X-Git-Url: http://git.lttng.org/?a=blobdiff_plain;f=src%2Flttng-syscalls.c;h=c18a1418468f3ca81de3e019a99a0b932c26cf6d;hb=8ced8896fe832af52b749d429b8eceb872a83d1b;hp=a5b5f403fe359e6531650111fc05cb82a6c60aba;hpb=cfa6cc1d0f01c2cfcc1a679abf3a6572d411c309;p=lttng-modules.git diff --git a/src/lttng-syscalls.c b/src/lttng-syscalls.c index a5b5f403..c18a1418 100644 --- a/src/lttng-syscalls.c +++ b/src/lttng-syscalls.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -28,6 +29,7 @@ #include #include #include +#include #ifndef CONFIG_COMPAT # ifndef is_compat_task @@ -58,9 +60,13 @@ enum sc_type { #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK) static -void syscall_entry_probe(void *__data, struct pt_regs *regs, long id); +void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id); static -void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret); +void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret); + +static +void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs, + long id); /* * Forward declarations for old kernels. @@ -121,7 +127,7 @@ typedef __kernel_old_time_t time_t; /* Hijack probe callback for system call enter */ #undef TP_PROBE_CB -#define TP_PROBE_CB(_template) &syscall_entry_probe +#define TP_PROBE_CB(_template) &syscall_entry_event_probe #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \ LTTNG_TRACEPOINT_EVENT(syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \ PARAMS(_fields)) @@ -157,7 +163,7 @@ typedef __kernel_old_time_t time_t; #undef _TRACE_SYSCALLS_POINTERS_H /* Hijack probe callback for compat system call enter */ -#define TP_PROBE_CB(_template) &syscall_entry_probe +#define TP_PROBE_CB(_template) &syscall_entry_event_probe #define LTTNG_SC_COMPAT #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \ LTTNG_TRACEPOINT_EVENT(compat_syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \ @@ -206,7 +212,7 @@ typedef __kernel_old_time_t time_t; #define sc_inout(...) __VA_ARGS__ /* Hijack probe callback for system call exit */ -#define TP_PROBE_CB(_template) &syscall_exit_probe +#define TP_PROBE_CB(_template) &syscall_exit_event_probe #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \ LTTNG_TRACEPOINT_EVENT(syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \ PARAMS(_fields)) @@ -241,7 +247,7 @@ typedef __kernel_old_time_t time_t; /* Hijack probe callback for compat system call exit */ -#define TP_PROBE_CB(_template) &syscall_exit_probe +#define TP_PROBE_CB(_template) &syscall_exit_event_probe #define LTTNG_SC_COMPAT #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \ LTTNG_TRACEPOINT_EVENT(compat_syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \ @@ -283,7 +289,8 @@ typedef __kernel_old_time_t time_t; #undef CREATE_TRACE_POINTS struct trace_syscall_entry { - void *func; + void *event_func; + void *event_notifier_func; const struct lttng_event_desc *desc; const struct lttng_event_field *fields; unsigned int nrargs; @@ -299,13 +306,14 @@ struct trace_syscall_entry { #undef TRACE_SYSCALL_TABLE #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \ [ _nr ] = { \ - .func = __event_probe__syscall_entry_##_template, \ + .event_func = __event_probe__syscall_entry_##_template, \ + .event_notifier_func = __event_notifier_probe__syscall_entry_##_template, \ .nrargs = (_nrargs), \ .fields = __event_fields___syscall_entry_##_template, \ .desc = &__event_desc___syscall_entry_##_name, \ }, -/* Syscall enter tracing table */ +/* Event syscall enter tracing table */ static const struct trace_syscall_entry sc_table[] = { #include #include @@ -314,13 +322,14 @@ static const struct trace_syscall_entry sc_table[] = { #undef TRACE_SYSCALL_TABLE #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \ [ _nr ] = { \ - .func = __event_probe__compat_syscall_entry_##_template, \ + .event_func = __event_probe__compat_syscall_entry_##_template, \ + .event_notifier_func = __event_notifier_probe__compat_syscall_entry_##_template, \ .nrargs = (_nrargs), \ .fields = __event_fields___compat_syscall_entry_##_template, \ .desc = &__event_desc___compat_syscall_entry_##_name, \ }, -/* Compat syscall enter table */ +/* Event compat syscall enter table */ const struct trace_syscall_entry compat_sc_table[] = { #include #include @@ -336,13 +345,14 @@ const struct trace_syscall_entry compat_sc_table[] = { #undef TRACE_SYSCALL_TABLE #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \ [ _nr ] = { \ - .func = __event_probe__syscall_exit_##_template, \ + .event_func = __event_probe__syscall_exit_##_template, \ + .event_notifier_func = __event_notifier_probe__syscall_exit_##_template, \ .nrargs = (_nrargs), \ .fields = __event_fields___syscall_exit_##_template, \ .desc = &__event_desc___syscall_exit_##_name, \ }, -/* Syscall exit table */ +/* Event syscall exit table */ static const struct trace_syscall_entry sc_exit_table[] = { #include #include @@ -351,13 +361,14 @@ static const struct trace_syscall_entry sc_exit_table[] = { #undef TRACE_SYSCALL_TABLE #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \ [ _nr ] = { \ - .func = __event_probe__compat_syscall_exit_##_template, \ + .event_func = __event_probe__compat_syscall_exit_##_template, \ + .event_notifier_func = __event_notifier_probe__compat_syscall_exit_##_template, \ .nrargs = (_nrargs), \ .fields = __event_fields___compat_syscall_exit_##_template, \ .desc = &__event_desc___compat_syscall_exit_##_name, \ }, -/* Compat syscall exit table */ +/* Event compat syscall exit table */ const struct trace_syscall_entry compat_sc_exit_table[] = { #include #include @@ -368,11 +379,13 @@ const struct trace_syscall_entry compat_sc_exit_table[] = { #undef CREATE_SYSCALL_TABLE struct lttng_syscall_filter { - DECLARE_BITMAP(sc, NR_syscalls); - DECLARE_BITMAP(sc_compat, NR_compat_syscalls); + DECLARE_BITMAP(sc_entry, NR_syscalls); + DECLARE_BITMAP(sc_exit, NR_syscalls); + DECLARE_BITMAP(sc_compat_entry, NR_compat_syscalls); + DECLARE_BITMAP(sc_compat_exit, NR_compat_syscalls); }; -static void syscall_entry_unknown(struct lttng_event *event, +static void syscall_entry_event_unknown(struct lttng_event *event, struct pt_regs *regs, unsigned int id) { unsigned long args[LTTNG_SYSCALL_NR_ARGS]; @@ -384,83 +397,50 @@ static void syscall_entry_unknown(struct lttng_event *event, __event_probe__syscall_entry_unknown(event, id, args); } -void syscall_entry_probe(void *__data, struct pt_regs *regs, long id) +static void syscall_entry_event_notifier_unknown( + struct lttng_event_notifier_group *notifier_group, + struct pt_regs *regs, unsigned int id) { - struct lttng_channel *chan = __data; - struct lttng_event *event, *unknown_event; - const struct trace_syscall_entry *table, *entry; - size_t table_len; + unsigned long args[LTTNG_SYSCALL_NR_ARGS]; + struct lttng_event *event; - if (unlikely(in_compat_syscall())) { - struct lttng_syscall_filter *filter; - - filter = lttng_rcu_dereference(chan->sc_filter); - if (filter) { - if (id < 0 || id >= NR_compat_syscalls - || !test_bit(id, filter->sc_compat)) { - /* System call filtered out. */ - return; - } - } - table = compat_sc_table; - table_len = ARRAY_SIZE(compat_sc_table); - unknown_event = chan->sc_compat_unknown; - } else { - struct lttng_syscall_filter *filter; - - filter = lttng_rcu_dereference(chan->sc_filter); - if (filter) { - if (id < 0 || id >= NR_syscalls - || !test_bit(id, filter->sc)) { - /* System call filtered out. */ - return; - } - } - table = sc_table; - table_len = ARRAY_SIZE(sc_table); - unknown_event = chan->sc_unknown; - } - if (unlikely(id < 0 || id >= table_len)) { - syscall_entry_unknown(unknown_event, regs, id); - return; - } + lttng_syscall_get_arguments(current, regs, args); if (unlikely(in_compat_syscall())) - event = chan->compat_sc_table[id]; + __event_probe__compat_syscall_notifier_entry_unknown(event, id, args); else - event = chan->sc_table[id]; - if (unlikely(!event)) { - syscall_entry_unknown(unknown_event, regs, id); - return; - } - entry = &table[id]; - WARN_ON_ONCE(!entry); + __event_probe__syscall_notifier_entry_unknown(event, id, args); +} - switch (entry->nrargs) { +static __always_inline +void syscall_entry_call_func(void *func, unsigned int nrargs, void *data, + struct pt_regs *regs) +{ + switch (nrargs) { case 0: { - void (*fptr)(void *__data) = entry->func; + void (*fptr)(void *__data) = func; - fptr(event); + fptr(data); break; } case 1: { - void (*fptr)(void *__data, unsigned long arg0) = entry->func; + void (*fptr)(void *__data, unsigned long arg0) = func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); - fptr(event, args[0]); + fptr(data, args[0]); break; } case 2: { void (*fptr)(void *__data, unsigned long arg0, - unsigned long arg1) = entry->func; + unsigned long arg1) = func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); - fptr(event, args[0], args[1]); + fptr(data, args[0], args[1]); break; } case 3: @@ -468,11 +448,11 @@ void syscall_entry_probe(void *__data, struct pt_regs *regs, long id) void (*fptr)(void *__data, unsigned long arg0, unsigned long arg1, - unsigned long arg2) = entry->func; + unsigned long arg2) = func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); - fptr(event, args[0], args[1], args[2]); + fptr(data, args[0], args[1], args[2]); break; } case 