2 * linux/kernel/ptrace.c
4 * (C) Copyright 1999 Linus Torvalds
6 * Common interfaces for "ptrace()" which we do not want
7 * to continually duplicate across every architecture.
10 #include <linux/capability.h>
11 #include <linux/module.h>
12 #include <linux/sched.h>
13 #include <linux/errno.h>
15 #include <linux/highmem.h>
16 #include <linux/pagemap.h>
17 #include <linux/smp_lock.h>
18 #include <linux/ptrace.h>
19 #include <linux/security.h>
20 #include <linux/signal.h>
22 #include <asm/pgtable.h>
23 #include <asm/uaccess.h>
26 #include <linux/utrace.h>
27 #include <linux/tracehook.h>
28 #include <asm/tracehook.h>
31 #include <linux/vs_base.h>
33 int getrusage(struct task_struct *, int, struct rusage __user *);
35 //#define PTRACE_DEBUG
37 int __ptrace_may_attach(struct task_struct *task)
39 /* May we inspect the given task?
40 * This check is used both for attaching with ptrace
41 * and for allowing access to sensitive information in /proc.
43 * ptrace_attach denies several cases that /proc allows
44 * because setting up the necessary parent/child relationship
45 * or halting the specified task is impossible.
48 /* Don't let security modules deny introspection */
51 if (((current->uid != task->euid) ||
52 (current->uid != task->suid) ||
53 (current->uid != task->uid) ||
54 (current->gid != task->egid) ||
55 (current->gid != task->sgid) ||
56 (current->gid != task->gid)) && !capable(CAP_SYS_PTRACE))
60 dumpable = task->mm->dumpable;
61 if (!dumpable && !capable(CAP_SYS_PTRACE))
64 return security_ptrace(current, task);
67 int ptrace_may_attach(struct task_struct *task)
71 err = __ptrace_may_attach(task);
77 * Access another process' address space.
78 * Source/target buffer must be kernel space,
79 * Do not walk the page table directly, use get_user_pages
82 int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
85 struct vm_area_struct *vma;
89 mm = get_task_mm(tsk);
93 down_read(&mm->mmap_sem);
94 /* ignore errors, just check how much was sucessfully transfered */
96 int bytes, ret, offset;
99 ret = get_user_pages(tsk, mm, addr, 1,
100 write, 1, &page, &vma);
105 offset = addr & (PAGE_SIZE-1);
106 if (bytes > PAGE_SIZE-offset)
107 bytes = PAGE_SIZE-offset;
111 copy_to_user_page(vma, page, addr,
112 maddr + offset, buf, bytes);
113 set_page_dirty_lock(page);
115 copy_from_user_page(vma, page, addr,
116 buf, maddr + offset, bytes);
119 page_cache_release(page);
124 up_read(&mm->mmap_sem);
127 return buf - old_buf;
131 #ifndef CONFIG_PTRACE
133 asmlinkage long sys_ptrace(long request, long pid, long addr, long data)
143 * These elements are always available, even when the struct is
144 * awaiting destruction at the next RCU callback point.
146 struct utrace_attached_engine *engine;
147 struct task_struct *task; /* Target task. */
148 struct task_struct *parent; /* Whom we report to. */
149 struct list_head entry; /* Entry on parent->ptracees list. */
152 struct rcu_head dead;
154 u8 options; /* PTRACE_SETOPTIONS bits. */
155 unsigned int stopped:1; /* Stopped for report. */
156 unsigned int reported:1; /* wait already reported. */
157 unsigned int syscall:1; /* Reporting for syscall. */
159 unsigned int sysemu:1; /* PTRACE_SYSEMU in progress. */
161 unsigned int have_eventmsg:1; /* u.eventmsg valid. */
162 unsigned int cap_sys_ptrace:1; /* Tracer capable. */
166 unsigned long eventmsg;
173 static const struct utrace_engine_ops ptrace_utrace_ops; /* Initialized below. */
177 ptrace_state_link(struct ptrace_state *state)
179 task_lock(state->parent);
180 list_add_rcu(&state->entry, &state->parent->ptracees);
181 task_unlock(state->parent);
185 ptrace_state_unlink(struct ptrace_state *state)
187 task_lock(state->parent);
188 list_del_rcu(&state->entry);
189 task_unlock(state->parent);
193 ptrace_setup(struct task_struct *target, struct utrace_attached_engine *engine,
194 struct task_struct *parent, u8 options, int cap_sys_ptrace)
196 struct ptrace_state *state = kzalloc(sizeof *state, GFP_USER);
197 if (unlikely(state == NULL))
200 state->engine = engine;
201 state->task = target;
202 state->parent = parent;
203 state->u.live.options = options;
204 state->u.live.cap_sys_ptrace = cap_sys_ptrace;
205 ptrace_state_link(state);
207 BUG_ON(engine->data != 0);
208 rcu_assign_pointer(engine->data, (unsigned long) state);
214 ptrace_state_free(struct rcu_head *rhead)
216 struct ptrace_state *state = container_of(rhead,
217 struct ptrace_state, u.dead);
222 ptrace_done(struct ptrace_state *state)
224 INIT_RCU_HEAD(&state->u.dead);
225 call_rcu(&state->u.dead, ptrace_state_free);
229 * Update the tracing engine state to match the new ptrace state.
232 ptrace_update(struct task_struct *target, struct utrace_attached_engine *engine,
235 struct ptrace_state *state = (struct ptrace_state *) engine->data;
238 * These events are always reported.
240 flags |= (UTRACE_EVENT(DEATH) | UTRACE_EVENT(EXEC)
241 | UTRACE_EVENT_SIGNAL_ALL);
244 * We always have to examine clone events to check for CLONE_PTRACE.
246 flags |= UTRACE_EVENT(CLONE);
249 * PTRACE_SETOPTIONS can request more events.
251 if (state->u.live.options & PTRACE_O_TRACEEXIT)
252 flags |= UTRACE_EVENT(EXIT);
253 if (state->u.live.options & PTRACE_O_TRACEVFORKDONE)
254 flags |= UTRACE_EVENT(VFORK_DONE);
257 * ptrace always inhibits normal parent reaping.
258 * But for a corner case we sometimes see the REAP event instead.
260 flags |= UTRACE_ACTION_NOREAP | UTRACE_EVENT(REAP);
262 state->u.live.stopped = (flags & UTRACE_ACTION_QUIESCE) != 0;
263 if (!state->u.live.stopped) {
264 if (!state->u.live.have_eventmsg)
265 state->u.live.u.siginfo = NULL;
266 if (!(target->flags & PF_EXITING))
267 target->exit_code = 0;
269 utrace_set_flags(target, engine, flags);
272 static int ptrace_traceme(void)
274 struct utrace_attached_engine *engine;
277 engine = utrace_attach(current, (UTRACE_ATTACH_CREATE
278 | UTRACE_ATTACH_EXCLUSIVE
279 | UTRACE_ATTACH_MATCH_OPS),
280 &ptrace_utrace_ops, 0UL);
282 if (IS_ERR(engine)) {
283 retval = PTR_ERR(engine);
284 if (retval == -EEXIST)
289 retval = security_ptrace(current->parent, current);
290 task_unlock(current);
292 retval = ptrace_setup(current, engine,
293 current->parent, 0, 0);
295 utrace_detach(current, engine);
297 ptrace_update(current, engine, 0);
303 static int ptrace_attach(struct task_struct *task)
305 struct utrace_attached_engine *engine;
311 if (task->tgid == current->tgid)
313 if (!task->mm) /* kernel threads */
316 engine = utrace_attach(task, (UTRACE_ATTACH_CREATE
317 | UTRACE_ATTACH_EXCLUSIVE
318 | UTRACE_ATTACH_MATCH_OPS),
319 &ptrace_utrace_ops, 0);
320 if (IS_ERR(engine)) {
321 retval = PTR_ERR(engine);
322 if (retval == -EEXIST)
327 if (ptrace_may_attach(task))
328 retval = ptrace_setup(task, engine, current, 0,
329 capable(CAP_SYS_PTRACE));
331 utrace_detach(task, engine);
336 ptrace_update(task, engine, 0);
337 force_sig_specific(SIGSTOP, task);
339 spin_lock_irq(&task->sighand->siglock);
340 stopped = (task->state == TASK_STOPPED);
341 spin_unlock_irq(&task->sighand->siglock);
345 * Do now the regset 0 writeback that we do on every
346 * stop, since it's never been done. On register
347 * window machines, this makes sure the user memory
348 * backing the register data is up to date.
350 const struct utrace_regset *regset;
351 regset = utrace_regset(task, engine,
352 utrace_native_view(task), 0);
353 if (regset->writeback)
354 (*regset->writeback)(task, regset, 1);
362 static int ptrace_detach(struct task_struct *task,
363 struct utrace_attached_engine *engine)
365 struct ptrace_state *state = (struct ptrace_state *) engine->data;
367 * Clearing ->data before detach makes sure an unrelated task
368 * calling into ptrace_tracer_task won't try to touch stale state.
370 rcu_assign_pointer(engine->data, 0UL);
371 utrace_detach(task, engine);
372 ptrace_state_unlink(state);
379 * This is called when we are exiting. We must stop all our ptracing.
382 ptrace_exit(struct task_struct *tsk)
385 if (unlikely(!list_empty(&tsk->ptracees))) {
386 struct ptrace_state *state, *next;
389 * First detach the utrace layer from all the tasks.
390 * We don't want to hold any locks while calling utrace_detach.
392 list_for_each_entry_rcu(state, &tsk->ptracees, entry) {
393 rcu_assign_pointer(state->engine->data, 0UL);
394 utrace_detach(state->task, state->engine);
398 * Now clear out our list and clean up our data structures.
399 * The task_lock protects our list structure.
402 list_for_each_entry_safe(state, next, &tsk->ptracees, entry) {
403 list_del_rcu(&state->entry);
410 BUG_ON(!list_empty(&tsk->ptracees));
414 ptrace_induce_signal(struct task_struct *target,
415 struct utrace_attached_engine *engine,
418 struct ptrace_state *state = (struct ptrace_state *) engine->data;
423 if (!valid_signal(signr))
426 if (state->u.live.syscall) {
428 * This is the traditional ptrace behavior when given
429 * a signal to resume from a syscall tracing stop.
431 send_sig(signr, target, 1);
433 else if (!state->u.live.have_eventmsg && state->u.live.u.siginfo) {
434 siginfo_t *info = state->u.live.u.siginfo;
436 /* Update the siginfo structure if the signal has
437 changed. If the debugger wanted something
438 specific in the siginfo structure then it should
439 have updated *info via PTRACE_SETSIGINFO. */
440 if (signr != info->si_signo) {
441 info->si_signo = signr;
443 info->si_code = SI_USER;
444 info->si_pid = current->pid;
445 info->si_uid = current->uid;
448 return utrace_inject_signal(target, engine,
449 UTRACE_ACTION_RESUME, info, NULL);
456 ptrace_regset_access(struct task_struct *target,
457 struct utrace_attached_engine *engine,
458 const struct utrace_regset_view *view,
459 int setno, unsigned long offset, unsigned int size,
460 void __user *data, int write)
462 const struct utrace_regset *regset = utrace_regset(target, engine,
466 if (unlikely(regset == NULL))
469 if (size == (unsigned int) -1)
470 size = regset->size * regset->n;
473 if (!access_ok(VERIFY_READ, data, size))
476 ret = (*regset->set)(target, regset,
477 offset, size, NULL, data);
480 if (!access_ok(VERIFY_WRITE, data, size))
483 ret = (*regset->get)(target, regset,
484 offset, size, NULL, data);
491 ptrace_onereg_access(struct task_struct *target,
492 struct utrace_attached_engine *engine,
493 const struct utrace_regset_view *view,
494 int setno, unsigned long regno,
495 void __user *data, int write)
497 const struct utrace_regset *regset = utrace_regset(target, engine,
502 if (unlikely(regset == NULL))
505 if (regno < regset->bias || regno >= regset->bias + regset->n)
508 pos = (regno - regset->bias) * regset->size;
511 if (!access_ok(VERIFY_READ, data, regset->size))
514 ret = (*regset->set)(target, regset, pos, regset->size,
518 if (!access_ok(VERIFY_WRITE, data, regset->size))
521 ret = (*regset->get)(target, regset, pos, regset->size,
529 ptrace_layout_access(struct task_struct *target,
530 struct utrace_attached_engine *engine,
531 const struct utrace_regset_view *view,
532 const struct ptrace_layout_segment layout[],
533 unsigned long addr, unsigned int size,
534 void __user *udata, void *kdata, int write)
536 const struct ptrace_layout_segment *seg;
540 !access_ok(write ? VERIFY_READ : VERIFY_WRITE, udata, size))
547 while (addr >= seg->end && seg->end != 0)
550 if (addr < seg->start || addr >= seg->end)
553 pos = addr - seg->start + seg->offset;
554 n = min(size, seg->end - (unsigned int) addr);
556 if (unlikely(seg->regset == (unsigned int) -1)) {
558 * This is a no-op/zero-fill portion of struct user.
564 else if (clear_user(udata, n))
570 const struct utrace_regset *regset = utrace_regset(
571 target, engine, view, seg->regset);
572 if (unlikely(regset == NULL))
576 * A ptrace compatibility layout can do a misaligned
577 * regset access, e.g. word access to larger data.
578 * An arch's compat layout can be this way only if
579 * it is actually ok with the regset code despite the
580 * regset->align setting.
582 align = min(regset->align, size);
583 if ((pos & (align - 1))
584 || pos >= regset->n * regset->size)
588 ret = (*regset->set)(target, regset,
589 pos, n, kdata, udata);
591 ret = (*regset->get)(target, regset,
592 pos, n, kdata, udata);
601 } while (ret == 0 && size > 0);
608 ptrace_start(long pid, long request,
609 struct task_struct **childp,
610 struct utrace_attached_engine **enginep,
611 struct ptrace_state **statep)
614 struct task_struct *child;
615 struct utrace_attached_engine *engine;
616 struct ptrace_state *state;
619 if (request == PTRACE_TRACEME)
620 return ptrace_traceme();
623 read_lock(&tasklist_lock);
624 child = find_task_by_pid(pid);
626 get_task_struct(child);
627 read_unlock(&tasklist_lock);
629 printk("ptrace pid %ld => %p\n", pid, child);
635 if (pid == 1) /* you may not mess with init */
638 if (!vx_check(vx_task_xid(child), VX_WATCH|VX_IDENT))
641 if (request == PTRACE_ATTACH) {
642 ret = ptrace_attach(child);
646 engine = utrace_attach(child, UTRACE_ATTACH_MATCH_OPS,
647 &ptrace_utrace_ops, 0);
649 if (IS_ERR(engine) || engine == NULL)
652 state = rcu_dereference((struct ptrace_state *) engine->data);
653 if (state == NULL || state->parent != current) {
660 * Traditional ptrace behavior demands that the target already be
661 * quiescent, but not dead.
663 if (request != PTRACE_KILL && !state->u.live.stopped) {
665 printk("%d not stopped (%lx)\n", child->pid, child->state);
667 if (child->state != TASK_STOPPED)
669 utrace_set_flags(child, engine,
670 engine->flags | UTRACE_ACTION_QUIESCE);
674 * We do this for all requests to match traditional ptrace behavior.
675 * If the machine state synchronization done at context switch time
676 * includes e.g. writing back to user memory, we want to make sure
677 * that has finished before a PTRACE_PEEKDATA can fetch the results.
678 * On most machines, only regset data is affected by context switch
679 * and calling utrace_regset later on will take care of that, so
680 * this is superfluous.
682 * To do this purely in utrace terms, we could do:
683 * (void) utrace_regset(child, engine, utrace_native_view(child), 0);
685 wait_task_inactive(child);
687 if (child->exit_state)
696 put_task_struct(child);
702 ptrace_common(long request, struct task_struct *child,
703 struct utrace_attached_engine *engine,
704 struct ptrace_state *state,
705 unsigned long addr, long data)
713 * Detach a process that was attached.
715 ret = ptrace_induce_signal(child, engine, data);
717 ret = ptrace_detach(child, engine);
721 * These are the operations that resume the child running.
729 case PTRACE_SYSEMU_SINGLESTEP:
731 #ifdef PTRACE_SINGLEBLOCK
732 case PTRACE_SINGLEBLOCK:
733 # ifdef ARCH_HAS_BLOCK_STEP
734 if (! ARCH_HAS_BLOCK_STEP)
736 if (request == PTRACE_SINGLEBLOCK)
739 case PTRACE_SINGLESTEP:
740 #ifdef ARCH_HAS_SINGLE_STEP
741 if (! ARCH_HAS_SINGLE_STEP)
743 if (request == PTRACE_SINGLESTEP
744 #ifdef PTRACE_SYSEMU_SINGLESTEP
745 || request == PTRACE_SYSEMU_SINGLESTEP
750 ret = ptrace_induce_signal(child, engine, data);
756 * Reset the action flags without QUIESCE, so it resumes.
760 state->u.live.sysemu = (request == PTRACE_SYSEMU_SINGLESTEP
761 || request == PTRACE_SYSEMU);
763 if (request == PTRACE_SINGLESTEP
765 || request == PTRACE_SYSEMU_SINGLESTEP
768 flags |= UTRACE_ACTION_SINGLESTEP;
769 #ifdef PTRACE_SINGLEBLOCK
770 else if (request == PTRACE_SINGLEBLOCK)
771 flags |= UTRACE_ACTION_BLOCKSTEP;
773 if (request == PTRACE_SYSCALL)
774 flags |= UTRACE_EVENT_SYSCALL;
776 else if (request == PTRACE_SYSEMU
777 || request == PTRACE_SYSEMU_SINGLESTEP)
778 flags |= UTRACE_EVENT(SYSCALL_ENTRY);
780 ptrace_update(child, engine, flags);
784 #ifdef PTRACE_OLDSETOPTIONS
785 case PTRACE_OLDSETOPTIONS:
787 case PTRACE_SETOPTIONS:
789 if (data & ~PTRACE_O_MASK)
791 state->u.live.options = data;
792 ptrace_update(child, engine, UTRACE_ACTION_QUIESCE);
801 asmlinkage long sys_ptrace(long request, long pid, long addr, long data)
803 struct task_struct *child;
804 struct utrace_attached_engine *engine;
805 struct ptrace_state *state;
809 printk("%d sys_ptrace(%ld, %ld, %lx, %lx)\n",
810 current->pid, request, pid, addr, data);
813 ret = ptrace_start(pid, request, &child, &engine, &state);
818 ret = arch_ptrace(&request, child, engine, addr, data, &val);
819 if (ret != -ENOSYS) {
822 force_successful_syscall_return();
829 ret = ptrace_common(request, child, engine, state, addr, data);
832 case PTRACE_PEEKTEXT: /* read word at location addr. */
833 case PTRACE_PEEKDATA: {
837 copied = access_process_vm(child, addr, &tmp, sizeof(tmp), 0);
839 if (copied != sizeof(tmp))
841 ret = put_user(tmp, (unsigned long __user *) data);
845 case PTRACE_POKETEXT: /* write the word at location addr. */
846 case PTRACE_POKEDATA:
848 if (access_process_vm(child, addr, &data, sizeof(data), 1) == sizeof(data))
853 case PTRACE_GETEVENTMSG:
854 ret = put_user(state->u.live.have_eventmsg
855 ? state->u.live.u.eventmsg : 0L,
856 (unsigned long __user *) data);
858 case PTRACE_GETSIGINFO:
860 if (!state->u.live.have_eventmsg && state->u.live.u.siginfo)
861 ret = copy_siginfo_to_user((siginfo_t __user *) data,
862 state->u.live.u.siginfo);
864 case PTRACE_SETSIGINFO:
866 if (!state->u.live.have_eventmsg && state->u.live.u.siginfo
867 && copy_from_user(state->u.live.u.siginfo,
868 (siginfo_t __user *) data,
875 put_task_struct(child);
878 printk("%d ptrace -> %x\n", current->pid, ret);
885 #include <linux/compat.h>
887 asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid,
888 compat_ulong_t addr, compat_long_t cdata)
890 const unsigned long data = (unsigned long) (compat_ulong_t) cdata;
891 struct task_struct *child;
892 struct utrace_attached_engine *engine;
893 struct ptrace_state *state;
894 compat_long_t ret, val;
897 printk("%d compat_sys_ptrace(%d, %d, %x, %x)\n",
898 current->pid, request, pid, addr, cdata);
900 ret = ptrace_start(pid, request, &child, &engine, &state);
905 ret = arch_compat_ptrace(&request, child, engine, addr, cdata, &val);
906 if (ret != -ENOSYS) {
909 force_successful_syscall_return();
916 ret = ptrace_common(request, child, engine, state, addr, data);
919 case PTRACE_PEEKTEXT: /* read word at location addr. */
920 case PTRACE_PEEKDATA: {
924 copied = access_process_vm(child, addr, &tmp, sizeof(tmp), 0);
926 if (copied != sizeof(tmp))
928 ret = put_user(tmp, (compat_ulong_t __user *) data);
932 case PTRACE_POKETEXT: /* write the word at location addr. */
933 case PTRACE_POKEDATA:
935 if (access_process_vm(child, addr, &cdata, sizeof(cdata), 1) == sizeof(cdata))
940 case PTRACE_GETEVENTMSG:
941 ret = put_user(state->u.live.have_eventmsg
942 ? state->u.live.u.eventmsg : 0L,
943 (compat_long_t __user *) data);
945 case PTRACE_GETSIGINFO:
947 if (!state->u.live.have_eventmsg && state->u.live.u.siginfo)
948 ret = copy_siginfo_to_user32(
949 (struct compat_siginfo __user *) data,
950 state->u.live.u.siginfo);
952 case PTRACE_SETSIGINFO:
954 if (!state->u.live.have_eventmsg && state->u.live.u.siginfo
955 && copy_siginfo_from_user32(
956 state->u.live.u.siginfo,
957 (struct compat_siginfo __user *) data))
963 put_task_struct(child);
966 printk("%d ptrace -> %x\n", current->pid, ret);
974 * We're called with tasklist_lock held for reading.
975 * If we return -ECHILD or zero, next_thread(tsk) must still be valid to use.
976 * If we return another error code, or a successful PID value, we
977 * release tasklist_lock first.
980 ptrace_do_wait(struct task_struct *tsk,
981 pid_t pid, int options, struct siginfo __user *infop,
982 int __user *stat_addr, struct rusage __user *rusagep)
984 struct ptrace_state *state;
985 struct task_struct *p;
990 list_for_each_entry_rcu(state, &tsk->ptracees, entry) {
997 if (process_group(p) != process_group(current))
999 } else if (pid != -1) {
1000 if (process_group(p) != -pid)
1003 if (((p->exit_signal != SIGCHLD) ^ ((options & __WCLONE) != 0))
1004 && !(options & __WALL))
1006 if (security_task_wait(p))
1010 if (state->u.live.reported)
1013 if (state->u.live.stopped)
1015 if ((p->state & (TASK_TRACED | TASK_STOPPED))
1016 && (p->signal->flags & SIGNAL_STOP_STOPPED))
1018 if (p->exit_state == EXIT_ZOMBIE) {
1019 if (!likely(options & WEXITED))
1021 if (delay_group_leader(p))
1025 // XXX should handle WCONTINUED
1033 BUG_ON(state->parent != tsk);
1035 if (p->exit_state) {
1036 if (unlikely(p->parent == state->parent))
1038 * This is our natural child we were ptracing.
1039 * When it dies it detaches (see ptrace_report_death).
1040 * So we're seeing it here in a race. When it
1041 * finishes detaching it will become reapable in
1042 * the normal wait_task_zombie path instead.
1045 if ((p->exit_code & 0x7f) == 0) {
1047 status = p->exit_code >> 8;
1049 why = (p->exit_code & 0x80) ? CLD_DUMPED : CLD_KILLED;
1050 status = p->exit_code & 0xff;
1055 status = (p->exit_code << 8) | 0x7f;
1059 * At this point we are committed to a successful return
1060 * or a user error return. Release the tasklist_lock.
1062 read_unlock(&tasklist_lock);
1065 err = getrusage(p, RUSAGE_BOTH, rusagep);
1068 err = put_user(SIGCHLD, &infop->si_signo);
1070 err = put_user(0, &infop->si_errno);
1072 err = put_user((short)why, &infop->si_code);
1074 err = put_user(p->pid, &infop->si_pid);
1076 err = put_user(p->uid, &infop->si_uid);
1078 err = put_user(status, &infop->si_status);
1080 if (!err && stat_addr)
1081 err = put_user(status, stat_addr);
1084 struct utrace *utrace;
1089 * If this was a non-death report, the child might now be
1090 * detaching on death in the same race possible in the
1091 * p->exit_state check above. So check for p->utrace being
1092 * NULL, then we don't need to update the state any more.
1095 utrace = rcu_dereference(p->utrace);
1096 if (likely(utrace != NULL)) {
1097 utrace_lock(utrace);
1098 if (unlikely(state->u.live.reported))
1100 * Another thread in the group got here
1101 * first and reaped it before we locked.
1103 err = -ERESTARTNOINTR;
1104 state->u.live.reported = 1;
1105 utrace_unlock(utrace);
1109 if (err > 0 && why != CLD_TRAPPED)
1110 ptrace_detach(p, state->engine);
1117 do_notify(struct task_struct *tsk, struct task_struct *parent, int why)
1119 struct siginfo info;
1120 unsigned long flags;
1121 struct sighand_struct *sighand;
1124 info.si_signo = SIGCHLD;
1126 info.si_pid = tsk->pid;
1127 info.si_uid = tsk->uid;
1129 /* FIXME: find out whether or not this is supposed to be c*time. */
1130 info.si_utime = cputime_to_jiffies(tsk->utime);
1131 info.si_stime = cputime_to_jiffies(tsk->stime);
1133 sa_mask = SA_NOCLDSTOP;
1135 info.si_status = tsk->exit_code & 0x7f;
1136 if (why == CLD_CONTINUED)
1137 info.si_status = SIGCONT;
1138 else if (why == CLD_STOPPED)
1139 info.si_status = tsk->signal->group_exit_code & 0x7f;
1140 else if (why == CLD_EXITED) {
1141 sa_mask = SA_NOCLDWAIT;
1142 if (tsk->exit_code & 0x80)
1143 info.si_code = CLD_DUMPED;
1144 else if (tsk->exit_code & 0x7f)
1145 info.si_code = CLD_KILLED;
1147 info.si_code = CLD_EXITED;
1148 info.si_status = tsk->exit_code >> 8;
1152 sighand = parent->sighand;
1153 spin_lock_irqsave(&sighand->siglock, flags);
1154 if (sighand->action[SIGCHLD-1].sa.sa_handler != SIG_IGN &&
1155 !(sighand->action[SIGCHLD-1].sa.sa_flags & sa_mask))
1156 __group_send_sig_info(SIGCHLD, &info, parent);
1158 * Even if SIGCHLD is not generated, we must wake up wait4 calls.
1160 wake_up_interruptible_sync(&parent->signal->wait_chldexit);
1161 spin_unlock_irqrestore(&sighand->siglock, flags);
1165 ptrace_report(struct utrace_attached_engine *engine, struct task_struct *tsk,
1168 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1169 const struct utrace_regset *regset;
1172 printk("%d ptrace_report %d engine %p state %p code %x parent %d (%p)\n",
1173 current->pid, tsk->pid, engine, state, code,
1174 state->parent->pid, state->parent);
1175 if (!state->u.live.have_eventmsg && state->u.live.u.siginfo) {
1176 const siginfo_t *si = state->u.live.u.siginfo;
1177 printk(" si %d code %x errno %d addr %p\n",
1178 si->si_signo, si->si_code, si->si_errno,
1184 * Set our QUIESCE flag right now, before notifying the tracer.
1185 * We do this before setting state->u.live.stopped rather than
1186 * by using UTRACE_ACTION_NEWSTATE in our return value, to
1187 * ensure that the tracer can't get the notification and then
1188 * try to resume us with PTRACE_CONT before we set the flag.
1190 utrace_set_flags(tsk, engine, engine->flags | UTRACE_ACTION_QUIESCE);
1193 * If regset 0 has a writeback call, do it now. On register window
1194 * machines, this makes sure the user memory backing the register
1195 * data is up to date by the time wait_task_inactive returns to
1196 * ptrace_start in our tracer doing a PTRACE_PEEKDATA or the like.
