projects / lttng-modules.git / blob
? search:


2a9125a257595eed4dfab2a27388cc52d5724300
[lttng-modules.git] / src / lttng-syscalls.c
1 /* SPDX-License-Identifier: (GPL-2.0-only or LGPL-2.1-only)
2 *
3 * lttng-syscalls.c
4 *
5 * LTTng syscall probes.
6 *
7 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 */
9
10 #include <linux/module.h>
11 #include <linux/slab.h>
12 #include <linux/compat.h>
13 #include <linux/err.h>
14 #include <linux/bitmap.h>
15 #include <linux/in.h>
16 #include <linux/in6.h>
17 #include <linux/seq_file.h>
18 #include <linux/stringify.h>
19 #include <linux/file.h>
20 #include <linux/anon_inodes.h>
21 #include <linux/fcntl.h>
22 #include <linux/mman.h>
23 #include <asm/ptrace.h>
24 #include <asm/syscall.h>
25
26 #include <lttng/bitfield.h>
27 #include <wrapper/tracepoint.h>
28 #include <wrapper/file.h>
29 #include <wrapper/rcu.h>
30 #include <wrapper/syscall.h>
31 #include <lttng/events.h>
32 #include <lttng/events-internal.h>
33 #include <lttng/utils.h>
34
35 #include "lttng-syscalls.h"
36
37 #ifndef CONFIG_COMPAT
38 # ifndef is_compat_task
39 # define is_compat_task() (0)
40 # endif
41 #endif
42
43 /* in_compat_syscall appears in kernel 4.6. */
44 #ifndef in_compat_syscall
45 #define in_compat_syscall() is_compat_task()
46 #endif
47
48 enum sc_type {
49 SC_TYPE_ENTRY,
50 SC_TYPE_EXIT,
51 SC_TYPE_COMPAT_ENTRY,
52 SC_TYPE_COMPAT_EXIT,
53 };
54
55 #define SYSCALL_ENTRY_TOK syscall_entry_
56 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
57 #define SYSCALL_EXIT_TOK syscall_exit_
58 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
59
60 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
61 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
62 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
63 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
64
65 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id);
66 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret);
67
68 /*
69 * Forward declarations for old kernels.
70 */
71 struct mmsghdr;
72 struct rlimit64;
73 struct oldold_utsname;
74 struct old_utsname;
75 struct sel_arg_struct;
76 struct mmap_arg_struct;
77 struct file_handle;
78 struct user_msghdr;
79
80 /*
81 * Forward declaration for kernels >= 5.6
82 */
83 struct timex;
84 struct timeval;
85 struct itimerval;
86 struct itimerspec;
87
88 #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,6,0))
89 typedef __kernel_old_time_t time_t;
90 #endif
91
92 #ifdef IA32_NR_syscalls
93 #define NR_compat_syscalls IA32_NR_syscalls
94 #else
95 #define NR_compat_syscalls NR_syscalls
96 #endif
97
98 /*
99 * Create LTTng tracepoint probes.
100 */
101 #define LTTNG_PACKAGE_BUILD
102 #define CREATE_TRACE_POINTS
103 #define TP_MODULE_NOINIT
104 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
105
106 #define PARAMS(args...) args
107
108 /* Handle unknown syscalls */
109 #undef TRACE_SYSTEM
110 #define TRACE_SYSTEM syscalls_unknown
111 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
112 #undef TRACE_SYSTEM
113
114 #undef TP_PROBE_CB
115
116 extern const struct trace_syscall_table sc_table;
117 extern const struct trace_syscall_table compat_sc_table;
118
119 /* Event syscall exit table */
120 extern const struct trace_syscall_table sc_exit_table;
121 extern const struct trace_syscall_table compat_sc_exit_table;
122
123
124 #undef SC_EXIT
125
126 #undef CREATE_SYSCALL_TABLE
127
128 struct lttng_syscall_filter {
129 DECLARE_BITMAP(sc_entry, NR_syscalls);
130 DECLARE_BITMAP(sc_exit, NR_syscalls);
131 DECLARE_BITMAP(sc_compat_entry, NR_compat_syscalls);
132 DECLARE_BITMAP(sc_compat_exit, NR_compat_syscalls);
133 };
134
135 static
136 int lttng_syscalls_create_matching_event_notifiers(struct lttng_event_enabler_common *event_enabler);
137
138 static void syscall_entry_event_unknown(struct hlist_head *unknown_action_list_head,
139 struct pt_regs *regs, long id)
140 {
141 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
142 struct lttng_kernel_event_common_private *event_priv;
143
144 lttng_syscall_get_arguments(current, regs, args);
145 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
146 if (unlikely(in_compat_syscall()))
147 __event_probe__compat_syscall_entry_unknown(event_priv->pub, id, args);
148 else
149 __event_probe__syscall_entry_unknown(event_priv->pub, id, args);
150 }
151 }
152
153 static __always_inline
154 void syscall_entry_event_call_func(struct hlist_head *action_list,
155 void *func, unsigned int nrargs,
156 struct pt_regs *regs)
157 {
158 struct lttng_kernel_event_common_private *event_priv;
159
160 switch (nrargs) {
161 case 0:
162 {
163 void (*fptr)(void *__data) = func;
164
165 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
166 fptr(event_priv->pub);
167 break;
168 }
169 case 1:
170 {
171 void (*fptr)(void *__data, unsigned long arg0) = func;
172 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
173
174 lttng_syscall_get_arguments(current, regs, args);
175 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
176 fptr(event_priv->pub, args[0]);
177 break;
178 }
179 case 2:
180 {
181 void (*fptr)(void *__data,
182 unsigned long arg0,
183 unsigned long arg1) = func;
184 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
185
186 lttng_syscall_get_arguments(current, regs, args);
187 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
188 fptr(event_priv->pub, args[0], args[1]);
189 break;
190 }
191 case 3:
192 {
193 void (*fptr)(void *__data,
194 unsigned long arg0,
195 unsigned long arg1,
196 unsigned long arg2) = func;
197 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
198
199 lttng_syscall_get_arguments(current, regs, args);
200 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
201 fptr(event_priv->pub, args[0], args[1], args[2]);
202 break;
203 }
204 case 4:
205 {
206 void (*fptr)(void *__data,
207 unsigned long arg0,
208 unsigned long arg1,
209 unsigned long arg2,
210 unsigned long arg3) = func;
211 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
212
213 lttng_syscall_get_arguments(current, regs, args);
214 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
215 fptr(event_priv->pub, args[0], args[1], args[2], args[3]);
216 break;
217 }
218 case 5:
219 {
220 void (*fptr)(void *__data,
221 unsigned long arg0,
222 unsigned long arg1,
223 unsigned long arg2,
224 unsigned long arg3,
225 unsigned long arg4) = func;
226 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
227
228 lttng_syscall_get_arguments(current, regs, args);
229 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
230 fptr(event_priv->pub, args[0], args[1], args[2], args[3], args[4]);
231 break;
232 }
233 case 6:
234 {
235 void (*fptr)(void *__data,
236 unsigned long arg0,
237 unsigned long arg1,
238 unsigned long arg2,
239 unsigned long arg3,
240 unsigned long arg4,
241 unsigned long arg5) = func;
242 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
243
244 lttng_syscall_get_arguments(current, regs, args);
245 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
246 fptr(event_priv->pub, args[0], args[1], args[2],
247 args[3], args[4], args[5]);
248 break;
249 }
250 default:
251 break;
252 }
253 }
254
255 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id)
256 {
257 struct lttng_kernel_syscall_table *syscall_table = __data;
258 struct hlist_head *action_list, *unknown_action_list;
259 const struct trace_syscall_entry *table, *entry;
260 size_t table_len;
261
262 if (unlikely(in_compat_syscall())) {
263 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
264
265 if (id < 0 || id >= NR_compat_syscalls
266 || (!READ_ONCE(syscall_table->syscall_all_entry) && !test_bit(id, filter->sc_compat_entry))) {
267 /* System call filtered out. */
268 return;
269 }
270 table = compat_sc_table.table;
271 table_len = compat_sc_table.len;
272 unknown_action_list = &syscall_table->compat_unknown_syscall_dispatch;
273 } else {
274 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
275
276 if (id < 0 || id >= NR_syscalls
277 || (!READ_ONCE(syscall_table->syscall_all_entry) && !test_bit(id, filter->sc_entry))) {
278 /* System call filtered out. */
279 return;
280 }
281 table = sc_table.table;
282 table_len = sc_table.len;
283 unknown_action_list = &syscall_table->unknown_syscall_dispatch;
284 }
285 if (unlikely(id < 0 || id >= table_len)) {
286 syscall_entry_event_unknown(unknown_action_list, regs, id);
287 return;
288 }
289
290 entry = &table[id];
291 if (!entry->event_func) {
292 syscall_entry_event_unknown(unknown_action_list, regs, id);
293 return;
294 }
295
296 if (unlikely(in_compat_syscall())) {
297 action_list = &syscall_table->compat_syscall_dispatch[id];
298 } else {
299 action_list = &syscall_table->syscall_dispatch[id];
300 }
301 if (unlikely(hlist_empty(action_list)))
302 return;
303
304 syscall_entry_event_call_func(action_list, entry->event_func, entry->nrargs, regs);
305 }
306
307 static void syscall_exit_event_unknown(struct hlist_head *unknown_action_list_head,
308 struct pt_regs *regs, long id, long ret)
309 {
310 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
311 struct lttng_kernel_event_common_private *event_priv;
312
313 lttng_syscall_get_arguments(current, regs, args);
314 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
315 if (unlikely(in_compat_syscall()))
316 __event_probe__compat_syscall_exit_unknown(event_priv->pub, id, ret,
317 args);
318 else
319 __event_probe__syscall_exit_unknown(event_priv->pub, id, ret, args);
320 }
321 }
322
323 static __always_inline
324 void syscall_exit_event_call_func(struct hlist_head *action_list,
325 void *func, unsigned int nrargs,
326 struct pt_regs *regs, long ret)
327 {
328 struct lttng_kernel_event_common_private *event_priv;
329
330 switch (nrargs) {
331 case 0:
332 {
333 void (*fptr)(void *__data, long ret) = func;
334
335 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
336 fptr(event_priv->pub, ret);
337 break;
338 }
339 case 1:
340 {
341 void (*fptr)(void *__data,
342 long ret,
343 unsigned long arg0) = func;
344 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
345
346 lttng_syscall_get_arguments(current, regs, args);
347 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
348 fptr(event_priv->pub, ret, args[0]);
349 break;
350 }
351 case 2:
352 {
353 void (*fptr)(void *__data,
354 long ret,
355 unsigned long arg0,
356 unsigned long arg1) = func;
357 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
358
359 lttng_syscall_get_arguments(current, regs, args);
360 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
361 fptr(event_priv->pub, ret, args[0], args[1]);
362 break;
363 }
364 case 3:
365 {
366 void (*fptr)(void *__data,
367 long ret,
368 unsigned long arg0,
369 unsigned long arg1,
370 unsigned long arg2) = func;
371 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
372
373 lttng_syscall_get_arguments(current, regs, args);
374 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
375 fptr(event_priv->pub, ret, args[0], args[1], args[2]);
376 break;
377 }
378 case 4:
379 {
380 void (*fptr)(void *__data,
381 long ret,
382 unsigned long arg0,
383 unsigned long arg1,
384 unsigned long arg2,
385 unsigned long arg3) = func;
386 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
387
388 lttng_syscall_get_arguments(current, regs, args);
389 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
390 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3]);
391 break;
392 }
393 case 5:
394 {
395 void (*fptr)(void *__data,
396 long ret,
397 unsigned long arg0,
398 unsigned long arg1,
399 unsigned long arg2,
400 unsigned long arg3,
401 unsigned long arg4) = func;
402 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
403
404 lttng_syscall_get_arguments(current, regs, args);
405 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
406 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3], args[4]);
407 break;
408 }
409 case 6:
410 {
411 void (*fptr)(void *__data,
412 long ret,
413 unsigned long arg0,
414 unsigned long arg1,
415 unsigned long arg2,
416 unsigned long arg3,
417 unsigned long arg4,
418 unsigned long arg5) = func;
419 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
420
421 lttng_syscall_get_arguments(current, regs, args);
422 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
423 fptr(event_priv->pub, ret, args[0], args[1], args[2],
424 args[3], args[4], args[5]);
425 break;
426 }
427 default:
428 break;
429 }
430 }
431
432 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret)
433 {
434 struct lttng_kernel_syscall_table *syscall_table = __data;
435 struct hlist_head *action_list, *unknown_action_list;
436 const struct trace_syscall_entry *table, *entry;
437 size_t table_len;
438 long id;
439
440 id = syscall_get_nr(current, regs);
441
442 if (unlikely(in_compat_syscall())) {
443 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
444
445 if (id < 0 || id >= NR_compat_syscalls
446 || (!READ_ONCE(syscall_table->syscall_all_exit) && !test_bit(id, filter->sc_compat_exit))) {
447 /* System call filtered out. */
448 return;
449 }
450 table = compat_sc_exit_table.table;
451 table_len = compat_sc_exit_table.len;
452 unknown_action_list = &syscall_table->compat_unknown_syscall_exit_dispatch;
453 } else {
454 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
455
456 if (id < 0 || id >= NR_syscalls
457 || (!READ_ONCE(syscall_table->syscall_all_exit) && !test_bit(id, filter->sc_exit))) {
458 /* System call filtered out. */
459 return;
460 }
461 table = sc_exit_table.table;
462 table_len = sc_exit_table.len;
463 unknown_action_list = &syscall_table->unknown_syscall_exit_dispatch;
464 }
465 if (unlikely(id < 0 || id >= table_len)) {
466 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
467 return;
468 }
469
470 entry = &table[id];
471 if (!entry->event_func) {
472 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
473 return;
474 }
475
476 if (unlikely(in_compat_syscall())) {
477 action_list = &syscall_table->compat_syscall_exit_dispatch[id];
478 } else {
479 action_list = &syscall_table->syscall_exit_dispatch[id];
480 }
481 if (unlikely(hlist_empty(action_list)))
482 return;
483
484 syscall_exit_event_call_func(action_list, entry->event_func, entry->nrargs,
485 regs, ret);
486 }
487
488 static
489 struct lttng_kernel_syscall_table *get_syscall_table_from_enabler(struct lttng_event_enabler_common *event_enabler)
490 {
491 switch (event_enabler->enabler_type) {
492 case LTTNG_EVENT_ENABLER_TYPE_RECORDER:
493 {
494 struct lttng_event_recorder_enabler *event_recorder_enabler =
495 container_of(event_enabler, struct lttng_event_recorder_enabler, parent);
496 return &event_recorder_enabler->chan->priv->parent.syscall_table;
497 }
498 case LTTNG_EVENT_ENABLER_TYPE_NOTIFIER:
499 {
500 struct lttng_event_notifier_enabler *event_notifier_enabler =
501 container_of(event_enabler, struct lttng_event_notifier_enabler, parent);
502 return &event_notifier_enabler->group->syscall_table;
503 }
504 default:
505 return NULL;
506 }
507 }
508
509 static
510 struct lttng_kernel_syscall_table *get_syscall_table_from_event(struct lttng_kernel_event_common *event)
511 {
512 switch (event->type) {
513 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
514 {
515 struct lttng_kernel_event_recorder *event_recorder =
516 container_of(event, struct lttng_kernel_event_recorder, parent);
517 return &event_recorder->chan->priv->parent.syscall_table;
518 }
519 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
520 {
521 struct lttng_kernel_event_notifier *event_notifier =
522 container_of(event, struct lttng_kernel_event_notifier, parent);
523 return &event_notifier->priv->group->syscall_table;
524 }
525 default:
526 return NULL;
527 }
528 }
529
530 static
531 void lttng_syscall_event_enabler_create_event(struct lttng_event_enabler_common *syscall_event_enabler,
532 const struct lttng_kernel_event_desc *desc, struct hlist_head *dispatch_table,
533 enum sc_type type, unsigned int syscall_nr)
534 {
535 struct lttng_kernel_event_common *event;
536
537 switch (syscall_event_enabler->enabler_type) {
538 case LTTNG_EVENT_ENABLER_TYPE_RECORDER:
539 {
540 struct lttng_event_recorder_enabler *syscall_event_recorder_enabler =
541 container_of(syscall_event_enabler, struct lttng_event_recorder_enabler, parent);
542 struct lttng_event_recorder_enabler *event_recorder_enabler;
543 struct lttng_kernel_abi_event ev;
544
545 /* We need to create an event for this syscall/enabler. */
546 memset(&ev, 0, sizeof(ev));
547 switch (type) {
548 case SC_TYPE_ENTRY:
549 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
550 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
551 break;
552 case SC_TYPE_EXIT:
553 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
554 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
555 break;
556 case SC_TYPE_COMPAT_ENTRY:
557 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
558 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
559 break;
560 case SC_TYPE_COMPAT_EXIT:
561 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
562 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
563 break;
564 }
565 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1);
566 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
567 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
568 event_recorder_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev,
569 syscall_event_recorder_enabler->chan);
570 WARN_ON_ONCE(!event_recorder_enabler);
571 if (!event_recorder_enabler)
572 return;
573 event = _lttng_kernel_event_create(&event_recorder_enabler->parent, desc);
574 WARN_ON_ONCE(!event || IS_ERR(event));
575 lttng_event_enabler_destroy(&event_recorder_enabler->parent);
576 if (!event || IS_ERR(event)) {
577 printk(KERN_INFO "Unable to create event recorder %s\n", desc->event_name);
578 return;
579 }
580 if (dispatch_table)
581 hlist_add_head_rcu(&event->priv->u.syscall.node, &dispatch_table[syscall_nr]);
582 break;
583 }
584 case LTTNG_EVENT_ENABLER_TYPE_NOTIFIER:
585 {
586 struct lttng_event_notifier_enabler *syscall_event_notifier_enabler =
587 container_of(syscall_event_enabler, struct lttng_event_notifier_enabler, parent);
588 struct lttng_event_notifier_enabler *event_notifier_enabler;
589 struct lttng_kernel_abi_event_notifier event_notifier_param;
590 uint64_t user_token = syscall_event_enabler->user_token;
591 uint64_t error_counter_index = syscall_event_notifier_enabler->error_counter_index;
592
593 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
594 switch (type) {
595 case SC_TYPE_ENTRY:
596 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
597 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
598 break;
599 case SC_TYPE_EXIT:
600 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
601 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
602 break;
603 case SC_TYPE_COMPAT_ENTRY:
604 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
605 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
606 break;
607 case SC_TYPE_COMPAT_EXIT:
608 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
609 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
610 break;
611 }
612 strncat(event_notifier_param.event.name, desc->event_name,
613 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
614 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
615 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
616 event_notifier_param.event.token = user_token;
617 event_notifier_param.error_counter_index = error_counter_index;
618
619 event_notifier_enabler = lttng_event_notifier_enabler_create(LTTNG_ENABLER_FORMAT_NAME,
620 &event_notifier_param, syscall_event_notifier_enabler->group);
621 WARN_ON_ONCE(!event_notifier_enabler);
622 event = _lttng_kernel_event_create(&event_notifier_enabler->parent, desc);
623 WARN_ON_ONCE(!event || IS_ERR(event));
624 lttng_event_enabler_destroy(&event_notifier_enabler->parent);
625 if (!event || IS_ERR(event)) {
626 printk(KERN_INFO "Unable to create event notifier %s\n", desc->event_name);
627 return;
628 }
629 event->priv->u.syscall.syscall_id = syscall_nr;
630 if (dispatch_table)
631 hlist_add_head_rcu(&event->priv->u.syscall.node, dispatch_table);
632 break;
633 }
634 default:
635 break;
636 }
637 }
638
639 /*
640 * noinline to diminish caller stack size.
641 * Should be called with sessions lock held.
642 */
643 static
644 int lttng_create_syscall_event_if_missing(const struct trace_syscall_entry *table, size_t table_len,
645 struct hlist_head *dispatch_table, struct lttng_event_recorder_enabler *syscall_event_enabler,
646 enum sc_type type)
647 {
648 struct lttng_event_ht *events_ht = lttng_get_event_ht_from_enabler(&syscall_event_enabler->parent);
649 unsigned int i;
650
651 /* Allocate events for each syscall matching enabler, insert into table */
652 for (i = 0; i < table_len; i++) {
653 const struct lttng_kernel_event_desc *desc = table[i].desc;
654 struct lttng_kernel_event_common_private *event_priv;
655 struct hlist_head *head;
656 bool found = false;
657
658 if (!desc) {
659 /* Unknown syscall */
660 continue;
661 }
662 if (!lttng_desc_match_enabler(desc,
663 lttng_event_recorder_enabler_as_enabler(syscall_event_enabler)))
664 continue;
665 /*
666 * Check if already created.
667 */
668 head = utils_borrow_hash_table_bucket(events_ht->table, LTTNG_EVENT_HT_SIZE, desc->event_name);
669 lttng_hlist_for_each_entry(event_priv, head, hlist_node) {
670 if (lttng_event_enabler_desc_match_event(&syscall_event_enabler->parent, desc, event_priv->pub))
671 found = true;
672 }
673 if (found)
674 continue;
675
676 lttng_syscall_event_enabler_create_event(&syscall_event_enabler->parent, desc, dispatch_table, type, i);
677 }
678 return 0;
679 }
680
681 static
682 int lttng_syscalls_populate_events(struct lttng_event_enabler_common *syscall_event_enabler)
683 {
684 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(syscall_event_enabler);
685 struct lttng_event_recorder_enabler *event_recorder_enabler;
686 struct lttng_kernel_channel_buffer *chan;
687 struct lttng_kernel_abi_event ev;
688 int ret;
689
690 if (syscall_event_enabler->enabler_type != LTTNG_EVENT_ENABLER_TYPE_RECORDER)
691 return 0;
692 event_recorder_enabler = container_of(syscall_event_enabler, struct lttng_event_recorder_enabler, parent);
693 chan = event_recorder_enabler->chan;
694
695 if (hlist_empty(&syscall_table->unknown_syscall_dispatch)) {
696 const struct lttng_kernel_event_desc *desc =
697 &__event_desc___syscall_entry_unknown;
698 struct lttng_kernel_event_common *event;
699 struct lttng_event_recorder_enabler *event_enabler;
700
701 memset(&ev, 0, sizeof(ev));
702 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
703 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
704 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
705 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
706 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
707 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
708 if (!event_enabler) {
709 return -ENOMEM;
710 }
711 event = _lttng_kernel_event_create(&event_enabler->parent, desc);
712 lttng_event_enabler_destroy(&event_enabler->parent);
713 WARN_ON_ONCE(!event);
714 if (IS_ERR(event)) {
715 return PTR_ERR(event);
716 }
717 hlist_add_head(&event->priv->u.syscall.node, &syscall_table->unknown_syscall_dispatch);
718 }
719
720 if (hlist_empty(&syscall_table->compat_unknown_syscall_dispatch)) {
721 const struct lttng_kernel_event_desc *desc =
722 &__event_desc___compat_syscall_entry_unknown;
723 struct lttng_kernel_event_common *event;
724 struct lttng_event_recorder_enabler *event_enabler;
725
726 memset(&ev, 0, sizeof(ev));
727 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
728 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
729 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
730 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
731 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
732 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
733 if (!event_enabler) {
734 return -ENOMEM;
735 }
736 event = _lttng_kernel_event_create(&event_enabler->parent, desc);
737 WARN_ON_ONCE(!event);
738 lttng_event_enabler_destroy(&event_enabler->parent);
739 if (IS_ERR(event)) {
740 return PTR_ERR(event);
741 }
742 hlist_add_head(&event->priv->u.syscall.node, &syscall_table->compat_unknown_syscall_dispatch);
743 }
744
745 if (hlist_empty(&syscall_table->compat_unknown_syscall_exit_dispatch)) {
746 const struct lttng_kernel_event_desc *desc =
747 &__event_desc___compat_syscall_exit_unknown;
748 struct lttng_kernel_event_common *event;
749 struct lttng_event_recorder_enabler *event_enabler;
750
751 memset(&ev, 0, sizeof(ev));
752 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
753 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
754 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
755 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
756 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
757 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
758 if (!event_enabler) {
759 return -ENOMEM;
760 }
761 event = _lttng_kernel_event_create(&event_enabler->parent, desc);
762 WARN_ON_ONCE(!event);
763 lttng_event_enabler_destroy(&event_enabler->parent);
764 if (IS_ERR(event)) {
765 return PTR_ERR(event);
766 }
767 hlist_add_head(&event->priv->u.syscall.node, &syscall_table->compat_unknown_syscall_exit_dispatch);
768 }
769
770 if (hlist_empty(&syscall_table->unknown_syscall_exit_dispatch)) {
771 const struct lttng_kernel_event_desc *desc =
772 &__event_desc___syscall_exit_unknown;
773 struct lttng_kernel_event_common *event;
774 struct lttng_event_recorder_enabler *event_enabler;
775
776 memset(&ev, 0, sizeof(ev));
777 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
778 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
779 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
780 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
781 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
782 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
783 if (!event_enabler) {
784 return -ENOMEM;
785 }
786 event = _lttng_kernel_event_create(&event_enabler->parent, desc);
787 WARN_ON_ONCE(!event);
788 lttng_event_enabler_destroy(&event_enabler->parent);
789 if (IS_ERR(event)) {
790 return PTR_ERR(event);
791 }
792 hlist_add_head(&event->priv->u.syscall.node, &syscall_table->unknown_syscall_exit_dispatch);
793 }
794
795 ret = lttng_create_syscall_event_if_missing(sc_table.table, sc_table.len,
796 syscall_table->syscall_dispatch, event_recorder_enabler, SC_TYPE_ENTRY);
797 if (ret)
798 return ret;
799 ret = lttng_create_syscall_event_if_missing(sc_exit_table.table, sc_exit_table.len,
800 syscall_table->syscall_exit_dispatch, event_recorder_enabler, SC_TYPE_EXIT);
801 if (ret)
802 return ret;
803
804 #ifdef CONFIG_COMPAT
805 ret = lttng_create_syscall_event_if_missing(compat_sc_table.table, compat_sc_table.len,
806 syscall_table->compat_syscall_dispatch, event_recorder_enabler, SC_TYPE_COMPAT_ENTRY);
807 if (ret)
808 return ret;
809 ret = lttng_create_syscall_event_if_missing(compat_sc_exit_table.table, compat_sc_exit_table.len,
810 syscall_table->compat_syscall_exit_dispatch, event_recorder_enabler, SC_TYPE_COMPAT_EXIT);
811 if (ret)
812 return ret;
813 #endif
814 return ret;
815 }
816
817 /*
818 * Should be called with sessions lock held.
