Add x86 32/64 execve syscall instrumentation override

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>

diff --git a/instrumentation/syscalls/headers/syscalls_pointers_override.h b/instrumentation/syscalls/headers/syscalls_pointers_override.h
index e464a4ee4e7a9d8f1c8ec3e584196c8ea7576dba..b52b00bceaa7383bd29a2263c633a61bcadfd1f5 100644 (file)
--- a/instrumentation/syscalls/headers/syscalls_pointers_override.h
+++ b/instrumentation/syscalls/headers/syscalls_pointers_override.h
@@ -1,4 +1,18 @@
-/*
- * This is a place-holder for override defines for system calls with
- * pointers (all architectures).
- */
+#define OVERRIDE_32_sys_execve
+#define OVERRIDE_64_sys_execve
+
+#ifndef CREATE_SYSCALL_TABLE
+
+SC_TRACE_EVENT(sys_execve,
+       TP_PROTO(const char *filename, char *const *argv, char *const *envp),
+       TP_ARGS(filename, argv, envp),
+       TP_STRUCT__entry(__string_from_user(filename, filename)
+               __field_hex(char *const *, argv)
+               __field_hex(char *const *, envp)),
+       TP_fast_assign(tp_copy_string_from_user(filename, filename)
+               tp_assign(argv, argv)
+               tp_assign(envp, envp)),
+       TP_printk()
+)
+
+#endif /* CREATE_SYSCALL_TABLE */

diff --git a/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h b/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h
index d35657c8e0ae637843371e0085060ca3d1238955..b7ed5fcac7efae1adfcb962c6cb942634827cef2 100644 (file)
--- a/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h
+++ b/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h
@@ -1,17 +1,29 @@
-#ifndef CONFIG_UID16
-
-#define OVERRIDE_32_sys_getgroups16
-#define OVERRIDE_32_sys_setgroups16
-#define OVERRIDE_32_sys_lchown16
-#define OVERRIDE_32_sys_getresuid16
-#define OVERRIDE_32_sys_getresgid16
-#define OVERRIDE_32_sys_chown16
-
-#define OVERRIDE_TABLE_32_sys_getgroups16
-#define OVERRIDE_TABLE_32_sys_setgroups16
-#define OVERRIDE_TABLE_32_sys_lchown16
-#define OVERRIDE_TABLE_32_sys_getresuid16
-#define OVERRIDE_TABLE_32_sys_getresgid16
-#define OVERRIDE_TABLE_32_sys_chown16
-
-#endif
+
+#ifndef CREATE_SYSCALL_TABLE
+
+# ifndef CONFIG_UID16
+#  define OVERRIDE_32_sys_getgroups16
+#  define OVERRIDE_32_sys_setgroups16
+#  define OVERRIDE_32_sys_lchown16
+#  define OVERRIDE_32_sys_getresuid16
+#  define OVERRIDE_32_sys_getresgid16
+#  define OVERRIDE_32_sys_chown16
+# endif
+
+#else  /* CREATE_SYSCALL_TABLE */
+
+# ifndef CONFIG_UID16
+#  define OVERRIDE_TABLE_32_sys_getgroups16
+#  define OVERRIDE_TABLE_32_sys_setgroups16
+#  define OVERRIDE_TABLE_32_sys_lchown16
+#  define OVERRIDE_TABLE_32_sys_getresuid16
+#  define OVERRIDE_TABLE_32_sys_getresgid16
+#  define OVERRIDE_TABLE_32_sys_chown16
+# endif
+
+#define OVERRIDE_TABLE_32_sys_execve
+TRACE_SYSCALL_TABLE(sys_execve, sys_execve, 11, 3)
+
+#endif /* CREATE_SYSCALL_TABLE */
+
+

diff --git a/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h b/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h
index 0cdb32a1d41e2daa8b1df196e2f9528f0cd85e1a..e993ebd6e5e393dbd49f9640d6d996b85296fcbf 100644 (file)
--- a/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h
+++ b/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h
@@ -2,4 +2,7 @@
 
 #else  /* CREATE_SYSCALL_TABLE */
 
+#define OVERRIDE_TABLE_64_sys_execve
+TRACE_SYSCALL_TABLE(sys_execve, sys_execve, 59, 3)
+
 #endif /* CREATE_SYSCALL_TABLE */