Re: [RFC] [Patch 1/1] [Self Ptrace] System call notification withself_ptrace
From: Pierre Morel
Date: Thu Aug 28 2008 - 08:07:27 EST
Oleg Nesterov wrote:
On 08/27, Pierre Morel wrote:
Oleg Nesterov wrote:
On s390 the patch changes handle_signal(), this is not clear to me too.
The patch clears the trace flags before delivering the signal so
that the signal handler can use system call without bouncing again.
Yes I see. But the signal handler for SIGSYS can fisrt do
sys_ptrace(PTRACE_SELF_OFF) (which is filtered out), and then use any
other syscall.
It is right but brings the overhead of a syscall.
With this patch PT_SELF is cleared on any signal. This doesn't look
right. Let's suppose that another signal comes in parallel with SIGSYS.
It is very possible that the handler for that another signal will be
called first, this handler can do some syscall which will be "missed".
If the tracing application catches all signals before delivering
them to the instrumented original handler there is no problem,
the catching code can reset PTRACE_SELF_ON before calling the
instrumented application's original handler.
The instrumented code will then bounce as expected.
I see this more like a security, the "bouncing" feature
is only enabled until next syscall or signal, never more.
This instrumentation method allows with this little patch to do
all the syscall and signal instrumentation in userland and inside the
address space of the instrumented application.
I expect we will have a big improvement of instrumenting tools like
- debugger, tracing tool,
- virtualization applications like UML
- High availability: checkpoint and restart, record and replay.
because of the reduction of IPC and task switch overhead.
Pierre
--
=============
Pierre Morel
RTOS and Embedded Linux
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/