Re: Compat 32-bit syscall entry from 64-bit task!?

[Denys Vlasenko]

On Thu, Jan 26, 2012 at 12:01 PM, Jamie Lokier <jamie@xxxxxxxxxxxxx> wrote:
> Denys Vlasenko wrote:
>> On Thu, Jan 26, 2012 at 11:31 AM, Jamie Lokier <jamie@xxxxxxxxxxxxx> wrote:
>> >> It's still unclear if the PTRACE_EVENT_EXEC comes before or after
>> >> or instead of the post-execve ptrace event.
>>
>> Denis <- confused.
>> Was ist das "post-execve ptrace event"? I know no such thing.
>> I know about PTRACE_EVENT_EXEC, and "post-execve SIGTRAP".
>
> Sorry, I meant to write execve-syscall-exit event.

PTRACE_EVENT_EXEC happens before syscall exit. syscall exit
is not lost. Basically, the sequence is:

tracer               tracee with tid N, tgid M
   <------------- syscall entry for execve, pid=N
PTRACE_SYSCALL--->
   <------------- PTRACE_EVENT_EXEC, pid=M
PTRACE_GETEVENTMSG-->
   <------------- returns N ("I used to be tid N")
PTRACE_SYSCALL--->
   <------------- syscall exit for execve, pid=M
...

-- 
vda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/