1198 regset = utrace_regset(tsk, engine, utrace_native_view(tsk), 0);
1199 if (regset->writeback)
1200 (*regset->writeback)(tsk, regset, 0);
1202 state->u.live.stopped = 1;
1203 state->u.live.reported = 0;
1204 tsk->exit_code = code;
1205 do_notify(tsk, state->parent, CLD_TRAPPED);
1208 printk("%d ptrace_report quiescing exit_code %x\n",
1209 current->pid, current->exit_code);
1212 return UTRACE_ACTION_RESUME;
1216 ptrace_event(struct utrace_attached_engine *engine, struct task_struct *tsk,
1219 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1220 state->u.live.syscall = 0;
1221 return ptrace_report(engine, tsk, (event << 8) | SIGTRAP);
1226 ptrace_report_death(struct utrace_attached_engine *engine,
1227 struct task_struct *tsk)
1229 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1231 if (tsk->parent == state->parent) {
1233 * This is a natural child, so we detach and let the normal
1234 * reporting happen once our NOREAP action is gone. But
1235 * first, generate a SIGCHLD for those cases where normal
1236 * behavior won't. A ptrace'd child always generates SIGCHLD.
1238 if (tsk->exit_signal == -1 || !thread_group_empty(tsk))
1239 do_notify(tsk, state->parent, CLD_EXITED);
1240 ptrace_state_unlink(state);
1241 rcu_assign_pointer(engine->data, 0UL);
1243 return UTRACE_ACTION_DETACH;
1246 state->u.live.reported = 0;
1247 do_notify(tsk, state->parent, CLD_EXITED);
1248 return UTRACE_ACTION_RESUME;
1252 * We get this only in the case where our UTRACE_ACTION_NOREAP was ignored.
1253 * That happens solely when a non-leader exec reaps the old leader.
1256 ptrace_report_reap(struct utrace_attached_engine *engine,
1257 struct task_struct *tsk)
1259 struct ptrace_state *state;
1261 state = rcu_dereference((struct ptrace_state *) engine->data);
1262 if (state != NULL) {
1263 ptrace_state_unlink(state);
1264 rcu_assign_pointer(engine->data, 0UL);
1272 ptrace_report_clone(struct utrace_attached_engine *engine,
1273 struct task_struct *parent,
1274 unsigned long clone_flags, struct task_struct *child)
1276 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1277 struct utrace_attached_engine *child_engine;
1278 int event = PTRACE_EVENT_FORK;
1279 int option = PTRACE_O_TRACEFORK;
1282 printk("%d (%p) engine %p ptrace_report_clone child %d (%p) fl %lx\n",
1283 parent->pid, parent, engine, child->pid, child, clone_flags);
1286 if (clone_flags & CLONE_UNTRACED)
1289 if (clone_flags & CLONE_VFORK) {
1290 event = PTRACE_EVENT_VFORK;
1291 option = PTRACE_O_TRACEVFORK;
1293 else if ((clone_flags & CSIGNAL) != SIGCHLD) {
1294 event = PTRACE_EVENT_CLONE;
1295 option = PTRACE_O_TRACECLONE;
1298 if (!(clone_flags & CLONE_PTRACE) && !(state->u.live.options & option))
1301 child_engine = utrace_attach(child, (UTRACE_ATTACH_CREATE
1302 | UTRACE_ATTACH_EXCLUSIVE
1303 | UTRACE_ATTACH_MATCH_OPS),
1304 &ptrace_utrace_ops, 0UL);
1305 if (unlikely(IS_ERR(child_engine))) {
1306 BUG_ON(PTR_ERR(child_engine) != -ENOMEM);
1308 "ptrace out of memory, lost child %d of %d",
1309 child->pid, parent->pid);
1312 int ret = ptrace_setup(child, child_engine,
1314 state->u.live.options,
1315 state->u.live.cap_sys_ptrace);
1316 if (unlikely(ret != 0)) {
1317 BUG_ON(ret != -ENOMEM);
1319 "ptrace out of memory, lost child %d of %d",
1320 child->pid, parent->pid);
1321 utrace_detach(child, child_engine);
1324 sigaddset(&child->pending.signal, SIGSTOP);
1325 set_tsk_thread_flag(child, TIF_SIGPENDING);
1326 ptrace_update(child, child_engine, 0);
1330 if (state->u.live.options & option) {
1331 state->u.live.have_eventmsg = 1;
1332 state->u.live.u.eventmsg = child->pid;
1333 return ptrace_event(engine, parent, event);
1337 return UTRACE_ACTION_RESUME;
1342 ptrace_report_vfork_done(struct utrace_attached_engine *engine,
1343 struct task_struct *parent, pid_t child_pid)
1345 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1346 state->u.live.have_eventmsg = 1;
1347 state->u.live.u.eventmsg = child_pid;
1348 return ptrace_event(engine, parent, PTRACE_EVENT_VFORK_DONE);
1353 ptrace_report_signal(struct utrace_attached_engine *engine,
1354 struct task_struct *tsk, struct pt_regs *regs,
1355 u32 action, siginfo_t *info,
