projects / lttng-modules.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Refactoring: struct lttng_channel
[lttng-modules.git] / src / lttng-syscalls.c
1 /* SPDX-License-Identifier: (GPL-2.0-only or LGPL-2.1-only)
2 *
3 * lttng-syscalls.c
4 *
5 * LTTng syscall probes.
6 *
7 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 */
9
10 #include <linux/module.h>
11 #include <linux/slab.h>
12 #include <linux/compat.h>
13 #include <linux/err.h>
14 #include <linux/bitmap.h>
15 #include <linux/in.h>
16 #include <linux/in6.h>
17 #include <linux/seq_file.h>
18 #include <linux/stringify.h>
19 #include <linux/file.h>
20 #include <linux/anon_inodes.h>
21 #include <linux/fcntl.h>
22 #include <linux/mman.h>
23 #include <asm/ptrace.h>
24 #include <asm/syscall.h>
25
26 #include <lttng/bitfield.h>
27 #include <wrapper/tracepoint.h>
28 #include <wrapper/file.h>
29 #include <wrapper/rcu.h>
30 #include <wrapper/syscall.h>
31 #include <lttng/events.h>
32 #include <lttng/events-internal.h>
33 #include <lttng/utils.h>
34
35 #include "lttng-syscalls.h"
36
37 #ifndef CONFIG_COMPAT
38 # ifndef is_compat_task
39 # define is_compat_task() (0)
40 # endif
41 #endif
42
43 /* in_compat_syscall appears in kernel 4.6. */
44 #ifndef in_compat_syscall
45 #define in_compat_syscall() is_compat_task()
46 #endif
47
48 enum sc_type {
49 SC_TYPE_ENTRY,
50 SC_TYPE_EXIT,
51 SC_TYPE_COMPAT_ENTRY,
52 SC_TYPE_COMPAT_EXIT,
53 };
54
55 #define SYSCALL_ENTRY_TOK syscall_entry_
56 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
57 #define SYSCALL_EXIT_TOK syscall_exit_
58 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
59
60 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
61 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
62 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
63 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
64
65 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id);
66 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret);
67
68 void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs,
69 long id);
70 void syscall_exit_event_notifier_probe(void *__data, struct pt_regs *regs,
71 long ret);
72
73 /*
74 * Forward declarations for old kernels.
75 */
76 struct mmsghdr;
77 struct rlimit64;
78 struct oldold_utsname;
79 struct old_utsname;
80 struct sel_arg_struct;
81 struct mmap_arg_struct;
82 struct file_handle;
83 struct user_msghdr;
84
85 /*
86 * Forward declaration for kernels >= 5.6
87 */
88 struct timex;
89 struct timeval;
90 struct itimerval;
91 struct itimerspec;
92
93 #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,6,0))
94 typedef __kernel_old_time_t time_t;
95 #endif
96
97 #ifdef IA32_NR_syscalls
98 #define NR_compat_syscalls IA32_NR_syscalls
99 #else
100 #define NR_compat_syscalls NR_syscalls
101 #endif
102
103 /*
104 * Create LTTng tracepoint probes.
105 */
106 #define LTTNG_PACKAGE_BUILD
107 #define CREATE_TRACE_POINTS
108 #define TP_MODULE_NOINIT
109 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
110
111 #define PARAMS(args...) args
112
113 /* Handle unknown syscalls */
114 #undef TRACE_SYSTEM
115 #define TRACE_SYSTEM syscalls_unknown
116 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
117 #undef TRACE_SYSTEM
118
119 #undef TP_PROBE_CB
120
121 extern const struct trace_syscall_table sc_table;
122 extern const struct trace_syscall_table compat_sc_table;
123
124 /* Event syscall exit table */
125 extern const struct trace_syscall_table sc_exit_table;
126 extern const struct trace_syscall_table compat_sc_exit_table;
127
128
129 #undef SC_EXIT
130
131 #undef CREATE_SYSCALL_TABLE
132
133 struct lttng_syscall_filter {
134 DECLARE_BITMAP(sc_entry, NR_syscalls);
135 DECLARE_BITMAP(sc_exit, NR_syscalls);
136 DECLARE_BITMAP(sc_compat_entry, NR_compat_syscalls);
137 DECLARE_BITMAP(sc_compat_exit, NR_compat_syscalls);
138 };
139
140 static void syscall_entry_event_unknown(struct hlist_head *unknown_action_list_head,
141 struct pt_regs *regs, long id)
142 {
143 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
144 struct lttng_kernel_event_common_private *event_priv;
145
146 lttng_syscall_get_arguments(current, regs, args);
147 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
148 if (unlikely(in_compat_syscall()))
149 __event_probe__compat_syscall_entry_unknown(event_priv->pub, id, args);
150 else
151 __event_probe__syscall_entry_unknown(event_priv->pub, id, args);
152 }
153 }
154
155 static __always_inline
156 void syscall_entry_event_call_func(struct hlist_head *action_list,
157 void *func, unsigned int nrargs,
158 struct pt_regs *regs)
159 {
160 struct lttng_kernel_event_common_private *event_priv;
161
162 switch (nrargs) {
163 case 0:
164 {
165 void (*fptr)(void *__data) = func;
166
167 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
168 fptr(event_priv->pub);
169 break;
170 }
171 case 1:
172 {
173 void (*fptr)(void *__data, unsigned long arg0) = func;
174 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
175
176 lttng_syscall_get_arguments(current, regs, args);
177 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
178 fptr(event_priv->pub, args[0]);
179 break;
180 }
181 case 2:
182 {
183 void (*fptr)(void *__data,
184 unsigned long arg0,
185 unsigned long arg1) = func;
186 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
187
188 lttng_syscall_get_arguments(current, regs, args);
189 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
190 fptr(event_priv->pub, args[0], args[1]);
191 break;
192 }
193 case 3:
194 {
195 void (*fptr)(void *__data,
196 unsigned long arg0,
197 unsigned long arg1,
198 unsigned long arg2) = func;
199 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
200
201 lttng_syscall_get_arguments(current, regs, args);
202 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
203 fptr(event_priv->pub, args[0], args[1], args[2]);
204 break;
205 }
206 case 4:
207 {
208 void (*fptr)(void *__data,
209 unsigned long arg0,
210 unsigned long arg1,
211 unsigned long arg2,
212 unsigned long arg3) = func;
213 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
214
215 lttng_syscall_get_arguments(current, regs, args);
216 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
217 fptr(event_priv->pub, args[0], args[1], args[2], args[3]);
218 break;
219 }
220 case 5:
221 {
222 void (*fptr)(void *__data,
223 unsigned long arg0,
224 unsigned long arg1,
225 unsigned long arg2,
226 unsigned long arg3,
227 unsigned long arg4) = func;
228 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
229
230 lttng_syscall_get_arguments(current, regs, args);
231 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
232 fptr(event_priv->pub, args[0], args[1], args[2], args[3], args[4]);
233 break;
234 }
235 case 6:
236 {
237 void (*fptr)(void *__data,
238 unsigned long arg0,
239 unsigned long arg1,
240 unsigned long arg2,
241 unsigned long arg3,
242 unsigned long arg4,
243 unsigned long arg5) = func;
244 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
245
246 lttng_syscall_get_arguments(current, regs, args);
247 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
248 fptr(event_priv->pub, args[0], args[1], args[2],
249 args[3], args[4], args[5]);
250 break;
251 }
252 default:
253 break;
254 }
255 }
256
257 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id)
258 {
259 struct lttng_kernel_channel_buffer *chan = __data;
260 struct hlist_head *action_list, *unknown_action_list;
261 const struct trace_syscall_entry *table, *entry;
262 size_t table_len;
263
264 if (unlikely(in_compat_syscall())) {
265 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
266
267 if (id < 0 || id >= NR_compat_syscalls
268 || (!READ_ONCE(chan->priv->parent.syscall_all_entry) && !test_bit(id, filter->sc_compat_entry))) {
269 /* System call filtered out. */
270 return;
271 }
272 table = compat_sc_table.table;
273 table_len = compat_sc_table.len;
274 unknown_action_list = &chan->priv->parent.sc_compat_unknown;
275 } else {
276 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
277
278 if (id < 0 || id >= NR_syscalls
279 || (!READ_ONCE(chan->priv->parent.syscall_all_entry) && !test_bit(id, filter->sc_entry))) {
280 /* System call filtered out. */
281 return;
282 }
283 table = sc_table.table;
284 table_len = sc_table.len;
285 unknown_action_list = &chan->priv->parent.sc_unknown;
286 }
287 if (unlikely(id < 0 || id >= table_len)) {
288 syscall_entry_event_unknown(unknown_action_list, regs, id);
289 return;
290 }
291
292 entry = &table[id];
293 if (!entry->event_func) {
294 syscall_entry_event_unknown(unknown_action_list, regs, id);
295 return;
296 }
297
298 if (unlikely(in_compat_syscall())) {
299 action_list = &chan->priv->parent.compat_sc_table[id];
300 } else {
301 action_list = &chan->priv->parent.sc_table[id];
302 }
303 if (unlikely(hlist_empty(action_list)))
304 return;
305
306 syscall_entry_event_call_func(action_list, entry->event_func, entry->nrargs, regs);
307 }
308
309 void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs,
310 long id)
311 {
312 struct lttng_event_notifier_group *group = __data;
313 const struct trace_syscall_entry *table, *entry;
314 struct hlist_head *dispatch_list, *unknown_dispatch_list;
315 size_t table_len;
316
317 if (unlikely(in_compat_syscall())) {
318 struct lttng_syscall_filter *filter = group->sc_filter;
319
320 if (id < 0 || id >= NR_compat_syscalls
321 || (!READ_ONCE(group->syscall_all_entry) &&
322 !test_bit(id, filter->sc_compat_entry))) {
323 /* System call filtered out. */
324 return;
325 }
326 table = compat_sc_table.table;
327 table_len = compat_sc_table.len;
328 unknown_dispatch_list = &group->event_notifier_compat_unknown_syscall_dispatch;
329 } else {
330 struct lttng_syscall_filter *filter = group->sc_filter;
331
332 if (id < 0 || id >= NR_syscalls
333 || (!READ_ONCE(group->syscall_all_entry) &&
334 !test_bit(id, filter->sc_entry))) {
335 /* System call filtered out. */
336 return;
337 }
338 table = sc_table.table;
339 table_len = sc_table.len;
340 unknown_dispatch_list = &group->event_notifier_unknown_syscall_dispatch;
341 }
342 /* Check if the syscall id is out of bound. */
343 if (unlikely(id < 0 || id >= table_len)) {
344 syscall_entry_event_unknown(unknown_dispatch_list,
345 regs, id);
346 return;
347 }
348
349 entry = &table[id];
350 if (!entry->event_func) {
351 syscall_entry_event_unknown(unknown_dispatch_list,
352 regs, id);
353 return;
354 }
355
356 if (unlikely(in_compat_syscall())) {
357 dispatch_list = &group->event_notifier_compat_syscall_dispatch[id];
358 } else {
359 dispatch_list = &group->event_notifier_syscall_dispatch[id];
360 }
361 if (unlikely(hlist_empty(dispatch_list)))
362 return;
363
364 syscall_entry_event_call_func(dispatch_list,
365 entry->event_func, entry->nrargs, regs);
366 }
367
368 static void syscall_exit_event_unknown(struct hlist_head *unknown_action_list_head,
369 struct pt_regs *regs, long id, long ret)
370 {
371 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
372 struct lttng_kernel_event_common_private *event_priv;
373
374 lttng_syscall_get_arguments(current, regs, args);
375 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
376 if (unlikely(in_compat_syscall()))
377 __event_probe__compat_syscall_exit_unknown(event_priv->pub, id, ret,
378 args);
379 else
380 __event_probe__syscall_exit_unknown(event_priv->pub, id, ret, args);
381 }
382 }
383
384 static __always_inline
385 void syscall_exit_event_call_func(struct hlist_head *action_list,
386 void *func, unsigned int nrargs,
387 struct pt_regs *regs, long ret)
388 {
389 struct lttng_kernel_event_common_private *event_priv;
390
391 switch (nrargs) {
392 case 0:
393 {
394 void (*fptr)(void *__data, long ret) = func;
395
396 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
397 fptr(event_priv->pub, ret);
398 break;
399 }
400 case 1:
401 {
402 void (*fptr)(void *__data,
403 long ret,
404 unsigned long arg0) = func;
405 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
406
407 lttng_syscall_get_arguments(current, regs, args);
408 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
409 fptr(event_priv->pub, ret, args[0]);
410 break;
411 }
412 case 2:
413 {
414 void (*fptr)(void *__data,
415 long ret,
416 unsigned long arg0,
417 unsigned long arg1) = func;
418 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
419
420 lttng_syscall_get_arguments(current, regs, args);
421 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
422 fptr(event_priv->pub, ret, args[0], args[1]);
423 break;
424 }
425 case 3:
426 {
427 void (*fptr)(void *__data,
428 long ret,
429 unsigned long arg0,
430 unsigned long arg1,
431 unsigned long arg2) = func;
432 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
433
434 lttng_syscall_get_arguments(current, regs, args);
435 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
436 fptr(event_priv->pub, ret, args[0], args[1], args[2]);
437 break;
438 }
439 case 4:
440 {
441 void (*fptr)(void *__data,
442 long ret,
443 unsigned long arg0,
444 unsigned long arg1,
445 unsigned long arg2,
446 unsigned long arg3) = func;
447 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
448
449 lttng_syscall_get_arguments(current, regs, args);
450 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
451 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3]);
452 break;
453 }
454 case 5:
455 {
456 void (*fptr)(void *__data,
457 long ret,
458 unsigned long arg0,
459 unsigned long arg1,
460 unsigned long arg2,
461 unsigned long arg3,
462 unsigned long arg4) = func;
463 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
464
465 lttng_syscall_get_arguments(current, regs, args);
466 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
467 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3], args[4]);
468 break;
469 }
470 case 6:
471 {
472 void (*fptr)(void *__data,
473 long ret,
474 unsigned long arg0,
475 unsigned long arg1,
476 unsigned long arg2,
477 unsigned long arg3,
478 unsigned long arg4,
479 unsigned long arg5) = func;
