On Wed, Oct 01, 2014 at 12:08:05PM +0100, AKASHI Takahiro wrote: > Will, > > When I was looking into syscall_trace_exit() more closely, I found > another (big) problem. > There are two system calls, execve() and rt_sigreturn(), which change > 'syscallno' in pt_regs to -1 in start_thread() and restore_sigframe(), > respectively. > > Since syscallno is not valid anymore in syscall_trace_exit() for these > system calls, we cannot create a correct syscall exit record for tracepoint > in trace_sys_exit() (=> ftrace_syscall_exit()) and for audit in > audit_syscall_exit(). > > This does not happen on arm because syscall numbers are kept in > thread_info on arm. > > How can we deal with this issue?
How is this handled on other architectures? x86, for example, seems to zero orig_ax when restoring the sigcontext, but leaves it alone in start_thread. What is the impact of this problem? AFAICT, we just miss some exits, right (as opposed to an OOPs or the like)? Will -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
