projects / lttng-modules.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Refactoring: Rename lttng_channel_syscall_mask to lttng_syscall_table_get_active_mask
[lttng-modules.git] / src / lttng-syscalls.c
1 /* SPDX-License-Identifier: (GPL-2.0-only or LGPL-2.1-only)
2 *
3 * lttng-syscalls.c
4 *
5 * LTTng syscall probes.
6 *
7 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 */
9
10 #include <linux/module.h>
11 #include <linux/slab.h>
12 #include <linux/compat.h>
13 #include <linux/err.h>
14 #include <linux/bitmap.h>
15 #include <linux/in.h>
16 #include <linux/in6.h>
17 #include <linux/seq_file.h>
18 #include <linux/stringify.h>
19 #include <linux/file.h>
20 #include <linux/anon_inodes.h>
21 #include <linux/fcntl.h>
22 #include <linux/mman.h>
23 #include <asm/ptrace.h>
24 #include <asm/syscall.h>
25
26 #include <lttng/bitfield.h>
27 #include <wrapper/tracepoint.h>
28 #include <wrapper/file.h>
29 #include <wrapper/rcu.h>
30 #include <wrapper/syscall.h>
31 #include <lttng/events.h>
32 #include <lttng/events-internal.h>
33 #include <lttng/utils.h>
34
35 #include "lttng-syscalls.h"
36
37 #ifndef CONFIG_COMPAT
38 # ifndef is_compat_task
39 # define is_compat_task() (0)
40 # endif
41 #endif
42
43 /* in_compat_syscall appears in kernel 4.6. */
44 #ifndef in_compat_syscall
45 #define in_compat_syscall() is_compat_task()
46 #endif
47
48 enum sc_type {
49 SC_TYPE_ENTRY,
50 SC_TYPE_EXIT,
51 SC_TYPE_COMPAT_ENTRY,
52 SC_TYPE_COMPAT_EXIT,
53 };
54
55 #define SYSCALL_ENTRY_TOK syscall_entry_
56 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
57 #define SYSCALL_EXIT_TOK syscall_exit_
58 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
59
60 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
61 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
62 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
63 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
64
65 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id);
66 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret);
67
68 /*
69 * Forward declarations for old kernels.
70 */
71 struct mmsghdr;
72 struct rlimit64;
73 struct oldold_utsname;
74 struct old_utsname;
75 struct sel_arg_struct;
76 struct mmap_arg_struct;
77 struct file_handle;
78 struct user_msghdr;
79
80 /*
81 * Forward declaration for kernels >= 5.6
82 */
83 struct timex;
84 struct timeval;
85 struct itimerval;
86 struct itimerspec;
87
88 #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,6,0))
89 typedef __kernel_old_time_t time_t;
90 #endif
91
92 #ifdef IA32_NR_syscalls
93 #define NR_compat_syscalls IA32_NR_syscalls
94 #else
95 #define NR_compat_syscalls NR_syscalls
96 #endif
97
98 /*
99 * Create LTTng tracepoint probes.
100 */
101 #define LTTNG_PACKAGE_BUILD
102 #define CREATE_TRACE_POINTS
103 #define TP_MODULE_NOINIT
104 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
105
106 #define PARAMS(args...) args
107
108 /* Handle unknown syscalls */
109 #undef TRACE_SYSTEM
110 #define TRACE_SYSTEM syscalls_unknown
111 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
112 #undef TRACE_SYSTEM
113
114 #undef TP_PROBE_CB
115
116 extern const struct trace_syscall_table sc_table;
117 extern const struct trace_syscall_table compat_sc_table;
118
119 /* Event syscall exit table */
120 extern const struct trace_syscall_table sc_exit_table;
121 extern const struct trace_syscall_table compat_sc_exit_table;
122
123
124 #undef SC_EXIT
125
126 #undef CREATE_SYSCALL_TABLE
127
128 struct lttng_syscall_filter {
129 DECLARE_BITMAP(sc_entry, NR_syscalls);
130 DECLARE_BITMAP(sc_exit, NR_syscalls);
131 DECLARE_BITMAP(sc_compat_entry, NR_compat_syscalls);
132 DECLARE_BITMAP(sc_compat_exit, NR_compat_syscalls);
133 };
134
135 static void syscall_entry_event_unknown(struct hlist_head *unknown_action_list_head,
136 struct pt_regs *regs, long id)
137 {
138 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
139 struct lttng_kernel_event_common_private *event_priv;
140
141 lttng_syscall_get_arguments(current, regs, args);
142 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
143 if (unlikely(in_compat_syscall()))
144 __event_probe__compat_syscall_entry_unknown(event_priv->pub, id, args);
145 else
146 __event_probe__syscall_entry_unknown(event_priv->pub, id, args);
147 }
148 }
149
150 static __always_inline
151 void syscall_entry_event_call_func(struct hlist_head *action_list,
152 void *func, unsigned int nrargs,
153 struct pt_regs *regs)
154 {
155 struct lttng_kernel_event_common_private *event_priv;
156
157 switch (nrargs) {
158 case 0:
159 {
160 void (*fptr)(void *__data) = func;
161
162 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
163 fptr(event_priv->pub);
164 break;
165 }
166 case 1:
167 {
168 void (*fptr)(void *__data, unsigned long arg0) = func;
169 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
170
171 lttng_syscall_get_arguments(current, regs, args);
172 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
173 fptr(event_priv->pub, args[0]);
174 break;
175 }
176 case 2:
177 {
178 void (*fptr)(void *__data,
179 unsigned long arg0,
180 unsigned long arg1) = func;
181 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
182
183 lttng_syscall_get_arguments(current, regs, args);
184 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
185 fptr(event_priv->pub, args[0], args[1]);
186 break;
187 }
188 case 3:
189 {
190 void (*fptr)(void *__data,
191 unsigned long arg0,
192 unsigned long arg1,
193 unsigned long arg2) = func;
194 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
195
196 lttng_syscall_get_arguments(current, regs, args);
197 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
198 fptr(event_priv->pub, args[0], args[1], args[2]);
199 break;
200 }
201 case 4:
202 {
203 void (*fptr)(void *__data,
204 unsigned long arg0,
205 unsigned long arg1,
206 unsigned long arg2,
207 unsigned long arg3) = func;
208 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
209
210 lttng_syscall_get_arguments(current, regs, args);
211 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
212 fptr(event_priv->pub, args[0], args[1], args[2], args[3]);
213 break;
214 }
215 case 5:
216 {
217 void (*fptr)(void *__data,
218 unsigned long arg0,
219 unsigned long arg1,
220 unsigned long arg2,
221 unsigned long arg3,
222 unsigned long arg4) = func;
223 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
224
225 lttng_syscall_get_arguments(current, regs, args);
226 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
227 fptr(event_priv->pub, args[0], args[1], args[2], args[3], args[4]);
228 break;
229 }
230 case 6:
231 {
232 void (*fptr)(void *__data,
233 unsigned long arg0,
234 unsigned long arg1,
235 unsigned long arg2,
236 unsigned long arg3,
237 unsigned long arg4,
238 unsigned long arg5) = func;
239 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
240
241 lttng_syscall_get_arguments(current, regs, args);
242 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
243 fptr(event_priv->pub, args[0], args[1], args[2],
244 args[3], args[4], args[5]);
245 break;
246 }
247 default:
248 break;
249 }
250 }
251
252 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id)
253 {
254 struct lttng_kernel_syscall_table *syscall_table = __data;
255 struct hlist_head *action_list, *unknown_action_list;
256 const struct trace_syscall_entry *table, *entry;
257 size_t table_len;
258
259 if (unlikely(in_compat_syscall())) {
260 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
261
262 if (id < 0 || id >= NR_compat_syscalls
263 || (!READ_ONCE(syscall_table->syscall_all_entry) && !test_bit(id, filter->sc_compat_entry))) {
264 /* System call filtered out. */
265 return;
266 }
267 table = compat_sc_table.table;
268 table_len = compat_sc_table.len;
269 unknown_action_list = &syscall_table->compat_unknown_syscall_dispatch;
270 } else {
271 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
272
273 if (id < 0 || id >= NR_syscalls
274 || (!READ_ONCE(syscall_table->syscall_all_entry) && !test_bit(id, filter->sc_entry))) {
275 /* System call filtered out. */
276 return;
277 }
278 table = sc_table.table;
279 table_len = sc_table.len;
280 unknown_action_list = &syscall_table->unknown_syscall_dispatch;
281 }
282 if (unlikely(id < 0 || id >= table_len)) {
283 syscall_entry_event_unknown(unknown_action_list, regs, id);
284 return;
285 }
286
287 entry = &table[id];
288 if (!entry->event_func) {
289 syscall_entry_event_unknown(unknown_action_list, regs, id);
290 return;
291 }
292
293 if (unlikely(in_compat_syscall())) {
294 action_list = &syscall_table->compat_syscall_dispatch[id];
295 } else {
296 action_list = &syscall_table->syscall_dispatch[id];
297 }
298 if (unlikely(hlist_empty(action_list)))
299 return;
300
301 syscall_entry_event_call_func(action_list, entry->event_func, entry->nrargs, regs);
302 }
303
304 static void syscall_exit_event_unknown(struct hlist_head *unknown_action_list_head,
305 struct pt_regs *regs, long id, long ret)
306 {
307 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
308 struct lttng_kernel_event_common_private *event_priv;
309
310 lttng_syscall_get_arguments(current, regs, args);
311 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
312 if (unlikely(in_compat_syscall()))
313 __event_probe__compat_syscall_exit_unknown(event_priv->pub, id, ret,
314 args);
315 else
316 __event_probe__syscall_exit_unknown(event_priv->pub, id, ret, args);
317 }
318 }
319
320 static __always_inline
321 void syscall_exit_event_call_func(struct hlist_head *action_list,
322 void *func, unsigned int nrargs,
323 struct pt_regs *regs, long ret)
324 {
325 struct lttng_kernel_event_common_private *event_priv;
326
327 switch (nrargs) {
328 case 0:
329 {
330 void (*fptr)(void *__data, long ret) = func;
331
332 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
333 fptr(event_priv->pub, ret);
334 break;
335 }
336 case 1:
337 {
338 void (*fptr)(void *__data,
339 long ret,
340 unsigned long arg0) = func;
341 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
342
343 lttng_syscall_get_arguments(current, regs, args);
344 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
345 fptr(event_priv->pub, ret, args[0]);
346 break;
347 }
348 case 2:
349 {
350 void (*fptr)(void *__data,
351 long ret,
352 unsigned long arg0,
353 unsigned long arg1) = func;
354 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
355
356 lttng_syscall_get_arguments(current, regs, args);
357 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
358 fptr(event_priv->pub, ret, args[0], args[1]);
359 break;
360 }
361 case 3:
362 {
363 void (*fptr)(void *__data,
364 long ret,
365 unsigned long arg0,
366 unsigned long arg1,
367 unsigned long arg2) = func;
368 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
369
370 lttng_syscall_get_arguments(current, regs, args);
371 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
372 fptr(event_priv->pub, ret, args[0], args[1], args[2]);
373 break;
374 }
375 case 4:
376 {
377 void (*fptr)(void *__data,
378 long ret,
379 unsigned long arg0,
380 unsigned long arg1,
381 unsigned long arg2,
382 unsigned long arg3) = func;
383 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
384
385 lttng_syscall_get_arguments(current, regs, args);
386 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
387 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3]);
388 break;
389 }
390 case 5:
391 {
392 void (*fptr)(void *__data,
393 long ret,
394 unsigned long arg0,
395 unsigned long arg1,
396 unsigned long arg2,
397 unsigned long arg3,
398 unsigned long arg4) = func;
399 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
400
401 lttng_syscall_get_arguments(current, regs, args);
402 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
403 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3], args[4]);
404 break;
405 }
406 case 6:
407 {
408 void (*fptr)(void *__data,
409 long ret,
410 unsigned long arg0,
411 unsigned long arg1,
412 unsigned long arg2,
413 unsigned long arg3,
414 unsigned long arg4,
415 unsigned long arg5) = func;
416 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
417
418 lttng_syscall_get_arguments(current, regs, args);
419 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
420 fptr(event_priv->pub, ret, args[0], args[1], args[2],
421 args[3], args[4], args[5]);
422 break;
423 }
424 default:
425 break;
426 }
427 }
428
429 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret)
430 {
431 struct lttng_kernel_syscall_table *syscall_table = __data;
432 struct hlist_head *action_list, *unknown_action_list;
433 const struct trace_syscall_entry *table, *entry;
434 size_t table_len;
435 long id;
436
437 id = syscall_get_nr(current, regs);
438
439 if (unlikely(in_compat_syscall())) {
440 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
441
442 if (id < 0 || id >= NR_compat_syscalls
443 || (!READ_ONCE(syscall_table->syscall_all_exit) && !test_bit(id, filter->sc_compat_exit))) {
444 /* System call filtered out. */
445 return;
446 }
447 table = compat_sc_exit_table.table;
448 table_len = compat_sc_exit_table.len;
449 unknown_action_list = &syscall_table->compat_unknown_syscall_exit_dispatch;
450 } else {
451 struct lttng_syscall_filter *filter = syscall_table->sc_filter;
452
453 if (id < 0 || id >= NR_syscalls
454 || (!READ_ONCE(syscall_table->syscall_all_exit) && !test_bit(id, filter->sc_exit))) {
455 /* System call filtered out. */
456 return;
457 }
458 table = sc_exit_table.table;
459 table_len = sc_exit_table.len;
460 unknown_action_list = &syscall_table->unknown_syscall_exit_dispatch;
461 }
462 if (unlikely(id < 0 || id >= table_len)) {
463 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
464 return;
465 }
466
467 entry = &table[id];
468 if (!entry->event_func) {
469 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
470 return;
471 }
472
473 if (unlikely(in_compat_syscall())) {
474 action_list = &syscall_table->compat_syscall_exit_dispatch[id];
475 } else {
476 action_list = &syscall_table->syscall_exit_dispatch[id];
477 }
478 if (unlikely(hlist_empty(action_list)))
479 return;
480
481 syscall_exit_event_call_func(action_list, entry->event_func, entry->nrargs,
482 regs, ret);
483 }
484
485 static
486 struct lttng_kernel_syscall_table *get_syscall_table_from_enabler(struct lttng_event_enabler_common *event_enabler)
487 {
488 switch (event_enabler->enabler_type) {
489 case LTTNG_EVENT_ENABLER_TYPE_RECORDER:
490 {
491 struct lttng_event_recorder_enabler *event_recorder_enabler =
492 container_of(event_enabler, struct lttng_event_recorder_enabler, parent);
493 return &event_recorder_enabler->chan->priv->parent.syscall_table;
494 }
495 case LTTNG_EVENT_ENABLER_TYPE_NOTIFIER:
496 {
497 struct lttng_event_notifier_enabler *event_notifier_enabler =
498 container_of(event_enabler, struct lttng_event_notifier_enabler, parent);
499 return &event_notifier_enabler->group->syscall_table;
500 }
501 default:
502 return NULL;
503 }
504 }
505
506 static
507 struct lttng_kernel_syscall_table *get_syscall_table_from_event(struct lttng_kernel_event_common *event)
508 {
509 switch (event->type) {
510 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
511 {
512 struct lttng_kernel_event_recorder *event_recorder =
513 container_of(event, struct lttng_kernel_event_recorder, parent);
514 return &event_recorder->chan->priv->parent.syscall_table;
515 }
516 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
517 {
518 struct lttng_kernel_event_notifier *event_notifier =
519 container_of(event, struct lttng_kernel_event_notifier, parent);
520 return &event_notifier->priv->group->syscall_table;
521 }
522 default:
523 return NULL;
524 }
525 }
526
527 /*
528 * noinline to diminish caller stack size.
529 * Should be called with sessions lock held.
530 */
531 static
532 int lttng_create_syscall_event_if_missing(const struct trace_syscall_entry *table, size_t table_len,
533 struct hlist_head *chan_table, struct lttng_event_recorder_enabler *syscall_event_enabler,
534 enum sc_type type)
535 {
536 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(&syscall_event_enabler->parent);
537 struct lttng_kernel_channel_buffer *chan = syscall_event_enabler->chan;
538 struct lttng_kernel_session *session = chan->parent.session;
539 unsigned int i;
540
541 /* Allocate events for each syscall matching enabler, insert into table */
542 for (i = 0; i < table_len; i++) {
543 const struct lttng_kernel_event_desc *desc = table[i].desc;
544 struct lttng_event_recorder_enabler *event_enabler;
545 struct lttng_kernel_abi_event ev;
546 struct lttng_kernel_event_recorder_private *event_recorder_priv;
547 struct lttng_kernel_event_recorder *event_recorder;
548 struct hlist_head *head;
549 bool found = false;
550
551 if (!desc) {
552 /* Unknown syscall */
553 continue;
554 }
555 if (lttng_desc_match_enabler(desc,
556 lttng_event_recorder_enabler_as_enabler(syscall_event_enabler)) <= 0)
557 continue;
558 /*
559 * Check if already created.
560 */
561 head = utils_borrow_hash_table_bucket(
562 session->priv->events_ht.table, LTTNG_EVENT_HT_SIZE,
563 desc->event_name);
564 lttng_hlist_for_each_entry(event_recorder_priv, head, hlist) {
565 if (event_recorder_priv->parent.desc == desc
566 && get_syscall_table_from_event(event_recorder_priv->parent.pub) == syscall_table)
567 found = true;
568 }
569 if (found)
570 continue;
571
572 /* We need to create an event for this syscall/enabler. */
573 memset(&ev, 0, sizeof(ev));
574 switch (type) {
575 case SC_TYPE_ENTRY:
576 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
577 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
578 break;
579 case SC_TYPE_EXIT:
580 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
581 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
582 break;
583 case SC_TYPE_COMPAT_ENTRY:
584 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
585 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
586 break;
587 case SC_TYPE_COMPAT_EXIT:
588 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
589 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
590 break;
591 }
592 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1);
593 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
594 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
595 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
596 if (!event_enabler) {
597 return -ENOMEM;
598 }
599 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
600 WARN_ON_ONCE(!event_recorder);
601 lttng_event_enabler_destroy(&event_enabler->parent);
602 if (IS_ERR(event_recorder)) {
603 /*
604 * If something goes wrong in event registration
605 * after the first one, we have no choice but to
606 * leave the previous events in there, until
607 * deleted by session teardown.
608 */
609 return PTR_ERR(event_recorder);
610 }
611 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan_table[i]);
612 }
613 return 0;
614 }
615
616 static
617 int lttng_syscalls_populate_events(struct lttng_event_enabler_common *syscall_event_enabler)
618 {
619 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(syscall_event_enabler);
620 struct lttng_event_recorder_enabler *event_recorder_enabler;
621 struct lttng_kernel_channel_buffer *chan;
622 struct lttng_kernel_abi_event ev;
623 int ret;
624
625 if (syscall_event_enabler->enabler_type != LTTNG_EVENT_ENABLER_TYPE_RECORDER)
626 return 0;
627 event_recorder_enabler = container_of(syscall_event_enabler, struct lttng_event_recorder_enabler, parent);
628 chan = event_recorder_enabler->chan;
629
630 if (hlist_empty(&syscall_table->unknown_syscall_dispatch)) {
631 const struct lttng_kernel_event_desc *desc =
632 &__event_desc___syscall_entry_unknown;
633 struct lttng_kernel_event_recorder *event_recorder;
634 struct lttng_event_recorder_enabler *event_enabler;
635
636 memset(&ev, 0, sizeof(ev));
637 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
638 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
639 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
640 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
641 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
642 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
643 if (!event_enabler) {
644 return -ENOMEM;
645 }
646 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
647 lttng_event_enabler_destroy(&event_enabler->parent);
648 WARN_ON_ONCE(!event_recorder);
649 if (IS_ERR(event_recorder)) {
650 return PTR_ERR(event_recorder);
651 }
652 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->unknown_syscall_dispatch);
653 }
654
655 if (hlist_empty(&syscall_table->compat_unknown_syscall_dispatch)) {
656 const struct lttng_kernel_event_desc *desc =
657 &__event_desc___compat_syscall_entry_unknown;
658 struct lttng_kernel_event_recorder *event_recorder;
659 struct lttng_event_recorder_enabler *event_enabler;
660
661 memset(&ev, 0, sizeof(ev));
662 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
663 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
664 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
665 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
666 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
667 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
668 if (!event_enabler) {
669 return -ENOMEM;
670 }
671 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
672 WARN_ON_ONCE(!event_recorder);
673 lttng_event_enabler_destroy(&event_enabler->parent);
674 if (IS_ERR(event_recorder)) {
675 return PTR_ERR(event_recorder);
676 }
677 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->compat_unknown_syscall_dispatch);
678 }
679
680 if (hlist_empty(&syscall_table->compat_unknown_syscall_exit_dispatch)) {
681 const struct lttng_kernel_event_desc *desc =
682 &__event_desc___compat_syscall_exit_unknown;
683 struct lttng_kernel_event_recorder *event_recorder;
684 struct lttng_event_recorder_enabler *event_enabler;
685
686 memset(&ev, 0, sizeof(ev));
687 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
688 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
689 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
690 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
691 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
692 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
693 if (!event_enabler) {
694 return -ENOMEM;
695 }
696 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
697 WARN_ON_ONCE(!event_recorder);
698 lttng_event_enabler_destroy(&event_enabler->parent);
699 if (IS_ERR(event_recorder)) {
700 return PTR_ERR(event_recorder);
701 }
702 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->compat_unknown_syscall_exit_dispatch);
703 }
704
705 if (hlist_empty(&syscall_table->unknown_syscall_exit_dispatch)) {
706 const struct lttng_kernel_event_desc *desc =
707 &__event_desc___syscall_exit_unknown;
708 struct lttng_kernel_event_recorder *event_recorder;
709 struct lttng_event_recorder_enabler *event_enabler;
710
711 memset(&ev, 0, sizeof(ev));
712 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
713 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
714 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
715 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
716 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
717 event_enabler = lttng_event_recorder_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
718 if (!event_enabler) {
719 return -ENOMEM;
720 }
721 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
722 WARN_ON_ONCE(!event_recorder);
723 lttng_event_enabler_destroy(&event_enabler->parent);
724 if (IS_ERR(event_recorder)) {
725 return PTR_ERR(event_recorder);
726 }
727 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &syscall_table->unknown_syscall_exit_dispatch);
728 }
729
730 ret = lttng_create_syscall_event_if_missing(sc_table.table, sc_table.len,
731 syscall_table->syscall_dispatch, event_recorder_enabler, SC_TYPE_ENTRY);
732 if (ret)
733 return ret;
734 ret = lttng_create_syscall_event_if_missing(sc_exit_table.table, sc_exit_table.len,
735 syscall_table->syscall_exit_dispatch, event_recorder_enabler, SC_TYPE_EXIT);
736 if (ret)
737 return ret;
738
739 #ifdef CONFIG_COMPAT
740 ret = lttng_create_syscall_event_if_missing(compat_sc_table.table, compat_sc_table.len,
741 syscall_table->compat_syscall_dispatch, event_recorder_enabler, SC_TYPE_COMPAT_ENTRY);
742 if (ret)
743 return ret;
744 ret = lttng_create_syscall_event_if_missing(compat_sc_exit_table.table, compat_sc_exit_table.len,
745 syscall_table->compat_syscall_exit_dispatch, event_recorder_enabler, SC_TYPE_COMPAT_EXIT);
746 if (ret)
747 return ret;
748 #endif
749 return ret;
750 }
751
752 /*
753 * Should be called with sessions lock held.
754 */
755 int lttng_syscalls_register_event(struct lttng_event_enabler_common *syscall_event_enabler)
756 {
757 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_enabler(syscall_event_enabler);
758 int ret;
759
760 if (!syscall_table->syscall_dispatch) {
761 /* create syscall table mapping syscall to events */
762 syscall_table->syscall_dispatch = kzalloc(sizeof(struct hlist_head) * sc_table.len, GFP_KERNEL);
763 if (!syscall_table->syscall_dispatch)
764 return -ENOMEM;
765 }
766 if (!syscall_table->syscall_exit_dispatch) {
767 /* create syscall table mapping syscall to events */
768 syscall_table->syscall_exit_dispatch = kzalloc(sizeof(struct hlist_head) * sc_exit_table.len, GFP_KERNEL);
769 if (!syscall_table->syscall_exit_dispatch)
770 return -ENOMEM;
771 }
772
773
774 #ifdef CONFIG_COMPAT
775 if (!syscall_table->compat_syscall_dispatch) {
776 /* create syscall table mapping compat syscall to events */
777 syscall_table->compat_syscall_dispatch = kzalloc(sizeof(struct hlist_head) * compat_sc_table.len, GFP_KERNEL);
778 if (!syscall_table->compat_syscall_dispatch)
779 return -ENOMEM;
780 }
781
782 if (!syscall_table->compat_syscall_exit_dispatch) {
783 /* create syscall table mapping compat syscall to events */
784 syscall_table->compat_syscall_exit_dispatch = kzalloc(sizeof(struct hlist_head) * compat_sc_exit_table.len, GFP_KERNEL);
785 if (!syscall_table->compat_syscall_exit_dispatch)
786 return -ENOMEM;
787 }
788 #endif
789 if (!syscall_table->sc_filter) {
790 syscall_table->sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
791 GFP_KERNEL);
792 if (!syscall_table->sc_filter)
793 return -ENOMEM;
794 }
795
796 ret = lttng_syscalls_populate_events(syscall_event_enabler);
797 if (ret)
798 return ret;
799
800 wrapper_vmalloc_sync_mappings();
801
802 if (!syscall_table->sys_enter_registered) {
803 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
804 (void *) syscall_entry_event_probe, syscall_table);
805 if (ret)
806 return ret;
807 syscall_table->sys_enter_registered = 1;
808 }
809 if (!syscall_table->sys_exit_registered) {
810 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
811 (void *) syscall_exit_event_probe, syscall_table);
812 if (ret) {
813 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
814 (void *) syscall_entry_event_probe, syscall_table));
815 return ret;
816 }
817 syscall_table->sys_exit_registered = 1;
818 }
819 return ret;
820 }
821
822 static
823 int create_unknown_event_notifier(
824 struct lttng_event_notifier_enabler *event_notifier_enabler,
825 enum sc_type type)
826 {
827 struct lttng_kernel_event_notifier_private *event_notifier_priv;
828 struct lttng_kernel_event_notifier *event_notifier;
829 const struct lttng_kernel_event_desc *desc;
830 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
831 struct lttng_kernel_syscall_table *syscall_table = &group->syscall_table;
832 struct lttng_kernel_abi_event_notifier event_notifier_param;
833 uint64_t user_token = event_notifier_enabler->parent.user_token;
834 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
835 struct lttng_event_enabler_common *base_enabler = lttng_event_notifier_enabler_as_enabler(
836 event_notifier_enabler);
837 struct hlist_head *unknown_dispatch_list;
838 int ret = 0;
839 bool found = false;
840 enum lttng_kernel_abi_syscall_abi abi;
841 enum lttng_kernel_abi_syscall_entryexit entryexit;
842 struct hlist_head *head;
843
844 switch (type) {
845 case SC_TYPE_ENTRY:
846 desc = &__event_desc___syscall_entry_unknown;
847 unknown_dispatch_list = &syscall_table->unknown_syscall_dispatch;
848 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
849 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
850 break;
851 case SC_TYPE_EXIT:
852 desc = &__event_desc___syscall_exit_unknown;
853 unknown_dispatch_list = &syscall_table->unknown_syscall_exit_dispatch;
854 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
855 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
856 break;
857 case SC_TYPE_COMPAT_ENTRY:
858 desc = &__event_desc___compat_syscall_entry_unknown;
859 unknown_dispatch_list = &syscall_table->compat_unknown_syscall_dispatch;
860 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
861 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
862 break;
863 case SC_TYPE_COMPAT_EXIT:
864 desc = &__event_desc___compat_syscall_exit_unknown;
865 unknown_dispatch_list = &syscall_table->compat_unknown_syscall_exit_dispatch;
866 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
867 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
868 break;
869 default:
870 BUG_ON(1);
871 }
872
873 /*
874 * Check if already created.
875 */
876 head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
877 LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->event_name);
878 lttng_hlist_for_each_entry(event_notifier_priv, head, hlist) {
879 if (event_notifier_priv->parent.desc == desc &&
880 event_notifier_priv->parent.user_token == base_enabler->user_token)
881 found = true;
882 }
883 if (found)
884 goto end;
885
886 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
887 strncat(event_notifier_param.event.name, desc->event_name,
888 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
889
890 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
891
892 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
893 event_notifier_param.event.u.syscall.abi = abi;
894 event_notifier_param.event.u.syscall.entryexit = entryexit;
895
896 event_notifier = _lttng_event_notifier_create(desc, user_token,
897 error_counter_index, group, &event_notifier_param,
898 event_notifier_param.event.instrumentation);
899 if (IS_ERR(event_notifier)) {
900 printk(KERN_INFO "Unable to create unknown notifier %s\n",
901 desc->event_name);
902 ret = -ENOMEM;
903 goto end;
904 }
905
906 hlist_add_head_rcu(&event_notifier->priv->parent.u.syscall.node, unknown_dispatch_list);
907
908 end:
909 return ret;
910 }
911
912 static int create_matching_event_notifiers(
913 struct lttng_event_notifier_enabler *event_notifier_enabler,
914 const struct trace_syscall_entry *table,
915 size_t table_len, enum sc_type type)
916 {
917 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
918 const struct lttng_kernel_event_desc *desc;
919 uint64_t user_token = event_notifier_enabler->parent.user_token;
920 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
