summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--tapset/ChangeLog11
-rw-r--r--tapset/aux_syscalls.stp53
-rw-r--r--tapset/i686/syscalls.stp263
-rw-r--r--tapset/ppc64/syscalls.stp172
-rw-r--r--tapset/syscalls.stp220
-rw-r--r--tapset/syscalls2.stp447
-rw-r--r--tapset/x86_64/syscalls.stp77
7 files changed, 461 insertions, 782 deletions
diff --git a/tapset/ChangeLog b/tapset/ChangeLog
index 6a3c0bf9..e6b508be 100644
--- a/tapset/ChangeLog
+++ b/tapset/ChangeLog
@@ -1,4 +1,15 @@
+2007-07-10 Martin Hunt <hunt@redhat.com>
+
+ * syscall*.stp: Major reorganization work.
+ * aux_syscalls.stp (_sigprocmask_how_str): Rewrite
+ in C so real arch-dependent header files
+ will be used.
+ (_mlockall_flags_str): Ditto.
+
2007-07-09 Martin Hunt <hunt@redhat.com>
+ * syscalls2.stp (compat_sys_settimeofday): New.
+
+2007-07-09 Martin Hunt <hunt@redhat.com>
* syscalls2.stp (compat_sys_utimes): New.
* ppc64/syscalls.stp (ciompat_sys_utimes): Removed.
diff --git a/tapset/aux_syscalls.stp b/tapset/aux_syscalls.stp
index 708432c6..e31c0566 100644
--- a/tapset/aux_syscalls.stp
+++ b/tapset/aux_syscalls.stp
@@ -812,12 +812,24 @@ function _adjtx_mode_str(f) {
* syscall.sigprocmask
* syscall.rt_sigprocmask
*/
-function _sigprocmask_how_str(how) {
- if(how==0) return "SIG_BLOCK"
- if(how==1) return "SIG_UNBLOCK"
- if(how==2) return "SIG_SETMASK"
- return ""
-}
+function _sigprocmask_how_str:string(how:long)
+%{ /* pure */
+ int len;
+ char *str = THIS->__retvalue;
+ switch (THIS->how) {
+ case SIG_BLOCK:
+ strlcpy(str, "SIG_BLOCK", MAXSTRINGLEN);
+ break;
+ case SIG_UNBLOCK:
+ strlcpy(str, "SIG_UNBLOCK", MAXSTRINGLEN);
+ break;
+ case SIG_SETMASK:
+ strlcpy(str, "SIG_SETMASK", MAXSTRINGLEN);
+ break;
+ default:
+ snprintf(str, MAXSTRINGLEN, "0x%lx", (long)THIS->how);
+ }
+%}
/*
* Return the symbolic string representation
@@ -826,12 +838,13 @@ function _sigprocmask_how_str(how) {
* CALLERS:
* syscall.getitimer
* syscall.setitimer
+ * INCLUDE: <linux/time.h>
*/
function _itimer_which_str(which) {
if(which==0) return "ITIMER_REAL"
if(which==1) return "ITIMER_VIRTUAL"
if(which==2) return "ITIMER_PROF"
- return ""
+ return sprintf("BAD VALUE: %d", which)
}
/*
@@ -852,7 +865,7 @@ function _get_wc_str(wc) {
if(wc==3) return "CLOCK_THREAD_CPUTIME_ID"
if(wc==4) return "CLOCK_REALTIME_HR"
if(wc==5) return "CLOCK_MONOTONIC_HR"
- return "CLOCK_UNKNOWN"
+ return sprintf("BAD VALUE: %d", wc)
}
function _flock_cmd_str(c) {
@@ -1022,12 +1035,26 @@ function _recvflags_str(f) {
return substr(bs,0,strlen(bs)-1)
}
+%{
+#include <linux/mman.h>
+%}
+
/* `man mlockall` for more information */
-function _mlockall_flags_str(f) {
- if(f & 1) bs="MCL_CURRENT|".bs
- if(f & 2) bs="MCL_FUTURE|".bs
- return substr(bs,0,strlen(bs)-1)
-}
+function _mlockall_flags_str:string(flags:long)
+%{ /* pure */
+ int len;
+ long f = THIS->flags;
+ char *str = THIS->__retvalue;
+ if (f & MCL_CURRENT)
+ strlcat(str, "MCL_CURRENT|", MAXSTRINGLEN);
+ if (f & MCL_FUTURE)
+ strlcat(str, "MCL_FUTURE|", MAXSTRINGLEN);
+ len = strlen(str);
+ if (len)
+ str[strlen(str)-1] = 0;
+ else
+ snprintf(str, MAXSTRINGLEN, "0x%lx", f);
+%}
/* used by sys_delete_module */
function _module_flags_str(f) {
diff --git a/tapset/i686/syscalls.stp b/tapset/i686/syscalls.stp
index cacf2033..ad984075 100644
--- a/tapset/i686/syscalls.stp
+++ b/tapset/i686/syscalls.stp
@@ -1,101 +1,3 @@
-
-# getgroups16 ________________________________________________
-# long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist)
-probe syscall.getgroups16 = kernel.function("sys_getgroups16") {
- name = "getgroups16"
- size = $gidsetsize
- list_uaddr = $grouplist
- argstr = sprintf("%d, %p", size, list_uaddr)
-}
-probe syscall.getgroups16.return = kernel.function("sys_getgroups16").return {
- name = "getgroups16"
- retstr = returnstr(1)
-}
-
-# setgroups16 ________________________________________________
-#
-# asmlinkage long
-# sys_setgroups16(int gidsetsize,
-# old_gid_t __user *grouplist)
-#
-probe syscall.setgroups16 = kernel.function("sys_setgroups16") {
- name = "setgroups16"
- size = $gidsetsize
- list_uaddr = $grouplist
- argstr = ""
-}
-probe syscall.setgroups16.return = kernel.function("sys_setgroups16").return {
- name = "setgroups16"
- retstr = returnstr(1)
-}
-
-
-
-# quotactl ___________________________________________________
-#
-# asmlinkage long
-# sys_quotactl(unsigned int cmd,
-# const char __user *special,
-# qid_t id,
-# void __user *addr)
-#
-probe syscall.quotactl = kernel.function("sys_quotactl") {
- name = "quotactl"
- cmd = $cmd
- cmd_str = _quotactl_cmd_str($cmd)
- special_str = user_string($special)
- id = $id
- addr_uaddr = $addr
- argstr = sprintf("%s, %s, %p, %p", cmd_str, special_str,
- id, addr_uaddr)
-}
-probe syscall.quotactl.return = kernel.function("sys_quotactl").return {
- name = "quotactl"
- retstr = returnstr(1)
-}
-
-# request_key ________________________________________________
-#
-# asmlinkage long
-# sys_request_key(const char __user *_type,
-# const char __user *_description,
-# const char __user *_callout_info,
-# key_serial_t destringid)
-#
-
-probe syscall.request_key = kernel.function("sys_request_key")? {
- name = "request_key"
- type_uaddr = $_type
- description_uaddr = $_description
- callout_info_uaddr = $_callout_info
- destringid = $destringid
- argstr = sprintf("%p, %p, %p, %p", type_uaddr,
- description_uaddr, callout_info_uaddr, destringid)
-}
-probe syscall.request_key.return = kernel.function("sys_request_key").return? {
- name = "request_key"
- retstr = returnstr(1)
-}
-
-# fcntl64 ____________________________________________________
-/*
- * asmlinkage long
- * sys_fcntl64(unsigned int fd,
- * unsigned int cmd,
- * unsigned long arg)
- */
-probe syscall.fcntl64 = kernel.function("sys_fcntl64") {
-name = "fcntl64"
- fd = $fd
- cmd = $cmd
- cmd_str = _fcntl_cmd_str($cmd)
- arg = $arg
- argstr = sprintf("%d, %s, %p", $fd, cmd_str, $arg)
-}
-probe syscall.fcntl64.return = kernel.function("sys_fcntl64").return {
- name = "fcntl64"
- retstr = returnstr(1)
-}
# get_thread_area ____________________________________________
/*
* asmlinkage int
@@ -111,60 +13,6 @@ probe syscall.get_thread_area.return =
name = "get_thread_area"
retstr = returnstr(1)
}
-# inotify_add_watch __________________________________________
-/*
- * asmlinkage long
- * sys_inotify_add_watch(int fd,
- * const char __user *path,
- * u32 mask)
- */
-probe syscall.inotify_add_watch =
- kernel.function("sys_inotify_add_watch") {
- name = "inotify_add_watch"
- fd = $fd
- path_uaddr = $path
- path = user_string($path)
- mask = $mask
- argstr = sprintf("%d, %s, %d", $fd, path, $mask)
-}
-probe syscall.inotify_add_watch.return =
- kernel.function("sys_inotify_add_watch").return {
- name = "inotify_add_watch"
- retstr = returnstr(1)
-}
-# inotify_init _______________________________________________
-/*
- * asmlinkage long
- * sys_inotify_init(void)
- *
- */
-probe syscall.inotify_init = kernel.function("sys_inotify_init") {
- name = "inotify_init"
-}
-probe syscall.inotify_init.return =
- kernel.function("sys_inotify_init").return {
- name = "inotify_init"
- retstr = returnstr(1)
-}
-# inotify_rm_watch ___________________________________________
-/*
- * asmlinkage long
- * sys_inotify_rm_watch(int fd,
- * u32 wd)
- */
-probe syscall.inotify_rm_watch =
- kernel.function("sys_inotify_rm_watch") {
- name = "inotify_rm_watch"
- fd = $fd
- wd = $wd
- argstr = sprintf("%d, %d", $fd, $wd)
-}
-probe syscall.inotify_rm_watch.return =
- kernel.function("sys_inotify_rm_watch").return {
- name = "inotify_rm_watch"
- retstr = returnstr(1)
-}
-
# iopl _______________________________________________________
# long sys_iopl(unsigned long unused)
# NOTE. This function is only in i386 and x86_64 and its args vary
@@ -204,60 +52,7 @@ probe syscall.ipc.return = kernel.function("sys_ipc").return {
name = "ipc"
retstr = returnstr(1)
}
-# olduname ___________________________________________________
-/*
- * asmlinkage long
- * sys_olduname(struct new_utsname __user * name)
- */
-probe syscall.olduname = kernel.function("sys_olduname") {
- name = "olduname"
- name_uaddr = $name
- argstr = sprintf("%p", name_uaddr)
-}
-probe syscall.olduname.return = kernel.function("sys_olduname").return {
- name = "olduname"
- retstr = returnstr(1)
-}
-# sched_setparam _____________________________________________
-/*
- * asmlinkage long
- * sys_sched_setparam(pid_t pid,
- * struct sched_param __user *param)
- */
-probe syscall.sched_setparam =
- kernel.function("do_sched_setscheduler") {
- name = "sched_setparam"
- pid = $pid
- p_uaddr = $param
- argstr = sprintf("%d, %p", $pid, p_uaddr)
-}
-probe syscall.sched_setparam.return =
- kernel.function("do_sched_setscheduler").return {
- name = "sched_setparam"
- retstr = returnstr(1)
-}
-# sched_setscheduler _________________________________________
-/*
- * asmlinkage long
- * sys_sched_setscheduler(pid_t pid,
- * int policy,
- * struct sched_param __user *param)
- */
-probe syscall.sched_setscheduler =
- kernel.function("do_sched_setscheduler") {
- name = "sched_setscheduler"
- pid = $pid
- policy = $policy
- policy_str = _sched_policy_str($policy)
- p_uaddr = $param
- argstr = sprintf("%d, %s, %p", $pid, policy_str, p_uaddr)
-}
-probe syscall.sched_setscheduler.return =
- kernel.function("do_sched_setscheduler").return {
- name = "sched_setscheduler"
- retstr = returnstr(1)
-}
# set_thread_area ____________________________________________
/*
* asmlinkage int
@@ -317,26 +112,6 @@ probe syscall.shmat.return =
retstr = returnstr(1)
}
-# sigaction __________________________________________________
-# int sys_sigaction(int sig,
-# const struct old_sigaction __user *act,
-# struct old_sigaction __user *oact)
-#
-probe syscall.sigaction =
- kernel.function("sys_sigaction") {
- name = "sigaction"
- sig = $sig
- act_uaddr = $act
- oact_uaddr = $oact
- # FIXME - decode $act
- argstr = sprintf("%s, %p, %p", _signal_name($sig), $act, $oact)
-}
-probe syscall.sigaction.return =
- kernel.function("sys_sigaction").return {
- name = "sigaction"
- retstr = returnstr(1)
-}
-
# sigaltstack ________________________________________________
# int sys_sigaltstack(unsigned long ebx)
#
@@ -352,42 +127,6 @@ probe syscall.sigaltstack.return = kernel.function("sys_sigaltstack").return {
retstr = returnstr(1)
}
-# sigreturn __________________________________________________
-/*
- * asmlinkage int
- * sys_sigreturn(unsigned long __unused)
- */
-probe syscall.sigreturn =
- kernel.function("sys_sigreturn") {
- name = "sigreturn"
- __unused = $__unused
- argstr = sprint($__unused)
-}
-probe syscall.sigreturn.return =
- kernel.function("sys_sigreturn").return {
- name = "sigreturn.return"
-}
-# sigsuspend _________________________________________________
-/*
- * asmlinkage int
- * sys_sigsuspend(int history0,
- * int history1,
- * old_sigset_t mask)
- */
-probe syscall.sigsuspend =
- kernel.function("sys_sigsuspend") {
- name = "sigsuspend"
- history0 = $history0
- history1 = $history1
- mask = $mask
- argstr = sprintf("%d, %d, %p", $history0, $history1, $mask)
-}
-probe syscall.sigsuspend.return =
- kernel.function("sys_sigsuspend").return {
- name = "sigsuspend"
- retstr = returnstr(1)
-}
-
# vm86 _______________________________________________________
/*
* asmlinkage int
@@ -401,7 +140,7 @@ probe syscall.vm86 = kernel.function("sys_vm86") {
*/
}
probe syscall.vm86.return = kernel.function("sys_vm86").return {
- name = "vm86"
+ name = "vm86"
retstr = returnstr(1)
}
# vm86old ____________________________________________________
diff --git a/tapset/ppc64/syscalls.stp b/tapset/ppc64/syscalls.stp
index 541832cd..824ada48 100644
--- a/tapset/ppc64/syscalls.stp
+++ b/tapset/ppc64/syscalls.stp
@@ -1,34 +1,4 @@
-# compat_sys_getitimer ________________________________________
-#
-# asmlinkage long compat_sys_getitimer(int which,
-# struct compat_itimerval __user *it)
-#
-probe syscall.compat_sys_getitimer = kernel.function("compat_sys_getitimer") {
- name = "compat_sys_getitimer"
- which = $which
- value_uaddr = $it
- argstr = sprintf("%s, %p", _itimer_which_str(which), value_uaddr)
-}
-probe syscall.compat_sys_getitimer.return =
- kernel.function("compat_sys_getitimer").return {
- name = "compat_sys_getitimer"
- retstr = returnstr(1)
-}
-# compat_sys_times ________________________________________
-#
-# asmlinkage long compat_sys_times(struct compat_tms __user *tbuf)
-#
-probe syscall.compat_sys_times = kernel.function("compat_sys_times") {
- name = "compat_sys_times"
- buf_uaddr = $tbuf
- argstr = sprintf("%p", buf_uaddr)
-}
-probe syscall.compat_sys_times.return =
- kernel.function("compat_sys_times").return {
- name = "compat_sys_times"
- retstr = returnstr(1)
-}
# compat_sys_sigpending ________________________________________
#
# asmlinkage long compat_sys_sigpending(compat_old_sigset_t __user *set)
@@ -43,25 +13,7 @@ probe syscall.compat_sys_sigpending.return =
name = "compat_sys_sigpending"
retstr = returnstr(1)
}
-# compat_sys_sigprocmask ________________________________________
-#
-# asmlinkage long compat_sys_sigprocmask(int how,
-# compat_old_sigset_t __user *set,
-# compat_old_sigset_t __user *oset)
-#
-probe syscall.compat_sys_sigprocmask = kernel.function("compat_sys_sigprocmask") {
- name = "compat_sys_sigprocmask"
- how = $how
- set_uaddr = $set
- oldset_uaddr = $oset
- argstr = sprintf("%s, %p, %p", _sigprocmask_how_str($how),
- set_uaddr, oldset_uaddr)
-}
-probe syscall.compat_sys_sigprocmask.return =
- kernel.function("compat_sys_sigprocmask").return {
- name = "compat_sys_sigprocmask"
- retstr = returnstr(1)
-}
+
# compat_sys_futex ________________________________________
#
# asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, int val,
@@ -390,28 +342,6 @@ probe syscall.compat_sys_select.return =
name = "compat_sys_select"
retstr = returnstr(1)
}
-# compat_rt_sigaction _______________________________________________
-#
-# long compat_sys_rt_sigaction(int sig,
-# const struct sigaction __user *act,
-# struct sigaction __user *oact,
-# size_t sigsetsize)
-#
-probe syscall.compat_rt_sigaction = kernel.function("compat_sys_rt_sigaction")?,
- kernel.function("sys32_rt_sigaction") ? {
- name = "rt_sigaction"
- sig = $sig
- act_uaddr = $act
- oact_uaddr = $oact
- sigsetsize = $sigsetsize
- argstr = sprintf("%s, %p, %p, %d", _signal_name($sig), $act, $oact, $sigsetsize)
-}
-probe syscall.compat_rt_sigaction.return =
- kernel.function("compat_sys_rt_sigaction").return ? ,
- kernel.function("sys32_rt_sigaction").return ? {
- name = "rt_sigaction"
- retstr = returnstr(1)
-}
# compat_sys_nfsservctl ________________________________________
#
@@ -958,63 +888,6 @@ probe syscall.sys32_ptrace.return = kernel.function("sys32_ptrace").return ? {
name = "sys32_ptrace"
retstr = returnstr(1)
}
-# sys32_pause ________________________________________
-#
-# asmlinkage long sys32_pause(void)
-#
-probe syscall.sys32_pause = kernel.function("sys32_pause") ? {
- name = "sys32_pause"
- argstr = ""
-}
-probe syscall.sys32_pause.return = kernel.function("sys32_pause").return ? {
- name = "sys32_pause"
- retstr = returnstr(1)
-}
-# sys32_olduname ________________________________________
-#
-# asmlinkage int sys32_olduname(struct oldold_utsname __user * name)
-#
-probe syscall.sys32_olduname = kernel.function("sys32_olduname") ? {
- name = "sys32_olduname"
- name_uaddr = $name
- argstr = sprintf("%p", name_uaddr)
-}
-probe syscall.sys32_olduname.return = kernel.function("sys32_olduname").return ?{
- name = "sys32_olduname"
- retstr = returnstr(1)
-}
-# sys32_sigaction ________________________________________
-#
-# long sys32_sigaction(int sig, struct old_sigaction32 __user *act,
-# struct old_sigaction32 __user *oact)
-#
-probe syscall.sys32_sigaction = kernel.function("sys32_sigaction") ? {
- name = "sys32_sigaction"
- sig = $sig
- act_uaddr = $act
- oact_uaddr = $oact
- argstr = sprintf("%s, %p, %p", _signal_name($sig), $act, $oact)
-}
-probe syscall.sys32_sigaction.return =
- kernel.function("sys32_sigaction").return ? {
- name = "sys32_sigaction"
- retstr = returnstr(1)
-}
-# sys32_sigsuspend ________________________________________
-#
-# long sys32_sigsuspend(old_sigset_t mask, int p2, int p3, int p4, int p6,
-# int p7, struct pt_regs *regs)
-#
-probe syscall.sys32_sigsuspend = kernel.function("sys32_sigsuspend") ? {
- name = "sys32_sigsuspend"
- mask = $mask
- argstr = sprintf("%p", mask)
-}
-probe syscall.sys32_sigsuspend.return =
- kernel.function("sys32_sigsuspend").return ? {
- name = "sys32_sigsuspend"
- retstr = returnstr(1)
-}
# sys32_sysinfo ________________________________________
#
# asmlinkage long sys32_sysinfo(struct sysinfo32 __user *info)
@@ -1150,48 +1023,7 @@ probe syscall.sys32_sched_rr_get_interval.return =
name = "sys32_sched_rr_get_interval"
retstr = returnstr(1)
}
-# sys32_rt_sigreturn ________________________________________
-#
-# long sys32_rt_sigreturn(int r3, int r4, int r5, int r6, int r7, int r8,
-# struct pt_regs *regs)
-#
-#
-probe syscall.sys32_rt_sigreturn = kernel.function("sys32_rt_sigreturn") ? {
- name = "sys32_rt_sigreturn"
- r3 = $r3
- r4 = $r4
- r5 = $r5
- r6 = $r6
- r7 = $r7
- r8 = $r8
- argstr = sprintf("%p, %p, %p, %p, %p, %p",
- r3, r4, r5, r6, r7, r8)
-}
-probe syscall.sys32_rt_sigreturn.return =
- kernel.function("sys32_rt_sigreturn").return ? {
- name = "sys32_rt_sigreturn"
- retstr = returnstr(1)
-}
-# sys32_rt_sigprocmask ________________________________________
-#
-# long sys32_rt_sigprocmask(u32 how, compat_sigset_t __user *set,
-# compat_sigset_t __user *oset, size_t sigsetsize)
-#
-probe syscall.sys32_rt_sigprocmask = kernel.function("sys32_rt_sigprocmask") ? {
- name = "sys32_rt_sigprocmask"
- how = $how
- how_str = _sigprocmask_how_str($how)
- set_uaddr = $set
- oset_uaddr = $oset
- sigsetsize = $sigsetsize
- argstr = sprintf("%s, %p, %p, %d", how_str, $set,
- $oset, $sigsetsize)
-}
-probe syscall.sys32_rt_sigprocmask.return =
- kernel.function("sys32_rt_sigprocmask").return ? {
- name = "sys32_rt_sigprocmask"
- retstr = returnstr(1)
-}
+
# sys32_rt_sigpending ________________________________________
#
# long sys32_rt_sigpending(compat_sigset_t __user *set,
diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp
index bcf7adb6..da9623cc 100644
--- a/tapset/syscalls.stp
+++ b/tapset/syscalls.stp
@@ -1000,73 +1000,74 @@ probe syscall.getdents64.return = kernel.function("sys_getdents64").return {
# getegid ____________________________________________________
# long sys_getegid(void)
-probe syscall.getegid = kernel.function("sys_getegid") {
+# long sys_getegid16(void)
+#
+probe syscall.getegid =
+ kernel.function("sys_getegid16") ?,
+ kernel.function("sys_getegid")
+{
name = "getegid"
}
-probe syscall.getegid.return = kernel.function("sys_getegid").return {
+probe syscall.getegid.return =
+ kernel.function("sys_getegid16").return ?,
+ kernel.function("sys_getegid").return
+{
name = "getegid"
retstr = returnstr(1)
}
-# getegid16 __________________________________________________
-# long sys_getegid16(void)
-probe syscall.getegid16 = kernel.function("sys_getegid16") ? {
- name = "getegid16"
-}
-probe syscall.getegid16.return = kernel.function("sys_getegid16").return ? {
- name = "getegid16"
- retstr = returnstr(1)
-}
-
# geteuid ____________________________________________________
# long sys_geteuid(void)
-probe syscall.geteuid = kernel.function("sys_geteuid") {
+probe syscall.geteuid =
+ kernel.function("sys_geteuid16") ?,
+ kernel.function("sys_geteuid")
+{
name = "geteuid"
}
-probe syscall.geteuid.return = kernel.function("sys_geteuid").return {
+probe syscall.geteuid.return =
+ kernel.function("sys_geteuid16").return ?,
+ kernel.function("sys_geteuid").return
+{
name = "geteuid"
retstr = returnstr(1)
}
-# geteuid16 __________________________________________________
-# long sys_geteuid16(void)
-probe syscall.geteuid16 = kernel.function("sys_geteuid16") ? {
- name = "geteuid16"
-}
-probe syscall.geteuid16.return = kernel.function("sys_geteuid16").return ? {
- name = "geteuid16"
- retstr = returnstr(1)
-}
-
# getgid _____________________________________________________
# long sys_getgid(void)
-probe syscall.getgid =kernel.function("sys_getgid") {
+probe syscall.getgid =
+ kernel.function("sys_getgid16") ?,
+ kernel.function("sys_getgid")
+{
name = "getgid"
}
-probe syscall.getgid.return = kernel.function("sys_getgid").return {
+probe syscall.getgid.return =
+ kernel.function("sys_getgid16").return ?,
+ kernel.function("sys_getgid").return
+{
name = "getgid"
retstr = returnstr(1)
}
-# getgid16 ___________________________________________________
-# long sys_getgid16(void)
-probe syscall.getgid16 = kernel.function("sys_getgid16") ? {
- name = "getgid16"
-}
-probe syscall.getgid16.return = kernel.function("sys_getgid16").return ? {
- name = "getgid16"
- retstr = returnstr(1)
-}
-
# getgroups __________________________________________________
# long sys_getgroups(int gidsetsize, gid_t __user *grouplist)
-probe syscall.getgroups = kernel.function("sys_getgroups") {
+# long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist)
+# long sys32_getgroups16(int gidsetsize, u16 __user *grouplist)
+#
+probe syscall.getgroups =
+ kernel.function("sys_getgroups") ?,
+ kernel.function("sys_getgroups16") ?,
+ kernel.function("sys32_getgroups16") ?
+{
name = "getgroups"
size = $gidsetsize
list_uaddr = $grouplist
- argstr = sprintf("%d, %p", size, list_uaddr)
+ argstr = sprintf("%d, %p", $gidsetsize, $grouplist)
}
-probe syscall.getgroups.return = kernel.function("sys_getgroups").return {
+probe syscall.getgroups.return =
+ kernel.function("sys_getgroups").return ?,
+ kernel.function("sys_getgroups16").return ?,
+ kernel.function("sys32_getgroups16").return ?
+{
name = "getgroups"
retstr = returnstr(1)
}
@@ -1085,7 +1086,8 @@ probe syscall.gethostname.return = kernel.function("sys_gethostname").return ? {
}
# getitimer __________________________________________________
-# long sys_getitimer(int which, struct itimerval __user *value)
+# sys_getitimer(int which, struct itimerval __user *value)
+#
probe syscall.getitimer = kernel.function("sys_getitimer") {
name = "getitimer"
which = $which
@@ -1202,31 +1204,24 @@ probe syscall.getpriority.return = kernel.function("sys_getpriority").return {
# long sys_getresgid(gid_t __user *rgid,
# gid_t __user *egid,
# gid_t __user *sgid)
-probe syscall.getresgid = kernel.function("sys_getresgid") {
- name = "getresgid"
- rgid_uaddr = $rgid
- egid_uaddr = $egid
- sgid_uaddr = $sgid
- argstr = sprintf("%p, %p, %p", rgid_uaddr, egid_uaddr, sgid_uaddr)
-}
-probe syscall.getresgid.return = kernel.function("sys_getresgid").return {
- name = "getresgid"
- retstr = returnstr(1)
-}
-
-# getresgid16 ________________________________________________
# long sys_getresgid16(old_uid_t __user *rgid,
# old_uid_t __user *egid,
# old_uid_t __user *sgid)
-probe syscall.getresgid16 = kernel.function("sys_getresgid16") ? {
- name = "getresgid16"
+probe syscall.getresgid =
+ kernel.function("sys_getresgid16") ?,
+ kernel.function("sys_getresgid")
+{
+ name = "getresgid"
rgid_uaddr = $rgid
egid_uaddr = $egid
sgid_uaddr = $sgid
- argstr = sprintf("%p, %p, %p", rgid_uaddr, egid_uaddr, sgid_uaddr)
+ argstr = sprintf("%p, %p, %p", $rgid, $egid, $sgid)
}
-probe syscall.getresgid16.return = kernel.function("sys_getresgid16").return ? {
- name = "getresgid16"
+probe syscall.getresgid.return =
+ kernel.function("sys_getresgid16").return ?,
+ kernel.function("sys_getresgid").return
+{
+ name = "getresgid"
retstr = returnstr(1)
}
@@ -1234,34 +1229,24 @@ probe syscall.getresgid16.return = kernel.function("sys_getresgid16").return ? {
# long sys_getresuid(uid_t __user *ruid,
# uid_t __user *euid,
# uid_t __user *suid)
-probe syscall.getresuid = kernel.function("sys_getresuid") {
+probe syscall.getresuid =
+ kernel.function("sys_getresuid16") ?,
+ kernel.function("sys_getresuid")
+{
name = "getresuid"
ruid_uaddr = $ruid
euid_uaddr = $euid
suid_uaddr = $suid
- argstr = sprintf("%p, %p, %p", ruid_uaddr, euid_uaddr, suid_uaddr)
+ argstr = sprintf("%p, %p, %p", $ruid, $euid, $suid)
}
-probe syscall.getresuid.return = kernel.function("sys_getresuid").return {
+probe syscall.getresuid.return =
+ kernel.function("sys_getresuid16").return ?,
+ kernel.function("sys_getresuid").return
+{
name = "getresuid"
retstr = returnstr(1)
}
-# getresuid16 ________________________________________________
-# long sys_getresuid16(old_uid_t __user *ruid,
-# old_uid_t __user *euid,
-# old_uid_t __user *suid)
-probe syscall.getresuid16 = kernel.function("sys_getresuid16") ? {
- name = "getresuid16"
- ruid_uaddr = $ruid
- euid_uaddr = $euid
- suid_uaddr = $suid
- argstr = sprintf("%p, %p, %p", ruid_uaddr, euid_uaddr, suid_uaddr)
-}
-probe syscall.getresuid16.return = kernel.function("sys_getresuid16").return ? {
- name = "getresuid16"
- retstr = returnstr(1)
-}
-
# getrlimit __________________________________________________
# long sys_getrlimit(unsigned int resource, struct rlimit __user *rlim)
# long sys_old_getrlimit(unsigned int resource, struct rlimit __user *rlim)
@@ -1388,25 +1373,23 @@ probe syscall.gettimeofday.return =
}
# getuid _____________________________________________________
-# long sys_getuid(void)
-probe syscall.getuid = kernel.function("sys_getuid") {
+# long sys_getuid(void
+# long sys_getuid16(void)
+#
+probe syscall.getuid =
+ kernel.function("sys_getuid16") ?,
+ kernel.function("sys_getuid")
+{
name = "getuid"
}
-probe syscall.getuid.return = kernel.function("sys_getuid").return {
+probe syscall.getuid.return =
+ kernel.function("sys_getuid16").return ?,
+ kernel.function("sys_getuid").return
+{
name = "getuid"
retstr = returnstr(1)
}
-# getuid16 ___________________________________________________
-# long sys_getuid16(void)
-probe syscall.getuid16 = kernel.function("sys_getuid16") ? {
- name = "getuid16"
-}
-probe syscall.getuid16.return = kernel.function("sys_getuid16").return ? {
- name = "getuid16"
- retstr = returnstr(1)
-}
-
# getxattr ___________________________________________________
# ssize_t sys_getxattr(char __user *path, char __user *name,
# void __user *value, size_t size)
@@ -1443,6 +1426,51 @@ probe syscall.init_module.return = kernel.function("sys_init_module").return {
retstr = returnstr(1)
}
+# inotify_add_watch __________________________________________
+#
+# long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
+#
+probe syscall.inotify_add_watch = kernel.function("sys_inotify_add_watch") ? {
+ name = "inotify_add_watch"
+ fd = $fd
+ path_uaddr = $path
+ path = user_string($path)
+ mask = $mask
+ argstr = sprintf("%d, %s, %d", $fd, user_string_quoted($path), $mask)
+}
+probe syscall.inotify_add_watch.return = kernel.function("sys_inotify_add_watch").return ? {
+ name = "inotify_add_watch"
+ retstr = returnstr(1)
+}
+
+# inotify_init _______________________________________________
+#
+# long sys_inotify_init(void)
+#
+probe syscall.inotify_init = kernel.function("sys_inotify_init") ? {
+ name = "inotify_init"
+ argstr = ""
+}
+probe syscall.inotify_init.return = kernel.function("sys_inotify_init").return ? {
+ name = "inotify_init"
+ retstr = returnstr(1)
+}
+
+# inotify_rm_watch ___________________________________________
+#
+# long sys_inotify_rm_watch(int fd, u32 wd)
+#
+probe syscall.inotify_rm_watch = kernel.function("sys_inotify_rm_watch") ? {
+ name = "inotify_rm_watch"
+ fd = $fd
+ wd = $wd
+ argstr = sprintf("%d, %d", $fd, $wd)
+}
+probe syscall.inotify_rm_watch.return = kernel.function("sys_inotify_rm_watch").return ? {
+ name = "inotify_rm_watch"
+ retstr = returnstr(1)
+}
+
# io_cancel __________________________________________________
# long sys_io_cancel(aio_context_t ctx_id,
# struct iocb __user *iocb,
@@ -1980,15 +2008,13 @@ probe syscall.mknod.return = kernel.function("sys_mknod").return {
# mlock ______________________________________________________
#
-# asmlinkage long
-# sys_mlock(unsigned long start,
-# size_t len)
+# long sys_mlock(unsigned long start, size_t len)
#
probe syscall.mlock = kernel.function("sys_mlock") {
name = "mlock"
addr = $start
len = $len
- argstr = sprintf("0x%p, %d", addr, len)
+ argstr = sprintf("%p, %d", $start, $len)
}
probe syscall.mlock.return = kernel.function("sys_mlock").return {
name = "mlock"
@@ -1996,14 +2022,12 @@ probe syscall.mlock.return = kernel.function("sys_mlock").return {
}
# mlockall ___________________________________________________
#
-# asmlinkage long
-# sys_mlockall(int flags)
+# long sys_mlockall(int flags)
#
probe syscall.mlockall = kernel.function("sys_mlockall") {
name = "mlockall"
flags = $flags
- flags_str = _mlockall_flags_str($flags)
- argstr = flags_str
+ argstr = _mlockall_flags_str($flags)
}
probe syscall.mlockall.return = kernel.function("sys_mlockall").return {
name = "mlockall"
diff --git a/tapset/syscalls2.stp b/tapset/syscalls2.stp
index 415cca14..d9ecc048 100644
--- a/tapset/syscalls2.stp
+++ b/tapset/syscalls2.stp
@@ -377,6 +377,28 @@ probe syscall.pwrite64.return = kernel.function("sys_pwrite64").return {
retstr = returnstr(1)
}
+# quotactl ___________________________________________________
+#
+# long sys_quotactl(unsigned int cmd,
+# const char __user *special,
+# qid_t id,
+# void __user *addr)
+#
+probe syscall.quotactl = kernel.function("sys_quotactl") {
+ name = "quotactl"
+ cmd = $cmd
+ cmd_str = _quotactl_cmd_str($cmd)
+ special = user_string($special)
+ id = $id
+ addr_uaddr = $addr
+ argstr = sprintf("%s, %s, %d, %p", cmd_str, special_str, $id, $addr)
+}
+probe syscall.quotactl.return = kernel.function("sys_quotactl").return {
+ name = "quotactl"
+ retstr = returnstr(1)
+}
+
+
# read _______________________________________________________
# ssize_t sys_read(unsigned int fd, char __user * buf, size_t count)
probe syscall.read = kernel.function("sys_read") {
@@ -615,6 +637,28 @@ probe syscall.rename.return = kernel.function("sys_rename").return {
name = "rename"
retstr = returnstr(1)
}
+
+# request_key ________________________________________________
+#
+# long sys_request_key(const char __user *_type,
+# const char __user *_description,
+# const char __user *_callout_info,
+# key_serial_t destringid)
+# compat_sys_request_key() calls sys_request_key, so don't need probe there.
+#
+probe syscall.request_key = kernel.function("sys_request_key") ? {
+ name = "request_key"
+ type_uaddr = $_type
+ description_uaddr = $_description
+ callout_info_uaddr = $_callout_info
+ destringid = $destringid
+ argstr = sprintf("%p, %p, %p, %p", $_type, $_description, $_callout_info, $destringid)
+}
+probe syscall.request_key.return = kernel.function("sys_request_key").return ? {
+ name = "request_key"
+ retstr = returnstr(1)
+}
+
# restart_syscall ____________________________________________
#
# asmlinkage long
@@ -646,12 +690,20 @@ probe syscall.rmdir.return = kernel.function("sys_rmdir").return {
# rt_sigaction _______________________________________________
#
-# long sys_rt_sigaction(int sig,
+# sys_rt_sigaction(int sig,
# const struct sigaction __user *act,
# struct sigaction __user *oact,
# size_t sigsetsize)
#
-probe syscall.rt_sigaction = kernel.function("sys_rt_sigaction") {
+# compat_sys_rt_sigaction(int sig,
+# const struct sigaction __user *act,
+# struct sigaction __user *oact,
+# size_t sigsetsize)
+#
+probe syscall.rt_sigaction =
+ kernel.function("sys_rt_sigaction") ?,
+ kernel.function("compat_sys_rt_sigaction") ?
+{
name = "rt_sigaction"
sig = $sig
act_uaddr = $act
@@ -662,10 +714,14 @@ probe syscall.rt_sigaction = kernel.function("sys_rt_sigaction") {
argstr = sprintf("%s, %p, %p, %d", _signal_name($sig),
$act, $oact, $sigsetsize)
}
-probe syscall.rt_sigaction.return = kernel.function("sys_rt_sigaction").return {
+probe syscall.rt_sigaction.return =
+ kernel.function("sys_rt_sigaction").return ?,
+ kernel.function("compat_sys_rt_sigaction").return ?
+{
name = "rt_sigaction"
retstr = returnstr(1)
}
+
#
# long sys32_rt_sigaction(int sig,
# struct sigaction32 __user *act,
@@ -691,46 +747,47 @@ probe syscall.rt_sigaction32.return = kernel.function("sys32_rt_sigaction").retu
#
# long sys_rt_sigpending(sigset_t __user *set, size_t sigsetsize)
#
-probe syscall.rt_sigpending = kernel.function("do_sigpending") {
+probe syscall.rt_sigpending = kernel.function("sys_rt_sigpending") ? {
name = "rt_sigpending"
set_uaddr = $set
sigsetsize = $sigsetsize
argstr = sprintf("%p, %d", $set, $sigsetsize)
}
-probe syscall.rt_sigpending.return = kernel.function("do_sigpending").return {
+probe syscall.rt_sigpending.return = kernel.function("sys_rt_sigpending").return ? {
name = "rt_sigpending"
retstr = returnstr(1)
}
# rt_sigprocmask _____________________________________________
-#
-# long sys_rt_sigprocmask(int how,
-# sigset_t __user *set,
-# sigset_t __user *oset,
-# size_t sigsetsize)
-#
-probe syscall.rt_sigprocmask = kernel.function("sys_rt_sigprocmask") {
+# long sys32_rt_sigprocmask(u32 how, compat_sigset_t __user *set, compat_sigset_t __user *oset, size_t sigsetsize)
+# long compat_sys_rt_sigprocmask(int how, compat_sigset_t __user *set, compat_sigset_t __user *oset, compat_size_t sigsetsize)
+# long sys_rt_sigprocmask(int how, sigset_t __user *set, sigset_t __user *oset, size_t sigsetsize)
+#
+probe syscall.rt_sigprocmask =
+ kernel.function("sys32_rt_sigprocmask") ?,
+ kernel.function("compat_sys_rt_sigprocmask") ?,
+ kernel.function("sys_rt_sigprocmask") ?
+{
name = "rt_sigprocmask"
- how = $how
+ how = $how
how_str = _sigprocmask_how_str($how)
- set_uaddr = $set
- # FIXME - need to decode $set
- oset_uaddr = $oset
- sigsetsize = $sigsetsize
- argstr = sprintf("%s, %p, %p, %d", how_str, $set, $oset, $sigsetsize)
+ set_uaddr = $set
+ oldset_uaddr = $oset
+ argstr = sprintf("%s, %p, %p, %d", how_str, $set,
+ $oset, $sigsetsize)
}
-probe syscall.rt_sigprocmask.return =
- kernel.function("sys_rt_sigprocmask").return {
+probe syscall.rt_sigprocmask.return =
+ kernel.function("sys32_rt_sigprocmask").return ?,
+ kernel.function("compat_sys_rt_sigprocmask").return ?,
+ kernel.function("sys_rt_sigprocmask").return ?
+{
name = "rt_sigprocmask"
retstr = returnstr(1)
}
# rt_sigqueueinfo ____________________________________________
#
-# asmlinkage long
-# sys_rt_sigqueueinfo(int pid,
-# int sig,
-# siginfo_t __user *uinfo)
+# long sys_rt_sigqueueinfo(int pid, int sig,siginfo_t __user *uinfo)
#
probe syscall.rt_sigqueueinfo = kernel.function("sys_rt_sigqueueinfo") {
name = "rt_sigqueueinfo"
@@ -748,30 +805,40 @@ probe syscall.rt_sigqueueinfo.return =
# rt_sigreturn _______________________________________________
# int sys_rt_sigreturn(unsigned long __unused)
#
-probe syscall.rt_sigreturn = kernel.function("sys_rt_sigreturn") ? {
+probe syscall.rt_sigreturn =
+ kernel.function("sys_rt_sigreturn") ?,
+ kernel.function("sys32_rt_sigreturn") ?
+{
name = "rt_sigreturn"
argstr = ""
}
-probe syscall.rt_sigreturn.return = kernel.function("sys_rt_sigreturn").return ? {
+probe syscall.rt_sigreturn.return =
+ kernel.function("sys_rt_sigreturn").return ?,
+ kernel.function("sys32_rt_sigreturn").return ?
+{
name = "rt_sigreturn"
retstr = returnstr(1)
}
# rt_sigsuspend ______________________________________________
#
-# asmlinkage int
# sys_rt_sigsuspend(struct pt_regs regs)
#
-probe syscall.rt_sigsuspend = kernel.function("sys_rt_sigsuspend") {
+probe syscall.rt_sigsuspend =
+ kernel.function("sys_rt_sigsuspend") ?,
+ kernel.function("compat_sys_rt_sigsuspend") ?
+{
name = "rt_sigsuspend"
- /* FIXME : i386 can't resolve regs for this function */
- #regs = $regs
argstr = ""
}
-probe syscall.rt_sigsuspend.return = kernel.function("sys_rt_sigsuspend").return {
+probe syscall.rt_sigsuspend.return =
+ kernel.function("sys_rt_sigsuspend").return ?,
+ kernel.function("compat_sys_rt_sigsuspend").return ?
+{
name = "rt_sigsuspend"
retstr = returnstr(1)
}
+
# rt_sigtimedwait ____________________________________________
#
# asmlinkage long
@@ -922,6 +989,38 @@ probe syscall.sched_setaffinity.return = kernel.function("sys_sched_setaffinity"
retstr = returnstr(1)
}
+# sched_setparam _____________________________________________
+#
+# long sys_sched_setparam(pid_t pid, struct sched_param __user *param)
+#
+probe syscall.sched_setparam = kernel.function("sys_sched_setparam") ? {
+ name = "sched_setparam"
+ pid = $pid
+ p_uaddr = $param
+ argstr = sprintf("%d, %p", $pid, $param)
+}
+probe syscall.sched_setparam.return = kernel.function("sys_sched_setparam").return ? {
+ name = "sched_setparam"
+ retstr = returnstr(1)
+}
+
+# sched_setscheduler _________________________________________
+#
+# long sys_sched_setscheduler(pid_t pid, int policy, struct sched_param __user *param)
+#
+probe syscall.sched_setscheduler = kernel.function("sys_sched_setscheduler") ? {
+ name = "sched_setscheduler"
+ pid = $pid
+ policy = $policy
+ policy_str = _sched_policy_str($policy)
+ p_uaddr = $param
+ argstr = sprintf("%d, %s, %p", $pid, policy_str, $param)
+}
+probe syscall.sched_setscheduler.return = kernel.function("sys_sched_setscheduler").return ? {
+ name = "sched_setscheduler"
+ retstr = returnstr(1)
+}
+
# sched_yield ________________________________________________
# long sys_sched_yield(void)
#
@@ -1141,99 +1240,89 @@ probe syscall.setdomainname.return =
name = "setdomainname"
retstr = returnstr(1)
}
+
# setfsgid ___________________________________________________
# long sys_setfsgid(gid_t gid)
+# long sys_setfsgid16(old_gid_t gid)
#
-probe syscall.setfsgid = kernel.function("sys_setfsgid") {
+probe syscall.setfsgid =
+ kernel.function("sys_setfsgid") ?,
+ kernel.function("sys_setfsgid16") ?
+{
name = "setfsgid"
fsgid = $gid
argstr = sprint($gid)
}
-probe syscall.setfsgid.return = kernel.function("sys_setfsgid").return {
+probe syscall.setfsgid.return =
+ kernel.function("sys_setfsgid").return ?,
+ kernel.function("sys_setfsgid16").return ?
+{
name = "setfsgid"
retstr = returnstr(1)
}
-# setfsgid16 _________________________________________________
-# long sys_setfsgid16(old_gid_t gid)
-#
-probe syscall.setfsgid16 = kernel.function("sys_setfsgid16") ? {
- name = "setfsgid16"
- gid = $gid
- argstr = sprint($gid)
-}
-probe syscall.setfsgid16.return = kernel.function("sys_setfsgid16").return ? {
- name = "setfsgid16"
- retstr = returnstr(1)
-}
+
# setfsuid ___________________________________________________
# long sys_setfsuid(uid_t uid)
+# long sys_setfsuid16(old_uid_t uid)
#
-probe syscall.setfsuid = kernel.function("sys_setfsuid") {
+probe syscall.setfsuid =
+ kernel.function("sys_setfsuid") ?,
+ kernel.function("sys_setfsuid16") ?
+{
name = "setfsuid"
fsuid = $uid
argstr = sprint($uid)
}
-probe syscall.setfsuid.return = kernel.function("sys_setfsuid").return {
+probe syscall.setfsuid.return =
+ kernel.function("sys_setfsuid").return ?,
+ kernel.function("sys_setfsuid16").return ?
+{
name = "setfsuid"
retstr = returnstr(1)
}
-# setfsuid16 _________________________________________________
-# long sys_setfsuid16(old_uid_t uid)
-#
-probe syscall.setfsuid16 = kernel.function("sys_setfsuid16") ? {
- name = "setfsuid16"
- uid = $uid
- argstr = sprint($uid)
-}
-probe syscall.setfsuid16.return = kernel.function("sys_setfsuid16").return ? {
- name = "setfsuid16"
- retstr = returnstr(1)
-}
+
# setgid _____________________________________________________
#
# long sys_setgid(gid_t gid)
+# long sys_setgid16(old_gid_t gid)
#
-probe syscall.setgid = kernel.function("sys_setgid") {
+probe syscall.setgid =
+ kernel.function("sys_setgid") ?,
+ kernel.function("sys_setgid16") ?
+{
name = "setgid"
gid = $gid
argstr = sprint($gid)
}
-probe syscall.setgid.return = kernel.function("sys_setgid").return {
+probe syscall.setgid.return =
+ kernel.function("sys_setgid").return ?,
+ kernel.function("sys_setgid16").return ?
+{
name = "setgid"
retstr = returnstr(1)
}
-# setgid16 ___________________________________________________
-#
-# long sys_setgid16(old_gid_t gid)
-#
-probe syscall.setgid16 = kernel.function("sys_setgid16") ? {
- name = "setgid16"
- gid = $gid
- argstr = sprint($gid)
-}
-probe syscall.setgid16.return = kernel.function("sys_setgid16").return ? {
- name = "setgid16"
- retstr = returnstr(1)
-}
+
# setgroups __________________________________________________
#
# long sys_setgroups(int gidsetsize, gid_t __user *grouplist)
+# long sys_setgroups16(int gidsetsize, old_gid_t __user *grouplist)
+# long sys32_setgroups16(int gidsetsize, u16 __user *grouplist)
#
-probe syscall.setgroups = kernel.function("sys_setgroups") {
+probe syscall.setgroups =
+ kernel.function("sys_setgroups") ?,
+ kernel.function("sys_setgroups16") ?,
+ kernel.function("sys32_setgroups16") ?
+{
name = "setgroups"
size = $gidsetsize
- /*
- * NOTE
- * list defined as "gid_t list[]" there
- * is no practical way to export these
- * values. Therefore just export addr,
- * let the user take care of it with
- * embedded C if need be.
- */
list_uaddr = $grouplist
- argstr = sprintf("%d, %p", $gidsetsize, list_uaddr)
+ argstr = sprintf("%d, %p", $gidsetsize, $grouplist)
}
-probe syscall.setgroups.return = kernel.function("sys_setgroups").return {
+probe syscall.setgroups.return =
+ kernel.function("sys_setgroups").return ?,
+ kernel.function("sys_setgroups16").return ?,
+ kernel.function("sys32_setgroups16").return ?
+{
name = "setgroups"
retstr = returnstr(1)
}
@@ -1361,13 +1450,13 @@ probe syscall.setregid.return = kernel.function("sys_setregid").return {
# long sys_setregid16(old_gid_t rgid, old_gid_t egid)
#
probe syscall.setregid16 = kernel.function("sys_setregid16") ? {
- name = "setregid16"
+ name = "setregid"
rgid = __short($rgid)
egid = __short($egid)
argstr = sprintf("%d, %d",rgid, egid)
}
probe syscall.setregid16.return = kernel.function("sys_setregid16").return ? {
- name = "setregid16"
+ name = "setregid"
retstr = returnstr(1)
}
# setresgid __________________________________________________
@@ -1391,7 +1480,7 @@ probe syscall.setresgid.return = kernel.function("sys_setresgid").return {
# old_gid_t sgid)
#
probe syscall.setresgid16 = kernel.function("sys_setresgid16") ? {
- name = "setresgid16"
+ name = "setresgid"
rgid = __short($rgid)
egid = __short($egid)
sgid = __short($sgid)
@@ -1423,14 +1512,14 @@ probe syscall.setresuid.return = kernel.function("sys_setresuid").return {
# long sys_setresuid16(old_uid_t ruid, old_uid_t euid, old_uid_t suid)
#
probe syscall.setresuid16 = kernel.function("sys_setresuid16") ? {
- name = "setresuid16"
+ name = "setresuid"
ruid = __short($ruid)
euid = __short($euid)
suid = __short($suid)
argstr = sprintf("%d, %d, %d", ruid, euid, suid)
}
probe syscall.setresuid16.return = kernel.function("sys_setresuid16").return ? {
- name = "setresuid16"
+ name = "setresuid"
retstr = returnstr(1)
}
@@ -1451,13 +1540,13 @@ probe syscall.setreuid.return = kernel.function("sys_setreuid").return {
# long sys_setreuid16(old_uid_t ruid, old_uid_t euid)
#
probe syscall.setreuid16 = kernel.function("sys_setreuid16") ? {
- name = "setreuid16"
+ name = "setreuid"
ruid = __short($ruid)
euid = __short($euid)
argstr = sprintf("%d, %d", ruid, euid)
}
probe syscall.setreuid16.return = kernel.function("sys_setreuid16").return ? {
- name = "setreuid16"
+ name = "setreuid"
retstr = returnstr(1)
}
# setrlimit __________________________________________________
@@ -1547,46 +1636,46 @@ probe syscall.settimeofday.return = kernel.function("sys_settimeofday").return {
}
#
# long sys32_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz)
+# long compat_sys_settimeofday(struct compat_timeval __user *tv, struct timezone __user *tz)
#
-probe syscall.settimeofday32 = kernel.function("sys32_settimeofday") ? {
+probe syscall.settimeofday32 =
+ kernel.function("sys32_settimeofday") ?,
+ kernel.function("compat_sys_settimeofday") ?
+{
name = "settimeofday"
tv_uaddr = $tv
tz_uaddr = $tz
argstr = sprintf("%s, %s", _struct_compat_timeval_u($tv),_struct_timezone_u($tz))
}
-probe syscall.settimeofday32.return = kernel.function("sys32_settimeofday").return ? {
+probe syscall.settimeofday32.return =
+ kernel.function("sys32_settimeofday").return ?,
+ kernel.function("compat_sys_settimeofday").return ?
+{
name = "settimeofday"
retstr = returnstr(1)
}
# setuid _____________________________________________________
#
-# asmlinkage long
-# sys_setuid(uid_t uid)
+# long sys_setuid(uid_t uid)
+# long sys_setuid16(old_uid_t uid)
#
-probe syscall.setuid = kernel.function("sys_setuid") {
+probe syscall.setuid =
+ kernel.function("sys_setuid16") ?,
+ kernel.function("sys_setuid")
+{
name = "setuid"
uid = $uid
argstr = sprint($uid)
}
-probe syscall.setuid.return = kernel.function("sys_setuid").return {
+probe syscall.setuid.return =
+ kernel.function("sys_setuid16").return ?,
+ kernel.function("sys_setuid").return
+{
name = "setuid"
retstr = returnstr(1)
}
-# setuid16 ___________________________________________________
-#
-# asmlinkage long
-# sys_setuid16(old_uid_t uid)
-#
-probe syscall.setuid16 = kernel.function("sys_setuid16") ? {
- name = "setuid16"
- uid = $uid
- argstr = sprint($uid)
-}
-probe syscall.setuid16.return = kernel.function("sys_setuid16").return ? {
- name = "setuid16"
- retstr = returnstr(1)
-}
+
# setxattr ___________________________________________________
# long sys_setxattr(char __user *path,
# char __user *name,
@@ -1692,6 +1781,30 @@ probe syscall.shutdown.return = kernel.function("sys_shutdown").return {
name = "shutdown"
retstr = returnstr(1)
}
+
+# sigaction __________________________________________________
+# sys_sigaction(int sig, const struct old_sigaction __user *act, struct old_sigaction __user *oact)
+# sys32_sigaction(int sig, struct old_sigaction32 __user *act, struct old_sigaction32 __user *oact)
+#
+probe syscall.sigaction =
+ kernel.function("sys_sigaction") ?,
+ kernel.function("sys32_sigaction") ?
+{
+ name = "sigaction"
+ sig = $sig
+ act_uaddr = $act
+ oact_uaddr = $oact
+ # FIXME - decode $act
+ argstr = sprintf("%s, %p, %p", _signal_name($sig), $act, $oact)
+}
+probe syscall.sigaction.return =
+ kernel.function("sys_sigaction").return ?,
+ kernel.function("sys32_sigaction").return ?
+{
+ name = "sigaction"
+ retstr = returnstr(1)
+}
+
# signal _____________________________________________________
# unsigned long sys_signal(int sig, __sighandler_t handler)
#
@@ -1707,26 +1820,13 @@ probe syscall.signal.return = kernel.function("sys_signal").return ? {
}
# sigpending _________________________________________________
-# long do_sigpending(void __user *set, unsigned long sigsetsize)
+# long sys_sigpending(old_sigset_t __user *set)
#
-probe syscall.sigpending = kernel.function("do_sigpending") {
+probe syscall.sigpending = kernel.function("sys_sigpending") ? {
name = "sigpending"
- /*
- * FIXME
- * set is defined as
- * struct {
- * unsigned long int __val[128];
- * }
- * theres is no practical way to export
- * these values. Therefore just export
- * addr, let the user take care of it
- * with embedded C if need be.
- */
- set_uaddr = $set
- sigsetsize = $sigsetsize
- argstr = sprintf("%p, %d", $set, $sigsetsize)
+ argstr = sprintf("%p", $set)
}
-probe syscall.sigpending.return = kernel.function("do_sigpending").return {
+probe syscall.sigpending.return = kernel.function("sys_sigpending").return ? {
name = "sigpending"
retstr = returnstr(1)
}
@@ -1734,23 +1834,13 @@ probe syscall.sigpending.return = kernel.function("do_sigpending").return {
# sigprocmask ________________________________________________
# long sys_sigprocmask(int how, old_sigset_t __user *set, old_sigset_t __user *oset)
# long compat_sys_sigprocmask(int how, compat_old_sigset_t __user *set, compat_old_sigset_t __user *oset)
+#
probe syscall.sigprocmask = kernel.function("sys_sigprocmask") ?,
kernel.function("compat_sys_sigprocmask") ?
{
name = "sigprocmask"
how = $how
how_str = _sigprocmask_how_str($how)
- /*
- * FIXME
- * set and oset are defined as
- * struct {
- * unsigned long int __val[128];
- * }
- * theres is no practical way to export
- * these values. Therefore just export
- * addr, let the user take care of it
- * with embedded C if need be.
- */
set_uaddr = $set
oldset_uaddr = $oset
argstr = sprintf("%s, %p, %p", how_str, $set, $oset)
@@ -1762,6 +1852,40 @@ probe syscall.sigprocmask.return = kernel.function("sys_sigprocmask").return ?,
retstr = returnstr(1)
}
+# sigreturn __________________________________________________
+# int sys_sigreturn(unsigned long __unused)
+#
+probe syscall.sigreturn =
+ kernel.function("sys_sigreturn") ?,
+ kernel.function("sys32_sigreturn") ?
+{
+ name = "sigreturn"
+ argstr = ""
+}
+probe syscall.sigreturn.return =
+ kernel.function("sys_sigreturn").return ?,
+ kernel.function("sys32_sigreturn").return ?
+{
+ name = "sigreturn"
+}
+
+# sigsuspend _________________________________________________
+#
+probe syscall.sigsuspend =
+ kernel.function("sys_sigsuspend") ?,
+ kernel.function("sys32_sigsuspend") ?
+{
+ name = "sigsuspend"
+ argstr = ""
+}
+probe syscall.sigsuspend.return =
+ kernel.function("sys_sigsuspend").return ?,
+ kernel.function("sys32_sigsuspend").return ?
+{
+ name = "sigsuspend"
+ retstr = returnstr(1)
+}
+
# socket _____________________________________________________
# long sys_socket(int family, int type, int protocol)
#
@@ -2025,22 +2149,20 @@ probe syscall.sysinfo.return = kernel.function("sys_sysinfo").return {
}
# syslog _____________________________________________________
#
-# asmlinkage long
-# sys_syslog(int type,
-# char __user * buf,
-# int len)
+# long sys_syslog(int type, char __user * buf, int len)
#
-probe syscall.syslog = kernel.function("do_syslog") {
+probe syscall.syslog = kernel.function("sys_syslog") {
name = "syslog"
type = $type
bufp_uaddr = $buf
len = $len
- argstr = sprintf("%d, %p, %d", $type, bufp_uaddr, $len)
+ argstr = sprintf("%d, %s, %d", $type, text_strn(user_string($buf),syscall_string_trunc,1), $len)
}
-probe syscall.syslog.return = kernel.function("do_syslog").return {
+probe syscall.syslog.return = kernel.function("sys_syslog").return {
name = "syslog"
retstr = returnstr(1)
}
+
# tgkill _____________________________________________________
#
# asmlinkage long
@@ -2178,20 +2300,18 @@ probe syscall.timer_settime.return =
# times ______________________________________________________
#
# long sys_times(struct tms __user * tbuf)
-#
-probe syscall.times = kernel.function("sys_times") {
+# long compat_sys_times(struct compat_tms __user *tbuf)
+probe syscall.times =
+ kernel.function("sys_times") ?,
+ kernel.function("compat_sys_times") ?
+{
name = "times"
- buf_uaddr = $tbuf
- /*
- * FIXME -
- * buf_tms_utime = __uget_tms_m($tbuf,0)
- * buf_tms_stime = __uget_tms_m($tbuf,1)
- * buf_tms_cutime = __uget_tms_m($tbuf,2)
- * buf_tms_cstime = __uget_tms_m($tbuf,3)
- */
- argstr = sprintf("%p", buf_uaddr)
+ argstr = sprintf("%p", $tbuf)
}
-probe syscall.times.return = kernel.function("sys_times").return {
+probe syscall.times.return =
+ kernel.function("sys_times").return ?,
+ kernel.function("compat_sys_times").return ?
+{
name = "times"
retstr = returnstr(1)
}
@@ -2215,7 +2335,6 @@ probe syscall.tkill.return = kernel.function("sys_tkill").return {
# truncate ___________________________________________________
#
-# asmlinkage long
# sys_truncate(const char __user * path, unsigned long length)
# sys_truncate64(const char __user * path, loff_t length)
#
@@ -2276,18 +2395,22 @@ probe syscall.umount.return = kernel.function("sys_umount").return {
#
# int sys_uname(struct old_utsname __user *name)
# long sys_newuname(struct new_utsname __user * name)
-#
+# int sys_olduname(struct oldold_utsname __user * name)
+# int sys32_olduname(struct oldold_utsname __user * name)
probe syscall.uname =
kernel.function("sys_uname") ?,
+ kernel.function("sys_olduname") ?,
+ kernel.function("sys32_olduname") ?,
kernel.function("sys_newuname") ?
{
name = "uname"
- name_uaddr = $name
argstr = sprintf("%p", $name)
}
probe syscall.uname.return =
kernel.function("sys_uname").return ?,
+ kernel.function("sys_olduname").return ?,
+ kernel.function("sys32_olduname").return ?,
kernel.function("sys_newuname").return ?
{
name = "uname"
diff --git a/tapset/x86_64/syscalls.stp b/tapset/x86_64/syscalls.stp
index d1e1fc6c..e97a941e 100644
--- a/tapset/x86_64/syscalls.stp
+++ b/tapset/x86_64/syscalls.stp
@@ -1,80 +1,3 @@
-# getgroups16 ________________________________________________
-# long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist)
-probe syscall.getgroups16 = kernel.function("sys_getgroups16") {
- name = "getgroups16"
- size = $gidsetsize
- list_uaddr = $grouplist
- argstr = sprintf("%d, %p", size, list_uaddr)
-}
-probe syscall.getgroups16.return = kernel.function("sys_getgroups16").return {
- name = "getgroups16"
- retstr = returnstr(1)
-}
-
-# setgroups16 ________________________________________________
-#
-# asmlinkage long
-# sys_setgroups16(int gidsetsize,
-# old_gid_t __user *grouplist)
-#
-probe syscall.setgroups16 = kernel.function("sys_setgroups16") {
- name = "setgroups16"
- size = $gidsetsize
- list_uaddr = $grouplist
- argstr = ""
-}
-probe syscall.setgroups16.return = kernel.function("sys_setgroups16").return {
- name = "setgroups16"
- retstr = returnstr(1)
-}
-
-
-
-# quotactl ___________________________________________________
-#
-# asmlinkage long
-# sys_quotactl(unsigned int cmd,
-# const char __user *special,
-# qid_t id,
-# void __user *addr)
-#
-probe syscall.quotactl = kernel.function("sys_quotactl") {
- name = "quotactl"
- cmd = $cmd
- cmd_str = _quotactl_cmd_str($cmd)
- special_str = user_string($special)
- id = $id
- addr_uaddr = $addr
- argstr = sprintf("%s, %s, %p, %p", cmd_str, special_str,
- id, addr_uaddr)
-}
-probe syscall.quotactl.return = kernel.function("sys_quotactl").return {
- name = "quotactl"
- retstr = returnstr(1)
-}
-# request_key ________________________________________________
-#
-# asmlinkage long
-# sys_request_key(const char __user *_type,
-# const char __user *_description,
-# const char __user *_callout_info,
-# key_serial_t destringid)
-#
-probe syscall.request_key = kernel.function("sys_request_key") ? {
- name = "request_key"
- type_uaddr = $_type
- description_uaddr = $_description
- callout_info_uaddr = $_callout_info
- destringid = $destringid
- argstr = sprintf("%p, %p, %p, %p", type_uaddr,
- description_uaddr, callout_info_uaddr, destringid)
-}
-probe syscall.request_key.return = kernel.function("sys_request_key").return ? {
- name = "request_key"
- retstr = returnstr(1)
-}
-
-
# arch_prctl _________________________________________________
# long sys_arch_prctl(int code, unsigned long addr)
#
generated by cgit (git 2.34.1) at 2025-08-05 16:36:56 +0000