projects / lttng-modules.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Rename event/notifier enabler base field to parent
[lttng-modules.git] / src / lttng-syscalls.c
1 /* SPDX-License-Identifier: (GPL-2.0-only or LGPL-2.1-only)
2 *
3 * lttng-syscalls.c
4 *
5 * LTTng syscall probes.
6 *
7 * Copyright (C) 2010-2012 Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
8 */
9
10 #include <linux/module.h>
11 #include <linux/slab.h>
12 #include <linux/compat.h>
13 #include <linux/err.h>
14 #include <linux/bitmap.h>
15 #include <linux/in.h>
16 #include <linux/in6.h>
17 #include <linux/seq_file.h>
18 #include <linux/stringify.h>
19 #include <linux/file.h>
20 #include <linux/anon_inodes.h>
21 #include <linux/fcntl.h>
22 #include <linux/mman.h>
23 #include <asm/ptrace.h>
24 #include <asm/syscall.h>
25
26 #include <lttng/bitfield.h>
27 #include <wrapper/tracepoint.h>
28 #include <wrapper/file.h>
29 #include <wrapper/rcu.h>
30 #include <wrapper/syscall.h>
31 #include <lttng/events.h>
32 #include <lttng/events-internal.h>
33 #include <lttng/utils.h>
34
35 #include "lttng-syscalls.h"
36
37 #ifndef CONFIG_COMPAT
38 # ifndef is_compat_task
39 # define is_compat_task() (0)
40 # endif
41 #endif
42
43 /* in_compat_syscall appears in kernel 4.6. */
44 #ifndef in_compat_syscall
45 #define in_compat_syscall() is_compat_task()
46 #endif
47
48 enum sc_type {
49 SC_TYPE_ENTRY,
50 SC_TYPE_EXIT,
51 SC_TYPE_COMPAT_ENTRY,
52 SC_TYPE_COMPAT_EXIT,
53 };
54
55 #define SYSCALL_ENTRY_TOK syscall_entry_
56 #define COMPAT_SYSCALL_ENTRY_TOK compat_syscall_entry_
57 #define SYSCALL_EXIT_TOK syscall_exit_
58 #define COMPAT_SYSCALL_EXIT_TOK compat_syscall_exit_
59
60 #define SYSCALL_ENTRY_STR __stringify(SYSCALL_ENTRY_TOK)
61 #define COMPAT_SYSCALL_ENTRY_STR __stringify(COMPAT_SYSCALL_ENTRY_TOK)
62 #define SYSCALL_EXIT_STR __stringify(SYSCALL_EXIT_TOK)
63 #define COMPAT_SYSCALL_EXIT_STR __stringify(COMPAT_SYSCALL_EXIT_TOK)
64
65 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id);
66 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret);
67
68 void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs,
69 long id);
70 void syscall_exit_event_notifier_probe(void *__data, struct pt_regs *regs,
71 long ret);
72
73 /*
74 * Forward declarations for old kernels.
75 */
76 struct mmsghdr;
77 struct rlimit64;
78 struct oldold_utsname;
79 struct old_utsname;
80 struct sel_arg_struct;
81 struct mmap_arg_struct;
82 struct file_handle;
83 struct user_msghdr;
84
85 /*
86 * Forward declaration for kernels >= 5.6
87 */
88 struct timex;
89 struct timeval;
90 struct itimerval;
91 struct itimerspec;
92
93 #if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(5,6,0))
94 typedef __kernel_old_time_t time_t;
95 #endif
96
97 #ifdef IA32_NR_syscalls
98 #define NR_compat_syscalls IA32_NR_syscalls
99 #else
100 #define NR_compat_syscalls NR_syscalls
101 #endif
102
103 /*
104 * Create LTTng tracepoint probes.
105 */
106 #define LTTNG_PACKAGE_BUILD
107 #define CREATE_TRACE_POINTS
108 #define TP_MODULE_NOINIT
109 #define TRACE_INCLUDE_PATH instrumentation/syscalls/headers
110
111 #define PARAMS(args...) args
112
113 /* Handle unknown syscalls */
114 #undef TRACE_SYSTEM
115 #define TRACE_SYSTEM syscalls_unknown
116 #include <instrumentation/syscalls/headers/syscalls_unknown.h>
117 #undef TRACE_SYSTEM
118
119 #undef TP_PROBE_CB
120
121 extern const struct trace_syscall_table sc_table;
122 extern const struct trace_syscall_table compat_sc_table;
123
124 /* Event syscall exit table */
125 extern const struct trace_syscall_table sc_exit_table;
126 extern const struct trace_syscall_table compat_sc_exit_table;
127
128
129 #undef SC_EXIT
130
131 #undef CREATE_SYSCALL_TABLE
132
133 struct lttng_syscall_filter {
134 DECLARE_BITMAP(sc_entry, NR_syscalls);
135 DECLARE_BITMAP(sc_exit, NR_syscalls);
136 DECLARE_BITMAP(sc_compat_entry, NR_compat_syscalls);
137 DECLARE_BITMAP(sc_compat_exit, NR_compat_syscalls);
138 };
139
140 static void syscall_entry_event_unknown(struct hlist_head *unknown_action_list_head,
141 struct pt_regs *regs, long id)
142 {
143 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
144 struct lttng_kernel_event_common_private *event_priv;
145
146 lttng_syscall_get_arguments(current, regs, args);
147 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
148 if (unlikely(in_compat_syscall()))
149 __event_probe__compat_syscall_entry_unknown(event_priv->pub, id, args);
150 else
151 __event_probe__syscall_entry_unknown(event_priv->pub, id, args);
152 }
153 }
154
155 static __always_inline
156 void syscall_entry_event_call_func(struct hlist_head *action_list,
157 void *func, unsigned int nrargs,
158 struct pt_regs *regs)
159 {
160 struct lttng_kernel_event_common_private *event_priv;
161
162 switch (nrargs) {
163 case 0:
164 {
165 void (*fptr)(void *__data) = func;
166
167 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
168 fptr(event_priv->pub);
169 break;
170 }
171 case 1:
172 {
173 void (*fptr)(void *__data, unsigned long arg0) = func;
174 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
175
176 lttng_syscall_get_arguments(current, regs, args);
177 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
178 fptr(event_priv->pub, args[0]);
179 break;
180 }
181 case 2:
182 {
183 void (*fptr)(void *__data,
184 unsigned long arg0,
185 unsigned long arg1) = func;
186 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
187
188 lttng_syscall_get_arguments(current, regs, args);
189 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
190 fptr(event_priv->pub, args[0], args[1]);
191 break;
192 }
193 case 3:
194 {
195 void (*fptr)(void *__data,
196 unsigned long arg0,
197 unsigned long arg1,
198 unsigned long arg2) = func;
199 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
200
201 lttng_syscall_get_arguments(current, regs, args);
202 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
203 fptr(event_priv->pub, args[0], args[1], args[2]);
204 break;
205 }
206 case 4:
207 {
208 void (*fptr)(void *__data,
209 unsigned long arg0,
210 unsigned long arg1,
211 unsigned long arg2,
212 unsigned long arg3) = func;
213 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
214
215 lttng_syscall_get_arguments(current, regs, args);
216 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
217 fptr(event_priv->pub, args[0], args[1], args[2], args[3]);
218 break;
219 }
220 case 5:
221 {
222 void (*fptr)(void *__data,
223 unsigned long arg0,
224 unsigned long arg1,
225 unsigned long arg2,
226 unsigned long arg3,
227 unsigned long arg4) = func;
228 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
229
230 lttng_syscall_get_arguments(current, regs, args);
231 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
232 fptr(event_priv->pub, args[0], args[1], args[2], args[3], args[4]);
233 break;
234 }
235 case 6:
236 {
237 void (*fptr)(void *__data,
238 unsigned long arg0,
239 unsigned long arg1,
240 unsigned long arg2,
241 unsigned long arg3,
242 unsigned long arg4,
243 unsigned long arg5) = func;
244 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
245
246 lttng_syscall_get_arguments(current, regs, args);
