* [patch] really-ptrace-single-step @ 2004-05-11 17:12 Davide Libenzi 2004-05-11 17:31 ` Fabiano Ramos 2004-05-11 17:36 ` Fabiano Ramos 0 siblings, 2 replies; 11+ messages in thread From: Davide Libenzi @ 2004-05-11 17:12 UTC (permalink / raw) To: Linux Kernel Mailing List; +Cc: Andrew Morton, Linus Torvalds This patch lets a ptrace process on x86 to "see" the instruction following the INT #80h op. - Davide arch/i386/kernel/entry.S | 2 +- include/asm-i386/thread_info.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) Index: arch/i386/kernel/entry.S =================================================================== RCS file: /usr/src/bkcvs/linux-2.5/arch/i386/kernel/entry.S,v retrieving revision 1.83 diff -u -r1.83 entry.S --- arch/i386/kernel/entry.S 12 Apr 2004 20:29:12 -0000 1.83 +++ arch/i386/kernel/entry.S 11 May 2004 06:35:29 -0000 @@ -354,7 +354,7 @@ # perform syscall exit tracing ALIGN syscall_exit_work: - testb $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT), %cl + testb $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SINGLESTEP), %cl jz work_pending sti # could let do_syscall_trace() call # schedule() instead Index: include/asm-i386/thread_info.h =================================================================== RCS file: /usr/src/bkcvs/linux-2.5/include/asm-i386/thread_info.h,v retrieving revision 1.19 diff -u -r1.19 thread_info.h --- include/asm-i386/thread_info.h 12 Apr 2004 20:29:12 -0000 1.19 +++ include/asm-i386/thread_info.h 11 May 2004 06:34:47 -0000 @@ -165,7 +165,7 @@ /* work to do on interrupt/exception return */ #define _TIF_WORK_MASK \ - (0x0000FFFF & ~(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT)) + (0x0000FFFF & ~(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SINGLESTEP)) #define _TIF_ALLWORK_MASK 0x0000FFFF /* work to do on any return to u-space */ /* ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-11 17:12 [patch] really-ptrace-single-step Davide Libenzi @ 2004-05-11 17:31 ` Fabiano Ramos 2004-05-12 0:17 ` Andrew Morton 2004-05-11 17:36 ` Fabiano Ramos 1 sibling, 1 reply; 11+ messages in thread From: Fabiano Ramos @ 2004-05-11 17:31 UTC (permalink / raw) To: Davide Libenzi, Linux Kernel Mailing List Still not getting the desired result. Which kernel is the patch based on? On Tue, 2004-05-11 at 14:12, Davide Libenzi wrote: > This patch lets a ptrace process on x86 to "see" the instruction > following the INT #80h op. > > > > - Davide > > > arch/i386/kernel/entry.S | 2 +- > include/asm-i386/thread_info.h | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > > > > Index: arch/i386/kernel/entry.S > =================================================================== > RCS file: /usr/src/bkcvs/linux-2.5/arch/i386/kernel/entry.S,v > retrieving revision 1.83 > diff -u -r1.83 entry.S > --- arch/i386/kernel/entry.S 12 Apr 2004 20:29:12 -0000 1.83 > +++ arch/i386/kernel/entry.S 11 May 2004 06:35:29 -0000 > @@ -354,7 +354,7 @@ > # perform syscall exit tracing > ALIGN > syscall_exit_work: > - testb $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT), %cl > + testb $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SINGLESTEP), %cl > jz work_pending > sti # could let do_syscall_trace() call > # schedule() instead > Index: include/asm-i386/thread_info.h > =================================================================== > RCS file: /usr/src/bkcvs/linux-2.5/include/asm-i386/thread_info.h,v > retrieving revision 1.19 > diff -u -r1.19 thread_info.h > --- include/asm-i386/thread_info.h 12 Apr 2004 20:29:12 -0000 1.19 > +++ include/asm-i386/thread_info.h 11 May 2004 06:34:47 -0000 > @@ -165,7 +165,7 @@ > > /* work to do on interrupt/exception return */ > #define _TIF_WORK_MASK \ > - (0x0000FFFF & ~(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT)) > + (0x0000FFFF & ~(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SINGLESTEP)) > #define _TIF_ALLWORK_MASK 0x0000FFFF /* work to do on any return to u-space */ > > /* > - > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-11 17:31 ` Fabiano Ramos @ 2004-05-12 0:17 ` Andrew Morton 2004-05-12 0:42 ` Davide Libenzi 2004-05-12 1:04 ` Fabiano Ramos 0 siblings, 2 replies; 11+ messages in thread From: Andrew Morton @ 2004-05-12 0:17 UTC (permalink / raw) To: Fabiano Ramos; +Cc: davidel, linux-kernel Fabiano Ramos <ramos_fabiano@yahoo.com.br> wrote: > > Still not getting the desired result. > Which kernel is the patch based on? > > On Tue, 2004-05-11 at 14:12, Davide Libenzi wrote: > > This patch lets a ptrace process on x86 to "see" the instruction > > following the INT #80h op. Please. Don't edit people out of email headers. Just do reply-to-all. I didn't see your "it doesn't work" email for many hours after having merged the patch. Thanks. ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-12 0:17 ` Andrew Morton @ 2004-05-12 0:42 ` Davide Libenzi 2004-05-12 1:04 ` Fabiano Ramos 1 sibling, 0 replies; 11+ messages in thread From: Davide Libenzi @ 2004-05-12 0:42 UTC (permalink / raw) To: Andrew Morton; +Cc: Fabiano Ramos, Linux Kernel Mailing List On Tue, 11 May 2004, Andrew Morton wrote: > Fabiano Ramos <ramos_fabiano@yahoo.com.br> wrote: > > > > Still not getting the desired result. > > Which kernel is the patch based on? > > > > On Tue, 2004-05-11 at 14:12, Davide Libenzi wrote: > > > This patch lets a ptrace process on x86 to "see" the instruction > > > following the INT #80h op. > > Please. Don't edit people out of email headers. Just do reply-to-all. I > didn't see your "it doesn't work" email for many hours after having merged > the patch. Sorry Andrew, it's my fault. I should have told you when I received the message, but today I had about 25000 meetings. Hold about the new patch, since I want to see it running a little bit more on my machine. I will send you the final ack later. - Davide ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-12 0:17 ` Andrew Morton 2004-05-12 0:42 ` Davide Libenzi @ 2004-05-12 1:04 ` Fabiano Ramos 2004-05-12 1:06 ` Davide Libenzi 1 sibling, 1 reply; 11+ messages in thread From: Fabiano Ramos @ 2004-05-12 1:04 UTC (permalink / raw) To: Andrew Morton; +Cc: davidel, Linux Kernel Mailing List On Tue, 2004-05-11 at 21:17, Andrew Morton wrote: > Fabiano Ramos <ramos_fabiano@yahoo.com.br> wrote: > > > > Still not getting the desired result. > > Which kernel is the patch based on? > > > > On Tue, 2004-05-11 at 14:12, Davide Libenzi wrote: > > > This patch lets a ptrace process on x86 to "see" the instruction > > > following the INT #80h op. > > Please. Don't edit people out of email headers. Just do reply-to-all. I > didn't see your "it doesn't work" email for many hours after having merged > the patch. > > Thanks. Sorry for that. By the way the email was sent in response to the first patch, not for the second version. > - > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-12 1:04 ` Fabiano Ramos @ 2004-05-12 1:06 ` Davide Libenzi 2004-05-12 1:15 ` Fabiano Ramos 2004-05-12 2:19 ` Fabiano Ramos 0 siblings, 2 replies; 11+ messages in thread From: Davide Libenzi @ 2004-05-12 1:06 UTC (permalink / raw) To: Fabiano Ramos; +Cc: Andrew Morton, Linux Kernel Mailing List On Tue, 11 May 2004, Fabiano Ramos wrote: > Sorry for that. > By the way the email was sent in response to the first > patch, not for the second version. The second version works for me. Pls give it a spin. - Davide ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-12 1:06 ` Davide Libenzi @ 2004-05-12 1:15 ` Fabiano Ramos 2004-05-12 2:19 ` Fabiano Ramos 1 sibling, 0 replies; 11+ messages in thread From: Fabiano Ramos @ 2004-05-12 1:15 UTC (permalink / raw) To: Davide Libenzi; +Cc: Andrew Morton, Linux Kernel Mailing List I am testing it right now. On Tue, 2004-05-11 at 22:06, Davide Libenzi wrote: > On Tue, 11 May 2004, Fabiano Ramos wrote: > > > Sorry for that. > > By the way the email was sent in response to the first > > patch, not for the second version. > > The second version works for me. Pls give it a spin. > > > - Davide ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-12 1:06 ` Davide Libenzi 2004-05-12 1:15 ` Fabiano Ramos @ 2004-05-12 2:19 ` Fabiano Ramos 1 sibling, 0 replies; 11+ messages in thread From: Fabiano Ramos @ 2004-05-12 2:19 UTC (permalink / raw) To: Davide Libenzi; +Cc: Andrew Morton, Linux Kernel Mailing List On Tue, 2004-05-11 at 22:06, Davide Libenzi wrote: > On Tue, 11 May 2004, Fabiano Ramos wrote: > > > Sorry for that. > > By the way the email was sent in response to the first > > patch, not for the second version. > > The second version works for me. Pls give it a spin. > > > - Davide Seems to be working just fine on 2.6.5 and 2.6.6. Tracing the following code (tracer appended) would produce: 8050cd6: b8 c7 00 00 00 mov $0xc7,%eax 8050cdb: cd 80 int $0x80 8050cdd: 3d 00 f0 ff ff cmp $0xfffff000,%eax 8050ce2: 76 f0 jbe 8050cd4 <__getuid+0x14> EIP = 0x08050cd6 EIP = 0x08050cdb EIP = 0x08050cdd EIP = 0x08050ce2 --------- TRACER ----------- #include <stdio.h> #include <string.h> #include <stdlib.h> #include <signal.h> #include <syscall.h> #include <sys/ptrace.h> #include <sys/types.h> #include <sys/stat.h> #include <sys/wait.h> #include <linux/user.h> #include <unistd.h> #include <errno.h> extern char **environ; int main(int argc, char **argv) { struct user_regs_struct regs; int wait_val; /* child's return value */ int pid; /* child's process id */ long long totalinstr=0; /* # of intr executed */ unsigned char opcode; /* syscall opcode goes in one byte */ int i; /* printing options */ printf("\n\nPTRACE: Will execute \""); for (i=1; i<argc; i++) printf("%s ", argv[i]); printf("\". Please wait (it may take long...)\n\n\n"); printf("***** SIMULATED PROGRAM OUTPUT *****\n\n"); switch (pid = fork()) { case -1: perror("fork"); break; case 0: /* child process starts */ if ( ptrace(PTRACE_TRACEME, 0, NULL, NULL) < 0) perror("\nError in ptrace PTRACE_TRACEME"); execv(argv[1],&argv[1]); break; default:/* parent process starts */ if (waitpid(pid,&wait_val,0) < 0) perror("\nchild process EXITED"); if (ptrace(PTRACE_SINGLESTEP,pid,NULL,NULL) < 0) perror("\nError in ptrace PTRACE_SINGLESTEP"); waitpid(pid,&wait_val,0); while (1) { totalinstr++; /* get PC */ if (ptrace(PTRACE_GETREGS, pid, 0, (int)®s) == -1){ perror("ptrace"); printf("Exiting on error ... \n"); } printf("\nEIP = 0x%08lx\n", regs.eip); // will stop after each instruction if (ptrace(PTRACE_SINGLESTEP, pid, 0, 0) != 0) perror("ptrace"); waitpid(pid,&wait_val,0); if ( WIFEXITED(wait_val)) break; } } printf("\n************************************\n\n"); printf("Number of machine instructions : %lld\n\n\n", totalinstr); return 0; } ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-11 17:12 [patch] really-ptrace-single-step Davide Libenzi 2004-05-11 17:31 ` Fabiano Ramos @ 2004-05-11 17:36 ` Fabiano Ramos 2004-05-11 17:38 ` Davide Libenzi 1 sibling, 1 reply; 11+ messages in thread From: Fabiano Ramos @ 2004-05-11 17:36 UTC (permalink / raw) To: Linux Kernel Mailing List, Davide Libenzi It would not work against 2.6.5, since do_syscall_trace() makes the check if (!test_thread_flag(TIF_SYSCALL_TRACE)) return; Simply removing it would do? On Tue, 2004-05-11 at 14:12, Davide Libenzi wrote: > This patch lets a ptrace process on x86 to "see" the instruction > following the INT #80h op. > > > > - Davide > > > arch/i386/kernel/entry.S | 2 +- > include/asm-i386/thread_info.h | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > > > > Index: arch/i386/kernel/entry.S > =================================================================== > RCS file: /usr/src/bkcvs/linux-2.5/arch/i386/kernel/entry.S,v > retrieving revision 1.83 > diff -u -r1.83 entry.S > --- arch/i386/kernel/entry.S 12 Apr 2004 20:29:12 -0000 1.83 > +++ arch/i386/kernel/entry.S 11 May 2004 06:35:29 -0000 > @@ -354,7 +354,7 @@ > # perform syscall exit tracing > ALIGN > syscall_exit_work: > - testb $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT), %cl > + testb $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SINGLESTEP), %cl > jz work_pending > sti # could let do_syscall_trace() call > # schedule() instead > Index: include/asm-i386/thread_info.h > =================================================================== > RCS file: /usr/src/bkcvs/linux-2.5/include/asm-i386/thread_info.h,v > retrieving revision 1.19 > diff -u -r1.19 thread_info.h > --- include/asm-i386/thread_info.h 12 Apr 2004 20:29:12 -0000 1.19 > +++ include/asm-i386/thread_info.h 11 May 2004 06:34:47 -0000 > @@ -165,7 +165,7 @@ > > /* work to do on interrupt/exception return */ > #define _TIF_WORK_MASK \ > - (0x0000FFFF & ~(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT)) > + (0x0000FFFF & ~(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT|_TIF_SINGLESTEP)) > #define _TIF_ALLWORK_MASK 0x0000FFFF /* work to do on any return to u-space */ > > /* > - > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-11 17:36 ` Fabiano Ramos @ 2004-05-11 17:38 ` Davide Libenzi 2004-05-11 18:40 ` Fabiano Ramos 0 siblings, 1 reply; 11+ messages in thread From: Davide Libenzi @ 2004-05-11 17:38 UTC (permalink / raw) To: Fabiano Ramos; +Cc: Linux Kernel Mailing List On Tue, 11 May 2004, Fabiano Ramos wrote: > It would not work against 2.6.5, since > > do_syscall_trace() > > makes the check > > if (!test_thread_flag(TIF_SYSCALL_TRACE)) > return; > > Simply removing it would do? No no. You need to OR it with the single-step. Try: if (!test_thread_flag(TIF_SYSCALL_TRACE) && !test_thread_flag(TIF_SINGLESTEP)) return; - Davide ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [patch] really-ptrace-single-step 2004-05-11 17:38 ` Davide Libenzi @ 2004-05-11 18:40 ` Fabiano Ramos 0 siblings, 0 replies; 11+ messages in thread From: Fabiano Ramos @ 2004-05-11 18:40 UTC (permalink / raw) To: Davide Libenzi, Linux Kernel Mailing List On Tue, 2004-05-11 at 14:38, Davide Libenzi wrote: > On Tue, 11 May 2004, Fabiano Ramos wrote: > > > It would not work against 2.6.5, since > > > > do_syscall_trace() > > > > makes the check > > > > if (!test_thread_flag(TIF_SYSCALL_TRACE)) > > return; > > > > Simply removing it would do? > > No no. You need to OR it with the single-step. Try: > > if (!test_thread_flag(TIF_SYSCALL_TRACE) && > !test_thread_flag(TIF_SINGLESTEP)) > return; > > > - Davide Still not working. :( Correct me if I am wrong: is TIF_SINGLESTEP asserted whenever a process is being singlestepped? I do not see where it is done. > > - > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2004-05-12 2:17 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2004-05-11 17:12 [patch] really-ptrace-single-step Davide Libenzi 2004-05-11 17:31 ` Fabiano Ramos 2004-05-12 0:17 ` Andrew Morton 2004-05-12 0:42 ` Davide Libenzi 2004-05-12 1:04 ` Fabiano Ramos 2004-05-12 1:06 ` Davide Libenzi 2004-05-12 1:15 ` Fabiano Ramos 2004-05-12 2:19 ` Fabiano Ramos 2004-05-11 17:36 ` Fabiano Ramos 2004-05-11 17:38 ` Davide Libenzi 2004-05-11 18:40 ` Fabiano Ramos
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox