4 * LTTng syscall probes.
6 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; only
11 * version 2.1 of the License.
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
23 #include <linux/module.h>
24 #include <linux/slab.h>
25 #include <linux/compat.h>
26 #include <linux/err.h>
27 #include <linux/bitmap.h>
29 #include <linux/in6.h>
30 #include <linux/seq_file.h>
31 #include <linux/stringify.h>
32 #include <linux/file.h>
33 #include <linux/anon_inodes.h>
34 #include <asm/ptrace.h>
35 #include <asm/syscall.h>
37 #include <lib/bitfield.h>
38 #include <wrapper/tracepoint.h>
39 #include <wrapper/file.h>
40 #include <wrapper/rcu.h>
41 #include <wrapper/syscall.h>
42 #include <lttng-events.h>
45 # ifndef is_compat_task
46 # define is_compat_task() (0)
50 /* in_compat_syscall appears in kernel 4.6. */
51 #ifndef in_compat_syscall
52 #define in_compat_syscall() is_compat_task()
62 #define SYSCALL_ENTRY_TOK syscall_entry_
63 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
64 #define SYSCALL_EXIT_TOK syscall_exit_
65 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
67 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
68 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
69 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
70 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
73 void syscall_entry_probe(void *__data
, struct pt_regs
*regs
, long id
);
75 void syscall_exit_probe(void *__data
, struct pt_regs
*regs
, long ret
);
78 * Forward declarations for old kernels.
82 struct oldold_utsname
;
84 struct sel_arg_struct
;
85 struct mmap_arg_struct
;
89 #ifdef IA32_NR_syscalls
90 #define NR_compat_syscalls IA32_NR_syscalls
92 #define NR_compat_syscalls NR_syscalls
96 * Create LTTng tracepoint probes.
98 #define LTTNG_PACKAGE_BUILD
99 #define CREATE_TRACE_POINTS
100 #define TP_MODULE_NOINIT
101 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
103 #define PARAMS(args...) args
105 /* Handle unknown syscalls */
107 #define TRACE_SYSTEM syscalls_unknown
108 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
116 #define sc_in(...) __VA_ARGS__
120 #define sc_inout(...) __VA_ARGS__
122 /* Hijack probe callback for system call enter */
124 #define TP_PROBE_CB(_template) &syscall_entry_probe
125 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
126 LTTNG_TRACEPOINT_EVENT(syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
128 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
129 LTTNG_TRACEPOINT_EVENT_CODE(syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
130 PARAMS(_locvar), PARAMS(_code_pre), \
131 PARAMS(_fields), PARAMS(_code_post))
132 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
133 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(syscall_entry_##_name, PARAMS(_fields))
134 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
135 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(syscall_entry_##_template, syscall_entry_##_name)
136 /* Enumerations only defined at first inclusion. */
137 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values) \
138 LTTNG_TRACEPOINT_ENUM(_name, PARAMS(_values))
140 #define TRACE_SYSTEM syscall_entry_integers
141 #define TRACE_INCLUDE_FILE syscalls_integers
142 #include <instrumentation/syscalls/headers/syscalls_integers.h>
143 #undef TRACE_INCLUDE_FILE
145 #define TRACE_SYSTEM syscall_entry_pointers
146 #define TRACE_INCLUDE_FILE syscalls_pointers
147 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
148 #undef TRACE_INCLUDE_FILE
150 #undef SC_LTTNG_TRACEPOINT_ENUM
151 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
152 #undef SC_LTTNG_TRACEPOINT_EVENT
153 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
154 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
156 #undef _TRACE_SYSCALLS_INTEGERS_H
157 #undef _TRACE_SYSCALLS_POINTERS_H
159 /* Hijack probe callback for compat system call enter */
160 #define TP_PROBE_CB(_template) &syscall_entry_probe
161 #define LTTNG_SC_COMPAT
162 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
163 LTTNG_TRACEPOINT_EVENT(compat_syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
165 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
166 LTTNG_TRACEPOINT_EVENT_CODE(compat_syscall_entry_##_name, PARAMS(_proto), PARAMS(_args), \
167 PARAMS(_locvar), PARAMS(_code_pre), PARAMS(_fields), PARAMS(_code_post))
168 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
169 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(compat_syscall_entry_##_name, PARAMS(_fields))
170 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