4: @@ -481,11 +461,11 @@ void syscall_entry_probe(void *__data, struct pt_regs *regs, long id) unsigned long arg0, unsigned long arg1, unsigned long arg2, - unsigned long arg3) = entry->func; + unsigned long arg3) = func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); - fptr(event, args[0], args[1], args[2], args[3]); + fptr(data, args[0], args[1], args[2], args[3]); break; } case 5: @@ -495,11 +475,11 @@ void syscall_entry_probe(void *__data, struct pt_regs *regs, long id) unsigned long arg1, unsigned long arg2, unsigned long arg3, - unsigned long arg4) = entry->func; + unsigned long arg4) = func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); - fptr(event, args[0], args[1], args[2], args[3], args[4]); + fptr(data, args[0], args[1], args[2], args[3], args[4]); break; } case 6: @@ -510,11 +490,11 @@ void syscall_entry_probe(void *__data, struct pt_regs *regs, long id) unsigned long arg2, unsigned long arg3, unsigned long arg4, - unsigned long arg5) = entry->func; + unsigned long arg5) = func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); - fptr(event, args[0], args[1], args[2], + fptr(data, args[0], args[1], args[2], args[3], args[4], args[5]); break; } @@ -523,7 +503,92 @@ void syscall_entry_probe(void *__data, struct pt_regs *regs, long id) } } -static void syscall_exit_unknown(struct lttng_event *event, +void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id) +{ + struct lttng_channel *chan = __data; + struct lttng_event *event, *unknown_event; + const struct trace_syscall_entry *table, *entry; + size_t table_len; + + if (unlikely(in_compat_syscall())) { + struct lttng_syscall_filter *filter = chan->sc_filter; + + if (id < 0 || id >= NR_compat_syscalls + || (!READ_ONCE(chan->syscall_all) && !test_bit(id, filter->sc_compat_entry))) { + /* System call filtered out. */ + return; + } + table = compat_sc_table; + table_len = ARRAY_SIZE(compat_sc_table); + unknown_event = chan->sc_compat_unknown; + } else { + struct lttng_syscall_filter *filter = chan->sc_filter; + + if (id < 0 || id >= NR_syscalls + || (!READ_ONCE(chan->syscall_all) && !test_bit(id, filter->sc_entry))) { + /* System call filtered out. */ + return; + } + table = sc_table; + table_len = ARRAY_SIZE(sc_table); + unknown_event = chan->sc_unknown; + } + if (unlikely(id < 0 || id >= table_len)) { + syscall_entry_event_unknown(unknown_event, regs, id); + return; + } + if (unlikely(in_compat_syscall())) + event = chan->compat_sc_table[id]; + else + event = chan->sc_table[id]; + if (unlikely(!event)) { + syscall_entry_event_unknown(unknown_event, regs, id); + return; + } + entry = &table[id]; + WARN_ON_ONCE(!entry); + syscall_entry_call_func(entry->event_func, entry->nrargs, event, regs); +} + +void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs, long id) +{ + struct lttng_event_notifier_group *event_notifier_group = __data; + const struct trace_syscall_entry *entry; + struct list_head *dispatch_list; + struct lttng_event_notifier *iter; + size_t table_len; + + if (unlikely(in_compat_syscall())) { + table_len = ARRAY_SIZE(compat_sc_table); + if (unlikely(id < 0 || id >= table_len)) { + return; + } + entry = &compat_sc_table[id]; + dispatch_list = &event_notifier_group->event_notifier_compat_syscall_dispatch[id]; + } else { + table_len = ARRAY_SIZE(sc_table); + if (unlikely(id < 0 || id >= table_len)) { + return; + } + entry = &sc_table[id]; + dispatch_list = &event_notifier_group->event_notifier_syscall_dispatch[id]; + } + + if (unlikely(id < 0 || id >= table_len)) { + syscall_entry_event_notifier_unknown(event_notifier_group, regs, id); + return; + } + + /* TODO handle unknown syscall */ + + list_for_each_entry_rcu(iter, dispatch_list, u.syscall.node) { + BUG_ON(iter->u.syscall.syscall_id != id); + syscall_entry_call_func(entry->event_notifier_func, + entry->nrargs, iter, regs); + } +} + +static void syscall_exit_event_unknown(struct lttng_event *event, struct pt_regs *regs, int id, long ret) { unsigned long args[LTTNG_SYSCALL_NR_ARGS]; @@ -536,7 +601,7 @@ static void syscall_exit_unknown(struct lttng_event *event, __event_probe__syscall_exit_unknown(event, id, ret, args); } -void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) +void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret) { struct lttng_channel *chan = __data; struct lttng_event *event, *unknown_event; @@ -546,36 +611,30 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) id = syscall_get_nr(current, regs); if (unlikely(in_compat_syscall())) { - struct