summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--tapset/system_calls.stp219
1 files changed, 219 insertions, 0 deletions
diff --git a/tapset/system_calls.stp b/tapset/system_calls.stp
index 8be52d12..22dedf9d 100644
--- a/tapset/system_calls.stp
+++ b/tapset/system_calls.stp
@@ -1198,46 +1198,102 @@ probe kernel.syscall.sched_rr_get_interval.return =
*/
}
# setpriority______________________________________
+/* asmlinkage long
+ sys_setpriority(int which, int who, int niceval) */
probe kernel.syscall.setpriority =
kernel.function("sys_setpriority") {
name = "setpriority"
+ which = $which
+ which_str =
+ _priority_which_str($which)
+ who = $who
+ prio = $niceval
}
probe kernel.syscall.setpriority.return =
kernel.function("sys_setpriority").return {
name = "setpriority.return"
+ which = $which
+ which_str =
+ _priority_which_str($which)
+ who = $who
+ prio = $niceval
}
# getpriority______________________________________
+/* asmlinkage long sys_getpriority(int which, int who) */
probe kernel.syscall.getpriority =
kernel.function("sys_getpriority") {
name = "getpriority"
+ which = $which
+ which_str =
+ _priority_which_str($which)
+ who = $who
}
probe kernel.syscall.getpriority.return =
kernel.function("sys_getpriority").return {
name = "getpriority.return"
+ which = $which
+ which_str =
+ _priority_which_str($which)
+ who = $who
}
# shutdown_________________________________________
+/* asmlinkage long sys_shutdown(int fd, int how) */
probe kernel.syscall.shutdown =
kernel.function("sys_shutdown") {
name = "shutdown"
+ s = $fd
+ how = $how
+ how_str = _shutdown_how_str($how)
}
probe kernel.syscall.shutdown.return =
kernel.function("sys_shutdown").return {
name = "shutdown.return"
+ s = $fd
+ how = $how
+ how_str = _shutdown_how_str($how)
}
# reboot___________________________________________
+/* asmlinkage long
+ sys_reboot(int magic1, int magic2,
+ unsigned int cmd, void __user * arg) */
probe kernel.syscall.reboot =
kernel.function("sys_reboot") {
name = "reboot"
+ magic = $magic1
+ magic_str =
+ _reboot_magic_str($magic1)
+ magic2 = $magic2
+ magic2_str =
+ _reboot_magic_str($magic2)
+ flag = $cmd
+ flag_str =
+ _reboot_flag_str(flag)
+ /*
+ void __user * arg
+ */
}
probe kernel.syscall.reboot.return =
kernel.function("sys_reboot").return {
name = "reboot.return"
+ magic = $magic1
+ magic_str =
+ _reboot_magic_str($magic1)
+ magic2 = $magic2
+ magic2_str =
+ _reboot_magic_str($magic2)
+ flag = $cmd
+ flag_str =
+ _reboot_flag_str(flag)
+ /*
+ void __user * arg
+ */
}
# restart_syscall__________________________________
+/* asmlinkage long sys_restart_syscall(void) */
probe kernel.syscall.restart_syscall =
kernel.function("sys_restart_syscall") {
name = "restart_syscall"
@@ -1248,49 +1304,157 @@ probe kernel.syscall.restart_syscall.return =
name = "restart_syscall.return"
}
# exit_____________________________________________
+/* asmlinkage long sys_exit(int error_code) */
probe kernel.syscall.exit =
kernel.function("do_exit") {
name = "exit"
+ status = $error_code
}
probe kernel.syscall.exit.return =
kernel.function("do_exit").return {
name = "exit.return"
+ status = $error_code
}
# exit_group_______________________________________
+/* smlinkage void sys_exit_group(int error_code) */
probe kernel.syscall.exit_group =
kernel.function("do_group_exit") {
name = "exit_group"
+ status = $error_code
}
probe kernel.syscall.exit_group.return =
kernel.function("do_group_exit").return {
name = "exit_group.return"
+ status = $error_code
}
# wait4____________________________________________
+/* asmlinkage long
+ sys_wait4(pid_t pid, int __user *stat_addr,
+ int options, struct rusage __user *ru) */
probe kernel.syscall.wait4 =
kernel.function("sys_wait4") {
name = "wait4"
+ pid = $pid
+ /*
+ status = $stat_addr
+ */
+ options = $options
+ options_str =
+ _wait4_opt_str($options)
}
probe kernel.syscall.wait4.return =
kernel.function("sys_wait4").return {
name = "wait4.return"
+ pid = $pid
+ /*
+ status = $stat_addr
+ */
+ options = $options
+ options_str =
+ _wait4_opt_str($options)
}
# waitid___________________________________________
+/* asmlinkage long
+ sys_waitid(int which, pid_t pid,
+ struct siginfo __user *infop, int options,
+ struct rusage __user *ru) */
probe kernel.syscall.waitid =
kernel.function("sys_waitid") {
name = "waitid"
+ which = $which
+ which_str =
+ _waitid_which_str($which)
+ pid = $pid
+ options = $options
+ options_str =
+ _wait4_opt_str($options)
}
probe kernel.syscall.waitid.return =
kernel.function("sys_waitid").return {
name = "waitid.return"
+ which = $which
+ which_str =
+ _waitid_which_str($which)
+ pid = $pid
+ options = $options
+ options_str =
+ _wait4_opt_str($options)
+ /*
+typedef struct siginfo {
+ int si_signo;
+ int si_errno;
+ int si_code;
+
+ union {
+ int _pad[SI_PAD_SIZE];
+
+ // kill()
+ struct {
+ pid_t _pid; // sender's pid
+ __ARCH_SI_UID_T _uid; // sender's uid
+ } _kill;
+
+ // POSIX.1b timers
+ struct {
+ timer_t _tid; // timer id
+ int _overrun; // overrun count
+ char _pad[sizeof( __ARCH_SI_UID_T) - sizeof(int)];
+ sigval_t _sigval; // same as below
+ int _sys_private; // not to be passed to user
+ } _timer;
+
+ // POSIX.1b signals
+ struct {
+ pid_t _pid; // sender's pid
+ __ARCH_SI_UID_T _uid; // sender's uid
+ sigval_t _sigval;
+ } _rt;
+
+ // SIGCHLD
+ struct {
+ pid_t _pid; // which child
+ __ARCH_SI_UID_T _uid; // sender's uid
+ int _status; // exit code
+ clock_t _utime;
+ clock_t _stime;
+ } _sigchld;
+
+ // SIGILL, SIGFPE, SIGSEGV, SIGBUS
+ struct {
+ void __user *_addr; // faulting insn/memory ref.
