4 * LTTng syscall probes.
6 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; only
11 * version 2.1 of the License.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
23 #include <linux/module.h>
24 #include <linux/slab.h>
25 #include <linux/compat.h>
26 #include <linux/err.h>
27 #include <linux/bitmap.h>
29 #include <linux/in6.h>
30 #include <linux/seq_file.h>
31 #include <linux/stringify.h>
32 #include <linux/file.h>
33 #include <linux/anon_inodes.h>
34 #include <asm/ptrace.h>
35 #include <asm/syscall.h>
37 #include <lib/bitfield.h>
38 #include <wrapper/tracepoint.h>
39 #include <wrapper/file.h>
40 #include <wrapper/rcu.h>
41 #include <wrapper/syscall.h>
42 #include <lttng-events.h>
45 # ifndef is_compat_task
46 # define is_compat_task() (0)
50 /* in_compat_syscall appears in kernel 4.6. */
51 #ifndef in_compat_syscall
52 #define in_compat_syscall() is_compat_task()
62 #define SYSCALL_ENTRY_TOK syscall_entry_
63 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
64 #define SYSCALL_EXIT_TOK syscall_exit_
65 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
67 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
68 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
69 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
70 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
73 void syscall_entry_probe(void *__data
, struct pt_regs
*regs
, long id
);
75 void syscall_exit_probe(void *__data
, struct pt_regs
*regs
, long ret
);
78 * Forward declarations for old kernels.
82 struct oldold_utsname
;
84 struct sel_arg_struct
;
85 struct mmap_arg_struct
;
89 #ifdef IA32_NR_syscalls
90 #define NR_compat_syscalls IA32_NR_syscalls
92 #define NR_compat_syscalls NR_syscalls
96 * Create LTTng tracepoint probes.
98 #define LTTNG_PACKAGE_BUILD
99 #define CREATE_TRACE_POINTS
100 #define TP_MODULE_NOINIT
101 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
103 #define PARAMS(args...) args
105 /* Handle unknown syscalls */
107 #define TRACE_SYSTEM syscalls_unknown
108 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
116 #define sc_in(...) __VA_ARGS__
120 #define sc_inout(...) __VA_ARGS__
122 /* Hijack probe callback for system call enter */
124 #define TP_PROBE_CB(_template) &syscall_entry_probe
125 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
126 LTTNG_TRACEPOINT_EVENT(syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
128 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
129 LTTNG_TRACEPOINT_EVENT_CODE(syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
130 PARAMS(_locvar), PARAMS(_code_pre), \
131 PARAMS(_fields), PARAMS(_code_post))
132 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
133 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(syscall_entry_##_name, PARAMS(_fields))
134 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
135 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(syscall_entry_##_template, syscall_entry_##_name)
136 /* Enumerations only defined at first inclusion. */
137 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values) \
138 LTTNG_TRACEPOINT_ENUM(_name, PARAMS(_values))
140 #define TRACE_SYSTEM syscall_entry_integers
141 #define TRACE_INCLUDE_FILE syscalls_integers
142 #include <instrumentation/syscalls/headers/syscalls_integers.h>
143 #undef TRACE_INCLUDE_FILE
145 #define TRACE_SYSTEM syscall_entry_pointers
146 #define TRACE_INCLUDE_FILE syscalls_pointers
147 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
148 #undef TRACE_INCLUDE_FILE
150 #undef SC_LTTNG_TRACEPOINT_ENUM
151 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
152 #undef SC_LTTNG_TRACEPOINT_EVENT
153 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
154 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
156 #undef _TRACE_SYSCALLS_INTEGERS_H
157 #undef _TRACE_SYSCALLS_POINTERS_H
159 /* Hijack probe callback for compat system call enter */
160 #define TP_PROBE_CB(_template) &syscall_entry_probe
161 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
162 LTTNG_TRACEPOINT_EVENT(compat_syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
164 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
165 LTTNG_TRACEPOINT_EVENT_CODE(compat_syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
166 PARAMS(_locvar), PARAMS(_code_pre), PARAMS(_fields), PARAMS(_code_post))
167 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
168 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(compat_syscall_entry_##_name, PARAMS(_fields))
