projects / lttng-modules.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Refactoring: introduce lttng_get_event_ht_from_enabler
[lttng-modules.git] / src / lttng-syscalls.c
1 /* SPDX-License-Identifier: (GPL-2.0-only or LGPL-2.1-only)
2 *
3 * lttng-syscalls.c
4 *
5 * LTTng syscall probes.
6 *
7 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 */
9
10 #include <linux/module.h>
11 #include <linux/slab.h>
12 #include <linux/compat.h>
13 #include <linux/err.h>
14 #include <linux/bitmap.h>
15 #include <linux/in.h>
16 #include <linux/in6.h>
17 #include <linux/seq_file.h>
18 #include <linux/stringify.h>
19 #include <linux/file.h>
20 #include <linux/anon_inodes.h>
21 #include <linux/fcntl.h>
22 #include <linux/mman.h>
23 #include <asm/ptrace.h>
24 #include <asm/syscall.h>
25
26 #include <lttng/bitfield.h>
27 #include <wrapper/tracepoint.h>
28 #include <wrapper/file.h>
29 #include <wrapper/rcu.h>
30 #include <wrapper/syscall.h>
31 #include <lttng/events.h>
32 #include <lttng/events-internal.h>
33 #include <lttng/utils.h>
34
35 #include "lttng-syscalls.h"
36
37 #ifndef CONFIG_COMPAT
38 # ifndef is_compat_task
39 # define is_compat_task() (0)
40 # endif
41 #endif
42
43 /* in_compat_syscall appears in kernel 4.6. */
44 #ifndef in_compat_syscall
45 #define in_compat_syscall() is_compat_task()
46 #endif
47
48 enum sc_type {
49 SC_TYPE_ENTRY,
50 SC_TYPE_EXIT,
51 SC_TYPE_COMPAT_ENTRY,
52 SC_TYPE_COMPAT_EXIT,
53 };
54
55 #define SYSCALL_ENTRY_TOK syscall_entry_
56 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
57 #define SYSCALL_EXIT_TOK syscall_exit_
58 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
59
60 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
61 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
62 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
63 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
64
65 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id);
66 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret);
67
68 /*
69 * Forward declarations for old kernels.
70 */
71 struct mmsghdr;
72 struct rlimit64;
73 struct oldold_utsname;
74 struct old_utsname;
75 struct sel_arg_struct;
76 struct mmap_arg_struct;
77 struct file_handle;
78 struct user_msghdr;
79
80 /*
81 * Forward declaration for kernels >= 5.6
82 */
83 struct timex;
84 struct timeval;
85 struct itimerval;
86 struct itimerspec;
87
88 #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,6,0))
89 typedef __kernel_old_time_t time_t;
90 #endif
91
92 #ifdef IA32_NR_syscalls
93 #define NR_compat_syscalls IA32_NR_syscalls
94 #else
95 #define NR_compat_syscalls NR_syscalls
96 #endif
97
98 /*
99 * Create LTTng tracepoint probes.
100 */
101 #define LTTNG_PACKAGE_BUILD
102 #define CREATE_TRACE_POINTS
103 #define TP_MODULE_NOINIT
104 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
105
106 #define PARAMS(args...) args
107
108 /* Handle unknown syscalls */
109 #undef TRACE_SYSTEM
110 #define TRACE_SYSTEM syscalls_unknown
111 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
112 #undef TRACE_SYSTEM
113
114 #undef TP_PROBE_CB
115
116 extern const struct trace_syscall_table sc_table;
117 extern const struct trace_syscall_table compat_sc_table;
118
119 /* Event syscall exit table */
120 extern const struct trace_syscall_table sc_exit_table;
121 extern const struct trace_syscall_table compat_sc_exit_table;
122
123
124 #undef SC_EXIT
125
126 #undef CREATE_SYSCALL_TABLE
127
128 struct lttng_syscall_filter {
129 DECLARE_BITMAP(sc_entry, NR_syscalls);
130 DECLARE_BITMAP(sc_exit, NR_syscalls);
131 DECLARE_BITMAP(sc_compat_entry, NR_compat_syscalls);
132 DECLARE_BITMAP(sc_compat_exit, NR_compat_syscalls);
133 };
134
135 static
136 int lttng_syscalls_create_matching_event_notifiers(struct lttng_event_enabler_common *event_enabler);
137
138 static void syscall_entry_event_unknown(struct hlist_head *unknown_action_list_head,
139 struct pt_regs *regs, long id)
140 {
141 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
142 struct lttng_kernel_event_common_private *event_priv;
143
144 lttng_syscall_get_arguments(current, regs, args);
145 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
146 if (unlikely(in_compat_syscall()))
147 __event_probe__compat_syscall_entry_unknown(event_priv->pub, id, args);
148 else
149 __event_probe__syscall_entry_unknown(event_priv->pub, id, args);
150 }
151 }
152
153 static __always_inline
154 void syscall_entry_event_call_func(struct hlist_head *action_list,
155 void *func, unsigned int nrargs,
156 struct pt_regs *regs)
157 {
158 struct lttng_kernel_event_common_private *event_priv;
159
160 switch (nrargs) {
161 case 0:
162 {
163 void (*fptr)(void *__data) = func;
164
165 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
166 fptr(event_priv->pub);
167 break;
168 }
169 case 1:
170 {
171 void (*fptr)(void *__data, unsigned long arg0) = func;
172 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
173
174 lttng_syscall_get_arguments(current, regs, args);
175 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
176 fptr(event_priv->pub, args[0]);
177 break;
178 }
179 case 2:
180 {
181 void (*fptr)(void *__data,
182 unsigned long arg0,
183 unsigned long arg1) = func;
184 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
185
186 lttng_syscall_get_arguments(current, regs, args);
187 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
188 fptr(event_priv->pub, args[0], args[1]);
189 break;
190 }
191 case 3:
192 {
193 void (*fptr)(void *__data,
194 unsigned long arg0,
195 unsigned long arg1,
196 unsigned long arg2) = func;
197 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
198
199 lttng_syscall_get_arguments(current, regs, args);
200 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
201 fptr(event_priv->pub, args[0], args[1], args[2]);
202 break;
203 }
204 case 4:
205 {
206 void (*fptr)(void *__data,
207 unsigned long arg0,
208 unsigned long arg1,
209 unsigned long arg2,
210 unsigned long arg3) = func;
211 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
212
213 lttng_syscall_get_arguments(current, regs, args);
214 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
215 fptr(event_priv->pub, args[0], args[1], args[2], args[3]);
216 break;
217 }
218 case 5:
219 {