480 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
481
482 lttng_syscall_get_arguments(current, regs, args);
483 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
484 fptr(event_priv->pub, ret, args[0], args[1], args[2],
485 args[3], args[4], args[5]);
486 break;
487 }
488 default:
489 break;
490 }
491 }
492
493 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret)
494 {
495 struct lttng_kernel_channel_buffer *chan = __data;
496 struct hlist_head *action_list, *unknown_action_list;
497 const struct trace_syscall_entry *table, *entry;
498 size_t table_len;
499 long id;
500
501 id = syscall_get_nr(current, regs);
502
503 if (unlikely(in_compat_syscall())) {
504 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
505
506 if (id < 0 || id >= NR_compat_syscalls
507 || (!READ_ONCE(chan->priv->parent.syscall_all_exit) && !test_bit(id, filter->sc_compat_exit))) {
508 /* System call filtered out. */
509 return;
510 }
511 table = compat_sc_exit_table.table;
512 table_len = compat_sc_exit_table.len;
513 unknown_action_list = &chan->priv->parent.compat_sc_exit_unknown;
514 } else {
515 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
516
517 if (id < 0 || id >= NR_syscalls
518 || (!READ_ONCE(chan->priv->parent.syscall_all_exit) && !test_bit(id, filter->sc_exit))) {
519 /* System call filtered out. */
520 return;
521 }
522 table = sc_exit_table.table;
523 table_len = sc_exit_table.len;
524 unknown_action_list = &chan->priv->parent.sc_exit_unknown;
525 }
526 if (unlikely(id < 0 || id >= table_len)) {
527 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
528 return;
529 }
530
531 entry = &table[id];
532 if (!entry->event_func) {
533 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
534 return;
535 }
536
537 if (unlikely(in_compat_syscall())) {
538 action_list = &chan->priv->parent.compat_sc_exit_table[id];
539 } else {
540 action_list = &chan->priv->parent.sc_exit_table[id];
541 }
542 if (unlikely(hlist_empty(action_list)))
543 return;
544
545 syscall_exit_event_call_func(action_list, entry->event_func, entry->nrargs,
546 regs, ret);
547 }
548
549 void syscall_exit_event_notifier_probe(void *__data, struct pt_regs *regs,
550 long ret)
551 {
552 struct lttng_event_notifier_group *group = __data;
553 const struct trace_syscall_entry *table, *entry;
554 struct hlist_head *dispatch_list, *unknown_dispatch_list;
555 size_t table_len;
556 long id;
557
558 id = syscall_get_nr(current, regs);
559
560 if (unlikely(in_compat_syscall())) {
561 struct lttng_syscall_filter *filter = group->sc_filter;
562
563 if (id < 0 || id >= NR_compat_syscalls
564 || (!READ_ONCE(group->syscall_all_exit) &&
565 !test_bit(id, filter->sc_compat_exit))) {
566 /* System call filtered out. */
567 return;
568 }
569 table = compat_sc_exit_table.table;
570 table_len = compat_sc_exit_table.len;
571 unknown_dispatch_list = &group->event_notifier_exit_compat_unknown_syscall_dispatch;
572 } else {
573 struct lttng_syscall_filter *filter = group->sc_filter;
574
575 if (id < 0 || id >= NR_syscalls
576 || (!READ_ONCE(group->syscall_all_exit) &&
577 !test_bit(id, filter->sc_exit))) {
578 /* System call filtered out. */
579 return;
580 }
581 table = sc_exit_table.table;
582 table_len = sc_exit_table.len;
583 unknown_dispatch_list = &group->event_notifier_exit_unknown_syscall_dispatch;
584 }
585 /* Check if the syscall id is out of bound. */
586 if (unlikely(id < 0 || id >= table_len)) {
587 syscall_exit_event_unknown(unknown_dispatch_list,
588 regs, id, ret);
589 return;
590 }
591
592 entry = &table[id];
593 if (!entry->event_func) {
594 syscall_entry_event_unknown(unknown_dispatch_list,
595 regs, id);
596 return;
597 }
598
599 if (unlikely(in_compat_syscall())) {
600 dispatch_list = &group->event_notifier_exit_compat_syscall_dispatch[id];
601 } else {
602 dispatch_list = &group->event_notifier_exit_syscall_dispatch[id];
603 }
604 if (unlikely(hlist_empty(dispatch_list)))
605 return;
606
607 syscall_exit_event_call_func(dispatch_list,
608 entry->event_func, entry->nrargs, regs, ret);
609 }
610 /*
611 * noinline to diminish caller stack size.
612 * Should be called with sessions lock held.
613 */
614 static
615 int lttng_create_syscall_event_if_missing(const struct trace_syscall_entry *table, size_t table_len,
616 struct hlist_head *chan_table, struct lttng_event_enabler *event_enabler,
617 enum sc_type type)
618 {
619 struct lttng_kernel_channel_buffer *chan = event_enabler->chan;
620 struct lttng_kernel_session *session = chan->parent.session;
621 unsigned int i;
622
623 /* Allocate events for each syscall matching enabler, insert into table */
624 for (i = 0; i < table_len; i++) {
625 const struct lttng_kernel_event_desc *desc = table[i].desc;
626 struct lttng_kernel_abi_event ev;
627 struct lttng_kernel_event_recorder_private *event_recorder_priv;
628 struct lttng_kernel_event_recorder *event_recorder;
629 struct hlist_head *head;
630 bool found = false;
631
632 if (!desc) {
633 /* Unknown syscall */
634 continue;
635 }
636 if (lttng_desc_match_enabler(desc,
637 lttng_event_enabler_as_enabler(event_enabler)) <= 0)
638 continue;
639 /*
640 * Check if already created.
641 */
642 head = utils_borrow_hash_table_bucket(
643 session->priv->events_ht.table, LTTNG_EVENT_HT_SIZE,
644 desc->event_name);
645 lttng_hlist_for_each_entry(event_recorder_priv, head, hlist) {
646 if (event_recorder_priv->parent.desc == desc
647 && event_recorder_priv->pub->chan == event_enabler->chan)
648 found = true;
649 }
650 if (found)
651 continue;
652
653 /* We need to create an event for this syscall/enabler. */
654 memset(&ev, 0, sizeof(ev));
655 switch (type) {
656 case SC_TYPE_ENTRY:
657 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
658 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
659 break;
660 case SC_TYPE_EXIT:
661 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
662 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
663 break;
664 case SC_TYPE_COMPAT_ENTRY:
665 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
666 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
667 break;
668 case SC_TYPE_COMPAT_EXIT:
669 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
670 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
671 break;
672 }
673 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1);
674 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
675 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
676 event_recorder = _lttng_kernel_event_recorder_create(chan, &ev, desc, ev.instrumentation);
677 WARN_ON_ONCE(!event_recorder);
678 if (IS_ERR(event_recorder)) {
679 /*
680 * If something goes wrong in event registration
681 * after the first one, we have no choice but to
682 * leave the previous events in there, until
683 * deleted by session teardown.
684 */
685 return PTR_ERR(event_recorder);
686 }
687 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan_table[i]);
688 }
689 return 0;
690 }
691
692 /*
693 * Should be called with sessions lock held.
694 */
695 int lttng_syscalls_register_event(struct lttng_event_enabler *event_enabler)
696 {
697 struct lttng_kernel_channel_buffer *chan = event_enabler->chan;
698 struct lttng_kernel_abi_event ev;
699 int ret;
700
701 wrapper_vmalloc_sync_mappings();
702
703 if (!chan->priv->parent.sc_table) {
704 /* create syscall table mapping syscall to events */
705 chan->priv->parent.sc_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
706 * sc_table.len, GFP_KERNEL);
707 if (!chan->priv->parent.sc_table)
708 return -ENOMEM;
709 }
710 if (!chan->priv->parent.sc_exit_table) {
711 /* create syscall table mapping syscall to events */
712 chan->priv->parent.sc_exit_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
713 * sc_exit_table.len, GFP_KERNEL);
714 if (!chan->priv->parent.sc_exit_table)
715 return -ENOMEM;
716 }
717
718
719 #ifdef CONFIG_COMPAT
720 if (!chan->priv->parent.compat_sc_table) {
721 /* create syscall table mapping compat syscall to events */
722 chan->priv->parent.compat_sc_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
723 * compat_sc_table.len, GFP_KERNEL);
724 if (!chan->priv->parent.compat_sc_table)
725 return -ENOMEM;
726 }
727
728 if (!chan->priv->parent.compat_sc_exit_table) {
729 /* create syscall table mapping compat syscall to events */
730 chan->priv->parent.compat_sc_exit_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
731 * compat_sc_exit_table.len, GFP_KERNEL);
732 if (!chan->priv->parent.compat_sc_exit_table)
733 return -ENOMEM;
734 }
735 #endif
736 if (hlist_empty(&chan->priv->parent.sc_unknown)) {
737 const struct lttng_kernel_event_desc *desc =
738 &__event_desc___syscall_entry_unknown;
739 struct lttng_kernel_event_recorder *event_recorder;
740
741 memset(&ev, 0, sizeof(ev));
742 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
743 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
744 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
745 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
746 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
747 event_recorder = _lttng_kernel_event_recorder_create(chan, &ev, desc,
748 ev.instrumentation);
749 WARN_ON_ONCE(!event_recorder);
750 if (IS_ERR(event_recorder)) {
751 return PTR_ERR(event_recorder);
752 }
753 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.sc_unknown);
754 }
755
756 if (hlist_empty(&chan->priv->parent.sc_compat_unknown)) {
757 const struct lttng_kernel_event_desc *desc =
758 &__event_desc___compat_syscall_entry_unknown;
759 struct lttng_kernel_event_recorder *event_recorder;
760
761 memset(&ev, 0, sizeof(ev));
762 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
763 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
764 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
765 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
766 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
767 event_recorder = _lttng_kernel_event_recorder_create(chan, &ev, desc,
768 ev.instrumentation);
769 WARN_ON_ONCE(!event_recorder);
770 if (IS_ERR(event_recorder)) {
771 return PTR_ERR(event_recorder);
772 }
773 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.sc_compat_unknown);
774 }
775
776 if (hlist_empty(&chan->priv->parent.compat_sc_exit_unknown)) {
777 const struct lttng_kernel_event_desc *desc =
778 &__event_desc___compat_syscall_exit_unknown;
779 struct lttng_kernel_event_recorder *event_recorder;
780
781 memset(&ev, 0, sizeof(ev));
782 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
783 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
784 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
785 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
786 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
787 event_recorder = _lttng_kernel_event_recorder_create(chan, &ev, desc,
788 ev.instrumentation);
789 WARN_ON_ONCE(!event_recorder);
790 if (IS_ERR(event_recorder)) {
791 return PTR_ERR(event_recorder);
792 }
793 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.compat_sc_exit_unknown);
794 }
795
796 if (hlist_empty(&chan->priv->parent.sc_exit_unknown)) {
797 const struct lttng_kernel_event_desc *desc =
798 &__event_desc___syscall_exit_unknown;
799 struct lttng_kernel_event_recorder *event_recorder;
800
801 memset(&ev, 0, sizeof(ev));
802 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
803 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
804 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
805 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
806 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
807 event_recorder = _lttng_kernel_event_recorder_create(chan, &ev, desc,
808 ev.instrumentation);
809 WARN_ON_ONCE(!event_recorder);
810 if (IS_ERR(event_recorder)) {
811 return PTR_ERR(event_recorder);
812 }
813 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.sc_exit_unknown);
814 }
815
816 ret = lttng_create_syscall_event_if_missing(sc_table.table, sc_table.len,
817 chan->priv->parent.sc_table, event_enabler, SC_TYPE_ENTRY);
818 if (ret)
819 return ret;
820 ret = lttng_create_syscall_event_if_missing(sc_exit_table.table, sc_exit_table.len,
821 chan->priv->parent.sc_exit_table, event_enabler, SC_TYPE_EXIT);
822 if (ret)
823 return ret;
824
825 #ifdef CONFIG_COMPAT
826 ret = lttng_create_syscall_event_if_missing(compat_sc_table.table, compat_sc_table.len,
827 chan->priv->parent.compat_sc_table, event_enabler, SC_TYPE_COMPAT_ENTRY);
828 if (ret)
829 return ret;
830 ret = lttng_create_syscall_event_if_missing(compat_sc_exit_table.table, compat_sc_exit_table.len,
831 chan->priv->parent.compat_sc_exit_table, event_enabler, SC_TYPE_COMPAT_EXIT);
832 if (ret)
833 return ret;
834 #endif
835
836 if (!chan->priv->parent.sc_filter) {
837 chan->priv->parent.sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
838 GFP_KERNEL);
839 if (!chan->priv->parent.sc_filter)
840 return -ENOMEM;
841 }
842
843 if (!chan->priv->parent.sys_enter_registered) {
844 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
845 (void *) syscall_entry_event_probe, chan);
846 if (ret)
847 return ret;
848 chan->priv->parent.sys_enter_registered = 1;
849 }
850 /*
851 * We change the name of sys_exit tracepoint due to namespace
852 * conflict with sys_exit syscall entry.
853 */
854 if (!chan->priv->parent.sys_exit_registered) {
855 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
856 (void *) syscall_exit_event_probe, chan);
857 if (ret) {
858 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
859 (void *) syscall_entry_event_probe, chan));
860 return ret;
861 }
862 chan->priv->parent.sys_exit_registered = 1;
863 }
864 return ret;
865 }
866
867 /*
868 * Should be called with sessions lock held.
869 */
870 int lttng_syscalls_register_event_notifier(
871 struct lttng_event_notifier_enabler *event_notifier_enabler)
872 {
873 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
874 unsigned int i;
875 int ret = 0;
876
877 wrapper_vmalloc_sync_mappings();
878
879 if (!group->event_notifier_syscall_dispatch) {
880 group->event_notifier_syscall_dispatch =
881 kzalloc(sizeof(struct hlist_head) * sc_table.len,
882 GFP_KERNEL);
883 if (!group->event_notifier_syscall_dispatch)
884 return -ENOMEM;
885
886 /* Initialize all list_head */
887 for (i = 0; i < sc_table.len; i++)
