Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ptrace.c
Go to the documentation of this file.
1 /*
2  * linux/kernel/ptrace.c
3  *
4  * (C) Copyright 1999 Linus Torvalds
5  *
6  * Common interfaces for "ptrace()" which we do not want
7  * to continually duplicate across every architecture.
8  */
9 
10 #include <linux/capability.h>
11 #include <linux/export.h>
12 #include <linux/sched.h>
13 #include <linux/errno.h>
14 #include <linux/mm.h>
15 #include <linux/highmem.h>
16 #include <linux/pagemap.h>
17 #include <linux/ptrace.h>
18 #include <linux/security.h>
19 #include <linux/signal.h>
20 #include <linux/audit.h>
21 #include <linux/pid_namespace.h>
22 #include <linux/syscalls.h>
23 #include <linux/uaccess.h>
24 #include <linux/regset.h>
25 #include <linux/hw_breakpoint.h>
26 #include <linux/cn_proc.h>
27 
28 
29 static int ptrace_trapping_sleep_fn(void *flags)
30 {
31  schedule();
32  return 0;
33 }
34 
35 /*
36  * ptrace a task: make the debugger its new parent and
37  * move it to the ptrace list.
38  *
39  * Must be called with the tasklist lock write-held.
40  */
41 void __ptrace_link(struct task_struct *child, struct task_struct *new_parent)
42 {
43  BUG_ON(!list_empty(&child->ptrace_entry));
44  list_add(&child->ptrace_entry, &new_parent->ptraced);
45  child->parent = new_parent;
46 }
47 
76 void __ptrace_unlink(struct task_struct *child)
77 {
78  BUG_ON(!child->ptrace);
79 
80  child->ptrace = 0;
81  child->parent = child->real_parent;
82  list_del_init(&child->ptrace_entry);
83 
84  spin_lock(&child->sighand->siglock);
85 
86  /*
87  * Clear all pending traps and TRAPPING. TRAPPING should be
88  * cleared regardless of JOBCTL_STOP_PENDING. Do it explicitly.
89  */
90  task_clear_jobctl_pending(child, JOBCTL_TRAP_MASK);
91  task_clear_jobctl_trapping(child);
92 
93  /*
94  * Reinstate JOBCTL_STOP_PENDING if group stop is in effect and
95  * @child isn't dead.
96  */
97  if (!(child->flags & PF_EXITING) &&
98  (child->signal->flags & SIGNAL_STOP_STOPPED ||
99  child->signal->group_stop_count)) {
100  child->jobctl |= JOBCTL_STOP_PENDING;
101 
102  /*
103  * This is only possible if this thread was cloned by the
104  * traced task running in the stopped group, set the signal
105  * for the future reports.
106  * FIXME: we should change ptrace_init_task() to handle this
107  * case.
108  */
109  if (!(child->jobctl & JOBCTL_STOP_SIGMASK))
110  child->jobctl |= SIGSTOP;
111  }
112 
113  /*
114  * If transition to TASK_STOPPED is pending or in TASK_TRACED, kick
115  * @child in the butt. Note that @resume should be used iff @child
116  * is in TASK_TRACED; otherwise, we might unduly disrupt
117  * TASK_KILLABLE sleeps.
118  */
119  if (child->jobctl & JOBCTL_STOP_PENDING || task_is_traced(child))
120  signal_wake_up(child, task_is_traced(child));
121 
122  spin_unlock(&child->sighand->siglock);
123 }
124 
142 int ptrace_check_attach(struct task_struct *child, bool ignore_state)
143 {
144  int ret = -ESRCH;
145 
146  /*
147  * We take the read lock around doing both checks to close a
148  * possible race where someone else was tracing our child and
149  * detached between these two checks. After this locked check,
150  * we are sure that this is our traced child and that can only
151  * be changed by us so it's not changing right after this.
152  */
153  read_lock(&tasklist_lock);
154  if ((child->ptrace & PT_PTRACED) && child->parent == current) {
155  /*
156  * child->sighand can't be NULL, release_task()
157  * does ptrace_unlink() before __exit_signal().
