* PTRACE_SYSEMU behavior difference on arm64
@ 2020-05-15 11:15 Keno Fischer
2020-05-15 12:13 ` Will Deacon
0 siblings, 1 reply; 3+ messages in thread
From: Keno Fischer @ 2020-05-15 11:15 UTC (permalink / raw)
To: Linux Kernel Mailing List
Cc: Oleg Nesterov, Will Deacon, Sudeep Holla, Catalin Marinas,
linux-arm-kernel
The behavior of PTRACE_SYSEMU on arm64
appears to differ substantially from that of x86 and powerpc
(the other two architectures on which this feature is implemented).
In particular, after PTRACE_SYSEMU the syscall will always
be skipped on x86 and powerpc, but executed on arm64 unless
the syscall-entry stop was again continued using PTRACE_SYSEMU.
The skipping behavior is also documented in the manpage,
so I suspect this may just be a bug (the skipping behavior
makes sense to me and is what I would expect).
The reason this happens is that `syscall_trace_enter`
re-checks TIF_SYSCALL_EMU after the ptrace stop, but at that
point it may have already been superseded by a new ptrace
request. x86 and power save the original value of the flag,
rather than acting on the new value. I can submit a patch to
fix this, but wanted to check first whether this was intentional.
If it is, I can fix the man page instead.
Keno
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: PTRACE_SYSEMU behavior difference on arm64
2020-05-15 11:15 PTRACE_SYSEMU behavior difference on arm64 Keno Fischer
@ 2020-05-15 12:13 ` Will Deacon
2020-05-15 20:43 ` Keno Fischer
0 siblings, 1 reply; 3+ messages in thread
From: Will Deacon @ 2020-05-15 12:13 UTC (permalink / raw)
To: Keno Fischer
Cc: Linux Kernel Mailing List, Oleg Nesterov, Will Deacon,
Sudeep Holla, Catalin Marinas, linux-arm-kernel
Hi Keno,
On Fri, May 15, 2020 at 07:15:35AM -0400, Keno Fischer wrote:
> The behavior of PTRACE_SYSEMU on arm64
> appears to differ substantially from that of x86 and powerpc
> (the other two architectures on which this feature is implemented).
> In particular, after PTRACE_SYSEMU the syscall will always
> be skipped on x86 and powerpc, but executed on arm64 unless
> the syscall-entry stop was again continued using PTRACE_SYSEMU.
> The skipping behavior is also documented in the manpage,
> so I suspect this may just be a bug (the skipping behavior
> makes sense to me and is what I would expect).
> The reason this happens is that `syscall_trace_enter`
> re-checks TIF_SYSCALL_EMU after the ptrace stop, but at that
> point it may have already been superseded by a new ptrace
> request. x86 and power save the original value of the flag,
> rather than acting on the new value. I can submit a patch to
> fix this, but wanted to check first whether this was intentional.
> If it is, I can fix the man page instead.
Please send a patch, since this looks like a silly bug to me. But it also
means that nobody is using this on arm64, so we could also consider removing
it entirely. Did you spot this because you are trying to use it for
something or just by inspection/unit-testing?
Will
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: PTRACE_SYSEMU behavior difference on arm64
2020-05-15 12:13 ` Will Deacon
@ 2020-05-15 20:43 ` Keno Fischer
0 siblings, 0 replies; 3+ messages in thread
From: Keno Fischer @ 2020-05-15 20:43 UTC (permalink / raw)
To: Will Deacon
Cc: Linux Kernel Mailing List, Oleg Nesterov, Will Deacon,
Sudeep Holla, Catalin Marinas, linux-arm-kernel
On Fri, May 15, 2020 at 8:13 AM Will Deacon <will@kernel.org> wrote:
> But it also
> means that nobody is using this on arm64, so we could also consider removing
> it entirely. Did you spot this because you are trying to use it for
> something or just by inspection/unit-testing?
No, I was trying to port a tool from x86 and nothing made sense for
many hours :). (it was quite a bit of debugging, because the
syscall that it was supposed to skip installed a seccomp filter,
which then later veto'd random syscalls making the
symptoms quite confusing). Having PTRACE_SYSEMU isn't
critical, but we might as well support it.
It makes things a bit more efficient and is probably safer
(if it works correctly ;). The patch is fairly small. Will validate
and then send it here for review.
Keno
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-05-15 20:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-15 11:15 PTRACE_SYSEMU behavior difference on arm64 Keno Fischer
2020-05-15 12:13 ` Will Deacon
2020-05-15 20:43 ` Keno Fischer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).