From: Oleg Nesterov <oleg@redhat.com>
To: Renzo Davoli <renzo@cs.unibo.it>
Cc: linux-kernel@vger.kernel.org,
Andrew Morton <akpm@linux-foundation.org>,
Shuah Khan <shuah@kernel.org>, Alexey Gladkov <legion@kernel.org>,
Eugene Syromyatnikov <evgsyr@gmail.com>,
Mike Frysinger <vapier@gentoo.org>,
Davide Berardi <berardi.dav@gmail.com>,
strace-devel@lists.strace.io, Dmitry Levin <ldv@strace.io>
Subject: Re: [PATCH 1/5] ptrace: add PTRACE_SYSCALL_INFO_SECCOMP_SKIP
Date: Thu, 2 Jul 2026 11:58:14 +0200 [thread overview]
Message-ID: <akY2NlR4NXi-5O6v@redhat.com> (raw)
In-Reply-To: <akYoiowicHKWB3_J@cs.unibo.it>
On 07/02, Renzo Davoli wrote:
>
> Hi Oleg,
>
> > Rather than add the new PTRACE_SYSCALL_INFO_SECCOMP_SKIP, can't we teach
> > ptrace_set_syscall_info_seccomp() to treat info->entry.nr == -1 as "skip" ?
> it already does
> > Note that ptrace_set_syscall_info_seccomp() -> ptrace_set_syscall_info_entry()
> > already does syscall_set_nr().
> Syscall skipping is useless if there is not a way to set the return value/errno.
>
> As I explain in the cover letter
> + The tracer can skip the system call by setting the system call number
> + to -1. However, the current PTRACE_SET_SYSCALL_INFO interface does not
> + provide a way to specify the return value or error code that should be
> + reported to the tracee after skipping the call.
>
> currently retvalue/errno can be set only at PTRACE_SYSCALL_INFO_EXIT
I meant something like below. This way both PTRACE_SYSCALL_INFO_ENTRY and
__SECCOMP can skip the syscall and set the return/errr value.
Oleg.
---
diff --git a/include/uapi/linux/ptrace.h b/include/uapi/linux/ptrace.h
index 5f8ef6156752..4ee7870f3291 100644
--- a/include/uapi/linux/ptrace.h
+++ b/include/uapi/linux/ptrace.h
@@ -90,7 +90,13 @@ struct ptrace_syscall_info {
union {
struct {
__u64 nr;
- __u64 args[6];
+ union {
+ __u64 args[6];
+ struct {
+ __s64 rval;
+ __u8 is_error;
+ };
+ };
} entry;
struct {
__s64 rval;
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 130043bfc209..1daac0e62cfa 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -1031,6 +1031,28 @@ ptrace_get_syscall_info(struct task_struct *child, unsigned long user_size,
return copy_to_user(datavp, &info, write_size) ? -EFAULT : actual_size;
}
+static int
+__set_syscall_info_exit(struct task_struct *child, struct pt_regs *regs,
+ __s64 __rval, __u8 __is_error)
+{
+ long rval = __rval;
+
+ /*
+ * Check that the return value specified in info->exit.rval
+ * is either a value of type "long" or a sign-extended value
+ * of type "long".
+ */
+ if (rval != __rval)
+ return -ERANGE;
+
+ if (__is_error)
+ syscall_set_return_value(child, regs, rval, 0);
+ else
+ syscall_set_return_value(child, regs, 0, rval);
+
+ return 0;
+}
+
static int
ptrace_set_syscall_info_entry(struct task_struct *child, struct pt_regs *regs,
struct ptrace_syscall_info *info)
@@ -1047,6 +1069,11 @@ ptrace_set_syscall_info_entry(struct task_struct *child, struct pt_regs *regs,
if (nr != info->entry.nr)
return -ERANGE;
+ syscall_set_nr(child, regs, nr);
+ if (nr == -1)
+ return __set_syscall_info_exit(child, regs,
+ info->entry.rval, info->entry.is_error);
+
for (i = 0; i < ARRAY_SIZE(args); i++) {
args[i] = info->entry.args[i];
/*
@@ -1058,16 +1085,7 @@ ptrace_set_syscall_info_entry(struct task_struct *child, struct pt_regs *regs,
return -ERANGE;
}
- syscall_set_nr(child, regs, nr);
- /*
- * If the syscall number is set to -1, setting syscall arguments is not
- * just pointless, it would also clobber the syscall return value on
- * those architectures that share the same register both for the first
- * argument of syscall and its return value.
- */
- if (nr != -1)
- syscall_set_arguments(child, regs, args);
-
+ syscall_set_arguments(child, regs, args);
return 0;
}
@@ -1086,22 +1104,8 @@ static int
ptrace_set_syscall_info_exit(struct task_struct *child, struct pt_regs *regs,
struct ptrace_syscall_info *info)
{
- long rval = info->exit.rval;
-
- /*
- * Check that the return value specified in info->exit.rval
- * is either a value of type "long" or a sign-extended value
- * of type "long".
- */
- if (rval != info->exit.rval)
- return -ERANGE;
-
- if (info->exit.is_error)
- syscall_set_return_value(child, regs, rval, 0);
- else
- syscall_set_return_value(child, regs, 0, rval);
-
- return 0;
+ return __set_syscall_info_exit(child, regs,
+ info->exit.rval, info->exit.is_error);
}
static int
next prev parent reply other threads:[~2026-07-02 9:58 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-01 15:05 [PATCH 0/5] ptrace_set_syscall_info: add support for seccomp syscall skipping and instruction pointer modification Renzo Davoli
2026-07-01 15:05 ` [PATCH 1/5] ptrace: add PTRACE_SYSCALL_INFO_SECCOMP_SKIP Renzo Davoli
2026-07-02 8:43 ` Oleg Nesterov
2026-07-02 9:09 ` Renzo Davoli
2026-07-02 9:58 ` Oleg Nesterov [this message]
2026-07-02 11:07 ` Dmitry V. Levin
2026-07-02 11:31 ` Oleg Nesterov
2026-07-02 11:39 ` Oleg Nesterov
2026-07-02 14:47 ` Oleg Nesterov
2026-07-02 16:10 ` Renzo Davoli
2026-07-01 15:05 ` [PATCH 2/5] selftests/ptrace: add a test case for PTRACE_SYSCALL_INFO_SECCOMP_SKIP Renzo Davoli
2026-07-01 15:05 ` [PATCH 3/5] asm/ptrace.h: add instruction_pointer_set Renzo Davoli
2026-07-01 15:05 ` [PATCH 4/5] ptrace: add PTRACE_SYSCALL_INFO_FLAG_SET_IP Renzo Davoli
2026-07-01 15:05 ` [PATCH 5/5] selftests/ptrace: add a test case for PTRACE_SYSCALL_INFO_FLAG_SET_IP Renzo Davoli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=akY2NlR4NXi-5O6v@redhat.com \
--to=oleg@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=berardi.dav@gmail.com \
--cc=evgsyr@gmail.com \
--cc=ldv@strace.io \
--cc=legion@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=renzo@cs.unibo.it \
--cc=shuah@kernel.org \
--cc=strace-devel@lists.strace.io \
--cc=vapier@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox