From 769ad37074a5979b6eef686352c17fb3ba8c9a4d Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Thu, 25 Feb 2016 10:46:54 -0500 Subject: [PATCH] Fix: system call instrumentation overrides * All architectures - For mmap, print the "ret" value as an hexadecimal integer (rather than base 10), which better suits a pointer. - Add missing "clone" override define, which ensures the clone system call override is used rather than leaving it as an "unknown" system call. * ARM32 - Add missing output return values to arm_fadvise64_64, sync_file_range2. - Handle the 64-bit parameters of both arm_fadvise64_64 and sync_file_range2 correctly on arm32, on big and little endian builds. - Move the mmap2 system call instrumentation from "pointers" to "integers" override header, and add the missing return value (sc_exit). * PPC32 - Add sync_file_range2 system call instrumentation. Handle the 64-bit parameters on big and little endian builds. - Move the mmap2 system call instrumentation from "pointers" to "integers" override header, and add the missing return value (sc_exit). * PPC64 compat - Include compatibility (ppc32) header in ppc64 build to trace compat system calls on PPC64 big endian. * x86-32 - Add mmap2 system call instrumentation override. - Add sync_file_range instrumentation override, correctly combining the low/high parts of offset and nbytes into 64-bit fields. Tested-by: Jonathan Rajotte Signed-off-by: Mathieu Desnoyers --- ...arm-32-syscalls-3.4.25_integers_override.h | 109 ++++++++++++++---- ...arm-32-syscalls-3.4.25_pointers_override.h | 16 --- .../headers/compat_syscalls_integers.h | 4 + .../headers/compat_syscalls_pointers.h | 4 + ...rpc-32-syscalls-3.0.34_integers_override.h | 63 ++++++++++ ...rpc-32-syscalls-3.0.34_pointers_override.h | 16 --- .../headers/syscalls_integers_override.h | 12 +- .../headers/syscalls_pointers_override.h | 7 +- ...-32-syscalls-3.1.0-rc6_integers_override.h | 51 +++++++- 9 files changed, 220 insertions(+), 62 deletions(-) diff --git a/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_integers_override.h b/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_integers_override.h index f6539e2f..e6b52878 100644 --- a/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_integers_override.h +++ b/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_integers_override.h @@ -30,30 +30,98 @@ #endif -#define OVERRIDE_TABLE_32_arm_fadvise64_64 -#define OVERRIDE_TABLE_32_sync_file_range2 - #ifndef CREATE_SYSCALL_TABLE +#if (__BYTE_ORDER == __LITTLE_ENDIAN) + +#define OVERRIDE_32_arm_fadvise64_64 SC_LTTNG_TRACEPOINT_EVENT(arm_fadvise64_64, - TP_PROTO(int fd, int advice, loff_t offset, loff_t len), - TP_ARGS(fd, advice, offset, len), - TP_FIELDS( - ctf_integer_hex(int, fd, fd) - ctf_integer_hex(int, advice, advice) - ctf_integer_hex(loff_t, offset, offset) - ctf_integer_hex(loff_t, len, len) + TP_PROTO(sc_exit(long ret,) int fd, int advice, + int32_t offset_low, int32_t offset_high, + int32_t len_low, int32_t len_high), + TP_ARGS(sc_exit(ret,) fd, advice, offset_low, offset_high, + len_low, len_high), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(int, advice, advice)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, len, + ((loff_t) len_high << 32) | len_low)) ) ) +#define OVERRIDE_32_sync_file_range2 SC_LTTNG_TRACEPOINT_EVENT(sync_file_range2, - TP_PROTO(int fd, loff_t offset, loff_t nbytes, unsigned int flags), - TP_ARGS(fd, offset, nbytes, flags), - TP_FIELDS( - ctf_integer_hex(int, fd, fd) - ctf_integer_hex(loff_t, offset, offset) - ctf_integer_hex(loff_t, nbytes, nbytes) - ctf_integer_hex(unsigned int, flags, flags) + TP_PROTO(sc_exit(long ret,) int fd, + unsigned int flags, + int32_t offset_low, int32_t offset_high, + int32_t nbytes_low, int32_t nbytes_high), + TP_ARGS(sc_exit(ret,) fd, flags, offset_low, offset_high, + nbytes_low, nbytes_high), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(unsigned int, flags, flags)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, nbytes, + ((loff_t) nbytes_high << 32) | nbytes_low)) + ) +) + +#else /* __BIG_ENDIAN */ + +#define OVERRIDE_32_arm_fadvise64_64 +SC_LTTNG_TRACEPOINT_EVENT(arm_fadvise64_64, + TP_PROTO(sc_exit(long ret,) int fd, int advice, + int32_t offset_high, int32_t offset_low, + int32_t len_high, int32_t len_low), + TP_ARGS(sc_exit(ret,) fd, advice, offset_high, offset_low, + len_high, len_low), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(int, advice, advice)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, len, + ((loff_t) len_high << 32) | len_low)) + ) +) + +#define OVERRIDE_32_sync_file_range2 +SC_LTTNG_TRACEPOINT_EVENT(sync_file_range2, + TP_PROTO(sc_exit(long ret,) int fd, + unsigned int flags, + int32_t offset_high, int32_t offset_low, + int32_t nbytes_high, int32_t nbytes_low), + TP_ARGS(sc_exit(ret,) fd, flags, offset_high, offset_low, + nbytes_high, nbytes_low), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(unsigned int, flags, flags)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, nbytes, + ((loff_t) nbytes_high << 32) | nbytes_low)) + ) +) + +#endif + +#define OVERRIDE_32_mmap2 +SC_LTTNG_TRACEPOINT_EVENT(mmap2, + TP_PROTO(sc_exit(unsigned long ret,) + unsigned long addr, unsigned long len, + unsigned long prot, unsigned long flags, + unsigned long fd, unsigned long pgoff), + TP_ARGS(sc_exit(ret,) addr, len, prot, flags, fd, pgoff), + TP_FIELDS(sc_exit(ctf_integer_hex(unsigned long, ret, ret)) + sc_in(ctf_integer_hex(unsigned long, addr, addr)) + sc_in(ctf_integer(size_t, len, len)) + sc_in(ctf_integer(int, prot, prot)) + sc_in(ctf_integer(int, flags, flags)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(off_t, pgoff, pgoff)) ) ) @@ -61,11 +129,12 @@ SC_LTTNG_TRACEPOINT_EVENT(sync_file_range2, #define OVERRIDE_TABLE_32_mmap TRACE_SYSCALL_TABLE(mmap, mmap, 90, 6) - +#define OVERRIDE_TABLE_32_mmap2 +TRACE_SYSCALL_TABLE(mmap2, mmap2, 192, 6) #define OVERRIDE_TABLE_32_arm_fadvise64_64 -TRACE_SYSCALL_TABLE(arm_fadvise64_64, arm_fadvise64_64, 270, 4) +TRACE_SYSCALL_TABLE(arm_fadvise64_64, arm_fadvise64_64, 270, 6) #define OVERRIDE_TABLE_32_sync_file_range2 -TRACE_SYSCALL_TABLE(sync_file_range2, sync_file_range2, 341, 4) +TRACE_SYSCALL_TABLE(sync_file_range2, sync_file_range2, 341, 6) #endif /* CREATE_SYSCALL_TABLE */ diff --git a/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_pointers_override.h b/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_pointers_override.h index 089853b3..ab325c7c 