819 */
820 int lttng_event_enabler_create_syscall_events_if_missing(struct lttng_event_enabler_common *syscall_event_enabler)
821 {
822 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(syscall_event_enabler);
823 int ret;
824
825 if (!syscall_table->syscall_dispatch) {
826 /* create syscall table mapping syscall to events */
827 syscall_table->syscall_dispatch = kzalloc(sizeof(struct hlist_head) * sc_table.len, GFP_KERNEL);
828 if (!syscall_table->syscall_dispatch)
829 return -ENOMEM;
830 }
831 if (!syscall_table->syscall_exit_dispatch) {
832 /* create syscall table mapping syscall to events */
833 syscall_table->syscall_exit_dispatch = kzalloc(sizeof(struct hlist_head) * sc_exit_table.len, GFP_KERNEL);
834 if (!syscall_table->syscall_exit_dispatch)
835 return -ENOMEM;
836 }
837
838
839 #ifdef CONFIG_COMPAT
840 if (!syscall_table->compat_syscall_dispatch) {
841 /* create syscall table mapping compat syscall to events */
842 syscall_table->compat_syscall_dispatch = kzalloc(sizeof(struct hlist_head) * compat_sc_table.len, GFP_KERNEL);
843 if (!syscall_table->compat_syscall_dispatch)
844 return -ENOMEM;
845 }
846
847 if (!syscall_table->compat_syscall_exit_dispatch) {
848 /* create syscall table mapping compat syscall to events */
849 syscall_table->compat_syscall_exit_dispatch = kzalloc(sizeof(struct hlist_head) * compat_sc_exit_table.len, GFP_KERNEL);
850 if (!syscall_table->compat_syscall_exit_dispatch)
851 return -ENOMEM;
852 }
853 #endif
854 if (!syscall_table->sc_filter) {
855 syscall_table->sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
856 GFP_KERNEL);
857 if (!syscall_table->sc_filter)
858 return -ENOMEM;
859 }
860
861 ret = lttng_syscalls_populate_events(syscall_event_enabler);
862 if (ret)
863 return ret;
864
865 ret = lttng_syscalls_create_matching_event_notifiers(syscall_event_enabler);
866 if (ret)
867 return ret;
868
869 if (!syscall_table->sys_enter_registered) {
870 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
871 (void *) syscall_entry_event_probe, syscall_table);
872 if (ret)
873 return ret;
874 syscall_table->sys_enter_registered = 1;
875 }
876 if (!syscall_table->sys_exit_registered) {
877 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
878 (void *) syscall_exit_event_probe, syscall_table);
879 if (ret) {
880 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
881 (void *) syscall_entry_event_probe, syscall_table));
882 return ret;
883 }
884 syscall_table->sys_exit_registered = 1;
885 }
886
887 return ret;
888 }
889
890 static
891 void create_unknown_event_notifier(
892 struct lttng_event_notifier_enabler *event_notifier_enabler,
893 enum sc_type type)
894 {
895 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(&event_notifier_enabler->parent);
896 struct lttng_event_ht *events_ht = lttng_get_event_ht_from_enabler(&event_notifier_enabler->parent);
897 struct lttng_kernel_event_common_private *event_priv;
898 const struct lttng_kernel_event_desc *desc;
899 struct hlist_head *unknown_dispatch_list;
900 bool found = false;
901 struct hlist_head *head;
902
903 switch (type) {
904 case SC_TYPE_ENTRY:
905 desc = &__event_desc___syscall_entry_unknown;
906 unknown_dispatch_list = &syscall_table->unknown_syscall_dispatch;
907 break;
908 case SC_TYPE_EXIT:
909 desc = &__event_desc___syscall_exit_unknown;
910 unknown_dispatch_list = &syscall_table->unknown_syscall_exit_dispatch;
911 break;
912 case SC_TYPE_COMPAT_ENTRY:
913 desc = &__event_desc___compat_syscall_entry_unknown;
914 unknown_dispatch_list = &syscall_table->compat_unknown_syscall_dispatch;
915 break;
916 case SC_TYPE_COMPAT_EXIT:
917 desc = &__event_desc___compat_syscall_exit_unknown;
918 unknown_dispatch_list = &syscall_table->compat_unknown_syscall_exit_dispatch;
919 break;
920 default:
921 WARN_ON_ONCE(1);
922 }
923
924 /*
925 * Check if already created.
926 */
927 head = utils_borrow_hash_table_bucket(events_ht->table, LTTNG_EVENT_HT_SIZE, desc->event_name);
928 lttng_hlist_for_each_entry(event_priv, head, hlist_node) {
929 if (lttng_event_enabler_desc_match_event(&event_notifier_enabler->parent, desc, event_priv->pub))
930 found = true;
931 }
932 if (!found)
933 lttng_syscall_event_enabler_create_event(&event_notifier_enabler->parent, desc, unknown_dispatch_list, type, -1U);
934 }
935
936 static
937 void create_matching_event_notifiers(
938 struct lttng_event_notifier_enabler *syscall_event_notifier_enabler,
939 const struct trace_syscall_entry *table,
940 size_t table_len, enum sc_type type)
941 {
942 struct lttng_event_ht *events_ht = lttng_get_event_ht_from_enabler(&syscall_event_notifier_enabler->parent);
943 const struct lttng_kernel_event_desc *desc;
944 unsigned int i;
945
946 /* iterate over all syscall and create event_notifier that match */
947 for (i = 0; i < table_len; i++) {
948 struct lttng_kernel_event_common_private *event_priv;
949 struct hlist_head *head;
950 int found = 0;
951
952 desc = table[i].desc;
953 if (!desc) {
954 /* Unknown syscall */
955 continue;
956 }
957
958 if (!lttng_desc_match_enabler(desc,
959 lttng_event_notifier_enabler_as_enabler(syscall_event_notifier_enabler)))
960 continue;
961
962 /*
963 * Check if already created.
964 */
965 head = utils_borrow_hash_table_bucket(events_ht->table, LTTNG_EVENT_HT_SIZE, desc->event_name);
966 lttng_hlist_for_each_entry(event_priv, head, hlist_node) {
967 if (lttng_event_enabler_desc_match_event(&syscall_event_notifier_enabler->parent, desc, event_priv->pub))
968 found = 1;
969 }
970 if (found)
971 continue;
972
973 lttng_syscall_event_enabler_create_event(&syscall_event_notifier_enabler->parent, desc, NULL, type, i);
974 }
975 }
976
977 static
978 int lttng_syscalls_create_matching_event_notifiers(struct lttng_event_enabler_common *event_enabler)
979 {
980 int ret;
981 enum lttng_kernel_abi_syscall_entryexit entryexit =
982 event_enabler->event_param.u.syscall.entryexit;
983 struct lttng_event_notifier_enabler *event_notifier_enabler;
984
985 if (event_enabler->enabler_type != LTTNG_EVENT_ENABLER_TYPE_NOTIFIER)
986 return 0;
987 event_notifier_enabler = container_of(event_enabler, struct lttng_event_notifier_enabler, parent);
988
989 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRY || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
990 create_matching_event_notifiers(event_notifier_enabler,
991 sc_table.table, sc_table.len, SC_TYPE_ENTRY);
992 create_matching_event_notifiers(event_notifier_enabler,
993 compat_sc_table.table, compat_sc_table.len,
994 SC_TYPE_COMPAT_ENTRY);
995 create_unknown_event_notifier(event_notifier_enabler, SC_TYPE_ENTRY);
996 create_unknown_event_notifier(event_notifier_enabler, SC_TYPE_COMPAT_ENTRY);
997 }
998
999 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_EXIT || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1000 create_matching_event_notifiers(event_notifier_enabler,
1001 sc_exit_table.table, sc_exit_table.len,
1002 SC_TYPE_EXIT);
1003 create_matching_event_notifiers(event_notifier_enabler,
1004 compat_sc_exit_table.table, compat_sc_exit_table.len,
1005 SC_TYPE_COMPAT_EXIT);
1006 create_unknown_event_notifier(event_notifier_enabler, SC_TYPE_EXIT);
1007 create_unknown_event_notifier(event_notifier_enabler, SC_TYPE_COMPAT_EXIT);
1008 }
1009 return ret;
1010 }
1011
1012 int lttng_syscalls_unregister_syscall_table(struct lttng_kernel_syscall_table *syscall_table)
1013 {
1014 int ret;
1015
1016 if (!syscall_table->syscall_dispatch)
1017 return 0;
1018 if (syscall_table->sys_enter_registered) {
1019 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1020 (void *) syscall_entry_event_probe, syscall_table);
1021 if (ret)
1022 return ret;
1023 syscall_table->sys_enter_registered = 0;
1024 }
1025 if (syscall_table->sys_exit_registered) {
1026 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1027 (void *) syscall_exit_event_probe, syscall_table);
1028 if (ret)
1029 return ret;
1030 syscall_table->sys_exit_registered = 0;
1031 }
1032 return 0;
1033 }
1034
1035 int lttng_syscalls_destroy_syscall_table(struct lttng_kernel_syscall_table *syscall_table)
1036 {
1037 kfree(syscall_table->syscall_dispatch);
1038 kfree(syscall_table->syscall_exit_dispatch);
1039 #ifdef CONFIG_COMPAT
1040 kfree(syscall_table->compat_syscall_dispatch);
1041 kfree(syscall_table->compat_syscall_exit_dispatch);
1042 #endif
1043 kfree(syscall_table->sc_filter);
1044 return 0;
1045 }
1046
1047 static
1048 int get_syscall_nr(const char *syscall_name)
1049 {
1050 int syscall_nr = -1;
1051 int i;
1052
1053 for (i = 0; i < sc_table.len; i++) {
1054 const struct trace_syscall_entry *entry;
1055 const char *it_name;
1056
1057 entry = &sc_table.table[i];
1058 if (!entry->desc)
1059 continue;
1060 it_name = entry->desc->event_name;
1061 it_name += strlen(SYSCALL_ENTRY_STR);
1062 if (!strcmp(syscall_name, it_name)) {
1063 syscall_nr = i;
1064 break;
1065 }
1066 }
1067 return syscall_nr;
1068 }
1069
1070 static
1071 int get_compat_syscall_nr(const char *syscall_name)
1072 {
1073 int syscall_nr = -1;
1074 int i;
1075
1076 for (i = 0; i < compat_sc_table.len; i++) {
1077 const struct trace_syscall_entry *entry;
1078 const char *it_name;
1079
1080 entry = &compat_sc_table.table[i];
1081 if (!entry->desc)
1082 continue;
1083 it_name = entry->desc->event_name;
1084 it_name += strlen(COMPAT_SYSCALL_ENTRY_STR);
1085 if (!strcmp(syscall_name, it_name)) {
1086 syscall_nr = i;
1087 break;
1088 }
1089 }
1090 return syscall_nr;
1091 }
1092
1093 static
1094 uint32_t get_sc_tables_len(void)
1095 {
1096 return sc_table.len + compat_sc_table.len;
1097 }
1098
1099 static
1100 const char *get_syscall_name(const char *desc_name,
1101 enum lttng_syscall_abi abi,
1102 enum lttng_syscall_entryexit entryexit)
1103 {
1104 size_t prefix_len = 0;
1105
1106
1107 switch (entryexit) {
1108 case LTTNG_SYSCALL_ENTRY:
1109 switch (abi) {
1110 case LTTNG_SYSCALL_ABI_NATIVE:
1111 prefix_len = strlen(SYSCALL_ENTRY_STR);
1112 break;
1113 case LTTNG_SYSCALL_ABI_COMPAT:
1114 prefix_len = strlen(COMPAT_SYSCALL_ENTRY_STR);
1115 break;
1116 }
1117 break;
1118 case LTTNG_SYSCALL_EXIT:
1119 switch (abi) {
1120 case LTTNG_SYSCALL_ABI_NATIVE:
1121 prefix_len = strlen(SYSCALL_EXIT_STR);
1122 break;
1123 case LTTNG_SYSCALL_ABI_COMPAT:
1124 prefix_len = strlen(COMPAT_SYSCALL_EXIT_STR);
1125 break;
1126 }
1127 break;
1128 }
1129 WARN_ON_ONCE(prefix_len == 0);
1130 return desc_name + prefix_len;
1131 }
1132
1133 static
1134 int lttng_syscall_filter_enable(
1135 struct lttng_syscall_filter *filter,
1136 const char *desc_name, enum lttng_syscall_abi abi,
1137 enum lttng_syscall_entryexit entryexit)
1138 {
1139 const char *syscall_name;
1140 unsigned long *bitmap;
1141 int syscall_nr;
1142
1143 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1144
1145 switch (abi) {
1146 case LTTNG_SYSCALL_ABI_NATIVE:
1147 syscall_nr = get_syscall_nr(syscall_name);
1148 break;
1149 case LTTNG_SYSCALL_ABI_COMPAT:
1150 syscall_nr = get_compat_syscall_nr(syscall_name);
1151 break;
1152 default:
