The generic report_single_step() always returns false if SYSCALL_EMU is set, but arm64 only checks _TIF_SINGLESTEP and does not check _TIF_SYSCALL_EMU, which means that if both _TIF_SINGLESTEP and _TIF_SYSCALL_EMU are set, the generic entry will not report a single-step, whereas arm64 will do it. As the man manual of PTRACE_SYSEMU and PTRACE_SYSEMU_SINGLESTEP said, "For PTRACE_SYSEMU, continue and stop on entry to the next system call, which will not be executed. For PTRACE_SYSEMU_SINGLESTEP, do the same but also singlestep if not a system call.". And as the generic entry report_single_step() comment said, If SYSCALL_EMU is set, then the only reason to report is when SINGLESTEP is set (i.e. PTRACE_SYSEMU_SINGLESTEP). Because this syscall instruction has been already reported in syscall_trace_enter(), there is no need to report the syscall again in syscall_exit_work(). In preparation for moving arm64 over to the generic entry code, - Add report_single_step() helper for arm64 to make it clear. - Do not report_syscall_exit() if both _TIF_SYSCALL_EMU and _TIF_SINGLESTEP set. Signed-off-by: Jinjie Ruan <ruanjinjie@huawei.com> --- arch/arm64/kernel/ptrace.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/arm64/kernel/ptrace.c b/arch/arm64/kernel/ptrace.c index 3e233968efa2..25111c121b5e 100644 --- a/arch/arm64/kernel/ptrace.c +++ b/arch/arm64/kernel/ptrace.c @@ -2414,14 +2414,25 @@ int syscall_trace_enter(struct pt_regs *regs, long syscall, unsigned long flags) return syscall; } +static inline bool report_single_step(unsigned long flags) +{ + if (flags & _TIF_SYSCALL_EMU) + return false; + + return flags & _TIF_SINGLESTEP; +} + static void syscall_exit_work(struct pt_regs *regs, unsigned long flags) { + bool step; + audit_syscall_exit(regs); if (flags & _TIF_SYSCALL_TRACEPOINT) trace_sys_exit(regs, syscall_get_return_value(current, regs)); - if (flags & (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP)) + step = report_single_step(flags); + if (step || flags & _TIF_SYSCALL_TRACE) report_syscall_exit(regs); } -- 2.34.1