220 void (*fptr)(void *__data,
221 unsigned long arg0,
222 unsigned long arg1,
223 unsigned long arg2,
224 unsigned long arg3,
225 unsigned long arg4) = func;
226 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
227
228 lttng_syscall_get_arguments(current, regs, args);
229 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
230 fptr(event_priv->pub, args[0], args[1], args[2], args[3], args[4]);
231 break;
232 }
233 case 6:
234 {
235 void (*fptr)(void *__data,
236 unsigned long arg0,
237 unsigned long arg1,
238 unsigned long arg2,
239 unsigned long arg3,
240 unsigned long arg4,
241 unsigned long arg5) = func;
242 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
243
244 lttng_syscall_get_arguments(current, regs, args);
245 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
246 fptr(event_priv->pub, args[0], args[1], args[2],
247 args[3], args[4], args[5]);
248 break;
249 }
250 default:
251 break;
252 }
253 }
254
255 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id)
256 {
257 struct lttng_kernel_syscall_table *syscall_table = __data;
258 struct hlist_head *action_list, *unknown_action_list;
259 const struct trace_syscall_entry *table, *entry;
260 size_t table_len;
261
262 if (unlikely(in_compat_syscall())) {
263 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
264
265 if (id < 0 || id >= NR_compat_syscalls
266 || (!READ_ONCE(syscall_table->syscall_all_entry) && !test_bit(id, filter->sc_compat_entry))) {
267 /* System call filtered out. */
268 return;
269 }
270 table = compat_sc_table.table;
271 table_len = compat_sc_table.len;
272 unknown_action_list = &syscall_table->compat_unknown_syscall_dispatch;
273 } else {
274 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
275
276 if (id < 0 || id >= NR_syscalls
277 || (!READ_ONCE(syscall_table->syscall_all_entry) && !test_bit(id, filter->sc_entry))) {
278 /* System call filtered out. */
279 return;
280 }
281 table = sc_table.table;
282 table_len = sc_table.len;
283 unknown_action_list = &syscall_table->unknown_syscall_dispatch;
284 }
285 if (unlikely(id < 0 || id >= table_len)) {
286 syscall_entry_event_unknown(unknown_action_list, regs, id);
287 return;
288 }
289
290 entry = &table[id];
291 if (!entry->event_func) {
292 syscall_entry_event_unknown(unknown_action_list, regs, id);
293 return;
294 }
295
296 if (unlikely(in_compat_syscall())) {
297 action_list = &syscall_table->compat_syscall_dispatch[id];
298 } else {
299 action_list = &syscall_table->syscall_dispatch[id];
300 }
301 if (unlikely(hlist_empty(action_list)))
302 return;
303
304 syscall_entry_event_call_func(action_list, entry->event_func, entry->nrargs, regs);
305 }
306
307 static void syscall_exit_event_unknown(struct hlist_head *unknown_action_list_head,
308 struct pt_regs *regs, long id, long ret)
309 {
310 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
311 struct lttng_kernel_event_common_private *event_priv;
312
313 lttng_syscall_get_arguments(current, regs, args);
314 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
315 if (unlikely(in_compat_syscall()))
316 __event_probe__compat_syscall_exit_unknown(event_priv->pub, id, ret,
317 args);
318 else
319 __event_probe__syscall_exit_unknown(event_priv->pub, id, ret, args);
320 }
321 }
322
323 static __always_inline
324 void syscall_exit_event_call_func(struct hlist_head *action_list,
325 void *func, unsigned int nrargs,
326 struct pt_regs *regs, long ret)
327 {
328 struct lttng_kernel_event_common_private *event_priv;
329
330 switch (nrargs) {
331 case 0:
332 {
333 void (*fptr)(void *__data, long ret) = func;
334
335 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
336 fptr(event_priv->pub, ret);
337 break;
338 }
339 case 1:
340 {
341 void (*fptr)(void *__data,
342 long ret,
343 unsigned long arg0) = func;
344 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
345
346 lttng_syscall_get_arguments(current, regs, args);
347 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
348 fptr(event_priv->pub, ret, args[0]);
349 break;
350 }
351 case 2:
352 {
353 void (*fptr)(void *__data,
354 long ret,
355 unsigned long arg0,
356 unsigned long arg1) = func;
357 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
358
359 lttng_syscall_get_arguments(current, regs, args);
360 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
361 fptr(event_priv->pub, ret, args[0], args[1]);
362 break;
363 }
364 case 3:
365 {
366 void (*fptr)(void *__data,
367 long ret,
368 unsigned long arg0,
369 unsigned long arg1,
370 unsigned long arg2) = func;
371 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
372
373 lttng_syscall_get_arguments(current, regs, args);
374 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
375 fptr(event_priv->pub, ret, args[0], args[1], args[2]);
376 break;
377 }
378 case 4:
379 {
380 void (*fptr)(void *__data,
381 long ret,
382 unsigned long arg0,
383 unsigned long arg1,
384 unsigned long arg2,
385 unsigned long arg3) = func;
386 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
387
388 lttng_syscall_get_arguments(current, regs, args);
389 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
390 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3]);
391 break;
392 }
393 case 5:
394 {
395 void (*fptr)(void *__data,
396 long ret,
397 unsigned long arg0,
398 unsigned long arg1,
399 unsigned long arg2,
400 unsigned long arg3,
401 unsigned long arg4) = func;
402 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
403
404 lttng_syscall_get_arguments(current, regs, args);
405 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
406 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3], args[4]);
407 break;
408 }
409 case 6:
410 {
411 void (*fptr)(void *__data,
412 long ret,
413 unsigned long arg0,
414 unsigned long arg1,
415 unsigned long arg2,
416 unsigned long arg3,
417 unsigned long arg4,
418 unsigned long arg5) = func;
419 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
420
421 lttng_syscall_get_arguments(current, regs, args);
422 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
423 fptr(event_priv->pub, ret, args[0], args[1], args[2],
424 args[3], args[4], args[5]);
425 break;
426 }
427 default:
428 break;
429 }
430 }
431
432 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret)
433 {
434 struct lttng_kernel_syscall_table *syscall_table = __data;
435 struct hlist_head *action_list, *unknown_action_list;
436 const struct trace_syscall_entry *table, *entry;
437 size_t table_len;
438 long id;
439
440 id = syscall_get_nr(current, regs);
441
442 if (unlikely(in_compat_syscall())) {
443 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
444
445 if (id < 0 || id >= NR_compat_syscalls
446 || (!READ_ONCE(syscall_table->syscall_all_exit) && !test_bit(id, filter->sc_compat_exit))) {
447 /* System call filtered out. */
448 return;
449 }
450 table = compat_sc_exit_table.table;
451 table_len = compat_sc_exit_table.len;
452 unknown_action_list = &syscall_table->compat_unknown_syscall_exit_dispatch;
453 } else {
454 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
455
456 if (id < 0 || id >= NR_syscalls
457 || (!READ_ONCE(syscall_table->syscall_all_exit) && !test_bit(id, filter->sc_exit))) {
458 /* System call filtered out. */
459 return;
460 }
461 table = sc_exit_table.table;
462 table_len = sc_exit_table.len;
463 unknown_action_list = &syscall_table->unknown_syscall_exit_dispatch;
464 }
465 if (unlikely(id < 0 || id >= table_len)) {
466 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
467 return;
468 }
469
470 entry = &table[id];
471 if (!entry->event_func) {
472 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
473 return;
474 }
475
476 if (unlikely(in_compat_syscall())) {
477 action_list = &syscall_table->compat_syscall_exit_dispatch[id];
478 } else {
479 action_list = &syscall_table->syscall_exit_dispatch[id];
480 }
481 if (unlikely(hlist_empty(action_list)))
482 return;
483
484 syscall_exit_event_call_func(action_list, entry->event_func, entry->nrargs,
485 regs, ret);
486 }
487
488 static
489 struct lttng_kernel_syscall_table *get_syscall_table_from_enabler(struct lttng_event_enabler_common *event_enabler)
490 {
491 switch (event_enabler->enabler_type) {
492 case LTTNG_EVENT_ENABLER_TYPE_RECORDER:
493 {
494 struct lttng_event_recorder_enabler *event_recorder_enabler =
495 container_of(event_enabler, struct lttng_event_recorder_enabler, parent);
496 return &event_recorder_enabler->chan->priv->parent.syscall_table;
497 }
498 case LTTNG_EVENT_ENABLER_TYPE_NOTIFIER:
499 {
500 struct lttng_event_notifier_enabler *event_notifier_enabler =
501 container_of(event_enabler, struct lttng_event_notifier_enabler, parent);
502 return &event_notifier_enabler->group->syscall_table;
503 }
504 default:
505 return NULL;
506 }
507 }
508
509 static
510 struct lttng_kernel_syscall_table *get_syscall_table_from_event(struct lttng_kernel_event_common *event)
511 {
512 switch (event->type) {
513 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
514 {
515 struct lttng_kernel_event_recorder *event_recorder =
516 container_of(event, struct lttng_kernel_event_recorder, parent);
517 return &event_recorder->chan->priv->parent.syscall_table;
518 }
519 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
520 {
521 struct lttng_kernel_event_notifier *event_notifier =
522 container_of(event, struct lttng_kernel_event_notifier, parent);
523 return &event_notifier->priv->group->syscall_table;
524 }
525 default:
526 return NULL;
527 }
528 }
529
530 /*
531 * noinline to diminish caller stack size.
532 * Should be called with sessions lock held.
533 */
534 static
535 int lttng_create_syscall_event_if_missing(const struct trace_syscall_entry *table, size_t table_len,
536 struct hlist_head *chan_table, struct lttng_event_recorder_enabler *syscall_event_enabler,
537 enum sc_type type)
538 {
539 struct lttng_event_ht *events_ht = lttng_get_event_ht_from_enabler(&syscall_event_enabler->parent);
540 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(&syscall_event_enabler->parent);
541 struct lttng_kernel_channel_buffer *chan = syscall_event_enabler->chan;
542 unsigned int i;
543
544 /* Allocate events for each syscall matching enabler, insert into table */
545 for (i = 0; i < table_len; i++) {
546 const struct lttng_kernel_event_desc *desc = table[i].desc;
547 struct lttng_event_recorder_enabler *event_enabler;
548 struct lttng_kernel_abi_event ev;
549 struct lttng_kernel_event_recorder *event_recorder;
550 struct lttng_kernel_event_common_private *event_priv;
551 struct hlist_head *head;
552 bool found = false;
553
554 if (!desc) {
555 /* Unknown syscall */
556 continue;
557 }
558 if (lttng_desc_match_enabler(desc,
559 lttng_event_recorder_enabler_as_enabler(syscall_event_enabler)) <= 0)
560 continue;
561 /*
562 * Check if already created.
563 */
564 head = utils_borrow_hash_table_bucket(events_ht->table, LTTNG_EVENT_HT_SIZE, desc->event_name);
565 lttng_hlist_for_each_entry(event_priv, head, hlist_node) {
566 if (event_priv->desc == desc
567 && get_syscall_table_from_event(event_priv->pub) == syscall_table)
568 found = true;
569 }
570 if (found)
571 continue;
572
573 /* We need to create an event for this syscall/enabler. */
574 memset(&ev, 0, sizeof(ev));
575 switch (type) {
576 case SC_TYPE_ENTRY:
577 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
578 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
579 break;
580 case SC_TYPE_EXIT:
581 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
582 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
583 break;
584 case SC_TYPE_COMPAT_ENTRY:
585 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
586 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
587 break;
588 case SC_TYPE_COMPAT_EXIT:
589 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
590 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
591 break;
592 }
593 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1);
594 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
595 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
596 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
597 if (!event_enabler) {
598 return -ENOMEM;
599 }
600 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
601 WARN_ON_ONCE(!event_recorder);
602 lttng_event_enabler_destroy(&event_enabler->parent);
603 if (IS_ERR(event_recorder)) {
604 /*
605 * If something goes wrong in event registration
606 * after the first one, we have no choice but to
607 * leave the previous events in there, until
608 * deleted by session teardown.
609 */
610 return PTR_ERR(event_recorder);
611 }
612 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan_table[i]);
613 }
614 return 0;
615 }
616
617 static
618 int lttng_syscalls_populate_events(struct lttng_event_enabler_common *syscall_event_enabler)
619 {
620 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(syscall_event_enabler);
621 struct lttng_event_recorder_enabler *event_recorder_enabler;
622 struct lttng_kernel_channel_buffer *chan;
623 struct lttng_kernel_abi_event ev;
624 int ret;
625
626 if (syscall_event_enabler->enabler_type != LTTNG_EVENT_ENABLER_TYPE_RECORDER)
627 return 0;
628 event_recorder_enabler = container_of(syscall_event_enabler, struct lttng_event_recorder_enabler, parent);
629 chan = event_recorder_enabler->chan;
630
631 if (hlist_empty(&syscall_table->unknown_syscall_dispatch)) {
632 const struct lttng_kernel_event_desc *desc =
633 &__event_desc___syscall_entry_unknown;
634 struct lttng_kernel_event_recorder *event_recorder;
635 struct lttng_event_recorder_enabler *event_enabler;
636
637 memset(&ev, 0, sizeof(ev));
638 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
639 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
640 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
641 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
642 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
643 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
644 if (!event_enabler) {
645 return -ENOMEM;
646 }
647 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
648 lttng_event_enabler_destroy(&event_enabler->parent);
649 WARN_ON_ONCE(!event_recorder);
650 if (IS_ERR(event_recorder)) {
651 return PTR_ERR(event_recorder);
652 }
653 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->unknown_syscall_dispatch);
654 }
655
656 if (hlist_empty(&syscall_table->compat_unknown_syscall_dispatch)) {
657 const struct lttng_kernel_event_desc *desc =
658 &__event_desc___compat_syscall_entry_unknown;
659 struct lttng_kernel_event_recorder *event_recorder;
660 struct lttng_event_recorder_enabler *event_enabler;
661
662 memset(&ev, 0, sizeof(ev));
663 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
664 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
665 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
666 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
667 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
668 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
669 if (!event_enabler) {
670 return -ENOMEM;
671 }
672 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
673 WARN_ON_ONCE(!event_recorder);
674 lttng_event_enabler_destroy(&event_enabler->parent);
675 if (IS_ERR(event_recorder)) {
676 return PTR_ERR(event_recorder);
677 }
678 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->compat_unknown_syscall_dispatch);
679 }
680
681 if (hlist_empty(&syscall_table->compat_unknown_syscall_exit_dispatch)) {
682 const struct lttng_kernel_event_desc *desc =
683 &__event_desc___compat_syscall_exit_unknown;
684 struct lttng_kernel_event_recorder *event_recorder;
685 struct lttng_event_recorder_enabler *event_enabler;
686
687 memset(&ev, 0, sizeof(ev));
688 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
689 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
690 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
691 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
692 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
693 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
694 if (!event_enabler) {
695 return -ENOMEM;
696 }
697 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
698 WARN_ON_ONCE(!event_recorder);
699 lttng_event_enabler_destroy(&event_enabler->parent);
700 if (IS_ERR(event_recorder)) {
701 return PTR_ERR(event_recorder);
702 }
703 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->compat_unknown_syscall_exit_dispatch);
704 }
705
706 if (hlist_empty(&syscall_table->unknown_syscall_exit_dispatch)) {
707 const struct lttng_kernel_event_desc *desc =
708 &__event_desc___syscall_exit_unknown;
709 struct lttng_kernel_event_recorder *event_recorder;
710 struct lttng_event_recorder_enabler *event_enabler;
711
712 memset(&ev, 0, sizeof(ev));
713 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
714 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
715 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
716 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
717 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
718 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
719 if (!event_enabler) {
720 return -ENOMEM;
721 }
722 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
723 WARN_ON_ONCE(!event_recorder);
724 lttng_event_enabler_destroy(&event_enabler->parent);
725 if (IS_ERR(event_recorder)) {
726 return PTR_ERR(event_recorder);
727 }
728 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->unknown_syscall_exit_dispatch);
729 }
730
731 ret = lttng_create_syscall_event_if_missing(sc_table.table, sc_table.len,
732 syscall_table->syscall_dispatch, event_recorder_enabler, SC_TYPE_ENTRY);
733 if (ret)
734 return ret;
735 ret = lttng_create_syscall_event_if_missing(sc_exit_table.table, sc_exit_table.len,
736 syscall_table->syscall_exit_dispatch, event_recorder_enabler, SC_TYPE_EXIT);
737 if (ret)
738 return ret;
739
740 #ifdef CONFIG_COMPAT
741 ret = lttng_create_syscall_event_if_missing(compat_sc_table.table, compat_sc_table.len,
742 syscall_table->compat_syscall_dispatch, event_recorder_enabler, SC_TYPE_COMPAT_ENTRY);
743 if (ret)
744 return ret;
745 ret = lttng_create_syscall_event_if_missing(compat_sc_exit_table.table, compat_sc_exit_table.len,
746 syscall_table->compat_syscall_exit_dispatch, event_recorder_enabler, SC_TYPE_COMPAT_EXIT);
747 if (ret)
748 return ret;
749 #endif
750 return ret;
751 }
752
753 /*
754 * Should be called with sessions lock held.
755 */
756 int lttng_syscalls_register_event(struct lttng_event_enabler_common *syscall_event_enabler)
757 {
758 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(syscall_event_enabler);
759 int ret;
760
761 if (!syscall_table->syscall_dispatch) {
762 /* create syscall table mapping syscall to events */
763 syscall_table->syscall_dispatch = kzalloc(sizeof(struct hlist_head) * sc_table.len, GFP_KERNEL);
764 if (!syscall_table->syscall_dispatch)
765 return -ENOMEM;
766 }
767 if (!syscall_table->syscall_exit_dispatch) {
768 /* create syscall table mapping syscall to events */
769 syscall_table->syscall_exit_dispatch = kzalloc(sizeof(struct hlist_head) * sc_exit_table.len, GFP_KERNEL);
770 if (!syscall_table->syscall_exit_dispatch)
771 return -ENOMEM;
772 }
773
774
775 #ifdef CONFIG_COMPAT
776 if (!syscall_table->compat_syscall_dispatch) {
777 /* create syscall table mapping compat syscall to events */
778 syscall_table->compat_syscall_dispatch = kzalloc(sizeof(struct hlist_head) * compat_sc_table.len, GFP_KERNEL);
779 if (!syscall_table->compat_syscall_dispatch)
780 return -ENOMEM;
781 }
782
783 if (!syscall_table->compat_syscall_exit_dispatch) {
784 /* create syscall table mapping compat syscall to events */
785 syscall_table->compat_syscall_exit_dispatch = kzalloc(sizeof(struct hlist_head) * compat_sc_exit_table.len, GFP_KERNEL);
786 if (!syscall_table->compat_syscall_exit_dispatch)
787 return -ENOMEM;
788 }
789 #endif
790 if (!syscall_table->sc_filter) {
791 syscall_table->sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
792 GFP_KERNEL);
793 if (!syscall_table->sc_filter)
794 return -ENOMEM;
795 }
796
797 ret = lttng_syscalls_populate_events(syscall_event_enabler);
798 if (ret)
799 return ret;
800
801 wrapper_vmalloc_sync_mappings();
802
803 if (!syscall_table->sys_enter_registered) {
804 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
805 (void *) syscall_entry_event_probe, syscall_table);
806 if (ret)
807 return ret;
808 syscall_table->sys_enter_registered = 1;
809 }
810 if (!syscall_table->sys_exit_registered) {
811 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
812 (void *) syscall_exit_event_probe, syscall_table);
813 if (ret) {
814 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
815 (void *) syscall_entry_event_probe, syscall_table));
816 return ret;
817 }
818 syscall_table->sys_exit_registered = 1;
819 }
820
821 ret = lttng_syscalls_create_matching_event_notifiers(syscall_event_enabler);
822 if (ret)
823 return ret;
824
825 return ret;
826 }
827
828 static
829 int create_unknown_event_notifier(
830 struct lttng_event_notifier_enabler *event_notifier_enabler,
831 enum sc_type type)
832 {
833 struct lttng_event_ht *events_ht = lttng_get_event_ht_from_enabler(&event_notifier_enabler->parent);
834 struct lttng_kernel_event_common_private *event_priv;
835 struct lttng_kernel_event_notifier *event_notifier;
836 const struct lttng_kernel_event_desc *desc;
837 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
838 struct lttng_kernel_syscall_table *syscall_table = &group->syscall_table;
839 struct lttng_kernel_abi_event_notifier event_notifier_param;
840 uint64_t user_token = event_notifier_enabler->parent.user_token;
841 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
842 struct lttng_event_enabler_common *base_enabler = lttng_event_notifier_enabler_as_enabler(
843 event_notifier_enabler);
844 struct hlist_head *unknown_dispatch_list;
845 int ret = 0;
846 bool found = false;
847 enum lttng_kernel_abi_syscall_abi abi;
848 enum lttng_kernel_abi_syscall_entryexit entryexit;
849 struct hlist_head *head;
850
851 switch (type) {
852 case SC_TYPE_ENTRY:
853 desc = &__event_desc___syscall_entry_unknown;
854 unknown_dispatch_list = &syscall_table->unknown_syscall_dispatch;
855 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
856 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
857 break;
858 case SC_TYPE_EXIT:
859 desc = &__event_desc___syscall_exit_unknown;
860 unknown_dispatch_list = &syscall_table->unknown_syscall_exit_dispatch;
861 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
862 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
863 break;
864 case SC_TYPE_COMPAT_ENTRY:
865 desc = &__event_desc___compat_syscall_entry_unknown;
866 unknown_dispatch_list = &syscall_table->compat_unknown_syscall_dispatch;
867 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
868 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
869 break;
870 case SC_TYPE_COMPAT_EXIT:
871 desc = &__event_desc___compat_syscall_exit_unknown;
872 unknown_dispatch_list = &syscall_table->compat_unknown_syscall_exit_dispatch;
873 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
874 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
875 break;
876 default:
877 BUG_ON(1);
878 }
879
880 /*
881 * Check if already created.
