From 077192fd1880652a61400b493a0b6cf5bb199435 Mon Sep 17 00:00:00 2001 From: Jonathan Rajotte Date: Wed, 11 Mar 2020 13:52:38 -0400 Subject: [PATCH] event-rule: introduce event-rule kprobe MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This is the "--probe" option of the enable-event command line. Change-Id: I6d763df53d5e838ea2266d49b1f22bc23a9addb1 Signed-off-by: Jonathan Rajotte Signed-off-by: Jérémie Galarneau --- include/Makefile.am | 4 +- include/lttng/event-rule/kprobe-internal.h | 39 ++ include/lttng/event-rule/kprobe.h | 84 +++++ include/lttng/kernel-probe-internal.h | 4 + include/lttng/lttng.h | 1 + src/common/Makefile.am | 1 + src/common/event-rule/event-rule.c | 5 +- src/common/event-rule/kprobe.c | 413 +++++++++++++++++++++ src/common/kernel-probe.c | 109 +++++- 9 files changed, 656 insertions(+), 4 deletions(-) create mode 100644 include/lttng/event-rule/kprobe-internal.h create mode 100644 include/lttng/event-rule/kprobe.h create mode 100644 src/common/event-rule/kprobe.c diff --git a/include/Makefile.am b/include/Makefile.am index fe83588ca..3ba967e0a 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -144,7 +144,8 @@ lttngtriggerinclude_HEADERS= \ lttng/trigger/trigger.h lttngeventruleinclude_HEADERS= \ - lttng/event-rule/event-rule.h + lttng/event-rule/event-rule.h \ + lttng/event-rule/kprobe.h noinst_HEADERS = \ lttng/snapshot-internal.h \ @@ -177,5 +178,6 @@ noinst_HEADERS = \ lttng/session-descriptor-internal.h \ lttng/kernel-probe-internal.h \ lttng/event-rule/event-rule-internal.h \ + lttng/event-rule/kprobe-internal.h \ version.h \ version.i diff --git a/include/lttng/event-rule/kprobe-internal.h b/include/lttng/event-rule/kprobe-internal.h new file mode 100644 index 000000000..7d2ecc8cc --- /dev/null +++ b/include/lttng/event-rule/kprobe-internal.h @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2019 Jonathan Rajotte + * + * SPDX-License-Identifier: LGPL-2.1-only + * + */ + +#ifndef LTTNG_EVENT_RULE_KPROBE_INTERNAL_H +#define LTTNG_EVENT_RULE_KPROBE_INTERNAL_H + +#include +#include +#include +#include + +struct lttng_event_rule_kprobe { + struct lttng_event_rule parent; + char *name; + struct lttng_kernel_probe_location *location; +}; + +struct lttng_event_rule_kprobe_comm { + /* Includes terminator `\0`. */ + uint32_t name_len; + uint32_t location_len; + /* + * Payload is composed of, in that order: + * - name (null terminated), + * - kernel probe location object. + */ + char payload[]; +} LTTNG_PACKED; + +LTTNG_HIDDEN +ssize_t lttng_event_rule_kprobe_create_from_payload( + struct lttng_payload_view *payload, + struct lttng_event_rule **rule); + +#endif /* LTTNG_EVENT_RULE_KPROBE_INTERNAL_H */ diff --git a/include/lttng/event-rule/kprobe.h b/include/lttng/event-rule/kprobe.h new file mode 100644 index 000000000..e3d7563a4 --- /dev/null +++ b/include/lttng/event-rule/kprobe.h @@ -0,0 +1,84 @@ +/* + * Copyright (C) 2019 Jonathan Rajotte + * + * SPDX-License-Identifier: LGPL-2.1-only + * + */ + +#ifndef LTTNG_EVENT_RULE_KPROBE_H +#define LTTNG_EVENT_RULE_KPROBE_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +struct lttng_kernel_probe_location; + +/* + * Create a newly allocated kprobe event rule. + * + * Returns a new event rule on success, NULL on failure. The returned event rule + * must be destroyed using lttng_event_rule_destroy(). + */ +extern struct lttng_event_rule *lttng_event_rule_kprobe_create(void); + +/* + * Set the kernel probe location of a kprobe event rule. + * + * The location is copied internally. + * + * Returns LTTNG_EVENT_RULE_STATUS_OK on success, LTTNG_EVENT_RULE_STATUS_INVALID + * if invalid parameters are passed. + */ +extern enum lttng_event_rule_status lttng_event_rule_kprobe_set_location( + struct lttng_event_rule *rule, + const struct lttng_kernel_probe_location *location); + +/* + * Get the kernel probe location of a kprobe event rule. + * + * The caller does not assume the ownership of the returned location. + * The location shall only be used for the duration of the event + * rule's lifetime, or before a different location is set. + * + * Returns LTTNG_EVENT_RULE_STATUS_OK and a pointer to the event rule's location + * on success, LTTNG_EVENT_RULE_STATUS_INVALID if an invalid parameter is + * passed, or LTTNG_EVENT_RULE_STATUS_UNSET if a location was not set prior to + * this call. + */ +extern enum lttng_event_rule_status lttng_event_rule_kprobe_get_location( + const struct lttng_event_rule *rule, + const struct lttng_kernel_probe_location **location); + +/* + * Set the name of a kprobe event rule. + * + * The name is copied internally. + * + * Returns LTTNG_EVENT_RULE_STATUS_OK on success, LTTNG_EVENT_RULE_STATUS_INVALID + * if invalid parameters are passed. + */ +extern enum lttng_event_rule_status lttng_event_rule_kprobe_set_name( + struct lttng_event_rule *rule, const char *name); + +/* + * Get the name of a kprobe event rule. + * + * The caller does not assume the ownership of the returned name. + * The name shall only only be used for the duration of the event + * rule's lifetime, or before a different name is set. + * + * Returns LTTNG_EVENT_RULE_STATUS_OK and a pointer to the event rule's name on + * success, LTTNG_EVENT_RULE_STATUS_INVALID if an invalid parameter is passed, + * or LTTNG_EVENT_RULE_STATUS_UNSET if a name was not set prior to this call. + */ +extern enum lttng_event_rule_status lttng_event_rule_kprobe_get_name( + const struct lttng_event_rule *rule, const char **name); + +#ifdef __cplusplus +} +#endif + +#endif /* LTTNG_EVENT_RULE_KPROBE_H */ diff --git a/include/lttng/kernel-probe-internal.h b/include/lttng/kernel-probe-internal.h index 680f3afab..381c6a411 100644 --- a/include/lttng/kernel-probe-internal.h +++ b/include/lttng/kernel-probe-internal.h @@ -91,4 +91,8 @@ bool lttng_kernel_probe_location_is_equal( const struct lttng_kernel_probe_location *a, const struct lttng_kernel_probe_location *b); +LTTNG_HIDDEN +struct lttng_kernel_probe_location *lttng_kernel_probe_location_copy( + const struct lttng_kernel_probe_location *location); + #endif /* LTTNG_KERNEL_PROBE_INTERNAL_H */ diff --git a/include/lttng/lttng.h b/include/lttng/lttng.h index bfc3bbd7d..a7fef39c3 100644 --- a/include/lttng/lttng.h +++ b/include/lttng/lttng.h @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include diff --git a/src/common/Makefile.am b/src/common/Makefile.am index c29ce68dd..b31e6c546 100644 --- a/src/common/Makefile.am +++ b/src/common/Makefile.am @@ -49,6 +49,7 @@ libcommon_la_SOURCES = \ evaluation.c \ event.c \ event-rule/event-rule.c \ + event-rule/kprobe.c \ filter.c filter.h \ fd-handle.c fd-handle.h \ fs-handle.c fs-handle.h fs-handle-internal.h \ diff --git a/src/common/event-rule/event-rule.c b/src/common/event-rule/event-rule.c index efeb76539..e5736d6f9 100644 --- a/src/common/event-rule/event-rule.c +++ b/src/common/event-rule/event-rule.c @@ -12,6 +12,7 @@ #include #include #include +#include #include enum