ptrace: Migrate to use SYSCALL_TRACE flag (64c19ba2) · Commits · EulixOS / Software / Kernel

include/asm-generic/syscall.h

+8 −7

Original line number	Diff line number	Diff line
		@@ -43,7 +43,7 @@ int syscall_get_nr(struct task_struct task, struct pt_regs regs);
		* @regs: task_pt_regs() of @task
		*
		* It's only valid to call this when @task is stopped for system
		* call exit tracing (due to TIF_SYSCALL_TRACE or TIF_SYSCALL_AUDIT),
		* call exit tracing (due to %SYSCALL_WORK_SYSCALL_TRACE or TIF_SYSCALL_AUDIT),
		* after tracehook_report_syscall_entry() returned nonzero to prevent
		* the system call from taking place.
		*
		@@ -63,7 +63,7 @@ void syscall_rollback(struct task_struct task, struct pt_regs regs);
		* Returns 0 if the system call succeeded, or -ERRORCODE if it failed.
		*
		* It's only valid to call this when @task is stopped for tracing on exit
		* from a system call, due to %TIF_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		* from a system call, due to %SYSCALL_WORK_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		*/
		long syscall_get_error(struct task_struct task, struct pt_regs regs);

		@@ -76,7 +76,7 @@ long syscall_get_error(struct task_struct task, struct pt_regs regs);
		* This value is meaningless if syscall_get_error() returned nonzero.
		*
		* It's only valid to call this when @task is stopped for tracing on exit
		* from a system call, due to %TIF_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		* from a system call, due to %SYSCALL_WORK_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		*/
		long syscall_get_return_value(struct task_struct task, struct pt_regs regs);

		@@ -93,7 +93,7 @@ long syscall_get_return_value(struct task_struct task, struct pt_regs regs);
		* code; the user sees a failed system call with this errno code.
		*
		* It's only valid to call this when @task is stopped for tracing on exit
		* from a system call, due to %TIF_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		* from a system call, due to %SYSCALL_WORK_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		*/
		void syscall_set_return_value(struct task_struct task, struct pt_regs regs,
		int error, long val);
		@@ -108,7 +108,7 @@ void syscall_set_return_value(struct task_struct task, struct pt_regs regs,
		* @args[0], and so on.
		*
		* It's only valid to call this when @task is stopped for tracing on
		* entry to a system call, due to %TIF_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		* entry to a system call, due to %SYSCALL_WORK_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		*/
		void syscall_get_arguments(struct task_struct task, struct pt_regs regs,
		unsigned long *args);
		@@ -123,7 +123,7 @@ void syscall_get_arguments(struct task_struct task, struct pt_regs regs,
		* The first argument gets value @args[0], and so on.
		*
		* It's only valid to call this when @task is stopped for tracing on
		* entry to a system call, due to %TIF_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		* entry to a system call, due to %SYSCALL_WORK_SYSCALL_TRACE or %TIF_SYSCALL_AUDIT.
		*/
		void syscall_set_arguments(struct task_struct task, struct pt_regs regs,
		const unsigned long *args);
		@@ -135,7 +135,8 @@ void syscall_set_arguments(struct task_struct task, struct pt_regs regs,
		* Returns the AUDIT_ARCH_* based on the system call convention in use.
		*
		* It's only valid to call this when @task is stopped on entry to a system
		* call, due to %TIF_SYSCALL_TRACE, %TIF_SYSCALL_AUDIT, or %SYSCALL_WORK_SECCOMP.
		* call, due to %SYSCALL_WORK_SYSCALL_TRACE, %TIF_SYSCALL_AUDIT, or
		* %SYSCALL_WORK_SECCOMP.
		*
		* Architectures which permit CONFIG_HAVE_ARCH_SECCOMP_FILTER must
		* provide an implementation of this.

include/linux/entry-common.h

+6 −4

Original line number	Diff line number	Diff line
		@@ -41,7 +41,7 @@
		#endif

		#define SYSCALL_ENTER_WORK \
		(_TIF_SYSCALL_TRACE \| _TIF_SYSCALL_AUDIT \| \
		(_TIF_SYSCALL_AUDIT \| \
		_TIF_SYSCALL_EMU \| \
		ARCH_SYSCALL_ENTER_WORK)

		@@ -53,12 +53,14 @@
		#endif

		#define SYSCALL_EXIT_WORK \
		(_TIF_SYSCALL_TRACE \| _TIF_SYSCALL_AUDIT \| \
		(_TIF_SYSCALL_AUDIT \| \
		ARCH_SYSCALL_EXIT_WORK)

