Re: [uml-devel] [patch] 3.6rc1 tracehook

Richard Weinberger Mon, 06 Aug 2012 09:06:59 -0700

Am 06.08.2012 17:37, schrieb Renzo Davoli:
> ---
> diff -Naur linux-3.6-rc1/arch/um/include/asm/ptrace-generic.h 
> linux-3.6-rc1.tracehook/arch/um/include/asm/ptrace-generic.h
> --- linux-3.6-rc1/arch/um/include/asm/ptrace-generic.h        2012-08-03 
> 01:38:10.000000000 +0200
> +++ linux-3.6-rc1.tracehook/arch/um/include/asm/ptrace-generic.h      
> 2012-08-06 14:43:01.000000000 +0200
> @@ -37,7 +37,7 @@
>  
>  extern int arch_copy_tls(struct task_struct *new);
>  extern void clear_flushed_tls(struct task_struct *task);
> -extern void syscall_trace_enter(struct pt_regs *regs);
> +extern int syscall_trace_enter(struct pt_regs *regs);
>  extern void syscall_trace_leave(struct pt_regs *regs);
>  
>  #endif
> diff -Naur linux-3.6-rc1/arch/um/include/shared/kern_util.h 
> linux-3.6-rc1.tracehook/arch/um/include/shared/kern_util.h
> --- linux-3.6-rc1/arch/um/include/shared/kern_util.h  2012-08-03 
> 01:38:10.000000000 +0200
> +++ linux-3.6-rc1.tracehook/arch/um/include/shared/kern_util.h        
> 2012-08-06 14:43:40.000000000 +0200
> @@ -57,7 +57,6 @@
>  extern unsigned long to_irq_stack(unsigned long *mask_out);
>  extern unsigned long from_irq_stack(int nested);
>  
> -extern void syscall_trace(struct uml_pt_regs *regs, int entryexit);
>  extern int singlestepping(void *t);
>  
>  extern void segv_handler(int sig, struct siginfo *unused_si, struct 
> uml_pt_regs *regs);
> diff -Naur linux-3.6-rc1/arch/um/kernel/ptrace.c 
> linux-3.6-rc1.tracehook/arch/um/kernel/ptrace.c
> --- linux-3.6-rc1/arch/um/kernel/ptrace.c     2012-08-03 01:38:10.000000000 
> +0200
> +++ linux-3.6-rc1.tracehook/arch/um/kernel/ptrace.c   2012-08-06 
> 14:45:07.000000000 +0200
> @@ -163,7 +163,7 @@
>   * XXX Check PT_DTRACE vs TIF_SINGLESTEP for singlestepping check and
>   * PT_PTRACED vs TIF_SYSCALL_TRACE for syscall tracing check
>   */
> -void syscall_trace_enter(struct pt_regs *regs)
> +int syscall_trace_enter(struct pt_regs *regs)
>  {
>       audit_syscall_entry(HOST_AUDIT_ARCH,
>                           UPT_SYSCALL_NR(&regs->regs),
> @@ -173,9 +173,9 @@
>                           UPT_SYSCALL_ARG4(&regs->regs));
>  
>       if (!test_thread_flag(TIF_SYSCALL_TRACE))
> -             return;
> +             return 0;
>  
> -     tracehook_report_syscall_entry(regs);
> +     return tracehook_report_syscall_entry(regs);
>  }
>  
>  void syscall_trace_leave(struct pt_regs *regs)
> diff -Naur linux-3.6-rc1/arch/um/kernel/skas/syscall.c 
> linux-3.6-rc1.tracehook/arch/um/kernel/skas/syscall.c
> --- linux-3.6-rc1/arch/um/kernel/skas/syscall.c       2012-08-03 
> 01:38:10.000000000 +0200
> +++ linux-3.6-rc1.tracehook/arch/um/kernel/skas/syscall.c     2012-08-06 
> 14:46:35.000000000 +0200
> @@ -18,23 +18,24 @@
>       long result;
>       int syscall;
>  
> -     syscall_trace_enter(regs);
> +     if (syscall_trace_enter(regs) == 0)
> +     {
> +             /*
> +              * This should go in the declaration of syscall, but when I do 
> that,
> +              * strace -f -c bash -c 'ls ; ls' breaks, sometimes not tracing
> +              * children at all, sometimes hanging when bash doesn't see the 
> first
> +              * ls exit.
> +              * The assembly looks functionally the same to me.  This is
> +              *     gcc version 4.0.1 20050727 (Red Hat 4.0.1-5)
> +              * in case it's a compiler bug.
> +              */
> +             syscall = UPT_SYSCALL_NR(r);
> +             if ((syscall >= NR_SYSCALLS) || (syscall < 0))
> +                     result = -ENOSYS;
> +             else result = EXECUTE_SYSCALL(syscall, regs);
>  
> -     /*
> -      * This should go in the declaration of syscall, but when I do that,
> -      * strace -f -c bash -c 'ls ; ls' breaks, sometimes not tracing
> -      * children at all, sometimes hanging when bash doesn't see the first
> -      * ls exit.
> -      * The assembly looks functionally the same to me.  This is
> -      *     gcc version 4.0.1 20050727 (Red Hat 4.0.1-5)
> -      * in case it's a compiler bug.
> -      */
> -     syscall = UPT_SYSCALL_NR(r);
> -     if ((syscall >= NR_SYSCALLS) || (syscall < 0))
> -             result = -ENOSYS;
> -     else result = EXECUTE_SYSCALL(syscall, regs);
> -
> -     PT_REGS_SET_SYSCALL_RETURN(regs, result);
> +             PT_REGS_SET_SYSCALL_RETURN(regs, result);
> +     }
>  
>       syscall_trace_leave(regs);


Hmm, is it a good idea to call syscall_trace_leave() in any case?
E.g. if syscall_trace_enter() fails for whatever reason...

Thanks,
//richard

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] [patch] 3.6rc1 tracehook

Reply via email to