921 unsigned int i;
922 int ret = 0;
923
924 /* iterate over all syscall and create event_notifier that match */
925 for (i = 0; i < table_len; i++) {
926 struct lttng_kernel_event_notifier_private *event_notifier_priv;
927 struct lttng_kernel_event_notifier *event_notifier;
928 struct lttng_kernel_abi_event_notifier event_notifier_param;
929 struct hlist_head *head;
930 int found = 0;
931
932 desc = table[i].desc;
933 if (!desc) {
934 /* Unknown syscall */
935 continue;
936 }
937
938 if (!lttng_desc_match_enabler(desc,
939 lttng_event_notifier_enabler_as_enabler(event_notifier_enabler)))
940 continue;
941
942 /*
943 * Check if already created.
944 */
945 head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
946 LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->event_name);
947 lttng_hlist_for_each_entry(event_notifier_priv, head, hlist) {
948 if (event_notifier_priv->parent.desc == desc
949 && event_notifier_priv->parent.user_token == event_notifier_enabler->parent.user_token)
950 found = 1;
951 }
952 if (found)
953 continue;
954
955 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
956 switch (type) {
957 case SC_TYPE_ENTRY:
958 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
959 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
960 break;
961 case SC_TYPE_EXIT:
962 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
963 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
964 break;
965 case SC_TYPE_COMPAT_ENTRY:
966 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
967 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
968 break;
969 case SC_TYPE_COMPAT_EXIT:
970 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
971 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
972 break;
973 }
974 strncat(event_notifier_param.event.name, desc->event_name,
975 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
976 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
977 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
978
979 event_notifier = _lttng_event_notifier_create(desc, user_token,
980 error_counter_index, group, &event_notifier_param,
981 event_notifier_param.event.instrumentation);
982 if (IS_ERR(event_notifier)) {
983 printk(KERN_INFO "Unable to create event_notifier %s\n",
984 desc->event_name);
985 ret = -ENOMEM;
986 goto end;
987 }
988
989 event_notifier->priv->parent.u.syscall.syscall_id = i;
990 }
991
992 end:
993 return ret;
994
995 }
996
997 int lttng_syscalls_create_matching_event_notifiers(
998 struct lttng_event_notifier_enabler *event_notifier_enabler)
999 {
1000 int ret;
1001 struct lttng_event_enabler_common *base_enabler =
1002 lttng_event_notifier_enabler_as_enabler(event_notifier_enabler);
1003 enum lttng_kernel_abi_syscall_entryexit entryexit =
1004 base_enabler->event_param.u.syscall.entryexit;
1005
1006 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRY || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1007 ret = create_matching_event_notifiers(event_notifier_enabler,
1008 sc_table.table, sc_table.len, SC_TYPE_ENTRY);
1009 if (ret)
1010 goto end;
1011
1012 ret = create_matching_event_notifiers(event_notifier_enabler,
1013 compat_sc_table.table, compat_sc_table.len,
1014 SC_TYPE_COMPAT_ENTRY);
1015 if (ret)
1016 goto end;
1017
1018 ret = create_unknown_event_notifier(event_notifier_enabler,
1019 SC_TYPE_ENTRY);
1020 if (ret)
1021 goto end;
1022
1023 ret = create_unknown_event_notifier(event_notifier_enabler,
1024 SC_TYPE_COMPAT_ENTRY);
1025 if (ret)
1026 goto end;
1027 }
1028
1029 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_EXIT || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1030 ret = create_matching_event_notifiers(event_notifier_enabler,
1031 sc_exit_table.table, sc_exit_table.len,
1032 SC_TYPE_EXIT);
1033 if (ret)
1034 goto end;
1035
1036 ret = create_unknown_event_notifier(event_notifier_enabler,
1037 SC_TYPE_EXIT);
1038 if (ret)
1039 goto end;
1040
1041 ret = create_matching_event_notifiers(event_notifier_enabler,
1042 compat_sc_exit_table.table, compat_sc_exit_table.len,
1043 SC_TYPE_COMPAT_EXIT);
1044 if (ret)
1045 goto end;
1046
1047 ret = create_unknown_event_notifier(event_notifier_enabler,
1048 SC_TYPE_COMPAT_EXIT);
1049 if (ret)
1050 goto end;
1051 }
1052
1053 end:
1054 return ret;
1055 }
1056
1057 int lttng_syscalls_unregister_syscall_table(struct lttng_kernel_syscall_table *syscall_table)
1058 {
1059 int ret;
1060
1061 if (!syscall_table->syscall_dispatch)
1062 return 0;
1063 if (syscall_table->sys_enter_registered) {
1064 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1065 (void *) syscall_entry_event_probe, syscall_table);
1066 if (ret)
1067 return ret;
1068 syscall_table->sys_enter_registered = 0;
1069 }
1070 if (syscall_table->sys_exit_registered) {
1071 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1072 (void *) syscall_exit_event_probe, syscall_table);
1073 if (ret)
1074 return ret;
1075 syscall_table->sys_exit_registered = 0;
1076 }
1077 return 0;
1078 }
1079
1080 int lttng_syscalls_destroy_syscall_table(struct lttng_kernel_syscall_table *syscall_table)
1081 {
1082 kfree(syscall_table->syscall_dispatch);
1083 kfree(syscall_table->syscall_exit_dispatch);
1084 #ifdef CONFIG_COMPAT
1085 kfree(syscall_table->compat_syscall_dispatch);
1086 kfree(syscall_table->compat_syscall_exit_dispatch);
1087 #endif
1088 kfree(syscall_table->sc_filter);
1089 return 0;
1090 }
1091
1092 static
1093 int get_syscall_nr(const char *syscall_name)
1094 {
1095 int syscall_nr = -1;
1096 int i;
1097
1098 for (i = 0; i < sc_table.len; i++) {
1099 const struct trace_syscall_entry *entry;
1100 const char *it_name;
1101
1102 entry = &sc_table.table[i];
1103 if (!entry->desc)
1104 continue;
1105 it_name = entry->desc->event_name;
1106 it_name += strlen(SYSCALL_ENTRY_STR);
1107 if (!strcmp(syscall_name, it_name)) {
1108 syscall_nr = i;
1109 break;
1110 }
1111 }
1112 return syscall_nr;
1113 }
1114
1115 static
1116 int get_compat_syscall_nr(const char *syscall_name)
1117 {
1118 int syscall_nr = -1;
1119 int i;
1120
1121 for (i = 0; i < compat_sc_table.len; i++) {
1122 const struct trace_syscall_entry *entry;