1153 return -EINVAL;
1154 }
1155 if (syscall_nr < 0)
1156 return -ENOENT;
1157
1158 switch (entryexit) {
1159 case LTTNG_SYSCALL_ENTRY:
1160 switch (abi) {
1161 case LTTNG_SYSCALL_ABI_NATIVE:
1162 bitmap = filter->sc_entry;
1163 break;
1164 case LTTNG_SYSCALL_ABI_COMPAT:
1165 bitmap = filter->sc_compat_entry;
1166 break;
1167 default:
1168 return -EINVAL;
1169 }
1170 break;
1171 case LTTNG_SYSCALL_EXIT:
1172 switch (abi) {
1173 case LTTNG_SYSCALL_ABI_NATIVE:
1174 bitmap = filter->sc_exit;
1175 break;
1176 case LTTNG_SYSCALL_ABI_COMPAT:
1177 bitmap = filter->sc_compat_exit;
1178 break;
1179 default:
1180 return -EINVAL;
1181 }
1182 break;
1183 default:
1184 return -EINVAL;
1185 }
1186 if (test_bit(syscall_nr, bitmap))
1187 return -EEXIST;
1188 bitmap_set(bitmap, syscall_nr, 1);
1189 return 0;
1190 }
1191
1192 int lttng_syscall_filter_enable_event(struct lttng_kernel_event_common *event)
1193 {
1194 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_event(event);
1195 int ret;
1196
1197 WARN_ON_ONCE(event->priv->instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1198
1199 ret = lttng_syscall_filter_enable(syscall_table->sc_filter,
1200 event->priv->desc->event_name, event->priv->u.syscall.abi,
1201 event->priv->u.syscall.entryexit);
1202 if (ret)
1203 return ret;
1204
1205 switch (event->type) {
1206 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
1207 break;
1208 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
1209 {
1210 unsigned int syscall_id = event->priv->u.syscall.syscall_id;
1211 struct hlist_head *dispatch_list;
1212
1213 switch (event->priv->u.syscall.entryexit) {
1214 case LTTNG_SYSCALL_ENTRY:
1215 switch (event->priv->u.syscall.abi) {
1216 case LTTNG_SYSCALL_ABI_NATIVE:
1217 dispatch_list = &syscall_table->syscall_dispatch[syscall_id];
1218 break;
1219 case LTTNG_SYSCALL_ABI_COMPAT:
1220 dispatch_list = &syscall_table->compat_syscall_dispatch[syscall_id];
1221 break;
1222 default:
1223 ret = -EINVAL;
1224 goto end;
1225 }
1226 break;
1227 case LTTNG_SYSCALL_EXIT:
1228 switch (event->priv->u.syscall.abi) {
1229 case LTTNG_SYSCALL_ABI_NATIVE:
1230 dispatch_list = &syscall_table->syscall_exit_dispatch[syscall_id];
1231 break;
1232 case LTTNG_SYSCALL_ABI_COMPAT:
1233 dispatch_list = &syscall_table->compat_syscall_exit_dispatch[syscall_id];
1234 break;
1235 default:
1236 ret = -EINVAL;
1237 goto end;
1238 }
1239 break;
1240 default:
1241 ret = -EINVAL;
1242 goto end;
1243 }
1244
1245 hlist_add_head_rcu(&event->priv->u.syscall.node, dispatch_list);
1246 break;
1247 }
1248 default:
1249 WARN_ON_ONCE(1);
1250 return -ENOSYS;
1251 }
1252 end:
1253 return ret;
1254 }
1255
1256 static
1257 int lttng_syscall_filter_disable(struct lttng_syscall_filter *filter,
1258 const char *desc_name, enum lttng_syscall_abi abi,
1259 enum lttng_syscall_entryexit entryexit)
1260 {
1261 const char *syscall_name;
1262 unsigned long *bitmap;
1263 int syscall_nr;
1264
1265 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1266
1267 switch (abi) {
1268 case LTTNG_SYSCALL_ABI_NATIVE:
1269 syscall_nr = get_syscall_nr(syscall_name);
1270 break;
1271 case LTTNG_SYSCALL_ABI_COMPAT:
1272 syscall_nr = get_compat_syscall_nr(syscall_name);
1273 break;
1274 default:
1275 return -EINVAL;
1276 }
1277 if (syscall_nr < 0)
1278 return -ENOENT;
1279
1280 switch (entryexit) {
1281 case LTTNG_SYSCALL_ENTRY:
1282 switch (abi) {
1283 case LTTNG_SYSCALL_ABI_NATIVE:
1284 bitmap = filter->sc_entry;
1285 break;
1286 case LTTNG_SYSCALL_ABI_COMPAT:
1287 bitmap = filter->sc_compat_entry;
1288 break;
1289 default:
1290 return -EINVAL;
1291 }
1292 break;
1293 case LTTNG_SYSCALL_EXIT:
1294 switch (abi) {
1295 case LTTNG_SYSCALL_ABI_NATIVE:
1296 bitmap = filter->sc_exit;
1297 break;
1298 case LTTNG_SYSCALL_ABI_COMPAT:
1299 bitmap = filter->sc_compat_exit;
1300 break;
1301 default:
1302 return -EINVAL;
1303 }
1304 break;
1305 default:
1306 return -EINVAL;
1307 }
1308 if (!test_bit(syscall_nr, bitmap))
1309 return -EEXIST;
1310 bitmap_clear(bitmap, syscall_nr, 1);
1311
1312 return 0;
1313 }
1314
1315 int lttng_syscall_filter_disable_event(struct lttng_kernel_event_common *event)
1316 {
1317 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_event(event);
1318 int ret;
1319
1320 ret = lttng_syscall_filter_disable(syscall_table->sc_filter,
1321 event->priv->desc->event_name, event->priv->u.syscall.abi,
1322 event->priv->u.syscall.entryexit);
1323 if (ret)
1324 return ret;
1325
1326 switch (event->type) {
1327 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
1328 break;
1329 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
1330 {
1331 hlist_del_rcu(&event->priv->u.syscall.node);
1332 break;
1333 }
1334 default:
1335 WARN_ON_ONCE(1);
1336 return -ENOSYS;
1337 }
1338 return 0;
1339 }
1340
1341 void lttng_syscall_table_set_wildcard_all(struct lttng_event_enabler_common *event_enabler)
1342 {
1343 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(event_enabler);
1344 enum lttng_kernel_abi_syscall_entryexit entryexit;
1345 int enabled = event_enabler->enabled;
1346
1347 if (event_enabler->event_param.instrumentation != LTTNG_KERNEL_ABI_SYSCALL)
1348 return;
1349 if (event_enabler->event_param.u.syscall.abi != LTTNG_KERNEL_ABI_SYSCALL_ABI_ALL)
1350 return;
1351 if (event_enabler->event_param.u.syscall.match != LTTNG_KERNEL_ABI_SYSCALL_MATCH_NAME)
1352 return;
1353 if (strcmp(event_enabler->event_param.name, "*"))
1354 return;
1355
1356 entryexit = event_enabler->event_param.u.syscall.entryexit;
1357 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRY || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT)
1358 WRITE_ONCE(syscall_table->syscall_all_entry, enabled);
1359
1360 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_EXIT || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT)