169 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
170 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(compat_syscall_entry_##_template, \
171 compat_syscall_entry_##_name)
172 /* Enumerations only defined at inital inclusion (not here). */
173 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values)
174 #define TRACE_SYSTEM compat_syscall_entry_integers
175 #define TRACE_INCLUDE_FILE compat_syscalls_integers
176 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
177 #undef TRACE_INCLUDE_FILE
179 #define TRACE_SYSTEM compat_syscall_entry_pointers
180 #define TRACE_INCLUDE_FILE compat_syscalls_pointers
181 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
182 #undef TRACE_INCLUDE_FILE
184 #undef SC_LTTNG_TRACEPOINT_ENUM
185 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
186 #undef SC_LTTNG_TRACEPOINT_EVENT
187 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
188 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
190 #undef _TRACE_SYSCALLS_INTEGERS_H
191 #undef _TRACE_SYSCALLS_POINTERS_H
198 #define sc_exit(...) __VA_ARGS__
202 #define sc_out(...) __VA_ARGS__
204 #define sc_inout(...) __VA_ARGS__
206 /* Hijack probe callback for system call exit */
207 #define TP_PROBE_CB(_template) &syscall_exit_probe
208 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
209 LTTNG_TRACEPOINT_EVENT(syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
211 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
212 LTTNG_TRACEPOINT_EVENT_CODE(syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
213 PARAMS(_locvar), PARAMS(_code_pre), PARAMS(_fields), PARAMS(_code_post))
214 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
215 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(syscall_exit_##_name, PARAMS(_fields))
216 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
217 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(syscall_exit_##_template, \
218 syscall_exit_##_name)
219 /* Enumerations only defined at inital inclusion (not here). */
220 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values)
221 #define TRACE_SYSTEM syscall_exit_integers
222 #define TRACE_INCLUDE_FILE syscalls_integers
223 #include <instrumentation/syscalls/headers/syscalls_integers.h>
224 #undef TRACE_INCLUDE_FILE
226 #define TRACE_SYSTEM syscall_exit_pointers
227 #define TRACE_INCLUDE_FILE syscalls_pointers
228 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
229 #undef TRACE_INCLUDE_FILE
231 #undef SC_LTTNG_TRACEPOINT_ENUM
232 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
233 #undef SC_LTTNG_TRACEPOINT_EVENT
234 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
235 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
237 #undef _TRACE_SYSCALLS_INTEGERS_H
238 #undef _TRACE_SYSCALLS_POINTERS_H
241 /* Hijack probe callback for compat system call exit */
242 #define TP_PROBE_CB(_template) &syscall_exit_probe
243 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
244 LTTNG_TRACEPOINT_EVENT(compat_syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
246 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
247 LTTNG_TRACEPOINT_EVENT_CODE(compat_syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
248 PARAMS(_locvar), PARAMS(_code_pre), PARAMS(_fields), PARAMS(_code_post))
249 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
250 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(compat_syscall_exit_##_name, PARAMS(_fields))
251 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
252 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(compat_syscall_exit_##_template, \
253 compat_syscall_exit_##_name)
254 /* Enumerations only defined at inital inclusion (not here). */
255 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values)
256 #define TRACE_SYSTEM compat_syscall_exit_integers
257 #define TRACE_INCLUDE_FILE compat_syscalls_integers
258 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
259 #undef TRACE_INCLUDE_FILE
261 #define TRACE_SYSTEM compat_syscall_exit_pointers
262 #define TRACE_INCLUDE_FILE compat_syscalls_pointers
263 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
264 #undef TRACE_INCLUDE_FILE
266 #undef SC_LTTNG_TRACEPOINT_ENUM
267 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
268 #undef SC_LTTNG_TRACEPOINT_EVENT
269 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
270 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
272 #undef _TRACE_SYSCALLS_INTEGERS_H
273 #undef _TRACE_SYSCALLS_POINTERS_H
277 #undef TP_MODULE_NOINIT
278 #undef LTTNG_PACKAGE_BUILD
279 #undef CREATE_TRACE_POINTS
281 struct trace_syscall_entry
{
283 const struct lttng_event_desc
*desc
;
284 const struct lttng_event_field
*fields
;
288 #define CREATE_SYSCALL_TABLE
295 #undef TRACE_SYSCALL_TABLE
296 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
298 .func = __event_probe__syscall_entry_##_template, \
299 .nrargs = (_nrargs), \
300 .fields = __event_fields___syscall_entry_##_template, \
301 .desc = &__event_desc___syscall_entry_##_name, \
304 /* Syscall enter tracing table */
305 static const struct trace_syscall_entry sc_table
[] = {
306 #include <instrumentation/syscalls/headers/syscalls_integers.h>
307 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
310 #undef TRACE_SYSCALL_TABLE
311 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
313 .func = __event_probe__compat_syscall_entry_##_template, \
314 .nrargs = (_nrargs), \
315 .fields = __event_fields___compat_syscall_entry_##_template, \
316 .desc = &__event_desc___compat_syscall_entry_##_name, \
319 /* Compat syscall enter table */
320 const struct trace_syscall_entry compat_sc_table
[] = {
321 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
322 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
330 #define sc_exit(...) __VA_ARGS__
332 #undef TRACE_SYSCALL_TABLE
333 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
335 .func = __event_probe__syscall_exit_##_template, \
336 .nrargs = (_nrargs), \
337 .fields = __event_fields___syscall_exit_##_template, \
338 .desc = &__event_desc___syscall_exit_##_name, \
341 /* Syscall exit table */
342 static const struct trace_syscall_entry sc_exit_table
[] = {
343 #include <instrumentation/syscalls/headers/syscalls_integers.h>
344 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
347 #undef TRACE_SYSCALL_TABLE
348 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
350 .func = __event_probe__compat_syscall_exit_##_template, \
351 .nrargs = (_nrargs), \
352 .fields = __event_fields___compat_syscall_exit_##_template, \
353 .desc = &__event_desc___compat_syscall_exit_##_name, \
356 /* Compat syscall exit table */
357 const struct trace_syscall_entry compat_sc_exit_table
[] = {
358 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
359 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
364 #undef CREATE_SYSCALL_TABLE
366 struct lttng_syscall_filter
{
367 DECLARE_BITMAP(sc
, NR_syscalls
);
368 DECLARE_BITMAP(sc_compat
, NR_compat_syscalls
);
371 static void syscall_entry_unknown(struct lttng_event
*event
,
372 struct pt_regs
*regs
, unsigned int id
)
374 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
376 lttng_syscall_get_arguments(current
, regs
, args
);
377 if (unlikely(in_compat_syscall()))
378 __event_probe__compat_syscall_entry_unknown(event
, id
, args
);
380 __event_probe__syscall_entry_unknown(event
, id
, args
);
383 void syscall_entry_probe(void *__data
, struct pt_regs
*regs
, long id
)
385 struct lttng_channel
*chan
= __data
;
386 struct lttng_event
*event
, *unknown_event
;
387 const struct trace_syscall_entry
*table
, *entry
;
390 if (unlikely(in_compat_syscall())) {
391 struct lttng_syscall_filter
*filter
;
393 filter
= lttng_rcu_dereference(chan
->sc_filter
);
395 if (id
< 0 || id
>= NR_compat_syscalls
396 || !test_bit(id
, filter
->sc_compat
)) {
397 /* System call filtered out. */
401 table
= compat_sc_table
;
402 table_len
= ARRAY_SIZE(compat_sc_table
);
403 unknown_event
= chan
->sc_compat_unknown
;
405 struct lttng_syscall_filter
*filter
;
407 filter
= lttng_rcu_dereference(chan
->sc_filter
);
409 if (id
< 0 || id
>= NR_syscalls
410 || !test_bit(id
, filter
->sc
)) {
411 /* System call filtered out. */
416 table_len
= ARRAY_SIZE(sc_table
);
417 unknown_event
= chan
->sc_unknown
;
419 if (unlikely(id
< 0 || id
>= table_len
)) {
420 syscall_entry_unknown(unknown_event
, regs
, id
);
423 if (unlikely(in_compat_syscall()))
424 event
= chan
->compat_sc_table
[id
];
426 event
= chan
->sc_table
[id
];
427 if (unlikely(!event
)) {
428 syscall_entry_unknown(unknown_event
, regs
, id
);
432 WARN_ON_ONCE(!entry
);
434 switch (entry
->nrargs
) {
437 void (*fptr
)(void *__data
) = entry
->func
;
444 void (*fptr
)(void *__data
, unsigned long arg0
) = entry
->func
;
445 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
447 lttng_syscall_get_arguments(current
, regs
, args
);
448 fptr(event
, args
[0]);
453 void (*fptr
)(void *__data
,
455 unsigned long arg1
) = entry
->func
;
456 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
458 lttng_syscall_get_arguments(current
, regs
, args
);
459 fptr(event
, args
[0], args
[1]);
464 void (*fptr
)(void *__data
,
467 unsigned long arg2
) = entry
->func
;
468 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
470 lttng_syscall_get_arguments(current
, regs
, args
);
471 fptr(event
, args
[0], args
[1], args
[2]);
476 void (*fptr
)(void *__data
,
480 unsigned long arg3
) = entry
->func
;
481 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
483 lttng_syscall_get_arguments(current
, regs
, args
);
484 fptr(event
, args
[0], args
[1], args
[2], args
[3]);
489 void (*fptr
)(void *__data
,
494 unsigned long arg4
) = entry
->func
;
495 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
497 lttng_syscall_get_arguments(current
, regs
, args
);
498 fptr(event
, args
[0], args
[1], args
[2], args
[3], args
[4]);
503 void (*fptr
)(void *__data
,
509 unsigned long arg5
) = entry
->func
;
510 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
512 lttng_syscall_get_arguments(current
, regs
, args
);
513 fptr(event
, args
[0], args
[1], args
[2],
514 args
[3], args
[4], args
[5]);
522 static void syscall_exit_unknown(struct lttng_event
*event
,
523 struct pt_regs
*regs
, int id
, long ret
)
525 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
527 lttng_syscall_get_arguments(current
, regs
, args
);
528 if (unlikely(in_compat_syscall()))
529 __event_probe__compat_syscall_exit_unknown(event
, id
, ret
,
532 __event_probe__syscall_exit_unknown(event
, id
, ret
, args
);
535 void syscall_exit_probe(void *__data
, struct pt_regs
*regs
, long ret
)
537 struct lttng_channel
*chan
= __data
;
538 struct lttng_event
*event
, *unknown_event
;
539 const struct trace_syscall_entry
*table
, *entry
;
543 id
= syscall_get_nr(current
, regs
);
544 if (unlikely(in_compat_syscall())) {
545 struct lttng_syscall_filter
*filter
;
547 filter
= lttng_rcu_dereference(chan
->sc_filter
);
549 if (id
< 0 || id
>= NR_compat_syscalls
550 || !test_bit(id
, filter
->sc_compat
)) {
551 /* System call filtered out. */
555 table
= compat_sc_exit_table
;
556 table_len
= ARRAY_SIZE(compat_sc_exit_table
);
557 unknown_event
= chan
->compat_sc_exit_unknown
;
559 struct lttng_syscall_filter
*filter
;
561 filter
= lttng_rcu_dereference(chan
->sc_filter
);
563 if (id
< 0 || id
>= NR_syscalls
564 || !test_bit(id
, filter
->sc
)) {
565 /* System call filtered out. */
569 table
= sc_exit_table
;
570 table_len
= ARRAY_SIZE(sc_exit_table
);
571 unknown_event
= chan
->sc_exit_unknown
;
573 if (unlikely(id
< 0 || id
>= table_len
)) {
574 syscall_exit_unknown(unknown_event
, regs
, id
, ret
);
577 if (unlikely(in_compat_syscall()))
578 event
= chan
->compat_sc_exit_table
[id
];
580 event
= chan
->sc_exit_table
[id
];
581 if (unlikely(!event
)) {
582 syscall_exit_unknown(unknown_event
, regs
, id
, ret
);
586 WARN_ON_ONCE(!entry
);
588 switch (entry
->nrargs
) {
591 void (*fptr
)(void *__data
, long ret
) = entry
->func
;
598 void (*fptr
)(void *__data
,
600 unsigned long arg0
) = entry
->func
;
601 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
603 lttng_syscall_get_arguments(current
, regs
, args
);
604 fptr(event
, ret
, args
[0]);
609 void (*fptr
)(void *__data
,
612 unsigned long arg1
) = entry
->func
;
613 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
615 lttng_syscall_get_arguments(current
, regs
, args
);
616 fptr(event
, ret
, args
[0], args
[1]);
621 void (*fptr
)(void *__data
,
625 unsigned long arg2
) = entry
->func
;
626 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
628 lttng_syscall_get_arguments(current
, regs
, args
);
629 fptr(event
, ret
, args
[0], args
[1], args
[2]);
634 void (*fptr
)(void *__data
,
639 unsigned long arg3
) = entry
->func
;
640 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
642 lttng_syscall_get_arguments(current
, regs
, args
);
643 fptr(event
, ret
, args
[0], args
[1], args
[2], args
[3]);
648 void (*fptr
)(void *__data
,
654 unsigned long arg4
) = entry
->func
;
655 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
657 lttng_syscall_get_arguments(current
, regs
, args
);
658 fptr(event
, ret
, args
[0], args
[1], args
[2], args
[3], args
[4]);
663 void (*fptr
)(void *__data
,
670 unsigned long arg5
) = entry
->func
;
671 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
673 lttng_syscall_get_arguments(current
, regs
, args
);
674 fptr(event
, ret
, args
[0], args
[1], args
[2],
675 args
[3], args
[4], args
[5]);
684 * noinline to diminish caller stack size.