888 INIT_HLIST_HEAD(&group->event_notifier_syscall_dispatch[i]);
889
890 /* Init the unknown syscall notifier list. */
891 INIT_HLIST_HEAD(&group->event_notifier_unknown_syscall_dispatch);
892 }
893
894 if (!group->event_notifier_exit_syscall_dispatch) {
895 group->event_notifier_exit_syscall_dispatch =
896 kzalloc(sizeof(struct hlist_head) * sc_table.len,
897 GFP_KERNEL);
898 if (!group->event_notifier_exit_syscall_dispatch)
899 return -ENOMEM;
900
901 /* Initialize all list_head */
902 for (i = 0; i < sc_table.len; i++)
903 INIT_HLIST_HEAD(&group->event_notifier_exit_syscall_dispatch[i]);
904
905 /* Init the unknown exit syscall notifier list. */
906 INIT_HLIST_HEAD(&group->event_notifier_exit_unknown_syscall_dispatch);
907 }
908
909 #ifdef CONFIG_COMPAT
910 if (!group->event_notifier_compat_syscall_dispatch) {
911 group->event_notifier_compat_syscall_dispatch =
912 kzalloc(sizeof(struct hlist_head) * compat_sc_table.len,
913 GFP_KERNEL);
914 if (!group->event_notifier_syscall_dispatch)
915 return -ENOMEM;
916
917 /* Initialize all list_head */
918 for (i = 0; i < compat_sc_table.len; i++)
919 INIT_HLIST_HEAD(&group->event_notifier_compat_syscall_dispatch[i]);
920
921 /* Init the unknown syscall notifier list. */
922 INIT_HLIST_HEAD(&group->event_notifier_compat_unknown_syscall_dispatch);
923 }
924
925 if (!group->event_notifier_exit_compat_syscall_dispatch) {
926 group->event_notifier_exit_compat_syscall_dispatch =
927 kzalloc(sizeof(struct hlist_head) * compat_sc_exit_table.len,
928 GFP_KERNEL);
929 if (!group->event_notifier_exit_syscall_dispatch)
930 return -ENOMEM;
931
932 /* Initialize all list_head */
933 for (i = 0; i < compat_sc_exit_table.len; i++)
934 INIT_HLIST_HEAD(&group->event_notifier_exit_compat_syscall_dispatch[i]);
935
936 /* Init the unknown exit syscall notifier list. */
937 INIT_HLIST_HEAD(&group->event_notifier_exit_compat_unknown_syscall_dispatch);
938 }
939 #endif
940
941 if (!group->sc_filter) {
942 group->sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
943 GFP_KERNEL);
944 if (!group->sc_filter)
945 return -ENOMEM;
946 }
947
948 if (!group->sys_enter_registered) {
949 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
950 (void *) syscall_entry_event_notifier_probe, group);
951 if (ret)
952 return ret;
953 group->sys_enter_registered = 1;
954 }
955
956 if (!group->sys_exit_registered) {
957 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
958 (void *) syscall_exit_event_notifier_probe, group);
959 if (ret) {
960 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
961 (void *) syscall_entry_event_notifier_probe, group));
962 return ret;
963 }
964 group->sys_exit_registered = 1;
965 }
966
967 return ret;
968 }
969
970 static
971 int create_unknown_event_notifier(
972 struct lttng_event_notifier_enabler *event_notifier_enabler,
973 enum sc_type type)
974 {
975 struct lttng_kernel_event_notifier_private *event_notifier_priv;
976 struct lttng_kernel_event_notifier *event_notifier;
977 const struct lttng_kernel_event_desc *desc;
978 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
979 struct lttng_kernel_abi_event_notifier event_notifier_param;
980 uint64_t user_token = event_notifier_enabler->base.user_token;
981 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
982 struct lttng_enabler *base_enabler = lttng_event_notifier_enabler_as_enabler(
983 event_notifier_enabler);
984 struct hlist_head *unknown_dispatch_list;
985 int ret = 0;
986 bool found = false;
987 enum lttng_kernel_abi_syscall_abi abi;
988 enum lttng_kernel_abi_syscall_entryexit entryexit;
989 struct hlist_head *head;
990
991 switch (type) {
992 case SC_TYPE_ENTRY:
993 desc = &__event_desc___syscall_entry_unknown;
994 unknown_dispatch_list = &group->event_notifier_unknown_syscall_dispatch;
995 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
996 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
997 break;
998 case SC_TYPE_EXIT:
999 desc = &__event_desc___syscall_exit_unknown;
1000 unknown_dispatch_list = &group->event_notifier_exit_unknown_syscall_dispatch;
1001 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1002 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1003 break;
1004 case SC_TYPE_COMPAT_ENTRY:
1005 desc = &__event_desc___compat_syscall_entry_unknown;
1006 unknown_dispatch_list = &group->event_notifier_compat_unknown_syscall_dispatch;
1007 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1008 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1009 break;
1010 case SC_TYPE_COMPAT_EXIT:
1011 desc = &__event_desc___compat_syscall_exit_unknown;
1012 unknown_dispatch_list = &group->event_notifier_exit_compat_unknown_syscall_dispatch;
1013 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1014 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1015 break;
1016 default:
1017 BUG_ON(1);
1018 }
1019
1020 /*
1021 * Check if already created.
1022 */
1023 head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
1024 LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->event_name);
1025 lttng_hlist_for_each_entry(event_notifier_priv, head, hlist) {
1026 if (event_notifier_priv->parent.desc == desc &&
1027 event_notifier_priv->parent.user_token == base_enabler->user_token)
1028 found = true;
1029 }
1030 if (found)
1031 goto end;
1032
1033 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
1034 strncat(event_notifier_param.event.name, desc->event_name,
1035 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
1036
1037 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
1038
1039 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
1040 event_notifier_param.event.u.syscall.abi = abi;
1041 event_notifier_param.event.u.syscall.entryexit = entryexit;
1042
1043 event_notifier = _lttng_event_notifier_create(desc, user_token,
1044 error_counter_index, group, &event_notifier_param,
1045 event_notifier_param.event.instrumentation);
1046 if (IS_ERR(event_notifier)) {
1047 printk(KERN_INFO "Unable to create unknown notifier %s\n",
1048 desc->event_name);
1049 ret = -ENOMEM;
1050 goto end;
1051 }
1052
1053 hlist_add_head_rcu(&event_notifier->priv->parent.u.syscall.node, unknown_dispatch_list);
1054
1055 end:
1056 return ret;
1057 }
1058
1059 static int create_matching_event_notifiers(
1060 struct lttng_event_notifier_enabler *event_notifier_enabler,
1061 const struct trace_syscall_entry *table,
1062 size_t table_len, enum sc_type type)
1063 {
1064 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
1065 const struct lttng_kernel_event_desc *desc;
1066 uint64_t user_token = event_notifier_enabler->base.user_token;
1067 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
1068 unsigned int i;
1069 int ret = 0;
1070
1071 /* iterate over all syscall and create event_notifier that match */
1072 for (i = 0; i < table_len; i++) {
1073 struct lttng_kernel_event_notifier_private *event_notifier_priv;
1074 struct lttng_kernel_event_notifier *event_notifier;
1075 struct lttng_kernel_abi_event_notifier event_notifier_param;
1076 struct hlist_head *head;
1077 int found = 0;
1078
1079 desc = table[i].desc;
1080 if (!desc) {
1081 /* Unknown syscall */
1082 continue;
1083 }
1084
1085 if (!lttng_desc_match_enabler(desc,
1086 lttng_event_notifier_enabler_as_enabler(event_notifier_enabler)))
1087 continue;
1088
1089 /*
1090 * Check if already created.
1091 */
1092 head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
1093 LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->event_name);
1094 lttng_hlist_for_each_entry(event_notifier_priv, head, hlist) {
1095 if (event_notifier_priv->parent.desc == desc
1096 && event_notifier_priv->parent.user_token == event_notifier_enabler->base.user_token)
1097 found = 1;
1098 }
1099 if (found)
1100 continue;
1101
1102 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
1103 switch (type) {
1104 case SC_TYPE_ENTRY:
1105 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1106 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1107 break;
1108 case SC_TYPE_EXIT:
1109 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1110 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1111 break;
1112 case SC_TYPE_COMPAT_ENTRY:
1113 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1114 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1115 break;
1116 case SC_TYPE_COMPAT_EXIT:
1117 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1118 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1119 break;
1120 }
1121 strncat(event_notifier_param.event.name, desc->event_name,
1122 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
1123 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
1124 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
1125
1126 event_notifier = _lttng_event_notifier_create(desc, user_token,
1127 error_counter_index, group, &event_notifier_param,
1128 event_notifier_param.event.instrumentation);
1129 if (IS_ERR(event_notifier)) {
1130 printk(KERN_INFO "Unable to create event_notifier %s\n",
1131 desc->event_name);
1132 ret = -ENOMEM;
1133 goto end;
1134 }
1135
1136 event_notifier->priv->parent.u.syscall.syscall_id = i;
1137 }
1138
1139 end:
1140 return ret;
1141
1142 }
1143
1144 int lttng_syscalls_create_matching_event_notifiers(
1145 struct lttng_event_notifier_enabler *event_notifier_enabler)
1146 {
1147 int ret;
1148 struct lttng_enabler *base_enabler =
1149 lttng_event_notifier_enabler_as_enabler(event_notifier_enabler);
1150 enum lttng_kernel_abi_syscall_entryexit entryexit =
1151 base_enabler->event_param.u.syscall.entryexit;
1152
1153 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRY || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1154 ret = create_matching_event_notifiers(event_notifier_enabler,
1155 sc_table.table, sc_table.len, SC_TYPE_ENTRY);
1156 if (ret)
1157 goto end;
1158
1159 ret = create_matching_event_notifiers(event_notifier_enabler,
1160 compat_sc_table.table, compat_sc_table.len,
1161 SC_TYPE_COMPAT_ENTRY);
1162 if (ret)
1163 goto end;
1164
1165 ret = create_unknown_event_notifier(event_notifier_enabler,
1166 SC_TYPE_ENTRY);
1167 if (ret)
1168 goto end;
1169
1170 ret = create_unknown_event_notifier(event_notifier_enabler,
1171 SC_TYPE_COMPAT_ENTRY);
1172 if (ret)
1173 goto end;
1174 }
1175
1176 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_EXIT || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1177 ret = create_matching_event_notifiers(event_notifier_enabler,
1178 sc_exit_table.table, sc_exit_table.len,
1179 SC_TYPE_EXIT);
1180 if (ret)
1181 goto end;
1182
1183 ret = create_unknown_event_notifier(event_notifier_enabler,
1184 SC_TYPE_EXIT);
1185 if (ret)
1186 goto end;
1187
1188 ret = create_matching_event_notifiers(event_notifier_enabler,
1189 compat_sc_exit_table.table, compat_sc_exit_table.len,
1190 SC_TYPE_COMPAT_EXIT);
1191 if (ret)
1192 goto end;
1193
1194 ret = create_unknown_event_notifier(event_notifier_enabler,
1195 SC_TYPE_COMPAT_EXIT);
1196 if (ret)
1197 goto end;
1198 }
1199
1200 end:
1201 return ret;
1202 }
1203
1204 /*
1205 * Unregister the syscall event_notifier probes from the callsites.
1206 */
1207 int lttng_syscalls_unregister_event_notifier_group(
1208 struct lttng_event_notifier_group *event_notifier_group)
1209 {
1210 int ret;
1211
1212 /*
1213 * Only register the event_notifier probe on the `sys_enter` callsite for now.
1214 * At the moment, we don't think it's desirable to have one fired
1215 * event_notifier for the entry and one for the exit of a syscall.
1216 */
1217 if (event_notifier_group->sys_enter_registered) {
1218 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1219 (void *) syscall_entry_event_notifier_probe, event_notifier_group);
1220 if (ret)
1221 return ret;
1222 event_notifier_group->sys_enter_registered = 0;
1223 }
1224 if (event_notifier_group->sys_exit_registered) {
1225 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1226 (void *) syscall_exit_event_notifier_probe, event_notifier_group);
1227 if (ret)
1228 return ret;
1229 event_notifier_group->sys_enter_registered = 0;
1230 }
1231
1232 kfree(event_notifier_group->event_notifier_syscall_dispatch);
1233 kfree(event_notifier_group->event_notifier_exit_syscall_dispatch);
1234 #ifdef CONFIG_COMPAT
1235 kfree(event_notifier_group->event_notifier_compat_syscall_dispatch);
1236 kfree(event_notifier_group->event_notifier_exit_compat_syscall_dispatch);
1237 #endif
1238 return 0;
1239 }
1240
1241 int lttng_syscalls_unregister_channel(struct lttng_kernel_channel_buffer *chan)
1242 {
1243 int ret;
1244
1245 if (!chan->priv->parent.sc_table)
1246 return 0;
1247 if (chan->priv->parent.sys_enter_registered) {
1248 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1249 (void *) syscall_entry_event_probe, chan);
1250 if (ret)
1251 return ret;
1252 chan->priv->parent.sys_enter_registered = 0;
1253 }
1254 if (chan->priv->parent.sys_exit_registered) {
1255 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1256 (void *) syscall_exit_event_probe, chan);
1257 if (ret)
1258 return ret;
1259 chan->priv->parent.sys_exit_registered = 0;
1260 }
1261 return 0;
1262 }
1263
1264 int lttng_syscalls_destroy_event(struct lttng_kernel_channel_buffer *chan)
1265 {
1266 kfree(chan->priv->parent.sc_table);
1267 kfree(chan->priv->parent.sc_exit_table);
1268 #ifdef CONFIG_COMPAT
1269 kfree(chan->priv->parent.compat_sc_table);
1270 kfree(chan->priv->parent.compat_sc_exit_table);
1271 #endif
1272 kfree(chan->priv->parent.sc_filter);
1273 return 0;
1274 }
1275
1276 static
1277 int get_syscall_nr(const char *syscall_name)
1278 {
1279 int syscall_nr = -1;
1280 int i;
1281
1282 for (i = 0; i < sc_table.len; i++) {
1283 const struct trace_syscall_entry *entry;
1284 const char *it_name;
1285
1286 entry = &sc_table.table[i];
1287 if (!entry->desc)
1288 continue;
1289 it_name = entry->desc->event_name;
1290 it_name += strlen(SYSCALL_ENTRY_STR);
1291 if (!strcmp(syscall_name, it_name)) {
1292 syscall_nr = i;
1293 break;
1294 }
1295 }
1296 return syscall_nr;
1297 }
1298
1299 static
1300 int get_compat_syscall_nr(const char *syscall_name)
1301 {
1302 int syscall_nr = -1;
1303 int i;
1304
1305 for (i = 0; i < compat_sc_table.len; i++) {
1306 const struct trace_syscall_entry *entry;
1307 const char *it_name;
1308
1309 entry = &compat_sc_table.table[i];
1310 if (!entry->desc)
1311 continue;
1312 it_name = entry->desc->event_name;
1313 it_name += strlen(COMPAT_SYSCALL_ENTRY_STR);
1314 if (!strcmp(syscall_name, it_name)) {
1315 syscall_nr = i;
1316 break;
1317 }
1318 }
1319 return syscall_nr;
1320 }
1321
1322 static
1323 uint32_t get_sc_tables_len(void)
1324 {
1325 return sc_table.len + compat_sc_table.len;
1326 }
1327
1328 static
1329 const char *get_syscall_name(const char *desc_name,
1330 enum lttng_syscall_abi abi,
1331 enum lttng_syscall_entryexit entryexit)
1332 {
1333 size_t prefix_len = 0;
1334
1335
1336 switch (entryexit) {
1337 case LTTNG_SYSCALL_ENTRY:
1338 switch (abi) {
1339 case LTTNG_SYSCALL_ABI_NATIVE:
1340 prefix_len = strlen(SYSCALL_ENTRY_STR);
1341 break;
1342 case LTTNG_SYSCALL_ABI_COMPAT:
1343 prefix_len = strlen(COMPAT_SYSCALL_ENTRY_STR);
1344 break;
1345 }
1346 break;
1347 case LTTNG_SYSCALL_EXIT:
1348 switch (abi) {
1349 case LTTNG_SYSCALL_ABI_NATIVE:
1350 prefix_len = strlen(SYSCALL_EXIT_STR);
1351 break;
1352 case LTTNG_SYSCALL_ABI_COMPAT:
1353 prefix_len = strlen(COMPAT_SYSCALL_EXIT_STR);
1354 break;
1355 }
1356 break;
1357 }
1358 WARN_ON_ONCE(prefix_len == 0);
1359 return desc_name + prefix_len;
1360 }
1361
1362 static
1363 int lttng_syscall_filter_enable(
1364 struct lttng_syscall_filter *filter,
1365 const char *desc_name, enum lttng_syscall_abi abi,
1366 enum lttng_syscall_entryexit entryexit)
1367 {
1368 const char *syscall_name;
1369 unsigned long *bitmap;
1370 int syscall_nr;
1371
1372 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1373
1374 switch (abi) {
1375 case LTTNG_SYSCALL_ABI_NATIVE:
1376 syscall_nr = get_syscall_nr(syscall_name);
1377 break;
1378 case LTTNG_SYSCALL_ABI_COMPAT:
1379 syscall_nr = get_compat_syscall_nr(syscall_name);
1380 break;
1381 default:
1382 return -EINVAL;
1383 }
1384 if (syscall_nr < 0)
1385 return -ENOENT;
1386
1387 switch (entryexit) {
1388 case LTTNG_SYSCALL_ENTRY:
1389 switch (abi) {
1390 case LTTNG_SYSCALL_ABI_NATIVE:
1391 bitmap = filter->sc_entry;
1392 break;
1393 case LTTNG_SYSCALL_ABI_COMPAT:
1394 bitmap = filter->sc_compat_entry;
1395 break;
1396 default:
1397 return -EINVAL;
1398 }
1399 break;
1400 case LTTNG_SYSCALL_EXIT:
1401 switch (abi) {
1402 case LTTNG_SYSCALL_ABI_NATIVE:
1403 bitmap = filter->sc_exit;
1404 break;
1405 case LTTNG_SYSCALL_ABI_COMPAT:
1406 bitmap = filter->sc_compat_exit;
1407 break;
1408 default:
1409 return -EINVAL;
1410 }
1411 break;
1412 default:
1413 return -EINVAL;
1414 }
1415 if (test_bit(syscall_nr, bitmap))
1416 return -EEXIST;
1417 bitmap_set(bitmap, syscall_nr, 1);
1418 return 0;
1419 }
1420
1421 int lttng_syscall_filter_enable_event_notifier(
1422 struct lttng_kernel_event_notifier *event_notifier)
1423 {
1424 struct lttng_event_notifier_group *group = event_notifier->priv->group;
1425 unsigned int syscall_id = event_notifier->priv->parent.u.syscall.syscall_id;
1426 struct hlist_head *dispatch_list;
1427 int ret = 0;
1428
1429 WARN_ON_ONCE(event_notifier->priv->parent.instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1430
1431 ret = lttng_syscall_filter_enable(group->sc_filter,
1432 event_notifier->priv->parent.desc->event_name,
1433 event_notifier->priv->parent.u.syscall.abi,
1434 event_notifier->priv->parent.u.syscall.entryexit);
1435 if (ret) {
1436 goto end;
1437 }
1438
1439 switch (event_notifier->priv->parent.u.syscall.entryexit) {
1440 case LTTNG_SYSCALL_ENTRY:
1441 switch (event_notifier->priv->parent.u.syscall.abi) {
1442 case LTTNG_SYSCALL_ABI_NATIVE:
1443 dispatch_list = &group->event_notifier_syscall_dispatch[syscall_id];
1444 break;
1445 case LTTNG_SYSCALL_ABI_COMPAT:
1446 dispatch_list = &group->event_notifier_compat_syscall_dispatch[syscall_id];
1447 break;
1448 default:
1449 ret = -EINVAL;
1450 goto end;
1451 }
1452 break;
1453 case LTTNG_SYSCALL_EXIT:
1454 switch (event_notifier->priv->parent.u.syscall.abi) {
1455 case LTTNG_SYSCALL_ABI_NATIVE:
1456 dispatch_list = &group->event_notifier_exit_syscall_dispatch[syscall_id];
1457 break;
1458 case LTTNG_SYSCALL_ABI_COMPAT:
1459 dispatch_list = &group->event_notifier_exit_compat_syscall_dispatch[syscall_id];
1460 break;
1461 default:
1462 ret = -EINVAL;
1463 goto end;
1464 }
1465 break;
1466 default:
1467 ret = -EINVAL;
1468 goto end;
1469 }
1470
1471 hlist_add_head_rcu(&event_notifier->priv->parent.u.syscall.node, dispatch_list);
1472
1473 end:
1474 return ret ;
1475 }
1476
1477 int lttng_syscall_filter_enable_event(
1478 struct lttng_kernel_channel_buffer *channel,
1479 struct lttng_kernel_event_recorder *event_recorder)
1480 {
1481 WARN_ON_ONCE(event_recorder->priv->parent.instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1482
1483 return lttng_syscall_filter_enable(channel->priv->parent.sc_filter,
1484 event_recorder->priv->parent.desc->event_name,
1485 event_recorder->priv->parent.u.syscall.abi,
1486 event_recorder->priv->parent.u.syscall.entryexit);
1487 }
1488
1489 static
1490 int lttng_syscall_filter_disable(
1491 struct lttng_syscall_filter *filter,
1492 const char *desc_name, enum lttng_syscall_abi abi,
1493 enum lttng_syscall_entryexit entryexit)
1494 {
1495 const char *syscall_name;
1496 unsigned long *bitmap;
1497 int syscall_nr;
1498
1499 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1500
1501 switch (abi) {
1502 case LTTNG_SYSCALL_ABI_NATIVE:
1503 syscall_nr = get_syscall_nr(syscall_name);
1504 break;
1505 case LTTNG_SYSCALL_ABI_COMPAT:
1506 syscall_nr = get_compat_syscall_nr(syscall_name);
1507 break;
1508 default:
1509 return -EINVAL;
1510 }
1511 if (syscall_nr < 0)
1512 return -ENOENT;
1513
1514 switch (entryexit) {
1515 case LTTNG_SYSCALL_ENTRY:
1516 switch (abi) {
1517 case LTTNG_SYSCALL_ABI_NATIVE:
1518 bitmap = filter->sc_entry;
1519 break;
1520 case LTTNG_SYSCALL_ABI_COMPAT:
1521 bitmap = filter->sc_compat_entry;
1522 break;
1523 default:
1524 return -EINVAL;
1525 }
1526 break;
1527 case LTTNG_SYSCALL_EXIT:
1528 switch (abi) {
1529 case LTTNG_SYSCALL_ABI_NATIVE:
1530 bitmap = filter->sc_exit;
1531 break;
1532 case LTTNG_SYSCALL_ABI_COMPAT:
1533 bitmap = filter->sc_compat_exit;
1534 break;
1535 default:
1536 return -EINVAL;
1537 }
1538 break;
1539 default:
1540 return -EINVAL;
1541 }
1542 if (!test_bit(syscall_nr, bitmap))
1543 return -EEXIST;
1544 bitmap_clear(bitmap, syscall_nr, 1);
1545
1546 return 0;
1547 }
1548
1549 int lttng_syscall_filter_disable_event_notifier(
1550 struct lttng_kernel_event_notifier *event_notifier)