158  */
159  spin_lock_irq(&child->sighand->siglock);
160  WARN_ON_ONCE(task_is_stopped(child));
161  if (ignore_state || (task_is_traced(child) &&
162  !(child->jobctl & JOBCTL_LISTENING)))
163  ret = 0;
164  spin_unlock_irq(&child->sighand->siglock);
165  }
166  read_unlock(&tasklist_lock);
167 
168  if (!ret && !ignore_state)
169  ret = wait_task_inactive(child, TASK_TRACED) ? 0 : -ESRCH;
170 
171  /* All systems go.. */
172  return ret;
173 }
174 
175 static int ptrace_has_cap(struct user_namespace *ns, unsigned int mode)
176 {
177  if (mode & PTRACE_MODE_NOAUDIT)
178  return has_ns_capability_noaudit(current, ns, CAP_SYS_PTRACE);
179  else
180  return has_ns_capability(current, ns, CAP_SYS_PTRACE);
181 }
182 
183 /* Returns 0 on success, -errno on denial. */
184 static int __ptrace_may_access(struct task_struct *task, unsigned int mode)
185 {
186  const struct cred *cred = current_cred(), *tcred;
187 
188  /* May we inspect the given task?
189  * This check is used both for attaching with ptrace
190  * and for allowing access to sensitive information in /proc.
191  *
192  * ptrace_attach denies several cases that /proc allows
193  * because setting up the necessary parent/child relationship
194  * or halting the specified task is impossible.
195  */
196  int dumpable = 0;
197  /* Don't let security modules deny introspection */
198  if (task == current)
199  return 0;
200  rcu_read_lock();
201  tcred = __task_cred(task);
202  if (uid_eq(cred->uid, tcred->euid) &&
203  uid_eq(cred->uid, tcred->suid) &&
204  uid_eq(cred->uid, tcred->uid) &&
205  gid_eq(cred->gid, tcred->egid) &&
206  gid_eq(cred->gid, tcred->sgid) &&
207  gid_eq(cred->gid, tcred->gid))
208  goto ok;
209  if (ptrace_has_cap(tcred->user_ns, mode))
210  goto ok;
211  rcu_read_unlock();
212  return -EPERM;
213 ok:
214  rcu_read_unlock();
215  smp_rmb();
216  if (task->mm)
217  dumpable = get_dumpable(task->mm);
218  if (!dumpable && !ptrace_has_cap(task_user_ns(task), mode))
219  return -EPERM;
220 
221  return security_ptrace_access_check(task, mode);
222 }
223 
224 bool ptrace_may_access(struct task_struct *task, unsigned int mode)
225 {
226  int err;
227  task_lock(task);
228  err = __ptrace_may_access(task, mode);
229  task_unlock(task);
230  return !err;
231 }
232 
233 static int ptrace_attach(struct task_struct *task, long request,
234  unsigned long addr,
235  unsigned long flags)
236 {
237  bool seize = (request == PTRACE_SEIZE);
238  int retval;
239 
240  retval = -EIO;
241  if (seize) {
242  if (addr != 0)
243  goto out;
244  if (flags & ~(unsigned long)PTRACE_O_MASK)
245  goto out;
246  flags = PT_PTRACED | PT_SEIZED | (flags << PT_OPT_FLAG_SHIFT);
247  } else {
248  flags = PT_PTRACED;
249  }
250 
251  audit_ptrace(task);
252 
253  retval = -EPERM;
254  if (unlikely(task->flags & PF_KTHREAD))
255  goto out;
256  if (same_thread_group(task, current))
257  goto out;
258 
259  /*
260  * Protect exec's credential calculations against our interference;
261  * SUID, SGID and LSM creds get determined differently
262  * under ptrace.
263  */
264  retval = -ERESTARTNOINTR;
265  if (mutex_lock_interruptible(&task->signal->cred_guard_mutex))
266  goto out;
267 
268  task_lock(task);
269  retval = __ptrace_may_access(task, PTRACE_MODE_ATTACH);
270  task_unlock(task);
271  if (retval)
272  goto unlock_creds;
273 
274  write_lock_irq(&tasklist_lock);
275  retval = -EPERM;
276  if (unlikely(task->exit_state))
277  goto unlock_tasklist;
278  if (task->ptrace)
279  goto unlock_tasklist;
280 
281  if (seize)
282  flags |= PT_SEIZED;
283  if (ns_capable(task_user_ns(task), CAP_SYS_PTRACE))
284  flags |= PT_PTRACE_CAP;
285  task->ptrace = flags;
286 
287  __ptrace_link(task, current);
288 
289  /* SEIZE doesn't trap tracee on attach */
290  if (!seize)
291  send_sig_info(SIGSTOP, SEND_SIG_FORCED, task);
292 
293  spin_lock(&task->sighand->siglock);
294 
295  /*
296  * If the task is already STOPPED, set JOBCTL_TRAP_STOP and
297  * TRAPPING, and kick it so that it transits to TRACED. TRAPPING
298  * will be cleared if the child completes the transition or any
299  * event which clears the group stop states happens. We'll wait
300  * for the transition to complete before returning from this
301  * function.
