Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751539AbaAMNfw (ORCPT ); Mon, 13 Jan 2014 08:35:52 -0500 Received: from mail-qe0-f49.google.com ([209.85.128.49]:54712 "EHLO mail-qe0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751472AbaAMNfs (ORCPT ); Mon, 13 Jan 2014 08:35:48 -0500 MIME-Version: 1.0 In-Reply-To: References: From: Denys Vlasenko Date: Mon, 13 Jan 2014 14:35:27 +0100 Message-ID: Subject: Re: [RFC/PATCH] Implement new PTRACE_EVENT_SYSCALL_{ENTER,EXIT} To: Sergio Durigan Junior Cc: LKML , Oleg Nesterov , Roland McGrath Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 6, 2014 at 11:52 PM, Sergio Durigan Junior wrote: > The other nice thing that I have implemented is the ability to obtain > the syscall number related to the event by using PTRACE_GET_EVENTMSG. > This way, we don't need to inspect registers anymore when we want to > know which syscall is responsible for this or that event. OTOH, by fetching registers using just one ptrace call you get a lot more data. So, this isn't *that* useful -- the debuggers already know how to fetch and interpret regs - but it is also a cheap change. Why not? > -static inline int ptrace_report_syscall(struct pt_regs *regs) > +static inline int ptrace_report_syscall(struct pt_regs *regs, int entry, > + unsigned int sysno) This function looks ripe for de-inlining. > /* Wait extended result codes for the above trace options. */ > -#define PTRACE_EVENT_FORK 1 > -#define PTRACE_EVENT_VFORK 2 > -#define PTRACE_EVENT_CLONE 3 > -#define PTRACE_EVENT_EXEC 4 > -#define PTRACE_EVENT_VFORK_DONE 5 > -#define PTRACE_EVENT_EXIT 6 > -#define PTRACE_EVENT_SECCOMP 7 > +#define PTRACE_EVENT_FORK 1 > +#define PTRACE_EVENT_VFORK 2 > +#define PTRACE_EVENT_CLONE 3 > +#define PTRACE_EVENT_EXEC 4 > +#define PTRACE_EVENT_VFORK_DONE 5 > +#define PTRACE_EVENT_EXIT 6 > +#define PTRACE_EVENT_SECCOMP 7 > +#define PTRACE_EVENT_SYSCALL_ENTER 8 > +#define PTRACE_EVENT_SYSCALL_EXIT 9 > + > /* Extended result codes which enabled by means other than options. */ > #define PTRACE_EVENT_STOP 128 > > @@ -87,11 +90,13 @@ struct ptrace_peeksiginfo_args { > #define PTRACE_O_TRACEVFORKDONE (1 << PTRACE_EVENT_VFORK_DONE) > #define PTRACE_O_TRACEEXIT (1 << PTRACE_EVENT_EXIT) > #define PTRACE_O_TRACESECCOMP (1 << PTRACE_EVENT_SECCOMP) > +#define PTRACE_O_SYSCALL_ENTER (1 << PTRACE_EVENT_SYSCALL_ENTER) > +#define PTRACE_O_SYSCALL_EXIT (1 << PTRACE_EVENT_SYSCALL_EXIT) > > /* eventless options */ > #define PTRACE_O_EXITKILL (1 << 20) > > -#define PTRACE_O_MASK (0x000000ff | PTRACE_O_EXITKILL) > +#define PTRACE_O_MASK (0x00000fff | PTRACE_O_EXITKILL) You added just two bits, why did you extend the mask by four bits? IOW: shouldn't it be 0x00003ff instead? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/