kernel/ptrace.c
Source file repositories/reference/linux-study-clean/kernel/ptrace.c
File Facts
- System
- Linux kernel
- Corpus path
kernel/ptrace.c- Extension
.c- Size
- 42124 bytes
- Lines
- 1588
- Domain
- Core OS
- Bucket
- Scheduler, Processes, Timers, Sync, And Syscalls
- Inferred role
- Core OS: syscall or user/kernel boundary
- Status
- core implementation candidate
Why This File Exists
Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Core operating-system implementation surface: boot, tasks, memory, VFS, syscall-facing interfaces, synchronization, credentials, and isolation.
- Defines or participates in a user/kernel boundary; inspect argument validation, copy_from_user/copy_to_user, credentials, and dispatch target.
- Touches user memory; correctness depends on fault-safe copying and privilege boundary handling.
- Uses kernel synchronization; read lock ordering, sleepability, and interrupt context assumptions before translating.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/capability.hlinux/export.hlinux/sched.hlinux/sched/mm.hlinux/sched/coredump.hlinux/sched/exec_state.hlinux/sched/task.hlinux/errno.hlinux/mm.hlinux/highmem.hlinux/pagemap.hlinux/ptrace.hlinux/security.hlinux/signal.hlinux/uio.hlinux/audit.hlinux/pid_namespace.hlinux/syscalls.hlinux/uaccess.hlinux/regset.hlinux/hw_breakpoint.hlinux/cn_proc.hlinux/compat.hlinux/sched/signal.hlinux/minmax.hlinux/syscall_user_dispatch.hasm/syscall.h
Detected Declarations
syscall ptracefunction __ptrace_may_accessfunction ptrace_access_vmfunction __ptrace_linkfunction ptrace_linkfunction write_lock_irqfunction looks_like_a_spurious_pidfunction ptrace_freeze_tracedfunction ptrace_unfreeze_tracedfunction JOBCTL_PTRACE_FROZENfunction ptrace_check_attachfunction ptrace_has_capfunction task_still_dumpablefunction __ptrace_may_accessfunction ptrace_may_accessfunction check_ptrace_optionsfunction ptrace_set_stoppedfunction task_is_stoppedfunction ptrace_attachfunction scoped_guardfunction scoped_guardfunction ptrace_tracemefunction exit_ptracefunction ignoring_childrenfunction release_taskfunction ptrace_detachfunction exit_ptracefunction list_for_each_entry_safefunction ptrace_readdatafunction ptrace_writedatafunction ptrace_setoptionsfunction ptrace_getsiginfofunction ptrace_setsiginfofunction ptrace_peek_siginfofunction list_for_each_entryfunction ptrace_get_rseq_configurationfunction ptrace_resumefunction find_regsetfunction ptrace_regsetfunction ptrace_get_syscall_info_entryfunction ptrace_get_syscall_info_seccompfunction ptrace_get_syscall_info_exitfunction ptrace_get_syscall_info_opfunction ptrace_get_syscall_infofunction ptrace_set_syscall_info_entryfunction ptrace_set_syscall_info_seccompfunction ptrace_set_syscall_info_exitfunction ptrace_set_syscall_info
Annotated Snippet
SYSCALL_DEFINE4(ptrace, long, request, long, pid, unsigned long, addr,
unsigned long, data)
{
struct task_struct *child;
long ret;
if (request == PTRACE_TRACEME) {
ret = ptrace_traceme();
goto out;
}
child = find_get_task_by_vpid(pid);
if (!child) {
ret = -ESRCH;
goto out;
}
if (request == PTRACE_ATTACH || request == PTRACE_SEIZE) {
ret = ptrace_attach(child, request, addr, data);
goto out_put_task_struct;
}
ret = ptrace_check_attach(child, request == PTRACE_KILL ||
request == PTRACE_INTERRUPT);
if (ret < 0)
goto out_put_task_struct;
ret = arch_ptrace(child, request, addr, data);
if (ret || request != PTRACE_DETACH)
ptrace_unfreeze_traced(child);
out_put_task_struct:
put_task_struct(child);
out:
return ret;
}
int generic_ptrace_peekdata(struct task_struct *tsk, unsigned long addr,
unsigned long data)
{
unsigned long tmp;
int copied;
copied = ptrace_access_vm(tsk, addr, &tmp, sizeof(tmp), FOLL_FORCE);
if (copied != sizeof(tmp))
return -EIO;
return put_user(tmp, (unsigned long __user *)data);
}
int generic_ptrace_pokedata(struct task_struct *tsk, unsigned long addr,
unsigned long data)
{
int copied;
copied = ptrace_access_vm(tsk, addr, &data, sizeof(data),
FOLL_FORCE | FOLL_WRITE);
return (copied == sizeof(data)) ? 0 : -EIO;
}
#if defined CONFIG_COMPAT
int compat_ptrace_request(struct task_struct *child, compat_long_t request,
compat_ulong_t addr, compat_ulong_t data)
{
compat_ulong_t __user *datap = compat_ptr(data);
compat_ulong_t word;
kernel_siginfo_t siginfo;
int ret;
switch (request) {
case PTRACE_PEEKTEXT:
case PTRACE_PEEKDATA:
ret = ptrace_access_vm(child, addr, &word, sizeof(word),
FOLL_FORCE);
if (ret != sizeof(word))
ret = -EIO;
else
ret = put_user(word, datap);
break;
case PTRACE_POKETEXT:
case PTRACE_POKEDATA:
ret = ptrace_access_vm(child, addr, &data, sizeof(data),
FOLL_FORCE | FOLL_WRITE);
ret = (ret != sizeof(data) ? -EIO : 0);
break;
case PTRACE_GETEVENTMSG:
ret = put_user((compat_ulong_t) child->ptrace_message, datap);
break;
Annotation
- Immediate include surface: `linux/capability.h`, `linux/export.h`, `linux/sched.h`, `linux/sched/mm.h`, `linux/sched/coredump.h`, `linux/sched/exec_state.h`, `linux/sched/task.h`, `linux/errno.h`.
- Detected declarations: `syscall ptrace`, `function __ptrace_may_access`, `function ptrace_access_vm`, `function __ptrace_link`, `function ptrace_link`, `function write_lock_irq`, `function looks_like_a_spurious_pid`, `function ptrace_freeze_traced`, `function ptrace_unfreeze_traced`, `function JOBCTL_PTRACE_FROZEN`.
- Atlas domain: Core OS / Scheduler, Processes, Timers, Sync, And Syscalls.
- Implementation status: core implementation candidate.
- This snippet crosses the user/kernel memory boundary; validate fault handling and access checks before translating the pattern.
- Synchronization appears in or near this file; preserve lock ordering, sleepability, and interrupt-context constraints.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.