Re: modify syscall nr on-the-fly
--XhI9yHzIhar7c5RA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Aug 18, 2007 at 02:01:26PM +0400, Yuriy Tsibizov wrote:
> I'm trying to get user-mode Linux to run under FreeBSD Linux emulation (on
> i386).
>=20
> User-mode Linux in it's start-up tests tries to modify syscall number (to=
be
> called by kernel) on-the-fly
> (http://fxr.watson.org/fxr/source/arch/um/os-Linux/start_up.c?v=3Dlinux-2=
..6).
> It forks a child thread that stops
> (using SIGSTOP), calls getpid() (that will be intercepted by parent thread
> using PTRACE_SYSCALL)
> and return some value based on getpid() results. Main thread waits for
> SIGSTOP in child process and
> enables PTRACE_SYSCALL (I have some code that implements it. It makes some
> incompatible changes
> to PT_SYSCALL that will break FreeBSD applications, but works for Linux
> apps). When main thread
> catches SIGTRAP (generated by ptrace) it tries to modify EAX of child thr=
ead
> (with PTRACE_PEEKUSR
> and PTRACE_POKEUSR) to replace getpid syscall with getppid.
>=20
> is it possible to get updated EAX (and other registers as well) in
> syscall(...) after ptracestop(...) in PTRACESTOP_SC(...) returns?
>=20
> Hope for your help,
>=20
> Yuriy.
If I understand right what you want, I doubt that existing code would
allow you to change syscall number in debugger process for debuggee.
You shall look at the sys/i386/i386/trap.c, syscall() function [adjust
as needed for other arches]. It calculates callp before doing PTRACESTOP_SC,
as well as copies the syscall arguments into the kernel address space.
--XhI9yHzIhar7c5RA
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQFGybyVC3+MBN1Mb4gRAoihAKCTDL7I7Jl1iYmGLeIaLVUUFjpNHwCfV/wi
T25OLXGdcNdI6pIaWn+inbw=
=pij+
-----END PGP SIGNATURE-----
--XhI9yHzIhar7c5RA--
討論串 (同標題文章)
完整討論串 (本文為第 2 之 9 篇):