From: Martin Schwidefsky <[email protected]>
* System call parameter and result access functions
* Add tracehook calls
* Split syscall_trace into two functions do_syscall_trace_enter and
do_syscall_trace_exit
Signed-off-by: Martin Schwidefsky <[email protected]>
---
arch/s390/Kconfig | 1
arch/s390/include/asm/ptrace.h | 1
arch/s390/include/asm/syscall.h | 80 ++++++++++++++++++++++++++++++++++++
arch/s390/include/asm/thread_info.h | 2
arch/s390/kernel/entry.S | 50 ++++++++++++++++++----
arch/s390/kernel/entry64.S | 42 ++++++++++++++----
arch/s390/kernel/ptrace.c | 61 ++++++++++++++-------------
arch/s390/kernel/signal.c | 13 +++++
8 files changed, 202 insertions(+), 48 deletions(-)
Index: quilt-2.6/arch/s390/include/asm/ptrace.h
===================================================================
--- quilt-2.6.orig/arch/s390/include/asm/ptrace.h
+++ quilt-2.6/arch/s390/include/asm/ptrace.h
@@ -490,6 +490,7 @@ extern void user_disable_single_step(str
#define user_mode(regs) (((regs)->psw.mask & PSW_MASK_PSTATE) != 0)
#define instruction_pointer(regs) ((regs)->psw.addr & PSW_ADDR_INSN)
+#define user_stack_pointer(regs)((regs)->gprs[15])
#define regs_return_value(regs)((regs)->gprs[2])
#define profile_pc(regs) instruction_pointer(regs)
extern void show_regs(struct pt_regs * regs);
Index: quilt-2.6/arch/s390/include/asm/syscall.h
===================================================================
--- /dev/null
+++ quilt-2.6/arch/s390/include/asm/syscall.h
@@ -0,0 +1,80 @@
+/*
+ * Access to user system call parameters and results
+ *
+ * Copyright IBM Corp. 2008
+ * Author(s): Martin Schwidefsky ([email protected])
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License (version 2 only)
+ * as published by the Free Software Foundation.
+ */
+
+#ifndef _ASM_SYSCALL_H
+#define _ASM_SYSCALL_H 1
+
+#include <asm/ptrace.h>
+
+static inline long syscall_get_nr(struct task_struct *task,
+ struct pt_regs *regs)
+{
+ if (regs->trap != __LC_SVC_OLD_PSW)
+ return -1;
+ return regs->gprs[2];
+}
+
+static inline void syscall_rollback(struct task_struct *task,
+ struct pt_regs *regs)
+{
+ regs->gprs[2] = regs->orig_gpr2;
+}
+
+static inline long syscall_get_error(struct task_struct *task,
+ struct pt_regs *regs)
+{
+ return (regs->gprs[2] >= -4096UL) ? -regs->gprs[2] : 0;
+}
+
+static inline long syscall_get_return_value(struct task_struct *task,
+ struct pt_regs *regs)
+{
+ return regs->gprs[2];
+}
+
+static inline void syscall_set_return_value(struct task_struct *task,
+ struct pt_regs *regs,
+ int error, long val)
+{
+ regs->gprs[2] = error ? -error : val;
+}
+
+static inline void syscall_get_arguments(struct task_struct *task,
+ struct pt_regs *regs,
+ unsigned int i, unsigned int n,
+ unsigned long *args)
+{
+ BUG_ON(i + n > 6);
+#ifdef CONFIG_COMPAT
+ if (test_tsk_thread_flag(task, TIF_31BIT)) {
+ if (i + n == 6)
+ args[--n] = (u32) regs->args[0];
+ while (n-- > 0)
+ args[n] = (u32) regs->gprs[2 + i + n];
+ }
+#endif
+ if (i + n == 6)
+ args[--n] = regs->args[0];
+ memcpy(args, ®s->gprs[2 + i], n * sizeof(args[0]));
+}
+
+static inline void syscall_set_arguments(struct task_struct *task,
+ struct pt_regs *regs,
+ unsigned int i, unsigned int n,
+ const unsigned long *args)
+{
+ BUG_ON(i + n > 6);
+ if (i + n == 6)
+ regs->args[0] = args[--n];
+ memcpy(®s->gprs[2 + i], args, n * sizeof(args[0]));
+}
+
+#endif /* _ASM_SYSCALL_H */
Index: quilt-2.6/arch/s390/include/asm/thread_info.h
===================================================================
--- quilt-2.6.orig/arch/s390/include/asm/thread_info.h
+++ quilt-2.6/arch/s390/include/asm/thread_info.h
@@ -86,6 +86,7 @@ static inline struct thread_info *curren
* thread information flags bit numbers
*/
#define TIF_SYSCALL_TRACE 0 /* syscall trace active */
+#define TIF_NOTIFY_RESUME 1 /* callback before returning to user */
#define TIF_SIGPENDING 2 /* signal pending */
#define TIF_NEED_RESCHED 3 /* rescheduling necessary */
#define TIF_RESTART_SVC 4 /* restart svc with new svc number */
@@ -100,6 +101,7 @@ static inline struct thread_info *curren
