LTTNG_SYSCALL_ABI_COMPAT,
};
+struct lttng_syscall {
+ struct list_head node; /* chain registered syscall event_notifier */
+ unsigned int syscall_id;
+ bool is_compat;
+};
+
/*
* lttng_event structure is referred to by the tracing fast path. It must be
* kept small.
union {
struct lttng_kprobe kprobe;
struct lttng_uprobe uprobe;
+ struct lttng_syscall syscall;
} u;
/* Backward references: list of lttng_enabler_ref (ref to enablers) */
struct lib_ring_buffer *buf; /* Ring buffer for event notifier group. */
wait_queue_head_t read_wait;
struct irq_work wakeup_pending; /* Pending wakeup irq work. */
+
+ struct list_head *event_notifier_syscall_dispatch;
+ struct list_head *event_notifier_compat_syscall_dispatch;
+
+ unsigned int syscall_all:1,
+ sys_enter_registered:1;
};
struct lttng_metadata_cache {
void lttng_clock_ref(void);
void lttng_clock_unref(void);
+int lttng_desc_match_enabler(const struct lttng_event_desc *desc,
+ struct lttng_enabler *enabler);
+
#if defined(CONFIG_HAVE_SYSCALL_TRACEPOINTS)
int lttng_syscalls_register_event(struct lttng_channel *chan, void *filter);
int lttng_syscalls_unregister_event(struct lttng_channel *chan);
long lttng_channel_syscall_mask(struct lttng_channel *channel,
struct lttng_kernel_syscall_mask __user *usyscall_mask);
+int lttng_syscalls_register_event_notifier(
+ struct lttng_event_notifier_enabler *event_notifier_enabler,
+ void *filter);
+int lttng_syscals_create_matching_event_notifiers(
+ struct lttng_event_notifier_enabler *event_notifier_enabler, void *filter);
+int lttng_syscalls_unregister_event_notifier(struct lttng_event_notifier_group *group);
+int lttng_syscall_filter_enable_event_notifier(struct lttng_event_notifier *event_notifier);
+int lttng_syscall_filter_disable_event_notifier(struct lttng_event_notifier *event_notifier);
#else
static inline int lttng_syscalls_register_event(
struct lttng_channel *chan, void *filter)
return -ENOSYS;
}
+static inline int lttng_syscalls_register_event_notifier(
+ struct lttng_event_notifier_group *group, void *filter)
+{
+ return -ENOSYS;
+}
+
+static inline int lttng_syscalls_unregister_event_notifier(
+ struct lttng_event_notifier_group *group)
+{
+ return 0;
+}
+
+static inline int lttng_syscall_filter_enable_event_notifier(
+ struct lttng_event_notifier_group *group,
+ const char *name)
+{
+ return -ENOSYS;
+}
+
+static inline int lttng_syscall_filter_disable_event_notifier(
+ struct lttng_event_notifier_group *group,
+ const char *name)
+{
+ return -ENOSYS;
+}
+
#endif
void lttng_filter_sync_state(struct lttng_bytecode_runtime *runtime);
mutex_lock(&sessions_mutex);
+ ret = lttng_syscalls_unregister_event_notifier(event_notifier_group);
+ WARN_ON(ret);
+
list_for_each_entry_safe(event_notifier, tmpevent_notifier,
&event_notifier_group->event_notifiers_head, list) {
ret = _lttng_event_notifier_unregister(event_notifier);
}
switch (event_notifier->instrumentation) {
case LTTNG_KERNEL_TRACEPOINT:
+ case LTTNG_KERNEL_SYSCALL:
ret = -EINVAL;
break;
case LTTNG_KERNEL_KPROBE:
case LTTNG_KERNEL_UPROBE:
WRITE_ONCE(event_notifier->enabled, 1);
break;
- case LTTNG_KERNEL_SYSCALL:
case LTTNG_KERNEL_FUNCTION:
case LTTNG_KERNEL_NOOP:
case LTTNG_KERNEL_KRETPROBE:
}
switch (event_notifier->instrumentation) {
case LTTNG_KERNEL_TRACEPOINT:
+ case LTTNG_KERNEL_SYSCALL:
ret = -EINVAL;
break;
case LTTNG_KERNEL_KPROBE:
case LTTNG_KERNEL_UPROBE:
WRITE_ONCE(event_notifier->enabled, 0);
break;
- case LTTNG_KERNEL_SYSCALL:
case LTTNG_KERNEL_FUNCTION:
case LTTNG_KERNEL_NOOP:
case LTTNG_KERNEL_KRETPROBE:
break;
case LTTNG_KERNEL_KPROBE:
case LTTNG_KERNEL_UPROBE:
+ case LTTNG_KERNEL_SYSCALL:
event_name = event_notifier_param->event.name;
break;
case LTTNG_KERNEL_KRETPROBE:
case LTTNG_KERNEL_FUNCTION:
case LTTNG_KERNEL_NOOP:
- case LTTNG_KERNEL_SYSCALL:
default:
WARN_ON_ONCE(1);
ret = -EINVAL;
ret = try_module_get(event_notifier->desc->owner);
WARN_ON_ONCE(!ret);
break;
+ case LTTNG_KERNEL_NOOP:
+ case LTTNG_KERNEL_SYSCALL:
+ /*
+ * Needs to be explicitly enabled after creation, since
+ * we may want to apply filters.
+ */
+ event_notifier->enabled = 0;
+ event_notifier->registered = 0;
+ event_notifier->desc = event_desc;
+ if (!event_notifier->desc) {
+ ret = -EINVAL;
+ goto register_error;
+ }
+ break;
case LTTNG_KERNEL_UPROBE:
/*
* Needs to be explicitly enabled after creation, since
break;
case LTTNG_KERNEL_KRETPROBE:
case LTTNG_KERNEL_FUNCTION:
- case LTTNG_KERNEL_NOOP:
- case LTTNG_KERNEL_SYSCALL:
default:
WARN_ON_ONCE(1);
ret = -EINVAL;
desc->event_notifier_callback,
event_notifier);
break;
+ case LTTNG_KERNEL_SYSCALL:
+ ret = lttng_syscall_filter_enable_event_notifier(event_notifier);
+ break;
case LTTNG_KERNEL_KPROBE:
case LTTNG_KERNEL_UPROBE:
ret = 0;
break;
- case LTTNG_KERNEL_SYSCALL:
case LTTNG_KERNEL_KRETPROBE:
case LTTNG_KERNEL_FUNCTION:
case LTTNG_KERNEL_NOOP:
lttng_uprobes_unregister_event_notifier(event_notifier);
ret = 0;
break;
+ case LTTNG_KERNEL_SYSCALL:
+ ret = lttng_syscall_filter_disable_event_notifier(event_notifier);
+ break;
case LTTNG_KERNEL_KRETPROBE:
case LTTNG_KERNEL_FUNCTION:
- case LTTNG_KERNEL_SYSCALL:
case LTTNG_KERNEL_NOOP:
default:
WARN_ON_ONCE(1);
module_put(event_notifier->desc->owner);
lttng_kprobes_destroy_event_notifier_private(event_notifier);
break;
+ case LTTNG_KERNEL_NOOP:
+ case LTTNG_KERNEL_SYSCALL:
+ break;
case LTTNG_KERNEL_UPROBE:
module_put(event_notifier->desc->owner);
lttng_uprobes_destroy_event_notifier_private(event_notifier);
break;
case LTTNG_KERNEL_KRETPROBE:
case LTTNG_KERNEL_FUNCTION:
- case LTTNG_KERNEL_NOOP:
- case LTTNG_KERNEL_SYSCALL:
default:
WARN_ON_ONCE(1);
}
return 1;
}
-static
int lttng_desc_match_enabler(const struct lttng_event_desc *desc,
struct lttng_enabler *enabler)
{
WARN_ON_ONCE(ret);
}
+static
+void lttng_create_syscall_event_notifier_if_missing(struct lttng_event_notifier_enabler *event_notifier_enabler)
+{
+ int ret;
+
+ ret = lttng_syscalls_register_event_notifier(event_notifier_enabler, NULL);
+ WARN_ON_ONCE(ret);
+ ret = lttng_syscals_create_matching_event_notifiers(event_notifier_enabler, NULL);
+ WARN_ON_ONCE(ret);
+}
+
/*
* Create struct lttng_event if it is missing and present in the list of
* tracepoint probes.