171 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(compat_syscall_entry_##_template, \
172 compat_syscall_entry_##_name)
173 /* Enumerations only defined at inital inclusion (not here). */
174 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values)
175 #define TRACE_SYSTEM compat_syscall_entry_integers
176 #define TRACE_INCLUDE_FILE compat_syscalls_integers
177 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
178 #undef TRACE_INCLUDE_FILE
180 #define TRACE_SYSTEM compat_syscall_entry_pointers
181 #define TRACE_INCLUDE_FILE compat_syscalls_pointers
182 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
183 #undef TRACE_INCLUDE_FILE
185 #undef SC_LTTNG_TRACEPOINT_ENUM
186 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
187 #undef SC_LTTNG_TRACEPOINT_EVENT
188 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
189 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
191 #undef _TRACE_SYSCALLS_INTEGERS_H
192 #undef _TRACE_SYSCALLS_POINTERS_H
193 #undef LTTNG_SC_COMPAT
200 #define sc_exit(...) __VA_ARGS__
204 #define sc_out(...) __VA_ARGS__
206 #define sc_inout(...) __VA_ARGS__
208 /* Hijack probe callback for system call exit */
209 #define TP_PROBE_CB(_template) &syscall_exit_probe
210 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
211 LTTNG_TRACEPOINT_EVENT(syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
213 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
214 LTTNG_TRACEPOINT_EVENT_CODE(syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
215 PARAMS(_locvar), PARAMS(_code_pre), PARAMS(_fields), PARAMS(_code_post))
216 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
217 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(syscall_exit_##_name, PARAMS(_fields))
218 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
219 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(syscall_exit_##_template, \
220 syscall_exit_##_name)
221 /* Enumerations only defined at inital inclusion (not here). */
222 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values)
223 #define TRACE_SYSTEM syscall_exit_integers
224 #define TRACE_INCLUDE_FILE syscalls_integers
225 #include <instrumentation/syscalls/headers/syscalls_integers.h>
226 #undef TRACE_INCLUDE_FILE
228 #define TRACE_SYSTEM syscall_exit_pointers
229 #define TRACE_INCLUDE_FILE syscalls_pointers
230 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
231 #undef TRACE_INCLUDE_FILE
233 #undef SC_LTTNG_TRACEPOINT_ENUM
234 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
235 #undef SC_LTTNG_TRACEPOINT_EVENT
236 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
237 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
239 #undef _TRACE_SYSCALLS_INTEGERS_H
240 #undef _TRACE_SYSCALLS_POINTERS_H
243 /* Hijack probe callback for compat system call exit */
244 #define TP_PROBE_CB(_template) &syscall_exit_probe
245 #define LTTNG_SC_COMPAT
246 #define SC_LTTNG_TRACEPOINT_EVENT(_name, _proto, _args, _fields) \
247 LTTNG_TRACEPOINT_EVENT(compat_syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
249 #define SC_LTTNG_TRACEPOINT_EVENT_CODE(_name, _proto, _args, _locvar, _code_pre, _fields, _code_post) \
250 LTTNG_TRACEPOINT_EVENT_CODE(compat_syscall_exit_##_name, PARAMS(_proto), PARAMS(_args), \
251 PARAMS(_locvar), PARAMS(_code_pre), PARAMS(_fields), PARAMS(_code_post))
252 #define SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(_name, _fields) \
253 LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS(compat_syscall_exit_##_name, PARAMS(_fields))
254 #define SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(_template, _name) \
255 LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS(compat_syscall_exit_##_template, \
256 compat_syscall_exit_##_name)
257 /* Enumerations only defined at inital inclusion (not here). */
258 #define SC_LTTNG_TRACEPOINT_ENUM(_name, _values)
259 #define TRACE_SYSTEM compat_syscall_exit_integers
260 #define TRACE_INCLUDE_FILE compat_syscalls_integers
261 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
262 #undef TRACE_INCLUDE_FILE
264 #define TRACE_SYSTEM compat_syscall_exit_pointers
265 #define TRACE_INCLUDE_FILE compat_syscalls_pointers
266 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
267 #undef TRACE_INCLUDE_FILE
269 #undef SC_LTTNG_TRACEPOINT_ENUM
270 #undef SC_LTTNG_TRACEPOINT_EVENT_CODE
271 #undef SC_LTTNG_TRACEPOINT_EVENT
272 #undef SC_LTTNG_TRACEPOINT_EVENT_CLASS_NOARGS
273 #undef SC_LTTNG_TRACEPOINT_EVENT_INSTANCE_NOARGS
275 #undef _TRACE_SYSCALLS_INTEGERS_H
276 #undef _TRACE_SYSCALLS_POINTERS_H