247 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
248 fptr(event_priv->pub, args[0], args[1], args[2],
249 args[3], args[4], args[5]);
250 break;
251 }
252 default:
253 break;
254 }
255 }
256
257 void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id)
258 {
259 struct lttng_kernel_channel_buffer *chan = __data;
260 struct hlist_head *action_list, *unknown_action_list;
261 const struct trace_syscall_entry *table, *entry;
262 size_t table_len;
263
264 if (unlikely(in_compat_syscall())) {
265 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
266
267 if (id < 0 || id >= NR_compat_syscalls
268 || (!READ_ONCE(chan->priv->parent.syscall_all_entry) && !test_bit(id, filter->sc_compat_entry))) {
269 /* System call filtered out. */
270 return;
271 }
272 table = compat_sc_table.table;
273 table_len = compat_sc_table.len;
274 unknown_action_list = &chan->priv->parent.sc_compat_unknown;
275 } else {
276 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
277
278 if (id < 0 || id >= NR_syscalls
279 || (!READ_ONCE(chan->priv->parent.syscall_all_entry) && !test_bit(id, filter->sc_entry))) {
280 /* System call filtered out. */
281 return;
282 }
283 table = sc_table.table;
284 table_len = sc_table.len;
285 unknown_action_list = &chan->priv->parent.sc_unknown;
286 }
287 if (unlikely(id < 0 || id >= table_len)) {
288 syscall_entry_event_unknown(unknown_action_list, regs, id);
289 return;
290 }
291
292 entry = &table[id];
293 if (!entry->event_func) {
294 syscall_entry_event_unknown(unknown_action_list, regs, id);
295 return;
296 }
297
298 if (unlikely(in_compat_syscall())) {
299 action_list = &chan->priv->parent.compat_sc_table[id];
300 } else {
301 action_list = &chan->priv->parent.sc_table[id];
302 }
303 if (unlikely(hlist_empty(action_list)))
304 return;
305
306 syscall_entry_event_call_func(action_list, entry->event_func, entry->nrargs, regs);
307 }
308
309 void syscall_entry_event_notifier_probe(void *__data, struct pt_regs *regs,
310 long id)
311 {
312 struct lttng_event_notifier_group *group = __data;
313 const struct trace_syscall_entry *table, *entry;
314 struct hlist_head *dispatch_list, *unknown_dispatch_list;
315 size_t table_len;
316
317 if (unlikely(in_compat_syscall())) {
318 struct lttng_syscall_filter *filter = group->sc_filter;
319
320 if (id < 0 || id >= NR_compat_syscalls
321 || (!READ_ONCE(group->syscall_all_entry) &&
322 !test_bit(id, filter->sc_compat_entry))) {
323 /* System call filtered out. */
324 return;
325 }
326 table = compat_sc_table.table;
327 table_len = compat_sc_table.len;
328 unknown_dispatch_list = &group->event_notifier_compat_unknown_syscall_dispatch;
329 } else {
330 struct lttng_syscall_filter *filter = group->sc_filter;
331
332 if (id < 0 || id >= NR_syscalls
333 || (!READ_ONCE(group->syscall_all_entry) &&
334 !test_bit(id, filter->sc_entry))) {
335 /* System call filtered out. */
336 return;
337 }
338 table = sc_table.table;
339 table_len = sc_table.len;
340 unknown_dispatch_list = &group->event_notifier_unknown_syscall_dispatch;
341 }
342 /* Check if the syscall id is out of bound. */
343 if (unlikely(id < 0 || id >= table_len)) {
344 syscall_entry_event_unknown(unknown_dispatch_list,
345 regs, id);
346 return;
347 }
348
349 entry = &table[id];
350 if (!entry->event_func) {
351 syscall_entry_event_unknown(unknown_dispatch_list,
352 regs, id);
353 return;
354 }
355
356 if (unlikely(in_compat_syscall())) {
357 dispatch_list = &group->event_notifier_compat_syscall_dispatch[id];
358 } else {
359 dispatch_list = &group->event_notifier_syscall_dispatch[id];
360 }
361 if (unlikely(hlist_empty(dispatch_list)))
362 return;
363
364 syscall_entry_event_call_func(dispatch_list,
365 entry->event_func, entry->nrargs, regs);
366 }
367
368 static void syscall_exit_event_unknown(struct hlist_head *unknown_action_list_head,
369 struct pt_regs *regs, long id, long ret)
370 {
371 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
372 struct lttng_kernel_event_common_private *event_priv;
373
374 lttng_syscall_get_arguments(current, regs, args);
375 lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
376 if (unlikely(in_compat_syscall()))
377 __event_probe__compat_syscall_exit_unknown(event_priv->pub, id, ret,
378 args);
379 else
380 __event_probe__syscall_exit_unknown(event_priv->pub, id, ret, args);
381 }
382 }
383
384 static __always_inline
385 void syscall_exit_event_call_func(struct hlist_head *action_list,
386 void *func, unsigned int nrargs,
387 struct pt_regs *regs, long ret)
388 {
389 struct lttng_kernel_event_common_private *event_priv;
390
391 switch (nrargs) {
392 case 0:
393 {
394 void (*fptr)(void *__data, long ret) = func;
395
396 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
397 fptr(event_priv->pub, ret);
398 break;
399 }
400 case 1:
401 {
402 void (*fptr)(void *__data,
403 long ret,
404 unsigned long arg0) = func;
405 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
406
407 lttng_syscall_get_arguments(current, regs, args);
408 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
409 fptr(event_priv->pub, ret, args[0]);
410 break;
411 }
412 case 2:
413 {
414 void (*fptr)(void *__data,
415 long ret,
416 unsigned long arg0,
417 unsigned long arg1) = func;
418 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
419
420 lttng_syscall_get_arguments(current, regs, args);
421 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
422 fptr(event_priv->pub, ret, args[0], args[1]);
423 break;
424 }
425 case 3:
426 {
427 void (*fptr)(void *__data,
428 long ret,
429 unsigned long arg0,
430 unsigned long arg1,
431 unsigned long arg2) = func;
432 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
433
434 lttng_syscall_get_arguments(current, regs, args);
435 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
436 fptr(event_priv->pub, ret, args[0], args[1], args[2]);
437 break;
438 }
439 case 4:
440 {
441 void (*fptr)(void *__data,
442 long ret,
443 unsigned long arg0,
444 unsigned long arg1,
445 unsigned long arg2,
446 unsigned long arg3) = func;
447 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
448
449 lttng_syscall_get_arguments(current, regs, args);
450 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
451 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3]);
452 break;
453 }
454 case 5:
455 {
456 void (*fptr)(void *__data,
457 long ret,
458 unsigned long arg0,
459 unsigned long arg1,
460 unsigned long arg2,
461 unsigned long arg3,
462 unsigned long arg4) = func;
463 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
464
465 lttng_syscall_get_arguments(current, regs, args);
466 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
467 fptr(event_priv->pub, ret, args[0], args[1], args[2], args[3], args[4]);
468 break;
469 }
470 case 6:
471 {
472 void (*fptr)(void *__data,
473 long ret,
474 unsigned long arg0,
475 unsigned long arg1,
476 unsigned long arg2,
477 unsigned long arg3,
478 unsigned long arg4,
479 unsigned long arg5) = func;
480 unsigned long args[LTTNG_SYSCALL_NR_ARGS];
481
482 lttng_syscall_get_arguments(current, regs, args);
483 lttng_hlist_for_each_entry_rcu(event_priv, action_list, u.syscall.node)
484 fptr(event_priv->pub, ret, args[0], args[1], args[2],
485 args[3], args[4], args[5]);
486 break;
487 }
488 default:
489 break;
490 }
491 }
492
493 void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret)
494 {
495 struct lttng_kernel_channel_buffer *chan = __data;
496 struct hlist_head *action_list, *unknown_action_list;
497 const struct trace_syscall_entry *table, *entry;
498 size_t table_len;
499 long id;
500
501 id = syscall_get_nr(current, regs);
502
503 if (unlikely(in_compat_syscall())) {
504 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
505
506 if (id < 0 || id >= NR_compat_syscalls
507 || (!READ_ONCE(chan->priv->parent.syscall_all_exit) && !test_bit(id, filter->sc_compat_exit))) {
508 /* System call filtered out. */
509 return;
510 }
511 table = compat_sc_exit_table.table;
512 table_len = compat_sc_exit_table.len;
513 unknown_action_list = &chan->priv->parent.compat_sc_exit_unknown;
514 } else {
515 struct lttng_syscall_filter *filter = chan->priv->parent.sc_filter;
516
517 if (id < 0 || id >= NR_syscalls
518 || (!READ_ONCE(chan->priv->parent.syscall_all_exit) && !test_bit(id, filter->sc_exit))) {
519 /* System call filtered out. */
520 return;
521 }
522 table = sc_exit_table.table;
523 table_len = sc_exit_table.len;
524 unknown_action_list = &chan->priv->parent.sc_exit_unknown;
525 }
526 if (unlikely(id < 0 || id >= table_len)) {
527 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
528 return;
529 }
530
531 entry = &table[id];
532 if (!entry->event_func) {
533 syscall_exit_event_unknown(unknown_action_list, regs, id, ret);
534 return;
535 }
536
537 if (unlikely(in_compat_syscall())) {
538 action_list = &chan->priv->parent.compat_sc_exit_table[id];
539 } else {
540 action_list = &chan->priv->parent.sc_exit_table[id];
541 }
542 if (unlikely(hlist_empty(action_list)))
543 return;
544
545 syscall_exit_event_call_func(action_list, entry->event_func, entry->nrargs,
546 regs, ret);
547 }
548
549 void syscall_exit_event_notifier_probe(void *__data, struct pt_regs *regs,
550 long ret)
551 {
552 struct lttng_event_notifier_group *group = __data;
553 const struct trace_syscall_entry *table, *entry;
554 struct hlist_head *dispatch_list, *unknown_dispatch_list;
555 size_t table_len;
556 long id;
557
558 id = syscall_get_nr(current, regs);
559
560 if (unlikely(in_compat_syscall())) {
561 struct lttng_syscall_filter *filter = group->sc_filter;
562
563 if (id < 0 || id >= NR_compat_syscalls
564 || (!READ_ONCE(group->syscall_all_exit) &&
565 !test_bit(id, filter->sc_compat_exit))) {
566 /* System call filtered out. */
567 return;
568 }
569 table = compat_sc_exit_table.table;
570 table_len = compat_sc_exit_table.len;
571 unknown_dispatch_list = &group->event_notifier_exit_compat_unknown_syscall_dispatch;
572 } else {
573 struct lttng_syscall_filter *filter = group->sc_filter;
574
575 if (id < 0 || id >= NR_syscalls
576 || (!READ_ONCE(group->syscall_all_exit) &&
577 !test_bit(id, filter->sc_exit))) {
578 /* System call filtered out. */
579 return;
580 }
581 table = sc_exit_table.table;
582 table_len = sc_exit_table.len;
583 unknown_dispatch_list = &group->event_notifier_exit_unknown_syscall_dispatch;
584 }
585 /* Check if the syscall id is out of bound. */
586 if (unlikely(id < 0 || id >= table_len)) {
587 syscall_exit_event_unknown(unknown_dispatch_list,
588 regs, id, ret);
589 return;
590 }
591
592 entry = &table[id];
593 if (!entry->event_func) {
594 syscall_entry_event_unknown(unknown_dispatch_list,
595 regs, id);
596 return;
597 }
598
599 if (unlikely(in_compat_syscall())) {
600 dispatch_list = &group->event_notifier_exit_compat_syscall_dispatch[id];
601 } else {
602 dispatch_list = &group->event_notifier_exit_syscall_dispatch[id];
603 }
604 if (unlikely(hlist_empty(dispatch_list)))
605 return;
606
607 syscall_exit_event_call_func(dispatch_list,
608 entry->event_func, entry->nrargs, regs, ret);
609 }
610 /*
611 * noinline to diminish caller stack size.
612 * Should be called with sessions lock held.
613 */
614 static
615 int lttng_create_syscall_event_if_missing(const struct trace_syscall_entry *table, size_t table_len,
616 struct hlist_head *chan_table, struct lttng_event_enabler *syscall_event_enabler,
617 enum sc_type type)
618 {
619 struct lttng_kernel_channel_buffer *chan = syscall_event_enabler->chan;
620 struct lttng_kernel_session *session = chan->parent.session;
621 unsigned int i;
622
623 /* Allocate events for each syscall matching enabler, insert into table */
624 for (i = 0; i < table_len; i++) {
625 const struct lttng_kernel_event_desc *desc = table[i].desc;
626 struct lttng_event_enabler *event_enabler;
627 struct lttng_kernel_abi_event ev;
628 struct lttng_kernel_event_recorder_private *event_recorder_priv;
629 struct lttng_kernel_event_recorder *event_recorder;
630 struct hlist_head *head;
631 bool found = false;
632
633 if (!desc) {
634 /* Unknown syscall */
635 continue;
636 }
637 if (lttng_desc_match_enabler(desc,
638 lttng_event_enabler_as_enabler(syscall_event_enabler)) <= 0)
639 continue;
640 /*
641 * Check if already created.
642 */
643 head = utils_borrow_hash_table_bucket(
644 session->priv->events_ht.table, LTTNG_EVENT_HT_SIZE,
645 desc->event_name);
646 lttng_hlist_for_each_entry(event_recorder_priv, head, hlist) {
647 if (event_recorder_priv->parent.desc == desc
648 && event_recorder_priv->pub->chan == chan)
649 found = true;
650 }
651 if (found)
652 continue;
653
654 /* We need to create an event for this syscall/enabler. */
655 memset(&ev, 0, sizeof(ev));
656 switch (type) {
657 case SC_TYPE_ENTRY:
658 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
659 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
660 break;
661 case SC_TYPE_EXIT:
662 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
663 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
664 break;
665 case SC_TYPE_COMPAT_ENTRY:
666 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
667 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
668 break;
669 case SC_TYPE_COMPAT_EXIT:
670 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
671 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
672 break;
673 }
674 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1);
675 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
676 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
677 event_enabler = lttng_event_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
678 if (!event_enabler) {
679 return -ENOMEM;
680 }
681 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
682 WARN_ON_ONCE(!event_recorder);
683 lttng_event_enabler_destroy(event_enabler);
684 if (IS_ERR(event_recorder)) {
685 /*
686 * If something goes wrong in event registration
687 * after the first one, we have no choice but to
688 * leave the previous events in there, until
689 * deleted by session teardown.
690 */
691 return PTR_ERR(event_recorder);
692 }
693 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan_table[i]);
694 }
695 return 0;
696 }
697
698 /*
699 * Should be called with sessions lock held.
700 */
701 int lttng_syscalls_register_event(struct lttng_event_enabler *syscall_event_enabler)
702 {
703 struct lttng_kernel_channel_buffer *chan = syscall_event_enabler->chan;
704 struct lttng_kernel_abi_event ev;
705 int ret;
706
707 wrapper_vmalloc_sync_mappings();
708
709 if (!chan->priv->parent.sc_table) {
710 /* create syscall table mapping syscall to events */
711 chan->priv->parent.sc_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
712 * sc_table.len, GFP_KERNEL);
713 if (!chan->priv->parent.sc_table)
714 return -ENOMEM;
715 }
716 if (!chan->priv->parent.sc_exit_table) {
717 /* create syscall table mapping syscall to events */
718 chan->priv->parent.sc_exit_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
719 * sc_exit_table.len, GFP_KERNEL);
720 if (!chan->priv->parent.sc_exit_table)
721 return -ENOMEM;
722 }
723
724
725 #ifdef CONFIG_COMPAT
726 if (!chan->priv->parent.compat_sc_table) {
727 /* create syscall table mapping compat syscall to events */
728 chan->priv->parent.compat_sc_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
729 * compat_sc_table.len, GFP_KERNEL);
730 if (!chan->priv->parent.compat_sc_table)
731 return -ENOMEM;
732 }
733
734 if (!chan->priv->parent.compat_sc_exit_table) {
735 /* create syscall table mapping compat syscall to events */
736 chan->priv->parent.compat_sc_exit_table = kzalloc(sizeof(struct lttng_kernel_event_recorder *)
737 * compat_sc_exit_table.len, GFP_KERNEL);
738 if (!chan->priv->parent.compat_sc_exit_table)
739 return -ENOMEM;
740 }
741 #endif
742 if (hlist_empty(&chan->priv->parent.sc_unknown)) {
743 const struct lttng_kernel_event_desc *desc =
744 &__event_desc___syscall_entry_unknown;
745 struct lttng_kernel_event_recorder *event_recorder;
746 struct lttng_event_enabler *event_enabler;
747
748 memset(&ev, 0, sizeof(ev));
749 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
750 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
751 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
752 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
753 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
754 event_enabler = lttng_event_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
755 if (!event_enabler) {
756 return -ENOMEM;
757 }
758 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
759 lttng_event_enabler_destroy(event_enabler);
760 WARN_ON_ONCE(!event_recorder);
761 if (IS_ERR(event_recorder)) {
762 return PTR_ERR(event_recorder);
763 }
764 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.sc_unknown);
765 }
766
767 if (hlist_empty(&chan->priv->parent.sc_compat_unknown)) {
768 const struct lttng_kernel_event_desc *desc =
769 &__event_desc___compat_syscall_entry_unknown;
770 struct lttng_kernel_event_recorder *event_recorder;
771 struct lttng_event_enabler *event_enabler;
772
773 memset(&ev, 0, sizeof(ev));
774 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
775 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
776 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
777 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
778 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
779 event_enabler = lttng_event_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
780 if (!event_enabler) {
781 return -ENOMEM;
782 }
783 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
784 WARN_ON_ONCE(!event_recorder);
785 lttng_event_enabler_destroy(event_enabler);
786 if (IS_ERR(event_recorder)) {
787 return PTR_ERR(event_recorder);
788 }
789 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.sc_compat_unknown);
790 }
791
792 if (hlist_empty(&chan->priv->parent.compat_sc_exit_unknown)) {
793 const struct lttng_kernel_event_desc *desc =
794 &__event_desc___compat_syscall_exit_unknown;
795 struct lttng_kernel_event_recorder *event_recorder;
796 struct lttng_event_enabler *event_enabler;
797
798 memset(&ev, 0, sizeof(ev));
799 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
800 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
801 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
802 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
803 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
804 event_enabler = lttng_event_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
805 if (!event_enabler) {
806 return -ENOMEM;
807 }
808 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
809 WARN_ON_ONCE(!event_recorder);
810 lttng_event_enabler_destroy(event_enabler);
811 if (IS_ERR(event_recorder)) {
812 return PTR_ERR(event_recorder);
813 }
814 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.compat_sc_exit_unknown);
815 }
816
817 if (hlist_empty(&chan->priv->parent.sc_exit_unknown)) {
818 const struct lttng_kernel_event_desc *desc =
819 &__event_desc___syscall_exit_unknown;
820 struct lttng_kernel_event_recorder *event_recorder;
821 struct lttng_event_enabler *event_enabler;
822
823 memset(&ev, 0, sizeof(ev));
824 strncpy(ev.name, desc->event_name, LTTNG_KERNEL_ABI_SYM_NAME_LEN);
825 ev.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
826 ev.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
827 ev.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
828 ev.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
829 event_enabler = lttng_event_enabler_create(LTTNG_ENABLER_FORMAT_NAME, &ev, chan);
830 if (!event_enabler) {
831 return -ENOMEM;
832 }
833 event_recorder = _lttng_kernel_event_recorder_create(event_enabler, desc);
834 WARN_ON_ONCE(!event_recorder);
835 lttng_event_enabler_destroy(event_enabler);
836 if (IS_ERR(event_recorder)) {
837 return PTR_ERR(event_recorder);
838 }
839 hlist_add_head(&event_recorder->priv->parent.u.syscall.node, &chan->priv->parent.sc_exit_unknown);
840 }
841
842 ret = lttng_create_syscall_event_if_missing(sc_table.table, sc_table.len,
843 chan->priv->parent.sc_table, syscall_event_enabler, SC_TYPE_ENTRY);
844 if (ret)
845 return ret;
846 ret = lttng_create_syscall_event_if_missing(sc_exit_table.table, sc_exit_table.len,
847 chan->priv->parent.sc_exit_table, syscall_event_enabler, SC_TYPE_EXIT);
848 if (ret)
849 return ret;
850
851 #ifdef CONFIG_COMPAT
852 ret = lttng_create_syscall_event_if_missing(compat_sc_table.table, compat_sc_table.len,
853 chan->priv->parent.compat_sc_table, syscall_event_enabler, SC_TYPE_COMPAT_ENTRY);
854 if (ret)
855 return ret;
856 ret = lttng_create_syscall_event_if_missing(compat_sc_exit_table.table, compat_sc_exit_table.len,
857 chan->priv->parent.compat_sc_exit_table, syscall_event_enabler, SC_TYPE_COMPAT_EXIT);
858 if (ret)
859 return ret;
860 #endif
861
862 if (!chan->priv->parent.sc_filter) {
863 chan->priv->parent.sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
864 GFP_KERNEL);
865 if (!chan->priv->parent.sc_filter)
866 return -ENOMEM;
867 }
868
869 if (!chan->priv->parent.sys_enter_registered) {
870 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
871 (void *) syscall_entry_event_probe, chan);
872 if (ret)
873 return ret;
874 chan->priv->parent.sys_enter_registered = 1;
875 }
876 /*
877 * We change the name of sys_exit tracepoint due to namespace
878 * conflict with sys_exit syscall entry.
879 */
880 if (!chan->priv->parent.sys_exit_registered) {
881 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
882 (void *) syscall_exit_event_probe, chan);
883 if (ret) {
884 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
885 (void *) syscall_entry_event_probe, chan));
886 return ret;
887 }
888 chan->priv->parent.sys_exit_registered = 1;
889 }
890 return ret;
891 }
892
893 /*
894 * Should be called with sessions lock held.
895 */
896 int lttng_syscalls_register_event_notifier(
897 struct lttng_event_notifier_enabler *event_notifier_enabler)
898 {
899 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
900 unsigned int i;
901 int ret = 0;
902
903 wrapper_vmalloc_sync_mappings();
904
905 if (!group->event_notifier_syscall_dispatch) {
906 group->event_notifier_syscall_dispatch =
907 kzalloc(sizeof(struct hlist_head) * sc_table.len,
908 GFP_KERNEL);
909 if (!group->event_notifier_syscall_dispatch)
910 return -ENOMEM;
911
912 /* Initialize all list_head */
913 for (i = 0; i < sc_table.len; i++)
914 INIT_HLIST_HEAD(&group->event_notifier_syscall_dispatch[i]);
915
916 /* Init the unknown syscall notifier list. */
917 INIT_HLIST_HEAD(&group->event_notifier_unknown_syscall_dispatch);
918 }
919
920 if (!group->event_notifier_exit_syscall_dispatch) {
921 group->event_notifier_exit_syscall_dispatch =
922 kzalloc(sizeof(struct hlist_head) * sc_table.len,
923 GFP_KERNEL);
924 if (!group->event_notifier_exit_syscall_dispatch)
925 return -ENOMEM;
926
927 /* Initialize all list_head */
928 for (i = 0; i < sc_table.len; i++)
929 INIT_HLIST_HEAD(&group->event_notifier_exit_syscall_dispatch[i]);
930
931 /* Init the unknown exit syscall notifier list. */
932 INIT_HLIST_HEAD(&group->event_notifier_exit_unknown_syscall_dispatch);
933 }
934
935 #ifdef CONFIG_COMPAT
936 if (!group->event_notifier_compat_syscall_dispatch) {
937 group->event_notifier_compat_syscall_dispatch =
938 kzalloc(sizeof(struct hlist_head) * compat_sc_table.len,
939 GFP_KERNEL);
940 if (!group->event_notifier_syscall_dispatch)
941 return -ENOMEM;
942
943 /* Initialize all list_head */
944 for (i = 0; i < compat_sc_table.len; i++)
945 INIT_HLIST_HEAD(&group->event_notifier_compat_syscall_dispatch[i]);
946
947 /* Init the unknown syscall notifier list. */
948 INIT_HLIST_HEAD(&group->event_notifier_compat_unknown_syscall_dispatch);
949 }
950
951 if (!group->event_notifier_exit_compat_syscall_dispatch) {
952 group->event_notifier_exit_compat_syscall_dispatch =
953 kzalloc(sizeof(struct hlist_head) * compat_sc_exit_table.len,
954 GFP_KERNEL);
955 if (!group->event_notifier_exit_syscall_dispatch)
956 return -ENOMEM;
957
958 /* Initialize all list_head */
959 for (i = 0; i < compat_sc_exit_table.len; i++)
960 INIT_HLIST_HEAD(&group->event_notifier_exit_compat_syscall_dispatch[i]);
961
962 /* Init the unknown exit syscall notifier list. */
963 INIT_HLIST_HEAD(&group->event_notifier_exit_compat_unknown_syscall_dispatch);
964 }
965 #endif
966
967 if (!group->sc_filter) {
968 group->sc_filter = kzalloc(sizeof(struct lttng_syscall_filter),
969 GFP_KERNEL);
970 if (!group->sc_filter)
971 return -ENOMEM;
972 }
973
974 if (!group->sys_enter_registered) {
975 ret = lttng_wrapper_tracepoint_probe_register("sys_enter",
976 (void *) syscall_entry_event_notifier_probe, group);
977 if (ret)
978 return ret;
979 group->sys_enter_registered = 1;
980 }
981
982 if (!group->sys_exit_registered) {
983 ret = lttng_wrapper_tracepoint_probe_register("sys_exit",
984 (void *) syscall_exit_event_notifier_probe, group);
985 if (ret) {
986 WARN_ON_ONCE(lttng_wrapper_tracepoint_probe_unregister("sys_enter",
987 (void *) syscall_entry_event_notifier_probe, group));
988 return ret;
989 }
990 group->sys_exit_registered = 1;
991 }
992
993 return ret;
994 }
995
996 static
997 int create_unknown_event_notifier(
998 struct lttng_event_notifier_enabler *event_notifier_enabler,
999 enum sc_type type)
1000 {
1001 struct lttng_kernel_event_notifier_private *event_notifier_priv;
1002 struct lttng_kernel_event_notifier *event_notifier;
1003 const struct lttng_kernel_event_desc *desc;
1004 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
1005 struct lttng_kernel_abi_event_notifier event_notifier_param;
1006 uint64_t user_token = event_notifier_enabler->parent.user_token;
1007 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
1008 struct lttng_event_enabler_common *base_enabler = lttng_event_notifier_enabler_as_enabler(
1009 event_notifier_enabler);
1010 struct hlist_head *unknown_dispatch_list;
1011 int ret = 0;
1012 bool found = false;
1013 enum lttng_kernel_abi_syscall_abi abi;
1014 enum lttng_kernel_abi_syscall_entryexit entryexit;
1015 struct hlist_head *head;
1016
1017 switch (type) {
1018 case SC_TYPE_ENTRY:
1019 desc = &__event_desc___syscall_entry_unknown;
1020 unknown_dispatch_list = &group->event_notifier_unknown_syscall_dispatch;
1021 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1022 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1023 break;
1024 case SC_TYPE_EXIT:
1025 desc = &__event_desc___syscall_exit_unknown;
1026 unknown_dispatch_list = &group->event_notifier_exit_unknown_syscall_dispatch;
1027 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1028 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1029 break;
1030 case SC_TYPE_COMPAT_ENTRY:
1031 desc = &__event_desc___compat_syscall_entry_unknown;
1032 unknown_dispatch_list = &group->event_notifier_compat_unknown_syscall_dispatch;
1033 entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1034 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1035 break;
1036 case SC_TYPE_COMPAT_EXIT:
1037 desc = &__event_desc___compat_syscall_exit_unknown;
1038 unknown_dispatch_list = &group->event_notifier_exit_compat_unknown_syscall_dispatch;
1039 entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1040 abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1041 break;
1042 default:
1043 BUG_ON(1);
1044 }
1045
1046 /*
1047 * Check if already created.
1048 */
1049 head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
1050 LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->event_name);
1051 lttng_hlist_for_each_entry(event_notifier_priv, head, hlist) {
1052 if (event_notifier_priv->parent.desc == desc &&
1053 event_notifier_priv->parent.user_token == base_enabler->user_token)
1054 found = true;
1055 }
1056 if (found)
1057 goto end;
1058
1059 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
1060 strncat(event_notifier_param.event.name, desc->event_name,
1061 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
1062
1063 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
1064
1065 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
1066 event_notifier_param.event.u.syscall.abi = abi;
1067 event_notifier_param.event.u.syscall.entryexit = entryexit;
1068
1069 event_notifier = _lttng_event_notifier_create(desc, user_token,
1070 error_counter_index, group, &event_notifier_param,
1071 event_notifier_param.event.instrumentation);
1072 if (IS_ERR(event_notifier)) {
1073 printk(KERN_INFO "Unable to create unknown notifier %s\n",
1074 desc->event_name);
1075 ret = -ENOMEM;
1076 goto end;
1077 }
1078
1079 hlist_add_head_rcu(&event_notifier->priv->parent.u.syscall.node, unknown_dispatch_list);
1080
1081 end:
1082 return ret;
1083 }
1084
1085 static int create_matching_event_notifiers(
1086 struct lttng_event_notifier_enabler *event_notifier_enabler,
1087 const struct trace_syscall_entry *table,
1088 size_t table_len, enum sc_type type)
1089 {
1090 struct lttng_event_notifier_group *group = event_notifier_enabler->group;
1091 const struct lttng_kernel_event_desc *desc;
1092 uint64_t user_token = event_notifier_enabler->parent.user_token;
1093 uint64_t error_counter_index = event_notifier_enabler->error_counter_index;
1094 unsigned int i;
1095 int ret = 0;
1096
1097 /* iterate over all syscall and create event_notifier that match */
1098 for (i = 0; i < table_len; i++) {
1099 struct lttng_kernel_event_notifier_private *event_notifier_priv;
1100 struct lttng_kernel_event_notifier *event_notifier;
1101 struct lttng_kernel_abi_event_notifier event_notifier_param;
1102 struct hlist_head *head;
1103 int found = 0;
1104
1105 desc = table[i].desc;
1106 if (!desc) {
1107 /* Unknown syscall */
1108 continue;
1109 }
1110
1111 if (!lttng_desc_match_enabler(desc,
1112 lttng_event_notifier_enabler_as_enabler(event_notifier_enabler)))
1113 continue;
1114
1115 /*
1116 * Check if already created.
1117 */
1118 head = utils_borrow_hash_table_bucket(group->event_notifiers_ht.table,
1119 LTTNG_EVENT_NOTIFIER_HT_SIZE, desc->event_name);
1120 lttng_hlist_for_each_entry(event_notifier_priv, head, hlist) {
1121 if (event_notifier_priv->parent.desc == desc
1122 && event_notifier_priv->parent.user_token == event_notifier_enabler->parent.user_token)
1123 found = 1;
1124 }
1125 if (found)
1126 continue;
1127
1128 memset(&event_notifier_param, 0, sizeof(event_notifier_param));
1129 switch (type) {
1130 case SC_TYPE_ENTRY:
1131 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1132 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1133 break;
1134 case SC_TYPE_EXIT:
1135 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1136 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_NATIVE;
1137 break;
1138 case SC_TYPE_COMPAT_ENTRY:
1139 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_ENTRY;
1140 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1141 break;
1142 case SC_TYPE_COMPAT_EXIT:
1143 event_notifier_param.event.u.syscall.entryexit = LTTNG_KERNEL_ABI_SYSCALL_EXIT;
1144 event_notifier_param.event.u.syscall.abi = LTTNG_KERNEL_ABI_SYSCALL_ABI_COMPAT;
1145 break;
1146 }
1147 strncat(event_notifier_param.event.name, desc->event_name,
1148 LTTNG_KERNEL_ABI_SYM_NAME_LEN - strlen(event_notifier_param.event.name) - 1);
1149 event_notifier_param.event.name[LTTNG_KERNEL_ABI_SYM_NAME_LEN - 1] = '\0';
1150 event_notifier_param.event.instrumentation = LTTNG_KERNEL_ABI_SYSCALL;
1151
1152 event_notifier = _lttng_event_notifier_create(desc, user_token,
1153 error_counter_index, group, &event_notifier_param,
1154 event_notifier_param.event.instrumentation);
1155 if (IS_ERR(event_notifier)) {
1156 printk(KERN_INFO "Unable to create event_notifier %s\n",
1157 desc->event_name);
1158 ret = -ENOMEM;
1159 goto end;
1160 }
1161
1162 event_notifier->priv->parent.u.syscall.syscall_id = i;
1163 }
1164
1165 end:
1166 return ret;
1167
1168 }
1169
1170 int lttng_syscalls_create_matching_event_notifiers(
1171 struct lttng_event_notifier_enabler *event_notifier_enabler)
1172 {
1173 int ret;
1174 struct lttng_event_enabler_common *base_enabler =
1175 lttng_event_notifier_enabler_as_enabler(event_notifier_enabler);
1176 enum lttng_kernel_abi_syscall_entryexit entryexit =
1177 base_enabler->event_param.u.syscall.entryexit;
1178
1179 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRY || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1180 ret = create_matching_event_notifiers(event_notifier_enabler,
1181 sc_table.table, sc_table.len, SC_TYPE_ENTRY);
1182 if (ret)
1183 goto end;
1184
1185 ret = create_matching_event_notifiers(event_notifier_enabler,
1186 compat_sc_table.table, compat_sc_table.len,
1187 SC_TYPE_COMPAT_ENTRY);
1188 if (ret)
1189 goto end;
1190
1191 ret = create_unknown_event_notifier(event_notifier_enabler,
1192 SC_TYPE_ENTRY);
1193 if (ret)
1194 goto end;
1195
1196 ret = create_unknown_event_notifier(event_notifier_enabler,
1197 SC_TYPE_COMPAT_ENTRY);
1198 if (ret)
1199 goto end;
1200 }
1201
1202 if (entryexit == LTTNG_KERNEL_ABI_SYSCALL_EXIT || entryexit == LTTNG_KERNEL_ABI_SYSCALL_ENTRYEXIT) {
1203 ret = create_matching_event_notifiers(event_notifier_enabler,
1204 sc_exit_table.table, sc_exit_table.len,
1205 SC_TYPE_EXIT);
1206 if (ret)
1207 goto end;
1208
1209 ret = create_unknown_event_notifier(event_notifier_enabler,
1210 SC_TYPE_EXIT);
1211 if (ret)
1212 goto end;
1213
1214 ret = create_matching_event_notifiers(event_notifier_enabler,
1215 compat_sc_exit_table.table, compat_sc_exit_table.len,
1216 SC_TYPE_COMPAT_EXIT);
1217 if (ret)
1218 goto end;
1219
1220 ret = create_unknown_event_notifier(event_notifier_enabler,
1221 SC_TYPE_COMPAT_EXIT);
1222 if (ret)
1223 goto end;
1224 }
1225
1226 end:
1227 return ret;
1228 }
1229
1230 /*
1231 * Unregister the syscall event_notifier probes from the callsites.
1232 */
1233 int lttng_syscalls_unregister_event_notifier_group(
1234 struct lttng_event_notifier_group *event_notifier_group)
1235 {
1236 int ret;
1237
1238 /*
1239 * Only register the event_notifier probe on the `sys_enter` callsite for now.
1240 * At the moment, we don't think it's desirable to have one fired
1241 * event_notifier for the entry and one for the exit of a syscall.
1242 */
1243 if (event_notifier_group->sys_enter_registered) {
1244 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1245 (void *) syscall_entry_event_notifier_probe, event_notifier_group);
1246 if (ret)
1247 return ret;
1248 event_notifier_group->sys_enter_registered = 0;
1249 }
1250 if (event_notifier_group->sys_exit_registered) {
1251 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1252 (void *) syscall_exit_event_notifier_probe, event_notifier_group);
1253 if (ret)
1254 return ret;
1255 event_notifier_group->sys_enter_registered = 0;
1256 }
1257
1258 kfree(event_notifier_group->event_notifier_syscall_dispatch);
1259 kfree(event_notifier_group->event_notifier_exit_syscall_dispatch);
1260 #ifdef CONFIG_COMPAT
1261 kfree(event_notifier_group->event_notifier_compat_syscall_dispatch);
1262 kfree(event_notifier_group->event_notifier_exit_compat_syscall_dispatch);
1263 #endif
1264 return 0;
1265 }
1266
1267 int lttng_syscalls_unregister_channel(struct lttng_kernel_channel_buffer *chan)
1268 {
1269 int ret;
1270
1271 if (!chan->priv->parent.sc_table)
1272 return 0;
1273 if (chan->priv->parent.sys_enter_registered) {
1274 ret = lttng_wrapper_tracepoint_probe_unregister("sys_enter",
1275 (void *) syscall_entry_event_probe, chan);
1276 if (ret)
1277 return ret;
1278 chan->priv->parent.sys_enter_registered = 0;
1279 }
1280 if (chan->priv->parent.sys_exit_registered) {
1281 ret = lttng_wrapper_tracepoint_probe_unregister("sys_exit",
1282 (void *) syscall_exit_event_probe, chan);
1283 if (ret)
1284 return ret;
1285 chan->priv->parent.sys_exit_registered = 0;
1286 }
1287 return 0;
1288 }
1289
1290 int lttng_syscalls_destroy_event(struct lttng_kernel_channel_buffer *chan)
1291 {
1292 kfree(chan->priv->parent.sc_table);
1293 kfree(chan->priv->parent.sc_exit_table);
1294 #ifdef CONFIG_COMPAT
1295 kfree(chan->priv->parent.compat_sc_table);
1296 kfree(chan->priv->parent.compat_sc_exit_table);
1297 #endif
1298 kfree(chan->priv->parent.sc_filter);
1299 return 0;
1300 }
1301
1302 static
1303 int get_syscall_nr(const char *syscall_name)
1304 {
1305 int syscall_nr = -1;
1306 int i;
1307
1308 for (i = 0; i < sc_table.len; i++) {
1309 const struct trace_syscall_entry *entry;
1310 const char *it_name;
1311
1312 entry = &sc_table.table[i];
1313 if (!entry->desc)
1314 continue;
1315 it_name = entry->desc->event_name;
1316 it_name += strlen(SYSCALL_ENTRY_STR);
1317 if (!strcmp(syscall_name, it_name)) {
1318 syscall_nr = i;
1319 break;
1320 }
1321 }
1322 return syscall_nr;
1323 }
1324
1325 static
1326 int get_compat_syscall_nr(const char *syscall_name)
1327 {
1328 int syscall_nr = -1;
1329 int i;
1330
1331 for (i = 0; i < compat_sc_table.len; i++) {
1332 const struct trace_syscall_entry *entry;
1333 const char *it_name;
1334
1335 entry = &compat_sc_table.table[i];
1336 if (!entry->desc)
1337 continue;
1338 it_name = entry->desc->event_name;
1339 it_name += strlen(COMPAT_SYSCALL_ENTRY_STR);
1340 if (!strcmp(syscall_name, it_name)) {
1341 syscall_nr = i;
1342 break;
1343 }
1344 }
1345 return syscall_nr;
1346 }
1347
1348 static
1349 uint32_t get_sc_tables_len(void)
1350 {
1351 return sc_table.len + compat_sc_table.len;
1352 }
1353
1354 static
1355 const char *get_syscall_name(const char *desc_name,
1356 enum lttng_syscall_abi abi,
1357 enum lttng_syscall_entryexit entryexit)
1358 {
1359 size_t prefix_len = 0;
1360
1361
1362 switch (entryexit) {
1363 case LTTNG_SYSCALL_ENTRY:
1364 switch (abi) {
1365 case LTTNG_SYSCALL_ABI_NATIVE:
1366 prefix_len = strlen(SYSCALL_ENTRY_STR);
1367 break;
1368 case LTTNG_SYSCALL_ABI_COMPAT:
1369 prefix_len = strlen(COMPAT_SYSCALL_ENTRY_STR);
1370 break;
1371 }
1372 break;
1373 case LTTNG_SYSCALL_EXIT:
1374 switch (abi) {
1375 case LTTNG_SYSCALL_ABI_NATIVE:
1376 prefix_len = strlen(SYSCALL_EXIT_STR);
1377 break;
1378 case LTTNG_SYSCALL_ABI_COMPAT:
1379 prefix_len = strlen(COMPAT_SYSCALL_EXIT_STR);
1380 break;
1381 }
1382 break;
1383 }
1384 WARN_ON_ONCE(prefix_len == 0);
1385 return desc_name + prefix_len;
1386 }
1387
1388 static
1389 int lttng_syscall_filter_enable(
1390 struct lttng_syscall_filter *filter,
1391 const char *desc_name, enum lttng_syscall_abi abi,
1392 enum lttng_syscall_entryexit entryexit)
1393 {
1394 const char *syscall_name;
1395 unsigned long *bitmap;
1396 int syscall_nr;
1397
1398 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1399
1400 switch (abi) {
1401 case LTTNG_SYSCALL_ABI_NATIVE:
1402 syscall_nr = get_syscall_nr(syscall_name);
1403 break;
1404 case LTTNG_SYSCALL_ABI_COMPAT:
1405 syscall_nr = get_compat_syscall_nr(syscall_name);
1406 break;
1407 default:
1408 return -EINVAL;
1409 }
1410 if (syscall_nr < 0)
1411 return -ENOENT;
1412
1413 switch (entryexit) {
1414 case LTTNG_SYSCALL_ENTRY:
1415 switch (abi) {
1416 case LTTNG_SYSCALL_ABI_NATIVE:
1417 bitmap = filter->sc_entry;
1418 break;
1419 case LTTNG_SYSCALL_ABI_COMPAT:
1420 bitmap = filter->sc_compat_entry;
1421 break;
1422 default:
1423 return -EINVAL;
1424 }
1425 break;
1426 case LTTNG_SYSCALL_EXIT:
1427 switch (abi) {
1428 case LTTNG_SYSCALL_ABI_NATIVE:
1429 bitmap = filter->sc_exit;
1430 break;
1431 case LTTNG_SYSCALL_ABI_COMPAT:
1432 bitmap = filter->sc_compat_exit;
1433 break;
1434 default:
1435 return -EINVAL;
1436 }
1437 break;
1438 default:
1439 return -EINVAL;
1440 }
1441 if (test_bit(syscall_nr, bitmap))
1442 return -EEXIST;
1443 bitmap_set(bitmap, syscall_nr, 1);
1444 return 0;
1445 }
1446
1447 int lttng_syscall_filter_enable_event_notifier(
1448 struct lttng_kernel_event_notifier *event_notifier)
1449 {
1450 struct lttng_event_notifier_group *group = event_notifier->priv->group;
1451 unsigned int syscall_id = event_notifier->priv->parent.u.syscall.syscall_id;
1452 struct hlist_head *dispatch_list;
1453 int ret = 0;
1454
1455 WARN_ON_ONCE(event_notifier->priv->parent.instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1456
1457 ret = lttng_syscall_filter_enable(group->sc_filter,
1458 event_notifier->priv->parent.desc->event_name,
1459 event_notifier->priv->parent.u.syscall.abi,
1460 event_notifier->priv->parent.u.syscall.entryexit);
1461 if (ret) {
1462 goto end;
1463 }
1464
1465 switch (event_notifier->priv->parent.u.syscall.entryexit) {
1466 case LTTNG_SYSCALL_ENTRY:
1467 switch (event_notifier->priv->parent.u.syscall.abi) {
1468 case LTTNG_SYSCALL_ABI_NATIVE:
1469 dispatch_list = &group->event_notifier_syscall_dispatch[syscall_id];
1470 break;
1471 case LTTNG_SYSCALL_ABI_COMPAT:
1472 dispatch_list = &group->event_notifier_compat_syscall_dispatch[syscall_id];
1473 break;
1474 default:
1475 ret = -EINVAL;
1476 goto end;
1477 }
1478 break;
1479 case LTTNG_SYSCALL_EXIT:
1480 switch (event_notifier->priv->parent.u.syscall.abi) {
1481 case LTTNG_SYSCALL_ABI_NATIVE:
1482 dispatch_list = &group->event_notifier_exit_syscall_dispatch[syscall_id];
1483 break;
1484 case LTTNG_SYSCALL_ABI_COMPAT:
1485 dispatch_list = &group->event_notifier_exit_compat_syscall_dispatch[syscall_id];
1486 break;
1487 default:
1488 ret = -EINVAL;
1489 goto end;
1490 }
1491 break;
1492 default:
1493 ret = -EINVAL;
1494 goto end;
1495 }
1496
1497 hlist_add_head_rcu(&event_notifier->priv->parent.u.syscall.node, dispatch_list);
1498
1499 end:
1500 return ret ;
1501 }
1502
1503 int lttng_syscall_filter_enable_event(
1504 struct lttng_kernel_channel_buffer *channel,
1505 struct lttng_kernel_event_recorder *event_recorder)
1506 {
1507 WARN_ON_ONCE(event_recorder->priv->parent.instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1508
1509 return lttng_syscall_filter_enable(channel->priv->parent.sc_filter,
1510 event_recorder->priv->parent.desc->event_name,
1511 event_recorder->priv->parent.u.syscall.abi,
1512 event_recorder->priv->parent.u.syscall.entryexit);
1513 }
1514
1515 static
1516 int lttng_syscall_filter_disable(
1517 struct lttng_syscall_filter *filter,
1518 const char *desc_name, enum lttng_syscall_abi abi,
1519 enum lttng_syscall_entryexit entryexit)
1520 {
1521 const char *syscall_name;
1522 unsigned long *bitmap;
1523 int syscall_nr;
1524
1525 syscall_name = get_syscall_name(desc_name, abi, entryexit);
1526
1527 switch (abi) {
1528 case LTTNG_SYSCALL_ABI_NATIVE:
1529 syscall_nr = get_syscall_nr(syscall_name);
1530 break;
1531 case LTTNG_SYSCALL_ABI_COMPAT:
1532 syscall_nr = get_compat_syscall_nr(syscall_name);
1533 break;
1534 default:
1535 return -EINVAL;
1536 }
1537 if (syscall_nr < 0)
1538 return -ENOENT;
1539
1540 switch (entryexit) {
1541 case LTTNG_SYSCALL_ENTRY:
1542 switch (abi) {
1543 case LTTNG_SYSCALL_ABI_NATIVE:
1544 bitmap = filter->sc_entry;
1545 break;
1546 case LTTNG_SYSCALL_ABI_COMPAT:
1547 bitmap = filter->sc_compat_entry;
1548 break;
1549 default:
1550 return -EINVAL;
1551 }
1552 break;
1553 case LTTNG_SYSCALL_EXIT:
1554 switch (abi) {
1555 case LTTNG_SYSCALL_ABI_NATIVE:
1556 bitmap = filter->sc_exit;
1557 break;
1558 case LTTNG_SYSCALL_ABI_COMPAT:
1559 bitmap = filter->sc_compat_exit;
1560 break;
1561 default:
1562 return -EINVAL;
1563 }
1564 break;
1565 default:
1566 return -EINVAL;
1567 }
1568 if (!test_bit(syscall_nr, bitmap))
1569 return -EEXIST;
1570 bitmap_clear(bitmap, syscall_nr, 1);
1571
1572 return 0;
1573 }
1574
1575 int lttng_syscall_filter_disable_event_notifier(
