Hi! Am 21.12.2015 um 09:49 schrieb Mickaël Salaün: > > On 21/12/2015 01:20, Richard Weinberger wrote: >> Am 21.12.2015 um 01:03 schrieb Mickaël Salaün: >>> diff --git a/arch/um/kernel/skas/syscall.c b/arch/um/kernel/skas/syscall.c >>> index 1683b8e..65f0d1a 100644 >>> --- a/arch/um/kernel/skas/syscall.c >>> +++ b/arch/um/kernel/skas/syscall.c >>> @@ -7,6 +7,7 @@ >>> #include <linux/ptrace.h> >>> #include <kern_util.h> >>> #include <sysdep/ptrace.h> >>> +#include <sysdep/ptrace_user.h> >>> #include <sysdep/syscalls.h> >>> #include <os.h> >>> >>> @@ -16,12 +17,16 @@ void handle_syscall(struct uml_pt_regs *r) >>> long result; >>> int syscall; >>> >>> + /* Save the syscall register. */ >>> + UPT_SYSCALL_NR(r) = PT_SYSCALL_NR(r->gp); >>> + >>> if (syscall_trace_enter(regs)) { >>> result = -ENOSYS; >>> goto out; >>> } >>> >>> - syscall = get_syscall(r); >>> + /* Get the syscall after being potentially updated with ptrace. */ >>> + syscall = UPT_SYSCALL_NR(r); >> >> Doesn't this break the support for changing syscall numbers using PTRACE_SETREGS? > > The logic is unchanged except updating the UPT_SYSCALL_NR before syscall_trace_enter(). I did my last tests with the x86_32 subarchitecture and all tests (from selftest/seccomp), including PTRACE_SETREGS for syscall numbers tests, passed. However, 2 of this tests still fail for x86_64 (only). No, you chagned the logic. syscall_trace_enter() enters the ptrace() path, and here EAX/RAX can be changed. Hence, "syscall = UPT_SYSCALL_NR(r)" will still see the old syscall number. --> changing syscall numbers got broken by you. :-) Thanks, //richard -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html