case LTTNG_KERNEL_TRACEPOINT:
lttng_create_tracepoint_event_notifier_if_missing(event_notifier_enabler);
break;
+ case LTTNG_KERNEL_SYSCALL:
+ lttng_create_syscall_event_notifier_if_missing(event_notifier_enabler);
+ break;
default:
WARN_ON_ONCE(1);
break;
#include <wrapper/rcu.h>
#include <wrapper/syscall.h>
#include <lttng/events.h>
+#include <lttng/utils.h>
#ifndef CONFIG_COMPAT
# ifndef is_compat_task
static
void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret);
+static
+void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs,
+ long id);
+
/*
* Forward declarations for old kernels.
*/
struct trace_syscall_entry {
void *event_func;
+ void *event_notifier_func;
const struct lttng_event_desc *desc;
const struct lttng_event_field *fields;
unsigned int nrargs;
#define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
[ _nr ] = { \
.event_func = __event_probe__syscall_entry_##_template, \
+ .event_notifier_func = __event_notifier_probe__syscall_entry_##_template, \
.nrargs = (_nrargs), \
.fields = __event_fields___syscall_entry_##_template, \
.desc = &__event_desc___syscall_entry_##_name, \
#define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
[ _nr ] = { \
.event_func = __event_probe__compat_syscall_entry_##_template, \
+ .event_notifier_func = __event_notifier_probe__compat_syscall_entry_##_template, \
.nrargs = (_nrargs), \
.fields = __event_fields___compat_syscall_entry_##_template, \
.desc = &__event_desc___compat_syscall_entry_##_name, \
#define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
[ _nr ] = { \
.event_func = __event_probe__syscall_exit_##_template, \
+ .event_notifier_func = __event_notifier_probe__syscall_exit_##_template, \
.nrargs = (_nrargs), \
.fields = __event_fields___syscall_exit_##_template, \
.desc = &__event_desc___syscall_exit_##_name, \
#define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
[ _nr ] = { \
.event_func = __event_probe__compat_syscall_exit_##_template, \
+ .event_notifier_func = __event_notifier_probe__compat_syscall_exit_##_template, \
.nrargs = (_nrargs), \
.fields = __event_fields___compat_syscall_exit_##_template, \
.desc = &__event_desc___compat_syscall_exit_##_name, \
__event_probe__syscall_entry_unknown(event, id, args);
}
+static void syscall_entry_event_notifier_unknown(
+ struct lttng_event_notifier_group *notifier_group,
+ struct pt_regs *regs, unsigned int id)
+{
+ unsigned long args[LTTNG_SYSCALL_NR_ARGS];
+ struct lttng_event *event;
+
+ lttng_syscall_get_arguments(current, regs, args);
+ if (unlikely(in_compat_syscall()))
+ __event_probe__compat_syscall_notifier_entry_unknown(event, id, args);
+ else
+ __event_probe__syscall_notifier_entry_unknown(event, id, args);
+}
+
static __always_inline
void syscall_entry_call_func(void *func, unsigned int nrargs, void *data,
struct pt_regs *regs)
syscall_entry_call_func(entry->event_func, entry->nrargs, event, regs);
}
+void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs, long id)
+{
+ struct lttng_event_notifier_group *event_notifier_group = __data;
+ const struct trace_syscall_entry *entry;
+ struct list_head *dispatch_list;
+ struct lttng_event_notifier *iter;
+ size_t table_len;
+
+ if (unlikely(in_compat_syscall())) {
+ table_len = ARRAY_SIZE(compat_sc_table);
+ if (unlikely(id < 0 || id >= table_len)) {
+ return;
+ }
+ entry = &compat_sc_table[id];
+ dispatch_list = &event_notifier_group->event_notifier_compat_syscall_dispatch[id];
+ } else {
+ table_len = ARRAY_SIZE(sc_table);
+ if (unlikely(id < 0 || id >= table_len)) {
+ return;
+ }
+ entry = &sc_table[id];
+ dispatch_list = &event_notifier_group->event_notifier_syscall_dispatch[id];
+ }
+
+ if (unlikely(id < 0 || id >= table_len)) {
+ syscall_entry_event_notifier_unknown(event_notifier_group, regs, id);
+ return;
+ }
+
+ /* TODO handle unknown syscall */
+
+ list_for_each_entry_rcu(iter, dispatch_list, u.syscall.node) {
+ BUG_ON(iter->u.syscall.syscall_id != id);
+ syscall_entry_call_func(entry->event_notifier_func,
+ entry->nrargs, iter, regs);
+ }
+}
+
static void syscall_exit_event_unknown(struct lttng_event *event,
struct pt_regs *regs, int id, long ret)
{
}
/*
- * Only called at session destruction.
+ * Should be called with sessions lock held.
*/
+int lttng_syscalls_register_event_notifier(struct lttng_event_notifier_enabler *event_notifier_enabler, void *filter)
+{
+ struct lttng_event_notifier_group *group = event_notifier_enabler->group;
+ unsigned int i;
+ int ret = 0;
+
+ wrapper_vmalloc_sync_mappings();
+
+ if (!group->event_notifier_syscall_dispatch) {
+ group->event_notifier_syscall_dispatch = kzalloc(sizeof(struct list_head)
+ * ARRAY_SIZE(sc_table), GFP_KERNEL);
+ if (!group->event_notifier_syscall_dispatch)
+ return -ENOMEM;
+
+ /* Initialize all list_head */
+ for (i = 0; i < ARRAY_SIZE(sc_table); i++)
+ INIT_LIST_HEAD(&group->event_notifier_syscall_dispatch[i]);
+ }
+
+#ifdef CONFIG_COMPAT
+ if (!group->event_notifier_compat_syscall_dispatch) {
+ group->event_notifier_compat_syscall_dispatch = kzalloc(sizeof(struct list_head)
+ * ARRAY_SIZE(compat_sc_table), GFP_KERNEL);
+ if (!group->event_notifier_syscall_dispatch)
+ return -ENOMEM;
+
+ /* Initialize all list_head */
+ for (i = 0; i < ARRAY_SIZE(compat_sc_table); i++)
+ INIT_LIST_HEAD(&group->event_notifier_compat_syscall_dispatch[i]);
+ }
+#endif
+
+ if (!group->sys_enter_registered) {
+ ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
+ (void *) syscall_entry_event_notifier_probe, group);
+ if (ret)
+ return ret;
+ group->sys_enter_registered = 1;
+ }
+
+ return ret;
+}
+
+static int create_matching_event_notifiers(struct lttng_event_notifier_enabler *event_notifier_enabler,
+ void *filter, const struct trace_syscall_entry *table,
+ size_t table_len, bool is_compat)
+{
+ struct lttng_event_notifier_group *group = event_notifier_enabler->group;
+ const struct lttng_event_desc *desc;
+ uint64_t user_token = event_notifier_enabler->base.user_token;
+ unsigned int i;
+ int ret = 0;
+
+ /* iterate over all syscall and create event_notifier that match */
+ for (i = 0; i < table_len; i++) {
+ struct lttng_event_notifier *event_notifier;
+ struct lttng_kernel_event_notifier event_notifier_param;
+ struct hlist_head *head;
+ int found = 0;
+
+ desc = table[i].desc;
+ if (!desc) {
+ /* Unknown syscall */
+ continue;
+ }
+
+ if (!lttng_desc_match_enabler(desc,
+ lttng_event_notifier_enabler_as_enabler(event_notifier_enabler)))
+ continue;
+
+ /*
+ * Check if already created.
