Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752066AbbKIQFn (ORCPT ); Mon, 9 Nov 2015 11:05:43 -0500 Received: from smtprelay0163.hostedemail.com ([216.40.44.163]:60763 "EHLO smtprelay.hostedemail.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751353AbbKIQFk (ORCPT ); Mon, 9 Nov 2015 11:05:40 -0500 X-Session-Marker: 726F737465647440676F6F646D69732E6F7267 X-Spam-Summary: 2,0,0,,d41d8cd98f00b204,rostedt@goodmis.org,:::::::::,RULES_HIT:41:355:379:541:599:800:960:973:988:989:1260:1277:1311:1313:1314:1345:1359:1437:1515:1516:1518:1534:1541:1593:1594:1711:1730:1747:1777:1792:2393:2553:2559:2562:2895:3138:3139:3140:3141:3142:3353:3622:3865:3866:3867:3868:3870:3871:3872:3873:3874:5007:6261:6691:7875:7903:8660:10004:10400:10848:10967:11232:11658:11914:12043:12296:12517:12519:12663:12740:13069:13148:13161:13229:13230:13311:13357:14096:14097:14659:21080:21212:30034:30045:30046:30054:30070:30090:30091,0,RBL:none,CacheIP:none,Bayesian:0.5,0.5,0.5,Netcheck:none,DomainCache:0,MSF:not bulk,SPF:fn,MSBL:0,DNSBL:none,Custom_rules:0:0:0,LFtime:3,LUA_SUMMARY:none X-HE-Tag: wine69_1414dcca7b24e X-Filterd-Recvd-Size: 2571 Date: Mon, 9 Nov 2015 11:05:36 -0500 From: Steven Rostedt To: Mathieu Desnoyers Cc: Thomas Gleixner , "Anvin, H. Peter" , lttng-dev , LKML Subject: Re: Compat syscall instrumentation and return from execve issue Message-ID: <20151109110536.7bce67e8@gandalf.local.home> In-Reply-To: <2095400880.57684.1447011457513.JavaMail.zimbra@efficios.com> References: <2095400880.57684.1447011457513.JavaMail.zimbra@efficios.com> X-Mailer: Claws Mail 3.12.0 (GTK+ 2.24.28; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1812 Lines: 47 On Sun, 8 Nov 2015 19:37:37 +0000 (UTC) Mathieu Desnoyers wrote: > I have a few ideas on how to overcome this, and would like your > feedback on the matter: > > 1) One possible approach would be to reserve an extra status flag > in struct thread_info to get the TS_COMPAT status at syscall > entry. It would _not_ be updated when the executable is loaded, > so the state at return from execve would match the state when > entering execve. This is a simple approach, but requires kernel > changes. Or add a flag TS_EXECVE that can be set by the tracepoint syscall enter, and checked on exit. If set, we know that the exec happened. > > 2) Keep the compat state at system call entry in a data structure > (e.g. hash table) indexed by thread number within each tracer. > This could work around this issue within each tracer. This is of course what you can do now. As it doesn't touch the kernel. > > 3) Change the syscall number in the struct pt_regs whenever we > change the compat mode of a process. A 64-bit execve system > call number would be mapped to a 32-bit compat execve number, > or the opposite. This requires a kernel change, and seems to be > rather intrusive. > This is a definite no. I'm thinking the TS_EXECVE flag would be the least intrusive. Add a comment that it is used by tracepoints to map between compat and non-compat syscalls when execve switches the flag. This would not need to touch any of the logic of the hotpaths within the systemcalls themselves. -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/