[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK1hOcNUgMne1Nh_GmU=+MygKu0uVV20jOLXX5ScWzDNafBqQA@mail.gmail.com>
Date: Mon, 13 Jan 2014 14:35:27 +0100
From: Denys Vlasenko <vda.linux@...glemail.com>
To: Sergio Durigan Junior <sergiodj@...hat.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
Oleg Nesterov <oleg@...hat.com>,
Roland McGrath <roland@...k.frob.com>
Subject: Re: [RFC/PATCH] Implement new PTRACE_EVENT_SYSCALL_{ENTER,EXIT}
On Mon, Jan 6, 2014 at 11:52 PM, Sergio Durigan Junior
<sergiodj@...hat.com> wrote:
> The other nice thing that I have implemented is the ability to obtain
> the syscall number related to the event by using PTRACE_GET_EVENTMSG.
> This way, we don't need to inspect registers anymore when we want to
> know which syscall is responsible for this or that event.
OTOH, by fetching registers using just one ptrace call you
get a lot more data.
So, this isn't *that* useful -- the debuggers already know how to fetch
and interpret regs - but it is also a cheap change. Why not?
> -static inline int ptrace_report_syscall(struct pt_regs *regs)
> +static inline int ptrace_report_syscall(struct pt_regs *regs, int entry,
> + unsigned int sysno)
This function looks ripe for de-inlining.
> /* Wait extended result codes for the above trace options. */
> -#define PTRACE_EVENT_FORK 1
> -#define PTRACE_EVENT_VFORK 2
> -#define PTRACE_EVENT_CLONE 3
> -#define PTRACE_EVENT_EXEC 4
> -#define PTRACE_EVENT_VFORK_DONE 5
> -#define PTRACE_EVENT_EXIT 6
> -#define PTRACE_EVENT_SECCOMP 7
> +#define PTRACE_EVENT_FORK 1
> +#define PTRACE_EVENT_VFORK 2
> +#define PTRACE_EVENT_CLONE 3
> +#define PTRACE_EVENT_EXEC 4
> +#define PTRACE_EVENT_VFORK_DONE 5
> +#define PTRACE_EVENT_EXIT 6
> +#define PTRACE_EVENT_SECCOMP 7
> +#define PTRACE_EVENT_SYSCALL_ENTER 8
> +#define PTRACE_EVENT_SYSCALL_EXIT 9
> +
> /* Extended result codes which enabled by means other than options. */
> #define PTRACE_EVENT_STOP 128
>
> @@ -87,11 +90,13 @@ struct ptrace_peeksiginfo_args {
> #define PTRACE_O_TRACEVFORKDONE (1 << PTRACE_EVENT_VFORK_DONE)
> #define PTRACE_O_TRACEEXIT (1 << PTRACE_EVENT_EXIT)
> #define PTRACE_O_TRACESECCOMP (1 << PTRACE_EVENT_SECCOMP)
> +#define PTRACE_O_SYSCALL_ENTER (1 << PTRACE_EVENT_SYSCALL_ENTER)
> +#define PTRACE_O_SYSCALL_EXIT (1 << PTRACE_EVENT_SYSCALL_EXIT)
>
> /* eventless options */
> #define PTRACE_O_EXITKILL (1 << 20)
>
> -#define PTRACE_O_MASK (0x000000ff | PTRACE_O_EXITKILL)
> +#define PTRACE_O_MASK (0x00000fff | PTRACE_O_EXITKILL)
You added just two bits, why did you extend the mask by four bits?
IOW: shouldn't it be 0x00003ff instead?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists