Android是否支持PTRACE_SINGLESTEP? [英] Does android support the PTRACE_SINGLESTEP?
问题描述
好,这是一个简单的问题.当我使用ptrace systemcall时,android是否支持PTRACE_SINGLESTEP?当我想追踪一个Android apk程序时,我发现我无法处理SINGLESTEP追踪.但是当我使用PTRACE_SYSCALL时情况发生了变化,它可以完美运行.Android是否会消除此功能或手臂在硬件上缺少某些支持?任何帮助将不胜感激!谢谢.
OK, this is a simple question.Does android support the PTRACE_SINGLESTEP when I use ptrace systemcall? when I want to ptrace a android apk program, I find that I can't process the SINGLESTEP trace. But the situation changed when I use the PTRACE_SYSCALL, It can work perfectly. Does the android wipe out this function or arm lack some supports in hardware? Any help will be appreciated!thanks.
这是我的核心程序:
int main(int argc, char *argv[])
{
if(argc != 2) {
__android_log_print(ANDROID_LOG_DEBUG,TAG,"please input the pid!");
return -1;
}
if(0 != ptrace(PTRACE_ATTACH, target_pid, NULL, NULL))
{
__android_log_print(ANDROID_LOG_DEBUG,TAG,"ptrace attach error");
return -1;
}
__android_log_print(ANDROID_LOG_DEBUG,TAG,"start monitor process :%d",target_pid);
while(1)
{
wait(&status);
if(WIFEXITED(status))
{
break;
}
if (ptrace(PTRACE_SINGLESTEP, target_pid, 0, 0) != 0)
__android_log_print(ANDROID_LOG_DEBUG,TAG,"PTRACE_SINGLESTEP attach error");
}
ptrace(PTRACE_DETACH, target_pid, NULL, NULL);
__android_log_print(ANDROID_LOG_DEBUG,TAG,"monitor finished");
return 0;
}
我在shell上运行此程序.而且我可以获得root特权.如果我将请求更改为PTRACE_SYSCALL,则程序将正常运行.但是,如果请求是PTRACE_SINGLESTEP,则程序将收到错误消息!
I run this program on shell. And I can get the root privilege. If I change the request to PTRACE_SYSCALL the program will run normally. But if the request is PTRACE_SINGLESTEP, the program will get an error!
推荐答案
PTRACE_SINGLESTEP已于2011年在ARM Linux上由
PTRACE_SINGLESTEP has been removed on ARM Linux since 2011, by this commit.
硬件不支持单步执行;先前的内核支持涉及对指令进行解码以找出下一个(分支),然后将其临时替换为debug-break软件断点.
The HW has no support for single-stepping; previous kernel support involved decoding the instruction to figure out which one's next (branches) and temporarily replacing it with a debug-break software breakpoint.
引用有关同一提交的邮件列表消息,描述了旧的情况: http://lists.infradead.org/pipermail/linux-arm-kernel/2011-February/041324.html
Quoting a mailing list message about the same commit, describing the old situation: http://lists.infradead.org/pipermail/linux-arm-kernel/2011-February/041324.html
PTRACE_SINGLESTEP是一个ptrace请求,旨在提供单步执行当基础架构具有硬件时,对用户空间的支持支持此操作.
PTRACE_SINGLESTEP is a ptrace request designed to offer single-stepping support to userspace when the underlying architecture has hardware support for this operation.
在ARM上,我们将 arch_has_single_step()设置为1并尝试模拟通过反汇编当前指令来进行硬件单步执行确定下一台电脑,并在该电脑上放置一个软件断点位置.
On ARM, we set arch_has_single_step() to 1 and attempt to emulate
hardware single-stepping by disassembling the current instruction to
determine the next pc and placing a software breakpoint on that
location.
不幸的是,这具有以下问题:
Unfortunately this has the following problems:
- 仅支持一部分ARMv7指令
- 不支持Thumb-2
- 该代码不是SMP安全的
我们可以尝试修复此代码,但事实证明,由于以上问题在实践中很少使用.例如,GDB使用PTRACE_POKETEXT和PTRACE_PEEKTEXT来管理断点本身,以及不需要任何内核帮助.
We could try to fix this code, but it turns out that because of the above issues it is rarely used in practice. GDB, for example, uses PTRACE_POKETEXT and PTRACE_PEEKTEXT to manage breakpoints itself and does not require any kernel assistance.
此补丁从ptrace的含义中删除了单步仿真代码PTRACE_SINGLESTEP请求将在ARM上返回-EIO.便携的代码必须检查ptrace调用的返回值并处理正常失败.
This patch removes the single-step emulation code from ptrace meaning that the PTRACE_SINGLESTEP request will return -EIO on ARM. Portable code must check the return value from a ptrace call and handle the failure gracefully.
签字人:Will Deacon< arm.com上的will.deacon>
---
Signed-off-by: Will Deacon <will.deacon at arm.com>
---
我收到的有关v1的评论表明:
The comments I received about v1 suggest that:
- 如果需要仿真,可以从用户空间进行仿真
- ltrace使用SINGLESTEP调用(有条件地在编译时,因为其他体系结构(例如mips)不支持此功能请求),但不检查ptrace的返回值.这是一个ltrace中的错误.
- strace不使用SINGLESTEP
这篇关于Android是否支持PTRACE_SINGLESTEP?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