#define TIF_RESTORE_SIGMASK 20 /* restore signal mask in do_signal() */
#define _TIF_SYSCALL_TRACE (1<<TIF_SYSCALL_TRACE)
+#define _TIF_NOTIFY_RESUME (1<<TIF_NOTIFY_RESUME)
#define _TIF_RESTORE_SIGMASK (1<<TIF_RESTORE_SIGMASK)
#define _TIF_SIGPENDING (1<<TIF_SIGPENDING)
#define _TIF_NEED_RESCHED (1<<TIF_NEED_RESCHED)
Index: quilt-2.6/arch/s390/Kconfig
===================================================================
--- quilt-2.6.orig/arch/s390/Kconfig
+++ quilt-2.6/arch/s390/Kconfig
@@ -74,6 +74,7 @@ config S390
select HAVE_KPROBES
select HAVE_KRETPROBES
select HAVE_KVM if 64BIT
+ select HAVE_ARCH_TRACEHOOK
source "init/Kconfig"
Index: quilt-2.6/arch/s390/kernel/entry64.S
===================================================================
--- quilt-2.6.orig/arch/s390/kernel/entry64.S
+++ quilt-2.6/arch/s390/kernel/entry64.S
@@ -52,9 +52,9 @@ SP_SIZE = STACK_FRAME_OVERHEAD + __
STACK_SHIFT = PAGE_SHIFT + THREAD_ORDER
STACK_SIZE = 1 << STACK_SHIFT
-_TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
+_TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
_TIF_MCCK_PENDING | _TIF_RESTART_SVC | _TIF_SINGLE_STEP )
-_TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
+_TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
_TIF_MCCK_PENDING)
#define BASED(name) name-system_call(%r13)
@@ -310,6 +310,8 @@ sysc_work:
jo sysc_reschedule
tm __TI_flags+7(%r9),_TIF_SIGPENDING
jnz sysc_sigpending
+ tm __TI_flags+7(%r9),_TIF_NOTIFY_RESUME
+ jnz sysc_notify_resume
tm __TI_flags+7(%r9),_TIF_RESTART_SVC
jo sysc_restart
tm __TI_flags+7(%r9),_TIF_SINGLE_STEP
@@ -345,6 +347,14 @@ sysc_sigpending:
j sysc_work_loop
#
+# _TIF_NOTIFY_RESUME is set, call do_notify_resume
+#
+sysc_notify_resume:
+ la %r2,SP_PTREGS(%r15) # load pt_regs
+ larl %r14,sysc_work_loop
+ jg do_notify_resume # call do_notify_resume
+
+#
# _TIF_RESTART_SVC is set, set up registers and restart svc
#
sysc_restart:
@@ -367,20 +377,19 @@ sysc_singlestep:
jg do_single_step # branch to do_sigtrap
#
-# call syscall_trace before and after system call
-# special linkage: %r12 contains the return address for trace_svc
+# call tracehook_report_syscall_entry/tracehook_report_syscall_exit before
+# and after the system call
#
sysc_tracesys:
la %r2,SP_PTREGS(%r15) # load pt_regs
la %r3,0
srl %r7,2
stg %r7,SP_R2(%r15)
- brasl %r14,syscall_trace
+ brasl %r14,do_syscall_trace_enter
lghi %r0,NR_syscalls
- clg %r0,SP_R2(%r15)
+ clgr %r0,%r2
jnh sysc_tracenogo
- lg %r7,SP_R2(%r15) # strace might have changed the
- sll %r7,2 # system call
+ slag %r7,%r2,2 # *4
lgf %r8,0(%r7,%r10)
sysc_tracego:
lmg %r3,%r6,SP_R3(%r15)
@@ -391,9 +400,8 @@ sysc_tracenogo:
tm __TI_flags+7(%r9),(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT)
jz sysc_return
la %r2,SP_PTREGS(%r15) # load pt_regs
- la %r3,1
larl %r14,sysc_return # return point is sysc_return
- jg syscall_trace
+ jg do_syscall_trace_exit
#
# a new process exits the kernel with ret_from_fork
@@ -672,6 +680,8 @@ io_work_loop:
jo io_reschedule
tm __TI_flags+7(%r9),_TIF_SIGPENDING
jnz io_sigpending
+ tm __TI_flags+7(%r9),_TIF_NOTIFY_RESUME
+ jnz io_notify_resume
j io_restore
io_work_done:
@@ -712,6 +722,18 @@ io_sigpending:
TRACE_IRQS_OFF
j io_work_loop
+#
+# _TIF_NOTIFY_RESUME or is set, call do_notify_resume
+#
+io_notify_resume:
+ TRACE_IRQS_ON
+ stosm __SF_EMPTY(%r15),0x03 # reenable interrupts
+ la %r2,SP_PTREGS(%r15) # load pt_regs
+ brasl %r14,do_notify_resume # call do_notify_resume
+ stnsm __SF_EMPTY(%r15),0xfc # disable I/O and ext. interrupts
+ TRACE_IRQS_OFF
+ j io_work_loop
+
/*
* External interrupt handler routine
*/
Index: quilt-2.6/arch/s390/kernel/entry.S
===================================================================
--- quilt-2.6.orig/arch/s390/kernel/entry.S
+++ quilt-2.6/arch/s390/kernel/entry.S
@@ -49,9 +49,9 @@ SP_ILC = STACK_FRAME_OVERHEAD + __P
SP_TRAP = STACK_FRAME_OVERHEAD + __PT_TRAP
SP_SIZE = STACK_FRAME_OVERHEAD + __PT_SIZE
-_TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
+_TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
_TIF_MCCK_PENDING | _TIF_RESTART_SVC | _TIF_SINGLE_STEP )
-_TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NEED_RESCHED | \
+_TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
_TIF_MCCK_PENDING)
STACK_SHIFT = PAGE_SHIFT + THREAD_ORDER
@@ -318,6 +318,8 @@ sysc_work:
bo BASED(sysc_reschedule)
tm __TI_flags+3(%r9),_TIF_SIGPENDING
bnz BASED(sysc_sigpending)
+ tm __TI_flags+3(%r9),_TIF_NOTIFY_RESUME
+ bnz BASED(sysc_notify_resume)
tm __TI_flags+3(%r9),_TIF_RESTART_SVC
bo BASED(sysc_restart)
tm __TI_flags+3(%r9),_TIF_SINGLE_STEP
@@ -356,6 +358,16 @@ sysc_sigpending:
b BASED(sysc_work_loop)
#
+# _TIF_NOTIFY_RESUME is set, call do_notify_resume
+#
+sysc_notify_resume:
+ la %r2,SP_PTREGS(%r15) # load pt_regs
+ l %r1,BASED(.Ldo_notify_resume)
+ la %r14,BASED(sysc_work_loop)
+ br %r1 # call do_notify_resume
+
+
+#
# _TIF_RESTART_SVC is set, set up registers and restart svc
#
sysc_restart:
@@ -378,20 +390,21 @@ sysc_singlestep:
br %r1 # branch to do_single_step
#
-# call trace before and after sys_call
+# call tracehook_report_syscall_entry/tracehook_report_syscall_exit before
+# and after the system call
#
sysc_tracesys:
- l %r1,BASED(.Ltrace)
+ l %r1,BASED(.Ltrace_entry)
la %r2,SP_PTREGS(%r15) # load pt_regs
la %r3,0
srl %r7,2
st %r7,SP_R2(%r15)
basr %r14,%r1
- clc SP_R2(4,%r15),BASED(.Lnr_syscalls)
+ cl %r2,BASED(.Lnr_syscalls)
bnl BASED(sysc_tracenogo)
l %r8,BASED(.Lsysc_table)
- l %r7,SP_R2(%r15) # strace might have changed the
- sll %r7,2 # system call
+ lr %r7,%r2
+ sll %r7,2 # *4
l %r8,0(%r7,%r8)
sysc_tracego:
lm %r3,%r6,SP_R3(%r15)
@@ -401,9 +414,8 @@ sysc_tracego:
sysc_tracenogo:
tm __TI_flags+3(%r9),(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT)
bz BASED(sysc_return)
- l %r1,BASED(.Ltrace)
+ l %r1,BASED(.Ltrace_exit)
la %r2,SP_PTREGS(%r15) # load pt_regs
- la %r3,1
la %r14,BASED(sysc_return)
br %r1
@@ -666,6 +678,8 @@ io_work_loop:
bo BASED(io_reschedule)
tm __TI_flags+3(%r9),_TIF_SIGPENDING
bnz BASED(io_sigpending)
+ tm __TI_flags+3(%r9),_TIF_NOTIFY_RESUME
+ bnz BASED(io_notify_resume)
b BASED(io_restore)
io_work_done:
@@ -704,6 +718,19 @@ io_sigpending:
TRACE_IRQS_OFF
b BASED(io_work_loop)
+#
+# _TIF_SIGPENDING is set, call do_signal
+#
+io_notify_resume:
+ TRACE_IRQS_ON
+ stosm __SF_EMPTY(%r15),0x03 # reenable interrupts
+ la %r2,SP_PTREGS(%r15) # load pt_regs
+ l %r1,BASED(.Ldo_notify_resume)
+ basr %r14,%r1 # call do_signal
+ stnsm __SF_EMPTY(%r15),0xfc # disable I/O and ext. interrupts
+ TRACE_IRQS_OFF
+ b BASED(io_work_loop)
+
/*
* External interrupt handler routine
*/
@@ -1070,6 +1097,8 @@ cleanup_io_leave_insn:
.Ldo_IRQ: .long do_IRQ
.Ldo_extint: .long do_extint
.Ldo_signal: .long do_signal
+.Ldo_notify_resume:
+ .long do_notify_resume
.Lhandle_per: .long do_single_step
.Ldo_execve: .long do_execve
.Lexecve_tail: .long execve_tail
@@ -1079,7 +1108,8 @@ cleanup_io_leave_insn:
.Lpreempt_schedule_irq:
.long preempt_schedule_irq
#endif
-.Ltrace: .long syscall_trace
+.Ltrace_entry: .long do_syscall_trace_enter
+.Ltrace_exit: .long do_syscall_trace_exit
.Lschedtail: .long schedule_tail
.Lsysc_table: .long sys_call_table
#ifdef CONFIG_TRACE_IRQFLAGS
Index: quilt-2.6/arch/s390/kernel/ptrace.c
===================================================================
--- quilt-2.6.orig/arch/s390/kernel/ptrace.c
+++ quilt-2.6/arch/s390/kernel/ptrace.c
@@ -35,6 +35,7 @@
#include <linux/signal.h>
#include <linux/elf.h>
#include <linux/regset.h>
+#include <linux/tracehook.h>
#include <asm/segment.h>
#include <asm/page.h>
@@ -639,40 +640,44 @@ long compat_arch_ptrace(struct task_stru
}
#endif
-asmlinkage void
-syscall_trace(struct pt_regs *regs, int entryexit)
+asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
{
- if (unlikely(current->audit_context) && entryexit)
- audit_syscall_exit(AUDITSC_RESULT(regs->gprs[2]), regs->gprs[2]);
-
- if (!test_thread_flag(TIF_SYSCALL_TRACE))
- goto out;
- if (!(current->ptrace & PT_PTRACED))
- goto out;
- ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD)
- ? 0x80 : 0));
+ long ret;
/*
- * If the debuffer has set an invalid system call number,
- * we prepare to skip the system call restart handling.