lttng_event_rule_type lttng_event_rule_get_type( @@ -146,7 +147,7 @@ ssize_t lttng_event_rule_create_from_payload( goto end; } - DBG("Deserializing event_rule from payload"); + DBG("Deserializing event_rule from payload."); event_rule_comm = (const struct lttng_event_rule_comm *) view->buffer.data; consumed += sizeof(*event_rule_comm); @@ -155,7 +156,7 @@ ssize_t lttng_event_rule_create_from_payload( /* TODO */ break; case LTTNG_EVENT_RULE_TYPE_KPROBE: - /* TODO */ + create_from_payload = lttng_event_rule_kprobe_create_from_payload; break; case LTTNG_EVENT_RULE_TYPE_KRETPROBE: /* TODO */ diff --git a/src/common/event-rule/kprobe.c b/src/common/event-rule/kprobe.c new file mode 100644 index 000000000..a5c93e653 --- /dev/null +++ b/src/common/event-rule/kprobe.c @@ -0,0 +1,413 @@ +/* + * Copyright (C) 2019 Jonathan Rajotte + * + * SPDX-License-Identifier: LGPL-2.1-only + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#define IS_KPROBE_EVENT_RULE(rule) \ + (lttng_event_rule_get_type(rule) == LTTNG_EVENT_RULE_TYPE_KPROBE) + +#if (LTTNG_SYMBOL_NAME_LEN == 256) +#define LTTNG_SYMBOL_NAME_LEN_SCANF_IS_A_BROKEN_API "255" +#endif + +static void lttng_event_rule_kprobe_destroy(struct lttng_event_rule *rule) +{ + struct lttng_event_rule_kprobe *kprobe; + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + + lttng_kernel_probe_location_destroy(kprobe->location); + free(kprobe->name); + free(kprobe); +} + +static bool lttng_event_rule_kprobe_validate( + const struct lttng_event_rule *rule) +{ + bool valid = false; + struct lttng_event_rule_kprobe *kprobe; + + if (!rule) { + goto end; + } + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + + /* Required field. */ + if (!kprobe->name) { + ERR("Invalid name event rule: a name must be set."); + goto end; + } + + /* Required field. */ + if(!kprobe->location) { + ERR("Invalid name event rule: a location must be set."); + goto end; + } + + valid = true; +end: + return valid; +} + +static int lttng_event_rule_kprobe_serialize( + const struct lttng_event_rule *rule, + struct lttng_payload *payload) +{ + int ret; + size_t name_len, header_offset, size_before_location; + struct lttng_event_rule_kprobe *kprobe; + struct lttng_event_rule_kprobe_comm kprobe_comm; + struct lttng_event_rule_kprobe_comm *header; + + if (!rule || !IS_KPROBE_EVENT_RULE(rule)) { + ret = -1; + goto end; + } + + header_offset = payload->buffer.size; + + DBG("Serializing kprobe event rule."); + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + + name_len = strlen(kprobe->name) + 1; + kprobe_comm.name_len = name_len; + + ret = lttng_dynamic_buffer_append( + &payload->buffer, &kprobe_comm, sizeof(kprobe_comm)); + if (ret) { + goto end; + } + + ret = lttng_dynamic_buffer_append(&payload->buffer, kprobe->name, name_len); + if (ret) { + goto end; + } + + size_before_location = payload->buffer.size; + + ret = lttng_kernel_probe_location_serialize(kprobe->location, payload); + if (ret < 0) { + goto end; + } + + /* Update the header regarding the probe size. */ + header = (struct lttng_event_rule_kprobe_comm*) ( + (char *) payload->buffer.data + header_offset); + header->location_len = payload->buffer.size - size_before_location; + + ret = 0; + +end: + return ret; +} + +static bool lttng_event_rule_kprobe_is_equal(const struct lttng_event_rule *_a, + const struct lttng_event_rule *_b) +{ + bool is_equal = false; + struct lttng_event_rule_kprobe *a, *b; + + a = container_of(_a, struct lttng_event_rule_kprobe, parent); + b = container_of(_b, struct lttng_event_rule_kprobe, parent); + + /* Quick checks */ + if (!!a->name != !!b->name) { + goto end; + } + + /* Long check */ + assert(a->name); + assert(b->name); + if (strcmp(a->name, b->name)) { + goto end; + } + + is_equal = lttng_kernel_probe_location_is_equal( + a->location, b->location); +end: + return is_equal; +} + +static enum lttng_error_code lttng_event_rule_kprobe_generate_filter_bytecode( + struct lttng_event_rule *rule, uid_t uid, gid_t gid) +{ + /* Nothing to do. */ + return LTTNG_OK; +} + +static const char *lttng_event_rule_kprobe_get_filter( + const struct lttng_event_rule *rule) +{ + /* Not supported. */ + return NULL; +} + +static const struct lttng_filter_bytecode * +lttng_event_rule_kprobe_get_filter_bytecode(const struct lttng_event_rule *rule) +{ + /* Not supported. */ + return NULL; +} + +static struct lttng_event_exclusion * +lttng_event_rule_kprobe_generate_exclusions(const struct lttng_event_rule *rule) +{ + /* Not supported. */ + return NULL; +} + +struct lttng_event_rule *lttng_event_rule_kprobe_create() +{ + struct lttng_event_rule *rule = NULL; + struct lttng_event_rule_kprobe *krule; + + krule = zmalloc(sizeof(struct lttng_event_rule_kprobe)); + if (!krule) { + goto end; + } + + rule = &krule->parent; + lttng_event_rule_init(&krule->parent, LTTNG_EVENT_RULE_TYPE_KPROBE); + krule->parent.validate = lttng_event_rule_kprobe_validate; + krule->parent.serialize = lttng_event_rule_kprobe_serialize; + krule->parent.equal = lttng_event_rule_kprobe_is_equal; + krule->parent.destroy = lttng_event_rule_kprobe_destroy; + krule->parent.generate_filter_bytecode = + lttng_event_rule_kprobe_generate_filter_bytecode; + krule->parent.get_filter = lttng_event_rule_kprobe_get_filter; + krule->parent.get_filter_bytecode = + lttng_event_rule_kprobe_get_filter_bytecode; + krule->parent.generate_exclusions = + lttng_event_rule_kprobe_generate_exclusions; +end: + return rule; +} + +LTTNG_HIDDEN +ssize_t lttng_event_rule_kprobe_create_from_payload( + struct lttng_payload_view *view, + struct lttng_event_rule **_event_rule) +{ + ssize_t ret, offset = 0; + enum lttng_event_rule_status status; + const struct lttng_event_rule_kprobe_comm *kprobe_comm; + const char *name; + struct lttng_buffer_view current_buffer_view; + struct lttng_event_rule *rule = NULL; + struct lttng_event_rule_kprobe *kprobe = NULL; + struct lttng_kernel_probe_location *location; + + if (!_event_rule) { + ret = -1; + goto end; + } + + if (view->buffer.size < sizeof(*kprobe_comm)) { + ERR("Failed to initialize from malformed event rule kprobe: buffer too short to contain header."); + ret = -1; + goto end; + } + + current_buffer_view = lttng_buffer_view_from_view( + &view->buffer, offset, sizeof(*kprobe_comm)); + kprobe_comm = (typeof(kprobe_comm)) current_buffer_view.data; + if (!kprobe_comm) { + ret = -1; + goto end; + } + + rule = lttng_event_rule_kprobe_create(); + if (!rule) { + ERR("Failed to create event rule kprobe."); + ret = -1; + goto end; + } + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + + /* Skip to payload */ + offset += current_buffer_view.size; + + { + /* Map the name. */ + struct lttng_payload_view current_payload_view = + lttng_payload_view_from_view(view, offset, + kprobe_comm->name_len); + + name = current_payload_view.buffer.data; + if (!name) { + ret = -1; + goto end; + } + + if (!lttng_buffer_view_contains_string( + ¤t_payload_view.buffer, name, + kprobe_comm->name_len)) { + ret = -1; + goto end; + } + } + + /* Skip after the name. */ + offset += kprobe_comm->name_len; + + /* Map the kernel probe location. */ + { + struct lttng_payload_view current_payload_view = + lttng_payload_view_from_view(view, offset, + kprobe_comm->location_len); + + ret = lttng_kernel_probe_location_create_from_payload( + ¤t_payload_view, &location); + if (ret < 0) { + ret = -1; + goto end; + } + } + + if (ret != kprobe_comm->location_len) { + ret = -1; + goto end; + } + + kprobe->location = location; + + /* Skip after the location */ + offset += kprobe_comm->location_len; + + status = lttng_event_rule_kprobe_set_name(rule, name); + if (status != LTTNG_EVENT_RULE_STATUS_OK) { + ERR("Failed to set event rule kprobe name."); + ret = -1; + goto end; + } + + *_event_rule = rule; + rule = NULL; + ret = offset; +end: + lttng_event_rule_destroy(rule); + return ret; +} + +enum lttng_event_rule_status lttng_event_rule_kprobe_set_location( + struct lttng_event_rule *rule, + const struct lttng_kernel_probe_location *location) +{ + struct lttng_kernel_probe_location *location_copy = NULL; + struct lttng_event_rule_kprobe *kprobe; + enum lttng_event_rule_status status = LTTNG_EVENT_RULE_STATUS_OK; + + if (!rule || !IS_KPROBE_EVENT_RULE(rule) || !location) { + status = LTTNG_EVENT_RULE_STATUS_INVALID; + goto end; + } + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + location_copy = lttng_kernel_probe_location_copy(location); + if (!location_copy) { + status = LTTNG_EVENT_RULE_STATUS_ERROR; + goto end; + } + + if (kprobe->location) { + lttng_kernel_probe_location_destroy(kprobe->location); + } + + kprobe->location = location_copy; + location_copy = NULL; +end: + lttng_kernel_probe_location_destroy(location_copy); + return status; +} + +enum lttng_event_rule_status lttng_event_rule_kprobe_get_location( + const struct lttng_event_rule *rule, + const struct lttng_kernel_probe_location **location) +{ + enum lttng_event_rule_status status = LTTNG_EVENT_RULE_STATUS_OK; + struct lttng_event_rule_kprobe *kprobe; + + if (!rule || !IS_KPROBE_EVENT_RULE(rule) || !location) { + status = LTTNG_EVENT_RULE_STATUS_INVALID; + goto end; + } + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + *location = kprobe->location; + + if (!*location) { + status = LTTNG_EVENT_RULE_STATUS_UNSET; + goto end; + } + +end: + return status; +} + +enum lttng_event_rule_status lttng_event_rule_kprobe_set_name( + struct lttng_event_rule *rule, const char *name) +{ + char *name_copy = NULL; + struct lttng_event_rule_kprobe *kprobe; + enum lttng_event_rule_status status = LTTNG_EVENT_RULE_STATUS_OK; + + if (!rule || !IS_KPROBE_EVENT_RULE(rule) || !name || + strlen(name) == 0) { + status = LTTNG_EVENT_RULE_STATUS_INVALID; + goto end; + } + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + name_copy = strdup(name); + if (!name_copy) { + status = LTTNG_EVENT_RULE_STATUS_ERROR; + goto end; + } + + free(kprobe->name); + + kprobe->name = name_copy; + name_copy = NULL; +end: + return status; +} + +enum lttng_event_rule_status lttng_event_rule_kprobe_get_name( + const struct lttng_event_rule *rule, const char **name) +{ + struct lttng_event_rule_kprobe *kprobe; + enum lttng_event_rule_status status = LTTNG_EVENT_RULE_STATUS_OK; + + if (!rule || !IS_KPROBE_EVENT_RULE(rule) || !name) { + status = LTTNG_EVENT_RULE_STATUS_INVALID; + goto end; + } + + kprobe = container_of(rule, struct lttng_event_rule_kprobe, parent); + if (!kprobe->name) { + status = LTTNG_EVENT_RULE_STATUS_UNSET; + goto end; + } + + *name = kprobe->name; +end: + return status; +} diff --git a/src/common/kernel-probe.c b/src/common/kernel-probe.c index 1934a76b1..9a84727ca 100644 --- a/src/common/kernel-probe.c +++ b/src/common/kernel-probe.c @@ -99,7 +99,7 @@ lttng_kernel_probe_location_address_create(uint64_t address) location = zmalloc(sizeof(*location)); if (!location) { - PERROR("Error allocating userspace probe location"); + PERROR("Error allocating userspace probe location."); goto end; } @@ -562,3 +562,110 @@ bool lttng_kernel_probe_location_is_equal( end: return is_equal; } + +static struct lttng_kernel_probe_location * +lttng_kernel_probe_location_symbol_copy( + const struct lttng_kernel_probe_location *location) +{ + struct lttng_kernel_probe_location *new_location = NULL; + struct lttng_kernel_probe_location_symbol *symbol_location; + enum lttng_kernel_probe_location_status status; + const char *symbol_name = NULL; + uint64_t offset; + + assert(location); + assert(location->type == LTTNG_KERNEL_PROBE_LOCATION_TYPE_SYMBOL_OFFSET); + symbol_location = container_of( + location, typeof(*symbol_location), parent); + + /* Get probe location offset */ + status = lttng_kernel_probe_location_symbol_get_offset(location, &offset); + if (status != LTTNG_KERNEL_PROBE_LOCATION_STATUS_OK) { + ERR("Get kernel probe location offset failed."); + goto error; + } + + symbol_name = lttng_kernel_probe_location_symbol_get_name(location); + if (!symbol_name) { + ERR("Kernel probe symbol name is NULL."); + goto error; + } + + /* Create the probe_location */ + new_location = lttng_kernel_probe_location_symbol_create( + symbol_name, offset); + + goto end; + +error: + new_location = NULL; +end: + return new_location; +} +static struct lttng_kernel_probe_location * +lttng_kernel_probe_location_address_copy( + const struct lttng_kernel_probe_location *location) +{ + struct lttng_kernel_probe_location *new_location = NULL; + struct lttng_kernel_probe_location_address *address_location; + enum lttng_kernel_probe_location_status status; + uint64_t address; + + assert(location); + assert(location->type == LTTNG_KERNEL_PROBE_LOCATION_TYPE_ADDRESS); + address_location = container_of( + location, typeof(*address_location), parent); + + + /* Get probe location fields */ + status = lttng_kernel_probe_location_address_get_address(location, &address); + if (status != LTTNG_KERNEL_PROBE_LOCATION_STATUS_OK) { + ERR("Get kernel probe address failed."); + goto error; + } + + /* Create the probe_location */ + new_location = lttng_kernel_probe_location_address_create(address); + + goto end; + +error: + new_location = NULL; +end: + return new_location; +} + +LTTNG_HIDDEN +struct lttng_kernel_probe_location *lttng_kernel_probe_location_copy( + const struct lttng_kernel_probe_location *location) +{ + struct lttng_kernel_probe_location *new_location = NULL; + enum lttng_kernel_probe_location_type type; + + if (!location) { + goto err; + } + + type = lttng_kernel_probe_location_get_type(location); + switch (type) { + case LTTNG_KERNEL_PROBE_LOCATION_TYPE_ADDRESS: + new_location = + lttng_kernel_probe_location_address_copy(location); + if (!new_location) { + goto err; + } + break; + case LTTNG_KERNEL_PROBE_LOCATION_TYPE_SYMBOL_OFFSET: + new_location = + lttng_kernel_probe_location_symbol_copy(location); + if (!new_location) { + goto err; + } + break; + default: + new_location = NULL; + goto err; + } +err: + return new_location; +} -- 2.34.1