summaryrefslogtreecommitdiffstats
path: root/tapset/syscalls.stp
diff options
context:
space:
mode:
Diffstat (limited to 'tapset/syscalls.stp')
-rw-r--r--tapset/syscalls.stp195
1 files changed, 79 insertions, 116 deletions
diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp
index c80015c5..36903b57 100644
--- a/tapset/syscalls.stp
+++ b/tapset/syscalls.stp
@@ -98,7 +98,7 @@ probe syscall.bdflush = kernel.function("sys_bdflush") {
name = "bdflush"
func = $func
data = $data
- argstr = sprintf("%d 0x%x",func, data)
+ argstr = sprintf("%d 0x%p",func, data)
}
probe syscall.bdflush.return = kernel.function("sys_bdflush").return {
name = "bdflush"
@@ -124,7 +124,7 @@ probe syscall.bind.return = kernel.function("sys_bind").return {
probe syscall.brk = kernel.function("sys_brk") {
name = "brk"
brk = $brk
- argstr = sprintf("0x%x", brk)
+ argstr = sprintf("0x%p", brk)
}
probe syscall.brk.return = kernel.function("sys_brk").return {
name = "brk"
@@ -143,31 +143,17 @@ probe syscall.brk.return = kernel.function("sys_brk").return {
* cap_get_proc / cap_set_proc are better
* functions to export.
*/
-/*
- * asmlinkage long
- * sys_capget(cap_user_header_t header,
- * cap_user_data_t dataptr)
- */
-probe kernel.syscall.capget =
- kernel.function("sys_capget") {
- name = "capget"
- header_uaddr = $header
- data_uaddr = $dataptr
- /*
- * NOTE
- * These two functions are the raw kernel
- * interface for getting and setting
- * capabilities. The kernel API is likely
- * to change and use of these functions (in
- * particular the format of the cap_user_*_t
- * types) is subject to change with each
- * kernel revision.
- */
- }
-probe kernel.syscall.capget.return =
- kernel.function("sys_capget").return {
- name = "capget.return"
- }
+# long sys_capget(cap_user_header_t header, cap_user_data_t dataptr)
+probe syscall.capget = kernel.function("sys_capget") {
+ name = "capget"
+ header_uaddr = $header
+ data_uaddr = $dataptr
+ argstr = sprintf("0x%p, 0x%p", $header, $dataptr)
+}
+probe syscall.capget.return = kernel.function("sys_capget").return {
+ name = "capget"
+ retstr = returnstr(1)
+}
# capset _____________________________________________________
/*
* NOTE
@@ -180,35 +166,18 @@ probe kernel.syscall.capget.return =
* cap_get_proc / cap_set_proc are better
* functions to export.
*/
-/*
- * asmlinkage long
- * sys_capset(cap_user_header_t header,
- * const cap_user_data_t data)
- */
-probe kernel.syscall.capset =
- kernel.function("sys_capset") {
- name = "capset"
- header_uaddr = $header
- data_uaddr = $data
- /*
- * NOTE
- * These two functions are the raw kernel
- * interface for getting and setting
- * capabilities. The kernel API is likely
- * to change and use of these functions (in
- * particular the format of the cap_user_*_t
- * types) is subject to change with each
- * kernel revision.
- *
- * These system calls are specific to Linux.
- * The portable interfaces are cap_set_proc
- * and cap_get_proc.
- */
- }
-probe kernel.syscall.capset.return =
- kernel.function("sys_capset").return {
- name = "capset.return"
- }
+# long sys_capset(cap_user_header_t header, const cap_user_data_t data)
+probe syscall.capset = kernel.function("sys_capset") {
+ name = "capset"
+ header_uaddr = $header
+ data_uaddr = $data
+ argstr = sprintf("0x%p, 0x%p", $header, $data)
+}
+probe syscall.capset.return = kernel.function("sys_capset").return {
+ name = "capset"
+ retstr = returnstr(1)
+}
+
# chdir ______________________________________________________
# long sys_chdir(const char __user * filename)
probe syscall.chdir = kernel.function("sys_chdir") {
@@ -259,40 +228,34 @@ probe syscall.chroot.return = kernel.function("sys_chroot").return {
name = "chroot"
retstr = returnstr(1)
}
+
# clock_getres _______________________________________________
-/*
- * asmlinkage long
- * sys_clock_getres(clockid_t which_clock,
- * struct timespec __user *tp)
- */
-probe kernel.syscall.clock_getres =
- kernel.function("sys_clock_getres") {
- name = "clock_getres"
- clk_id = $which_clock
- clk_id_str = _get_wc_str($which_clock)
- res_uaddr = $tp
- }
-probe kernel.syscall.clock_getres.return =
- kernel.function("sys_clock_getres").return {
- name = "clock_getres.return"
- }
+# long sys_clock_getres(clockid_t which_clock, struct timespec __user *tp)
+probe syscall.clock_getres = kernel.function("sys_clock_getres") {
+ name = "clock_getres"
+ clk_id = $which_clock
+ clk_id_str = _get_wc_str($which_clock)
+ res_uaddr = $tp
+ #fixme argstr
+}
+probe syscall.clock_getres.return = kernel.function("sys_clock_getres").return {
+ name = "clock_getres"
+ retstr = returnstr(1)
+}
+
# clock_gettime ______________________________________________
-/*
- * asmlinkage long
- * sys_clock_gettime(clockid_t which_clock,
- * struct timespec __user *tp)
- */
-probe kernel.syscall.clock_gettime =
- kernel.function("sys_clock_gettime") {
- name = "clock_gettime"
- clk_id = $which_clock
- clk_id_str = _get_wc_str($which_clock)
- tp_uaddr = $tp
+# long sys_clock_gettime(clockid_t which_clock, struct timespec __user *tp)
+probe syscall.clock_gettime = kernel.function("sys_clock_gettime") {
+ name = "clock_gettime"
+ clk_id = $which_clock
+ clk_id_str = _get_wc_str($which_clock)
+ tp_uaddr = $tp
+ #fixme argstr
+}
+probe syscall.clock_gettime.return = kernel.function("sys_clock_gettime").return {
+ name = "clock_gettime"
+ retstr = returnstr(1)
}
-probe kernel.syscall.clock_gettime.return =
- kernel.function("sys_clock_gettime").return {
- name = "clock_gettime.return"
- }
# clock_nanosleep ____________________________________________
/*
* asmlinkage long
@@ -632,7 +595,7 @@ probe syscall.fgetxattr = kernel.function("sys_fgetxattr") {
name2 = user_string($name)
value_uaddr = $value
size = $size
- argstr = sprintf("%d, %s, [0x%x], %d", filedes, name2,
+ argstr = sprintf("%d, %s, [0x%p], %d", filedes, name2,
value_uaddr, size)
}
probe syscall.fgetxattr.return = kernel.function("sys_fgetxattr").return {
@@ -646,7 +609,7 @@ probe syscall.flistxattr = kernel.function("sys_flistxattr") {
filedes = $fd
list_uaddr = $list
size = $size
- argstr = sprintf("%d, [0x%x], %d", filedes, list_uaddr, size)
+ argstr = sprintf("%d, [0x%p], %d", filedes, list_uaddr, size)
}
probe syscall.flistxattr.return = kernel.function("sys_flistxattr").return {
name = "flistxattr"
@@ -727,7 +690,7 @@ probe syscall.fsetxattr = kernel.function("sys_fsetxattr") {
value_uaddr = $value
size = $size
flags = $flags
- argstr = sprintf("%d, %s, [0x%x], %d, 0x%x", filedes, name2,
+ argstr = sprintf("%d, %s, [0x%p], %d, 0x%p", filedes, name2,
value_uaddr, size, flags)
}
probe syscall.fsetxattr.return = kernel.function("sys_fsetxattr").return {
@@ -741,7 +704,7 @@ probe syscall.fstatfs = kernel.function("sys_fstatfs") {
name = "fstatfs"
fd = $fd
buf_uaddr = $buf
- argstr = sprintf("%d, [0x%x]", fd, buf_uaddr)
+ argstr = sprintf("%d, [0x%p]", fd, buf_uaddr)
}
probe syscall.fstatfs.return = kernel.function("sys_fstatfs").return {
name = "fstatfs"
@@ -754,7 +717,7 @@ probe syscall.fstatfs64 = kernel.function("sys_fstatfs64") {
fd = $fd
sz = $sz
buf_uaddr = $buf
- argstr = sprintf("%d, %d, [0x%x]", fd, sz, buf_uaddr)
+ argstr = sprintf("%d, %d, [0x%p]", fd, sz, buf_uaddr)
}
probe syscall.fstatfs64.return = kernel.function("sys_fstatfs64").return {
name = "fstatfs64.return"
@@ -815,10 +778,10 @@ probe syscall.futex = kernel.function("sys_futex") {
uaddr2_uaddr = $uaddr2
val3 = $val3
if (op == 0)
- argstr = sprintf("0x%x, %s, %d, %s", $uaddr, _futex_op_str($op),
+ argstr = sprintf("0x%p, %s, %d, %s", $uaddr, _futex_op_str($op),
$val, _struct_timespec_u($utime))
else
- argstr = sprintf("0x%x, %s, %d", $uaddr, _futex_op_str($op),
+ argstr = sprintf("0x%p, %s, %d", $uaddr, _futex_op_str($op),
$val)
}
probe syscall.futex.return = kernel.function("sys_futex").return {
@@ -832,7 +795,7 @@ probe syscall.getcwd = kernel.function("sys_getcwd") {
name = "getcwd"
buf_uaddr = $buf
size = $size
- argstr = sprintf("[0x%x], %d", buf_uaddr, size)
+ argstr = sprintf("[0x%p], %d", buf_uaddr, size)
}
probe syscall.getcwd.return = kernel.function("sys_getcwd").return {
name = "getcwd"
@@ -848,7 +811,7 @@ probe syscall.getdents = kernel.function("sys_getdents") {
fd = $fd
dirp_uaddr = $dirent
count = $count
- argstr = sprintf("%d, [0x%x], %d", fd, dirp_uaddr, count)
+ argstr = sprintf("%d, [0x%p], %d", fd, dirp_uaddr, count)
}
probe syscall.getdents.return = kernel.function("sys_getdents").return {
name = "getdents"
@@ -864,7 +827,7 @@ probe syscall.getdents64 = kernel.function("sys_getdents64") {
fd = $fd
dirp_uaddr = $dirent
count = $count
- argstr = sprintf("%d, [0x%x], %d", fd, dirp_uaddr, count)
+ argstr = sprintf("%d, [0x%p], %d", fd, dirp_uaddr, count)
}
probe syscall.getdents64.return = kernel.function("sys_getdents64").return {
name = "getdents64"
@@ -907,7 +870,7 @@ probe syscall.getgroups = kernel.function("sys_getgroups") {
name = "getgroups"
size = $gidsetsize
list_uaddr = $grouplist
- argstr = sprintf("%d, [0x%x]", size, list_uaddr)
+ argstr = sprintf("%d, [0x%p]", size, list_uaddr)
}
probe syscall.getgroups.return = kernel.function("sys_getgroups").return {
name = "getgroups"
@@ -920,7 +883,7 @@ probe syscall.gethostname = kernel.function("sys_gethostname") {
name = "gethostname"
name_uaddr = $name
len = $len
- argstr = sprintf ("[0x%x], %d", name_uaddr, len)
