Re: [PATCH] x86_64,entry: Fix RCX for traced syscalls

[Pavel Machek]

On Thu 2014-06-26 13:47:32, Andy Lutomirski wrote:
> On Thu, Jun 26, 2014 at 1:12 PM, H. Peter Anvin <hpa@xxxxxxxxx> wrote:
> > The real question is if we care that sysret and iter don't match.  On 32 bits the situation is even more complex.
> 
> At least for 64 bits, iret vs sysret is purely a kernel implementation
> detail (except where a tracer modifies things that are inaccessible to
> sysret), so ISTM it's worth one instruction to make them match.
> 
> I noticed this thing while fiddling with moving some of the syscall
> tracing logic to C.  This isn't a real problem, but it at least made
> me scratch my head.

If possible, we'd like to trace programs without programs being noticed they are 
being traced. See subterfugue utility, for example.

It is certainly worth one extra instruction.
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/