1356 const struct k_sigaction *orig_ka,
1357 struct k_sigaction *return_ka)
1359 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1360 int signo = info == NULL ? SIGTRAP : info->si_signo;
1361 state->u.live.syscall = 0;
1362 state->u.live.have_eventmsg = 0;
1363 state->u.live.u.siginfo = info;
1364 return ptrace_report(engine, tsk, signo) | UTRACE_SIGNAL_IGN;
1368 ptrace_report_jctl(struct utrace_attached_engine *engine,
1369 struct task_struct *tsk, int type)
1371 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1372 do_notify(tsk, state->parent, type);
1373 return UTRACE_JCTL_NOSIGCHLD;
1377 ptrace_report_exec(struct utrace_attached_engine *engine,
1378 struct task_struct *tsk,
1379 const struct linux_binprm *bprm,
1380 struct pt_regs *regs)
1382 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1383 if (state->u.live.options & PTRACE_O_TRACEEXEC)
1384 return ptrace_event(engine, tsk, PTRACE_EVENT_EXEC);
1385 state->u.live.syscall = 0;
1386 return ptrace_report(engine, tsk, SIGTRAP);
1390 ptrace_report_syscall(struct utrace_attached_engine *engine,
1391 struct task_struct *tsk, struct pt_regs *regs,
1394 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1395 #ifdef PTRACE_SYSEMU
1396 if (entry && state->u.live.sysemu)
1397 tracehook_abort_syscall(regs);
1399 state->u.live.syscall = 1;
1400 return ptrace_report(engine, tsk,
1401 ((state->u.live.options & PTRACE_O_TRACESYSGOOD)
1402 ? 0x80 : 0) | SIGTRAP);
1406 ptrace_report_syscall_entry(struct utrace_attached_engine *engine,
1407 struct task_struct *tsk, struct pt_regs *regs)
1409 return ptrace_report_syscall(engine, tsk, regs, 1);
1413 ptrace_report_syscall_exit(struct utrace_attached_engine *engine,
1414 struct task_struct *tsk, struct pt_regs *regs)
1416 return ptrace_report_syscall(engine, tsk, regs, 0);
1420 ptrace_report_exit(struct utrace_attached_engine *engine,
1421 struct task_struct *tsk, long orig_code, long *code)
1423 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1424 state->u.live.have_eventmsg = 1;
1425 state->u.live.u.eventmsg = *code;
1426 return ptrace_event(engine, tsk, PTRACE_EVENT_EXIT);
1430 ptrace_unsafe_exec(struct utrace_attached_engine *engine,
1431 struct task_struct *tsk)
1433 struct ptrace_state *state = (struct ptrace_state *) engine->data;
1434 int unsafe = LSM_UNSAFE_PTRACE;
1435 if (state->u.live.cap_sys_ptrace)
1436 unsafe = LSM_UNSAFE_PTRACE_CAP;
1440 static struct task_struct *
1441 ptrace_tracer_task(struct utrace_attached_engine *engine,
1442 struct task_struct *target)
1444 struct ptrace_state *state;
1447 * This call is not necessarily made by the target task,
1448 * so ptrace might be getting detached while we run here.
1449 * The state pointer will be NULL if that happens.
1451 state = rcu_dereference((struct ptrace_state *) engine->data);
1453 return state == NULL ? NULL : state->parent;
1457 ptrace_allow_access_process_vm(struct utrace_attached_engine *engine,
1458 struct task_struct *target,
1459 struct task_struct *caller)
1461 struct ptrace_state *state;
1465 * This call is not necessarily made by the target task,
1466 * so ptrace might be getting detached while we run here.
1467 * The state pointer will be NULL if that happens.
1470 state = rcu_dereference((struct ptrace_state *) engine->data);
1471 ours = (state != NULL
1472 && ((engine->flags & UTRACE_ACTION_QUIESCE)
1473 || (target->state == TASK_STOPPED))
1474 && state->parent == caller);
1477 return ours && security_ptrace(caller, target) == 0;
1481 static const struct utrace_engine_ops ptrace_utrace_ops =
1483 .report_syscall_entry = ptrace_report_syscall_entry,
1484 .report_syscall_exit = ptrace_report_syscall_exit,
1485 .report_exec = ptrace_report_exec,
1486 .report_jctl = ptrace_report_jctl,
1487 .report_signal = ptrace_report_signal,
1488 .report_vfork_done = ptrace_report_vfork_done,
1489 .report_clone = ptrace_report_clone,
1490 .report_exit = ptrace_report_exit,
1491 .report_death = ptrace_report_death,
1492 .report_reap = ptrace_report_reap,
1493 .unsafe_exec = ptrace_unsafe_exec,
1494 .tracer_task = ptrace_tracer_task,
1495 .allow_access_process_vm = ptrace_allow_access_process_vm,