ptrace and pokerstars

I don't see what can simply be done here, as Linux kernel evolution forbids a debugger to attach to a running program

the "easy" solution would be to let wineserver get the ptrace capability

the other only viable solution would be to modify the current process startup scheme so that wineserver (which is the only place where we call ptrace) is the parent (or grand*-parent) of every wine process

anyway, issue is located in wineserver, not winedbg (so changed component)

From the wiki, it seems like this can be worked around with a runtime override:

This behavior is controlled via the /proc/sys/kernel/yama/ptrace_scope sysctl value. The default is "1" to block non-child ptrace. A value of "0" restores the prior more permissive behavior, which may be more appropriate for some development systems and servers with only admin accounts. Using "sudo" can also grant temporarily ptrace permissions via the CAP_SYS_PTRACE capability, though this method allows the ptrace of any process.

This can also probably be set with a variable in /etc/sysctl.d/

I don't think setting /proc/sys/kernel/yama/ptrace_scope is a viable workaround

let's consider three regular cases of wine usage:
A/ a program crashes, and default fault handler starts winedbg on this process
B/ a program sets its own stack unwinder (likely in a fault handler)
C/ a programmer fires winedbg foo

in all three cases above, the calls to ptrace are made inside wineserver, so, in all the cases, the unix process (wineserver) which does the calls to ptrace is the (grand*)-parent of the process being ptraced
as a conclusion, installing Wine on ubuntu should reset ptrace_scope to 0, which is not acceptable IMO to cover the cases A, B and C (setting ptrace_scope to 0 could be acceptable in usecase C, for developpers)

so we need a better (finer grain) solution:
- either rearchitecture Wine process management so that wineserver is always a (grand*)-parent of any wine process (oouch)
- rework the kernel evolution so that an exec can get the ptrace_scope capability (I assume gdb is likely to ask for the same stuff), and set it to wineserver

A+

Please note that this breaks World of Warcraft (all versions). With ptrace protection set to ON, logging in results in an instant crash.

(In reply to comment #3)
> I don't think setting /proc/sys/kernel/yama/ptrace_scope is a viable workaround
>
> let's consider three regular cases of wine usage:
> A/ a program crashes, and default fault handler starts winedbg on this process
> B/ a program sets its own stack unwinder (likely in a fault handler)
> C/ a programmer fires winedbg foo

I didn't analyse anything just yet but it just hit me that the crash-on-login is likely due to warden looking around the game.

Seeing as Warden is a different process than wow; with your solution, it would have the same grandparent (wineserver), but would it be looking at WoW's memory (a sister process) or wineserver's memory?
Wouldn't it still crash if it looked at WoW's memory?

Ubuntu has added prctl(PR_SET_PTRACER, debugger_pid, 0, 0, 0); as the way to declare PTRACE relationships for crash handlers (or wardens). For an example, see how kdelibs was patched:

http://launchpadlibrarian.net/51487035/kde4libs_4%3A4.4.90-0ubuntu2_4%3A4.4.90-0ubuntu3.diff.gz

It should be possible for a process to specify which process families are allowed to PTRACE it.

(In reply to comment #6)
> Ubuntu has added prctl(PR_SET_PTRACER, debugger_pid, 0, 0, 0); as the way to
> declare PTRACE relationships for crash handlers (or wardens). For an example,
> see how kdelibs was patched:
>
> http://launchpadlibrarian.net/51487035/kde4libs_4%3A4.4.90-0ubuntu2_4%3A4.4.90-0ubuntu3.diff.gz
>
> It should be possible for a process to specify which process families are
> allowed to PTRACE it.

Did PR_SET_PTRACER actually make it into the mainline kernel then? 0x59616d61 / "Yama" certainly looks magic.

Unfortunately no, PR_SET_PTRACER is not upstream yet. But that's what's nice about prctl(), it'll just ignore unknown options.

*** Bug 24401 has been marked as a duplicate of this bug. ***

Worst-case situation would be to have all Wine applications just give up PTRACE protections at start-time by declaring that init and all children can PTRACE_ATTACH:

#ifndef PR_SET_PTRACER
# define PR_SET_PTRACER 0x59616d61
#endif
prctl(PR_SET_PTRACER, 1, 0, 0, 0);

When switching to Maverick, I noticed many games ceased to work (such as Starcraft 2) ; I worked around the issue by editing /etc/sysctl.d/10-ptrace.conf and setting kernel.yama.ptrace_scope = 0.

Thanks for the tip, even though I guess this change may have other consequences...

(In reply to comment #11)
> When switching to Maverick, I noticed many games ceased to work (such as
> Starcraft 2) ; I worked around the issue by editing
> /etc/sysctl.d/10-ptrace.conf and setting kernel.yama.ptrace_scope = 0.
>
> Thanks for the tip, even though I guess this change may have other
> consequences...

The release notes for maverick meerkat comment on that ptrace change:
http://www.ubuntu.com/content/maverick-meerkat-alpha-3#Linux%20kernel%202.6.35

I committed a workaround, please test.

(In reply to comment #13)
> I committed a workaround, please test.

Works. "Fixed" by 9227eb2c9d6f0cecbabcb54cc25b5691f544b0f4.

Nominating for 1.2.1

*** This bug has been confirmed by popular vote. ***

Closing bugs fixed in 1.3.4.

Removing 1.2.x milestone from bugs fixed in 1.2.1.

Running 10.10... updated ptrace... Stuck at 'connected'...

Initially would get the WINE error... after ptrace fix; was able to put credentials in... now, stuck at 'connected'.... Anyone else with similar issues?

I'm realy new to Ubuntu and Linux. I've changed my OS from Mac and I'm really happy about it but I have no clue how to debug. Can anyone explain step by step how I use this debug in Ubuntu?

This issue has been fixed in Wine, if you're still having problems in Ubuntu go here: https://bugs.launchpad.net/ubuntu/+source/wine1.2/+bug/632206 -- the package has not yet hit the automatic updates, however there are instructions there for enabling the proposed updates repository and giving a test result so it can happen automatically for others.

It should be noted that this Ubuntu breakage will make some of the Wine
regression tests impossible.

Alright. I downloaded the new Wine 1.3 and the stuff works. Counter strike still runs slow in the in game play, but I'm not sure if thats wine or my computer. I will try it on a different (bigger) mac and see if that works better. Thank you so much for the help.

Nicolai

*** Bug 24140 has been marked as a duplicate of this bug. ***

Posting here to help other people like me who had been searching for the correct bug report about yet another ptrace breakage that happen in Ubuntu 12.04+: it is bug #30410.