1551 {
1552 struct lttng_event_notifier_group *group = event_notifier->priv->group;
1553 int ret;
1554
1555 WARN_ON_ONCE(event_notifier->priv->parent.instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1556
1557 ret = lttng_syscall_filter_disable(group->sc_filter,
1558 event_notifier->priv->parent.desc->event_name,
1559 event_notifier->priv->parent.u.syscall.abi,
1560 event_notifier->priv->parent.u.syscall.entryexit);
1561 WARN_ON_ONCE(ret != 0);
1562
1563 hlist_del_rcu(&event_notifier->priv->parent.u.syscall.node);
1564 return 0;
1565 }
1566
1567 int lttng_syscall_filter_disable_event(
1568 struct lttng_kernel_channel_buffer *channel,
1569 struct lttng_kernel_event_recorder *event_recorder)
1570 {
1571 return lttng_syscall_filter_disable(channel->priv->parent.sc_filter,
1572 event_recorder->priv->parent.desc->event_name,
1573 event_recorder->priv->parent.u.syscall.abi,
1574 event_recorder->priv->parent.u.syscall.entryexit);
1575 }
1576
1577 static
1578 const struct trace_syscall_entry *syscall_list_get_entry(loff_t *pos)
1579 {
1580 const struct trace_syscall_entry *entry;
1581 int iter = 0;
1582
1583 for (entry = sc_table.table;
1584 entry < sc_table.table + sc_table.len;
1585 entry++) {
1586 if (iter++ >= *pos)
1587 return entry;
1588 }
1589 for (entry = compat_sc_table.table;
1590 entry < compat_sc_table.table + compat_sc_table.len;
1591 entry++) {
1592 if (iter++ >= *pos)
1593 return entry;
1594 }
1595 /* End of list */
1596 return NULL;
1597 }
1598
1599 static
1600 void *syscall_list_start(struct seq_file *m, loff_t *pos)
1601 {
1602 return (void *) syscall_list_get_entry(pos);
1603 }
1604
1605 static
1606 void *syscall_list_next(struct seq_file *m, void *p, loff_t *ppos)
1607 {
1608 (*ppos)++;
1609 return (void *) syscall_list_get_entry(ppos);
1610 }
1611
1612 static
1613 void syscall_list_stop(struct seq_file *m, void *p)
1614 {
1615 }
1616
1617 static
1618 int get_sc_table(const struct trace_syscall_entry *entry,
1619 const struct trace_syscall_entry **table,
1620 unsigned int *bitness)
1621 {
1622 if (entry >= sc_table.table && entry < sc_table.table + sc_table.len) {
1623 if (bitness)
1624 *bitness = BITS_PER_LONG;
1625 if (table)
1626 *table = sc_table.table;
1627 return 0;
1628 }
1629 if (!(entry >= compat_sc_table.table
1630 && entry < compat_sc_table.table + compat_sc_table.len)) {
1631 return -EINVAL;
1632 }
1633 if (bitness)
1634 *bitness = 32;
1635 if (table)
1636 *table = compat_sc_table.table;
1637 return 0;
1638 }
1639
1640 static
1641 int syscall_list_show(struct seq_file *m, void *p)
1642 {
1643 const struct trace_syscall_entry *table, *entry = p;
1644 unsigned int bitness;
1645 unsigned long index;
1646 int ret;
1647 const char *name;
1648
1649 ret = get_sc_table(entry, &table, &bitness);
1650 if (ret)
1651 return ret;
1652 if (!entry->desc)
1653 return 0;
1654 if (table == sc_table.table) {
1655 index = entry - table;
1656 name = &entry->desc->event_name[strlen(SYSCALL_ENTRY_STR)];
1657 } else {
1658 index = (entry - table) + sc_table.len;
1659 name = &entry->desc->event_name[strlen(COMPAT_SYSCALL_ENTRY_STR)];
1660 }
1661 seq_printf(m, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1662 index, name, bitness);
1663 return 0;
1664 }
1665
1666 static
1667 const struct seq_operations lttng_syscall_list_seq_ops = {
1668 .start = syscall_list_start,
1669 .next = syscall_list_next,
1670 .stop = syscall_list_stop,
1671 .show = syscall_list_show,
1672 };
1673
1674 static
1675 int lttng_syscall_list_open(struct inode *inode, struct file *file)
1676 {
1677 return seq_open(file, &lttng_syscall_list_seq_ops);
1678 }
1679
1680 const struct file_operations lttng_syscall_list_fops = {
1681 .owner = THIS_MODULE,
1682 .open = lttng_syscall_list_open,
1683 .read = seq_read,
1684 .llseek = seq_lseek,
1685 .release = seq_release,
1686 };
1687
1688 /*
1689 * A syscall is enabled if it is traced for either entry or exit.
1690 */
1691 long lttng_channel_syscall_mask(struct lttng_kernel_channel_buffer *channel,
1692 struct lttng_kernel_abi_syscall_mask __user *usyscall_mask)
1693 {
1694 uint32_t len, sc_tables_len, bitmask_len;
1695 int ret = 0, bit;
1696 char *tmp_mask;
1697 struct lttng_syscall_filter *filter;
1698
1699 ret = get_user(len, &usyscall_mask->len);
1700 if (ret)
1701 return ret;
1702 sc_tables_len = get_sc_tables_len();
1703 bitmask_len = ALIGN(sc_tables_len, 8) >> 3;
1704 if (len < sc_tables_len) {
1705 return put_user(sc_tables_len, &usyscall_mask->len);
1706 }
1707 /* Array is large enough, we can copy array to user-space. */
1708 tmp_mask = kzalloc(bitmask_len, GFP_KERNEL);
1709 if (!tmp_mask)
1710 return -ENOMEM;
1711 filter = channel->priv->parent.sc_filter;
1712
1713 for (bit = 0; bit < sc_table.len; bit++) {
1714 char state;
1715
1716 if (channel->priv->parent.sc_table) {
1717 if (!(READ_ONCE(channel->priv->parent.syscall_all_entry)
1718 || READ_ONCE(channel->priv->parent.syscall_all_exit)) && filter)
1719 state = test_bit(bit, filter->sc_entry)
1720 || test_bit(bit, filter->sc_exit);
1721 else
1722 state = 1;
1723 } else {
1724 state = 0;
1725 }
1726 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1727 }
1728 for (; bit < sc_tables_len; bit++) {
1729 char state;
1730
1731 if (channel->priv->parent.compat_sc_table) {
1732 if (!(READ_ONCE(channel->priv->parent.syscall_all_entry)
1733 || READ_ONCE(channel->priv->parent.syscall_all_exit)) && filter)
1734 state = test_bit(bit - sc_table.len,
1735 filter->sc_compat_entry)
1736 || test_bit(bit - sc_table.len,
1737 filter->sc_compat_exit);
1738 else
1739 state = 1;
1740 } else {
1741 state = 0;
1742 }
1743 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1744 }
1745 if (copy_to_user(usyscall_mask->mask, tmp_mask, bitmask_len))
1746 ret = -EFAULT;
1747 kfree(tmp_mask);
1748 return ret;
1749 }
1750
1751 int lttng_abi_syscall_list(void)
1752 {
1753 struct file *syscall_list_file;
1754 int file_fd, ret;
1755
1756 file_fd = lttng_get_unused_fd();
1757 if (file_fd < 0) {
1758 ret = file_fd;
1759 goto fd_error;
1760 }
1761
1762 syscall_list_file = anon_inode_getfile("[lttng_syscall_list]",
1763 &lttng_syscall_list_fops,
1764 NULL, O_RDWR);
1765 if (IS_ERR(syscall_list_file)) {
1766 ret = PTR_ERR(syscall_list_file);
1767 goto file_error;
1768 }
1769 ret = lttng_syscall_list_fops.open(NULL, syscall_list_file);
1770 if (ret < 0)
1771 goto open_error;
1772 fd_install(file_fd, syscall_list_file);
1773 return file_fd;
1774
1775 open_error:
1776 fput(syscall_list_file);
1777 file_error:
1778 put_unused_fd(file_fd);
1779 fd_error:
1780 return ret;
1781 }
LTTng 2.0/0.x modules
This page took 0.130135 seconds and 4 git commands to generate.