From owner-freebsd-hackers Sun Dec 22 10:33:27 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 484CC37B401 for ; Sun, 22 Dec 2002 10:33:26 -0800 (PST) Received: from nebula.wanadoo.fr (ca-sqy-14-72.abo.wanadoo.fr [80.8.67.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3DF443EDE for ; Sun, 22 Dec 2002 10:33:23 -0800 (PST) (envelope-from dak@wanadoo.fr) Received: from nebula.wanadoo.fr (localhost [127.0.0.1]) by nebula.wanadoo.fr (8.12.6/8.12.6) with ESMTP id gBMIY2BO080951 for ; Sun, 22 Dec 2002 19:34:02 +0100 (CET) (envelope-from dak@nebula.wanadoo.fr) Received: (from dak@localhost) by nebula.wanadoo.fr (8.12.6/8.12.6/Submit) id gBMIY0RS080945 for hackers@freebsd.org; Sun, 22 Dec 2002 19:34:00 +0100 (CET) Date: Sun, 22 Dec 2002 19:34:00 +0100 From: Aurelien Nephtali To: hackers@freebsd.org Subject: Accessing trap frame from userland? Message-ID: <20021222183400.GA77934@nebula.wanadoo.fr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VbJkn9YxBvnuCH5J" Content-Disposition: inline User-Agent: Mutt/1.5.1i Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --VbJkn9YxBvnuCH5J Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, I'm making a little debugger using ptrace(). The soft is trivial, it just fork() and runs the traced process via execve(). To break into the traced process, I use i386_set_watch()+ptrace() and choosed to break on execution. But it's here that I'm stucked: it breaks forever on the same instruction. I've read some docs and saw that I have to use the 'Resume flag' from the EFLAGS register. But, according to the Intel IA-32 documentation, this flag can only be set/unset by kernel code and the only way for a debugger to modify it is to modify the stack image of the EFLAGS register. But, there's nothing in the stack so I think (and it was confirmed by a friend) that the image is stored in a 'kernel-land stack'. So, my question is simple: how can I set the 'Resume flag' from an userland soft (without having to be root) ? Hope I was clear enough :) Thanks. -- Aurelien --VbJkn9YxBvnuCH5J Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+BgWYDNsbHbt8ok8RAnCLAJsGz9sLIxOyrT2FXS/7lwol4ZI74gCeITOZ Kt7X0cwcZVVs84rokMnaK1E= =HQ/M -----END PGP SIGNATURE----- --VbJkn9YxBvnuCH5J-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message