On Wed, May 02, 2012 at 10:59:37PM -0400, Jon Masters wrote:

On 04/30/2012 03:00 PM, Russell King - ARM Linux wrote:

quoted

On Mon, Apr 30, 2012 at 11:07:46AM +0100, Will Deacon wrote:

quoted

diff --git a/arch/arm/kernel/ptrace.c b/arch/arm/kernel/ptrace.c
index 80abafb..bfcadc0 100644
--- a/arch/arm/kernel/ptrace.c
+++ b/arch/arm/kernel/ptrace.c

@@ -916,14 +916,7 @@ asmlinkage int syscall_trace(int why, struct pt_regs *regs, int scno)
 {
        unsigned long ip;
 
-       /*
-        * Save IP.  IP is used to denote syscall entry/exit:
-        *  IP = 0 -> entry, = 1 -> exit
-        */
-       ip = regs->ARM_ip;
-       regs->ARM_ip = why;
-
-       if (!ip)
+       if (why)

Umm yes, that original code is complete crap, because the old IP value
has no meaning what so ever.  The replacement looks much better here.

Hey Russell,

So given that Will's replacement works in my investigation, etc. Can you
pull that please with my reported/tested-by ACK? I think it's a stable
candidate too. I mean, ok, it won't crash your system unless you have
audit capability, but it's still a good idea to fix I think.

How about splitting the damn thing into syscall_trace_enter() and
syscall_trace_exit(), losing the "why" argument along with all possible
confusion as to which audit hook to call?