685 * Should be called with sessions lock held.
688 int fill_table(const struct trace_syscall_entry
*table
, size_t table_len
,
689 struct lttng_event
**chan_table
, struct lttng_channel
*chan
,
690 void *filter
, enum sc_type type
)
692 const struct lttng_event_desc
*desc
;
695 /* Allocate events for each syscall, insert into table */
696 for (i
= 0; i
< table_len
; i
++) {
697 struct lttng_kernel_event ev
;
698 desc
= table
[i
].desc
;
701 /* Unknown syscall */
705 * Skip those already populated by previous failed
706 * register for this channel.
710 memset(&ev
, 0, sizeof(ev
));
713 strncpy(ev
.name
, SYSCALL_ENTRY_STR
,
714 LTTNG_KERNEL_SYM_NAME_LEN
);
717 strncpy(ev
.name
, SYSCALL_EXIT_STR
,
718 LTTNG_KERNEL_SYM_NAME_LEN
);
720 case SC_TYPE_COMPAT_ENTRY
:
721 strncpy(ev
.name
, COMPAT_SYSCALL_ENTRY_STR
,
722 LTTNG_KERNEL_SYM_NAME_LEN
);
724 case SC_TYPE_COMPAT_EXIT
:
725 strncpy(ev
.name
, COMPAT_SYSCALL_EXIT_STR
,
726 LTTNG_KERNEL_SYM_NAME_LEN
);
732 strncat(ev
.name
, desc
->name
,
733 LTTNG_KERNEL_SYM_NAME_LEN
- strlen(ev
.name
) - 1);
734 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
735 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
736 chan_table
[i
] = _lttng_event_create(chan
, &ev
, filter
,
737 desc
, ev
.instrumentation
);
738 WARN_ON_ONCE(!chan_table
[i
]);
739 if (IS_ERR(chan_table
[i
])) {
741 * If something goes wrong in event registration
742 * after the first one, we have no choice but to
743 * leave the previous events in there, until
744 * deleted by session teardown.
746 return PTR_ERR(chan_table
[i
]);
753 * Should be called with sessions lock held.
755 int lttng_syscalls_register(struct lttng_channel
*chan
, void *filter
)
757 struct lttng_kernel_event ev
;
760 wrapper_vmalloc_sync_all();
762 if (!chan
->sc_table
) {
763 /* create syscall table mapping syscall to events */
764 chan
->sc_table
= kzalloc(sizeof(struct lttng_event
*)
765 * ARRAY_SIZE(sc_table
), GFP_KERNEL
);
769 if (!chan
->sc_exit_table
) {
770 /* create syscall table mapping syscall to events */
771 chan
->sc_exit_table
= kzalloc(sizeof(struct lttng_event
*)
772 * ARRAY_SIZE(sc_exit_table
), GFP_KERNEL
);
773 if (!chan
->sc_exit_table
)
779 if (!chan
->compat_sc_table
) {
780 /* create syscall table mapping compat syscall to events */
781 chan
->compat_sc_table
= kzalloc(sizeof(struct lttng_event
*)
782 * ARRAY_SIZE(compat_sc_table
), GFP_KERNEL
);
783 if (!chan
->compat_sc_table
)
787 if (!chan
->compat_sc_exit_table
) {
788 /* create syscall table mapping compat syscall to events */
789 chan
->compat_sc_exit_table
= kzalloc(sizeof(struct lttng_event
*)
790 * ARRAY_SIZE(compat_sc_exit_table
), GFP_KERNEL
);
791 if (!chan
->compat_sc_exit_table
)
795 if (!chan
->sc_unknown
) {
796 const struct lttng_event_desc
*desc
=
797 &__event_desc___syscall_entry_unknown
;
799 memset(&ev
, 0, sizeof(ev
));
800 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
801 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
802 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
803 chan
->sc_unknown
= _lttng_event_create(chan
, &ev
, filter
,
806 WARN_ON_ONCE(!chan
->sc_unknown
);
807 if (IS_ERR(chan
->sc_unknown
)) {
808 return PTR_ERR(chan
->sc_unknown
);
812 if (!chan
->sc_compat_unknown
) {
813 const struct lttng_event_desc
*desc
=
814 &__event_desc___compat_syscall_entry_unknown
;
816 memset(&ev
, 0, sizeof(ev
));
817 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
818 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
819 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
820 chan
->sc_compat_unknown
= _lttng_event_create(chan
, &ev
, filter
,
823 WARN_ON_ONCE(!chan
->sc_unknown
);
824 if (IS_ERR(chan
->sc_compat_unknown
)) {
825 return PTR_ERR(chan
->sc_compat_unknown
);
829 if (!chan
->compat_sc_exit_unknown
) {
830 const struct lttng_event_desc
*desc
=
831 &__event_desc___compat_syscall_exit_unknown
;
833 memset(&ev
, 0, sizeof(ev
));
834 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