+ * The sysc_tracesys code in entry.S stored the system
+ * call number to gprs[2].
*/
- if (!entryexit && regs->gprs[2] >= NR_syscalls)
+ ret = regs->gprs[2];
+ if (test_thread_flag(TIF_SYSCALL_TRACE) &&
+ (tracehook_report_syscall_entry(regs) ||
+ regs->gprs[2] >= NR_syscalls)) {
+ /*
+ * Tracing decided this syscall should not happen or the
+ * debugger stored an invalid system call number. Skip
+ * the system call and the system call restart handling.
+ */
regs->trap = -1;
+ ret = -1;
+ }
- /*
- * this isn't the same as continuing with a signal, but it will do
- * for normal use. strace only continues with a signal if the
- * stopping signal is not SIGTRAP. -brl
- */
- if (current->exit_code) {
- send_sig(current->exit_code, current, 1);
- current->exit_code = 0;
- }
- out:
- if (unlikely(current->audit_context) && !entryexit)
- audit_syscall_entry(test_thread_flag(TIF_31BIT)?AUDIT_ARCH_S390:AUDIT_ARCH_S390X,
- regs->gprs[2], regs->orig_gpr2, regs->gprs[3],
- regs->gprs[4], regs->gprs[5]);
+ if (unlikely(current->audit_context))
+ audit_syscall_entry(test_thread_flag(TIF_31BIT) ?
+ AUDIT_ARCH_S390 : AUDIT_ARCH_S390X,
+ regs->gprs[2], regs->orig_gpr2,
+ regs->gprs[3], regs->gprs[4],
+ regs->gprs[5]);
+ return ret;
+}
+
+asmlinkage void do_syscall_trace_exit(struct pt_regs *regs)
+{
+ if (unlikely(current->audit_context))
+ audit_syscall_exit(AUDITSC_RESULT(regs->gprs[2]),
+ regs->gprs[2]);
+
+ if (test_thread_flag(TIF_SYSCALL_TRACE))
+ tracehook_report_syscall_exit(regs, 0);
}
/*
Index: quilt-2.6/arch/s390/kernel/signal.c
===================================================================
--- quilt-2.6.orig/arch/s390/kernel/signal.c
+++ quilt-2.6/arch/s390/kernel/signal.c
@@ -24,6 +24,7 @@
#include <linux/tty.h>
#include <linux/personality.h>
#include <linux/binfmts.h>
+#include <linux/tracehook.h>
#include <asm/ucontext.h>
#include <asm/uaccess.h>
#include <asm/lowcore.h>
@@ -507,6 +508,12 @@ void do_signal(struct pt_regs *regs)
*/
if (current->thread.per_info.single_step)
set_thread_flag(TIF_SINGLE_STEP);
+
+ /*
+ * Let tracing know that we've done the handler setup.
+ */
+ tracehook_signal_handler(signr, &info, &ka, regs,
+ test_thread_flag(TIF_SINGLE_STEP));
}
return;
}
@@ -526,3 +533,9 @@ void do_signal(struct pt_regs *regs)
set_thread_flag(TIF_RESTART_SVC);
}
}
+
+void do_notify_resume(struct pt_regs *regs)
+{
+ clear_thread_flag(TIF_NOTIFY_RESUME);
+ tracehook_notify_resume(regs);
+}
--
blue skies,
Martin.
"Reality continues to ruin my life." - Calvin.
Note that I know ~0 about s390 register layouts, but...
Martin Schwidefsky wrote:
> Index: quilt-2.6/arch/s390/kernel/ptrace.c
> ===================================================================
> --- quilt-2.6.orig/arch/s390/kernel/ptrace.c
> +++ quilt-2.6/arch/s390/kernel/ptrace.c
> @@ -639,40 +640,44 @@ long compat_arch_ptrace(struct task_stru
> }
> #endif
>
> -asmlinkage void
> -syscall_trace(struct pt_regs *regs, int entryexit)
> +asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
> {
...
> + if (unlikely(current->audit_context))
> + audit_syscall_entry(test_thread_flag(TIF_31BIT) ?
> + AUDIT_ARCH_S390 : AUDIT_ARCH_S390X,
> + regs->gprs[2], regs->orig_gpr2,
> + regs->gprs[3], regs->gprs[4],
> + regs->gprs[5]);
> + return ret;
> +}
According to the above, the syscall number is in regs->gprs[2] and the
1st syscall argument is in regs->orig_gpr2.
Then in:
> Index: quilt-2.6/arch/s390/include/asm/syscall.h
> ===================================================================
...
> +static inline long syscall_get_nr(struct task_struct *task,
> + struct pt_regs *regs)
> +{
> + if (regs->trap != __LC_SVC_OLD_PSW)
> + return -1;
> + return regs->gprs[2];
> +}
... according to the syscall_get_nr(), the syscall number is in
regs->gprs[2], which matches what is in arch/s390/kernel/ptrace.c ...
> +static inline void syscall_get_arguments(struct task_struct *task,
> + struct pt_regs *regs,
> + unsigned int i, unsigned int n,
> + unsigned long *args)
> +{
> + BUG_ON(i + n > 6);
> +#ifdef CONFIG_COMPAT
> + if (test_tsk_thread_flag(task, TIF_31BIT)) {
> + if (i + n == 6)
> + args[--n] = (u32) regs->args[0];
> + while (n-- > 0)
> + args[n] = (u32) regs->gprs[2 + i + n];
> + }
> +#endif
> + if (i + n == 6)
> + args[--n] = regs->args[0];
> + memcpy(args, ®s->gprs[2 + i], n * sizeof(args[0]));
> +}
> +
> +static inline void syscall_set_arguments(struct task_struct *task,
> + struct pt_regs *regs,
> + unsigned int i, unsigned int n,
> + const unsigned long *args)
> +{
> + BUG_ON(i + n > 6);
> + if (i + n == 6)
> + regs->args[0] = args[--n];
> + memcpy(®s->gprs[2 + i], args, n * sizeof(args[0]));
> +}
> +
> +#endif /* _ASM_SYSCALL_H */
According to syscall_get_arguments()/syscall_set_arguments(), the 1st
syscall argument is in regs->gprs[2], which *doesn't* match what is in
arch/s390/kernel/ptrace.c.
Is this correct, or should the 1st syscall argument be found in
regs->orig_gpr2 by syscall_get_arguments()/syscall_set_arguments()?
--
David Smith
[email protected]
Red Hat
http://www.redhat.com
256.217.0141 (direct)
256.837.0057 (fax)
On Mon, 2008-11-03 at 11:14 -0600, David Smith wrote:
> Is this correct, or should the 1st syscall argument be found in
> regs->orig_gpr2 by syscall_get_arguments()/syscall_set_arguments()?
The question is when do syscall_get_arguments and syscall_set_arguments
functions get called? If they are called on a call chain that started
from do_syscall_trace_enter then we'd have to use orig_gpr2 instead of
gprs[2] but if the functions are not called via do_syscall_trace_enter
the first argument is located in grprs[2]. As far as I can see the sole
user of syscall_get_arguments is collect_syscall which is used to get
the registers of a blocked process. In this case the kernel call chain
does not include do_syscall_trace_enter, therefore the first argument is
in gprs[2], no?
--
blue skies,
Martin.
"Reality continues to ruin my life." - Calvin.
Martin Schwidefsky wrote:
> On Mon, 2008-11-03 at 11:14 -0600, David Smith wrote:
>
>> Is this correct, or should the 1st syscall argument be found in
>> regs->orig_gpr2 by syscall_get_arguments()/syscall_set_arguments()?
>
> The question is when do syscall_get_arguments and syscall_set_arguments
> functions get called? If they are called on a call chain that started
> from do_syscall_trace_enter then we'd have to use orig_gpr2 instead of
> gprs[2] but if the functions are not called via do_syscall_trace_enter
> the first argument is located in grprs[2]. As far as I can see the sole
> user of syscall_get_arguments is collect_syscall which is used to get
> the registers of a blocked process. In this case the kernel call chain
> does not include do_syscall_trace_enter, therefore the first argument is
> in gprs[2], no?
But, collect_syscall() also calls syscall_get_nr():
*callno = syscall_get_nr(target, regs);
if (*callno != -1L && maxargs > 0)
syscall_get_arguments(target, regs, 0, maxargs, args);
Both syscall_get_nr() *and* syscall_get_arguments() returning gprs[2]
can't be right, can it?
--
David Smith
[email protected]
Red Hat
http://www.redhat.com
256.217.0141 (direct)
256.837.0057 (fax)
On Thu, 2008-11-06 at 12:24 -0600, David Smith wrote:
> Martin Schwidefsky wrote:
> > On Mon, 2008-11-03 at 11:14 -0600, David Smith wrote:
> >
> >> Is this correct, or should the 1st syscall argument be found in
> >> regs->orig_gpr2 by syscall_get_arguments()/syscall_set_arguments()?
> >
> > The question is when do syscall_get_arguments and syscall_set_arguments
> > functions get called? If they are called on a call chain that started
> > from do_syscall_trace_enter then we'd have to use orig_gpr2 instead of
> > gprs[2] but if the functions are not called via do_syscall_trace_enter
> > the first argument is located in grprs[2]. As far as I can see the sole
> > user of syscall_get_arguments is collect_syscall which is used to get
> > the registers of a blocked process. In this case the kernel call chain
> > does not include do_syscall_trace_enter, therefore the first argument is
> > in gprs[2], no?
>
> But, collect_syscall() also calls syscall_get_nr():
>
> *callno = syscall_get_nr(target, regs);
> if (*callno != -1L && maxargs > 0)
> syscall_get_arguments(target, regs, 0, maxargs, args);
>
> Both syscall_get_nr() *and* syscall_get_arguments() returning gprs[2]
> can't be right, can it?
Indeed, this cannot work. syscall_get_nr() requires that it is called on
a call chain that includes do_syscall_trace_enter(). And the fix for it
is not trivial. Probably the best would be to add another field to
pt_regs which contains the system call number. syscall_get_arguments()
could be improved to always use orig_gpr2 instead of grps[2] then it
doesn't matter when it is called. The problematic one is
syscall_set_arguments(), there it depends if grps[2] needs to be stored
of not. Hmm, this needs some thinking ..
Good spotting by the way :-)
--
blue skies,
Martin.
"Reality continues to ruin my life." - Calvin.
On Thu, 2008-11-06 at 12:24 -0600, David Smith wrote:
> But, collect_syscall() also calls syscall_get_nr():
>
> *callno = syscall_get_nr(target, regs);
> if (*callno != -1L && maxargs > 0)
> syscall_get_arguments(target, regs, 0, maxargs, args);
>
> Both syscall_get_nr() *and* syscall_get_arguments() returning gprs[2]
> can't be right, can it?
Ok, I managed to get syscall_get_nr() independent from
do_syscall_trace_enter. With the patch below syscall_get_nr() can now be
called anytime for a speeling process.