882 */
883 head = utils_borrow_hash_table_bucket(events_ht->table, LTTNG_EVENT_HT_SIZE, desc->event_name);
884 lttng_hlist_for_each_entry(event_priv, head, hlist_node) {
885 if (event_priv->desc == desc &&
886 event_priv->user_token == base_enabler->user_token)
887 found = true;
888 }
889 if (found)
890 goto end;
891
892 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
893 strncat(event_notifier_param.event.name, desc->event_name,
894 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
895
896 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
897
898 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
899 event_notifier_param.event.token = user_token;
900 event_notifier_param.event.u.syscall.abi = abi;
901 event_notifier_param.event.u.syscall.entryexit = entryexit;
902 event_notifier_param.error_counter_index = error_counter_index;
903
904 event_notifier_enabler = lttng_event_notifier_enabler_create(LTTNG_ENABLER_FORMAT_NAME,
905 &event_notifier_param, group);
906 WARN_ON_ONCE(!event_notifier_enabler);
907 event_notifier = _lttng_event_notifier_create(event_notifier_enabler, desc);
908 lttng_event_enabler_destroy(&event_notifier_enabler->parent);
909 if (IS_ERR(event_notifier)) {
910 printk(KERN_INFO "Unable to create unknown notifier %s\n",
911 desc->event_name);
912 ret = -ENOMEM;
913 goto end;
914 }
915
916 hlist_add_head_rcu(&event_notifier->priv->parent.u.syscall.node, unknown_dispatch_list);
917
918 end:
919 return ret;
920 }
921
922 static int create_matching_event_notifiers(
923 struct lttng_event_notifier_enabler *syscall_event_notifier_enabler,
924 const struct trace_syscall_entry *table,
925 size_t table_len, enum sc_type type)
926 {
927 struct lttng_event_ht *events_ht = lttng_get_event_ht_from_enabler(&syscall_event_notifier_enabler->parent);
928 struct lttng_event_notifier_group *group = syscall_event_notifier_enabler->group;
929 const struct lttng_kernel_event_desc *desc;
930 uint64_t user_token = syscall_event_notifier_enabler->parent.user_token;
931 uint64_t error_counter_index = syscall_event_notifier_enabler->error_counter_index;
932 unsigned int i;
933 int ret = 0;
934
935 /* iterate over all syscall and create event_notifier that match */
936 for (i = 0; i < table_len; i++) {
937 struct lttng_event_notifier_enabler *event_notifier_enabler;
938 struct lttng_kernel_event_common_private *event_priv;
939 struct lttng_kernel_event_notifier *event_notifier;
940 struct lttng_kernel_abi_event_notifier event_notifier_param;
941 struct hlist_head *head;
942 int found = 0;
943
944 desc = table[i].desc;
945 if (!desc) {
946 /* Unknown syscall */
947 continue;
948 }
949
950 if (!lttng_desc_match_enabler(desc,
951 lttng_event_notifier_enabler_as_enabler(syscall_event_notifier_enabler)))
952 continue;
953
954 /*
955 * Check if already created.
956 */
957 head = utils_borrow_hash_table_bucket(events_ht->table, LTTNG_EVENT_HT_SIZE, desc->event_name);
958 lttng_hlist_for_each_entry(event_priv, head, hlist_node) {
959 if (event_priv->desc == desc
960 && event_priv->user_token == syscall_event_notifier_enabler->parent.user_token)
961 found = 1;
962 }
963 if (found)
964 continue;
965
966 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
967 switch (type) {
968 case SC_TYPE_ENTRY:
969 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
970 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
971 break;
972 case SC_TYPE_EXIT:
973 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
974 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
975 break;
976 case SC_TYPE_COMPAT_ENTRY:
977 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
978 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
979 break;
980 case SC_TYPE_COMPAT_EXIT:
981 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
982 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
983 break;
984 }
985 strncat(event_notifier_param.event.name, desc->event_name,
986 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
987 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
988 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
989 event_notifier_param.event.token = user_token;
990 event_notifier_param.error_counter_index = error_counter_index;
991
992 event_notifier_enabler = lttng_event_notifier_enabler_create(LTTNG_ENABLER_FORMAT_NAME,
993 &event_notifier_param, group);
994 WARN_ON_ONCE(!event_notifier_enabler);
995 event_notifier = _lttng_event_notifier_create(event_notifier_enabler, desc);
996 lttng_event_enabler_destroy(&event_notifier_enabler->parent);
997 if (IS_ERR(event_notifier)) {
998 printk(KERN_INFO "Unable to create event_notifier %s\n",
999 desc->event_name);
1000 ret = -ENOMEM;
1001 goto end;
1002 }
1003
1004 event_notifier->priv->parent.u.syscall.syscall_id = i;
1005 }
1006
1007 end:
1008 return ret;
1009
1010 }
1011
1012 static
1013 int lttng_syscalls_create_matching_event_notifiers(struct lttng_event_enabler_common *event_enabler)
1014 {
1015 int ret;
1016 enum lttng_kernel_abi_syscall_entryexit entryexit =
1017 event_enabler->event_param.u.syscall.entryexit;
1018 struct lttng_event_notifier_enabler *event_notifier_enabler;
1019
1020 if (event_enabler->enabler_type != LTTNG_EVENT_ENABLER_TYPE_NOTIFIER)
1021 return 0;
1022 event_notifier_enabler = container_of(event_enabler, struct lttng_event_notifier_enabler, parent);
1023
1024 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRY || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1025 ret = create_matching_event_notifiers(event_notifier_enabler,
1026 sc_table.table, sc_table.len, SC_TYPE_ENTRY);
1027 if (ret)
1028 goto end;
1029
1030 ret = create_matching_event_notifiers(event_notifier_enabler,
1031 compat_sc_table.table, compat_sc_table.len,
1032 SC_TYPE_COMPAT_ENTRY);
1033 if (ret)
1034 goto end;
1035
1036 ret = create_unknown_event_notifier(event_notifier_enabler,
1037 SC_TYPE_ENTRY);
1038 if (ret)
1039 goto end;
1040
1041 ret = create_unknown_event_notifier(event_notifier_enabler,
1042 SC_TYPE_COMPAT_ENTRY);
1043 if (ret)
1044 goto end;
1045 }
1046
1047 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_EXIT || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1048 ret = create_matching_event_notifiers(event_notifier_enabler,
1049 sc_exit_table.table, sc_exit_table.len,
1050 SC_TYPE_EXIT);
1051 if (ret)
1052 goto end;
1053
1054 ret = create_unknown_event_notifier(event_notifier_enabler,
1055 SC_TYPE_EXIT);
1056 if (ret)
1057 goto end;
1058
1059 ret = create_matching_event_notifiers(event_notifier_enabler,
1060 compat_sc_exit_table.table, compat_sc_exit_table.len,
1061 SC_TYPE_COMPAT_EXIT);
1062 if (ret)
1063 goto end;
1064
1065 ret = create_unknown_event_notifier(event_notifier_enabler,
1066 SC_TYPE_COMPAT_EXIT);
1067 if (ret)
1068 goto end;
1069 }
1070
1071 end:
1072 return ret;
1073 }
1074
1075 int lttng_syscalls_unregister_syscall_table(struct lttng_kernel_syscall_table *syscall_table)
1076 {
1077 int ret;
1078
1079 if (!syscall_table->syscall_dispatch)
1080 return 0;
1081 if (syscall_table->sys_enter_registered) {
1082 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1083 (void *) syscall_entry_event_probe, syscall_table);
1084 if (ret)
1085 return ret;
1086 syscall_table->sys_enter_registered = 0;
1087 }
1088 if (syscall_table->sys_exit_registered) {
1089 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1090 (void *) syscall_exit_event_probe, syscall_table);
1091 if (ret)
1092 return ret;
1093 syscall_table->sys_exit_registered = 0;
1094 }
1095 return 0;
1096 }
1097
1098 int lttng_syscalls_destroy_syscall_table(struct lttng_kernel_syscall_table *syscall_table)
1099 {
1100 kfree(syscall_table->syscall_dispatch);
1101 kfree(syscall_table->syscall_exit_dispatch);
1102 #ifdef CONFIG_COMPAT
1103 kfree(syscall_table->compat_syscall_dispatch);
1104 kfree(syscall_table->compat_syscall_exit_dispatch);
1105 #endif
1106 kfree(syscall_table->sc_filter);
1107 return 0;
1108 }
1109
1110 static
1111 int get_syscall_nr(const char *syscall_name)
1112 {
1113 int syscall_nr = -1;
1114 int i;
1115
1116 for (i = 0; i < sc_table.len; i++) {
1117 const struct trace_syscall_entry *entry;
1118 const char *it_name;
1119
1120 entry = &sc_table.table[i];
1121 if (!entry->desc)
1122 continue;
1123 it_name = entry->desc->event_name;
1124 it_name += strlen(SYSCALL_ENTRY_STR);
1125 if (!strcmp(syscall_name, it_name)) {
1126 syscall_nr = i;
1127 break;
1128 }
1129 }
1130 return syscall_nr;
1131 }
1132
1133 static
1134 int get_compat_syscall_nr(const char *syscall_name)
1135 {
1136 int syscall_nr = -1;
1137 int i;
1138
1139 for (i = 0; i < compat_sc_table.len; i++) {
1140 const struct trace_syscall_entry *entry;
1141 const char *it_name;
1142
1143 entry = &compat_sc_table.table[i];
1144 if (!entry->desc)
1145 continue;
1146 it_name = entry->desc->event_name;
1147 it_name += strlen(COMPAT_SYSCALL_ENTRY_STR);