277 #undef LTTNG_SC_COMPAT
281 #undef TP_MODULE_NOINIT
282 #undef LTTNG_PACKAGE_BUILD
283 #undef CREATE_TRACE_POINTS
285 struct trace_syscall_entry
{
287 const struct lttng_event_desc
*desc
;
288 const struct lttng_event_field
*fields
;
292 #define CREATE_SYSCALL_TABLE
299 #undef TRACE_SYSCALL_TABLE
300 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
302 .func = __event_probe__syscall_entry_##_template, \
303 .nrargs = (_nrargs), \
304 .fields = __event_fields___syscall_entry_##_template, \
305 .desc = &__event_desc___syscall_entry_##_name, \
308 /* Syscall enter tracing table */
309 static const struct trace_syscall_entry sc_table
[] = {
310 #include <instrumentation/syscalls/headers/syscalls_integers.h>
311 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
314 #undef TRACE_SYSCALL_TABLE
315 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
317 .func = __event_probe__compat_syscall_entry_##_template, \
318 .nrargs = (_nrargs), \
319 .fields = __event_fields___compat_syscall_entry_##_template, \
320 .desc = &__event_desc___compat_syscall_entry_##_name, \
323 /* Compat syscall enter table */
324 const struct trace_syscall_entry compat_sc_table
[] = {
325 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
326 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
334 #define sc_exit(...) __VA_ARGS__
336 #undef TRACE_SYSCALL_TABLE
337 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
339 .func = __event_probe__syscall_exit_##_template, \
340 .nrargs = (_nrargs), \
341 .fields = __event_fields___syscall_exit_##_template, \
342 .desc = &__event_desc___syscall_exit_##_name, \
345 /* Syscall exit table */
346 static const struct trace_syscall_entry sc_exit_table
[] = {
347 #include <instrumentation/syscalls/headers/syscalls_integers.h>
348 #include <instrumentation/syscalls/headers/syscalls_pointers.h>
351 #undef TRACE_SYSCALL_TABLE
352 #define TRACE_SYSCALL_TABLE(_template, _name, _nr, _nrargs) \
354 .func = __event_probe__compat_syscall_exit_##_template, \
355 .nrargs = (_nrargs), \
356 .fields = __event_fields___compat_syscall_exit_##_template, \
357 .desc = &__event_desc___compat_syscall_exit_##_name, \
360 /* Compat syscall exit table */
361 const struct trace_syscall_entry compat_sc_exit_table
[] = {
362 #include <instrumentation/syscalls/headers/compat_syscalls_integers.h>
363 #include <instrumentation/syscalls/headers/compat_syscalls_pointers.h>
368 #undef CREATE_SYSCALL_TABLE
370 struct lttng_syscall_filter
{
371 DECLARE_BITMAP(sc
, NR_syscalls
);
372 DECLARE_BITMAP(sc_compat
, NR_compat_syscalls
);
375 static void syscall_entry_unknown(struct lttng_event
*event
,
376 struct pt_regs
*regs
, unsigned int id
)
378 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
380 lttng_syscall_get_arguments(current
, regs
, args
);
381 if (unlikely(in_compat_syscall()))
382 __event_probe__compat_syscall_entry_unknown(event
, id
, args
);
384 __event_probe__syscall_entry_unknown(event
, id
, args
);
387 void syscall_entry_probe(void *__data
, struct pt_regs
*regs
, long id
)
389 struct lttng_channel
*chan
= __data
;
390 struct lttng_event
*event
, *unknown_event
;
391 const struct trace_syscall_entry
*table
, *entry
;
394 if (unlikely(in_compat_syscall())) {
395 struct lttng_syscall_filter
*filter
;
397 filter
= lttng_rcu_dereference(chan
->sc_filter
);
399 if (id
< 0 || id
>= NR_compat_syscalls
400 || !test_bit(id
, filter
->sc_compat
)) {
401 /* System call filtered out. */
405 table
= compat_sc_table
;
406 table_len
= ARRAY_SIZE(compat_sc_table
);
407 unknown_event
= chan
->sc_compat_unknown
;
409 struct lttng_syscall_filter
*filter
;
411 filter
= lttng_rcu_dereference(chan
->sc_filter
);
413 if (id
< 0 || id
>= NR_syscalls
414 || !test_bit(id
, filter
->sc
)) {
415 /* System call filtered out. */
420 table_len
= ARRAY_SIZE(sc_table
);
421 unknown_event
= chan
->sc_unknown
;
423 if (unlikely(id
< 0 || id
>= table_len
)) {
424 syscall_entry_unknown(unknown_event
, regs
, id
);
427 if (unlikely(in_compat_syscall()))
428 event
= chan
->compat_sc_table
[id
];
430 event
= chan
->sc_table
[id
];
431 if (unlikely(!event
)) {
432 syscall_entry_unknown(unknown_event
, regs
, id
);
436 WARN_ON_ONCE(!entry
);
438 switch (entry
->nrargs
) {
441 void (*fptr
)(void *__data
) = entry
->func
;
448 void (*fptr
)(void *__data
, unsigned long arg0
) = entry
->func
;
449 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
451 lttng_syscall_get_arguments(current
, regs
, args
);
452 fptr(event
, args
[0]);
457 void (*fptr
)(void *__data
,
459 unsigned long arg1
) = entry
->func
;
460 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
462 lttng_syscall_get_arguments(current
, regs
, args
);
463 fptr(event
, args
[0], args
[1]);
468 void (*fptr
)(void *__data
,
471 unsigned long arg2
) = entry
->func
;
472 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
474 lttng_syscall_get_arguments(current
, regs
, args
);
475 fptr(event
, args
[0], args
[1], args
[2]);
480 void (*fptr
)(void *__data
,
484 unsigned long arg3
) = entry
->func
;
485 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
487 lttng_syscall_get_arguments(current
, regs
, args
);
488 fptr(event
, args
[0], args
[1], args
[2], args
[3]);
493 void (*fptr
)(void *__data
,
498 unsigned long arg4
) = entry
->func
;
499 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
501 lttng_syscall_get_arguments(current
, regs
, args
);
502 fptr(event
, args
[0], args
[1], args
[2], args
[3], args
[4]);
507 void (*fptr
)(void *__data
,
513 unsigned long arg5
) = entry
->func
;
514 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
516 lttng_syscall_get_arguments(current
, regs
, args
);
517 fptr(event
, args
[0], args
[1], args
[2],
518 args
[3], args
[4], args
[5]);
526 static void syscall_exit_unknown(struct lttng_event
*event
,
527 struct pt_regs
*regs
, int id
, long ret
)
529 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
531 lttng_syscall_get_arguments(current
, regs
, args
);
532 if (unlikely(in_compat_syscall()))
533 __event_probe__compat_syscall_exit_unknown(event
, id
, ret
,
536 __event_probe__syscall_exit_unknown(event
, id
, ret
, args
);
539 void syscall_exit_probe(void *__data
, struct pt_regs
*regs
, long ret
)
541 struct lttng_channel
*chan
= __data
;
542 struct lttng_event
*event
, *unknown_event
;
543 const struct trace_syscall_entry
*table
, *entry
;
547 id
= syscall_get_nr(current
, regs
);
548 if (unlikely(in_compat_syscall())) {
549 struct lttng_syscall_filter
*filter
;
551 filter
= lttng_rcu_dereference(chan
->sc_filter
);
553 if (id
< 0 || id
>= NR_compat_syscalls
554 || !test_bit(id
, filter
->sc_compat
)) {
555 /* System call filtered out. */
559 table
= compat_sc_exit_table
;
560 table_len
= ARRAY_SIZE(compat_sc_exit_table
);
561 unknown_event
= chan
->compat_sc_exit_unknown
;
563 struct lttng_syscall_filter
*filter
;
565 filter
= lttng_rcu_dereference(chan
->sc_filter
);
567 if (id
< 0 || id
>= NR_syscalls
568 || !test_bit(id
, filter
->sc
)) {
569 /* System call filtered out. */
573 table
= sc_exit_table
;
574 table_len
= ARRAY_SIZE(sc_exit_table
);
575 unknown_event
= chan
->sc_exit_unknown
;
577 if (unlikely(id
< 0 || id
>= table_len
)) {
578 syscall_exit_unknown(unknown_event
, regs
, id
, ret
);
581 if (unlikely(in_compat_syscall()))
582 event
= chan
->compat_sc_exit_table
[id
];
584 event
= chan
->sc_exit_table
[id
];
585 if (unlikely(!event
)) {
586 syscall_exit_unknown(unknown_event
, regs
, id
, ret
);
590 WARN_ON_ONCE(!entry
);
592 switch (entry
->nrargs
) {
595 void (*fptr
)(void *__data
, long ret
) = entry
->func
;
602 void (*fptr
)(void *__data
,
604 unsigned long arg0
) = entry
->func
;
605 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
607 lttng_syscall_get_arguments(current
, regs
, args
);
608 fptr(event
, ret
, args
[0]);
613 void (*fptr
)(void *__data
,
616 unsigned long arg1
) = entry
->func
;
617 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
619 lttng_syscall_get_arguments(current
, regs
, args
);
620 fptr(event
, ret
, args
[0], args
[1]);
625 void (*fptr
)(void *__data
,
629 unsigned long arg2
) = entry
->func
;
630 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
632 lttng_syscall_get_arguments(current
, regs
, args
);
633 fptr(event
, ret
, args
[0], args
[1], args
[2]);
638 void (*fptr
)(void *__data
,
643 unsigned long arg3
) = entry
->func
;
644 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
646 lttng_syscall_get_arguments(current
, regs
, args
);
647 fptr(event
, ret
, args
[0], args
[1], args
[2], args
[3]);
652 void (*fptr
)(void *__data
,
658 unsigned long arg4
) = entry
->func
;
659 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
661 lttng_syscall_get_arguments(current
, regs
, args
);
662 fptr(event
, ret
, args
[0], args
[1], args
[2], args
[3], args
[4]);
667 void (*fptr
)(void *__data
,
674 unsigned long arg5
) = entry
->func
;
675 unsigned long args
[LTTNG_SYSCALL_NR_ARGS
];
677 lttng_syscall_get_arguments(current
, regs
, args
);
678 fptr(event
, ret
, args
[0], args
[1], args
[2],
679 args
[3], args
[4], args
[5]);
688 * noinline to diminish caller stack size.
689 * Should be called with sessions lock held.
692 int fill_table(const struct trace_syscall_entry
*table
, size_t table_len
,
693 struct lttng_event
**chan_table
, struct lttng_channel
*chan
,
694 void *filter
, enum sc_type type
)
696 const struct lttng_event_desc
*desc
;
699 /* Allocate events for each syscall, insert into table */
700 for (i
= 0; i
< table_len
; i
++) {
701 struct lttng_kernel_event ev
;
702 desc
= table
[i
].desc
;
705 /* Unknown syscall */
709 * Skip those already populated by previous failed
710 * register for this channel.
714 memset(&ev
, 0, sizeof(ev
));
717 strncpy(ev
.name
, SYSCALL_ENTRY_STR
,
718 LTTNG_KERNEL_SYM_NAME_LEN
);
721 strncpy(ev
.name
, SYSCALL_EXIT_STR
,
722 LTTNG_KERNEL_SYM_NAME_LEN
);
724 case SC_TYPE_COMPAT_ENTRY
:
725 strncpy(ev
.name
, COMPAT_SYSCALL_ENTRY_STR
,
726 LTTNG_KERNEL_SYM_NAME_LEN
);
728 case SC_TYPE_COMPAT_EXIT
:
729 strncpy(ev
.name
, COMPAT_SYSCALL_EXIT_STR
,
730 LTTNG_KERNEL_SYM_NAME_LEN
);
736 strncat(ev
.name
, desc
->name
,
737 LTTNG_KERNEL_SYM_NAME_LEN
- strlen(ev
.name
) - 1);
738 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
739 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
740 chan_table
[i
] = _lttng_event_create(chan
, &ev
, filter
,
741 desc
, ev
.instrumentation
);
742 WARN_ON_ONCE(!chan_table
[i
]);
743 if (IS_ERR(chan_table
[i
])) {
745 * If something goes wrong in event registration
746 * after the first one, we have no choice but to
747 * leave the previous events in there, until
748 * deleted by session teardown.
750 return PTR_ERR(chan_table
[i
]);
757 * Should be called with sessions lock held.
759 int lttng_syscalls_register(struct lttng_channel
*chan
, void *filter
)
761 struct lttng_kernel_event ev
;
764 wrapper_vmalloc_sync_all();
766 if (!chan
->sc_table
) {
767 /* create syscall table mapping syscall to events */
768 chan
->sc_table
= kzalloc(sizeof(struct lttng_event
*)
769 * ARRAY_SIZE(sc_table
), GFP_KERNEL
);
773 if (!chan
->sc_exit_table
) {
774 /* create syscall table mapping syscall to events */
775 chan
->sc_exit_table
= kzalloc(sizeof(struct lttng_event
*)
776 * ARRAY_SIZE(sc_exit_table
), GFP_KERNEL
);
777 if (!chan
->sc_exit_table
)
783 if (!chan
->compat_sc_table
) {
784 /* create syscall table mapping compat syscall to events */
785 chan
->compat_sc_table
= kzalloc(sizeof(struct lttng_event
*)
786 * ARRAY_SIZE(compat_sc_table
), GFP_KERNEL
);
787 if (!chan
->compat_sc_table
)
791 if (!chan
->compat_sc_exit_table
) {
792 /* create syscall table mapping compat syscall to events */
793 chan
->compat_sc_exit_table
= kzalloc(sizeof(struct lttng_event
*)
794 * ARRAY_SIZE(compat_sc_exit_table
), GFP_KERNEL
);
795 if (!chan
->compat_sc_exit_table
)
799 if (!chan
->sc_unknown
) {
800 const struct lttng_event_desc
*desc
=
801 &__event_desc___syscall_entry_unknown
;
803 memset(&ev
, 0, sizeof(ev
));
804 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
805 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
806 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
807 chan
->sc_unknown
= _lttng_event_create(chan
, &ev
, filter
,
810 WARN_ON_ONCE(!chan
->sc_unknown
);
811 if (IS_ERR(chan
->sc_unknown
)) {
812 return PTR_ERR(chan
->sc_unknown
);
816 if (!chan
->sc_compat_unknown
) {
817 const struct lttng_event_desc
*desc
=
818 &__event_desc___compat_syscall_entry_unknown
;
820 memset(&ev
, 0, sizeof(ev
));
821 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
822 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
823 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
824 chan
->sc_compat_unknown
= _lttng_event_create(chan
, &ev
, filter
,
827 WARN_ON_ONCE(!chan
->sc_unknown
);
828 if (IS_ERR(chan
->sc_compat_unknown
)) {
829 return PTR_ERR(chan
->sc_compat_unknown
);
833 if (!chan
->compat_sc_exit_unknown
) {
834 const struct lttng_event_desc
*desc
=
835 &__event_desc___compat_syscall_exit_unknown
;
837 memset(&ev
, 0, sizeof(ev
));
838 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
839 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
840 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
841 chan
->compat_sc_exit_unknown
= _lttng_event_create(chan
, &ev
,
844 WARN_ON_ONCE(!chan
->compat_sc_exit_unknown
);
845 if (IS_ERR(chan
->compat_sc_exit_unknown
)) {
846 return PTR_ERR(chan
->compat_sc_exit_unknown
);
850 if (!chan
->sc_exit_unknown
) {
851 const struct lttng_event_desc
*desc
=
852 &__event_desc___syscall_exit_unknown
;
854 memset(&ev
, 0, sizeof(ev
));
855 strncpy(ev
.name
, desc
->name
, LTTNG_KERNEL_SYM_NAME_LEN
);
856 ev
.name
[LTTNG_KERNEL_SYM_NAME_LEN
- 1] = '\0';
857 ev
.instrumentation
= LTTNG_KERNEL_SYSCALL
;
858 chan
->sc_exit_unknown
= _lttng_event_create(chan
, &ev
, filter
,
859 desc
, ev
.instrumentation
);
860 WARN_ON_ONCE(!chan
->sc_exit_unknown
);
861 if (IS_ERR(chan
->sc_exit_unknown
)) {
862 return PTR_ERR(chan
->sc_exit_unknown
);
866 ret
= fill_table(sc_table
, ARRAY_SIZE(sc_table
),
867 chan
->sc_table
, chan
, filter
, SC_TYPE_ENTRY
);
870 ret
= fill_table(sc_exit_table
, ARRAY_SIZE(sc_exit_table
),
871 chan
->sc_exit_table
, chan
, filter
, SC_TYPE_EXIT
);
876 ret
= fill_table(compat_sc_table
, ARRAY_SIZE(compat_sc_table
),
877 chan
->compat_sc_table
, chan
, filter
,
878 SC_TYPE_COMPAT_ENTRY
);
881 ret
= fill_table(compat_sc_exit_table
, ARRAY_SIZE(compat_sc_exit_table
),
882 chan
->compat_sc_exit_table
, chan
, filter
,
883 SC_TYPE_COMPAT_EXIT
);
887 if (!chan
->sys_enter_registered
) {
888 ret
= lttng_wrapper_tracepoint_probe_register("sys_enter",
889 (void *) syscall_entry_probe
, chan
);
892 chan
->sys_enter_registered
= 1;
895 * We change the name of sys_exit tracepoint due to namespace
896 * conflict with sys_exit syscall entry.
898 if (!chan
->sys_exit_registered
) {
899 ret
= lttng_wrapper_tracepoint_probe_register("sys_exit",
900 (void *) syscall_exit_probe
, chan
);
902 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
903 (void *) syscall_entry_probe
, chan
));
906 chan
->sys_exit_registered
= 1;
912 * Only called at session destruction.
914 int lttng_syscalls_unregister(struct lttng_channel
*chan
)
920 if (chan
->sys_enter_registered
) {
921 ret
= lttng_wrapper_tracepoint_probe_unregister("sys_exit",
922 (void *) syscall_exit_probe
, chan
);
925 chan
->sys_enter_registered
= 0;
927 if (chan
->sys_exit_registered
) {
928 ret
= lttng_wrapper_tracepoint_probe_unregister("sys_enter",
929 (void *) syscall_entry_probe
, chan
);
932 chan
->sys_exit_registered
= 0;
934 /* lttng_event destroy will be performed by lttng_session_destroy() */
935 kfree(chan
->sc_table
);
936 kfree(chan
->sc_exit_table
);
938 kfree(chan
->compat_sc_table
);
939 kfree(chan
->compat_sc_exit_table
);
941 kfree(chan
->sc_filter
);
946 int get_syscall_nr(const char *syscall_name
)
951 for (i
= 0; i
< ARRAY_SIZE(sc_table
); i
++) {
952 const struct trace_syscall_entry
*entry
;
955 entry
= &sc_table
[i
];
958 it_name
= entry
->desc
->name
;
959 it_name
+= strlen(SYSCALL_ENTRY_STR
);
960 if (!strcmp(syscall_name
, it_name
)) {
969 int get_compat_syscall_nr(const char *syscall_name
)
974 for (i
= 0; i
< ARRAY_SIZE(compat_sc_table
); i
++) {
975 const struct trace_syscall_entry
*entry
;
978 entry
= &compat_sc_table
[i
];
981 it_name
= entry
->desc
->name
;
982 it_name
+= strlen(COMPAT_SYSCALL_ENTRY_STR
);
983 if (!strcmp(syscall_name
, it_name
)) {
992 uint32_t get_sc_tables_len(void)
994 return ARRAY_SIZE(sc_table
) + ARRAY_SIZE(compat_sc_table
);
997 int lttng_syscall_filter_enable(struct lttng_channel
*chan
,
1000 int syscall_nr
, compat_syscall_nr
, ret
;
1001 struct lttng_syscall_filter
*filter
;
1003 WARN_ON_ONCE(!chan
->sc_table
);
1006 /* Enable all system calls by removing filter */
1007 if (chan
->sc_filter
) {
1008 filter
= chan
->sc_filter
;
1009 rcu_assign_pointer(chan
->sc_filter
, NULL
);
1010 synchronize_trace();
1013 chan
->syscall_all
= 1;
1017 if (!chan
->sc_filter
) {
1018 if (chan
->syscall_all
) {
1020 * All syscalls are already enabled.
1024 filter
= kzalloc(sizeof(struct lttng_syscall_filter
),
1029 filter
= chan
->sc_filter
;
1031 syscall_nr
= get_syscall_nr(name
);
1032 compat_syscall_nr
= get_compat_syscall_nr(name
);
1033 if (syscall_nr
< 0 && compat_syscall_nr
< 0) {
1037 if (syscall_nr
>= 0) {
1038 if (test_bit(syscall_nr
, filter
->sc
)) {
1042 bitmap_set(filter
->sc
, syscall_nr
, 1);
1044 if (compat_syscall_nr
>= 0) {
1045 if (test_bit(compat_syscall_nr
, filter
->sc_compat
)) {
1049 bitmap_set(filter
->sc_compat
, compat_syscall_nr
, 1);
1051 if (!chan
->sc_filter
)
1052 rcu_assign_pointer(chan
->sc_filter
, filter
);
1056 if (!chan
->sc_filter
)
1061 int lttng_syscall_filter_disable(struct lttng_channel
*chan
,
1064 int syscall_nr
, compat_syscall_nr
, ret
;
1065 struct lttng_syscall_filter
*filter
;
1067 WARN_ON_ONCE(!chan
->sc_table
);
1069 if (!chan
->sc_filter
) {
1070 if (!chan
->syscall_all
)
1072 filter
= kzalloc(sizeof(struct lttng_syscall_filter
),
1076 /* Trace all system calls, then apply disable. */
1077 bitmap_set(filter
->sc
, 0, NR_syscalls
);
1078 bitmap_set(filter
->sc_compat
, 0, NR_compat_syscalls
);
1080 filter
= chan
->sc_filter
;
1084 /* Fail if all syscalls are already disabled. */
1085 if (bitmap_empty(filter
->sc
, NR_syscalls
)
1086 && bitmap_empty(filter
->sc_compat
,
1087 NR_compat_syscalls
)) {
1092 /* Disable all system calls */
1093 bitmap_clear(filter
->sc
, 0, NR_syscalls
);
1094 bitmap_clear(filter
->sc_compat
, 0, NR_compat_syscalls
);
1097 syscall_nr
= get_syscall_nr(name
);
1098 compat_syscall_nr
= get_compat_syscall_nr(name
);
1099 if (syscall_nr
< 0 && compat_syscall_nr
< 0) {
1103 if (syscall_nr
>= 0) {
1104 if (!test_bit(syscall_nr
, filter
->sc
)) {
1108 bitmap_clear(filter
->sc
, syscall_nr
, 1);
1110 if (compat_syscall_nr
>= 0) {
1111 if (!test_bit(compat_syscall_nr
, filter
->sc_compat
)) {
1115 bitmap_clear(filter
