summaryrefslogtreecommitdiffstats
path: root/tapset
diff options
context:
space:
mode:
Diffstat (limited to 'tapset')
-rw-r--r--tapset/ChangeLog29
-rw-r--r--tapset/aux_syscalls.stp6
-rw-r--r--tapset/i686/syscalls.stp27
-rw-r--r--tapset/ppc64/syscalls.stp292
-rw-r--r--tapset/syscalls.stp273
-rw-r--r--tapset/syscalls2.stp171
6 files changed, 397 insertions, 401 deletions
diff --git a/tapset/ChangeLog b/tapset/ChangeLog
index 4f347639..f5978f17 100644
--- a/tapset/ChangeLog
+++ b/tapset/ChangeLog
@@ -1,5 +1,34 @@
2007-08-22 Martin Hunt <hunt@redhat.com>
+ * ppc64/syscalls.stp: Remove a bunch of
+ non-ppc64 specific probes.
+
+ * syscalls.stp (compat_sys_epoll_ctl): New.
+ (compat_sys_epoll_wait): New.
+ (sys_epoll_pwait): New.
+ (compat_sys_epoll_pwait): New.
+ (compat_sys_keyctl): New.
+ (compat_sys_mq_open): New.
+ (compat_sys_futex): New.
+ (compat_sys_mq_timedsend): New.
+ (compat_sys_mq_timedreceive): New.
+ (compat_sys_mq_notify): New.
+ (compat_sys_mq_getsetattr): New.
+ (init_module): Make optional and quote args.
+ (sys_eventfd): New.
+
+ * syscalls2.stp (sys_splice): New.
+ (sys_vmsplice): New.
+ (compat_sys_vmsplice): New.
+ (sys_tee): New.
+ (sys_signalfd): New.
+ (compat_sys_signalfd): New.
+ (sys_timerfd): New.
+ (compat_sys_timerfd): New.
+ (old32_readdir): New.
+
+2007-08-22 Martin Hunt <hunt@redhat.com>
+
* aux_syscalls.stp (_utimensat_flag_str): New.
(_dfd_str): New.
(_struct_timeval2_u): Deleted.
diff --git a/tapset/aux_syscalls.stp b/tapset/aux_syscalls.stp
index c7cc06de..808c3503 100644
--- a/tapset/aux_syscalls.stp
+++ b/tapset/aux_syscalls.stp
@@ -117,7 +117,7 @@ function _struct_utimbuf_u:string(uaddr:long)
if(_stp_copy_from_user((char*)&ubuf,ptr,sizeof(ubuf)) == 0) {
_stp_ctime(ubuf.actime, abuf, 24);
_stp_ctime(ubuf.modtime, mbuf, 24);
- snprintf(THIS->__retvalue, MAXSTRINGLEN, "%s, %s", abuf, mbuf);
+ snprintf(THIS->__retvalue, MAXSTRINGLEN, "[%s, %s]", abuf, mbuf);
} else
strlcpy (THIS->__retvalue, "UNKNOWN", MAXSTRINGLEN);
}
@@ -136,7 +136,7 @@ function _struct_compat_utimbuf_u:string(uaddr:long)
if(_stp_copy_from_user((char*)&ubuf,ptr,sizeof(ubuf)) == 0) {
_stp_ctime(ubuf.actime, abuf, 24);
_stp_ctime(ubuf.modtime, mbuf, 24);
- snprintf(THIS->__retvalue, MAXSTRINGLEN, "%s, %s", abuf, mbuf);
+ snprintf(THIS->__retvalue, MAXSTRINGLEN, "[%s, %s]", abuf, mbuf);
} else
strlcpy (THIS->__retvalue, "UNKNOWN", MAXSTRINGLEN);
}
@@ -1736,7 +1736,7 @@ function _dfd_str(d) {
return sprint(d)
}
-function _utimensat_flag_str(f) {
+function _at_flag_str(f) {
if (f == 0x100) return "AT_SYMLINK_NOFOLLOW"
return sprintf("0x%x", f)
}
diff --git a/tapset/i686/syscalls.stp b/tapset/i686/syscalls.stp
index ff5473da..75bc960d 100644
--- a/tapset/i686/syscalls.stp
+++ b/tapset/i686/syscalls.stp
@@ -128,34 +128,35 @@ probe syscall.sigaltstack.return = kernel.function("sys_sigaltstack").return {
}
# vm86 _______________________________________________________
-/*
- * asmlinkage int
- * sys_vm86(struct pt_regs regs)
- */
-probe syscall.vm86 = kernel.function("sys_vm86") {
+#
+# int sys_vm86(struct pt_regs regs)
+#
+probe syscall.vm86 = kernel.function("sys_vm86") ? {
name = "vm86"
/*
* unsupported type identifier '$regs'
* regs = $regs
*/
+ argstr = ""
}
-probe syscall.vm86.return = kernel.function("sys_vm86").return {