302  *
303  * This hides STOPPED -> RUNNING -> TRACED transition from the
304  * attaching thread but a different thread in the same group can
305  * still observe the transient RUNNING state. IOW, if another
306  * thread's WNOHANG wait(2) on the stopped tracee races against
307  * ATTACH, the wait(2) may fail due to the transient RUNNING.
308  *
309  * The following task_is_stopped() test is safe as both transitions
310  * in and out of STOPPED are protected by siglock.
311  */
312  if (task_is_stopped(task) &&
313  task_set_jobctl_pending(task, JOBCTL_TRAP_STOP | JOBCTL_TRAPPING))
314  signal_wake_up(task, 1);
315 
316  spin_unlock(&task->sighand->siglock);
317 
318  retval = 0;
319 unlock_tasklist:
320  write_unlock_irq(&tasklist_lock);
321 unlock_creds:
322  mutex_unlock(&task->signal->cred_guard_mutex);
323 out:
324  if (!retval) {
325  wait_on_bit(&task->jobctl, JOBCTL_TRAPPING_BIT,
326  ptrace_trapping_sleep_fn, TASK_UNINTERRUPTIBLE);
327  proc_ptrace_connector(task, PTRACE_ATTACH);
328  }
329 
330  return retval;
331 }
332 
339 static int ptrace_traceme(void)
340 {
341  int ret = -EPERM;
342 
343  write_lock_irq(&tasklist_lock);
344  /* Are we already being traced? */
345  if (!current->ptrace) {
346  ret = security_ptrace_traceme(current->parent);
347  /*
348  * Check PF_EXITING to ensure ->real_parent has not passed
349  * exit_ptrace(). Otherwise we don't report the error but
350  * pretend ->real_parent untraces us right after return.
351  */
352  if (!ret && !(current->real_parent->flags & PF_EXITING)) {
353  current->ptrace = PT_PTRACED;
354  __ptrace_link(current, current->real_parent);
355  }
356  }
357  write_unlock_irq(&tasklist_lock);
358 
359  return ret;
360 }
361 
362 /*
363  * Called with irqs disabled, returns true if childs should reap themselves.
364  */
365 static int ignoring_children(struct sighand_struct *sigh)
366 {
367  int ret;
368  spin_lock(&sigh->siglock);
369  ret = (sigh->action[SIGCHLD-1].sa.sa_handler == SIG_IGN) ||
370  (sigh->action[SIGCHLD-1].sa.sa_flags & SA_NOCLDWAIT);
371  spin_unlock(&sigh->siglock);
372  return ret;
373 }
374 
375 /*
376  * Called with tasklist_lock held for writing.
377  * Unlink a traced task, and clean it up if it was a traced zombie.
378  * Return true if it needs to be reaped with release_task().
379  * (We can't call release_task() here because we already hold tasklist_lock.)
380  *
381  * If it's a zombie, our attachedness prevented normal parent notification
382  * or self-reaping. Do notification now if it would have happened earlier.
383  * If it should reap itself, return true.
384  *
385  * If it's our own child, there is no notification to do. But if our normal
386  * children self-reap, then this child was prevented by ptrace and we must
387  * reap it now, in that case we must also wake up sub-threads sleeping in
388  * do_wait().
