From: "Dmitry V. Levin" <ldv@altlinux.org>
To: Andy Lutomirski <luto@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>,
Kees Cook <keescook@chromium.org>, Jann Horn <jannh@google.com>,
Michael Ellerman <mpe@ellerman.id.au>,
Elvira Khabirova <lineprinter@altlinux.org>,
Eugene Syromiatnikov <esyr@redhat.com>,
Steven Rostedt <rostedt@goodmis.org>,
LKML <linux-kernel@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
Ingo Molnar <mingo@redhat.com>,
strace-devel@lists.strace.io
Subject: Re: [PATCH v4 1/2] ptrace: save the type of syscall-stop in ptrace_message
Date: Thu, 29 Nov 2018 13:34:36 +0300 [thread overview]
Message-ID: <20181129103436.GA11547@altlinux.org> (raw)
In-Reply-To: <CALCETrVjMorQDsJzQGaREEB5_7B24ApWSoNQfRd3K3QNSGAyEA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 3930 bytes --]
On Wed, Nov 28, 2018 at 03:17:49PM -0800, Andy Lutomirski wrote:
> On Wed, Nov 28, 2018 at 2:11 PM Dmitry V. Levin <ldv@altlinux.org> wrote:
> >
> > On Wed, Nov 28, 2018 at 06:23:46PM +0300, Dmitry V. Levin wrote:
> > > On Wed, Nov 28, 2018 at 03:20:06PM +0100, Oleg Nesterov wrote:
> > > > On 11/28, Dmitry V. Levin wrote:
> > > > > On Wed, Nov 28, 2018 at 02:49:14PM +0100, Oleg Nesterov wrote:
> > > > > > On 11/28, Dmitry V. Levin wrote:
> > > > > > >
> > > > > > > +/*
> > > > > > > + * These values are stored in task->ptrace_message by tracehook_report_syscall_*
> > > > > > > + * to describe current syscall-stop.
> > > > > > > + *
> > > > > > > + * Values for these constants are chosen so that they do not appear
> > > > > > > + * in task->ptrace_message by other means.
> > > > > > > + */
> > > > > > > +#define PTRACE_EVENTMSG_SYSCALL_ENTRY 0x80000000U
> > > > > > > +#define PTRACE_EVENTMSG_SYSCALL_EXIT 0x90000000U
> > > > > >
> > > > > > Again, I do not really understand the comment... Why should we care about
> > > > > > "do not appear in task->ptrace_message by other means" ?
> > > > > >
> > > > > > 2/2 should detect ptrace_report_syscall() case correctly, so we can use any
> > > > > > numbers, say, 1 and 2?
> > > > > >
> > > > > > If debugger does PTRACE_GETEVENTMSG it should know how to interpet the value
> > > > > > anyway after wait(status).
> > > > >
> > > > > Given that without this patch the value returned by PTRACE_GETEVENTMSG
> > > > > during syscall stop is undefined, we need two different ptrace_message
> > > > > values that cannot be set by other ptrace events to enable reliable
> > > > > identification of syscall-enter-stop and syscall-exit-stop in userspace:
> > > > > if we make PTRACE_GETEVENTMSG return 0 or any other value routinely set by
> > > > > other ptrace events, it would be hard for userspace to find out whether
> > > > > the kernel implements new semantics or not.
> > > >
> > > > Hmm, why? Debugger can just do ptrace(PTRACE_GET_SYSCALL_INFO, NULL), if it
> > > > returns EIO then it is not implemented?
> > >
> > > The debugger that uses PTRACE_GET_SYSCALL_INFO does not need to call
> > > PTRACE_GETEVENTMSG for syscall stops.
> > > My concern here is the PTRACE_GETEVENTMSG interface itself. If we use
> > > ptrace_message to implement PTRACE_GET_SYSCALL_INFO and expose
> > > PTRACE_EVENTMSG_SYSCALL_{ENTRY,EXIT} for regular PTRACE_GETEVENTMSG users,
> > > it should have clear semantics.