+ argstr = sprintf ("[0x%p], %d", name_uaddr, len)
}
probe syscall.gethostname.return = kernel.function("sys_gethostname").return {
name = "gethostname"
@@ -933,7 +896,7 @@ probe syscall.getitimer = kernel.function("sys_getitimer") {
name = "getitimer"
which = $which
value_uaddr = $value
- argstr = sprintf("%s, [0x%x]", _itimer_which_str(which), value_uaddr)
+ argstr = sprintf("%s, [0x%p]", _itimer_which_str(which), value_uaddr)
}
probe syscall.getitimer.return = kernel.function("sys_getitimer").return {
name = "getitimer"
@@ -1020,7 +983,7 @@ probe syscall.getresgid = kernel.function("sys_getresgid") {
rgid_uaddr = $rgid
egid_uaddr = $egid
sgid_uaddr = $sgid
- argstr = sprintf("[0x%x], [0x%x], [0x%x]", rgid_uaddr, egid_uaddr, sgid_uaddr)
+ argstr = sprintf("[0x%p], [0x%p], [0x%p]", rgid_uaddr, egid_uaddr, sgid_uaddr)
}
probe syscall.getresgid.return = kernel.function("sys_getresgid").return {
name = "getresgid"
@@ -1036,7 +999,7 @@ probe syscall.getresgid16 = kernel.function("sys_getresgid") {
rgid_uaddr = $rgid
egid_uaddr = $egid
sgid_uaddr = $sgid
- argstr = sprintf("[0x%x], [0x%x], [0x%x]", rgid_uaddr, egid_uaddr, sgid_uaddr)
+ argstr = sprintf("[0x%p], [0x%p], [0x%p]", rgid_uaddr, egid_uaddr, sgid_uaddr)
}
probe syscall.getresgid16.return = kernel.function("sys_getresgid").return {
name = "getresgid16"
@@ -1052,7 +1015,7 @@ probe syscall.getresuid = kernel.function("sys_getresuid") {
ruid_uaddr = $ruid
euid_uaddr = $euid
suid_uaddr = $suid
- argstr = sprintf("[0x%x], [0x%x], [0x%x]", ruid_uaddr, euid_uaddr, suid_uaddr)
+ argstr = sprintf("[0x%p], [0x%p], [0x%p]", ruid_uaddr, euid_uaddr, suid_uaddr)
}
probe syscall.getresuid.return = kernel.function("sys_getresuid").return {
name = "getresuid"
@@ -1068,7 +1031,7 @@ probe syscall.getresuid16 = kernel.function("sys_getresuid") {
ruid_uaddr = $ruid
euid_uaddr = $euid
suid_uaddr = $suid
- argstr = sprintf("[0x%x], [0x%x], [0x%x]", ruid_uaddr, euid_uaddr, suid_uaddr)
+ argstr = sprintf("[0x%p], [0x%p], [0x%p]", ruid_uaddr, euid_uaddr, suid_uaddr)
}
probe syscall.getresuid16.return = kernel.function("sys_getresuid").return {
name = "getresuid16"
@@ -1081,7 +1044,7 @@ probe syscall.getrlimit = kernel.function("sys_getrlimit") {
name = "getrlimit"
resource = $resource
rlim_uaddr = $rlim
- argstr = sprintf("%s, [0x%x]", _rlimit_resource_str($resource), rlim_uaddr)
+ argstr = sprintf("%s, [0x%p]", _rlimit_resource_str($resource), rlim_uaddr)
}
probe syscall.getrlimit.return = kernel.function("sys_getrlimit").return {
name = "getrlimit"
@@ -1094,7 +1057,7 @@ probe syscall.getrusage = kernel.function("sys_getrusage") {
name = "getrusage"
who = $who
usage_uaddr = $ru
- argstr = sprintf("%s, [0x%x]",_rusage_who_str($who), usage_uaddr)
+ argstr = sprintf("%s, [0x%p]",_rusage_who_str($who), usage_uaddr)
}
probe syscall.getrusage.return = kernel.function("sys_getrusage").return {
name = "getrusage"
@@ -1171,7 +1134,7 @@ probe syscall.gettimeofday = kernel.function("sys_gettimeofday") {
name = "gettimeofday"
tv_uaddr = $tv
tz_uaddr = $tz
- argstr = sprintf("[0x%x], [0x%x]", tv_uaddr, tz_uaddr)
+ argstr = sprintf("[0x%p], [0x%p]", tv_uaddr, tz_uaddr)
}