1148 if (!strcmp(syscall_name, it_name)) {
1149 syscall_nr = i;
1150 break;
1151 }
1152 }
1153 return syscall_nr;
1154 }
1155
1156 static
1157 uint32_t get_sc_tables_len(void)
1158 {
1159 return sc_table.len + compat_sc_table.len;
1160 }
1161
1162 static
1163 const char *get_syscall_name(const char *desc_name,
1164 enum lttng_syscall_abi abi,
1165 enum lttng_syscall_entryexit entryexit)
1166 {
1167 size_t prefix_len = 0;
1168
1169
1170 switch (entryexit) {
1171 case LTTNG_SYSCALL_ENTRY:
1172 switch (abi) {
1173 case LTTNG_SYSCALL_ABI_NATIVE:
1174 prefix_len = strlen(SYSCALL_ENTRY_STR);
1175 break;
1176 case LTTNG_SYSCALL_ABI_COMPAT:
1177 prefix_len = strlen(COMPAT_SYSCALL_ENTRY_STR);
1178 break;
1179 }
1180 break;
1181 case LTTNG_SYSCALL_EXIT:
1182 switch (abi) {
1183 case LTTNG_SYSCALL_ABI_NATIVE:
1184 prefix_len = strlen(SYSCALL_EXIT_STR);
1185 break;
1186 case LTTNG_SYSCALL_ABI_COMPAT:
1187 prefix_len = strlen(COMPAT_SYSCALL_EXIT_STR);
1188 break;
1189 }
1190 break;
1191 }
1192 WARN_ON_ONCE(prefix_len == 0);
1193 return desc_name + prefix_len;
1194 }
1195
1196 static
1197 int lttng_syscall_filter_enable(
1198 struct lttng_syscall_filter *filter,
1199 const char *desc_name, enum lttng_syscall_abi abi,
1200 enum lttng_syscall_entryexit entryexit)
1201 {
1202 const char *syscall_name;
1203 unsigned long *bitmap;
1204 int syscall_nr;
1205
1206 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1207
1208 switch (abi) {
1209 case LTTNG_SYSCALL_ABI_NATIVE:
1210 syscall_nr = get_syscall_nr(syscall_name);
1211 break;
1212 case LTTNG_SYSCALL_ABI_COMPAT:
1213 syscall_nr = get_compat_syscall_nr(syscall_name);
1214 break;
1215 default:
1216 return -EINVAL;
1217 }
1218 if (syscall_nr < 0)
1219 return -ENOENT;
1220
1221 switch (entryexit) {
1222 case LTTNG_SYSCALL_ENTRY:
1223 switch (abi) {
1224 case LTTNG_SYSCALL_ABI_NATIVE:
1225 bitmap = filter->sc_entry;
1226 break;
1227 case LTTNG_SYSCALL_ABI_COMPAT:
1228 bitmap = filter->sc_compat_entry;
1229 break;
1230 default:
1231 return -EINVAL;
1232 }
1233 break;
1234 case LTTNG_SYSCALL_EXIT:
1235 switch (abi) {
1236 case LTTNG_SYSCALL_ABI_NATIVE:
1237 bitmap = filter->sc_exit;
1238 break;
1239 case LTTNG_SYSCALL_ABI_COMPAT:
1240 bitmap = filter->sc_compat_exit;
1241 break;
1242 default:
1243 return -EINVAL;
1244 }
1245 break;
1246 default:
1247 return -EINVAL;
1248 }
1249 if (test_bit(syscall_nr, bitmap))
1250 return -EEXIST;
1251 bitmap_set(bitmap, syscall_nr, 1);
1252 return 0;
1253 }
1254
1255 int lttng_syscall_filter_enable_event(struct lttng_kernel_event_common *event)
1256 {
1257 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_event(event);
1258 int ret;
1259
1260 WARN_ON_ONCE(event->priv->instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1261
1262 ret = lttng_syscall_filter_enable(syscall_table->sc_filter,
1263 event->priv->desc->event_name, event->priv->u.syscall.abi,
1264 event->priv->u.syscall.entryexit);
1265 if (ret)
1266 return ret;
1267
1268 switch (event->type) {
1269 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
1270 break;
1271 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
1272 {
1273 unsigned int syscall_id = event->priv->u.syscall.syscall_id;
1274 struct hlist_head *dispatch_list;
1275
1276 switch (event->priv->u.syscall.entryexit) {
1277 case LTTNG_SYSCALL_ENTRY:
1278 switch (event->priv->u.syscall.abi) {
1279 case LTTNG_SYSCALL_ABI_NATIVE:
1280 dispatch_list = &syscall_table->syscall_dispatch[syscall_id];
1281 break;
1282 case LTTNG_SYSCALL_ABI_COMPAT:
1283 dispatch_list = &syscall_table->compat_syscall_dispatch[syscall_id];
1284 break;
1285 default:
1286 ret = -EINVAL;
1287 goto end;
1288 }
1289 break;
1290 case LTTNG_SYSCALL_EXIT:
1291 switch (event->priv->u.syscall.abi) {
1292 case LTTNG_SYSCALL_ABI_NATIVE:
1293 dispatch_list = &syscall_table->syscall_exit_dispatch[syscall_id];
1294 break;
1295 case LTTNG_SYSCALL_ABI_COMPAT:
1296 dispatch_list = &syscall_table->compat_syscall_exit_dispatch[syscall_id];
1297 break;
1298 default:
1299 ret = -EINVAL;
1300 goto end;
1301 }
1302 break;
1303 default:
1304 ret = -EINVAL;
1305 goto end;
1306 }
1307
1308 hlist_add_head_rcu(&event->priv->u.syscall.node, dispatch_list);
1309 break;
1310 }
1311 default:
1312 WARN_ON_ONCE(1);
1313 return -ENOSYS;
1314 }
1315 end:
1316 return ret;
1317 }
1318
1319 static
1320 int lttng_syscall_filter_disable(struct lttng_syscall_filter *filter,
1321 const char *desc_name, enum lttng_syscall_abi abi,
1322 enum lttng_syscall_entryexit entryexit)
1323 {
1324 const char *syscall_name;
1325 unsigned long *bitmap;
1326 int syscall_nr;
1327
1328 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1329
1330 switch (abi) {
1331 case LTTNG_SYSCALL_ABI_NATIVE:
1332 syscall_nr = get_syscall_nr(syscall_name);
1333 break;
1334 case LTTNG_SYSCALL_ABI_COMPAT:
1335 syscall_nr = get_compat_syscall_nr(syscall_name);
1336 break;
1337 default:
1338 return -EINVAL;
1339 }
1340 if (syscall_nr < 0)
1341 return -ENOENT;
1342
1343 switch (entryexit) {
1344 case LTTNG_SYSCALL_ENTRY:
1345 switch (abi) {
1346 case LTTNG_SYSCALL_ABI_NATIVE:
1347 bitmap = filter->sc_entry;
1348 break;
1349 case LTTNG_SYSCALL_ABI_COMPAT:
1350 bitmap = filter->sc_compat_entry;
1351 break;
1352 default:
1353 return -EINVAL;
1354 }
1355 break;
1356 case LTTNG_SYSCALL_EXIT:
1357 switch (abi) {
1358 case LTTNG_SYSCALL_ABI_NATIVE:
1359 bitmap = filter->sc_exit;
1360 break;
1361 case LTTNG_SYSCALL_ABI_COMPAT:
1362 bitmap = filter->sc_compat_exit;
1363 break;
1364 default:
1365 return -EINVAL;
1366 }
1367 break;
1368 default:
1369 return -EINVAL;
1370 }
1371 if (!test_bit(syscall_nr, bitmap))
1372 return -EEXIST;
1373 bitmap_clear(bitmap, syscall_nr, 1);
1374
1375 return 0;
1376 }
1377
1378 int lttng_syscall_filter_disable_event(struct lttng_kernel_event_common *event)
1379 {
1380 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_event(event);
1381 int ret;
1382
1383 ret = lttng_syscall_filter_disable(syscall_table->sc_filter,
1384 event->priv->desc->event_name, event->priv->u.syscall.abi,
1385 event->priv->u.syscall.entryexit);