100644 --- a/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_pointers_override.h +++ b/instrumentation/syscalls/headers/arm-32-syscalls-3.4.25_pointers_override.h @@ -12,20 +12,6 @@ #ifndef CREATE_SYSCALL_TABLE -SC_LTTNG_TRACEPOINT_EVENT(mmap2, - TP_PROTO(void *addr, size_t len, int prot, - int flags, int fd, off_t pgoff), - TP_ARGS(addr, len, prot, flags, fd, pgoff), - TP_FIELDS( - ctf_integer_hex(void *, addr, addr) - ctf_integer(size_t, len, len) - ctf_integer(int, prot, prot) - ctf_integer(int, flags, flags) - ctf_integer(int, fd, fd) - ctf_integer(off_t, pgoff, pgoff) - ) -) - #define OVERRIDE_32_pipe SC_LTTNG_TRACEPOINT_EVENT(pipe, TP_PROTO(sc_exit(long ret,) int * fildes), @@ -50,8 +36,6 @@ SC_LTTNG_TRACEPOINT_EVENT(pipe, TRACE_SYSCALL_TABLE(execve, execve, 11, 3) #define OVERRIDE_TABLE_32_clone TRACE_SYSCALL_TABLE(clone, clone, 120, 5) -#define OVERRIDE_TABLE_32_mmap2 -TRACE_SYSCALL_TABLE(mmap2, mmap2, 192, 6) #endif /* CREATE_SYSCALL_TABLE */ diff --git a/instrumentation/syscalls/headers/compat_syscalls_integers.h b/instrumentation/syscalls/headers/compat_syscalls_integers.h index d81df18c..fa1657d5 100644 --- a/instrumentation/syscalls/headers/compat_syscalls_integers.h +++ b/instrumentation/syscalls/headers/compat_syscalls_integers.h @@ -5,3 +5,7 @@ #ifdef CONFIG_ARM64 #include "arm-32-syscalls-3.4.25_integers.h" #endif + +#ifdef CONFIG_PPC64 +#include "powerpc-32-syscalls-3.0.34_integers.h" +#endif diff --git a/instrumentation/syscalls/headers/compat_syscalls_pointers.h b/instrumentation/syscalls/headers/compat_syscalls_pointers.h index c2d89a9a..4929da9f 100644 --- a/instrumentation/syscalls/headers/compat_syscalls_pointers.h +++ b/instrumentation/syscalls/headers/compat_syscalls_pointers.h @@ -5,3 +5,7 @@ #ifdef CONFIG_ARM64 #include "arm-32-syscalls-3.4.25_pointers.h" #endif + +#ifdef CONFIG_PPC64 +#include "powerpc-32-syscalls-3.0.34_pointers.h" +#endif diff --git a/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_integers_override.h b/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_integers_override.h index c0aabbbc..a41be136 100644 --- a/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_integers_override.h +++ b/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_integers_override.h @@ -1,9 +1,72 @@ #ifndef CREATE_SYSCALL_TABLE +#define OVERRIDE_32_mmap2 +SC_LTTNG_TRACEPOINT_EVENT(mmap2, + TP_PROTO(sc_exit(unsigned long ret,) + unsigned long addr, unsigned long len, + unsigned long prot, unsigned long flags, + unsigned long fd, unsigned long pgoff), + TP_ARGS(sc_exit(ret,) addr, len, prot, flags, fd, pgoff), + TP_FIELDS(sc_exit(ctf_integer_hex(unsigned long, ret, ret)) + sc_in(ctf_integer_hex(unsigned long, addr, addr)) + sc_in(ctf_integer(size_t, len, len)) + sc_in(ctf_integer(int, prot, prot)) + sc_in(ctf_integer(int, flags, flags)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(off_t, pgoff, pgoff)) + ) +) + +#if (__BYTE_ORDER == __LITTLE_ENDIAN) + +#define OVERRIDE_32_sync_file_range2 +SC_LTTNG_TRACEPOINT_EVENT(sync_file_range2, + TP_PROTO(sc_exit(long ret,) int fd, + unsigned int flags, + int32_t offset_low, int32_t offset_high, + int32_t nbytes_low, int32_t