835 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
836 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
837 chan
->compat_sc_exit_unknown
= _lttng_event_create(chan
, &ev
,
840 WARN_ON_ONCE(!chan
->compat_sc_exit_unknown
);
841 if (IS_ERR(chan
->compat_sc_exit_unknown
)) {
842 return PTR_ERR(chan
->compat_sc_exit_unknown
);
846 if (!chan
->sc_exit_unknown
) {
847 const struct lttng_event_desc
*desc
=
848 &__event_desc___syscall_exit_unknown
;
850 memset(&ev
, 0, sizeof(ev
));
851 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
852 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
853 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
854 chan
->sc_exit_unknown
= _lttng_event_create(chan
, &ev
, filter
,
855 desc
, ev
.instrumentation
);
856 WARN_ON_ONCE(!chan
->sc_exit_unknown
);
857 if (IS_ERR(chan
->sc_exit_unknown
)) {
858 return PTR_ERR(chan
->sc_exit_unknown
);
862 ret
= fill_table(sc_table
, ARRAY_SIZE(sc_table
),
863 chan
->sc_table
, chan
, filter
, SC_TYPE_ENTRY
);
866 ret
= fill_table(sc_exit_table
, ARRAY_SIZE(sc_exit_table
),
867 chan
->sc_exit_table
, chan
, filter
, SC_TYPE_EXIT
);
872 ret
= fill_table(compat_sc_table
, ARRAY_SIZE(compat_sc_table
),
873 chan
->compat_sc_table
, chan
, filter
,
874 SC_TYPE_COMPAT_ENTRY
);
877 ret
= fill_table(compat_sc_exit_table
, ARRAY_SIZE(compat_sc_exit_table
),
878 chan
->compat_sc_exit_table
, chan
, filter
,
879 SC_TYPE_COMPAT_EXIT
);
883 if (!chan
->sys_enter_registered
) {
884 ret
= lttng_wrapper_tracepoint_probe_register("sys_enter",
885 (void *) syscall_entry_probe
, chan
);
888 chan
->sys_enter_registered
= 1;
891 * We change the name of sys_exit tracepoint due to namespace
892 * conflict with sys_exit syscall entry.
894 if (!chan
->sys_exit_registered
) {
895 ret
= lttng_wrapper_tracepoint_probe_register("sys_exit",
896 (void *) syscall_exit_probe
, chan
);
898 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
899 (void *) syscall_entry_probe
, chan
));
902 chan
->sys_exit_registered
= 1;
908 * Only called at session destruction.
910 int lttng_syscalls_unregister(struct lttng_channel
*chan
)
916 if (chan
->sys_enter_registered
) {
917 ret
= lttng_wrapper_tracepoint_probe_unregister("sys_exit",
918 (void *) syscall_exit_probe
, chan
);
921 chan
->sys_enter_registered
= 0;
923 if (chan
->sys_exit_registered
) {
924 ret
= lttng_wrapper_tracepoint_probe_unregister("sys_enter",
925 (void *) syscall_entry_probe
, chan
);
928 chan
->sys_exit_registered
= 0;
930 /* lttng_event destroy will be performed by lttng_session_destroy() */
931 kfree(chan
->sc_table
);
932 kfree(chan
->sc_exit_table
);
934 kfree(chan
->compat_sc_table
);
935 kfree(chan
->compat_sc_exit_table
);
937 kfree(chan
->sc_filter
);
942 int get_syscall_nr(const char *syscall_name
)
947 for (i
= 0; i
< ARRAY_SIZE(sc_table
); i
++) {
948 const struct trace_syscall_entry
*entry
;
951 entry
= &sc_table
[i
];
954 it_name
= entry
->desc
->name
;
955 it_name
+= strlen(SYSCALL_ENTRY_STR
);
956 if (!strcmp(syscall_name
, it_name
)) {
965 int get_compat_syscall_nr(const char *syscall_name
)
970 for (i
= 0; i
< ARRAY_SIZE(compat_sc_table
); i
++) {
971 const struct trace_syscall_entry
*entry
;
974 entry
= &compat_sc_table
[i
];
977 it_name
= entry
->desc
->name
;
978 it_name
+= strlen(COMPAT_SYSCALL_ENTRY_STR
);
979 if (!strcmp(syscall_name
, it_name
)) {
988 uint32_t get_sc_tables_len(void)
990 return ARRAY_SIZE(sc_table
) + ARRAY_SIZE(compat_sc_table
);
993 int lttng_syscall_filter_enable(struct lttng_channel
*chan
,
996 int syscall_nr
, compat_syscall_nr
, ret
;
997 struct lttng_syscall_filter
*filter
;
999 WARN_ON_ONCE(!chan
->sc_table
);
1002 /* Enable all system calls by removing filter */
1003 if (chan
->sc_filter
) {
1004 filter
= chan
->sc_filter
;
1005 rcu_assign_pointer(chan
->sc_filter
, NULL
);
1006 synchronize_trace();
1009 chan
->syscall_all
= 1;
1013 if (!chan
->sc_filter
) {
1014 if (chan
->syscall_all
) {
1016 * All syscalls are already enabled.