1386 if (ret)
1387 return ret;
1388
1389 switch (event->type) {
1390 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
1391 break;
1392 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
1393 {
1394 hlist_del_rcu(&event->priv->u.syscall.node);
1395 break;
1396 }
1397 default:
1398 WARN_ON_ONCE(1);
1399 return -ENOSYS;
1400 }
1401 return 0;
1402 }
1403
1404 static
1405 const struct trace_syscall_entry *syscall_list_get_entry(loff_t *pos)
1406 {
1407 const struct trace_syscall_entry *entry;
1408 int iter = 0;
1409
1410 for (entry = sc_table.table;
1411 entry < sc_table.table + sc_table.len;
1412 entry++) {
1413 if (iter++ >= *pos)
1414 return entry;
1415 }
1416 for (entry = compat_sc_table.table;
1417 entry < compat_sc_table.table + compat_sc_table.len;
1418 entry++) {
1419 if (iter++ >= *pos)
1420 return entry;
1421 }
1422 /* End of list */
1423 return NULL;
1424 }
1425
1426 static
1427 void *syscall_list_start(struct seq_file *m, loff_t *pos)
1428 {
1429 return (void *) syscall_list_get_entry(pos);
1430 }
1431
1432 static
1433 void *syscall_list_next(struct seq_file *m, void *p, loff_t *ppos)
1434 {
1435 (*ppos)++;
1436 return (void *) syscall_list_get_entry(ppos);
1437 }
1438
1439 static
1440 void syscall_list_stop(struct seq_file *m, void *p)
1441 {
1442 }
1443
1444 static
1445 int get_sc_table(const struct trace_syscall_entry *entry,
1446 const struct trace_syscall_entry **table,
1447 unsigned int *bitness)
1448 {
1449 if (entry >= sc_table.table && entry < sc_table.table + sc_table.len) {
1450 if (bitness)
1451 *bitness = BITS_PER_LONG;
1452 if (table)
1453 *table = sc_table.table;
1454 return 0;
1455 }
1456 if (!(entry >= compat_sc_table.table
1457 && entry < compat_sc_table.table + compat_sc_table.len)) {
1458 return -EINVAL;
1459 }
1460 if (bitness)
1461 *bitness = 32;
1462 if (table)
1463 *table = compat_sc_table.table;
1464 return 0;
1465 }
1466
1467 static
1468 int syscall_list_show(struct seq_file *m, void *p)
1469 {
1470 const struct trace_syscall_entry *table, *entry = p;
1471 unsigned int bitness;
1472 unsigned long index;
1473 int ret;
1474 const char *name;
1475
1476 ret = get_sc_table(entry, &table, &bitness);
1477 if (ret)
1478 return ret;
1479 if (!entry->desc)
1480 return 0;
1481 if (table == sc_table.table) {
1482 index = entry - table;
1483 name = &entry->desc->event_name[strlen(SYSCALL_ENTRY_STR)];
1484 } else {
1485 index = (entry - table) + sc_table.len;
1486 name = &entry->desc->event_name[strlen(COMPAT_SYSCALL_ENTRY_STR)];
1487 }
1488 seq_printf(m, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1489 index, name, bitness);
1490 return 0;
1491 }
1492
1493 static
1494 const struct seq_operations lttng_syscall_list_seq_ops = {
1495 .start = syscall_list_start,
1496 .next = syscall_list_next,
1497 .stop = syscall_list_stop,
1498 .show = syscall_list_show,
1499 };
1500
1501 static
1502 int lttng_syscall_list_open(struct inode *inode, struct file *file)
1503 {
1504 return seq_open(file, &lttng_syscall_list_seq_ops);
1505 }
1506
1507 const struct file_operations lttng_syscall_list_fops = {
1508 .owner = THIS_MODULE,
1509 .open = lttng_syscall_list_open,
1510 .read = seq_read,
1511 .llseek = seq_lseek,
1512 .release = seq_release,
1513 };
1514
1515 /*
1516 * A syscall is enabled if it is traced for either entry or exit.
1517 */
1518 long lttng_syscall_table_get_active_mask(struct lttng_kernel_syscall_table *syscall_table,
1519 struct lttng_kernel_abi_syscall_mask __user *usyscall_mask)
1520 {
1521 uint32_t len, sc_tables_len, bitmask_len;
1522 int ret = 0, bit;
1523 char *tmp_mask;
1524 struct lttng_syscall_filter *filter;
1525
1526 ret = get_user(len, &usyscall_mask->len);
1527 if (ret)
1528 return ret;
1529 sc_tables_len = get_sc_tables_len();
1530 bitmask_len = ALIGN(sc_tables_len, 8) >> 3;
1531 if (len < sc_tables_len) {
1532 return put_user(sc_tables_len, &usyscall_mask->len);
1533 }
1534 /* Array is large enough, we can copy array to user-space. */
1535 tmp_mask = kzalloc(bitmask_len, GFP_KERNEL);
1536 if (!tmp_mask)
1537 return -ENOMEM;
1538 filter = syscall_table->sc_filter;
1539
1540 for (bit = 0; bit < sc_table.len; bit++) {
1541 char state;
1542
1543 if (syscall_table->syscall_dispatch) {
1544 if (!(READ_ONCE(syscall_table->syscall_all_entry)
1545 || READ_ONCE(syscall_table->syscall_all_exit)) && filter)
1546 state = test_bit(bit, filter->sc_entry)
1547 || test_bit(bit, filter->sc_exit);
1548 else
1549 state = 1;
1550 } else {
1551 state = 0;
1552 }
1553 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1554 }
1555 for (; bit < sc_tables_len; bit++) {
1556 char state;
1557
1558 if (syscall_table->compat_syscall_dispatch) {
1559 if (!(READ_ONCE(syscall_table->syscall_all_entry)
1560 || READ_ONCE(syscall_table->syscall_all_exit)) && filter)
1561 state = test_bit(bit - sc_table.len,
1562 filter->sc_compat_entry)
1563 || test_bit(bit - sc_table.len,
1564 filter->sc_compat_exit);
1565 else
1566 state = 1;
1567 } else {
1568 state = 0;
1569 }
1570 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1571 }
1572 if (copy_to_user(usyscall_mask->mask, tmp_mask, bitmask_len))
1573 ret = -EFAULT;
1574 kfree(tmp_mask);
1575 return ret;
1576 }
1577
1578 int lttng_abi_syscall_list(void)
1579 {
1580 struct file *syscall_list_file;
1581 int file_fd, ret;
1582
1583 file_fd = lttng_get_unused_fd();
1584 if (file_fd < 0) {
1585 ret = file_fd;
1586 goto fd_error;
1587 }
1588
1589 syscall_list_file = anon_inode_getfile("[lttng_syscall_list]",
1590 &lttng_syscall_list_fops,
1591 NULL, O_RDWR);
1592 if (IS_ERR(syscall_list_file)) {
1593 ret = PTR_ERR(syscall_list_file);
1594 goto file_error;
1595 }
1596 ret = lttng_syscall_list_fops.open(NULL, syscall_list_file);
1597 if (ret < 0)
1598 goto open_error;
1599 fd_install(file_fd, syscall_list_file);
1600 return file_fd;
1601
1602 open_error:
1603 fput(syscall_list_file);
1604 file_error:
1605 put_unused_fd(file_fd);
1606 fd_error:
1607 return ret;
1608 }
LTTng 2.0/0.x modules
This page took 0.09607 seconds and 4 git commands to generate.