nbytes_high), + TP_ARGS(sc_exit(ret,) fd, flags, offset_low, offset_high, + nbytes_low, nbytes_high), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(unsigned int, flags, flags)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, nbytes, + ((loff_t) nbytes_high << 32) | nbytes_low)) + ) +) + +#else /* __BIG_ENDIAN */ + +#define OVERRIDE_32_sync_file_range2 +SC_LTTNG_TRACEPOINT_EVENT(sync_file_range2, + TP_PROTO(sc_exit(long ret,) int fd, + unsigned int flags, + int32_t offset_high, int32_t offset_low, + int32_t nbytes_high, int32_t nbytes_low), + TP_ARGS(sc_exit(ret,) fd, flags, offset_high, offset_low, + nbytes_high, nbytes_low), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(unsigned int, flags, flags)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, nbytes, + ((loff_t) nbytes_high << 32) | nbytes_low)) + ) +) + +#endif + #else /* CREATE_SYSCALL_TABLE */ #define OVERRIDE_TABLE_32_mmap TRACE_SYSCALL_TABLE(mmap, mmap, 90, 6) +#define OVERRIDE_TABLE_32_mmap2 +TRACE_SYSCALL_TABLE(mmap2, mmap2, 192, 6) +#define OVERRIDE_TABLE_32_sync_file_range2 +TRACE_SYSCALL_TABLE(sync_file_range2, sync_file_range2, 308, 6) #endif /* CREATE_SYSCALL_TABLE */ diff --git a/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_pointers_override.h b/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_pointers_override.h index 1fd3ec45..06704b90 100644 --- a/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_pointers_override.h +++ b/instrumentation/syscalls/headers/powerpc-32-syscalls-3.0.34_pointers_override.h @@ -2,20 +2,6 @@ #ifndef CREATE_SYSCALL_TABLE -SC_LTTNG_TRACEPOINT_EVENT(mmap2, - TP_PROTO(void *addr, size_t len, int prot, - int flags, int fd, off_t pgoff), - TP_ARGS(addr, len, prot, flags, fd, pgoff), - TP_FIELDS( - ctf_integer_hex(void *, addr, addr) - ctf_integer(size_t, len, len) - ctf_integer(int, prot, prot) - ctf_integer(int, flags, flags) - ctf_integer(int, fd, fd) - ctf_integer(off_t, pgoff, pgoff) - ) -) - #define OVERRIDE_32_pipe SC_LTTNG_TRACEPOINT_EVENT(pipe, TP_PROTO(sc_exit(long ret,) int * fildes), @@ -31,8 +17,6 @@ SC_LTTNG_TRACEPOINT_EVENT(pipe, TRACE_SYSCALL_TABLE(execve, execve, 11, 3) #define OVERRIDE_TABLE_32_clone TRACE_SYSCALL_TABLE(clone, clone, 120, 5) -#define OVERRIDE_TABLE_32_mmap2 -TRACE_SYSCALL_TABLE(mmap2, mmap2, 192, 6) #endif /* CREATE_SYSCALL_TABLE */ diff --git a/instrumentation/syscalls/headers/syscalls_integers_override.h b/instrumentation/syscalls/headers/syscalls_integers_override.h index 1f4266fb..29bcefbc 100644 --- a/instrumentation/syscalls/headers/syscalls_integers_override.h +++ b/instrumentation/syscalls/headers/syscalls_integers_override.h @@ -1,12 +1,14 @@ -#define OVERRIDE_32_mmap -#define OVERRIDE_64_mmap - #ifndef CREATE_SYSCALL_TABLE +#define OVERRIDE_32_mmap +#define OVERRIDE_64_mmap SC_LTTNG_TRACEPOINT_EVENT(mmap, - TP_PROTO(sc_exit(long ret,) unsigned long addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long fd, unsigned long off), + TP_PROTO(sc_exit(unsigned long ret,) + unsigned long addr, unsigned long len, + unsigned long prot, unsigned long flags, + unsigned long fd, unsigned long off), TP_ARGS(sc_exit(ret,) addr, len, prot, flags, fd, off), - TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + TP_FIELDS(sc_exit(ctf_integer_hex(unsigned