389  */
390 static bool __ptrace_detach(struct task_struct *tracer, struct task_struct *p)
391 {
392  bool dead;
393 
394  __ptrace_unlink(p);
395 
396  if (p->exit_state != EXIT_ZOMBIE)
397  return false;
398 
399  dead = !thread_group_leader(p);
400 
401  if (!dead && thread_group_empty(p)) {
402  if (!same_thread_group(p->real_parent, tracer))
403  dead = do_notify_parent(p, p->exit_signal);
404  else if (ignoring_children(tracer->sighand)) {
405  __wake_up_parent(p, tracer);
406  dead = true;
407  }
408  }
409  /* Mark it as in the process of being reaped. */
410  if (dead)
411  p->exit_state = EXIT_DEAD;
412  return dead;
413 }
414 
415 static int ptrace_detach(struct task_struct *child, unsigned int data)
416 {
417  bool dead = false;
418 
419  if (!valid_signal(data))
420  return -EIO;
421 
422  /* Architecture-specific hardware disable .. */
423  ptrace_disable(child);
424  clear_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
425 
426  write_lock_irq(&tasklist_lock);
427  /*
428  * This child can be already killed. Make sure de_thread() or
429  * our sub-thread doing do_wait() didn't do release_task() yet.
430  */
431  if (child->ptrace) {
432  child->exit_code = data;
433  dead = __ptrace_detach(current, child);
434  }
435  write_unlock_irq(&tasklist_lock);
436 
437  proc_ptrace_connector(child, PTRACE_DETACH);
438  if (unlikely(dead))
439  release_task(child);
440 
441  return 0;
442 }
443 
444 /*
445  * Detach all tasks we were using ptrace on. Called with tasklist held
446  * for writing, and returns with it held too. But note it can release
447  * and reacquire the lock.
448  */
449 void exit_ptrace(struct task_struct *tracer)
450  __releases(&tasklist_lock)
451  __acquires(&tasklist_lock)
452 {
453  struct task_struct *p, *n;
454  LIST_HEAD(ptrace_dead);
455 
456  if (likely(list_empty(&tracer->ptraced)))
457  return;
458 
459  list_for_each_entry_safe(p, n, &tracer->ptraced, ptrace_entry) {
460  if (__ptrace_detach(tracer, p))
461  list_add(&p->ptrace_entry, &ptrace_dead);
462  }
463 
464  write_unlock_irq(&tasklist_lock);
465  BUG_ON(!list_empty(&tracer->ptraced));
466 
467  list_for_each_entry_safe(p, n, &ptrace_dead, ptrace_entry) {
468  list_del_init(&p->ptrace_entry);
469  release_task(p);
470  }
471 
472  write_lock_irq(&tasklist_lock);
473 }
474 
475 int ptrace_readdata(struct task_struct *tsk, unsigned long src, char __user *dst, int len)
476 {
477  int copied = 0;
478 
479  while (len > 0) {
480  char buf[128];
481  int this_len, retval;
482 
483  this_len = (len > sizeof(buf)) ? sizeof(buf) : len;
484  retval = access_process_vm(tsk, src, buf, this_len, 0);
485  if (!retval) {
486  if (copied)
487  break;
488  return -EIO;
489  }
490  if (copy_to_user(dst, buf, retval))
491  return -EFAULT;
492  copied += retval;
493  src += retval;
494  dst += retval;
495  len -= retval;
496  }
497  return copied;
498 }
499 
500 int ptrace_writedata(struct task_struct *tsk, char __user *src, unsigned long dst, int len)
501 {
502  int copied = 0;
503 
504  while (len > 0) {
505  char buf[128];
506  int this_len, retval;
507 
508  this_len = (len > sizeof(buf)) ? sizeof(buf) : len;
509  if (copy_from_user(buf, src, this_len))
510  return -EFAULT;
511  retval = access_process_vm(tsk, dst, buf, this_len, 1);
512  if (!retval) {
513  if (copied)
514  break;
515  return -EIO;
516  }
517  copied += retval;
518  src += retval;
519  dst += retval;