		#define SYSCALL_WORK_ENTER (SYSCALL_WORK_SECCOMP \| \
		SYSCALL_WORK_SYSCALL_TRACEPOINT)
		#define SYSCALL_WORK_EXIT (SYSCALL_WORK_SYSCALL_TRACEPOINT)
		SYSCALL_WORK_SYSCALL_TRACEPOINT \| \
		SYSCALL_WORK_SYSCALL_TRACE)
		#define SYSCALL_WORK_EXIT (SYSCALL_WORK_SYSCALL_TRACEPOINT \| \
		SYSCALL_WORK_SYSCALL_TRACE)

		/*
		* TIF flags handled in exit_to_user_mode_loop()

include/linux/thread_info.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -38,10 +38,12 @@ enum {
		enum syscall_work_bit {
		SYSCALL_WORK_BIT_SECCOMP,
		SYSCALL_WORK_BIT_SYSCALL_TRACEPOINT,
		SYSCALL_WORK_BIT_SYSCALL_TRACE,
		};

		#define SYSCALL_WORK_SECCOMP BIT(SYSCALL_WORK_BIT_SECCOMP)
		#define SYSCALL_WORK_SYSCALL_TRACEPOINT BIT(SYSCALL_WORK_BIT_SYSCALL_TRACEPOINT)
		#define SYSCALL_WORK_SYSCALL_TRACE BIT(SYSCALL_WORK_BIT_SYSCALL_TRACE)

		#include <asm/thread_info.h>

include/linux/tracehook.h

+9 −8

Original line number	Diff line number	Diff line
		@@ -83,11 +83,12 @@ static inline int ptrace_report_syscall(struct pt_regs *regs,
		* tracehook_report_syscall_entry - task is about to attempt a system call
		* @regs: user register state of current task
		*
		* This will be called if %TIF_SYSCALL_TRACE or %TIF_SYSCALL_EMU have been set,
		* when the current task has just entered the kernel for a system call.
		* Full user register state is available here. Changing the values
		* in @regs can affect the system call number and arguments to be tried.
		* It is safe to block here, preventing the system call from beginning.
		* This will be called if %SYSCALL_WORK_SYSCALL_TRACE or
		* %TIF_SYSCALL_EMU have been set, when the current task has just
		* entered the kernel for a system call. Full user register state is
		* available here. Changing the values in @regs can affect the system
		* call number and arguments to be tried. It is safe to block here,
		* preventing the system call from beginning.
		*
		* Returns zero normally, or nonzero if the calling arch code should abort
		* the system call. That must prevent normal entry so no system call is
		@@ -109,15 +110,15 @@ static inline __must_check int tracehook_report_syscall_entry(
		* @regs: user register state of current task
		* @step: nonzero if simulating single-step or block-step
		*
		* This will be called if %TIF_SYSCALL_TRACE has been set, when the
		* current task has just finished an attempted system call. Full
		* This will be called if %SYSCALL_WORK_SYSCALL_TRACE has been set, when
		* the current task has just finished an attempted system call. Full
		* user register state is available here. It is safe to block here,
		* preventing signals from being processed.
		*
		* If @step is nonzero, this report is also in lieu of the normal
		* trap that would follow the system call instruction because
		* user_enable_block_step() or user_enable_single_step() was used.
		* In this case, %TIF_SYSCALL_TRACE might not be set.
		* In this case, %SYSCALL_WORK_SYSCALL_TRACE might not be set.
		*
		* Called without locks, just before checking for pending signals.
		*/

kernel/entry/common.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -47,7 +47,7 @@ static long syscall_trace_enter(struct pt_regs *regs, long syscall,
		long ret = 0;

		/* Handle ptrace */
		if (ti_work & (_TIF_SYSCALL_TRACE \| _TIF_SYSCALL_EMU)) {
		if (work & SYSCALL_WORK_SYSCALL_TRACE \|\| ti_work & _TIF_SYSCALL_EMU) {
		ret = arch_syscall_enter_tracehook(regs);
		if (ret \|\| (ti_work & _TIF_SYSCALL_EMU))
		return -1L;
		@@ -237,7 +237,7 @@ static void syscall_exit_work(struct pt_regs *regs, unsigned long ti_work,
		trace_sys_exit(regs, syscall_get_return_value(current, regs));

		step = report_single_step(ti_work);
		if (step \|\| ti_work & _TIF_SYSCALL_TRACE)
		if (step \|\| work & SYSCALL_WORK_SYSCALL_TRACE)
		arch_syscall_exit_tracehook(regs, step);
		}