From nobody Sat Jul 4 20:01:17 2026 Received: from mail.virtlab.unibo.it (mail.virtlab.unibo.it [130.136.161.50]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DF23F2701B8 for ; Sat, 4 Jul 2026 14:26:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=130.136.161.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783175218; cv=none; b=Q8u1bOMZ5/s/6So5rYiJcOcSwc+g8NeSAEmEz0++XJJrDpUl3fX26/3v/62zlS5DuPgHBd+mbRN/26iIvv7HIcSZQWrF1E1v5czS4xAQUfJsm6RgKEWSwRT4jO8YHTkP+P4VPR6/DnWLzgmf26hC4VYvGlRKi8u2hWkH6EXsfUI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783175218; c=relaxed/simple; bh=200VCId7n5Cbw64NyAP86+vQmsKjAocV4cWpez4VRCE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=RxKwqrdnLM1C2ApMb88Jgtgh4wmcu0LAXMlK2e8eQzCE07HY2TTUhFAM72KW/6RXWyyYF3hSAeVFJQpeANNk94TZL/b2nRKUilVWMdHjcIuhCAqUxS0/QDG0cYMh1VGmjAEzZGmeMvnHu/5kZEZRuoJfUKrQdWZPooTZMa7yw38= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=cs.unibo.it; spf=pass smtp.mailfrom=cs.unibo.it; dkim=pass (1024-bit key) header.d=cs.unibo.it header.i=@cs.unibo.it header.b=S8YZiRcx; arc=none smtp.client-ip=130.136.161.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=cs.unibo.it Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=cs.unibo.it Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=cs.unibo.it header.i=@cs.unibo.it header.b="S8YZiRcx" Received: from eipi10.cs.unibo.it (unknown [94.32.99.206]) by mail.virtlab.unibo.it (Postfix) with ESMTPA id BB2F61C024E; Sat, 4 Jul 2026 16:26:54 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cs.unibo.it; s=virtlab; t=1783175214; bh=200VCId7n5Cbw64NyAP86+vQmsKjAocV4cWpez4VRCE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=S8YZiRcxOzoqWH6BQoVtBfm9Nl+OLcP9aoUg1ftG1JKqNrXl4vZRRYkvh1DcN4uwU ir/B5SU4OaxUlJ60HLjW5QF96kT2NtvoVOuRhdxzf8zZBGhNF5XV9sjv3+37wzFoIU tI3w3VXR7R4UaTTq72lteXbGCDGRelrbwlydtJxU= From: Renzo Davoli To: linux-kernel@vger.kernel.org Cc: Renzo Davoli , Andrew Morton , Oleg Nesterov , Shuah Khan , Alexey Gladkov , Eugene Syromyatnikov , Davide Berardi , strace-devel@lists.strace.io, "Dmitry V . Levin" Subject: [PATCH v2 1/2] ptrace: PTRACE_SET_SYSCALL_INFO syscall skipping support Date: Sat, 4 Jul 2026 16:26:42 +0200 Message-ID: <20260704142643.692754-2-renzo@cs.unibo.it> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260704142643.692754-1-renzo@cs.unibo.it> References: <20260704142643.692754-1-renzo@cs.unibo.it> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" This patch extends PTRACE_SET_SYSCALL_INFO with support for skipping a syst= em call triggered via seccomp. When the tracer retrieves a ptrace_syscall_info structure with op =3D=3D PTRACE_SYSCALL_INFO_SECCOMP or PTRACE_SYSCALL_INFO_ENTRY, it may choose to = skip the system call by changing op to PTRACE_SYSCALL_INFO_EXIT and populating t= he exit union fields (rval and is_error) to define the return value and error status for the tracee. Signed-off-by: Renzo Davoli --- kernel/ptrace.c | 28 +++++++++++++++++++++++----- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/kernel/ptrace.c b/kernel/ptrace.c index d041645d9d17..a77143dec5bd 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c @@ -1099,7 +1099,7 @@ ptrace_set_syscall_info_seccomp(struct task_struct *c= hild, struct pt_regs *regs, =20 static int ptrace_set_syscall_info_exit(struct task_struct *child, struct pt_regs *re= gs, - struct ptrace_syscall_info *info) + struct ptrace_syscall_info *info, bool skip_syscall) { long rval =3D info->exit.rval; =20 @@ -1111,6 +1111,9 @@ ptrace_set_syscall_info_exit(struct task_struct *chil= d, struct pt_regs *regs, if (rval !=3D info->exit.rval) return -ERANGE; =20 + if (skip_syscall) + syscall_set_nr(child, regs, -1); + if (info->exit.is_error) syscall_set_return_value(child, regs, rval, 0); else @@ -1125,6 +1128,8 @@ ptrace_set_syscall_info(struct task_struct *child, un= signed long user_size, { struct pt_regs *regs =3D task_pt_regs(child); struct ptrace_syscall_info info; + int child_op; + bool skip_syscall =3D false; =20 if (user_size < sizeof(info)) return -EINVAL; @@ -1141,15 +1146,28 @@ ptrace_set_syscall_info(struct task_struct *child, = unsigned long user_size, if (info.flags || info.reserved) return -EINVAL; =20 - /* Changing the type of the system call stop is not supported yet. */ - if (ptrace_get_syscall_info_op(child) !=3D info.op) - return -EINVAL; + /* + * Changing the type of the system call stop is not allowed, with the + * following exception: + * PTRACE_SYSCALL_INFO_SECCOMP or PTRACE_SYSCALL_INFO_ENTRY can be changed + * to PTRACE_SYSCALL_INFO_EXIT to skip the system call + */ + + child_op =3D ptrace_get_syscall_info_op(child); + if (child_op !=3D info.op) { + if (info.op =3D=3D PTRACE_SYSCALL_INFO_EXIT && + (child_op =3D=3D PTRACE_SYSCALL_INFO_ENTRY || + child_op =3D=3D PTRACE_SYSCALL_INFO_SECCOMP)) + skip_syscall =3D true; + else + return -EINVAL; + } =20 switch (info.op) { case PTRACE_SYSCALL_INFO_ENTRY: return ptrace_set_syscall_info_entry(child, regs, &info); case PTRACE_SYSCALL_INFO_EXIT: - return ptrace_set_syscall_info_exit(child, regs, &info); + return ptrace_set_syscall_info_exit(child, regs, &info, skip_syscall); case PTRACE_SYSCALL_INFO_SECCOMP: return ptrace_set_syscall_info_seccomp(child, regs, &info); default: --=20 2.53.0 From nobody Sat Jul 4 20:01:17 2026 Received: from mail.virtlab.unibo.it (mail.virtlab.unibo.it [130.136.161.50]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D982729ACC6 for ; Sat, 4 Jul 2026 14:26:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=130.136.161.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783175218; cv=none; b=FLy81siInUp6+/7vubZed9qavkcqcdwcdLcc319llRN0eUtLcg6XLs+qB50HPG73FHDeprk6vaHLivIpBJKUEO8r/WxNJvGHlNOlU2IYq6IvrqZ5fkq+bcF2CoxAxoP2k7FnvqlXRTl/djZRE4cpDDCwlMJtRlSPkL7+G970Pjk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1783175218; c=relaxed/simple; bh=zPxIRtEPsnNfMq5PiwEhui2uEeOt0GenZUJe9RoOO6E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=kN6M0QkwqjYREI4HvCbdP2zYTlD6A/T54ZLDVPPdiYCxBz9E4gqtFReu1nfty78gmtbnJZkrPWITSZnNpUBwU8GNiV+aOHaxp/Qhi+v8QbdkQE+gEzHbtMjjKxiEQ9kfGDrFHKnKDJJ6ijLIlfzbpIYP887I8WAqIQjgpk4ntNA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=cs.unibo.it; spf=pass smtp.mailfrom=cs.unibo.it; dkim=pass (1024-bit key) header.d=cs.unibo.it header.i=@cs.unibo.it header.b=g9LwW2bJ; arc=none smtp.client-ip=130.136.161.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=cs.unibo.it Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=cs.unibo.it Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=cs.unibo.it header.i=@cs.unibo.it header.b="g9LwW2bJ" Received: from eipi10.cs.unibo.it (unknown [94.32.99.206]) by mail.virtlab.unibo.it (Postfix) with ESMTPA id ADCF31C0257; Sat, 4 Jul 2026 16:26:55 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cs.unibo.it; s=virtlab; t=1783175215; bh=zPxIRtEPsnNfMq5PiwEhui2uEeOt0GenZUJe9RoOO6E=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=g9LwW2bJnN8Rxf6hxeQeReFkkQxP51VnwUmSKLfQ3Io3dnotmuo4KscUqTo5EdKBk