--
blue skies,
Martin.
"Reality continues to ruin my life." - Calvin.
---
Subject: [PATCH] fix syscall_get_nr.
From: Martin Schwidefsky <[email protected]>
syscall_get_nr() currently returns a valid result only if the call
chain of the traced process includes do_syscall_trace_enter(). But
collect_syscall() can be called for any sleeping task, the result of
syscall_get_nr() in general is completely bogus.
To make syscall_get_nr() work for any sleeping task the traps field
in pt_regs is replace with svcnr - the system call number the process
is executing. If svcnr == 0 the process is not on a system call path.
Signed-off-by: Martin Schwidefsky <[email protected]>
Signed-off-by: Martin Schwidefsky <[email protected]>
---
arch/s390/include/asm/ptrace.h | 2 +-
arch/s390/include/asm/syscall.h | 4 +---
arch/s390/kernel/asm-offsets.c | 2 +-
arch/s390/kernel/compat_signal.c | 2 +-
arch/s390/kernel/entry.S | 21 +++++++++++----------
arch/s390/kernel/entry64.S | 23 ++++++++++-------------
arch/s390/kernel/ptrace.c | 2 +-
arch/s390/kernel/signal.c | 6 +++---
8 files changed, 29 insertions(+), 33 deletions(-)
diff -urpN linux-2.6/arch/s390/include/asm/ptrace.h linux-2.6-patched/arch/s390/include/asm/ptrace.h
--- linux-2.6/arch/s390/include/asm/ptrace.h 2008-11-07 16:35:54.000000000 +0100
+++ linux-2.6-patched/arch/s390/include/asm/ptrace.h 2008-11-07 16:36:20.000000000 +0100
@@ -321,8 +321,8 @@ struct pt_regs
psw_t psw;
unsigned long gprs[NUM_GPRS];
unsigned long orig_gpr2;
+ unsigned short svcnr;
unsigned short ilc;
- unsigned short trap;
};
#endif
diff -urpN linux-2.6/arch/s390/include/asm/syscall.h linux-2.6-patched/arch/s390/include/asm/syscall.h
--- linux-2.6/arch/s390/include/asm/syscall.h 2008-11-07 16:35:54.000000000 +0100
+++ linux-2.6-patched/arch/s390/include/asm/syscall.h 2008-11-07 16:36:20.000000000 +0100
@@ -17,9 +17,7 @@
static inline long syscall_get_nr(struct task_struct *task,
struct pt_regs *regs)
{
- if (regs->trap != __LC_SVC_OLD_PSW)
- return -1;
- return regs->gprs[2];
+ return regs->svcnr ? regs->svcnr : -1;
}
static inline void syscall_rollback(struct task_struct *task,
diff -urpN linux-2.6/arch/s390/kernel/asm-offsets.c linux-2.6-patched/arch/s390/kernel/asm-offsets.c
--- linux-2.6/arch/s390/kernel/asm-offsets.c 2008-11-07 16:36:07.000000000 +0100
+++ linux-2.6-patched/arch/s390/kernel/asm-offsets.c 2008-11-07 16:36:20.000000000 +0100
@@ -33,7 +33,7 @@ int main(void)
DEFINE(__PT_GPRS, offsetof(struct pt_regs, gprs));
DEFINE(__PT_ORIG_GPR2, offsetof(struct pt_regs, orig_gpr2));
DEFINE(__PT_ILC, offsetof(struct pt_regs, ilc));
- DEFINE(__PT_TRAP, offsetof(struct pt_regs, trap));
+ DEFINE(__PT_SVCNR, offsetof(struct pt_regs, svcnr));
DEFINE(__PT_SIZE, sizeof(struct pt_regs));
BLANK();
DEFINE(__SF_BACKCHAIN, offsetof(struct stack_frame, back_chain));
diff -urpN linux-2.6/arch/s390/kernel/compat_signal.c linux-2.6-patched/arch/s390/kernel/compat_signal.c
--- linux-2.6/arch/s390/kernel/compat_signal.c 2008-10-10 00:13:53.000000000 +0200
+++ linux-2.6-patched/arch/s390/kernel/compat_signal.c 2008-11-07 16:36:20.000000000 +0100
@@ -340,7 +340,7 @@ static int restore_sigregs32(struct pt_r
return err;
restore_fp_regs(¤t->thread.fp_regs);
- regs->trap = -1; /* disable syscall checks */
+ regs->svcnr = 0; /* disable syscall checks */
return 0;
}
diff -urpN linux-2.6/arch/s390/kernel/entry64.S linux-2.6-patched/arch/s390/kernel/entry64.S
--- linux-2.6/arch/s390/kernel/entry64.S 2008-11-07 16:36:04.000000000 +0100
+++ linux-2.6-patched/arch/s390/kernel/entry64.S 2008-11-07 16:36:20.000000000 +0100
@@ -46,7 +46,7 @@ SP_R14 = STACK_FRAME_OVERHEAD + __P
SP_R15 = STACK_FRAME_OVERHEAD + __PT_GPRS + 120
SP_ORIG_R2 = STACK_FRAME_OVERHEAD + __PT_ORIG_GPR2
SP_ILC = STACK_FRAME_OVERHEAD + __PT_ILC
-SP_TRAP = STACK_FRAME_OVERHEAD + __PT_TRAP
+SP_SVCNR = STACK_FRAME_OVERHEAD + __PT_SVCNR
SP_SIZE = STACK_FRAME_OVERHEAD + __PT_SIZE
STACK_SHIFT = PAGE_SHIFT + THREAD_ORDER
@@ -171,11 +171,10 @@ _TIF_WORK_INT = (_TIF_SIGPENDING | _TIF_
.macro CREATE_STACK_FRAME psworg,savearea
aghi %r15,-SP_SIZE # make room for registers & psw
mvc SP_PSW(16,%r15),0(%r12) # move user PSW to stack
- la %r12,\psworg
stg %r2,SP_ORIG_R2(%r15) # store original content of gpr 2
