Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 20 Aug 2007 19:08:53 +0300
From:      Kostik Belousov <kostikbel@gmail.com>
To:        Yuriy Tsibizov <yuriy.tsibizov@gmail.com>
Cc:        hackers@freebsd.org
Subject:   Re: modify syscall nr on-the-fly
Message-ID:  <20070820160853.GS2738@deviant.kiev.zoral.com.ua>
In-Reply-To: <c019b3090708180301r1e4153av72c27bcc9aaceb2e@mail.gmail.com>
References:  <c019b3090708180301r1e4153av72c27bcc9aaceb2e@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--XhI9yHzIhar7c5RA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Aug 18, 2007 at 02:01:26PM +0400, Yuriy Tsibizov wrote:
> I'm trying to get user-mode Linux to run under FreeBSD Linux emulation (on
> i386).
>=20
> User-mode Linux in it's start-up tests tries to modify syscall number (to=
 be
> called by kernel) on-the-fly
> (http://fxr.watson.org/fxr/source/arch/um/os-Linux/start_up.c?v=3Dlinux-2=
.6).
> It forks a child thread that stops
> (using SIGSTOP), calls getpid() (that will be intercepted by parent thread
> using PTRACE_SYSCALL)
> and return some value based on getpid() results. Main thread waits for
> SIGSTOP in child process and
> enables PTRACE_SYSCALL (I have some code that implements it. It makes some
> incompatible changes
> to PT_SYSCALL that will break FreeBSD applications, but works for Linux
> apps). When main thread
> catches SIGTRAP (generated by ptrace) it tries to modify EAX of child thr=
ead
> (with PTRACE_PEEKUSR
> and PTRACE_POKEUSR) to replace getpid syscall with getppid.
>=20
> is it possible to get updated EAX (and other registers as well)  in
> syscall(...) after ptracestop(...) in PTRACESTOP_SC(...) returns?
>=20
> Hope for your help,
>=20
> Yuriy.

If I understand right what you want, I doubt that existing code would
allow you to change syscall number in debugger process for debuggee.
You shall look at the sys/i386/i386/trap.c, syscall() function [adjust
as needed for other arches]. It calculates callp before doing PTRACESTOP_SC,
as well as copies the syscall arguments into the kernel address space.


--XhI9yHzIhar7c5RA
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)

iD8DBQFGybyVC3+MBN1Mb4gRAoihAKCTDL7I7Jl1iYmGLeIaLVUUFjpNHwCfV/wi
T25OLXGdcNdI6pIaWn+inbw=
=pij+
-----END PGP SIGNATURE-----

--XhI9yHzIhar7c5RA--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070820160853.GS2738>