> >
> > Since our implementation of PTRACE_GET_SYSCALL_INFO uses ptrace_message
> > to distinguish syscall-enter-stop from syscall-exit-stop, we could choose
> > one of the following approaches:
> >
> > 1. Do not document the values saved into ptrace_message during syscall
> > stops (and exposed via PTRACE_GETEVENTMSG) as a part of ptrace API,
> > leaving the value returned by PTRACE_GETEVENTMSG during syscall stops
> > as undefined.
> >
> > 2. Document these values chosen to avoid collisions with ptrace_message values
> > set by other ptrace events so that PTRACE_GETEVENTMSG users can easily tell
> > whether this new semantics is supported by the kernel or not.
>
> I don't like any of this at all. Can we please choose a sensible API
> design and let the API drive the implementation instead of vice versa?
What are your concerns? Do you see something wrong in exposing this
information via PTRACE_GETEVENTMSG?
Anyway, can we agree on the PTRACE_GET_SYSCALL_INFO API, please?
> ISTM the correct solution is to add some new state to task_struct for
> this.
>
> If we're concerned about making task_struct bigger, I have a
> half-finished patch to factor all the ptrace tracee state into a
> separate struct.
This is refactoring of the kernel - a thing userspace people are not
the best equipped to do. This part should rather be sorted out by kernel
people.
--
ldv
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
next prev parent reply other threads:[~2018-11-29 10:34 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-28 13:04 [PATCH v4 0/2] ptrace: add PTRACE_GET_SYSCALL_INFO request Dmitry V. Levin
2018-11-28 13:04 ` Dmitry V. Levin
[not found] ` <20181128130439.GB28206-u2l5PoMzF/Vg9hUCZPvPmw@public.gmane.org>
2018-11-28 13:06 ` [PATCH v4 1/2] ptrace: save the type of syscall-stop in ptrace_message Dmitry V. Levin
2018-11-28 13:06 ` Dmitry V. Levin
2018-11-28 13:49 ` Oleg Nesterov
2018-11-28 14:05 ` Dmitry V. Levin
2018-11-28 14:20 ` Oleg Nesterov
[not found] ` <20181128142006.GE30395-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2018-11-28 15:23 ` Dmitry V. Levin
2018-11-28 15:23 ` Dmitry V. Levin
[not found] ` <20181128152346.GG28206-u2l5PoMzF/Vg9hUCZPvPmw@public.gmane.org>
2018-11-28 22:11 ` Dmitry V. Levin
2018-11-28 22:11 ` Dmitry V. Levin
2018-11-28 23:17 ` Andy Lutomirski
2018-11-29 10:34 ` Dmitry V. Levin [this message]
2018-11-29 15:03 ` Oleg Nesterov
2018-11-29 14:47 ` Oleg Nesterov
[not found] ` <20181129144742.GB10645-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2018-11-29 21:10 ` Dmitry V. Levin
2018-11-29 21:10 ` Dmitry V. Levin
2018-11-30 11:29 ` Oleg Nesterov
[not found] ` <20181130112920.GD23670-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2018-11-30 22:53 ` Dmitry V. Levin
2018-11-30 22:53 ` Dmitry V. Levin
2018-11-28 13:07 ` [PATCH v4 2/2] ptrace: add PTRACE_GET_SYSCALL_INFO request Dmitry V. Levin
2018-11-28 14:10 ` Oleg Nesterov
2018-11-28 14:29 ` Oleg Nesterov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181129103436.GA11547@altlinux.org \
--to=ldv@altlinux.org \
--cc=esyr@redhat.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=lineprinter@altlinux.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=mpe@ellerman.id.au \
--cc=oleg@redhat.com \
--cc=rostedt@goodmis.org \
--cc=strace-devel@lists.strace.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.