1361 WRITE_ONCE(syscall_table->syscall_all_exit, enabled);
1362 }
1363
1364 static
1365 const struct trace_syscall_entry *syscall_list_get_entry(loff_t *pos)
1366 {
1367 const struct trace_syscall_entry *entry;
1368 int iter = 0;
1369
1370 for (entry = sc_table.table;
1371 entry < sc_table.table + sc_table.len;
1372 entry++) {
1373 if (iter++ >= *pos)
1374 return entry;
1375 }
1376 for (entry = compat_sc_table.table;
1377 entry < compat_sc_table.table + compat_sc_table.len;
1378 entry++) {
1379 if (iter++ >= *pos)
1380 return entry;
1381 }
1382 /* End of list */
1383 return NULL;
1384 }
1385
1386 static
1387 void *syscall_list_start(struct seq_file *m, loff_t *pos)
1388 {
1389 return (void *) syscall_list_get_entry(pos);
1390 }
1391
1392 static
1393 void *syscall_list_next(struct seq_file *m, void *p, loff_t *ppos)
1394 {
1395 (*ppos)++;
1396 return (void *) syscall_list_get_entry(ppos);
1397 }
1398
1399 static
1400 void syscall_list_stop(struct seq_file *m, void *p)
1401 {
1402 }
1403
1404 static
1405 int get_sc_table(const struct trace_syscall_entry *entry,
1406 const struct trace_syscall_entry **table,
1407 unsigned int *bitness)
1408 {
1409 if (entry >= sc_table.table && entry < sc_table.table + sc_table.len) {
1410 if (bitness)
1411 *bitness = BITS_PER_LONG;
1412 if (table)
1413 *table = sc_table.table;
1414 return 0;
1415 }
1416 if (!(entry >= compat_sc_table.table
1417 && entry < compat_sc_table.table + compat_sc_table.len)) {
1418 return -EINVAL;
1419 }
1420 if (bitness)
1421 *bitness = 32;
1422 if (table)
1423 *table = compat_sc_table.table;
1424 return 0;
1425 }
1426
1427 static
1428 int syscall_list_show(struct seq_file *m, void *p)
1429 {
1430 const struct trace_syscall_entry *table, *entry = p;
1431 unsigned int bitness;
1432 unsigned long index;
1433 int ret;
1434 const char *name;
1435
1436 ret = get_sc_table(entry, &table, &bitness);
1437 if (ret)
1438 return ret;
1439 if (!entry->desc)
1440 return 0;
1441 if (table == sc_table.table) {
1442 index = entry - table;
1443 name = &entry->desc->event_name[strlen(SYSCALL_ENTRY_STR)];
1444 } else {
1445 index = (entry - table) + sc_table.len;
1446 name = &entry->desc->event_name[strlen(COMPAT_SYSCALL_ENTRY_STR)];
1447 }
1448 seq_printf(m, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1449 index, name, bitness);
1450 return 0;
1451 }
1452
1453 static
1454 const struct seq_operations lttng_syscall_list_seq_ops = {
1455 .start = syscall_list_start,
1456 .next = syscall_list_next,
1457 .stop = syscall_list_stop,
1458 .show = syscall_list_show,
1459 };
1460
1461 static
1462 int lttng_syscall_list_open(struct inode *inode, struct file *file)
1463 {
1464 return seq_open(file, &lttng_syscall_list_seq_ops);
1465 }
1466
1467 const struct file_operations lttng_syscall_list_fops = {
1468 .owner = THIS_MODULE,
1469 .open = lttng_syscall_list_open,
1470 .read = seq_read,
1471 .llseek = seq_lseek,
1472 .release = seq_release,
1473 };
1474
1475 /*
1476 * A syscall is enabled if it is traced for either entry or exit.
1477 */
1478 long lttng_syscall_table_get_active_mask(struct lttng_kernel_syscall_table *syscall_table,
1479 struct lttng_kernel_abi_syscall_mask __user *usyscall_mask)
1480 {
1481 uint32_t len, sc_tables_len, bitmask_len;
1482 int ret = 0, bit;
1483 char *tmp_mask;
1484 struct lttng_syscall_filter *filter;
1485
1486 ret = get_user(len, &usyscall_mask->len);
1487 if (ret)
1488 return ret;
1489 sc_tables_len = get_sc_tables_len();
1490 bitmask_len = ALIGN(sc_tables_len, 8) >> 3;
1491 if (len < sc_tables_len) {
1492 return put_user(sc_tables_len, &usyscall_mask->len);
1493 }
1494 /* Array is large enough, we can copy array to user-space. */
1495 tmp_mask = kzalloc(bitmask_len, GFP_KERNEL);
1496 if (!tmp_mask)
1497 return -ENOMEM;
1498 filter = syscall_table->sc_filter;
1499
1500 for (bit = 0; bit < sc_table.len; bit++) {
1501 char state;
1502
1503 if (syscall_table->syscall_dispatch) {
1504 if (!(READ_ONCE(syscall_table->syscall_all_entry)
1505 || READ_ONCE(syscall_table->syscall_all_exit)) && filter)
1506 state = test_bit(bit, filter->sc_entry)
1507 || test_bit(bit, filter->sc_exit);
1508 else
1509 state = 1;
1510 } else {
1511 state = 0;
1512 }
1513 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1514 }
1515 for (; bit < sc_tables_len; bit++) {
1516 char state;
1517
1518 if (syscall_table->compat_syscall_dispatch) {
1519 if (!(READ_ONCE(syscall_table->syscall_all_entry)
1520 || READ_ONCE(syscall_table->syscall_all_exit)) && filter)
1521 state = test_bit(bit - sc_table.len,
1522 filter->sc_compat_entry)
1523 || test_bit(bit - sc_table.len,
1524 filter->sc_compat_exit);
1525 else
1526 state = 1;
1527 } else {
1528 state = 0;
1529 }
1530 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1531 }
1532 if (copy_to_user(usyscall_mask->mask, tmp_mask, bitmask_len))
1533 ret = -EFAULT;
1534 kfree(tmp_mask);
1535 return ret;
1536 }
1537
1538 int lttng_abi_syscall_list(void)
1539 {
1540 struct file *syscall_list_file;
1541 int file_fd, ret;
1542
1543 file_fd = lttng_get_unused_fd();
1544 if (file_fd < 0) {
1545 ret = file_fd;
1546 goto fd_error;
1547 }
1548
1549 syscall_list_file = anon_inode_getfile("[lttng_syscall_list]",
1550 &lttng_syscall_list_fops,
1551 NULL, O_RDWR);
1552 if (IS_ERR(syscall_list_file)) {
1553 ret = PTR_ERR(syscall_list_file);
1554 goto file_error;
1555 }
1556 ret = lttng_syscall_list_fops.open(NULL, syscall_list_file);
1557 if (ret < 0)
1558 goto open_error;
1559 fd_install(file_fd, syscall_list_file);
1560 return file_fd;
1561
1562 open_error:
1563 fput(syscall_list_file);
1564 file_error:
1565 put_unused_fd(file_fd);
1566 fd_error:
1567 return ret;
1568 }
LTTng 2.0/0.x modules
This page took 0.064655 seconds and 3 git commands to generate.