520  len -= retval;
521  }
522  return copied;
523 }
524 
525 static int ptrace_setoptions(struct task_struct *child, unsigned long data)
526 {
527  unsigned flags;
528 
529  if (data & ~(unsigned long)PTRACE_O_MASK)
530  return -EINVAL;
531 
532  /* Avoid intermediate state when all opts are cleared */
533  flags = child->ptrace;
534  flags &= ~(PTRACE_O_MASK << PT_OPT_FLAG_SHIFT);
535  flags |= (data << PT_OPT_FLAG_SHIFT);
536  child->ptrace = flags;
537 
538  return 0;
539 }
540 
541 static int ptrace_getsiginfo(struct task_struct *child, siginfo_t *info)
542 {
543  unsigned long flags;
544  int error = -ESRCH;
545 
546  if (lock_task_sighand(child, &flags)) {
547  error = -EINVAL;
548  if (likely(child->last_siginfo != NULL)) {
549  *info = *child->last_siginfo;
550  error = 0;
551  }
552  unlock_task_sighand(child, &flags);
553  }
554  return error;
555 }
556 
557 static int ptrace_setsiginfo(struct task_struct *child, const siginfo_t *info)
558 {
559  unsigned long flags;
560  int error = -ESRCH;
561 
562  if (lock_task_sighand(child, &flags)) {
563  error = -EINVAL;
564  if (likely(child->last_siginfo != NULL)) {
565  *child->last_siginfo = *info;
566  error = 0;
567  }
568  unlock_task_sighand(child, &flags);
569  }
570  return error;
571 }
572 
573 
574 #ifdef PTRACE_SINGLESTEP
575 #define is_singlestep(request) ((request) == PTRACE_SINGLESTEP)
576 #else
577 #define is_singlestep(request) 0
578 #endif
579 
580 #ifdef PTRACE_SINGLEBLOCK
581 #define is_singleblock(request) ((request) == PTRACE_SINGLEBLOCK)
582 #else
583 #define is_singleblock(request) 0
584 #endif
585 
586 #ifdef PTRACE_SYSEMU
587 #define is_sysemu_singlestep(request) ((request) == PTRACE_SYSEMU_SINGLESTEP)
588 #else
589 #define is_sysemu_singlestep(request) 0
590 #endif
591 
592 static int ptrace_resume(struct task_struct *child, long request,
593  unsigned long data)
594 {
595  if (!valid_signal(data))
596  return -EIO;
597 
598  if (request == PTRACE_SYSCALL)
599  set_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
600  else
601  clear_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
602 
603 #ifdef TIF_SYSCALL_EMU
604  if (request == PTRACE_SYSEMU || request == PTRACE_SYSEMU_SINGLESTEP)
605  set_tsk_thread_flag(child, TIF_SYSCALL_EMU);
606  else
607  clear_tsk_thread_flag(child, TIF_SYSCALL_EMU);
608 #endif
609 
610  if (is_singleblock(request)) {
611  if (unlikely(!arch_has_block_step()))
612  return -EIO;
613  user_enable_block_step(child);
614  } else if (is_singlestep(request) || is_sysemu_singlestep(request)) {
615  if (unlikely(!arch_has_single_step()))
616  return -EIO;
617  user_enable_single_step(child);
618  } else {
619  user_disable_single_step(child);
620  }
621 
622  child->exit_code = data;
623  wake_up_state(child, __TASK_TRACED);
624 
625  return 0;
626 }
627 
628 #ifdef CONFIG_HAVE_ARCH_TRACEHOOK
629 
630 static const struct user_regset *
631 find_regset(const struct user_regset_view *view, unsigned int type)
632 {
633  const struct user_regset *regset;
634  int n;
635 
636  for (n = 0; n < view->n; ++n) {
637  regset = view->regsets + n;
638  if (regset->core_note_type == type)
639  return regset;
640  }
641 
642  return NULL;
643 }
644 
645 static int ptrace_regset(struct task_struct *task, int req, unsigned int type,
646  struct iovec *kiov)
647 {
648  const struct user_regset_view *view = task_user_regset_view(task);
649  const struct user_regset *regset = find_regset(view, type);
650  int regset_no;
651 
652  if (!regset || (kiov->iov_len % regset->size) != 0)
653  return -EINVAL;
654 
655  regset_no = regset - view->regsets;
656  kiov->iov_len = min(kiov->iov_len,
657  (__kernel_size_t) (regset->n * regset->size));
658 
659  if (req == PTRACE_GETREGSET)
660  return copy_regset_to_user(task, view, regset_no, 0,
661  kiov->iov_len, kiov->iov_base);
662  else
663  return copy_regset_from_user(task, view, regset_no, 0,
664  kiov->iov_len, kiov->iov_base);
665 }
666 
667 #endif
668 
669 int ptrace_request(struct task_struct *child, long request,
670  unsigned long addr, unsigned long data)
671 {
672  bool seized = child->ptrace & PT_SEIZED;
673  int ret = -EIO;
674  siginfo_t siginfo, *si;
675  void __user *datavp = (void __user *) data;
676  unsigned long __user *datalp = datavp;
677  unsigned long flags;
678 
679  switch (request) {
680  case PTRACE_PEEKTEXT:
681  case PTRACE_PEEKDATA:
682  return generic_ptrace_peekdata(child, addr, data);
683  case PTRACE_POKETEXT:
684  case PTRACE_POKEDATA:
685  return generic_ptrace_pokedata(child, addr, data);
686 
687 #ifdef PTRACE_OLDSETOPTIONS
688  case PTRACE_OLDSETOPTIONS:
689 #endif
690  case PTRACE_SETOPTIONS:
691  ret = ptrace_setoptions(child, data);
692  break;
693  case PTRACE_GETEVENTMSG:
694  ret = put_user(child->ptrace_message, datalp);
695  break;
696 
697  case PTRACE_GETSIGINFO:
698  ret = ptrace_getsiginfo(child, &siginfo);
699  if (!ret)
700  ret = copy_siginfo_to_user(datavp, &siginfo);
701  break;
702 
703  case PTRACE_SETSIGINFO:
704  if (copy_from_user(&siginfo, datavp, sizeof siginfo))
705  ret = -EFAULT;
706  else
707  ret = ptrace_setsiginfo(child, &siginfo);
708  break;
709 
710  case PTRACE_INTERRUPT:
711  /*
712  * Stop tracee without any side-effect on signal or job
713  * control. At least one trap is guaranteed to happen
714  * after this request. If @child is already trapped, the
715  * current trap is not disturbed and another trap will
716  * happen after the current trap is ended with PTRACE_CONT.
717  *
718  * The actual trap might not be PTRACE_EVENT_STOP trap but
719  * the pending condition is cleared regardless.
720  */
721  if (unlikely(!seized || !lock_task_sighand(child, &flags)))
722  break;
723 
724  /*
725  * INTERRUPT doesn't disturb existing trap sans one
726  * exception. If ptracer issued LISTEN for the current
727  * STOP, this INTERRUPT should clear LISTEN and re-trap
728  * tracee into STOP.
729  */
730  if (likely(task_set_jobctl_pending(child, JOBCTL_TRAP_STOP)))
731  signal_wake_up(child, child->jobctl & JOBCTL_LISTENING);
732 
733  unlock_task_sighand(child, &flags);
734  ret = 0;
735  break;
736 
737  case PTRACE_LISTEN:
738  /*
739  * Listen for events. Tracee must be in STOP. It's not
740  * resumed per-se but is not considered to be in TRACED by
741  * wait(2) or ptrace(2). If an async event (e.g. group
742  * stop state change) happens, tracee will enter STOP trap
743  * again. Alternatively, ptracer can issue INTERRUPT to
744  * finish listening and re-trap tracee into STOP.
745  */
746  if (unlikely(!seized || !lock_task_sighand(child, &flags)))
747  break;
748 
749  si = child->last_siginfo;
750  if (likely(si && (si->si_code >> 8) == PTRACE_EVENT_STOP)) {
751  child->jobctl |= JOBCTL_LISTENING;
752  /*
753  * If NOTIFY is set, it means event happened between
754  * start of this trap and now. Trigger re-trap.