1123 const char *it_name;
1124
1125 entry = &compat_sc_table.table[i];
1126 if (!entry->desc)
1127 continue;
1128 it_name = entry->desc->event_name;
1129 it_name += strlen(COMPAT_SYSCALL_ENTRY_STR);
1130 if (!strcmp(syscall_name, it_name)) {
1131 syscall_nr = i;
1132 break;
1133 }
1134 }
1135 return syscall_nr;
1136 }
1137
1138 static
1139 uint32_t get_sc_tables_len(void)
1140 {
1141 return sc_table.len + compat_sc_table.len;
1142 }
1143
1144 static
1145 const char *get_syscall_name(const char *desc_name,
1146 enum lttng_syscall_abi abi,
1147 enum lttng_syscall_entryexit entryexit)
1148 {
1149 size_t prefix_len = 0;
1150
1151
1152 switch (entryexit) {
1153 case LTTNG_SYSCALL_ENTRY:
1154 switch (abi) {
1155 case LTTNG_SYSCALL_ABI_NATIVE:
1156 prefix_len = strlen(SYSCALL_ENTRY_STR);
1157 break;
1158 case LTTNG_SYSCALL_ABI_COMPAT:
1159 prefix_len = strlen(COMPAT_SYSCALL_ENTRY_STR);
1160 break;
1161 }
1162 break;
1163 case LTTNG_SYSCALL_EXIT:
1164 switch (abi) {
1165 case LTTNG_SYSCALL_ABI_NATIVE:
1166 prefix_len = strlen(SYSCALL_EXIT_STR);
1167 break;
1168 case LTTNG_SYSCALL_ABI_COMPAT:
1169 prefix_len = strlen(COMPAT_SYSCALL_EXIT_STR);
1170 break;
1171 }
1172 break;
1173 }
1174 WARN_ON_ONCE(prefix_len == 0);
1175 return desc_name + prefix_len;
1176 }
1177
1178 static
1179 int lttng_syscall_filter_enable(
1180 struct lttng_syscall_filter *filter,
1181 const char *desc_name, enum lttng_syscall_abi abi,
1182 enum lttng_syscall_entryexit entryexit)
1183 {
1184 const char *syscall_name;
1185 unsigned long *bitmap;
1186 int syscall_nr;
1187
1188 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1189
1190 switch (abi) {
1191 case LTTNG_SYSCALL_ABI_NATIVE:
1192 syscall_nr = get_syscall_nr(syscall_name);
1193 break;
1194 case LTTNG_SYSCALL_ABI_COMPAT:
1195 syscall_nr = get_compat_syscall_nr(syscall_name);
1196 break;
1197 default:
1198 return -EINVAL;
1199 }
1200 if (syscall_nr < 0)
1201 return -ENOENT;
1202
1203 switch (entryexit) {
1204 case LTTNG_SYSCALL_ENTRY:
1205 switch (abi) {
1206 case LTTNG_SYSCALL_ABI_NATIVE:
1207 bitmap = filter->sc_entry;
1208 break;
1209 case LTTNG_SYSCALL_ABI_COMPAT:
1210 bitmap = filter->sc_compat_entry;
1211 break;
1212 default:
1213 return -EINVAL;
1214 }
1215 break;
1216 case LTTNG_SYSCALL_EXIT:
1217 switch (abi) {
1218 case LTTNG_SYSCALL_ABI_NATIVE:
1219 bitmap = filter->sc_exit;
1220 break;
1221 case LTTNG_SYSCALL_ABI_COMPAT:
1222 bitmap = filter->sc_compat_exit;
1223 break;
1224 default:
1225 return -EINVAL;
1226 }
1227 break;
1228 default:
1229 return -EINVAL;
1230 }
1231 if (test_bit(syscall_nr, bitmap))
1232 return -EEXIST;
1233 bitmap_set(bitmap, syscall_nr, 1);
1234 return 0;
1235 }
1236
1237 int lttng_syscall_filter_enable_event(struct lttng_kernel_event_common *event)
1238 {
1239 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_event(event);
1240 int ret;
1241
1242 WARN_ON_ONCE(event->priv->instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1243
1244 ret = lttng_syscall_filter_enable(syscall_table->sc_filter,
1245 event->priv->desc->event_name, event->priv->u.syscall.abi,
1246 event->priv->u.syscall.entryexit);
1247 if (ret)
1248 return ret;
1249
1250 switch (event->type) {
1251 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
1252 break;
1253 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
1254 {
1255 unsigned int syscall_id = event->priv->u.syscall.syscall_id;
1256 struct hlist_head *dispatch_list;
1257
1258 switch (event->priv->u.syscall.entryexit) {
1259 case LTTNG_SYSCALL_ENTRY:
1260 switch (event->priv->u.syscall.abi) {
1261 case LTTNG_SYSCALL_ABI_NATIVE:
1262 dispatch_list = &syscall_table->syscall_dispatch[syscall_id];
1263 break;
1264 case LTTNG_SYSCALL_ABI_COMPAT:
1265 dispatch_list = &syscall_table->compat_syscall_dispatch[syscall_id];
1266 break;
1267 default:
1268 ret = -EINVAL;
1269 goto end;
1270 }
1271 break;
1272 case LTTNG_SYSCALL_EXIT:
1273 switch (event->priv->u.syscall.abi) {
1274 case LTTNG_SYSCALL_ABI_NATIVE:
1275 dispatch_list = &syscall_table->syscall_exit_dispatch[syscall_id];
1276 break;
1277 case LTTNG_SYSCALL_ABI_COMPAT:
1278 dispatch_list = &syscall_table->compat_syscall_exit_dispatch[syscall_id];
1279 break;
1280 default:
1281 ret = -EINVAL;
1282 goto end;
1283 }
1284 break;
1285 default:
1286 ret = -EINVAL;
1287 goto end;
1288 }
1289
1290 hlist_add_head_rcu(&event->priv->u.syscall.node, dispatch_list);
1291 break;
1292 }
1293 default:
1294 WARN_ON_ONCE(1);
1295 return -ENOSYS;
1296 }
1297 end:
1298 return ret;
1299 }
1300
1301 static
1302 int lttng_syscall_filter_disable(struct lttng_syscall_filter *filter,
1303 const char *desc_name, enum lttng_syscall_abi abi,
1304 enum lttng_syscall_entryexit entryexit)
1305 {
1306 const char *syscall_name;
1307 unsigned long *bitmap;
1308 int syscall_nr;
1309
1310 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1311
1312 switch (abi) {
1313 case LTTNG_SYSCALL_ABI_NATIVE:
1314 syscall_nr = get_syscall_nr(syscall_name);
1315 break;
1316 case LTTNG_SYSCALL_ABI_COMPAT:
1317 syscall_nr = get_compat_syscall_nr(syscall_name);
1318 break;
1319 default:
1320 return -EINVAL;
1321 }
1322 if (syscall_nr < 0)
1323 return -ENOENT;
1324
1325 switch (entryexit) {
1326 case LTTNG_SYSCALL_ENTRY:
1327 switch (abi) {
1328 case LTTNG_SYSCALL_ABI_NATIVE:
1329 bitmap = filter->sc_entry;
1330 break;
1331 case LTTNG_SYSCALL_ABI_COMPAT:
1332 bitmap = filter->sc_compat_entry;
1333 break;
1334 default:
1335 return -EINVAL;
1336 }
1337 break;
1338 case LTTNG_SYSCALL_EXIT:
1339 switch (abi) {
1340 case LTTNG_SYSCALL_ABI_NATIVE:
1341 bitmap = filter->sc_exit;
1342 break;
1343 case LTTNG_SYSCALL_ABI_COMPAT:
1344 bitmap = filter->sc_compat_exit;
1345 break;
1346 default:
1347 return -EINVAL;
1348 }
1349 break;
1350 default:
1351 return -EINVAL;
1352 }
1353 if (!test_bit(syscall_nr, bitmap))
1354 return -EEXIST;
1355 bitmap_clear(bitmap, syscall_nr, 1);
1356
1357 return 0;
1358 }
1359
1360 int lttng_syscall_filter_disable_event(struct lttng_kernel_event_common *event)
1361 {
1362 struct lttng_kernel_syscall_table *syscall_table = get_syscall_table_from_event(event);
1363 int ret;
1364