- icm %r12,12,__LC_SVC_ILC
+ icm %r12,3,__LC_SVC_ILC
stmg %r0,%r11,SP_R0(%r15) # store gprs %r0-%r11 to kernel stack
- st %r12,SP_ILC(%r15)
+ st %r12,SP_SVCNR(%r15)
mvc SP_R12(32,%r15),\savearea # move %r12-%r15 to stack
la %r12,0
stg %r12,__SF_BACKCHAIN(%r15)
@@ -250,16 +249,17 @@ sysc_update:
#endif
sysc_do_svc:
lg %r9,__LC_THREAD_INFO # load pointer to thread_info struct
- slag %r7,%r7,2 # *4 and test for svc 0
+ ltgr %r7,%r7 # test for svc 0
jnz sysc_nr_ok
# svc 0: system call number in %r1
cl %r1,BASED(.Lnr_syscalls)
jnl sysc_nr_ok
lgfr %r7,%r1 # clear high word in r1
- slag %r7,%r7,2 # svc 0: system call number in %r1
sysc_nr_ok:
mvc SP_ARGS(8,%r15),SP_R7(%r15)
sysc_do_restart:
+ sth %r7,SP_SVCNR(%r15)
+ sllg %r7,%r7,2 # svc number * 4
larl %r10,sys_call_table
#ifdef CONFIG_COMPAT
tm __TI_flags+5(%r9),(_TIF_31BIT>>16) # running in 31 bit mode ?
@@ -363,7 +363,6 @@ sysc_notify_resume:
sysc_restart:
ni __TI_flags+7(%r9),255-_TIF_RESTART_SVC # clear TIF_RESTART_SVC
lg %r7,SP_R2(%r15) # load new svc number
- slag %r7,%r7,2 # *4
mvc SP_R2(8,%r15),SP_ORIG_R2(%r15) # restore first argument
lmg %r2,%r6,SP_R2(%r15) # load svc arguments
j sysc_do_restart # restart svc
@@ -372,9 +371,8 @@ sysc_restart:
# _TIF_SINGLE_STEP is set, call do_single_step
#
sysc_singlestep:
- ni __TI_flags+7(%r9),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
- lhi %r0,__LC_PGM_OLD_PSW
- sth %r0,SP_TRAP(%r15) # set trap indication to pgm check
+ ni __TI_flags+7(%r9),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
+ xc SP_SVCNR(2,%r15),SP_SVCNR(%r15) # clear svc number
la %r2,SP_PTREGS(%r15) # address of register-save area
larl %r14,sysc_return # load adr. of system return
jg do_single_step # branch to do_sigtrap
@@ -392,7 +390,7 @@ sysc_tracesys:
lghi %r0,NR_syscalls
clgr %r0,%r2
jnh sysc_tracenogo
- slag %r7,%r2,2 # *4
+ sllg %r7,%r2,2 # svc number *4
lgf %r8,0(%r7,%r10)
sysc_tracego:
lmg %r3,%r6,SP_R3(%r15)
@@ -567,8 +565,7 @@ pgm_svcper:
# per was called from kernel, must be kprobes
#
kernel_per:
- lhi %r0,__LC_PGM_OLD_PSW
- sth %r0,SP_TRAP(%r15) # set trap indication to pgm check
+ xc SP_SVCNR(2,%r15),SP_SVCNR(%r15) # clear svc number
la %r2,SP_PTREGS(%r15) # address of register-save area
larl %r14,sysc_restore # load adr. of system ret, no work
jg do_single_step # branch to do_single_step
diff -urpN linux-2.6/arch/s390/kernel/entry.S linux-2.6-patched/arch/s390/kernel/entry.S
--- linux-2.6/arch/s390/kernel/entry.S 2008-11-07 16:36:04.000000000 +0100
+++ linux-2.6-patched/arch/s390/kernel/entry.S 2008-11-07 16:36:20.000000000 +0100
@@ -46,7 +46,7 @@ SP_R14 = STACK_FRAME_OVERHEAD + __P
SP_R15 = STACK_FRAME_OVERHEAD + __PT_GPRS + 60
SP_ORIG_R2 = STACK_FRAME_OVERHEAD + __PT_ORIG_GPR2
SP_ILC = STACK_FRAME_OVERHEAD + __PT_ILC
-SP_TRAP = STACK_FRAME_OVERHEAD + __PT_TRAP
+SP_SVCNR = STACK_FRAME_OVERHEAD + __PT_SVCNR
SP_SIZE = STACK_FRAME_OVERHEAD + __PT_SIZE
_TIF_WORK_SVC = (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME | _TIF_NEED_RESCHED | \
@@ -183,11 +183,10 @@ STACK_SIZE = 1 << STACK_SHIFT
.macro CREATE_STACK_FRAME psworg,savearea
s %r15,BASED(.Lc_spsize) # make room for registers & psw
mvc SP_PSW(8,%r15),0(%r12) # move user PSW to stack
- la %r12,\psworg
st %r2,SP_ORIG_R2(%r15) # store original content of gpr 2
- icm %r12,12,__LC_SVC_ILC
+ icm %r12,3,__LC_SVC_ILC
stm %r0,%r11,SP_R0(%r15) # store gprs %r0-%r11 to kernel stack
- st %r12,SP_ILC(%r15)
+ st %r12,SP_SVCNR(%r15)
mvc SP_R12(16,%r15),\savearea # move %r12-%r15 to stack
la %r12,0
st %r12,__SF_BACKCHAIN(%r15) # clear back chain
@@ -264,16 +263,17 @@ sysc_update:
#endif
sysc_do_svc:
l %r9,__LC_THREAD_INFO # load pointer to thread_info struct
- sla %r7,2 # *4 and test for svc 0
+ ltr %r7,%r7 # test for svc 0
bnz BASED(sysc_nr_ok) # svc number > 0
# svc 0: system call number in %r1
cl %r1,BASED(.Lnr_syscalls)
bnl BASED(sysc_nr_ok)
lr %r7,%r1 # copy svc number to %r7
- sla %r7,2 # *4
sysc_nr_ok:
mvc SP_ARGS(4,%r15),SP_R7(%r15)
sysc_do_restart:
+ sth %r7,SP_SVCNR(%r15)
+ sll %r7,2 # svc number *4
l %r8,BASED(.Lsysc_table)
tm __TI_flags+3(%r9),(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT)
l %r8,0(%r7,%r8) # get system call addr.
