committed a workaround, please test. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Jerome Leclanche <adys.wh(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution| |FIXED --- Comment #14 from Jerome Leclanche <adys.wh(a)gmail.com> 2010-09-30 12:57:39 CDT --- (In reply to comment #13)
I committed a workaround, please test.
Works. "Fixed" by 9227eb2c9d6f0cecbabcb54cc25b5691f544b0f4. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Scott Ritchie <scott(a)open-vote.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |1.2.x --- Comment #15 from Scott Ritchie <scott(a)open-vote.org> 2010-09-30 14:35:37 CDT --- Nominating for 1.2.1 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Bálint Magyar <jeghegy(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever Confirmed|0 |1 --- Comment #16 from Bálint Magyar <jeghegy(a)gmail.com> 2010-10-01 11:54:30 CDT --- *** This bug has been confirmed by popular vote. *** -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 maryandcohbb(a)aol.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |maryandcohbb(a)aol.com -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #17 from Alexandre Julliard <julliard(a)winehq.org> 2010-10-01 13:57:00 CDT --- Closing bugs fixed in 1.3.4. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Alexandre Julliard <julliard(a)winehq.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|1.2.x |--- --- Comment #18 from Alexandre Julliard <julliard(a)winehq.org> 2010-10-08 10:40:13 CDT --- Removing 1.2.x milestone from bugs fixed in 1.2.1. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 search66(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |search66(a)gmail.com --- Comment #19 from search66(a)gmail.com 2010-10-09 07:31:20 CDT --- Running 10.10... updated ptrace... Stuck at 'connected'... Initially would get the WINE error... after ptrace fix; was able to put credentials in... now, stuck at 'connected'.... Anyone else with similar issues? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Nicolai Funch <nicolaifunch(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nicolaifunch(a)gmail.com --- Comment #20 from Nicolai Funch <nicolaifunch(a)gmail.com> 2010-10-10 13:35:46 CDT --- I'm realy new to Ubuntu and Linux. I've changed my OS from Mac and I'm really happy about it but I have no clue how to debug. Can anyone explain step by step how I use this debug in Ubuntu? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #21 from Scott Ritchie <scott(a)open-vote.org> 2010-10-10 17:29:20 CDT --- This issue has been fixed in Wine, if you're still having problems in Ubuntu go here: https://bugs.launchpad.net/ubuntu/+source/wine1.2/+bug/632206 -- the package has not yet hit the automatic updates, however there are instructions there for enabling the proposed updates repository and giving a test result so it can happen automatically for others. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #22 from Dmitry Timoshkov <dmitry(a)codeweavers.com> 2010-10-11 05:53:42 CDT --- It should be noted that this Ubuntu breakage will make some of the Wine regression tests impossible. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #23 from Nicolai Funch <nicolaifunch(a)gmail.com> 2010-10-11 07:43:24 CDT --- Alright. I downloaded the new Wine 1.3 and the stuff works. Counter strike still runs slow in the in game play, but I'm not sure if thats wine or my computer. I will try it on a different (bigger) mac and see if that works better. Thank you so much for the help. Nicolai -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Jerome Leclanche <adys.wh(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Fixed by SHA1| |9227eb2c9d6f0cecbabcb54cc25 | |b5691f544b0f4 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 --- Comment #24 from Jerome Leclanche <adys.wh(a)gmail.com> 2011-10-26 06:22:33 CDT --- *** Bug 24140 has been marked as a duplicate of this bug. *** -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Damir Črnila <cadcapricorn(a)hotmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |cadcapricorn(a)hotmail.com -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=24193 Alexey Loukianov <mooroon2(a)mail.ru> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mooroon2(a)mail.ru --- Comment #25 from Alexey Loukianov <mooroon2(a)mail.ru> 2012-05-29 04:35:34 CDT --- Posting here to help other people like me who had been searching for the correct bug report about yet another ptrace breakage that happen in Ubuntu 12.04+: it is bug #30410. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org