+probe syscall.vm86.return = kernel.function("sys_vm86").return ? {
name = "vm86"
retstr = returnstr(1)
}
+
# vm86old ____________________________________________________
-/*
- * asmlinkage int
- * sys_vm86old(struct pt_regs regs)
- */
-probe syscall.vm86old = kernel.function("sys_vm86old") {
- name = "vm86old"
+#
+# int sys_vm86old(struct pt_regs regs)
+#
+probe syscall.vm86old = kernel.function("sys_vm86old") ? {
+ name = "vm86old"
/*
* unsupported type identifier '$regs'
* regs = $regs
*/
+ argstr = ""
}
-probe syscall.vm86old.return = kernel.function("sys_vm86old").return {
+probe syscall.vm86old.return = kernel.function("sys_vm86old").return ? {
name = "vm86old"
retstr = returnstr(1)
}
diff --git a/tapset/ppc64/syscalls.stp b/tapset/ppc64/syscalls.stp
index 57267ccd..d5ac69d7 100644
--- a/tapset/ppc64/syscalls.stp
+++ b/tapset/ppc64/syscalls.stp
@@ -1,254 +1,18 @@
# PPC64-specific system calls
-# compat_sys_futex ________________________________________
-#
-# asmlinkage long compat_sys_futex(u32 __user *uaddr, int op, int val,
-# struct compat_timespec __user *utime, u32 __user *uaddr2,
-# int val3)
-#
-probe syscall.compat_sys_futex = kernel.function("compat_sys_futex") {
- name = "compat_sys_futex"
- futex_uaddr = $uaddr
- op = $op
- val = $val
- utime_uaddr = $utime
- uaddr2_uaddr = $uaddr2
- val3 = $val3
- argstr = sprintf("%p, %s, %d, %s", $uaddr, _futex_op_str($op),
- $val, _struct_timespec_u($utime))
-}
-probe syscall.compat_sys_futex.return =
- kernel.function("compat_sys_futex").return {
- name = "compat_sys_futex"
- retstr = returnstr(1)
-}
-# compat_sys_newlstat ________________________________________
-#
-# asmlinkage long compat_sys_newlstat(char __user * filename,
-# struct compat_stat __user *statbuf)
-#
-probe syscall.compat_sys_newlstat = kernel.function("compat_sys_newlstat") {
- name = "compat_sys_newlstat"
- path = user_string($filename)
- buf_uaddr = $statbuf
- argstr = sprintf("%s, %p", user_string_quoted($filename), buf_uaddr)
-}
-probe syscall.compat_sys_newlstat.return =
- kernel.function("compat_sys_newlstat").return {
- name = "compat_sys_newlstat"
- retstr = returnstr(1)
-}
-
-# compat_sys_fcntl64 ________________________________________
-#
-# asmlinkage long compat_sys_fcntl64(unsigned int fd, unsigned int cmd,
-# unsigned long arg)
-#
-probe syscall.compat_sys_fcntl64 = kernel.function("compat_sys_fcntl64") {
- name = "compat_sys_fcntl64"
- fd = $fd
- cmd = $cmd
- arg = $arg
- argstr = sprintf("%d, %s, %p", fd, _fcntl_cmd_str($cmd), arg)
-}
-probe syscall.compat_sys_fcntl64.return =
- kernel.function("compat_sys_fcntl64").return {
- name = "compat_sys_fcntl64"
- retstr = returnstr(1)
-}
-# compat_sys_fcntl ________________________________________
-#
-# asmlinkage long compat_sys_fcntl(unsigned int fd, unsigned int cmd,
-# unsigned long arg)
-#
-probe syscall.compat_sys_fcntl = kernel.function("compat_sys_fcntl") {
- name = "compat_sys_fcntl"
- fd = $fd
- cmd = $cmd
- arg = $arg
- argstr = sprintf("%d, %s, %p", fd, _fcntl_cmd_str($cmd), arg)
-}
-probe syscall.compat_sys_fcntl.return =
- kernel.function("compat_sys_fcntl").return {
- name = "compat_sys_fcntl"
- retstr = returnstr(1)
-}
-
-# compat_sys_mq_open ________________________________________
-#
-# asmlinkage long compat_sys_mq_open(const char __user *u_name,
-# int oflag, compat_mode_t mode,
-# struct compat_mq_attr __user *u_attr)
-#
-probe syscall.compat_sys_mq_open = kernel.function("compat_sys_mq_open") {
- name = "compat_sys_mq_open"
- name_uaddr = $u_name
- name_str = user_string($u_name)
- oflag = $oflag
- mode = $mode
- u_attr_uaddr = $u_attr
- argstr = sprintf("\"%s\", %d, %d, %p", name_str, oflag, mode,
- u_attr_uaddr)
-}
-probe syscall.compat_sys_mq_open.return =
- kernel.function("compat_sys_mq_open").return {
- name = "compat_sys_mq_open"
- retstr = returnstr(1)
-}
-# compat_sys_mq_timedsend ________________________________________
-#
-# asmlinkage long compat_sys_mq_timedsend(mqd_t mqdes,
-# const char __user *u_msg_ptr,
-# size_t msg_len, unsigned int msg_prio,
-# const struct compat_timespec __user *u_abs_timeout)
-#
-probe syscall.compat_sys_mq_timedsend = kernel.function("compat_sys_mq_timedsend") {
- name = "compat_sys_mq_timedsend"
- mqdes = $mqdes
- msg_ptr_uaddr = $u_msg_ptr
- msg_len = $msg_len
- msg_prio = $msg_prio
- abs_timeout_uaddr = $u_abs_timeout
- argstr = "FIXME"
-}
-probe syscall.compat_sys_mq_timedsend.return =
- kernel.function("compat_sys_mq_timedsend").return {
- name = "compat_sys_mq_timedsend"
- retstr = returnstr(1)
-}
-# compat_sys_mq_timedreceive ________________________________________
-#
-# asmlinkage ssize_t compat_sys_mq_timedreceive(mqd_t mqdes,
-# char __user *u_msg_ptr,
-# size_t msg_len, unsigned int __user *u_msg_prio,
-# const struct compat_timespec __user *u_abs_timeout)
-#
-probe syscall.compat_sys_mq_timedreceive = kernel.function("compat_sys_mq_timedreceive") {
- name = "compat_sys_mq_timedreceive"
- mqdes = $mqdes
- msg_ptr_uaddr = $u_msg_ptr
- msg_len = $msg_len
- msg_prio_uaddr = $u_msg_prio
- abs_timout_uaddr = $u_abs_timeout
- argstr = "FIXME"
-}
-probe syscall.compat_sys_mq_timedreceive.return =
- kernel.function("compat_sys_mq_timedreceive").return {
- name = "compat_sys_mq_timedreceive"
- retstr = returnstr(1)
-}
-# compat_sys_mq_notify ________________________________________
-#
-# asmlinkage long compat_sys_mq_notify(mqd_t mqdes,
-# const struct compat_sigevent __user *u_notification)
-#
-probe syscall.compat_sys_mq_notify = kernel.function("compat_sys_mq_notify") {
- name = "compat_sys_mq_notify"
- mqdes = $mqdes
- notification_uaddr = $u_notification
- argstr = sprintf("%d, %p", mqdes, notification_uaddr)
-}
-probe syscall.compat_sys_mq_notify.return =
- kernel.function("compat_sys_mq_notify").return {
- name = "compat_sys_mq_notify"
- retstr = returnstr(1)
-}
-# compat_sys_mq_getsetattr ________________________________________
-#
-# asmlinkage long compat_sys_mq_getsetattr(mqd_t mqdes,
-# const struct compat_mq_attr __user *u_mqstat,
-# struct compat_mq_attr __user *u_omqstat)
-#
-probe syscall.compat_sys_mq_getsetattr =
- kernel.function("compat_sys_mq_getsetattr") {
- name = "compat_sys_mq_getsetattr"
- mqdes = $mqdes
- u_mqstat_uaddr = $u_mqstat
- u_omqstat_uaddr = $u_omqstat
- argstr = sprintf("%d, %p, %p", mqdes, u_mqstat_uaddr,
- u_omqstat_uaddr)
-}
-probe syscall.compat_sys_mq_getsetattr.return =
- kernel.function("compat_sys_mq_getsetattr").return {
- name = "compat_sys_mq_getsetattr"
- retstr = returnstr(1)
-}
-# compat_sys_keyctl ________________________________________
-#