+#ifdef __ARCH_SI_TRAPNO
+ int _trapno; // TRAP # which caused the signal
+#endif
+ } _sigfault;
+
+ // SIGPOLL
+ struct {
+ __ARCH_SI_BAND_T _band; // POLL_IN, POLL_OUT, POLL_MSG
+ int _fd;
+ } _sigpoll;
+ } _sifields;
+} siginfo_t;
+
+ */
}
# waitpid__________________________________________
+/* asmlinkage long
+ sys_wait4(pid_t pid, int __user *stat_addr,
+ int options, struct rusage __user *ru) */
probe kernel.syscall.waitpid =
kernel.function("sys_wait4") {
name = "waitpid"
+ pid = $pid
+ /*
+ status = $stat_addr
+ */
+ options = $options
+ options_str =
+ _wait4_opt_str($options)
}
probe kernel.syscall.waitpid.return =
@@ -1301,6 +1465,13 @@ probe kernel.syscall.waitpid.return =
probe kernel.syscall.set_tid_address =
kernel.function("sys_set_tid_address") {
name = "set_tid_address"
+ pid = $pid
+ /*
+ status = $stat_addr
+ */
+ options = $options
+ options_str =
+ _wait4_opt_str($options)
}
probe kernel.syscall.set_tid_address.return =
@@ -3495,4 +3666,52 @@ function _sched_policy_str(policy) {
return ""
}
+function _priority_which_str(which) {
+ if(which==0) return "PRIO_PROCESS"
+ if(which==1) return "PRIO_PGRP"
+ if(which==2) return "PRIO_USER"
+ return ""
+}
+
+function _shutdown_how_str(how) {
+ if(how==0) return "SHUT_RD"
+ if(how==1) return "SHUT_WR"
+ if(how==2) return "SHUT_RDWR"
+ return ""
+}
+
+function _reboot_magic_str(magic) {
+ if(magic==-18751827) return "LINUX_REBOOT_MAGIC1"
+ if(magic==672274793) return "LINUX_REBOOT_MAGIC2"
+ if(magic==85072278) return "LINUX_REBOOT_MAGIC2A"
+ if(magic==369367448) return "LINUX_REBOOT_MAGIC2B"
+ return ""
+}
+
+function _reboot_flag_str(flag) {
+ if(flag==19088743) return "LINUX_REBOOT_CMD_RESTART"
+ if(flag==-839974621) return "LINUX_REBOOT_CMD_HALT"
+ if(flag==1126301404) return "LINUX_REBOOT_CMD_POWER_OFF"
+ if(flag==-1582119980) return "LINUX_REBOOT_CMD_RESTART2"
+ if(flag==-1985229329) return "LINUX_REBOOT_CMD_CAD_ON"
+ if(flag==0) return "LINUX_REBOOT_CMD_CAD_OFF"
+ return ""
+}
+
+function _waitid_which_str(which) {
+ if(flag==0) return "P_ALL"
+ if(flag==1) return "P_PID"
+ if(flag==2) return "P_PGID"
+ return ""
+}
+
+function _wait4_opt_str(f) {
+ if((f-16777216)>=0 && (f=__decf(f,16777216))>=0)
+ bs="WNOWAIT|".bs
+ if((f-8)>=0 && (f=__decf(f,8))>=0) bs="WCONTINUED|".bs
+ if((f-4)>=0 && (f=__decf(f,4))>=0) bs="WEXITED|".bs
+ if((f-2)>=0 && (f=__decf(f,2))>=0) bs="WSTOPPED|".bs
+ if((f-1)>=0 && (f=__decf(f,1))>=0) bs="WNOHANG|".bs
+ return substr(bs,0,strlen(bs)-1)
+}
generated by cgit (git 2.34.1) at 2025-08-04 02:42:08 +0000