1020 filter
= kzalloc(sizeof(struct lttng_syscall_filter
),
1025 filter
= chan
->sc_filter
;
1027 syscall_nr
= get_syscall_nr(name
);
1028 compat_syscall_nr
= get_compat_syscall_nr(name
);
1029 if (syscall_nr
< 0 && compat_syscall_nr
< 0) {
1033 if (syscall_nr
>= 0) {
1034 if (test_bit(syscall_nr
, filter
->sc
)) {
1038 bitmap_set(filter
->sc
, syscall_nr
, 1);
1040 if (compat_syscall_nr
>= 0) {
1041 if (test_bit(compat_syscall_nr
, filter
->sc_compat
)) {
1045 bitmap_set(filter
->sc_compat
, compat_syscall_nr
, 1);
1047 if (!chan
->sc_filter
)
1048 rcu_assign_pointer(chan
->sc_filter
, filter
);
1052 if (!chan
->sc_filter
)
1057 int lttng_syscall_filter_disable(struct lttng_channel
*chan
,
1060 int syscall_nr
, compat_syscall_nr
, ret
;
1061 struct lttng_syscall_filter
*filter
;
1063 WARN_ON_ONCE(!chan
->sc_table
);
1065 if (!chan
->sc_filter
) {
1066 if (!chan
->syscall_all
)
1068 filter
= kzalloc(sizeof(struct lttng_syscall_filter
),
1072 /* Trace all system calls, then apply disable. */
1073 bitmap_set(filter
->sc
, 0, NR_syscalls
);
1074 bitmap_set(filter
->sc_compat
, 0, NR_compat_syscalls
);
1076 filter
= chan
->sc_filter
;
1080 /* Fail if all syscalls are already disabled. */
1081 if (bitmap_empty(filter
->sc
, NR_syscalls
)
1082 && bitmap_empty(filter
->sc_compat
,
1083 NR_compat_syscalls
)) {
1088 /* Disable all system calls */
1089 bitmap_clear(filter
->sc
, 0, NR_syscalls
);
1090 bitmap_clear(filter
->sc_compat
, 0, NR_compat_syscalls
);
1093 syscall_nr
= get_syscall_nr(name
);
1094 compat_syscall_nr
= get_compat_syscall_nr(name
);
1095 if (syscall_nr
< 0 && compat_syscall_nr
< 0) {
1099 if (syscall_nr
>= 0) {
1100 if (!test_bit(syscall_nr
, filter
->sc
)) {
1104 bitmap_clear(filter
->sc
, syscall_nr
, 1);
1106 if (compat_syscall_nr
>= 0) {
1107 if (!test_bit(compat_syscall_nr
, filter
->sc_compat
)) {
1111 bitmap_clear(filter
->sc_compat
, compat_syscall_nr
, 1);
1114 if (!chan
->sc_filter
)
1115 rcu_assign_pointer(chan
->sc_filter
, filter
);
1116 chan
->syscall_all
= 0;
1120 if (!chan
->sc_filter
)
1126 const struct trace_syscall_entry
*syscall_list_get_entry(loff_t
*pos
)
1128 const struct trace_syscall_entry
*entry
;
1131 for (entry
= sc_table
;
1132 entry
< sc_table
+ ARRAY_SIZE(sc_table
);
1137 for (entry
= compat_sc_table
;
1138 entry
< compat_sc_table
+ ARRAY_SIZE(compat_sc_table
);
1148 void *syscall_list_start(struct seq_file
*m
, loff_t
*pos
)
1150 return (void *) syscall_list_get_entry(pos
);
1154 void *syscall_list_next(struct seq_file
*m
, void *p
, loff_t
*ppos
)
1157 return (void *) syscall_list_get_entry(ppos
);
1161 void syscall_list_stop(struct seq_file
*m
, void *p
)
1166 int get_sc_table(const struct trace_syscall_entry
*entry
,
1167 const struct trace_syscall_entry
**table
,
1168 unsigned int *bitness
)
1170 if (entry
>= sc_table
&& entry
< sc_table