1365 ret = lttng_syscall_filter_disable(syscall_table->sc_filter,
1366 event->priv->desc->event_name, event->priv->u.syscall.abi,
1367 event->priv->u.syscall.entryexit);
1368 if (ret)
1369 return ret;
1370
1371 switch (event->type) {
1372 case LTTNG_KERNEL_EVENT_TYPE_RECORDER:
1373 break;
1374 case LTTNG_KERNEL_EVENT_TYPE_NOTIFIER:
1375 {
1376 hlist_del_rcu(&event->priv->u.syscall.node);
1377 break;
1378 }
1379 default:
1380 WARN_ON_ONCE(1);
1381 return -ENOSYS;
1382 }
1383 return 0;
1384 }
1385
1386 static
1387 const struct trace_syscall_entry *syscall_list_get_entry(loff_t *pos)
1388 {
1389 const struct trace_syscall_entry *entry;
1390 int iter = 0;
1391
1392 for (entry = sc_table.table;
1393 entry < sc_table.table + sc_table.len;
1394 entry++) {
1395 if (iter++ >= *pos)
1396 return entry;
1397 }
1398 for (entry = compat_sc_table.table;
1399 entry < compat_sc_table.table + compat_sc_table.len;
1400 entry++) {
1401 if (iter++ >= *pos)
1402 return entry;
1403 }
1404 /* End of list */
1405 return NULL;
1406 }
1407
1408 static
1409 void *syscall_list_start(struct seq_file *m, loff_t *pos)
1410 {
1411 return (void *) syscall_list_get_entry(pos);
1412 }
1413
1414 static
1415 void *syscall_list_next(struct seq_file *m, void *p, loff_t *ppos)
1416 {
1417 (*ppos)++;
1418 return (void *) syscall_list_get_entry(ppos);
1419 }
1420
1421 static
1422 void syscall_list_stop(struct seq_file *m, void *p)
1423 {
1424 }
1425
1426 static
1427 int get_sc_table(const struct trace_syscall_entry *entry,
1428 const struct trace_syscall_entry **table,
1429 unsigned int *bitness)
1430 {
1431 if (entry >= sc_table.table && entry < sc_table.table + sc_table.len) {
1432 if (bitness)
1433 *bitness = BITS_PER_LONG;
1434 if (table)
1435 *table = sc_table.table;
1436 return 0;
1437 }
1438 if (!(entry >= compat_sc_table.table
1439 && entry < compat_sc_table.table + compat_sc_table.len)) {
1440 return -EINVAL;
1441 }
1442 if (bitness)
1443 *bitness = 32;
1444 if (table)
1445 *table = compat_sc_table.table;
1446 return 0;
1447 }
1448
1449 static
1450 int syscall_list_show(struct seq_file *m, void *p)
1451 {
1452 const struct trace_syscall_entry *table, *entry = p;
1453 unsigned int bitness;
1454 unsigned long index;
1455 int ret;
1456 const char *name;
1457
1458 ret = get_sc_table(entry, &table, &bitness);
1459 if (ret)
1460 return ret;
1461 if (!entry->desc)
1462 return 0;
1463 if (table == sc_table.table) {
1464 index = entry - table;
1465 name = &entry->desc->event_name[strlen(SYSCALL_ENTRY_STR)];
1466 } else {
1467 index = (entry - table) + sc_table.len;
1468 name = &entry->desc->event_name[strlen(COMPAT_SYSCALL_ENTRY_STR)];
1469 }
1470 seq_printf(m, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1471 index, name, bitness);
1472 return 0;
1473 }
1474
1475 static
1476 const struct seq_operations lttng_syscall_list_seq_ops = {
1477 .start = syscall_list_start,
1478 .next = syscall_list_next,
1479 .stop = syscall_list_stop,
1480 .show = syscall_list_show,
1481 };
1482
1483 static
1484 int lttng_syscall_list_open(struct inode *inode, struct file *file)
1485 {
1486 return seq_open(file, &lttng_syscall_list_seq_ops);
1487 }
1488
1489 const struct file_operations lttng_syscall_list_fops = {
1490 .owner = THIS_MODULE,
1491 .open = lttng_syscall_list_open,
1492 .read = seq_read,
1493 .llseek = seq_lseek,
1494 .release = seq_release,
1495 };
1496
1497 /*
1498 * A syscall is enabled if it is traced for either entry or exit.
1499 */
1500 long lttng_syscall_table_get_active_mask(struct lttng_kernel_syscall_table *syscall_table,
1501 struct lttng_kernel_abi_syscall_mask __user *usyscall_mask)
1502 {
1503 uint32_t len, sc_tables_len, bitmask_len;
1504 int ret = 0, bit;
1505 char *tmp_mask;
1506 struct lttng_syscall_filter *filter;
1507
1508 ret = get_user(len, &usyscall_mask->len);
1509 if (ret)
1510 return ret;
1511 sc_tables_len = get_sc_tables_len();
1512 bitmask_len = ALIGN(sc_tables_len, 8) >> 3;
1513 if (len < sc_tables_len) {
1514 return put_user(sc_tables_len, &usyscall_mask->len);
1515 }
1516 /* Array is large enough, we can copy array to user-space. */
1517 tmp_mask = kzalloc(bitmask_len, GFP_KERNEL);
1518 if (!tmp_mask)
1519 return -ENOMEM;
1520 filter = syscall_table->sc_filter;
1521
1522 for (bit = 0; bit < sc_table.len; bit++) {
1523 char state;
1524
1525 if (syscall_table->syscall_dispatch) {
1526 if (!(READ_ONCE(syscall_table->syscall_all_entry)
1527 || READ_ONCE(syscall_table->syscall_all_exit)) && filter)
1528 state = test_bit(bit, filter->sc_entry)
1529 || test_bit(bit, filter->sc_exit);
1530 else
1531 state = 1;
1532 } else {
1533 state = 0;
1534 }
1535 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1536 }
1537 for (; bit < sc_tables_len; bit++) {
1538 char state;
1539
1540 if (syscall_table->compat_syscall_dispatch) {
1541 if (!(READ_ONCE(syscall_table->syscall_all_entry)
1542 || READ_ONCE(syscall_table->syscall_all_exit)) && filter)
1543 state = test_bit(bit - sc_table.len,
1544 filter->sc_compat_entry)
1545 || test_bit(bit - sc_table.len,
1546 filter->sc_compat_exit);
1547 else
1548 state = 1;
1549 } else {
1550 state = 0;
1551 }
1552 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1553 }
1554 if (copy_to_user(usyscall_mask->mask, tmp_mask, bitmask_len))
1555 ret = -EFAULT;
1556 kfree(tmp_mask);
1557 return ret;
1558 }
1559
1560 int lttng_abi_syscall_list(void)
1561 {
1562 struct file *syscall_list_file;
1563 int file_fd, ret;
1564
1565 file_fd = lttng_get_unused_fd();
1566 if (file_fd < 0) {
1567 ret = file_fd;
1568 goto fd_error;
1569 }
1570
1571 syscall_list_file = anon_inode_getfile("[lttng_syscall_list]",
1572 &lttng_syscall_list_fops,
1573 NULL, O_RDWR);
1574 if (IS_ERR(syscall_list_file)) {
1575 ret = PTR_ERR(syscall_list_file);
1576 goto file_error;
1577 }
1578 ret = lttng_syscall_list_fops.open(NULL, syscall_list_file);
1579 if (ret < 0)
1580 goto open_error;
1581 fd_install(file_fd, syscall_list_file);
1582 return file_fd;
1583
1584 open_error:
1585 fput(syscall_list_file);
1586 file_error:
1587 put_unused_fd(file_fd);
1588 fd_error:
1589 return ret;
1590 }
LTTng 2.0/0.x modules
This page took 0.081415 seconds and 4 git commands to generate.