michalbednarski
commented
6 years ago Everything described here is just caused by fact that ptrace(PTRACE_TRACEME) was unavailable and not really proot's fault. (There wasn't problem with execve, just launch_process returned error and print_execve_help always prints message with execve - which wasn't called in that case)
In case of valgrind you've got quite clear message that it isn't able to support syscall 117 (which is ptrace on arm64). ptrace in valgrind is supported on multiple architectures but not on arm64 (where it has commented sys_ptrace handler lines since arm64 was introduced to valgrind).
In case of ltrace it is caused by fact that process cannot have multiple debuggers attached (you'll get same effect if you use strace -f) and that ltrace doesn't stays attached to child after fork (even if -f option for ltrace wasn't used it still traces children - just doesn't print results; ltrace detaches from them when they use execve)
Seccomp filtering doesn't play any role in this case as filters are not yet installed: problem happens during `ptrace(PTRACE_TRACEME) and filters are installed few lines later.
Note that gdb also won't work under ltrace (and probably arm64 valgrind as well):
$ ltrace -o /dev/null gdb true
GNU gdb (GDB) 8.1.1
Copyright (C) 2018 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "aarch64-linux-android".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from true...(no debugging symbols found)...done.
(gdb) run
Starting program: /data/data/com.termux/files/usr/bin/applets/true
warning: Could not trace the inferior process.
Error:
warning: ptrace: Operation not permitted
During startup program exited with code 127.
(gdb) quit
bbqz007
when i use valgrind with tool of callgrind to trace proot, it failed. the outputs are:
$ valgrind --tool=callgrind proot-gdb --link2symlink -0 -r debian -b /data:/data -b ~/termux:/termux -b ~/centos:/centos -b /sdcard -b /dev/ -b /proc/ -w /root /usr/bin/env -i HOME=/root PATH=/bin:/usr/bin:/sbin:/usr/sbin /bin/bash --login ==24848== Callgrind, a call-graph generating cache profiler ==24848== Copyright (C) 2002-2017, and GNU GPL'd, by Josef Weidendorfer et al. ==24848== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info ==24848== Command: proot-gdb --link2symlink -0 -r debian -b /data:/data -b /data/data/com.termux/files/home/termux:/termux -b /data/data/com.termux/files/home/centos:/centos -b /sdcard -b /dev/ -b /proc/ -w /root /usr/bin/env -i HOME=/root PATH=/bin:/usr/bin:/sbin:/usr/sbin /bin/bash --login ==24848== ==24848== For interactive control, run 'callgrind_control -h'. --24850-- WARNING: unhandled arm64-linux syscall: 117 --24850-- You may be able to write your own handler. --24850-- Read the file README_MISSING_SYSCALL_OR_IOCTL. --24850-- Nevertheless we consider this a bug. Please report --24850-- it at http://valgrind.org/support/bug_reports.html. proot error: ptrace(TRACEME): Function not implemented proot error: execve("/usr/bin/env"): Function not implemented proot info: possible causes:
proot-gdb --help. ==24850== ==24850== Events : Ir ==24850== Collected : 8098156 ==24850== ==24850== I refs: 8,098,156 --24848-- WARNING: unhandled arm64-linux syscall: 117 --24848-- You may be able to write your own handler. --24848-- Read the file README_MISSING_SYSCALL_OR_IOCTL. --24848-- Nevertheless we consider this a bug. Please report --24848-- it at http://valgrind.org/support/bug_reports.html. ==24848== ==24848== Events : Ir ==24848== Collected : 8026963 ==24848== ==24848== I refs: 8,026,963i read the codes and know that process proot (24848) launched the first child process env (24850) via function launch_process at tracee/event.c. ptrace and execve syscalls are filtered. they are in the beginning of code path of child process after fork.
the seccomp man page tells me that SECCOMP_RET_TRACE would result ENOSYS if these was no tracer.
i also tryed ltrace and strace. valgrind and ltrace failed for the same reasons, but strace does not have this problem.