+ */
+ head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
+ LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->name);
+ lttng_hlist_for_each_entry(event_notifier, head, hlist) {
+ if (event_notifier->desc == desc
+ && event_notifier->user_token == event_notifier_enabler->base.user_token)
+ found = 1;
+ }
+ if (found)
+ continue;
+
+ memset(&event_notifier_param, 0, sizeof(event_notifier_param));
+ strncat(event_notifier_param.event.name, desc->name,
+ LTTNG_KERNEL_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
+ event_notifier_param.event.name[LTTNG_KERNEL_SYM_NAME_LEN - 1] = '\0';
+ event_notifier_param.event.instrumentation = LTTNG_KERNEL_SYSCALL;
+
+ event_notifier = _lttng_event_notifier_create(desc, user_token, group,
+ &event_notifier_param, filter,
+ event_notifier_param.event.instrumentation);
+ if (IS_ERR(event_notifier)) {
+ printk(KERN_INFO "Unable to create event_notifier %s\n",
+ desc->name);
+ ret = -ENOMEM;
+ goto end;
+ }
+
+ event_notifier->u.syscall.syscall_id = i;
+ event_notifier->u.syscall.is_compat = is_compat;
+ }
+end:
+ return ret;
+
+}
+
+int lttng_syscals_create_matching_event_notifiers(struct lttng_event_notifier_enabler *event_notifier_enabler, void *filter)
+{
+ int ret;
+
+ ret = create_matching_event_notifiers(event_notifier_enabler, filter, sc_table,
+ ARRAY_SIZE(sc_table), false);
+ if (ret)
+ goto end;
+
+ ret = create_matching_event_notifiers(event_notifier_enabler, filter, compat_sc_table,
+ ARRAY_SIZE(compat_sc_table), true);
+end:
+ return ret;
+}
+
+/*
+ * Unregister the syscall event_notifier probes from the callsites.
+ */
+int lttng_syscalls_unregister_event_notifier(struct lttng_event_notifier_group *event_notifier_group)
+{
+ int ret;
+
+ /*
+ * Only register the event_notifier probe on the `sys_enter` callsite for now.
+ * At the moment, we don't think it's desirable to have one fired
+ * event_notifier for the entry and one for the exit of a syscall.
+ */
+ if (event_notifier_group->sys_enter_registered) {
+ ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
+ (void *) syscall_entry_event_notifier_probe, event_notifier_group);
+ if (ret)
+ return ret;
+ event_notifier_group->sys_enter_registered = 0;
+ }
+
+ kfree(event_notifier_group->event_notifier_syscall_dispatch);
+#ifdef CONFIG_COMPAT
+ kfree(event_notifier_group->event_notifier_compat_syscall_dispatch);
+#endif
+ return 0;
+}
+
int lttng_syscalls_unregister_event(struct lttng_channel *chan)
{
int ret;
return 0;
}
+int lttng_syscall_filter_enable_event_notifier(
+ struct lttng_event_notifier *event_notifier)
+{
+ struct lttng_event_notifier_group *group = event_notifier->group;
+ unsigned int syscall_id = event_notifier->u.syscall.syscall_id;
+ struct list_head *dispatch_list;
+
+ if (event_notifier->u.syscall.is_compat)
+ dispatch_list = &group->event_notifier_compat_syscall_dispatch[syscall_id];
+ else
+ dispatch_list = &group->event_notifier_syscall_dispatch[syscall_id];
+
+ list_add_rcu(&event_notifier->u.syscall.node, dispatch_list);
+
+ return 0;
+}
+
int lttng_syscall_filter_disable_event(struct lttng_channel *chan,
struct lttng_event *event)
{
return 0;
}
+int lttng_syscall_filter_disable_event_notifier(
+ struct lttng_event_notifier *event_notifier)
+{
+ list_del_rcu(&event_notifier->u.syscall.node);
+ return 0;
+}
+
static
const struct trace_syscall_entry *syscall_list_get_entry(loff_t *pos)
{
projects / lttng-modules.git / commitdiff