+ ARRAY_SIZE(sc_table
)) {
1172 *bitness
= BITS_PER_LONG
;
1177 if (!(entry
>= compat_sc_table
1178 && entry
< compat_sc_table
+ ARRAY_SIZE(compat_sc_table
))) {
1184 *table
= compat_sc_table
;
1189 int syscall_list_show(struct seq_file
*m
, void *p
)
1191 const struct trace_syscall_entry
*table
, *entry
= p
;
1192 unsigned int bitness
;
1193 unsigned long index
;
1197 ret
= get_sc_table(entry
, &table
, &bitness
);
1202 if (table
== sc_table
) {
1203 index
= entry
- table
;
1204 name
= &entry
->desc
->name
[strlen(SYSCALL_ENTRY_STR
)];
1206 index
= (entry
- table
) + ARRAY_SIZE(sc_table
);
1207 name
= &entry
->desc
->name
[strlen(COMPAT_SYSCALL_ENTRY_STR
)];
1209 seq_printf(m
, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1210 index
, name
, bitness
);
1215 const struct seq_operations lttng_syscall_list_seq_ops
= {
1216 .start
= syscall_list_start
,
1217 .next
= syscall_list_next
,
1218 .stop
= syscall_list_stop
,
1219 .show
= syscall_list_show
,
1223 int lttng_syscall_list_open(struct inode
*inode
, struct file
*file
)
1225 return seq_open(file
, <tng_syscall_list_seq_ops
);
1228 const struct file_operations lttng_syscall_list_fops
= {
1229 .owner
= THIS_MODULE
,
1230 .open
= lttng_syscall_list_open
,
1232 .llseek
= seq_lseek
,
1233 .release
= seq_release
,
1236 long lttng_channel_syscall_mask(struct lttng_channel
*channel
,
1237 struct lttng_kernel_syscall_mask __user
*usyscall_mask
)
1239 uint32_t len
, sc_tables_len
, bitmask_len
;
1242 struct lttng_syscall_filter
*filter
;
1244 ret
= get_user(len
, &usyscall_mask
->len
);
1247 sc_tables_len
= get_sc_tables_len();
1248 bitmask_len
= ALIGN(sc_tables_len
, 8) >> 3;
1249 if (len
< sc_tables_len
) {
1250 return put_user(sc_tables_len
, &usyscall_mask
->len
);
1252 /* Array is large enough, we can copy array to user-space. */
1253 tmp_mask
= kzalloc(bitmask_len
, GFP_KERNEL
);
1256 filter
= channel
->sc_filter
;
1258 for (bit
= 0; bit
< ARRAY_SIZE(sc_table
); bit
++) {
1261 if (channel
->sc_table
) {
1263 state
= test_bit(bit
, filter
->sc
);
1269 bt_bitfield_write_be(tmp_mask
, char, bit
, 1, state
);
1271 for (; bit
< sc_tables_len
; bit
++) {
1274 if (channel
->compat_sc_table
) {
1276 state
= test_bit(bit
- ARRAY_SIZE(sc_table
),
1283 bt_bitfield_write_be(tmp_mask
, char, bit
, 1, state
);
1285 if (copy_to_user(usyscall_mask
->mask
, tmp_mask
, bitmask_len
))
1291 int lttng_abi_syscall_list(void)
1293 struct file
*syscall_list_file
;
1296 file_fd
= lttng_get_unused_fd();
1302 syscall_list_file
= anon_inode_getfile("[lttng_syscall_list]",
1303 <tng_syscall_list_fops
,
1305 if (IS_ERR(syscall_list_file
)) {
1306 ret
= PTR_ERR(syscall_list_file
);
1309 ret
= lttng_syscall_list_fops
.open(NULL
, syscall_list_file
);
1312 fd_install(file_fd
, syscall_list_file
);
1316 fput(syscall_list_file
);
1318 put_unused_fd(file_fd
);