1576 struct lttng_kernel_event_notifier *event_notifier)
1577 {
1578 struct lttng_event_notifier_group *group = event_notifier->priv->group;
1579 int ret;
1580
1581 WARN_ON_ONCE(event_notifier->priv->parent.instrumentation != LTTNG_KERNEL_ABI_SYSCALL);
1582
1583 ret = lttng_syscall_filter_disable(group->sc_filter,
1584 event_notifier->priv->parent.desc->event_name,
1585 event_notifier->priv->parent.u.syscall.abi,
1586 event_notifier->priv->parent.u.syscall.entryexit);
1587 WARN_ON_ONCE(ret != 0);
1588
1589 hlist_del_rcu(&event_notifier->priv->parent.u.syscall.node);
1590 return 0;
1591 }
1592
1593 int lttng_syscall_filter_disable_event(
1594 struct lttng_kernel_channel_buffer *channel,
1595 struct lttng_kernel_event_recorder *event_recorder)
1596 {
1597 return lttng_syscall_filter_disable(channel->priv->parent.sc_filter,
1598 event_recorder->priv->parent.desc->event_name,
1599 event_recorder->priv->parent.u.syscall.abi,
1600 event_recorder->priv->parent.u.syscall.entryexit);
1601 }
1602
1603 static
1604 const struct trace_syscall_entry *syscall_list_get_entry(loff_t *pos)
1605 {
1606 const struct trace_syscall_entry *entry;
1607 int iter = 0;
1608
1609 for (entry = sc_table.table;
1610 entry < sc_table.table + sc_table.len;
1611 entry++) {
1612 if (iter++ >= *pos)
1613 return entry;
1614 }
1615 for (entry = compat_sc_table.table;
1616 entry < compat_sc_table.table + compat_sc_table.len;
1617 entry++) {
1618 if (iter++ >= *pos)
1619 return entry;
1620 }
1621 /* End of list */
1622 return NULL;
1623 }
1624
1625 static
1626 void *syscall_list_start(struct seq_file *m, loff_t *pos)
1627 {
1628 return (void *) syscall_list_get_entry(pos);
1629 }
1630
1631 static
1632 void *syscall_list_next(struct seq_file *m, void *p, loff_t *ppos)
1633 {
1634 (*ppos)++;
1635 return (void *) syscall_list_get_entry(ppos);
1636 }
1637
1638 static
1639 void syscall_list_stop(struct seq_file *m, void *p)
1640 {
1641 }
1642
1643 static
1644 int get_sc_table(const struct trace_syscall_entry *entry,
1645 const struct trace_syscall_entry **table,
1646 unsigned int *bitness)
1647 {
1648 if (entry >= sc_table.table && entry < sc_table.table + sc_table.len) {
1649 if (bitness)
1650 *bitness = BITS_PER_LONG;
1651 if (table)
1652 *table = sc_table.table;
1653 return 0;
1654 }
1655 if (!(entry >= compat_sc_table.table
1656 && entry < compat_sc_table.table + compat_sc_table.len)) {
1657 return -EINVAL;
1658 }
1659 if (bitness)
1660 *bitness = 32;
1661 if (table)
1662 *table = compat_sc_table.table;
1663 return 0;
1664 }
1665
1666 static
1667 int syscall_list_show(struct seq_file *m, void *p)
1668 {
1669 const struct trace_syscall_entry *table, *entry = p;
1670 unsigned int bitness;
1671 unsigned long index;
1672 int ret;
1673 const char *name;
1674
1675 ret = get_sc_table(entry, &table, &bitness);
1676 if (ret)
1677 return ret;
1678 if (!entry->desc)
1679 return 0;
1680 if (table == sc_table.table) {
1681 index = entry - table;
1682 name = &entry->desc->event_name[strlen(SYSCALL_ENTRY_STR)];
1683 } else {
1684 index = (entry - table) + sc_table.len;
1685 name = &entry->desc->event_name[strlen(COMPAT_SYSCALL_ENTRY_STR)];
1686 }
1687 seq_printf(m, "syscall { index = %lu; name = %s; bitness = %u; };\n",
1688 index, name, bitness);
1689 return 0;
1690 }
1691
1692 static
1693 const struct seq_operations lttng_syscall_list_seq_ops = {
1694 .start = syscall_list_start,
1695 .next = syscall_list_next,
1696 .stop = syscall_list_stop,
1697 .show = syscall_list_show,
1698 };
1699
1700 static
1701 int lttng_syscall_list_open(struct inode *inode, struct file *file)
1702 {
1703 return seq_open(file, &lttng_syscall_list_seq_ops);
1704 }
1705
1706 const struct file_operations lttng_syscall_list_fops = {
1707 .owner = THIS_MODULE,
1708 .open = lttng_syscall_list_open,
1709 .read = seq_read,
1710 .llseek = seq_lseek,
1711 .release = seq_release,
1712 };
1713
1714 /*
1715 * A syscall is enabled if it is traced for either entry or exit.
1716 */
1717 long lttng_channel_syscall_mask(struct lttng_kernel_channel_buffer *channel,
1718 struct lttng_kernel_abi_syscall_mask __user *usyscall_mask)
1719 {
1720 uint32_t len, sc_tables_len, bitmask_len;
1721 int ret = 0, bit;
1722 char *tmp_mask;
1723 struct lttng_syscall_filter *filter;
1724
1725 ret = get_user(len, &usyscall_mask->len);
1726 if (ret)
1727 return ret;
1728 sc_tables_len = get_sc_tables_len();
1729 bitmask_len = ALIGN(sc_tables_len, 8) >> 3;
1730 if (len < sc_tables_len) {
1731 return put_user(sc_tables_len, &usyscall_mask->len);
1732 }
1733 /* Array is large enough, we can copy array to user-space. */
1734 tmp_mask = kzalloc(bitmask_len, GFP_KERNEL);
1735 if (!tmp_mask)
1736 return -ENOMEM;
1737 filter = channel->priv->parent.sc_filter;
1738
1739 for (bit = 0; bit < sc_table.len; bit++) {
1740 char state;
1741
1742 if (channel->priv->parent.sc_table) {
1743 if (!(READ_ONCE(channel->priv->parent.syscall_all_entry)
1744 || READ_ONCE(channel->priv->parent.syscall_all_exit)) && filter)
1745 state = test_bit(bit, filter->sc_entry)
1746 || test_bit(bit, filter->sc_exit);
1747 else
1748 state = 1;
1749 } else {
1750 state = 0;
1751 }
1752 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1753 }
1754 for (; bit < sc_tables_len; bit++) {
1755 char state;
1756
1757 if (channel->priv->parent.compat_sc_table) {
1758 if (!(READ_ONCE(channel->priv->parent.syscall_all_entry)
1759 || READ_ONCE(channel->priv->parent.syscall_all_exit)) && filter)
1760 state = test_bit(bit - sc_table.len,
1761 filter->sc_compat_entry)
1762 || test_bit(bit - sc_table.len,
1763 filter->sc_compat_exit);
1764 else
1765 state = 1;
1766 } else {
1767 state = 0;
1768 }
1769 bt_bitfield_write_be(tmp_mask, char, bit, 1, state);
1770 }
1771 if (copy_to_user(usyscall_mask->mask, tmp_mask, bitmask_len))
1772 ret = -EFAULT;
1773 kfree(tmp_mask);
1774 return ret;
1775 }
1776
1777 int lttng_abi_syscall_list(void)
1778 {
1779 struct file *syscall_list_file;
1780 int file_fd, ret;
1781
1782 file_fd = lttng_get_unused_fd();
1783 if (file_fd < 0) {
1784 ret = file_fd;
1785 goto fd_error;
1786 }
1787
1788 syscall_list_file = anon_inode_getfile("[lttng_syscall_list]",
1789 &lttng_syscall_list_fops,
1790 NULL, O_RDWR);
1791 if (IS_ERR(syscall_list_file)) {
1792 ret = PTR_ERR(syscall_list_file);
1793 goto file_error;
1794 }
1795 ret = lttng_syscall_list_fops.open(NULL, syscall_list_file);
1796 if (ret < 0)
1797 goto open_error;
1798 fd_install(file_fd, syscall_list_file);
1799 return file_fd;
1800
1801 open_error:
1802 fput(syscall_list_file);
1803 file_error:
1804 put_unused_fd(file_fd);
1805 fd_error:
1806 return ret;
1807 }
LTTng 2.0/0.x modules
This page took 0.100451 seconds and 5 git commands to generate.