lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 26 Mar 2012 11:39:27 -0700
From:	Vaibhav Nagarnaik <vnagarnaik@...gle.com>
To:	Steven Rostedt <rostedt@...dmis.org>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>
Cc:	David Sharp <dhsharp@...gle.com>,
	Justin Teravest <teravest@...gle.com>,
	Laurent Chavey <chavey@...gle.com>, x86@...nel.org,
	linux-kernel@...r.kernel.org,
	Vaibhav Nagarnaik <vnagarnaik@...gle.com>
Subject: [PATCH 5/6] trace: raw_syscalls: Mark compat syscalls in the MSB of the syscall number

From: David Sharp <dhsharp@...gle.com>

The compat syscalls are undifferentiable from standard syscalls, making
correct interpretation of 'id' impossible on systems where compat tasks
are running. Set the MSB of 'id' if the traced syscall is compat, and
output this bit in the print format.

Signed-off-by: Vaibhav Nagarnaik <vnagarnaik@...gle.com>
---
 include/trace/events/syscalls.h |   23 ++++++++++++++++++-----
 1 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/include/trace/events/syscalls.h b/include/trace/events/syscalls.h
index aeaa536..4f42fdc 100644
--- a/include/trace/events/syscalls.h
+++ b/include/trace/events/syscalls.h
@@ -6,10 +6,13 @@
 #define _TRACE_EVENTS_SYSCALLS_H
 
 #include <linux/tracepoint.h>
+#include <linux/compat.h>
 
 #include <asm/ptrace.h>
 #include <asm/syscall.h>
 
+#define COMPAT_MASK (~0UL>>1)
+#define COMPAT_BIT ~(~0UL>>1)
 
 TRACE_EVENT(sys_enter,
 
@@ -23,14 +26,19 @@ TRACE_EVENT(sys_enter,
 	),
 
 	TP_fast_assign(
+#ifdef CONFIG_COMPAT
+		if (is_compat_task())
+			id |= COMPAT_BIT;
+#endif
 		__entry->id	= id;
 		syscall_get_arguments(current, regs, 0, 6, __entry->args);
 	),
 
-	TP_printk("NR %ld (%lx, %lx, %lx, %lx, %lx, %lx)",
-		  __entry->id,
+	TP_printk("NR %ld (%lx, %lx, %lx, %lx, %lx, %lx) isCompat: %d",
+		  __entry->id & COMPAT_MASK,
 		  __entry->args[0], __entry->args[1], __entry->args[2],
-		  __entry->args[3], __entry->args[4], __entry->args[5])
+		  __entry->args[3], __entry->args[4], __entry->args[5],
+		  !!(__entry->id & COMPAT_BIT))
 );
 
 TRACE_EVENT_FLAGS(sys_enter, TRACE_EVENT_FL_CAP_ANY)
@@ -48,11 +56,16 @@ TRACE_EVENT(sys_exit,
 
 	TP_fast_assign(
 		__entry->id	= syscall_get_nr(current, regs);
+#ifdef CONFIG_COMPAT
+		if (is_compat_task())
+			__entry->id |= COMPAT_BIT;
+#endif
 		__entry->ret	= ret;
 	),
 
-	TP_printk("NR %ld = %ld",
-		  __entry->id, __entry->ret)
+	TP_printk("NR %ld = %ld isCompat: %d",
+		  __entry->id & COMPAT_MASK, __entry->ret,
+		  !!(__entry->id & COMPAT_BIT))
 );
 
 TRACE_EVENT_FLAGS(sys_exit, TRACE_EVENT_FL_CAP_ANY)
-- 
1.7.7.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