@@ -376,7 +376,6 @@ sysc_notify_resume:
sysc_restart:
ni __TI_flags+3(%r9),255-_TIF_RESTART_SVC # clear TIF_RESTART_SVC
l %r7,SP_R2(%r15) # load new svc number
- sla %r7,2
mvc SP_R2(4,%r15),SP_ORIG_R2(%r15) # restore first argument
lm %r2,%r6,SP_R2(%r15) # load svc arguments
b BASED(sysc_do_restart) # restart svc
@@ -386,7 +385,8 @@ sysc_restart:
#
sysc_singlestep:
ni __TI_flags+3(%r9),255-_TIF_SINGLE_STEP # clear TIF_SINGLE_STEP
- mvi SP_TRAP+1(%r15),0x28 # set trap indication to pgm check
+ mvi SP_SVCNR(%r15),0xff # set trap indication to pgm check
+ mvi SP_SVCNR+1(%r15),0xff
la %r2,SP_PTREGS(%r15) # address of register-save area
l %r1,BASED(.Lhandle_per) # load adr. of per handler
la %r14,BASED(sysc_return) # load adr. of system return
@@ -407,7 +407,7 @@ sysc_tracesys:
bnl BASED(sysc_tracenogo)
l %r8,BASED(.Lsysc_table)
lr %r7,%r2
- sll %r7,2 # *4
+ sll %r7,2 # svc number *4
l %r8,0(%r7,%r8)
sysc_tracego:
lm %r3,%r6,SP_R3(%r15)
@@ -586,7 +586,8 @@ pgm_svcper:
# per was called from kernel, must be kprobes
#
kernel_per:
- mvi SP_TRAP+1(%r15),0x28 # set trap indication to pgm check
+ mvi SP_SVCNR(%r15),0xff # set trap indication to pgm check
+ mvi SP_SVCNR+1(%r15),0xff
la %r2,SP_PTREGS(%r15) # address of register-save area
l %r1,BASED(.Lhandle_per) # load adr. of per handler
la %r14,BASED(sysc_restore)# load adr. of system return
diff -urpN linux-2.6/arch/s390/kernel/ptrace.c linux-2.6-patched/arch/s390/kernel/ptrace.c
--- linux-2.6/arch/s390/kernel/ptrace.c 2008-11-07 16:36:18.000000000 +0100
+++ linux-2.6-patched/arch/s390/kernel/ptrace.c 2008-11-07 16:36:20.000000000 +0100
@@ -655,7 +655,7 @@ asmlinkage long do_syscall_trace_enter(s
* debugger stored an invalid system call number. Skip
* the system call and the system call restart handling.
*/
- regs->trap = -1;
+ regs->svcnr = 0;
ret = -1;
}
diff -urpN linux-2.6/arch/s390/kernel/signal.c linux-2.6-patched/arch/s390/kernel/signal.c
--- linux-2.6/arch/s390/kernel/signal.c 2008-11-07 16:35:54.000000000 +0100
+++ linux-2.6-patched/arch/s390/kernel/signal.c 2008-11-07 16:36:20.000000000 +0100
@@ -160,7 +160,7 @@ static int restore_sigregs(struct pt_reg
current->thread.fp_regs.fpc &= FPC_VALID_MASK;
restore_fp_regs(¤t->thread.fp_regs);
- regs->trap = -1; /* disable syscall checks */
+ regs->svcnr = 0; /* disable syscall checks */
return 0;
}
@@ -445,7 +445,7 @@ void do_signal(struct pt_regs *regs)
oldset = ¤t->blocked;
/* Are we from a system call? */
- if (regs->trap == __LC_SVC_OLD_PSW) {
+ if (regs->svcnr) {
continue_addr = regs->psw.addr;
restart_addr = continue_addr - regs->ilc;
retval = regs->gprs[2];
@@ -462,7 +462,7 @@ void do_signal(struct pt_regs *regs)
case -ERESTART_RESTARTBLOCK:
regs->gprs[2] = -EINTR;
}
- regs->trap = -1; /* Don't deal with this again. */
+ regs->svcnr = 0; /* Don't deal with this again. */
}
/* Get signal to deliver. When running under ptrace, at this point