* [RFC] desired behaviour of syscall tracing wrt fork()
@ 2012-10-13 19:38 Al Viro
0 siblings, 0 replies; only message in thread
From: Al Viro @ 2012-10-13 19:38 UTC (permalink / raw)
To: linux-kernel; +Cc: Ingo Molnar, Frederic Weisbecker, Steven Rostedt, linux-arch
There's a lovely incosistency regarding whether we call
trace_sys_exit() for child process on return from fork()/clone()/etc.
The current situation:
* called on amd64 for 32bit newborns
* *NOT* called on i386 or amd64 for 64bit ones
* not called on arm
* called on ppc, s390, sh and sparc64
* not wired on anything else
Note that existing in-kernel users of that tracepoint (ftrace and perf)
both at least attempt to bail out in that situation. However, the
way it's done is not guaranteed to work if we wire more architectures -
it relies on syscall_get_nr() returning negative in child, which might
or might not work everywhere. If nothing else, it's a landmine to
avoid...
FWIW, I'd vote for not calling syscall_trace_...() on the way
from ret_from_fork() - nothing in there really wants to be called
for newborns; e.g. TIF_SYSCALL_TRACE is explicitly turned off for
newborns, audit_syscall_exit() will not see ->in_syscall set and will
log nothing and existing users of trace_sys_exit() at least attempt
to skip doing anything on those.
Comments? AFAICS, it's not that much surgery to do...
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2012-10-13 19:38 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-13 19:38 [RFC] desired behaviour of syscall tracing wrt fork() Al Viro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).