Process monitor minor tweaks

This commit is contained in:
topjohnwu 2019-05-26 02:35:12 -07:00
parent 23d3e56967
commit 92400ebcab

View File

@ -159,8 +159,8 @@ static void setup_inotify() {
// Setup inotify asynchronous I/O // Setup inotify asynchronous I/O
fcntl(inotify_fd, F_SETFL, O_ASYNC); fcntl(inotify_fd, F_SETFL, O_ASYNC);
struct f_owner_ex ex = { struct f_owner_ex ex = {
.type = F_OWNER_TID, .type = F_OWNER_TID,
.pid = gettid() .pid = gettid()
}; };
fcntl(inotify_fd, F_SETOWN_EX, &ex); fcntl(inotify_fd, F_SETOWN_EX, &ex);
@ -285,6 +285,7 @@ static void term_thread(int) {
static void detach_pid(int pid, int signal = 0) { static void detach_pid(int pid, int signal = 0) {
char path[128]; char path[128];
attaches[pid] = false;
xptrace(PTRACE_DETACH, pid, nullptr, signal); xptrace(PTRACE_DETACH, pid, nullptr, signal);
// Detach all child threads too // Detach all child threads too
@ -318,10 +319,6 @@ static bool check_pid(int pid) {
if (strncmp(cmdline, "zygote", 6) == 0) if (strncmp(cmdline, "zygote", 6) == 0)
return false; return false;
/* This process is fully initialized, we will stop
* tracing it no matter if it is a target or not. */
attaches[pid] = false;
sprintf(path, "/proc/%d", pid); sprintf(path, "/proc/%d", pid);
struct stat st; struct stat st;
lstat(path, &st); lstat(path, &st);
@ -415,11 +412,11 @@ void proc_monitor() {
/* This mean we have nothing to wait, sleep /* This mean we have nothing to wait, sleep
* and wait till signal interruption */ * and wait till signal interruption */
LOGD("proc_monitor: nothing to monitor, wait for signal\n"); LOGD("proc_monitor: nothing to monitor, wait for signal\n");
struct timespec timespec = { struct timespec ts = {
.tv_sec = INT_MAX, .tv_sec = INT_MAX,
.tv_nsec = 0 .tv_nsec = 0
}; };
nanosleep(&timespec, nullptr); nanosleep(&ts, nullptr);
} }
continue; continue;
} }
@ -430,12 +427,13 @@ void proc_monitor() {
attaches[pid] = false; attaches[pid] = false;
detaches[pid] = false; detaches[pid] = false;
ptrace(PTRACE_DETACH, pid, 0, 0); ptrace(PTRACE_DETACH, pid, 0, 0);
PTRACE_LOG("detach\n");
} }
}); });
if (!WIFSTOPPED(status) || detaches[pid]) {
PTRACE_LOG("detached\n"); if (!WIFSTOPPED(status) /* Ignore if not ptrace-stop */ || detaches[pid])
DETACH_AND_CONT; DETACH_AND_CONT;
}
if (WSTOPSIG(status) == SIGTRAP && WEVENT(status)) { if (WSTOPSIG(status) == SIGTRAP && WEVENT(status)) {
unsigned long msg; unsigned long msg;
xptrace(PTRACE_GETEVENTMSG, pid, nullptr, &msg); xptrace(PTRACE_GETEVENTMSG, pid, nullptr, &msg);
@ -449,13 +447,11 @@ void proc_monitor() {
break; break;
case PTRACE_EVENT_EXIT: case PTRACE_EVENT_EXIT:
PTRACE_LOG("zygote exited with status: [%d]\n", msg); PTRACE_LOG("zygote exited with status: [%d]\n", msg);
[[fallthrough]];
default:
zygote_map.erase(pid); zygote_map.erase(pid);
DETACH_AND_CONT; DETACH_AND_CONT;
default:
PTRACE_LOG("unknown event: %d\n", WEVENT(status));
break;
} }
xptrace(PTRACE_CONT, pid);
} else { } else {
switch (WEVENT(status)) { switch (WEVENT(status)) {
case PTRACE_EVENT_CLONE: case PTRACE_EVENT_CLONE:
@ -465,14 +461,13 @@ void proc_monitor() {
break; break;
case PTRACE_EVENT_EXEC: case PTRACE_EVENT_EXEC:
case PTRACE_EVENT_EXIT: case PTRACE_EVENT_EXIT:
PTRACE_LOG("exited or execve\n"); PTRACE_LOG("exit or execve\n");
DETACH_AND_CONT; [[fallthrough]];
default: default:
PTRACE_LOG("unknown event: %d\n", WEVENT(status)); DETACH_AND_CONT;
break;
} }
xptrace(PTRACE_CONT, pid);
} }
xptrace(PTRACE_CONT, pid);
} else if (WSTOPSIG(status) == SIGSTOP) { } else if (WSTOPSIG(status) == SIGSTOP) {
PTRACE_LOG("SIGSTOP from child\n"); PTRACE_LOG("SIGSTOP from child\n");
xptrace(PTRACE_SETOPTIONS, pid, nullptr, xptrace(PTRACE_SETOPTIONS, pid, nullptr,