lttng_syscall_filter *filter; - - filter = lttng_rcu_dereference(chan->sc_filter); - if (filter) { - if (id < 0 || id >= NR_compat_syscalls - || !test_bit(id, filter->sc_compat)) { - /* System call filtered out. */ - return; - } + struct lttng_syscall_filter *filter = chan->sc_filter; + + if (id < 0 || id >= NR_compat_syscalls + || (!READ_ONCE(chan->syscall_all) && !test_bit(id, filter->sc_compat_exit))) { + /* System call filtered out. */ + return; } table = compat_sc_exit_table; table_len = ARRAY_SIZE(compat_sc_exit_table); unknown_event = chan->compat_sc_exit_unknown; } else { - struct lttng_syscall_filter *filter; - - filter = lttng_rcu_dereference(chan->sc_filter); - if (filter) { - if (id < 0 || id >= NR_syscalls - || !test_bit(id, filter->sc)) { - /* System call filtered out. */ - return; - } + struct lttng_syscall_filter *filter = chan->sc_filter; + + if (id < 0 || id >= NR_syscalls + || (!READ_ONCE(chan->syscall_all) && !test_bit(id, filter->sc_exit))) { + /* System call filtered out. */ + return; } table = sc_exit_table; table_len = ARRAY_SIZE(sc_exit_table); unknown_event = chan->sc_exit_unknown; } if (unlikely(id < 0 || id >= table_len)) { - syscall_exit_unknown(unknown_event, regs, id, ret); + syscall_exit_event_unknown(unknown_event, regs, id, ret); return; } if (unlikely(in_compat_syscall())) @@ -583,7 +642,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) else event = chan->sc_exit_table[id]; if (unlikely(!event)) { - syscall_exit_unknown(unknown_event, regs, id, ret); + syscall_exit_event_unknown(unknown_event, regs, id, ret); return; } entry = &table[id]; @@ -592,7 +651,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) switch (entry->nrargs) { case 0: { - void (*fptr)(void *__data, long ret) = entry->func; + void (*fptr)(void *__data, long ret) = entry->event_func; fptr(event, ret); break; @@ -601,7 +660,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) { void (*fptr)(void *__data, long ret, - unsigned long arg0) = entry->func; + unsigned long arg0) = entry->event_func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); @@ -613,7 +672,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) void (*fptr)(void *__data, long ret, unsigned long arg0, - unsigned long arg1) = entry->func; + unsigned long arg1) = entry->event_func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); @@ -626,7 +685,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) long ret, unsigned long arg0, unsigned long arg1, - unsigned long arg2) = entry->func; + unsigned long arg2) = entry->event_func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); @@ -640,7 +699,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) unsigned long arg0, unsigned long arg1, unsigned long arg2, - unsigned long arg3) = entry->func; + unsigned long arg3) = entry->event_func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); @@ -655,7 +714,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) unsigned long arg1, unsigned long arg2, unsigned long arg3, - unsigned long arg4) = entry->func; + unsigned long arg4) = entry->event_func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); @@ -671,7 +730,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) unsigned long arg2, unsigned long arg3, unsigned long arg4, - unsigned long arg5) = entry->func; + unsigned long arg5) = entry->event_func; unsigned long args[LTTNG_SYSCALL_NR_ARGS]; lttng_syscall_get_arguments(current, regs, args); @@ -689,7 +748,7 @@ void syscall_exit_probe(void *__data, struct pt_regs *regs, long ret) * Should be called with sessions lock held. */ static -int fill_table(const struct trace_syscall_entry *table, size_t table_len, +int fill_event_table(const struct trace_syscall_entry *table, size_t table_len, struct lttng_event **chan_table, struct lttng_channel *chan, void *filter, enum sc_type type) { @@ -714,27 +773,23 @@ int fill_table(const struct trace_syscall_entry *table, size_t table_len, memset(&ev, 0, sizeof(ev)); switch (type) { case SC_TYPE_ENTRY: - strncpy(ev.name, SYSCALL_ENTRY_STR, - LTTNG_KERNEL_SYM_NAME_LEN); + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_ENTRY; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_NATIVE; break; case SC_TYPE_EXIT: - strncpy(ev.name, SYSCALL_EXIT_STR, - LTTNG_KERNEL_SYM_NAME_LEN); + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_EXIT; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_NATIVE; break; case SC_TYPE_COMPAT_ENTRY: - strncpy(ev.name, COMPAT_SYSCALL_ENTRY_STR, - LTTNG_KERNEL_SYM_NAME_LEN); + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_ENTRY; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_COMPAT; break; case SC_TYPE_COMPAT_EXIT: - strncpy(ev.name, COMPAT_SYSCALL_EXIT_STR, - LTTNG_KERNEL_SYM_NAME_LEN); - break; - default: - BUG_ON(1); + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_EXIT; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_COMPAT; break; } - strncat(ev.name, desc->name, - LTTNG_KERNEL_SYM_NAME_LEN - strlen(ev.name) - 1); + strncpy(ev.name, desc->name, LTTNG_KERNEL_SYM_NAME_LEN - 1); ev.