* [PATCH] make former thread ID available via PTRACE_GETEVENTMSG after PTRACE_EVENT_EXEC stop
@ 2011-06-08 16:33 Denys Vlasenko
2011-06-08 18:20 ` Oleg Nesterov
0 siblings, 1 reply; 2+ messages in thread
From: Denys Vlasenko @ 2011-06-08 16:33 UTC (permalink / raw)
To: Oleg Nesterov, Tejun Heo; +Cc: linux-kernel
[-- Attachment #1: Type: text/plain, Size: 289 bytes --]
Hi Oleg,
As discussed, the attached patch allows tracer to figure out
which of its potentially many tracees performed an execve,
and what was its former tid.
Not sure what kind of locking, if any, I need to put around
current->parent...
The patch is on top of Tejun's patches.
--
vda
[-- Attachment #2: pass_old_pid_on_PTRACE_EVENT_EXEC.patch --]
[-- Type: text/x-patch, Size: 1227 bytes --]
diff --git a/fs/exec.c b/fs/exec.c
index a9f2b36..08b1172 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1383,8 +1383,10 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
*/
bprm->recursion_depth = depth;
if (retval >= 0) {
- if (depth == 0)
- tracehook_report_exec(fmt, bprm, regs);
+ if (depth == 0) {
+ pid_t pid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
+ tracehook_report_exec(fmt, bprm, regs, pid);
+ }
put_binfmt(fmt);
allow_write_access(bprm->file);
if (bprm->file)
diff --git a/include/linux/tracehook.h b/include/linux/tracehook.h
index 15745cd..3f65005 100644
--- a/include/linux/tracehook.h
+++ b/include/linux/tracehook.h
@@ -199,9 +199,10 @@ static inline struct task_struct *tracehook_tracer_task(struct task_struct *tsk)
*/
static inline void tracehook_report_exec(struct linux_binfmt *fmt,
struct linux_binprm *bprm,
- struct pt_regs *regs)
+ struct pt_regs *regs,
+ pid_t pid)
{
- if (!ptrace_event(PT_TRACE_EXEC, PTRACE_EVENT_EXEC, 0) &&
+ if (!ptrace_event(PT_TRACE_EXEC, PTRACE_EVENT_EXEC, pid) &&
unlikely(task_ptrace(current) & PT_PTRACED))
send_sig(SIGTRAP, current, 0);
}
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] make former thread ID available via PTRACE_GETEVENTMSG after PTRACE_EVENT_EXEC stop
2011-06-08 16:33 [PATCH] make former thread ID available via PTRACE_GETEVENTMSG after PTRACE_EVENT_EXEC stop Denys Vlasenko
@ 2011-06-08 18:20 ` Oleg Nesterov
0 siblings, 0 replies; 2+ messages in thread
From: Oleg Nesterov @ 2011-06-08 18:20 UTC (permalink / raw)
To: Denys Vlasenko; +Cc: Tejun Heo, linux-kernel
On 06/08, Denys Vlasenko wrote:
>
> Not sure what kind of locking, if any, I need to put around
> current->parent...
Yes ;)
> @@ -1383,8 +1383,10 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
> */
> bprm->recursion_depth = depth;
> if (retval >= 0) {
> - if (depth == 0)
> - tracehook_report_exec(fmt, bprm, regs);
> + if (depth == 0) {
> + pid_t pid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
It is not safe to use ->parent. At least you need rcu lock around.
Also. At this point current has already changed its pid, you should
record pid_t before ->load_binary().
And. We have the coding style police, please use scripts/checkpatch.pl
Just in case, I'll be off-line till Monday.
Oleg.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-06-08 18:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-06-08 16:33 [PATCH] make former thread ID available via PTRACE_GETEVENTMSG after PTRACE_EVENT_EXEC stop Denys Vlasenko
2011-06-08 18:20 ` Oleg Nesterov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox