diff options
| author | hunt <hunt> | 2006-07-21 20:56:53 +0000 |
|---|---|---|
| committer | hunt <hunt> | 2006-07-21 20:56:53 +0000 |
| commit | 8ec2ec15a82b10dc3315cd558c72bbe6f5ef543b (patch) | |
| tree | 2deed6e413e98ed96ced9e008336dec0c107f5da /tapset | |
| parent | 59ca1d89d955ad8b017a499e90fe5b800e6e3443 (diff) | |
| download | systemtap-steved-8ec2ec15a82b10dc3315cd558c72bbe6f5ef543b.tar.gz systemtap-steved-8ec2ec15a82b10dc3315cd558c72bbe6f5ef543b.tar.xz systemtap-steved-8ec2ec15a82b10dc3315cd558c72bbe6f5ef543b.zip | |
*** empty log message ***
Diffstat (limited to 'tapset')
| -rw-r--r-- | tapset/syscalls.stp | 109 | ||||
| -rw-r--r-- | tapset/syscalls2.stp | 303 |
2 files changed, 270 insertions, 142 deletions
diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp index 3b14c2e6..51121f9c 100644 --- a/tapset/syscalls.stp +++ b/tapset/syscalls.stp @@ -767,11 +767,14 @@ probe syscall.fsetxattr.return = kernel.function("sys_fsetxattr").return { # long sys_fstat64(unsigned long fd, struct stat64 __user * statbuf) # long sys32_fstat64(unsigned int fd, struct stat64 __user *statbuf) # long sys_newfstat(unsigned int fd, struct stat __user * statbuf) +# long compat_sys_newfstat(unsigned int fd, struct compat_stat __user * statbuf) +# probe syscall.fstat = kernel.function("sys_fstat") ?, kernel.function("sys_fstat64") ?, kernel.function("sys32_fstat64") ?, - kernel.function("sys_newfstat") ? + kernel.function("sys_newfstat") ?, + kernel.function("compat_sys_newfstat") ? { name = "fstat" filedes = $fd @@ -782,7 +785,8 @@ probe syscall.fstat.return = kernel.function("sys_fstat").return ?, kernel.function("sys_fstat64").return ?, kernel.function("sys32_fstat64").return ?, - kernel.function("sys_newfstat").return ? + kernel.function("sys_newfstat").return ?, + kernel.function("compat_sys_newfstat").return ? { name = "fstat" retstr = returnstr(1) @@ -790,13 +794,21 @@ probe syscall.fstat.return = # fstatfs ____________________________________________________ # long sys_fstatfs(unsigned int fd, struct statfs __user * buf) -probe syscall.fstatfs = kernel.function("sys_fstatfs") { +# long compat_sys_fstatfs(unsigned int fd, struct compat_statfs __user *buf) +# +probe syscall.fstatfs = + kernel.function("sys_fstatfs"), + kernel.function("compat_sys_fstatfs") ? +{ name = "fstatfs" fd = $fd buf_uaddr = $buf - argstr = sprintf("%d, %p", fd, buf_uaddr) + argstr = sprintf("%d, %p", $fd, $buf) } -probe syscall.fstatfs.return = kernel.function("sys_fstatfs").return { +probe syscall.fstatfs.return = + kernel.function("sys_fstatfs").return, + kernel.function("compat_sys_fstatfs").return ? +{ name = "fstatfs" retstr = returnstr(1) } @@ -1023,6 +1035,17 @@ probe syscall.getitimer.return = kernel.function("sys_getitimer").return { name = "getitimer" retstr = returnstr(1) } +# long compat_sys_getitimer(int which, struct compat_itimerval __user *it +probe syscall.compat_getitimer = kernel.function("compat_sys_getitimer") ? { + name = "getitimer" + which = $which + value_uaddr = $it + argstr = sprintf("%s, %p", _itimer_which_str($which), $it) +} +probe syscall.compat_getitimer.return = kernel.function("compat_sys_getitimer").return { + name = "getitimer" + retstr = returnstr(1) +} # get_mempolicy ______________________________________________ # long sys_get_mempolicy(int __user *policy, @@ -1267,14 +1290,23 @@ probe syscall.gettid.return = kernel.function("sys_gettid").return { # gettimeofday _______________________________________________ # long sys_gettimeofday(struct timeval __user *tv, -# struct timezone __user *tz) -probe syscall.gettimeofday = kernel.function("sys_gettimeofday") { +# struct timezone __user *tz) +# long sys32_gettimeofday(struct compat_timeval __user *tv, +# struct timezone __user *tz) +probe syscall.gettimeofday = + kernel.function("sys_gettimeofday"), + kernel.function("sys32_gettimeofday") ? +{ name = "gettimeofday" tv_uaddr = $tv tz_uaddr = $tz argstr = sprintf("%p, %p", $tv, $tz) } -probe syscall.gettimeofday.return = kernel.function("sys_gettimeofday").return { + +probe syscall.gettimeofday.return = + kernel.function("sys_gettimeofday").return, + kernel.function("sys32_gettimeofday").return ? +{ name = "gettimeofday" retstr = returnstr(1) } @@ -1739,16 +1771,26 @@ probe syscall.lsetxattr.return = kernel.function("sys_lsetxattr").return { # lstat ______________________________________________________ # long sys_lstat(char __user * filename, struct __old_kernel_stat __user * statbuf) +# long sys_newlstat(char __user * filename, struct stat __user * statbuf) +# long compat_sys_newlstat(char __user * filename, struct compat_stat __user *statbuf) +# long sys32_lstat64(char * filename, struct stat64 __user *statbuf) +# probe syscall.lstat = - kernel.function("sys_lstat") ? + kernel.function("sys_lstat") ?, + kernel.function("sys_newlstat") ?, + kernel.function("compat_sys_newlstat") ?, + kernel.function("sys32_lstat64") ? { name = "lstat" file_name = user_string($filename) buf_uaddr = $statbuf - argstr = sprintf("%s, %p", user_string_quoted($filename), buf_uaddr) + argstr = sprintf("%s, %p", user_string_quoted($filename), $statbuf) } probe syscall.lstat.return = - kernel.function("sys_lstat").return ? + kernel.function("sys_lstat").return ?, + kernel.function("sys_newlstat").return ?, + kernel.function("compat_sys_newlstat").return ?, + kernel.function("sys32_lstat64").return ? { name = "lstat" retstr = returnstr(1) @@ -1888,12 +1930,6 @@ probe syscall.mlockall.return = kernel.function("sys_mlockall").return { # long sys_mmap(unsigned long addr, unsigned long len, # unsigned long prot, unsigned long flags, # unsigned long fd, unsigned long off) -%(arch == "x86_64" %? -probe syscall.mmap = kernel.function("sys_mmap") ? { - name = "mmap" - argstr = "" -} -%: probe syscall.mmap = kernel.function("sys_mmap") ? { name = "mmap" start = $addr @@ -1909,7 +1945,6 @@ probe syscall.mmap = kernel.function("sys_mmap") ? { argstr = sprintf("%p, %d, %s, %s, %d, %d", $addr, $len, _mprotect_prot_str($prot), _mmap_flags($flags), $fd, offset) } -%) probe syscall.mmap.return = kernel.function("sys_mmap").return ? { name = "mmap" @@ -1920,7 +1955,14 @@ probe syscall.mmap.return = kernel.function("sys_mmap").return ? { # long sys_mmap2(unsigned long addr, unsigned long len, # unsigned long prot, unsigned long flags, # unsigned long fd, unsigned long pgoff) -probe syscall.mmap2 = kernel.function("sys_mmap2") ? { +# long sys32_mmap2(unsigned long addr, unsigned long len, +# unsigned long prot, unsigned long flags, +# unsigned long fd, unsigned long pgoff) +# +probe syscall.mmap2 = + kernel.function("sys_mmap2") ?, + kernel.function("sys32_mmap2") ? +{ name = "mmap2" start = $addr length = $len @@ -1932,12 +1974,14 @@ probe syscall.mmap2 = kernel.function("sys_mmap2") ? { $len, _mprotect_prot_str($prot), _mmap_flags($flags), $fd, $pgoff) } -probe syscall.mmap2.return = kernel.function("sys_mmap2").return ? { +probe syscall.mmap2.return = + kernel.function("sys_mmap2").return ?, + kernel.function("sys32_mmap2").return ? +{ name = "mmap2" retstr = returnstr(2) } - # modify_ldt _________________________________________________ # int sys_modify_ldt(int func, void __user *ptr, unsigned long bytecount) # @@ -1955,11 +1999,19 @@ probe syscall.modify_ldt.return = kernel.function("sys_modify_ldt").return ? { # mount ______________________________________________________ # long sys_mount(char __user * dev_name, -# char __user * dir_name, -# char __user * type, -# unsigned long flags, -# void __user * data) -probe syscall.mount = kernel.function("sys_mount") { +# char __user * dir_name, +# char __user * type, +# unsigned long flags, +# void __user * data) +# long compat_sys_mount(char __user * dev_name, +# char __user * dir_name, +# char __user * type, +# unsigned long flags, +# void __user * data) +probe syscall.mount = + kernel.function("sys_mount"), + kernel.function("compat_sys_mount") ? +{ name = "mount" source = user_string($dev_name) target = user_string($dir_name) @@ -1973,7 +2025,10 @@ probe syscall.mount = kernel.function("sys_mount") { user_string_quoted($type), mountflags_str, data) } -probe syscall.mount.return = kernel.function("sys_mount").return { +probe syscall.mount.return = + kernel.function("sys_mount").return, + kernel.function("compat_sys_mount").return ? +{ name = "mount" retstr = returnstr(1) } diff --git a/tapset/syscalls2.stp b/tapset/syscalls2.stp index 9b6b7e91..046c5bb3 100644 --- a/tapset/syscalls2.stp +++ b/tapset/syscalls2.stp @@ -23,64 +23,31 @@ # nanosleep __________________________________________________ # # long sys_nanosleep(struct timespec __user *rqtp, -# struct timespec __user *rmtp) +# struct timespec __user *rmtp) +# long compat_sys_nanosleep(struct compat_timespec __user *rqtp, +# struct compat_timespec __user *rmtp) # probe syscall.nanosleep = kernel.function("sys_nanosleep") { name = "nanosleep" req_uaddr = $rqtp rem_uaddr = $rmtp - argstr = sprintf("%s, %p", _struct_timespec_u(req_uaddr), $rmtp) + argstr = sprintf("%s, %p", _struct_timespec_u($rqtp), $rmtp) } probe syscall.nanosleep.return = kernel.function("sys_nanosleep").return { name = "nanosleep" retstr = returnstr(1) } -# newlstat ___________________________________________________ -# -# long sys_newlstat(char __user * filename, -# struct stat __user * statbuf) -# -probe syscall.newlstat = kernel.function("sys_newlstat") ?, - kernel.function("compat_sys_newlstat") ? { - name = "newlstat" - pathname = user_string($filename) - buf_uaddr = $statbuf - argstr = sprintf("%s, %p", - user_string_quoted($filename), buf_uaddr) -} -probe syscall.newlstat.return = kernel.function("sys_newlstat").return ?, - kernel.function("compat_sys_newlstat").return ? { - name = "newlstat" - retstr = returnstr(1) -} -# newstat ____________________________________________________ -# -# long sys_newstat(char __user * filename, -# struct stat __user * statbuf) -# -probe syscall.newstat = kernel.function("sys_newstat") { - name = "stat" - pathname = user_string($filename) - buf_uaddr = $statbuf - argstr = sprintf("%s, %p", user_string_quoted($filename), buf_uaddr) -} -probe syscall.newstat.return = kernel.function("sys_newstat").return { - name = "stat" - retstr = returnstr(1) -} -# newuname ___________________________________________________ -# -# long sys_newuname(struct new_utsname __user * name) -# -probe syscall.newuname = kernel.function("sys_newuname") { - name = "uname" - name_uaddr = $name - argstr = sprintf("%p", name_uaddr) +probe syscall.compat_nanosleep = kernel.function("compat_sys_nanosleep") ? { + name = "nanosleep" + req_uaddr = $rqtp + rem_uaddr = $rmtp + argstr = sprintf("%s, %p", _struct_compat_timespec_u($rqtp), $rmtp) } -probe syscall.newuname.return = kernel.function("sys_newuname").return { - name = "uname" +probe syscall.compat_nanosleep.return = kernel.function("compat_sys_nanosleep").return ? { + name = "nanosleep" retstr = returnstr(1) } + # nfsservctl _________________________________________________ # # long asmlinkage @@ -99,25 +66,23 @@ probe syscall.nfsservctl.return = kernel.function("sys_nfsservctl").return { name = "nfsservctl" retstr = returnstr(1) } + # nice _______________________________________________________ +# long sys_nice(int increment) # -# asmlinkage long -# sys_nice(int increment) -# -probe syscall.nice = - kernel.function("sys_nice") { +probe syscall.nice = kernel.function("sys_nice") { name = "nice" inc = $increment - argstr = sprintf("%d", inc) + argstr = sprintf("%d", $increment) } probe syscall.nice.return = kernel.function("sys_nice").return { name = "nice" retstr = returnstr(1) } + # ni_syscall _________________________________________________ # -# asmlinkage long -# sys_ni_syscall(void) +# long sys_ni_syscall(void) # probe syscall.ni_syscall = kernel.function("sys_ni_syscall") { name = "ni_syscall" @@ -127,6 +92,7 @@ probe syscall.ni_syscall.return = kernel.function("sys_ni_syscall").return { name = "ni_syscall" retstr = returnstr(1) } + # old_getrlimit ______________________________________________ # # asmlinkage long @@ -464,14 +430,20 @@ probe syscall.readlink.return = kernel.function("sys_readlink").return { name = "readlink" retstr = returnstr(1) } + # readv ______________________________________________________ # -# asmlinkage ssize_t -# sys_readv(unsigned long fd, -# const struct iovec __user *vec, -# unsigned long vlen) +# ssize_t sys_readv(unsigned long fd, +# const struct iovec __user *vec, +# unsigned long vlen) +# ssize_t compat_sys_readv(unsigned long fd, +# const struct compat_iovec __user *vec, +# unsigned long vlen) # -probe syscall.readv = kernel.function("sys_readv") { +probe syscall.readv = + kernel.function("sys_readv"), + kernel.function("compat_sys_readv") ? +{ name = "readv" vector_uaddr = $vec count = $vlen @@ -483,10 +455,14 @@ probe syscall.readv = kernel.function("sys_readv") { argstr = sprintf("unknown fd, %p, %d", $vec, $vlen) %) } -probe syscall.readv.return = kernel.function("sys_readv").return { +probe syscall.readv.return = + kernel.function("sys_readv").return, + kernel.function("compat_sys_readv").return ? +{ name = "readv" retstr = returnstr(1) } + # reboot _____________________________________________________ # # asmlinkage long @@ -670,6 +646,7 @@ probe syscall.rmdir.return = kernel.function("sys_rmdir").return { name = "rmdir" retstr = returnstr(1) } + # rt_sigaction _______________________________________________ # # long sys_rt_sigaction(int sig, @@ -692,11 +669,30 @@ probe syscall.rt_sigaction.return = kernel.function("sys_rt_sigaction").return { name = "rt_sigaction" retstr = returnstr(1) } +# +# long sys32_rt_sigaction(int sig, +# struct sigaction32 __user *act, +# struct sigaction32 __user *oact, +# unsigned int sigsetsize) +probe syscall.rt_sigaction32 = kernel.function("sys32_rt_sigaction") ? { + name = "rt_sigaction" + sig = $sig + act_uaddr = $act + oact_uaddr = $oact + sigsetsize = $sigsetsize + + //FIXME - decode $act + argstr = sprintf("%s, %p, %p, %d", _signal_name($sig), + $act, $oact, $sigsetsize) +} +probe syscall.rt_sigaction32.return = kernel.function("sys32_rt_sigaction").return ? { + name = "rt_sigaction" + retstr = returnstr(1) +} + # rt_sigpending ______________________________________________ # -# asmlinkage long -# sys_rt_sigpending(sigset_t __user *set, -# size_t sigsetsize) +# long sys_rt_sigpending(sigset_t __user *set, size_t sigsetsize) # probe syscall.rt_sigpending = kernel.function("do_sigpending") { name = "rt_sigpending" @@ -708,6 +704,7 @@ probe syscall.rt_sigpending.return = kernel.function("do_sigpending").return { name = "rt_sigpending" retstr = returnstr(1) } + # rt_sigprocmask _____________________________________________ # # long sys_rt_sigprocmask(int how, @@ -1265,8 +1262,7 @@ probe syscall.sethostname.return = kernel.function("sys_sethostname").return { } # setitimer __________________________________________________ # -# asmlinkage long -# sys_setitimer(int which, +# long sys_setitimer(int which, # struct itimerval __user *value, # struct itimerval __user *ovalue) # @@ -1282,6 +1278,23 @@ probe syscall.setitimer.return = kernel.function("sys_setitimer").return { name = "setitimer" retstr = returnstr(1) } +# +# long compat_sys_setitimer(int which, +# struct compat_itimerval __user *in, +# struct compat_itimerval __user *out) +# +probe syscall.compat_setitimer = kernel.function("compat_sys_setitimer") ? { + name = "setitimer" + which = $which + value_uaddr = $in + ovalue_uaddr = $out + argstr = sprintf("%s, %s, %p", _itimer_which_str($which), + _struct_compat_itimerval_u($in), $out) +} +probe syscall.compat_setitimer.return = kernel.function("compat_sys_setitimer").return ? { + name = "setitimer" + retstr = returnstr(1) +} # set_mempolicy ______________________________________________ # long sys_set_mempolicy(int mode, @@ -1341,9 +1354,9 @@ probe syscall.setpriority.return = kernel.function("sys_setpriority").return { # probe syscall.setregid = kernel.function("sys_setregid") { name = "setregid" - rgid = $rgid - egid = $egid - argstr = sprintf("%d, %d", $rgid, $egid) + rgid = __uid($rgid) + egid = __uid($egid) + argstr = sprintf("%d, %d", rgid, egid) } probe syscall.setregid.return = kernel.function("sys_setregid").return { name = "setregid" @@ -1367,10 +1380,10 @@ probe syscall.setregid16.return = kernel.function("sys_setregid16").return ? { # probe syscall.setresgid = kernel.function("sys_setresgid") { name = "setresgid" - rgid = $rgid - egid = $egid - sgid = $sgid - argstr = sprintf("%d, %d, %d", $rgid, $egid, $sgid) + rgid = __uid($rgid) + egid = __uid($egid) + sgid = __uid($sgid) + argstr = sprintf("%d, %d, %d", rgid, egid, sgid) } probe syscall.setresgid.return = kernel.function("sys_setresgid").return { name = "setresgid" @@ -1393,28 +1406,26 @@ probe syscall.setresgid16.return = kernel.function("sys_setresgid16").return ? { name = "setresgid16" retstr = returnstr(1) } + # setresuid __________________________________________________ # -# long sys_setresuid(uid_t ruid, -# uid_t euid, -# uid_t suid) +# long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) # probe syscall.setresuid = kernel.function("sys_setresuid") { name = "setresuid" - ruid = $ruid - euid = $euid - suid = $suid - argstr = sprintf("%d, %d, %d", $ruid, $euid, $suid) + ruid = __uid($ruid) + euid = __uid($euid) + suid = __uid($suid) + argstr = sprintf("%d, %d, %d", ruid, euid, suid) } probe syscall.setresuid.return = kernel.function("sys_setresuid").return { name = "setresuid" retstr = returnstr(1) } + # setresuid16 ________________________________________________ # -# long sys_setresuid16(old_uid_t ruid, -# old_uid_t euid, -# old_uid_t suid) +# long sys_setresuid16(old_uid_t ruid, old_uid_t euid, old_uid_t suid) # probe syscall.setresuid16 = kernel.function("sys_setresuid16") ? { name = "setresuid16" @@ -1427,14 +1438,15 @@ probe syscall.setresuid16.return = kernel.function("sys_setresuid16").return ? { name = "setresuid16" retstr = returnstr(1) } + # setreuid ___________________________________________________ # long sys_setreuid(uid_t ruid, uid_t euid) # probe syscall.setreuid = kernel.function("sys_setreuid") { name = "setreuid" - ruid = $ruid - euid = $euid - argstr = sprintf("%d, %d", $ruid, $euid) + ruid = __uid($ruid) + euid = __uid($euid) + argstr = sprintf("%d, %d", ruid, euid) } probe syscall.setreuid.return = kernel.function("sys_setreuid").return { name = "setreuid" @@ -1532,11 +1544,22 @@ probe syscall.settimeofday = kernel.function("sys_settimeofday") { name = "settimeofday" tv_uaddr = $tv tz_uaddr = $tz - argstr = sprintf("%s, %s", _struct_timeval_u($tv), - _struct_timezone_u($tz)) + argstr = sprintf("%s, %s", _struct_timeval_u($tv), _struct_timezone_u($tz)) } -probe syscall.settimeofday.return = - kernel.function("sys_settimeofday").return { +probe syscall.settimeofday.return = kernel.function("sys_settimeofday").return { + name = "settimeofday" + retstr = returnstr(1) +} +# +# long sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz) +# +probe syscall.settimeofday32 = kernel.function("sys32_settimeofday") ? { + name = "settimeofday" + tv_uaddr = $tv + tz_uaddr = $tz + argstr = sprintf("%s, %s", _struct_compat_timeval_u($tv),_struct_timezone_u($tz)) +} +probe syscall.settimeofday32.return = kernel.function("sys32_settimeofday").return ? { name = "settimeofday" retstr = returnstr(1) } @@ -1815,10 +1838,15 @@ probe syscall.ssetmask.return = kernel.function("sys_ssetmask").return { # stat _______________________________________________________ # long sys_stat(char __user * filename, struct __old_stat __user * statbuf) -# +# long sys32_stat64(char __user * filename, struct stat64 __user *statbuf) +# long sys_stat64(char __user * filename, struct stat64 __user * statbuf) +# long compat_sys_newstat(char __user * filename, struct compat_stat __user *statbuf) probe syscall.stat = kernel.function("sys_stat") ?, - kernel.function("sys_newstat") ? + kernel.function("sys_newstat") ?, + kernel.function("sys32_stat64") ?, + kernel.function("sys_stat64") ?, + kernel.function("compat_sys_newstat") ? { name = "stat" filename_uaddr = $filename @@ -1828,7 +1856,10 @@ probe syscall.stat = } probe syscall.stat.return = kernel.function("sys_stat").return ?, - kernel.function("sys_newstat").return ? + kernel.function("sys_newstat").return ?, + kernel.function("sys32_stat64").return ?, + kernel.function("sys_stat64").return ?, + kernel.function("compat_sys_newstat").return ? { name = "stat" retstr = returnstr(1) @@ -1836,14 +1867,21 @@ probe syscall.stat.return = # statfs _____________________________________________________ # long sys_statfs(const char __user * path, struct statfs __user * buf) +# long compat_sys_statfs(const char __user *path, struct compat_statfs __user *buf) # -probe syscall.statfs = kernel.function("sys_statfs") { +probe syscall.statfs = + kernel.function("sys_statfs"), + kernel.function("compat_sys_statfs") ? +{ name = "statfs" path = user_string($path) buf_uaddr = $buf argstr = sprintf("%s, %p", user_string_quoted($path), $buf) } -probe syscall.statfs.return = kernel.function("sys_statfs").return { +probe syscall.statfs.return = + kernel.function("sys_statfs").return, + kernel.function("compat_sys_statfs").return ? +{ name = "statfs" retstr = returnstr(1) } @@ -1865,10 +1903,10 @@ probe syscall.statfs64.return = kernel.function("sys_statfs64").return { name = "statfs64" retstr = returnstr(1) } + # stime ______________________________________________________ # -# asmlinkage long -# sys_stime(time_t __user *tptr) +# long sys_stime(time_t __user *tptr) # probe syscall.stime = kernel.function("sys_stime") { name = "stime" @@ -1881,6 +1919,7 @@ probe syscall.stime.return = kernel.function("sys_stime").return { name = "stime" retstr = returnstr(1) } + # swapoff ____________________________________________________ # # asmlinkage long @@ -2023,13 +2062,26 @@ probe syscall.tgkill.return = kernel.function("sys_tgkill").return { # time _______________________________________________________ # # long sys_time(time_t __user * tloc) -# -probe syscall.time = kernel.function("sys_time") { +# long sys_time64(long __user * tloc) +# long sys32_time(compat_time_t __user * tloc) +# long compat_sys_time(compat_time_t __user * tloc) +# +probe syscall.time = + kernel.function("sys_time"), + kernel.function("sys32_time") ?, + kernel.function("sys_time64") ?, + kernel.function("compat_sys_time") ? +{ name = "time" t_uaddr = $tloc argstr = sprintf("%p", $tloc) } -probe syscall.time.return = kernel.function("sys_time").return { +probe syscall.time.return = + kernel.function("sys_time").return, + kernel.function("sys32_time").return ?, + kernel.function("sys_time64").return ?, + kernel.function("compat_sys_time").return ? +{ name = "time" retstr = returnstr(1) } @@ -2222,27 +2274,26 @@ probe syscall.umount.return = kernel.function("sys_umount").return { } # uname ______________________________________________________ # -# asmlinkage int # int sys_uname(struct old_utsname __user *name) +# long sys_newuname(struct new_utsname __user * name) # -%(arch == "x86_64" %? -# more gcc 4.1 problems -probe syscall.uname = kernel.function("sys_uname") { - name = "uname" - argstr = "" -} -%: -probe syscall.uname = kernel.function("sys_uname") { +probe syscall.uname = + kernel.function("sys_uname") ?, + kernel.function("sys_newuname") ? +{ name = "uname" name_uaddr = $name - name_str = user_string($name) - argstr = user_string_quoted($name) + argstr = sprintf("%p", $name) } -%) -probe syscall.uname.return = kernel.function("sys_uname").return { + +probe syscall.uname.return = + kernel.function("sys_uname").return ?, + kernel.function("sys_newuname").return ? +{ name = "uname" retstr = returnstr(1) } + # unlink _____________________________________________________ # long sys_unlink(const char __user * pathname) # @@ -2278,7 +2329,7 @@ probe syscall.ustat = kernel.function("sys_ustat") { name = "ustat" dev = $dev ubuf_uaddr = $ubuf - argstr = sprintf("%d, %p", $dev, ubuf_uaddr) + argstr = sprintf("%d, %p", $dev, $ubuf) } probe syscall.ustat.return = kernel.function("sys_ustat").return { name = "ustat" @@ -2287,7 +2338,6 @@ probe syscall.ustat.return = kernel.function("sys_ustat").return { # utime ______________________________________________________ # long sys_utime(char __user * filename, struct utimbuf __user * times) -# probe syscall.utime = kernel.function("sys_utime") { name = "utime" filename_uaddr = $filename @@ -2300,6 +2350,20 @@ probe syscall.utime.return = kernel.function("sys_utime").return { name = "utime" retstr = returnstr(1) } +# long compat_sys_utime(char __user *filename, struct compat_utimbuf __user *t) +probe syscall.compat_utime = kernel.function("compat_sys_utime") ? { + name = "utime" + filename_uaddr = $filename + filename = user_string($filename) + buf_uaddr = $t + buf_str = _struct_compat_utimbuf_u($t) + argstr = sprintf("%s, [%s]", user_string_quoted($filename), _struct_compat_utimbuf_u($t)) +} +probe syscall.compat_utime.return = kernel.function("compat_sys_utime").return { + name = "utime" + retstr = returnstr(1) +} + # utimes _____________________________________________________ # # asmlinkage long @@ -2425,8 +2489,14 @@ probe syscall.write.return = kernel.function("sys_write").return { # ssize_t sys_writev(unsigned long fd, # const struct iovec __user *vec, # unsigned long vlen) +# ssize_t compat_sys_writev(unsigned long fd, +# const struct compat_iovec __user *vec, +# unsigned long vlen) # -probe syscall.writev = kernel.function("sys_writev") { +probe syscall.writev = + kernel.function("sys_writev"), + kernel.function("compat_sys_writev") ? +{ name = "writev" vector_uaddr = $vec count = $vlen @@ -2438,7 +2508,10 @@ probe syscall.writev = kernel.function("sys_writev") { argstr = sprintf("unknown fd, %p, %d", $vec, $vlen) %) } -probe syscall.writev.return = kernel.function("sys_writev").return { +probe syscall.writev.return = + kernel.function("sys_writev").return, + kernel.function("compat_sys_writev").return ? +{ name = "writev" retstr = returnstr(1) } |