755  */
756  if (child->jobctl & JOBCTL_TRAP_NOTIFY)
757  signal_wake_up(child, true);
758  ret = 0;
759  }
760  unlock_task_sighand(child, &flags);
761  break;
762 
763  case PTRACE_DETACH: /* detach a process that was attached. */
764  ret = ptrace_detach(child, data);
765  break;
766 
767 #ifdef CONFIG_BINFMT_ELF_FDPIC
768  case PTRACE_GETFDPIC: {
769  struct mm_struct *mm = get_task_mm(child);
770  unsigned long tmp = 0;
771 
772  ret = -ESRCH;
773  if (!mm)
774  break;
775 
776  switch (addr) {
777  case PTRACE_GETFDPIC_EXEC:
778  tmp = mm->context.exec_fdpic_loadmap;
779  break;
780  case PTRACE_GETFDPIC_INTERP:
781  tmp = mm->context.interp_fdpic_loadmap;
782  break;
783  default:
784  break;
785  }
786  mmput(mm);
787 
788  ret = put_user(tmp, datalp);
789  break;
790  }
791 #endif
792 
793 #ifdef PTRACE_SINGLESTEP
794  case PTRACE_SINGLESTEP:
795 #endif
796 #ifdef PTRACE_SINGLEBLOCK
797  case PTRACE_SINGLEBLOCK:
798 #endif
799 #ifdef PTRACE_SYSEMU
800  case PTRACE_SYSEMU:
801  case PTRACE_SYSEMU_SINGLESTEP:
802 #endif
803  case PTRACE_SYSCALL:
804  case PTRACE_CONT:
805  return ptrace_resume(child, request, data);
806 
807  case PTRACE_KILL:
808  if (child->exit_state) /* already dead */
809  return 0;
810  return ptrace_resume(child, request, SIGKILL);
811 
812 #ifdef CONFIG_HAVE_ARCH_TRACEHOOK
813  case PTRACE_GETREGSET:
814  case PTRACE_SETREGSET:
815  {
816  struct iovec kiov;
817  struct iovec __user *uiov = datavp;
818 
819  if (!access_ok(VERIFY_WRITE, uiov, sizeof(*uiov)))
820  return -EFAULT;
821 
822  if (__get_user(kiov.iov_base, &uiov->iov_base) ||
823  __get_user(kiov.iov_len, &uiov->iov_len))
824  return -EFAULT;
825 
826  ret = ptrace_regset(child, request, addr, &kiov);
827  if (!ret)
828  ret = __put_user(kiov.iov_len, &uiov->iov_len);
829  break;
830  }
831 #endif
832  default:
833  break;
834  }
835 
836  return ret;
837 }
838 
839 static struct task_struct *ptrace_get_task_struct(pid_t pid)
840 {
841  struct task_struct *child;
842 
843  rcu_read_lock();
844  child = find_task_by_vpid(pid);
845  if (child)
846  get_task_struct(child);
847  rcu_read_unlock();
848 
849  if (!child)
850  return ERR_PTR(-ESRCH);
851  return child;
852 }
853 
854 #ifndef arch_ptrace_attach
855 #define arch_ptrace_attach(child) do { } while (0)
856 #endif
857 
858 SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr,
859  unsigned long, data)
860 {
861  struct task_struct *child;
862  long ret;
863 
864  if (request == PTRACE_TRACEME) {
865  ret = ptrace_traceme();
866  if (!ret)
867  arch_ptrace_attach(current);
868  goto out;
869  }
870 
871  child = ptrace_get_task_struct(pid);
872  if (IS_ERR(child)) {
873  ret = PTR_ERR(child);
874  goto out;
875  }
876 
877  if (request == PTRACE_ATTACH || request == PTRACE_SEIZE) {
878  ret = ptrace_attach(child, request, addr, data);
879  /*
880  * Some architectures need to do book-keeping after
881  * a ptrace attach.
882  */
883  if (!ret)
884  arch_ptrace_attach(child);
885  goto out_put_task_struct;
886  }
887 
888  ret = ptrace_check_attach(child, request == PTRACE_KILL ||
889  request == PTRACE_INTERRUPT);
890  if (ret < 0)
891  goto out_put_task_struct;
892 
893  ret = arch_ptrace(child, request, addr, data);
894 
895  out_put_task_struct:
896  put_task_struct(child);
897  out:
898  return ret;
899 }
900 
901 int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr,
902  unsigned long data)
903 {
904  unsigned long tmp;
905  int copied;
906 
907  copied = access_process_vm(tsk, addr, &tmp, sizeof(tmp), 0);
908  if (copied != sizeof(tmp))
909  return -EIO;
910  return put_user(tmp, (unsigned long __user *)data);
911 }
912 
913 int generic_ptrace_pokedata(struct task_struct *tsk, unsigned long addr,
914  unsigned long data)
915 {
916  int copied;
917 
