[PATCH v6 2/6] arm64: ptrace: allow tracer to skip a system call
Will Deacon
will.deacon at arm.com
Fri Oct 3 08:23:28 PDT 2014
On Wed, Oct 01, 2014 at 12:08:05PM +0100, AKASHI Takahiro wrote:
> Will,
>
> When I was looking into syscall_trace_exit() more closely, I found
> another (big) problem.
> There are two system calls, execve() and rt_sigreturn(), which change
> 'syscallno' in pt_regs to -1 in start_thread() and restore_sigframe(),
> respectively.
>
> Since syscallno is not valid anymore in syscall_trace_exit() for these
> system calls, we cannot create a correct syscall exit record for tracepoint
> in trace_sys_exit() (=> ftrace_syscall_exit()) and for audit in audit_syscall_exit().
>
> This does not happen on arm because syscall numbers are kept in
> thread_info on arm.
>
> How can we deal with this issue?
How is this handled on other architectures? x86, for example, seems to zero
orig_ax when restoring the sigcontext, but leaves it alone in start_thread.
What is the impact of this problem? AFAICT, we just miss some exits, right
(as opposed to an OOPs or the like)?
Will
More information about the linux-arm-kernel
mailing list