FdhtJo/m0zLiGdi72cw65pxy81/KJGvGX/ESsMhifga5oOLhtaiM0xppogKg6FL1TB tXaTSy/jK/14lz8/mb8gA8LbR/rXT3tBvC0VG3p0= From: Renzo Davoli To: linux-kernel@vger.kernel.org Cc: Renzo Davoli , Andrew Morton , Oleg Nesterov , Shuah Khan , Alexey Gladkov , Eugene Syromyatnikov , Davide Berardi , strace-devel@lists.strace.io, "Dmitry V . Levin" Subject: [PATCH v2 2/2] selftests/ptrace: add a test case for PTRACE_SYSCALL_INFO syscall skipping Date: Sat, 4 Jul 2026 16:26:43 +0200 Message-ID: <20260704142643.692754-3-renzo@cs.unibo.it> X-Mailer: git-send-email 2.53.0 In-Reply-To: <20260704142643.692754-1-renzo@cs.unibo.it> References: <20260704142643.692754-1-renzo@cs.unibo.it> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Check whether PTRACE_SYSCALL_INFO syscall skiping semantics implemented in = the kernel matches userspace expectations. Signed-off-by: Renzo Davoli --- .../selftests/ptrace/set_syscall_info.c | 176 +++++++++++++++++- 1 file changed, 175 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/ptrace/set_syscall_info.c b/tools/test= ing/selftests/ptrace/set_syscall_info.c index 1cc411a41cd6..bcc867b627cd 100644 --- a/tools/testing/selftests/ptrace/set_syscall_info.c +++ b/tools/testing/selftests/ptrace/set_syscall_info.c @@ -11,9 +11,16 @@ #include #include #include +#include +#include #include +#include #include #include +#include +#include +#include + =20 #if defined(_MIPS_SIM) && _MIPS_SIM =3D=3D _MIPS_SIM_NABI32 /* @@ -36,6 +43,7 @@ struct si_exit { =20 static unsigned int ptrace_stop; static pid_t tracee_pid; +static pid_t tracer_pid; =20 static int kill_tracee(pid_t pid) @@ -64,6 +72,25 @@ sys_ptrace(int request, pid_t pid, unsigned long addr, u= nsigned long data) ptrace_stop, ##__VA_ARGS__); \ } while (0) =20 +static int sys_seccomp(unsigned int operation, unsigned int flags, void *a= rgs) +{ + return syscall(__NR_seccomp, operation, flags, args); +} + +static struct sock_filter seccomp_filter[] =3D { + BPF_STMT(BPF_LD+BPF_W+BPF_ABS, offsetof(struct seccomp_data, nr)), + + BPF_JUMP(BPF_JMP+BPF_JEQ+BPF_K, __NR_restart_syscall, 0, 1), + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_ALLOW), + + BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_TRACE), +}; + +static struct sock_fprog seccomp_prog =3D { + .filter =3D seccomp_filter, + .len =3D ARRAY_SIZE(seccomp_filter) +}; + static void check_psi_entry(struct __test_metadata *_metadata, const struct ptrace_syscall_info *info, @@ -128,7 +155,6 @@ check_psi_exit(struct __test_metadata *_metadata, =20 TEST(set_syscall_info) { - const pid_t tracer_pid =3D getpid(); const kernel_ulong_t dummy[] =3D { (kernel_ulong_t) 0xdad0bef0bad0fed0ULL, (kernel_ulong_t) 0xdad1bef1bad1fed1ULL, @@ -138,6 +164,7 @@ TEST(set_syscall_info) (kernel_ulong_t) 0xdad5bef5bad5fed5ULL, }; int splice_in[2], splice_out[2]; + tracer_pid =3D getpid(); =20 ASSERT_EQ(0, pipe(splice_in)); ASSERT_EQ(0, pipe(splice_out)); @@ -516,4 +543,151 @@ TEST(set_syscall_info) ASSERT_EQ(ptrace_stop, ARRAY_SIZE(si) * 2); } =20 +TEST(set_syscall_info_seccomp) +{ + tracer_pid =3D getpid(); + tracee_pid =3D fork(); + + ASSERT_LE(0, tracee_pid) { + TH_LOG("fork: %m"); + } + + /* tracee */ + if (tracee_pid =3D=3D 0) { + tracee_pid =3D getpid(); + ASSERT_EQ(0, sys_ptrace(PTRACE_TRACEME, 0, 0, 0)) { + TH_LOG("PTRACE_TRACEME: %m"); + } + ASSERT_EQ(0, kill(tracee_pid, SIGSTOP)) { + /* cannot happen */ + TH_LOG("kill SIGSTOP: %m"); + } + + ASSERT_EQ(0, prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) { + TH_LOG("prctl: %m"); + _exit(1); + } + ASSERT_EQ(0, sys_seccomp(SECCOMP_SET_MODE_FILTER, 0, + (void *) &seccomp_prog)) { + TH_LOG("seccomp: %m"); + _exit(1); + } + + /* run getpid unmodified */ + ASSERT_EQ(tracee_pid, getpid()) { + TH_LOG("getpid seccomp unchanged: %m"); + _exit(1); + } + + /* run getppid instead of getpid */ + ASSERT_EQ(tracer_pid, getpid()) { + TH_LOG("getpid seccomp nr changes: %m"); + _exit(1); + } + + /* skip getpid and return 42 */ + ASSERT_EQ(42, getpid()) { + TH_LOG("getpid skip set return value changes: %m"); + _exit(1); + } + _exit(0); + } + + int status; + + /* tracer */ + ASSERT_LE(0, waitpid(-1,&status,0)) { + LOG_KILL_TRACEE("waitpid: %m"); + } + + ASSERT_EQ(0, sys_ptrace(PTRACE_SETOPTIONS, tracee_pid, 0, PTRACE_O_TRACES= ECCOMP | PTRACE_O_TRACESYSGOOD)) + LOG_KILL_TRACEE("PTRACE_SETOPTIONS: %m"); + + ASSERT_EQ(0, sys_ptrace(PTRACE_CONT, tracee_pid, 0, 0)) { + LOG_KILL_TRACEE("PTRACE_CONT: %m"); + } + + while (1) { + ASSERT_EQ(tracee_pid, wait(&status)) { + /* cannot happen */ + LOG_KILL_TRACEE("wait: %m"); + } + if (WIFEXITED(status)) { + tracee_pid =3D 0; /* the tracee is no more */ + ASSERT_EQ(0, WEXITSTATUS(status)) { + LOG_KILL_TRACEE("unexpected exit status %u", + WEXITSTATUS(status)); + } + break; + } + ASSERT_FALSE(WIFSIGNALED(status)) { + tracee_pid =3D 0; /* the tracee is no more */ + LOG_KILL_TRACEE("unexpected signal %u", + WTERMSIG(status)); + } + ASSERT_TRUE(WIFSTOPPED(status)) { + LOG_KILL_TRACEE("unexpected wait status %#x", status); + } + + if (status >> 8 =3D=3D (SIGTRAP | (PTRACE_EVENT_SECCOMP << 8))) { + struct ptrace_syscall_info info; + size_t info_size =3D sizeof(info); + ASSERT_LT(0, sys_ptrace(PTRACE_GET_SYSCALL_INFO, tracee_pid, info_size,= (uintptr_t) &info)) { + LOG_KILL_TRACEE("PTRACE_GET_SYSCALL_INFO: %m"); + }; + ASSERT_EQ(PTRACE_SYSCALL_INFO_SECCOMP, info.op) { + LOG_KILL_TRACEE("entry op mismatch: %m"); + } + ASSERT_TRUE(info.arch) { + LOG_KILL_TRACEE("entry arch mismatch: %m"); + } + ASSERT_TRUE(info.instruction_pointer) { + LOG_KILL_TRACEE("entry instruction_pointer mismatch: %m"); + } + ASSERT_TRUE(info.stack_pointer) { + LOG_KILL_TRACEE("entry stack_pointer mismatch: %m"); + } + + switch (ptrace_stop) { + case 0: ASSERT_EQ(__NR_getpid, info.seccomp.nr) { + LOG_KILL_TRACEE("step %d nr __NR_getpid mismatch: %m", ptrace_stop); + } + ptrace_stop++; + break; + case 1: ASSERT_EQ(__NR_getpid, info.seccomp.nr) { + LOG_KILL_TRACEE("step %d nr __NR_getpid mismatch: %m", ptrace_stop); + } + info.seccomp.nr =3D __NR_getppid; + ptrace_stop++; + break; + case 2: ASSERT_EQ(__NR_getpid, info.seccomp.nr) { + LOG_KILL_TRACEE("step %d nr __NR_getpid mismatch: %m", ptrace_stop); + } + info.op =3D PTRACE_SYSCALL_INFO_EXIT; + info.exit.rval =3D 42; + info.exit.is_error =3D 0; + ptrace_stop++; + break; + case 3: ASSERT_EQ(__NR_exit_group, info.seccomp.nr) { + LOG_KILL_TRACEE("step %d nr __NR_exit_group mismatch: %m", ptrace_s= top); + } + break; + default: + LOG_KILL_TRACEE("unexpected system call: %m"); + break; + + } + ASSERT_EQ(0,sys_ptrace(PTRACE_SET_SYSCALL_INFO, tracee_pid, info_size, = (uintptr_t) &info)) { + LOG_KILL_TRACEE("PTRACE_SET_SYSCALL_INFO: %m"); + } + + ASSERT_EQ(0,sys_ptrace(PTRACE_CONT, tracee_pid, 0, 0)) { + LOG_KILL_TRACEE("PTRACE_CONT: %m"); + } + } else { + LOG_KILL_TRACEE("unexpected signal: %m"); + } + } +} + TEST_HARNESS_MAIN --=20 2.53.0