long, ret, ret)) sc_in(ctf_integer_hex(unsigned long, addr, addr)) sc_in(ctf_integer(size_t, len, len)) sc_in(ctf_integer(int, prot, prot)) diff --git a/instrumentation/syscalls/headers/syscalls_pointers_override.h b/instrumentation/syscalls/headers/syscalls_pointers_override.h index c9478f44..bf5c632e 100644 --- a/instrumentation/syscalls/headers/syscalls_pointers_override.h +++ b/instrumentation/syscalls/headers/syscalls_pointers_override.h @@ -1,8 +1,7 @@ -#define OVERRIDE_32_execve -#define OVERRIDE_64_execve - #ifndef CREATE_SYSCALL_TABLE +#define OVERRIDE_32_execve +#define OVERRIDE_64_execve SC_LTTNG_TRACEPOINT_EVENT(execve, TP_PROTO(sc_exit(long ret,) const char *filename, char *const *argv, char *const *envp), TP_ARGS(sc_exit(ret,) filename, argv, envp), @@ -13,6 +12,8 @@ SC_LTTNG_TRACEPOINT_EVENT(execve, ) ) +#define OVERRIDE_32_clone +#define OVERRIDE_64_clone SC_LTTNG_TRACEPOINT_EVENT(clone, TP_PROTO(sc_exit(long ret,) unsigned long clone_flags, unsigned long newsp, void __user *parent_tid, diff --git a/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_integers_override.h b/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_integers_override.h index 24690a51..df814d30 100644 --- a/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_integers_override.h +++ b/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_integers_override.h @@ -30,9 +30,56 @@ #endif -#ifdef CREATE_SYSCALL_TABLE +#ifndef CREATE_SYSCALL_TABLE + +/* mmap_pgoff is kernel internal. mmap2 is exposed in unistd.h. */ +#define OVERRIDE_32_mmap_pgoff +#define OVERRIDE_32_mmap2 +SC_LTTNG_TRACEPOINT_EVENT(mmap2, + TP_PROTO(sc_exit(unsigned long ret,) + unsigned long addr, unsigned long len, + unsigned long prot, unsigned long flags, + unsigned long fd, unsigned long pgoff), + TP_ARGS(sc_exit(ret,) addr, len, prot, flags, fd, pgoff), + TP_FIELDS(sc_exit(ctf_integer_hex(unsigned long, ret, ret)) + sc_in(ctf_integer_hex(unsigned long, addr, addr)) + sc_in(ctf_integer(size_t, len, len)) + sc_in(ctf_integer(int, prot, prot)) + sc_in(ctf_integer(int, flags, flags)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(off_t, pgoff, pgoff)) + ) +) + +#define OVERRIDE_32_sync_file_range +SC_LTTNG_TRACEPOINT_EVENT(sync_file_range, + TP_PROTO(sc_exit(long ret,) int fd, + int32_t offset_low, int32_t offset_high, + int32_t nbytes_low, int32_t nbytes_high, + unsigned int flags), + TP_ARGS(sc_exit(ret,) fd, offset_low, offset_high, + nbytes_low, nbytes_high, flags), + TP_FIELDS(sc_exit(ctf_integer(long, ret, ret)) + sc_in(ctf_integer(int, fd, fd)) + sc_in(ctf_integer(loff_t, offset, + ((loff_t) offset_high << 32) | offset_low)) + sc_in(ctf_integer(loff_t, nbytes, + ((loff_t) nbytes_high << 32) | nbytes_low)) + sc_in(ctf_integer(unsigned int, flags, flags)) + ) +) + +#else /* #ifndef CREATE_SYSCALL_TABLE */ #define OVERRIDE_TABLE_32_mmap TRACE_SYSCALL_TABLE(mmap, mmap, 90, 6) -#endif +/* mmap_pgoff is kernel internal. mmap2 is exposed in unistd.h. */ +#define OVERRIDE_TABLE_32_mmap_pgoff +#define OVERRIDE_TABLE_32_mmap2 +TRACE_SYSCALL_TABLE(mmap2, mmap2, 192, 6) + +#define OVERRIDE_TABLE_32_sync_file_range +TRACE_SYSCALL_TABLE(sync_file_range, sync_file_range, 314, 6) + +#endif /* #else #ifndef CREATE_SYSCALL_TABLE */ -- 2.34.1