probe syscall.gettimeofday.return = kernel.function("sys_gettimeofday").return {
name = "gettimeofday"
@@ -1198,7 +1161,7 @@ probe syscall.getxattr = kernel.function("sys_getxattr") {
name2 = user_string($name)
value_uaddr = $value
size = $size
- argstr = sprintf("%s, %s, [0x%x], %d", path, name2,
+ argstr = sprintf("%s, %s, [0x%p], %d", path, name2,
value_uaddr, size)
}
probe syscall.getxattr.return = kernel.function("sys_getxattr").return {
@@ -1215,7 +1178,7 @@ probe syscall.init_module = kernel.function("sys_init_module") {
umod_uaddr = $umod
len = $len
uargs = user_string($uargs)
- argstr = sprintf("[0x%x], %d, %s", umod_uaddr, len, uargs)
+ argstr = sprintf("[0x%p], %d, %s", umod_uaddr, len, uargs)
}
probe syscall.init_module.return = kernel.function("sys_init_module").return {
name = "init_module"
@@ -1231,7 +1194,7 @@ probe syscall.io_cancel = kernel.function("sys_io_cancel") {
ctx_id = $ctx_id
iocb_uaddr = $iocb
result_uaddr = $result
- argstr = sprintf("%d, [0x%x], [0x%x]", ctx_id, iocb_uaddr, result_uaddr)
+ argstr = sprintf("%d, [0x%p], [0x%p]", ctx_id, iocb_uaddr, result_uaddr)
}
probe syscall.io_cancel.return = kernel.function("sys_io_cancel").return {
name = "io_cancel"
@@ -1246,7 +1209,7 @@ probe syscall.ioctl = kernel.function("sys_ioctl") {
fd = $fd
request = $cmd
argp = $arg
- argstr = sprintf("%d, %d, [0x%x]", fd, request, argp)
+ argstr = sprintf("%d, %d, [0x%p]", fd, request, argp)
}
probe syscall.ioctl.return = kernel.function("sys_ioctl").return {
name = "ioctl"
@@ -1279,7 +1242,7 @@ probe syscall.io_getevents = kernel.function("sys_io_getevents") {
nr = $nr
events_uaddr = $events
timeout_uaddr = $timeout
-# argstr = sprintf("%d, %d, %d, [0x%x],")
+# argstr = sprintf("%d, %d, %d, [0x%p],")
}
probe syscall.io_getevents.return = kernel.function("sys_io_getevents").return {
name = "io_getevents"
@@ -1680,7 +1643,7 @@ probe syscall.mknod = kernel.function("sys_mknod") {
pathname = user_string($filename)
mode = $mode
dev = $dev
- argstr = sprintf("%s, %s, 0x%x", pathname, _mknod_mode_str($mode), dev)
+ argstr = sprintf("%s, %s, 0x%p", pathname, _mknod_mode_str($mode), dev)
}
probe syscall.mknod.return = kernel.function("sys_mknod").return {
@@ -2000,7 +1963,7 @@ probe syscall.msync = kernel.function("sys_msync") {
start = $start
length = $len
flags = $flags
- argstr = sprintf("0x%x, %d, %s",start, length, _msync_flag_str(flags))
+ argstr = sprintf("0x%p, %d, %s",start, length, _msync_flag_str(flags))
}
probe syscall.msync.return = kernel.function("sys_msync").return {
name = "msync.return"
@@ -2013,7 +1976,7 @@ probe syscall.munlock = kernel.function("sys_munlock") {
name = "munlock"
addr = $start
len = $len
- argstr = sprintf("0x%x, %d", addr, len)
+ argstr = sprintf("0x%p, %d", addr, len)
}
probe syscall.munlock.return = kernel.function("sys_munlock").return {
name = "munlock"
@@ -2036,7 +1999,7 @@ probe syscall.munmap = kernel.function("sys_munmap") {
name = "munmap"
start = $addr
length = $len
- argstr = sprintf("0x%x, %d", start, length)
+ argstr = sprintf("0x%p, %d", start, length)
}
probe syscall.munmap.return = kernel.function("sys_munmap").return {
name = "munmap"
generated by cgit (git 2.34.1) at 2025-08-05 10:33:57 +0000