918  copied = access_process_vm(tsk, addr, &data, sizeof(data), 1);
919  return (copied == sizeof(data)) ? 0 : -EIO;
920 }
921 
922 #if defined CONFIG_COMPAT
923 #include <linux/compat.h>
924 
925 int compat_ptrace_request(struct task_struct *child, compat_long_t request,
926  compat_ulong_t addr, compat_ulong_t data)
927 {
928  compat_ulong_t __user *datap = compat_ptr(data);
929  compat_ulong_t word;
930  siginfo_t siginfo;
931  int ret;
932 
933  switch (request) {
934  case PTRACE_PEEKTEXT:
935  case PTRACE_PEEKDATA:
936  ret = access_process_vm(child, addr, &word, sizeof(word), 0);
937  if (ret != sizeof(word))
938  ret = -EIO;
939  else
940  ret = put_user(word, datap);
941  break;
942 
943  case PTRACE_POKETEXT:
944  case PTRACE_POKEDATA:
945  ret = access_process_vm(child, addr, &data, sizeof(data), 1);
946  ret = (ret != sizeof(data) ? -EIO : 0);
947  break;
948 
949  case PTRACE_GETEVENTMSG:
950  ret = put_user((compat_ulong_t) child->ptrace_message, datap);
951  break;
952 
953  case PTRACE_GETSIGINFO:
954  ret = ptrace_getsiginfo(child, &siginfo);
955  if (!ret)
956  ret = copy_siginfo_to_user32(
957  (struct compat_siginfo __user *) datap,
958  &siginfo);
959  break;
960 
961  case PTRACE_SETSIGINFO:
962  memset(&siginfo, 0, sizeof siginfo);
963  if (copy_siginfo_from_user32(
964  &siginfo, (struct compat_siginfo __user *) datap))
965  ret = -EFAULT;
966  else
967  ret = ptrace_setsiginfo(child, &siginfo);
968  break;
969 #ifdef CONFIG_HAVE_ARCH_TRACEHOOK
970  case PTRACE_GETREGSET:
971  case PTRACE_SETREGSET:
972  {
973  struct iovec kiov;
974  struct compat_iovec __user *uiov =
975  (struct compat_iovec __user *) datap;
976  compat_uptr_t ptr;
977  compat_size_t len;
978 
979  if (!access_ok(VERIFY_WRITE, uiov, sizeof(*uiov)))
980  return -EFAULT;
981 
982  if (__get_user(ptr, &uiov->iov_base) ||
983  __get_user(len, &uiov->iov_len))
984  return -EFAULT;
985 
986  kiov.iov_base = compat_ptr(ptr);
987  kiov.iov_len = len;
988 
989  ret = ptrace_regset(child, request, addr, &kiov);
990  if (!ret)
991  ret = __put_user(kiov.iov_len, &uiov->iov_len);
992  break;
993  }
994 #endif
995 
996  default:
997  ret = ptrace_request(child, request, addr, data);
998  }
999 
1000  return ret;
1001 }
1002 
1003 asmlinkage long compat_sys_ptrace(compat_long_t request, compat_long_t pid,
1004  compat_long_t addr, compat_long_t data)
1005 {
1006  struct task_struct *child;
1007  long ret;
1008 
1009  if (request == PTRACE_TRACEME) {
1010  ret = ptrace_traceme();
1011  goto out;
1012  }
1013 
1014  child = ptrace_get_task_struct(pid);
1015  if (IS_ERR(child)) {
1016  ret = PTR_ERR(child);
1017  goto out;
1018  }
1019 
1020  if (request == PTRACE_ATTACH || request == PTRACE_SEIZE) {
1021  ret = ptrace_attach(child, request, addr, data);
1022  /*
1023  * Some architectures need to do book-keeping after
1024  * a ptrace attach.
1025  */
1026  if (!ret)
1027  arch_ptrace_attach(child);
1028  goto out_put_task_struct;
1029  }
1030 
1031  ret = ptrace_check_attach(child, request == PTRACE_KILL ||
1032  request == PTRACE_INTERRUPT);
1033  if (!ret)
1034  ret = compat_arch_ptrace(child, request, addr, data);
1035 
1036  out_put_task_struct:
1037  put_task_struct(child);
1038  out:
1039  return ret;
1040 }
1041 #endif /* CONFIG_COMPAT */
1042 
1043 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1044 int ptrace_get_breakpoints(struct task_struct *tsk)
1045 {
1046  if (atomic_inc_not_zero(&tsk->ptrace_bp_refcnt))
1047  return 0;
1048 
1049  return -1;
1050 }
1051 
1052 void ptrace_put_breakpoints(struct task_struct *tsk)
1053 {
1054  if (atomic_dec_and_test(&tsk->ptrace_bp_refcnt))
1055  flush_ptrace_hw_breakpoint(tsk);
1056 }
1057 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
Generated on Thu Jan 10 2013 12:52:37 for Linux Kernel by   doxygen 1.8.2