summaryrefslogtreecommitdiffstats
path: root/tapset/syscalls.stp
diff options
context:
space:
mode:
Diffstat (limited to 'tapset/syscalls.stp')
-rw-r--r--tapset/syscalls.stp114
1 files changed, 111 insertions, 3 deletions
diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp
index d394208f..11c2bdf7 100644
--- a/tapset/syscalls.stp
+++ b/tapset/syscalls.stp
@@ -630,7 +630,8 @@ probe syscall.exit = kernel.function("do_exit") {
status = $code
argstr = sprint($code)
}
-probe syscall.exit.return = end {}
+# sys_exit() never returns, and is blacklisted for return probes,
+# so no alias here. See bz6588.
# exit_group _________________________________________________
# void sys_exit_group(int error_code)
@@ -640,8 +641,26 @@ probe syscall.exit_group = kernel.function("sys_exit_group") {
status = $error_code
argstr = sprint($error_code)
}
+# sys_exit_group() never returns, and is blacklisted for return probes,
+# so no alias here. See bz6588.
-probe syscall.exit_group.return = end {}
+# faccessat __________________________________________________
+# new function with 2.6.16
+# long sys_faccessat(int dfd, const char __user *filename, int mode)
+probe syscall.faccessat = kernel.function("sys_faccessat") ? {
+ name = "faccessat"
+ dfd = $dfd
+ dfd_str = _dfd_str($dfd)
+ filename = $filename
+ filename_str = user_string($filename)
+ mode = $mode
+ mode_str = _access_mode_str($mode)
+ argstr = sprintf("%s, %s, %s", dfd_str, user_string_quoted($filename), mode_str)
+}
+probe syscall.faccessat.return = kernel.function("sys_faccessat").return ? {
+ name = "faccessat"
+ retstr = returnstr(1)
+}
%(arch != "x86_64" %?
# fadvise64 __________________________________________________
@@ -736,6 +755,24 @@ probe syscall.fchmod.return = kernel.function("sys_fchmod").return {
retstr = returnstr(1)
}
+# fchmodat ___________________________________________________
+# new function with 2.6.16
+# long sys_fchmodat(int dfd, const char __user *filename,
+# mode_t mode)
+probe syscall.fchmodat = kernel.function("sys_fchmodat") ? {
+ name = "fchmodat"
+ dfd = $dfd
+ dfd_str = _dfd_str($dfd)
+ filename = $filename
+ filename_str = user_string($filename)
+ mode = $mode
+ argstr = sprintf("%s, %s, %#o", dfd_str, user_string_quoted($filename), $mode)
+}
+probe syscall.fchmodat.return = kernel.function("sys_fchmodat").return ? {
+ name = "fchmodat"
+ retstr = returnstr(1)
+}
+
# fchown _____________________________________________________
# long sys_fchown(unsigned int fd, uid_t user, gid_t group)
probe syscall.fchown = kernel.function("sys_fchown") {
@@ -764,6 +801,28 @@ probe syscall.fchown16.return = kernel.function("sys_fchown16").return ? {
retstr = returnstr(1)
}
+# fchownat ___________________________________________________
+# new function with 2.6.16
+# long sys_fchownat(int dfd, const char __user *filename,
+# uid_t user, gid_t group, int flag)
+probe syscall.fchownat = kernel.function("sys_fchownat") ? {
+ name = "fchownat"
+ dfd = $dfd
+ dfd_str = _dfd_str($dfd)
+ filename = $filename
+ filename_str = user_string($filename)
+ user = __int32($user)
+ group = __int32($group)
+ flag = $flag
+ flag_str = _at_flag_str($flag)
+ argstr = sprintf("%s, %s, %d, %d, %s",
+ dfd_str, user_string_quoted($filename), user, group, flag_str)
+}
+probe syscall.fchownat.return = kernel.function("sys_fchownat").return ? {
+ name = "fchownat"
+ retstr = returnstr(1)
+}
+
# fcntl ______________________________________________________
# long sys_fcntl(int fd, unsigned int cmd, unsigned long arg)
# long sys_fcntl64(unsigned int fd, unsigned int cmd, unsigned long arg)
@@ -2013,6 +2072,7 @@ probe syscall.lchown16.return = kernel.function("sys_lchown16").return ? {
name = "lchown16"
retstr = returnstr(1)
}
+
# lgetxattr __________________________________________________
# ssize_t sys_lgetxattr(char __user *path,
# char __user *name,
@@ -2035,6 +2095,7 @@ probe syscall.lgetxattr.return = kernel.function("sys_lgetxattr").return {
name = "lgetxattr"
retstr = returnstr(1)
}
+
# link _______________________________________________________
# long sys_link(const char __user * oldname,
# const char __user * newname)
@@ -2051,6 +2112,32 @@ probe syscall.link.return = kernel.function("sys_link").return {
retstr = returnstr(1)
}
+# linkat _____________________________________________________
+# new function with 2.6.16
+# long sys_linkat(int olddfd, const char __user *oldname,
+# int newdfd, const char __user *newname, int flags)
+probe syscall.linkat = kernel.function("sys_linkat") ? {
+ name = "linkat"
+ olddfd = $olddfd
+ olddfd_str = _dfd_str($olddfd)
+ oldname = $oldname
+ oldname_str = user_string($oldname)
+ newdfd = $newdfd
+ newdfd_str = _dfd_str($newdfd)
+ newname = $newname
+ newname_str = user_string($newname)
+ flags = $flags
+ flags_str = _at_flag_str($flags)
+ argstr = sprintf("%s, %s, %s, %s, %s",
+ olddfd_str, user_string_quoted($oldname),
+ newdfd_str, user_string_quoted($newname),
+ flags_str)
+}
+probe syscall.linkat.return = kernel.function("sys_linkat").return ? {
+ name = "linkat"
+ retstr = returnstr(1)
+}
+
# listen _____________________________________________________
# long sys_listen(int fd, int backlog)
probe syscall.listen = kernel.function("sys_listen") ? {
@@ -2328,7 +2415,7 @@ probe syscall.mkdirat = kernel.function("sys_mkdirat") ? {
dirfd = $dfd
pathname = user_string($pathname)
mode = $mode
- argstr = sprintf("%d, %s, %#o", $dfd, user_string_quoted($pathname), $mode)
+ argstr = sprintf("%s, %s, %#o", _dfd_str($dfd), user_string_quoted($pathname), $mode)
}
probe syscall.mkdirat.return = kernel.function("sys_mkdirat").return ? {
name = "mkdirat"
@@ -2350,6 +2437,27 @@ probe syscall.mknod.return = kernel.function("sys_mknod").return {
retstr = returnstr(1)
}
+# mknodat ____________________________________________________
+# new function with 2.6.16
+# long sys_mknodat(int dfd, const char __user *filename,
+# int mode, unsigned dev)
+probe syscall.mknodat = kernel.function("sys_mknodat") ? {
+ name = "mknodat"
+ dfd = $dfd
+ dfd_str = _dfd_str($dfd)
+ filename = $filename
+ filename_str = user_string($filename)
+ mode = $mode
+ mode_str = _mknod_mode_str($mode)
+ dev = $dev
+ argstr = sprintf("%s, %s, %s, %p",
+ dfd_str, user_string_quoted($filename), mode_str, $dev)
+}
+probe syscall.mknodat.return = kernel.function("sys_mknodat").return ? {
+ name = "mknodat"
+ retstr = returnstr(1)
+}
+
# mlock ______________________________________________________
#
# long sys_mlock(unsigned long start, size_t len)
generated by cgit (git 2.34.1) at 2025-08-05 13:10:58 +0000