| --- | Log | opened Thu Mar 06 00:00:37 2008 |
| 00:13 | -!- | balbir [~balbir@122.167.210.53] has quit [Ping timeout: 480 seconds] |
| 00:57 | -!- | SNy [34c6714062@bmx-chemnitz.de] has quit [Ping timeout: 480 seconds] |
| 01:44 | -!- | balbir [~balbir@59.145.136.1] has joined #uml |
| 02:59 | -!- | desaster_ [desaster@narf.fi] has joined #uml |
| 03:00 | -!- | desaster_ [desaster@narf.fi] has left #uml [] |
| 03:00 | -!- | desaster [desaster@narf.fi] has joined #uml |
| 04:39 | -!- | Netsplit synthon.oftc.net <-> oxygen.oftc.net quits: balbir, ds2 |
| 04:44 | -!- | Netsplit over, joins: balbir, ds2 |
| 07:41 | -!- | balbir [~balbir@59.145.136.1] has quit [Ping timeout: 480 seconds] |
| 08:27 | -!- | dang [~dang@75.38.192.168] has quit [Quit: Leaving.] |
| 08:36 | -!- | krau [~cktakahas@200.184.118.132] has quit [Quit: Varei!!!] |
| 08:36 | -!- | krau [~cktakahas@200.184.118.132] has joined #uml |
| 08:52 | -!- | dang [~dang@aa-redwall.ghs.com] has joined #uml |
| 08:53 | -!- | jdike [~jdike@pool-72-93-105-206.bstnma.fios.verizon.net] has joined #uml |
| 08:53 | <jdike:#uml> | Hi guys |
| 08:55 | <caker:#uml> | good morning |
| 08:55 | -!- | tyler29 [~tyler@ARennes-257-1-151-92.w86-210.abo.wanadoo.fr] has joined #uml |
| 09:05 | -!- | AukeF [~auke@x181.flex.surfnet.nl] has joined #uml |
| 09:06 | <AukeF:#uml> | Hello everone; It might be a little offtopic but I am having some problems with ptrace(PTRACE_SYSEMU...) - seeing as how UML uses this i figured some epxerts might reside here? |
| 09:07 | <AukeF:#uml> | I am attempting to program deterministic replaying of unix binaries, by capturing systemcall results, and 'faking' system calls during replay (ie. inserting results caught during capture) |
| 09:08 | <AukeF:#uml> | Anyone familiar with using ptrace in such a context? |
| 09:10 | * | jdike:#uml would be |
| 09:11 | <AukeF:#uml> | cool :-) I guess it starts simple enough. Am I correct in assuming that PTRACE_SYSEMU does capture the systemcall but does not actually execute it? |
| 09:11 | <jdike:#uml> | yup |
| 09:11 | <jdike:#uml> | it's entirely up to the ptrace parent to fake the system call |
| 09:12 | <jdike:#uml> | including filling in any output data |
| 09:12 | <AukeF:#uml> | exactly what I'm looking for, as the data is copied during the 'capture' phase... however, |
| 09:12 | <AukeF:#uml> | some systemcalls DO have to be executed. (think brk())... how would I go about that? |
| 09:13 | <AukeF:#uml> | mm, this might not be entirely clear, allow me to elaborate a bit more... |
| 09:13 | <jdike:#uml> | all system calls have to be emulated somehow |
| 09:13 | <jdike:#uml> | some are easier than others |
| 09:13 | -!- | dang [~dang@aa-redwall.ghs.com] has quit [Quit: Leaving.] |
| 09:13 | -!- | dang [~dang@aa-redwall.ghs.com] has joined #uml |
| 09:14 | <jdike:#uml> | is there some reason you want to use SYSEMU instead of SYSCALL? |
| 09:14 | <AukeF:#uml> | i have 2 separate programs. one is tracing program execution, capturing systemcalls being made, their results, arguments (including dereferencing arguments that are pointers to fetch the actual data)... this is stored in some file |
| 09:15 | <jdike:#uml> | speed is the advantage of SYSEMU - it gives you no extra functionality |
| 09:15 | <AukeF:#uml> | the other program is using said file, to provide *deterministic* replay of the traced program. My idea is that by using SYSEMU I can just fake all systemcalls by setting the registers/return value to what they were at capture time |
| 09:15 | <AukeF:#uml> | the point is that I want to avoid the actual systemcall during playback |
| 09:15 | <AukeF:#uml> | since I have the results already |
| 09:15 | -!- | tyler29 [~tyler@ARennes-257-1-151-92.w86-210.abo.wanadoo.fr] has quit [Ping timeout: 480 seconds] |
| 09:16 | <jdike:#uml> | UML does that by changing the system call to getpid |
| 09:16 | <jdike:#uml> | with PTRACE_SYSCALL |
| 09:16 | <AukeF:#uml> | aha |
| 09:16 | <jdike:#uml> | have you thought carefully about whether true determinism is possible? |
| 09:17 | <jdike:#uml> | esp. in the presence of address space randomization? |
| 09:17 | <AukeF:#uml> | its my masters' thesis to figure it out ;) |
| 09:17 | <jdike:#uml> | well, I guess you have an incentive then |
| 09:18 | <AukeF:#uml> | but address randomization is definately an issue I'm looking into |
| 09:18 | <jdike:#uml> | with brk (and mmap et al), you need to get into the other guy's address space and modify it |
| 09:18 | <jdike:#uml> | you can let the system call proceed in those cases |
| 09:19 | <jdike:#uml> | but that doesn't help if your file says the syscall has to fail |
| 09:19 | <AukeF:#uml> | yea, that seems like a nice idea... I was thinking the other way around (using SYSEMU and try desperately to make a real brk call, but that seems hard, at least |
| 09:19 | <jdike:#uml> | UML has techniques for doing this |
| 09:20 | <AukeF:#uml> | I guess mangling orig_eax is all it takes to change syscalls being made to, eg. getpid? |
| 09:20 | <jdike:#uml> | you can make a system call happen with SYSEMU by setting the IP to before the system call and PTRACE_SYSCALLing it |
| 09:20 | <jdike:#uml> | yup |
| 09:21 | <AukeF:#uml> | yea, thats what I thought about as well.. would you happen to have a (pointer to) an example of that technique? |
| 09:21 | <jdike:#uml> | no |
| 09:21 | <jdike:#uml> | because I don't do it |
| 09:21 | <jdike:#uml> | UML never lets system calls run on the host |
| 09:22 | <AukeF:#uml> | how does UML emulate a brk then? |
| 09:22 | <jdike:#uml> | by fiddling the process address space itself |
| 09:22 | <jdike:#uml> | it decides what brk should do, then gets into the address space and calls mmap on the host |
| 09:25 | <AukeF:#uml> | okey, last question (I guess ;) - do you have a link to more documentation on ptrace? All I could find is the manpage (bit short) and some random example. I'm looking for info on how to adjust EIP to jump to before the systemcall in particular |
| 09:26 | -!- | ferret_0567 [~travis@cpe-72-191-26-86.satx.res.rr.com] has quit [Quit: Changing server] |
| 09:26 | <jdike:#uml> | UML has code like that, but it's somewhat obscucated for portability reasons |
| 09:26 | <jdike:#uml> | obfuscated |
| 09:27 | <AukeF:#uml> | yea, this + portable is icky. very. I'm (luckily) only looking at one platform at the moment. But I'll peek a bit in UML sources. |
| 09:27 | <AukeF:#uml> | Thank you for your time |
| 09:28 | <jdike:#uml> | it's basically regs[ORIG_EAX] -= 2 |
| 09:31 | <jdike:#uml> | For an actual example, see PT_REGS_RESTART_SYSCALL in http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=arch/um/kernel/signal.c;h=b0fce720c4d08378afba4f642ec97b712ca482c3;hb=HEAD |
| 09:31 | <jdike:#uml> | and the definition in http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=arch/um/include/sysdep-i386/ptrace.h;h=11c08969d1342b8fce90a27233b87b979f57218a;hb=HEAD |
| 09:32 | <jdike:#uml> | and IP_RESTART_SYSCALL in http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=blob;f=arch/um/include/sysdep-i386/sigcontext.h;h=67e77122aa45f42ba7f718d73e84907b065e4d76;hb=HEAD |
| 09:36 | <AukeF:#uml> | I'd guess you mean regs[IP] instead of regs[ORIG_EAX]? ( apart from the fact that I simply index into the regs_user_struct through regs.orig_eax and all) |
| 09:36 | <jdike:#uml> | whoops |
| 09:36 | <jdike:#uml> | yup |
| 09:37 | <jdike:#uml> | although regs[ORIG_EAX] -= 2 would be kind of cute |
| 09:37 | <AukeF:#uml> | I really hope I wont make typo's like that, those bugs are hard to find ;) |
| 09:37 | <jdike:#uml> | yeah |
| 09:37 | <jdike:#uml> | you'll stare at it all day and not see it |
| 09:38 | <jdike:#uml> | and I'm thinking user_regs_struct is preferable to using the EIP, UESP, etc indexes |
| 09:39 | <jdike:#uml> | I'm going to switch UML over to doing that, so don't copy UML in that respect |
| 09:40 | -!- | SNy [4e9e509e3a@bmx-chemnitz.de] has joined #uml |
| 10:23 | <jdike:#uml> | -mm broke avahi |
| 10:23 | * | jdike:#uml bisects |
| 11:01 | <peterz:#uml> | jdike: you actually care enough about avahi to bisect for it? |
| 11:01 | * | peterz:#uml runs |
| 11:01 | <jdike:#uml> | hehe |
| 11:01 | <jdike:#uml> | no, but there's a bug someplace |
| 11:01 | <peterz:#uml> | yeah, its the proper thing |
| 11:01 | <jdike:#uml> | last time, one of the security guys broke something |
| 11:02 | <peterz:#uml> | is why I always disable all that security crap |
| 11:02 | <peterz:#uml> | is only in the way of real work |
| 11:04 | <jdike:#uml> | not only don't I care, I don't even know what it is |
| 11:05 | <jdike:#uml> | and I'm bisecting to figure out why it doesn't work |
| 11:06 | <peterz:#uml> | yeah, fixing these weird problems - or at least finding the offending patches can be fun at times |
| 12:20 | <jdike:#uml> | and the winner is ... |
| 12:20 | <jdike:#uml> | capabilities-implement-per-process-securebits.patch |
| 12:20 | <peterz:#uml> | hehe |
| 12:21 | <jdike:#uml> | Congratulations go to Andrew G. Morgan <morgan@kernel.org> today's -mm breakage |
| 12:21 | -!- | mjf [~mjf@r9fk174.net.upc.cz] has joined #uml |
| 12:27 | <jdike:#uml> | whose name is one-character (ignoring the middle name) different from that of a rather more prominent hacker |
| 12:30 | <silug:#uml> | jdike: do you have any objections to a random unsolicited linkedin invitation? :) |
| 12:31 | <jdike:#uml> | nope |
| 12:31 | <silug:#uml> | my wife just passed me up, so i'm looking through my list of people i haven't invited yet. ;) |
| 12:33 | <jdike:#uml> | hehe |
| 12:33 | <jdike:#uml> | pretty sad when you can't get a link to your wife |
| 12:33 | <jdike:#uml> | try your dog |
| 12:35 | <silug:#uml> | oh, no, we are connected to each other, and we have a long list of shared connections... she just made the mistake of making a big deal out of it when she passed me up on number of connections. |
| 12:35 | <silug:#uml> | i can't let that challenge go unanswered. :) |
| 12:35 | <jdike:#uml> | Ah, OK |
| 12:36 | -!- | ram [~ram@pool-71-117-233-3.ptldor.fios.verizon.net] has quit [Ping timeout: 480 seconds] |
| 12:49 | <silug:#uml> | <- Steven Pritchard, btw |
| 12:49 | <silug:#uml> | and thanks. :) |
| 12:49 | <jdike:#uml> | yup |
| 12:49 | <jdike:#uml> | np |
| 12:49 | <jdike:#uml> | anything to put one up on the wife |
| 12:50 | -!- | dang [~dang@aa-redwall.ghs.com] has quit [Quit: Leaving.] |
| 12:52 | -!- | dang [~dang@aa-redwall.ghs.com] has joined #uml |
| 12:59 | -!- | ram [~ram@bi01p1.co.us.ibm.com] has joined #uml |
| 13:27 | -!- | balbir [~balbir@122.167.182.3] has joined #uml |
| 14:37 | -!- | dang [~dang@aa-redwall.ghs.com] has quit [Quit: Leaving.] |
| 15:00 | -!- | ram [~ram@bi01p1.co.us.ibm.com] has quit [Ping timeout: 480 seconds] |
| 15:11 | -!- | tchan [~tchan@c-24-12-190-140.hsd1.il.comcast.net] has joined #uml |
| 16:07 | -!- | mjf [~mjf@r9fk174.net.upc.cz] has quit [Quit: Lost terminal] |
| 16:09 | -!- | ram [~ram@bi01p2.co.us.ibm.com] has joined #uml |
| 17:04 | -!- | mjf [~mjf@r9fk174.net.upc.cz] has joined #uml |
| 17:55 | -!- | hfb [~hfb@pool-72-67-142-193.lsanca.dsl-w.verizon.net] has joined #uml |
| 18:23 | -!- | mjf [~mjf@r9fk174.net.upc.cz] has quit [Quit: leaving] |
| 18:49 | -!- | dang [~dang@75.38.192.168] has joined #uml |
| 19:07 | -!- | hfb [~hfb@pool-72-67-142-193.lsanca.dsl-w.verizon.net] has quit [Quit: Leaving] |
| 19:13 | -!- | ram [~ram@bi01p2.co.us.ibm.com] has quit [Ping timeout: 480 seconds] |
| 19:13 | -!- | ram [~ram@bi01p1.co.us.ibm.com] has joined #uml |
| 19:48 | -!- | Supaplex [supaplex@pyroclastic.daxal.com] has joined #uml |
| 19:51 | <Supaplex:#uml> | is uml in the mainstream kernel? I need to roll my own with selinux support (for the guest). I'd like to run debian etch on it. I want to run a static kernel with support for a clustering filesystem |
| 19:52 | <caker:#uml> | Yes, it's in mainline |
| 19:52 | -!- | aindilis [andrewdo@75.146.96.195] has joined #uml |
| 19:52 | <Supaplex:#uml> | cool beans |
| 20:08 | -!- | ram [~ram@bi01p1.co.us.ibm.com] has quit [Ping timeout: 480 seconds] |
| 20:10 | -!- | jdike [~jdike@pool-72-93-105-206.bstnma.fios.verizon.net] has quit [Quit: Leaving] |
| 21:32 | <Supaplex:#uml> | can networking run w/o tun/tap? just ordinary user stuff? |
| 21:40 | <caker:#uml> | not following you |
| 21:41 | <Supaplex:#uml> | I don't have tun/tap on the host, but d-i isn't picking up dhcp |
| 21:51 | <ds2:#uml> | slirp? |
| 21:51 | <ds2:#uml> | :) |
| 21:53 | -!- | quasisane [~sanep@c-76-118-191-64.hsd1.nh.comcast.net] has joined #uml |
| 21:56 | <Supaplex:#uml> | hummm |
| 21:56 | * | Supaplex:#uml looks into it |
| 21:58 | <ds2:#uml> | run slirp on the host and SLIP on the UML side over a emulated serial port |
| 22:16 | <Supaplex:#uml> | muhuhaha. finally some networking. yay! |
| 23:59 | -!- | VS_ChanLog [~stats@ns.theshore.net] has left #uml [Rotating Logs] |
| 23:59 | -!- | VS_ChanLog [~stats@ns.theshore.net] has joined #uml |
| --- | Log | closed Fri Mar 07 00:00:59 2008 |
![[FSF Associate Member]](/assets/fsf.png){kind=small}
