From e42e81fd8b5655247a1ed886eab109363c4fc79c Mon Sep 17 00:00:00 2001
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Thu, 2 Feb 2012 14:42:37 -0500
Subject: [PATCH] Add x86 32/64 execve syscall instrumentation override

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
---
 .../headers/syscalls_pointers_override.h      | 22 +++++++--
 ...-32-syscalls-3.1.0-rc6_pointers_override.h | 46 ++++++++++++-------
 .../x86-64-syscalls-3.0.4_pointers_override.h |  3 ++
 3 files changed, 50 insertions(+), 21 deletions(-)

diff --git a/instrumentation/syscalls/headers/syscalls_pointers_override.h b/instrumentation/syscalls/headers/syscalls_pointers_override.h
index e464a4ee..b52b00bc 100644
--- a/instrumentation/syscalls/headers/syscalls_pointers_override.h
+++ b/instrumentation/syscalls/headers/syscalls_pointers_override.h
@@ -1,4 +1,18 @@
-/*
- * This is a place-holder for override defines for system calls with
- * pointers (all architectures).
- */
+#define OVERRIDE_32_sys_execve
+#define OVERRIDE_64_sys_execve
+
+#ifndef CREATE_SYSCALL_TABLE
+
+SC_TRACE_EVENT(sys_execve,
+	TP_PROTO(const char *filename, char *const *argv, char *const *envp),
+	TP_ARGS(filename, argv, envp),
+	TP_STRUCT__entry(__string_from_user(filename, filename)
+		__field_hex(char *const *, argv)
+		__field_hex(char *const *, envp)),
+	TP_fast_assign(tp_copy_string_from_user(filename, filename)
+		tp_assign(argv, argv)
+		tp_assign(envp, envp)),
+	TP_printk()
+)
+
+#endif /* CREATE_SYSCALL_TABLE */
diff --git a/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h b/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h
index d35657c8..b7ed5fca 100644
--- a/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h
+++ b/instrumentation/syscalls/headers/x86-32-syscalls-3.1.0-rc6_pointers_override.h
@@ -1,17 +1,29 @@
-#ifndef CONFIG_UID16
-
-#define OVERRIDE_32_sys_getgroups16
-#define OVERRIDE_32_sys_setgroups16
-#define OVERRIDE_32_sys_lchown16
-#define OVERRIDE_32_sys_getresuid16
-#define OVERRIDE_32_sys_getresgid16
-#define OVERRIDE_32_sys_chown16
-
-#define OVERRIDE_TABLE_32_sys_getgroups16
-#define OVERRIDE_TABLE_32_sys_setgroups16
-#define OVERRIDE_TABLE_32_sys_lchown16
-#define OVERRIDE_TABLE_32_sys_getresuid16
-#define OVERRIDE_TABLE_32_sys_getresgid16
-#define OVERRIDE_TABLE_32_sys_chown16
-
-#endif
+
+#ifndef CREATE_SYSCALL_TABLE
+
+# ifndef CONFIG_UID16
+#  define OVERRIDE_32_sys_getgroups16
+#  define OVERRIDE_32_sys_setgroups16
+#  define OVERRIDE_32_sys_lchown16
+#  define OVERRIDE_32_sys_getresuid16
+#  define OVERRIDE_32_sys_getresgid16
+#  define OVERRIDE_32_sys_chown16
+# endif
+
+#else	/* CREATE_SYSCALL_TABLE */
+
+# ifndef CONFIG_UID16
+#  define OVERRIDE_TABLE_32_sys_getgroups16
+#  define OVERRIDE_TABLE_32_sys_setgroups16
+#  define OVERRIDE_TABLE_32_sys_lchown16
+#  define OVERRIDE_TABLE_32_sys_getresuid16
+#  define OVERRIDE_TABLE_32_sys_getresgid16
+#  define OVERRIDE_TABLE_32_sys_chown16
+# endif
+
+#define OVERRIDE_TABLE_32_sys_execve
+TRACE_SYSCALL_TABLE(sys_execve, sys_execve, 11, 3)
+
+#endif /* CREATE_SYSCALL_TABLE */
+
+
diff --git a/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h b/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h
index 0cdb32a1..e993ebd6 100644
--- a/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h
+++ b/instrumentation/syscalls/headers/x86-64-syscalls-3.0.4_pointers_override.h
@@ -2,4 +2,7 @@
 
 #else	/* CREATE_SYSCALL_TABLE */
 
+#define OVERRIDE_TABLE_64_sys_execve
+TRACE_SYSCALL_TABLE(sys_execve, sys_execve, 59, 3)
+
 #endif /* CREATE_SYSCALL_TABLE */
-- 
2.34.1