->sc_compat
, compat_syscall_nr
, 1);
1118 if (!chan
->sc_filter
)
1119 rcu_assign_pointer(chan
->sc_filter
, filter
);
1120 chan
->syscall_all
= 0;
1124 if (!chan
->sc_filter
)
1130 const struct trace_syscall_entry
*syscall_list_get_entry(loff_t
*pos
)
1132 const struct trace_syscall_entry
*entry
;
1135 for (entry
= sc_table
;
1136 entry
< sc_table
+ ARRAY_SIZE(sc_table
);
1141 for (entry
= compat_sc_table
;
1142 entry
< compat_sc_table
+ ARRAY_SIZE(compat_sc_table
);
1152 void *syscall_list_start(struct seq_file
*m
, loff_t
*pos
)
1154 return (void *) syscall_list_get_entry(pos
);
1158 void *syscall_list_next(struct seq_file
*m
, void *p
, loff_t
*ppos
)
1161 return (void *) syscall_list_get_entry(ppos
);
1165 void syscall_list_stop(struct seq_file
*m
, void *p
)
1170 int get_sc_table(const struct trace_syscall_entry
*entry
,
1171 const struct trace_syscall_entry
**table
,
1172 unsigned int *bitness
)
1174 if (entry
>= sc_table
&& entry
< sc_table
+ ARRAY_SIZE(sc_table
)) {
1176 *bitness
= BITS_PER_LONG
;
1181 if (!(entry
>= compat_sc_table
1182 && entry
< compat_sc_table
+ ARRAY_SIZE(compat_sc_table
))) {
1188 *table
= compat_sc_table
;
1193 int syscall_list_show(struct seq_file
*m
, void *p
)
1195 const struct trace_syscall_entry
*table
, *entry
= p
;
1196 unsigned int bitness
;
1197 unsigned long index
;
1201 ret
= get_sc_table(entry
, &table
, &bitness
);
1206 if (table
== sc_table
) {
1207 index
= entry
- table
;
1208 name
= &entry
->desc
->name
[strlen(SYSCALL_ENTRY_STR
)];
1210 index
= (entry
- table
) + ARRAY_SIZE(sc_table
);
1211 name
= &entry
->desc
->name
[strlen(COMPAT_SYSCALL_ENTRY_STR
)];
1213 seq_printf(m
, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1214 index
, name
, bitness
);
1219 const struct seq_operations lttng_syscall_list_seq_ops
= {
1220 .start
= syscall_list_start
,
1221 .next
= syscall_list_next
,
1222 .stop
= syscall_list_stop
,
1223 .show
= syscall_list_show
,
1227 int lttng_syscall_list_open(struct inode
*inode
, struct file
*file
)
1229 return seq_open(file
, <tng_syscall_list_seq_ops
);
1232 const struct file_operations lttng_syscall_list_fops
= {
1233 .owner
= THIS_MODULE
,
1234 .open
= lttng_syscall_list_open
,
1236 .llseek
= seq_lseek
,
1237 .release
= seq_release
,
1240 long lttng_channel_syscall_mask(struct lttng_channel
*channel
,
1241 struct lttng_kernel_syscall_mask __user
*usyscall_mask
)
1243 uint32_t len
, sc_tables_len
, bitmask_len
;
1246 struct lttng_syscall_filter
*filter
;
1248 ret
= get_user(len
, &usyscall_mask
->len
);
1251 sc_tables_len
= get_sc_tables_len();
1252 bitmask_len
= ALIGN(sc_tables_len
, 8) >> 3;
1253 if (len
< sc_tables_len
) {
1254 return put_user(sc_tables_len
, &usyscall_mask
->len
);
1256 /* Array is large enough, we can copy array to user-space. */
1257 tmp_mask
= kzalloc(bitmask_len
, GFP_KERNEL
);
1260 filter
= channel
->sc_filter
;
1262 for (bit
= 0; bit
< ARRAY_SIZE(sc_table
); bit
++) {
1265 if (channel
->sc_table
) {
1267 state
= test_bit(bit
, filter
->sc
);
1273 bt_bitfield_write_be(tmp_mask
, char, bit
, 1, state
);
1275 for (; bit
< sc_tables_len
; bit
++) {
1278 if (channel
->compat_sc_table
) {
1280 state
= test_bit(bit
- ARRAY_SIZE(sc_table
),
1287 bt_bitfield_write_be(tmp_mask
, char, bit
, 1, state
);
1289 if (copy_to_user(usyscall_mask
->mask
, tmp_mask
, bitmask_len
))
1295 int lttng_abi_syscall_list(void)
1297 struct file
*syscall_list_file
;
1300 file_fd
= lttng_get_unused_fd();
1306 syscall_list_file
= anon_inode_getfile("[lttng_syscall_list]",
1307 <tng_syscall_list_fops
,
1309 if (IS_ERR(syscall_list_file
)) {
1310 ret
= PTR_ERR(syscall_list_file
);
1313 ret
= lttng_syscall_list_fops
.open(NULL
, syscall_list_file
);
1316 fd_install(file_fd
, syscall_list_file
);
1320 fput(syscall_list_file
);
1322 put_unused_fd(file_fd
);