diff options
| -rw-r--r-- | stapfuncs.5.in | 10 | ||||
| -rw-r--r-- | tapset/mask_string.stp | 58 | ||||
| -rw-r--r-- | tapset/string.stp | 18 | ||||
| -rw-r--r-- | tapset/system_calls.stp | 288 |
4 files changed, 330 insertions, 44 deletions
diff --git a/stapfuncs.5.in b/stapfuncs.5.in index a9746a1d..01adca12 100644 --- a/stapfuncs.5.in +++ b/stapfuncs.5.in @@ -84,6 +84,16 @@ user_string:string (addr:long) Copy a string from user space at given address. The validation of this address is only partial at present. +.SS STRING + +.TP +strlen:long (str:string) +Return the number of characters in str. + +.TP +substr:string (str:string,start:long,stop:long) +Return the substring starting at character start and ending at character stop. + .SS TIMESTAMP .TP diff --git a/tapset/mask_string.stp b/tapset/mask_string.stp new file mode 100644 index 00000000..47d609f6 --- /dev/null +++ b/tapset/mask_string.stp @@ -0,0 +1,58 @@ +global _name +global _bits + +function _bitstring:string(mask:long,sz:long,stop:long) { + /* derive bitwise-or'd mask string */ + for(i=sz;i>=0;i--) { + if(mask>=_bits[i]) { + mskstr=_name[i]."|".mskstr; + if(mask<stop) + break; + mask=mask-_bits[i]; + } + } + return substr(mskstr,0,(strlen(mskstr)-1)); +} + +function sys_adjtimex_mode_str:string(flags:long) { + _name[0]= "ADJ_OFFSET"; _bits[0]=1; + _name[1]= "ADJ_FREQUENCY"; _bits[1]=2; + _name[2]= "ADJ_MAXERROR"; _bits[2]=3; + _name[3]= "ADJ_ESTERROR"; _bits[3]=8; + _name[4]= "ADJ_STATUS"; _bits[4]=16; + _name[5]= "ADJ_TIMECONST"; _bits[5]=32; + _name[6]= "ADJ_TICK"; _bits[6]=16384; + _name[7]= "ADJ_OFFSET_SINGLESHOT"; _bits[7]=32769; + return _bitstring(flags,6,0); +} + +function sys_open_flag_str:string(flags:long) { + _name[0]= "O_RDONLY"; _bits[0]=0; + _name[1]= "O_WRONLY"; _bits[1]=1; + _name[2]= "O_RDWR"; _bits[2]=2; + _name[3]= "O_CREAT"; _bits[3]=64; + _name[4]= "O_EXCL"; _bits[4]=128; + _name[5]= "O_NDCTTY"; _bits[5]=256; + _name[6]= "O_TRUNC"; _bits[6]=512; + _name[7]= "O_APPEND"; _bits[7]=1024; + _name[8]= "O_NONBLOCK"; _bits[8]=2048; + _name[9]= "O_SYNC"; _bits[9]=4096; + _name[10]="O_ASYNC"; _bits[10]=8192; + return _bitstring(flags,10,64); +} + +function sys_open_mode_umask_str:string(mode:long) { + _name[0]= "S_IXOTH"; _bits[0]=1; + _name[1]= "S_IWOTH"; _bits[1]=2; + _name[2]= "S_IROTH"; _bits[2]=4; + _name[3]= "S_IRWXO"; _bits[3]=7; + _name[4]= "S_IXGRP"; _bits[4]=8; + _name[5]= "S_IWGRP"; _bits[5]=16; + _name[6]= "S_IRGRP"; _bits[6]=32; + _name[7]= "S_IRWXG"; _bits[7]=56; + _name[8]= "S_IXUSR"; _bits[8]=64; + _name[9]= "S_IWUSR"; _bits[9]=128; + _name[10]="S_IRUSR"; _bits[10]=256; + _name[11]="S_IRWXU"; _bits[11]=448; + return _bitstring(mode,11,0); +} diff --git a/tapset/string.stp b/tapset/string.stp new file mode 100644 index 00000000..f6933724 --- /dev/null +++ b/tapset/string.stp @@ -0,0 +1,18 @@ +function strlen:long(s:string) %{ + THIS->__retvalue=strlen(THIS->s); +%} + +function substr:string(str:string,start:long,stop:long) %{ + int len=strlen(THIS->str); + if(THIS->start<0 || THIS->stop<0 || + THIS->start>len || THIS->stop>len || + THIS->start>=THIS->stop) + { + return; + } + else { + char *s=THIS->str; + strncpy(THIS->__retvalue,s+THIS->start,THIS->stop); + THIS->__retvalue[THIS->stop]='\0'; + } +%} diff --git a/tapset/system_calls.stp b/tapset/system_calls.stp index e724d3da..be2676d0 100644 --- a/tapset/system_calls.stp +++ b/tapset/system_calls.stp @@ -78,6 +78,7 @@ probe kernel.syscall.adjtimex = name = "adjtimex" /* modes = $txc_p->modes + modes_str = sys_adjtimex_mode_str($txc_p->modes) offset = $txc_p->offset freq = $txc_p->freq maxerror = $txc_p->maxerror @@ -90,32 +91,6 @@ probe kernel.syscall.adjtimex = tv_sec = $txc_p->time->tv_sec tv_usec = $txc_p->time->tv_usec tick = $txc_p->tick - +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - The modes field determines which parameters, - if any, to set. It may contain a bit-wise-or - combination of zero or more of the following bits: - - #define ADJ_OFFSET 0x0001 time offset - #define ADJ_FREQUENCY 0x0002 frequency offset - #define ADJ_MAXERROR 0x0004 maximum time error - #define ADJ_ESTERROR 0x0008 estimated time error - #define ADJ_STATUS 0x0010 clock status - #define ADJ_TIMECONST 0x0020 pll time constant - #define ADJ_TICK 0x4000 tick value - #define ADJ_OFFSET_SINGLESHOT 0x8001 old-fashioned adjtime - - Ordinary users are restricted to a zero value for mode. - Only the superuser may set any parameters. - - RETURN VALUE - On success, adjtimex returns the clock state: - - #define TIME_OK 0 clock synchronized - #define TIME_INS 1 insert leap second - #define TIME_DEL 2 delete leap second - #define TIME_OOP 3 leap second in progress - #define TIME_WAIT 4 leap second has occurred - #define TIME_BAD 5 clock not synchronized */ } @@ -124,6 +99,7 @@ probe kernel.syscall.adjtimex.return = name = "adjtimex.return" /* modes = $txc_p->modes + modes_str = sys_adjtimex_mode_str($txc_p->modes) offset = $txc_p->offset freq = $txc_p->freq maxerror = $txc_p->maxerror @@ -137,22 +113,7 @@ probe kernel.syscall.adjtimex.return = tv_usec = $txc_p->time->tv_usec tick = $txc_p->tick +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - The modes field determines which parameters, - if any, to set. It may contain a bit-wise-or - combination of zero or more of the following bits: - - #define ADJ_OFFSET 0x0001 time offset - #define ADJ_FREQUENCY 0x0002 frequency offset - #define ADJ_MAXERROR 0x0004 maximum time error - #define ADJ_ESTERROR 0x0008 estimated time error - #define ADJ_STATUS 0x0010 clock status - #define ADJ_TIMECONST 0x0020 pll time constant - #define ADJ_TICK 0x4000 tick value - #define ADJ_OFFSET_SINGLESHOT 0x8001 old-fashioned adjtime - - Ordinary users are restricted to a zero value for mode. - Only the superuser may set any parameters. - + RETURN VALUE On success, adjtimex returns the clock state: @@ -162,6 +123,12 @@ probe kernel.syscall.adjtimex.return = #define TIME_OOP 3 leap second in progress #define TIME_WAIT 4 leap second has occurred #define TIME_BAD 5 clock not synchronized + + NOTE: Once $retval built-in is working it would + be nice to export a symbolic name string + corresponding to the return value. + + i.e. clockstate = get_clock_state($retval) */ } # times____________________________________________ @@ -584,8 +551,8 @@ probe kernel.syscall.acct.return = */ } # capget___________________________________________ -/* asmlinkage long sys_capget(cap_user_header_t header, - cap_user_data_t dataptr) */ +/* asmlinkage long sys_capget(cap_user_header_t header, + cap_user_data_t dataptr) */ probe kernel.syscall.capget = kernel.function("sys_capget") { name = "capget" @@ -703,114 +670,347 @@ probe kernel.syscall.sigpending.return = */ } # sigprocmask______________________________________ +/* asmlinkage long sys_sigprocmask(int how, + old_sigset_t __user *set, + old_sigset_t __user *oset) */ probe kernel.syscall.sigprocmask = kernel.function("sys_sigprocmask") { name = "sigprocmask" + how = $how + how_str = "" + if (how==0) how_str = "SIG_BLOCK" + if (how==1) how_str = "SIG_UNBLOCK" + if (how==2) how_str = "SIG_SETMASK" + /* + set = $set + oldset = $oset + */ } probe kernel.syscall.sigprocmask.return = kernel.function("sys_sigprocmask").return { name = "sigprocmask.return" + how = $how + how_str = "" + if (how==0) how_str = "SIG_BLOCK" + if (how==1) how_str = "SIG_UNBLOCK" + if (how==2) how_str = "SIG_SETMASK" + /* + set = $set + oldset = $oset + */ } # getitimer________________________________________ +/* asmlinkage long sys_getitimer(int which, + struct itimerval __user *value) */ probe kernel.syscall.getitimer = kernel.function("sys_getitimer") { name = "getitimer" + which = $which + which_str = "" + if (how==0) how_str = "ITIMER_REAL" + if (how==1) how_str = "ITIMER_VIRTUAL" + if (how==2) how_str = "ITIMER_PROF" + /* + value_it_interval_tv_sec = $value->it_interval->tv_sec + value_it_interval_tv_usec = $value->it_interval->tv_usec + value_it_value_tv_sec = $value->it_value->tv_sec + value_it_value_tv_usec = $value->it_value->tv_usec + */ } probe kernel.syscall.getitimer.return = kernel.function("sys_getitimer").return { name = "getitimer.return" + which = $which + which_str = "" + if (how==0) how_str = "ITIMER_REAL" + if (how==1) how_str = "ITIMER_VIRTUAL" + if (how==2) how_str = "ITIMER_PROF" + /* + value_it_interval_tv_sec = $value->it_interval->tv_sec + value_it_interval_tv_usec = $value->it_interval->tv_usec + value_it_value_tv_sec = $value->it_value->tv_sec + value_it_value_tv_usec = $value->it_value->tv_usec + */ } # setitimer________________________________________ +/* asmlinkage long sys_setitimer(int which, + struct itimerval __user *value, + struct itimerval __user *ovalue) */ probe kernel.syscall.setitimer = kernel.function("sys_setitimer") { name = "setitimer" + which = $which + which_str = "" + if (how==0) how_str = "ITIMER_REAL" + if (how==1) how_str = "ITIMER_VIRTUAL" + if (how==2) how_str = "ITIMER_PROF" + /* + value_it_interval_tv_sec = $value->it_interval->tv_sec + value_it_interval_tv_usec = $value->it_interval->tv_usec + value_it_value_tv_sec = $value->it_value->tv_sec + value_it_value_tv_usec = $value->it_value->tv_usec + */ } probe kernel.syscall.setitimer.return = kernel.function("sys_setitimer").return { name = "setitimer.return" + which = $which + which_str = "" + if (how==0) how_str = "ITIMER_REAL" + if (how==1) how_str = "ITIMER_VIRTUAL" + if (how==2) how_str = "ITIMER_PROF" + /* + value_it_interval_tv_sec = $value->it_interval->tv_sec + value_it_interval_tv_usec = $value->it_interval->tv_usec + value_it_value_tv_sec = $value->it_value->tv_sec + value_it_value_tv_usec = $value->it_value->tv_usec + + ovalue_it_interval_tv_sec = $ovalue->it_interval->tv_sec + ovalue_it_interval_tv_usec = $ovalue->it_interval->tv_usec + ovalue_it_value_tv_sec = $ovalue->it_value->tv_sec + ovalue_it_value_tv_usec = $ovalue->it_value->tv_usec + */ } # timer_create_____________________________________ +/* asmlinkage long sys_timer_create(clockid_t which_clock, + struct sigevent __user *timer_event_spec, + timer_t __user * created_timer_id) */ probe kernel.syscall.timer_create = kernel.function("sys_timer_create") { name = "timer_create" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" + /* ...a little unsure about this... + + typedef struct sigevent { + sigval_t sigev_value; + int sigev_signo; + int sigev_notify; + union { + int _pad[SIGEV_PAD_SIZE]; + int _tid; + + struct { + void (*_function)(sigval_t); + void *_attribute; // really pthread_attr_t + } _sigev_thread; + } _sigev_un; + } sigevent_t; + + */ } probe kernel.syscall.timer_create.return = kernel.function("sys_timer_create").return { name = "timer_create.return" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" + /* ...a little unsure about this... + + typedef struct sigevent { + sigval_t sigev_value; + int sigev_signo; + int sigev_notify; + union { + int _pad[SIGEV_PAD_SIZE]; + int _tid; + + struct { + void (*_function)(sigval_t); + void *_attribute; // really pthread_attr_t + } _sigev_thread; + } _sigev_un; + } sigevent_t; + +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + created_timer_id = $created_timer_id + */ } # timer_gettime____________________________________ +/* asmlinkage long sys_timer_gettime(timer_t timer_id, + struct itimerspec __user *setting) */ probe kernel.syscall.timer_gettime = kernel.function("sys_timer_gettime") { name = "timer_gettime" + timer_id = $timer_id } probe kernel.syscall.timer_gettime.return = kernel.function("sys_timer_gettime").return { name = "timer_gettime.return" + timer_id = $timer_id + /* + setting_it_interval_tv_sec = $setting->it_interval->tv_sec + setting_it_interval_tv_usec = $setting->it_interval->tv_usec + setting_it_value_tv_sec = $setting->it_value->tv_sec + setting_it_value_tv_usec = $setting->it_value->tv_usec + */ } # timer_getoverrun_________________________________ +/* asmlinkage long sys_timer_getoverrun(timer_t timer_id) */ probe kernel.syscall.timer_getoverrun = kernel.function("sys_timer_getoverrun") { name = "timer_getoverrun" + timer_id = $timer_id } probe kernel.syscall.timer_getoverrun.return = kernel.function("sys_timer_getoverrun").return { name = "timer_getoverrun.return" + timer_id = $timer_id } # timer_settime____________________________________ +/* asmlinkage long sys_timer_settime(timer_t timer_id, int flags, + const struct itimerspec __user *new_setting, + struct itimerspec __user *old_setting) */ probe kernel.syscall.timer_settime = kernel.function("sys_timer_settime") { name = "timer_settime" + timer_id = $timer_id + flags = $flags + /* + new_setting_it_interval_tv_sec = $new_setting->it_interval->tv_sec + new_setting_it_interval_tv_usec = $new_setting->it_interval->tv_usec + */ } probe kernel.syscall.timer_settime.return = kernel.function("sys_timer_settime").return { name = "timer_settime.return" + name = "timer_settime" + timer_id = $timer_id + flags = $flags + /* + new_setting_it_interval_tv_sec = $new_setting->it_interval->tv_sec + new_setting_it_interval_tv_usec = $new_setting->it_interval->tv_usec + old_setting_it_interval_tv_sec = $old_setting->it_interval->tv_sec + old_setting_it_interval_tv_usec = $old_setting->it_interval->tv_usec + */ } # timer_delete_____________________________________ +/* asmlinkage long sys_timer_delete(timer_t timer_id) */ probe kernel.syscall.timer_delete = kernel.function("sys_timer_delete") { name = "timer_delete" + timer_id = $timer_id } probe kernel.syscall.timer_delete.return = kernel.function("sys_timer_delete").return { name = "timer_delete.return" + timer_id = $timer_id } # clock_settime____________________________________ +/* asmlinkage long sys_clock_settime(clockid_t which_clock, + const struct timespec __user *tp) */ probe kernel.syscall.clock_settime = kernel.function("sys_clock_settime") { name = "clock_settime" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" + /* + tp_tv_sec = $tp->tv_sec + tp_tv_usec = $tp->tv_usec + */ } probe kernel.syscall.clock_settime.return = kernel.function("sys_clock_settime").return { name = "clock_settime.return" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" + /* + tp_tv_sec = $tp->tv_sec + tp_tv_usec = $tp->tv_usec + */ } # clock_gettime____________________________________ +/* asmlinkage long sys_clock_gettime(clockid_t which_clock, + struct timespec __user *tp) */ probe kernel.syscall.clock_gettime = kernel.function("sys_clock_gettime") { name = "clock_gettime" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" } probe kernel.syscall.clock_gettime.return = kernel.function("sys_clock_gettime").return { name = "clock_gettime.return" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" + /* + tp_tv_sec = $tp->tv_sec + tp_tv_usec = $tp->tv_usec + */ } # clock_getres_____________________________________ probe kernel.syscall.clock_getres = kernel.function("sys_clock_getres") { name = "clock_getres" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" } probe kernel.syscall.clock_getres.return = kernel.function("sys_clock_getres").return { name = "clock_getres.return" + which_clock = $which_clock + which_clock_str = "" + if (how==0) how_str = "CLOCK_REALTIME" + if (how==1) how_str = "CLOCK_MONOTONIC" + if (how==2) how_str = "CLOCK_PROCESS_CPUTIME_ID" + if (how==3) how_str = "CLOCK_THREAD_CPUTIME_ID" + if (how==4) how_str = "CLOCK_REALTIME_HR" + if (how==5) how_str = "CLOCK_MONOTONIC_HR" + /* + tp_tv_sec = $tp->tv_sec + tp_tv_usec = $tp->tv_usec + */ } # clock_nanosleep__________________________________ probe kernel.syscall.clock_nanosleep = |