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0'; ev.instrumentation = LTTNG_KERNEL_SYSCALL; chan_table[i] = _lttng_event_create(chan, &ev, filter, @@ -756,7 +811,7 @@ int fill_table(const struct trace_syscall_entry *table, size_t table_len, /* * Should be called with sessions lock held. */ -int lttng_syscalls_register(struct lttng_channel *chan, void *filter) +int lttng_syscalls_register_event(struct lttng_channel *chan, void *filter) { struct lttng_kernel_event ev; int ret; @@ -804,6 +859,8 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) strncpy(ev.name, desc->name, LTTNG_KERNEL_SYM_NAME_LEN); ev.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0'; ev.instrumentation = LTTNG_KERNEL_SYSCALL; + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_ENTRY; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_NATIVE; chan->sc_unknown = _lttng_event_create(chan, &ev, filter, desc, ev.instrumentation); @@ -821,6 +878,8 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) strncpy(ev.name, desc->name, LTTNG_KERNEL_SYM_NAME_LEN); ev.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0'; ev.instrumentation = LTTNG_KERNEL_SYSCALL; + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_ENTRY; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_COMPAT; chan->sc_compat_unknown = _lttng_event_create(chan, &ev, filter, desc, ev.instrumentation); @@ -838,6 +897,8 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) strncpy(ev.name, desc->name, LTTNG_KERNEL_SYM_NAME_LEN); ev.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0'; ev.instrumentation = LTTNG_KERNEL_SYSCALL; + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_EXIT; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_COMPAT; chan->compat_sc_exit_unknown = _lttng_event_create(chan, &ev, filter, desc, ev.instrumentation); @@ -855,6 +916,8 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) strncpy(ev.name, desc->name, LTTNG_KERNEL_SYM_NAME_LEN); ev.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0'; ev.instrumentation = LTTNG_KERNEL_SYSCALL; + ev.u.syscall.entryexit = LTTNG_KERNEL_SYSCALL_EXIT; + ev.u.syscall.abi = LTTNG_KERNEL_SYSCALL_ABI_NATIVE; chan->sc_exit_unknown = _lttng_event_create(chan, &ev, filter, desc, ev.instrumentation); WARN_ON_ONCE(!chan->sc_exit_unknown); @@ -863,30 +926,38 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) } } - ret = fill_table(sc_table, ARRAY_SIZE(sc_table), + ret = fill_event_table(sc_table, ARRAY_SIZE(sc_table), chan->sc_table, chan, filter, SC_TYPE_ENTRY); if (ret) return ret; - ret = fill_table(sc_exit_table, ARRAY_SIZE(sc_exit_table), + ret = fill_event_table(sc_exit_table, ARRAY_SIZE(sc_exit_table), chan->sc_exit_table, chan, filter, SC_TYPE_EXIT); if (ret) return ret; #ifdef CONFIG_COMPAT - ret = fill_table(compat_sc_table, ARRAY_SIZE(compat_sc_table), + ret = fill_event_table(compat_sc_table, ARRAY_SIZE(compat_sc_table), chan->compat_sc_table, chan, filter, SC_TYPE_COMPAT_ENTRY); if (ret) return ret; - ret = fill_table(compat_sc_exit_table, ARRAY_SIZE(compat_sc_exit_table), + ret = fill_event_table(compat_sc_exit_table, ARRAY_SIZE(compat_sc_exit_table), chan->compat_sc_exit_table, chan, filter, SC_TYPE_COMPAT_EXIT); if (ret) return ret; #endif + + if (!chan->sc_filter) { + chan->sc_filter = kzalloc(sizeof(struct lttng_syscall_filter), + GFP_KERNEL); + if (!chan->sc_filter) + return -ENOMEM; + } + if (!chan->sys_enter_registered) { ret = lttng_wrapper_tracepoint_probe_register("sys_enter", - (void *) syscall_entry_probe, chan); + (void *) syscall_entry_event_probe, chan); if (ret) return ret; chan->sys_enter_registered = 1; @@ -897,10 +968,10 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) */ if (!chan->sys_exit_registered) { ret = lttng_wrapper_tracepoint_probe_register("sys_exit", - (void *) syscall_exit_probe, chan); + (void *) syscall_exit_event_probe, chan); if (ret) { WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter", - (void *) syscall_entry_probe, chan)); + (void *) syscall_entry_event_probe, chan)); return ret; } chan->sys_exit_registered = 1; @@ -909,9 +980,158 @@ int lttng_syscalls_register(struct lttng_channel *chan, void *filter) } /* - * Only called at session destruction. + * Should be called with sessions lock held. */ -int lttng_syscalls_unregister(struct lttng_channel *chan) +int lttng_syscalls_register_event_notifier(struct lttng_event_notifier_enabler *event_notifier_enabler, void *filter) +{ + struct lttng_event_notifier_group *group = event_notifier_enabler->group; + unsigned int i; + int ret = 0; + + wrapper_vmalloc_sync_mappings(); + + if (!group->event_notifier_syscall_dispatch) { + group->event_notifier_syscall_dispatch = kzalloc(sizeof(struct list_head) + * ARRAY_SIZE(sc_table), GFP_KERNEL); + if (!group->event_notifier_syscall_dispatch) + return -ENOMEM; + + /* Initialize all list_head */ + for (i = 0; i < ARRAY_SIZE(sc_table); i++) + INIT_LIST_HEAD(&group->event_notifier_syscall_dispatch[i]); + } + +#ifdef CONFIG_COMPAT + if (!group->event_notifier_compat_syscall_dispatch) { + group->event_notifier_compat_syscall_dispatch = kzalloc(sizeof(struct list_head) + * ARRAY_SIZE(compat_sc_table), GFP_KERNEL); + if (!group->event_notifier_syscall_dispatch) + return -ENOMEM; + + /* Initialize all list_head */ + for (i = 0; i < ARRAY_SIZE(compat_sc_table); i++) + INIT_LIST_HEAD(&group->event_notifier_compat_syscall_dispatch[i]); + } +#endif + + if (!group->sys_enter_registered) { + ret = lttng_wrapper_tracepoint_probe_register("sys_enter", + (void *) syscall_entry_event_notifier_probe, group); + if (ret) + return ret; + group->sys_enter_registered = 1; + } + + return ret; +} + +static int create_matching_event_notifiers(struct lttng_event_notifier_enabler *event_notifier_enabler, + void *filter, const struct trace_syscall_entry *table, + size_t table_len, bool is_compat) +{ + struct lttng_event_notifier_group *group = event_notifier_enabler->group; + const struct lttng_event_desc *desc; + uint64_t user_token = event_notifier_enabler->base.user_token; + unsigned int i; + int ret = 0; + + /* iterate over all syscall and create event_notifier that match */ + for (i = 0; i < table_len; i++) { + struct lttng_event_notifier *event_notifier; + struct lttng_kernel_event_notifier event_notifier_param; + struct hlist_head *head; + int found = 0; + + desc = table[i].desc; + if (!desc) { + /* Unknown syscall */ + continue; + } + + if (!lttng_desc_match_enabler(desc, + lttng_event_notifier_enabler_as_enabler(event_notifier_enabler))) + continue; + + /* + * Check if already created. + */ + head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table, + LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->name); + lttng_hlist_for_each_entry(event_notifier, head, hlist) { + if (event_notifier->desc == desc + && event_notifier->user_token == event_notifier_enabler->base.user_token) + found = 1; + } + if (found) + continue; + + memset(&event_notifier_param, 0, sizeof(event_notifier_param)); + strncat(event_notifier_param.event.name, desc->name, + LTTNG_KERNEL_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1); + event_notifier_param.event.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0'; + event_notifier_param.event.instrumentation = LTTNG_KERNEL_SYSCALL; + + event_notifier = _lttng_event_notifier_create(desc, user_token, group, + &event_notifier_param, filter, + event_notifier_param.event.instrumentation); + if (IS_ERR(event_notifier)) { + printk(KERN_INFO "Unable to create event_notifier %s\n", + desc->name); + ret = -ENOMEM; + goto end; + } + + event_notifier->u.syscall.syscall_id = i; + event_notifier->u.syscall.is_compat = is_compat; + } +end: + return ret; + +} + +int lttng_syscals_create_matching_event_notifiers(struct lttng_event_notifier_enabler *event_notifier_enabler, void *filter) +{ + int ret; + + ret = create_matching_event_notifiers(event_notifier_enabler, filter, sc_table, + ARRAY_SIZE(sc_table), false); + if (ret) + goto end; + + ret = create_matching_event_notifiers(event_notifier_enabler, filter, compat_sc_table, + ARRAY_SIZE(compat_sc_table), true); +end: + return ret; +} + +/* + * Unregister the syscall event_notifier probes from the callsites. + */ +int lttng_syscalls_unregister_event_notifier(struct lttng_event_notifier_group *event_notifier_group) +{ + int ret; + + /* + * Only register the event_notifier probe on the `sys_enter` callsite for now. + * At the moment, we don't think it's desirable to have one fired + * event_notifier for the entry and one for the exit of a syscall. + */ + if (event_notifier_group->sys_enter_registered) { + ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter", + (void *) syscall_entry_event_notifier_probe, event_notifier_group); + if (ret) + return ret; + event_notifier_group->sys_enter_registered = 0; + } + + kfree(event_notifier_group->event_notifier_syscall_dispatch); +#ifdef CONFIG_COMPAT + kfree(event_notifier_group->event_notifier_compat_syscall_dispatch); +#endif + return 0; +} + +int lttng_syscalls_unregister_event(struct lttng_channel *chan) { int ret; @@ -919,19 +1139,23 @@ int lttng_syscalls_unregister(struct lttng_channel *chan) return 0; if (chan->sys_enter_registered) { ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter", - (void *) syscall_entry_probe, chan); + (void *) syscall_entry_event_probe, chan); if (ret) return ret; chan->sys_enter_registered = 0; } if (chan->sys_exit_registered) { ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit", - (void *) syscall_exit_probe, chan); + (void *) syscall_exit_event_probe, chan); if (ret) return ret; chan->sys_exit_registered = 0; } - /* lttng_event destroy will be performed by lttng_session_destroy() */ + return 0; +} + +int lttng_syscalls_destroy_event(struct lttng_channel *chan) +{ kfree(chan->sc_table); kfree(chan->sc_exit_table); #ifdef CONFIG_COMPAT @@ -994,136 +1218,180 @@ uint32_t get_sc_tables_len(void) return ARRAY_SIZE(sc_table) + ARRAY_SIZE(compat_sc_table); } -int lttng_syscall_filter_enable(struct lttng_channel *chan, - const char *name) +static +const char *get_syscall_name(struct lttng_event *event) { - int syscall_nr, compat_syscall_nr, ret; - struct lttng_syscall_filter *filter; + size_t prefix_len = 0; - WARN_ON_ONCE(!chan->sc_table); + WARN_ON_ONCE(event->instrumentation != LTTNG_KERNEL_SYSCALL); - if (!name) { - /* Enable all system calls by removing filter */ - if (chan->sc_filter) { - filter = chan->sc_filter; - rcu_assign_pointer(chan->sc_filter, NULL); - synchronize_trace(); - kfree(filter); + switch (event->u.syscall.entryexit) { + case LTTNG_SYSCALL_ENTRY: + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + prefix_len = strlen(SYSCALL_ENTRY_STR); + break; + case LTTNG_SYSCALL_ABI_COMPAT: + prefix_len = strlen(COMPAT_SYSCALL_ENTRY_STR); + break; } - chan->syscall_all = 1; - return 0; - } - - if (!chan->sc_filter) { - if (chan->syscall_all) { - /* - * All syscalls are already enabled. - */ - return -EEXIST; + break; + case LTTNG_SYSCALL_EXIT: + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + prefix_len = strlen(SYSCALL_EXIT_STR); + break; + case LTTNG_SYSCALL_ABI_COMPAT: + prefix_len = strlen(COMPAT_SYSCALL_EXIT_STR); + break; } - filter = kzalloc(sizeof(struct lttng_syscall_filter), - GFP_KERNEL); - if (!filter) - return -ENOMEM; - } else { - filter = chan->sc_filter; + break; } - syscall_nr = get_syscall_nr(name); - compat_syscall_nr = get_compat_syscall_nr(name); - if (syscall_nr < 0 && compat_syscall_nr < 0) { - ret = -ENOENT; - goto error; + WARN_ON_ONCE(prefix_len == 0); + return event->desc->name + prefix_len; +} + +int lttng_syscall_filter_enable_event(struct lttng_channel *chan, + struct lttng_event *event) +{ + struct lttng_syscall_filter *filter = chan->sc_filter; + const char *syscall_name; + unsigned long *bitmap; + int syscall_nr; + + WARN_ON_ONCE(!chan->sc_table); + + syscall_name = get_syscall_name(event); + + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + syscall_nr = get_syscall_nr(syscall_name); + break; + case LTTNG_SYSCALL_ABI_COMPAT: + syscall_nr = get_compat_syscall_nr(syscall_name); + break; + default: + return -EINVAL; } - if (syscall_nr >= 0) { - if (test_bit(syscall_nr, filter->sc)) { - ret = -EEXIST; - goto error; + if (syscall_nr < 0) + return -ENOENT; + + switch (event->u.syscall.entryexit) { + case LTTNG_SYSCALL_ENTRY: + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + bitmap = filter->sc_entry; + break; + case LTTNG_SYSCALL_ABI_COMPAT: + bitmap = filter->sc_compat_entry; + break; + default: + return -EINVAL; } - bitmap_set(filter->sc, syscall_nr, 1); - } - if (compat_syscall_nr >= 0) { - if (test_bit(compat_syscall_nr, filter->sc_compat)) { - ret = -EEXIST; - goto error; + break; + case LTTNG_SYSCALL_EXIT: + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + bitmap = filter->sc_exit; + break; + case LTTNG_SYSCALL_ABI_COMPAT: + bitmap = filter->sc_compat_exit; + break; + default: + return -EINVAL; } - bitmap_set(filter->sc_compat, compat_syscall_nr, 1); + break; + default: + return -EINVAL; } - if (!chan->sc_filter) - rcu_assign_pointer(chan->sc_filter, filter); + if (test_bit(syscall_nr, bitmap)) + return -EEXIST; + bitmap_set(bitmap, syscall_nr, 1); return 0; +} -error: - if (!chan->sc_filter) - kfree(filter); - return ret; +int lttng_syscall_filter_enable_event_notifier( + struct lttng_event_notifier *event_notifier) +{ + struct lttng_event_notifier_group *group = event_notifier->group; + unsigned int syscall_id = event_notifier->u.syscall.syscall_id; + struct list_head *dispatch_list; + + if (event_notifier->u.syscall.is_compat) + dispatch_list = &group->event_notifier_compat_syscall_dispatch[syscall_id]; + else + dispatch_list = &group->event_notifier_syscall_dispatch[syscall_id]; + + list_add_rcu(&event_notifier->u.syscall.node, dispatch_list); + + return 0; } -int lttng_syscall_filter_disable(struct lttng_channel *chan, - const char *name) +int lttng_syscall_filter_disable_event(struct lttng_channel *chan, + struct lttng_event *event) { - int syscall_nr, compat_syscall_nr, ret; - struct lttng_syscall_filter *filter; + struct lttng_syscall_filter *filter = chan->sc_filter; + const char *syscall_name; + unsigned long *bitmap; + int syscall_nr; WARN_ON_ONCE(!chan->sc_table); - if (!chan->sc_filter) { - if (!chan->syscall_all) - return -EEXIST; - filter = kzalloc(sizeof(struct lttng_syscall_filter), - GFP_KERNEL); - if (!filter) - return -ENOMEM; - /* Trace all system calls, then apply disable. */ - bitmap_set(filter->sc, 0, NR_syscalls); - bitmap_set(filter->sc_compat, 0, NR_compat_syscalls); - } else { - filter = chan->sc_filter; - } - - if (!name) { - /* Fail if all syscalls are already disabled. */ - if (bitmap_empty(filter->sc, NR_syscalls) - && bitmap_empty(filter->sc_compat, - NR_compat_syscalls)) { - ret = -EEXIST; - goto error; - } + syscall_name = get_syscall_name(event); - /* Disable all system calls */ - bitmap_clear(filter->sc, 0, NR_syscalls); - bitmap_clear(filter->sc_compat, 0, NR_compat_syscalls); - goto apply_filter; - } - syscall_nr = get_syscall_nr(name); - compat_syscall_nr = get_compat_syscall_nr(name); - if (syscall_nr < 0 && compat_syscall_nr < 0) { - ret = -ENOENT; - goto error; + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + syscall_nr = get_syscall_nr(syscall_name); + break; + case LTTNG_SYSCALL_ABI_COMPAT: + syscall_nr = get_compat_syscall_nr(syscall_name); + break; + default: + return -EINVAL; } - if (syscall_nr >= 0) { - if (!test_bit(syscall_nr, filter->sc)) { - ret = -EEXIST; - goto error; + if (syscall_nr < 0) + return -ENOENT; + + switch (event->u.syscall.entryexit) { + case LTTNG_SYSCALL_ENTRY: + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + bitmap = filter->sc_entry; + break; + case LTTNG_SYSCALL_ABI_COMPAT: + bitmap = filter->sc_compat_entry; + break; + default: + return -EINVAL; } - bitmap_clear(filter->sc, syscall_nr, 1); - } - if (compat_syscall_nr >= 0) { - if (!test_bit(compat_syscall_nr, filter->sc_compat)) { - ret = -EEXIST; - goto error; + break; + case LTTNG_SYSCALL_EXIT: + switch (event->u.syscall.abi) { + case LTTNG_SYSCALL_ABI_NATIVE: + bitmap = filter->sc_exit; + break; + case LTTNG_SYSCALL_ABI_COMPAT: + bitmap = filter->sc_compat_exit; + break; + default: + return -EINVAL; } - bitmap_clear(filter->sc_compat, compat_syscall_nr, 1); + break; + default: + return -EINVAL; } -apply_filter: - if (!chan->sc_filter) - rcu_assign_pointer(chan->sc_filter, filter); - chan->syscall_all = 0; + if (!test_bit(syscall_nr, bitmap)) + return -EEXIST; + bitmap_clear(bitmap, syscall_nr, 1); + return 0; +} -error: - if (!chan->sc_filter) - kfree(filter); - return ret; +int lttng_syscall_filter_disable_event_notifier( + struct lttng_event_notifier *event_notifier) +{ + list_del_rcu(&event_notifier->u.syscall.node); + return 0; } static @@ -1237,6 +1505,9 @@ const struct file_operations lttng_syscall_list_fops = { .release = seq_release, }; +/* + * A syscall is enabled if it is traced for either entry or exit. + */ long lttng_channel_syscall_mask(struct lttng_channel *channel, struct lttng_kernel_syscall_mask __user *usyscall_mask) { @@ -1263,8 +1534,9 @@ long lttng_channel_syscall_mask(struct lttng_channel *channel, char state; if (channel->sc_table) { - if (filter) - state = test_bit(bit, filter->sc); + if (!READ_ONCE(channel->syscall_all) && filter) + state = test_bit(bit, filter->sc_entry) + || test_bit(bit, filter->sc_exit); else state = 1; } else { @@ -1276,9 +1548,11 @@ long lttng_channel_syscall_mask(struct lttng_channel *channel, char state; if (channel->compat_sc_table) { - if (filter) + if (!READ_ONCE(channel->syscall_all) && filter) state = test_bit(bit - ARRAY_SIZE(sc_table), - filter->sc_compat); + filter->sc_compat_entry) + || test_bit(bit - ARRAY_SIZE(sc_table), + filter->sc_compat_exit); else state = 1; } else {