-# asmlinkage long compat_sys_keyctl(u32 option,
-# u32 arg2, u32 arg3, u32 arg4, u32 arg5)
-#
-/* FIXME
-probe syscall.compat_sys_keyctl = kernel.function("compat_sys_keyctl") {
- name = "compat_sys_keyctl"
- option = $option
- arg2 = $arg2
- arg3 = $arg3
- arg4 = $arg4
- arg5 = $arg5
- argstr = sprintf("%d, %d, %d, %d, %d", option, arg2, arg3,
- arg4, arg5)
-}
-probe syscall.compat_sys_keyctl.return =
- kernel.function("compat_sys_keyctl").return {
- name = "compat_sys_keyctl"
- retstr = returnstr(1)
-}
-*/
-
-#sys32_open _______________________________________________________
-# asmlinkage long sys32_open(const char * filename, int flags, int mode)
-probe syscall.sys32_open = kernel.function("sys32_open") ? {
- name = "open"
- filename_uaddr = $filename
- path = user_string($filename)
- flags = $flags
- mode = $mode
- if (flags & 64)
- argstr = sprintf("%s, %s, %#o", user_string_quoted($filename),
- _sys_open_flag_str(flags), mode)
- else
- argstr = sprintf("%s, %s", user_string_quoted(filename), _sys_open_flag_str(flags))
-}
-probe syscall.sys32_open.return = kernel.function("sys32_open").return ? {
- name = "open"
- retstr = returnstr(1)
-}
-# old32_readdir ________________________________________
-#
-# asmlinkage int old32_readdir(unsigned int fd,
-# struct old_linux_dirent32 __user *dirent,
-# unsigned int count)
-#
-probe syscall.old32_readdir = kernel.function("old32_readdir") {
- name = "old32_readdir"
- fd = $fd
- dirp_uaddr = $dirent
- count = $count
- argstr = sprintf("%d, %p, %d", fd, dirp_uaddr, count)
-}
-probe syscall.old32_readdir.return =
- kernel.function("old32_readdir").return {
- name = "old32_readdir"
- retstr = returnstr(1)
-}
# sys64_time ________________________________________
#
# time_t sys64_time(time_t __user * tloc)
#
-%( kernel_v <= "2.6.15" %?
-
-probe syscall.sys64_time = kernel.function("sys64_time") {
+probe syscall.sys64_time = kernel.function("sys64_time") ? {
name = "sys64_time"
- /* FIXME */
- t_uaddr = $tloc
- argstr = sprintf("%p", t_uaddr)
+ argstr = sprintf("%p", $tloc)
}
-probe syscall.sys64_time.return = kernel.function("sys64_time").return {
+probe syscall.sys64_time.return = kernel.function("sys64_time").return ? {
name = "sys64_time"
retstr = returnstr(1)
}
-%)
+
# ppc64_personality ________________________________________
#
# long ppc64_personality(unsigned long personality)
@@ -258,62 +22,41 @@ probe syscall.ppc64_personality = kernel.function("ppc64_personality") {
persona = $personality
argstr = sprint($personality)
}
-probe syscall.ppc64_personality.return =
- kernel.function("ppc64_personality").return {
+probe syscall.ppc64_personality.return = kernel.function("ppc64_personality").return {
name = "ppc64_personality"
retstr = returnstr(1)
}
+
# ppc_rtas ________________________________________
#
-# asmlinkage int ppc_rtas(struct rtas_args __user *uargs)
+# int ppc_rtas(struct rtas_args __user *uargs)
#
probe syscall.ppc_rtas = kernel.function("ppc_rtas") {
name = "ppc_rtas"
uargs_uaddr = $uargs
- argstr = sprintf("%p", uargs_uaddr)
+ argstr = sprintf("%p", $uargs)
}
probe syscall.ppc_rtas.return = kernel.function("ppc_rtas").return {
name = "ppc_rtas"
retstr = returnstr(1)
}
-# sys32_execve ________________________________________
-#
-# long sys32_execve(unsigned long a0, unsigned long a1, unsigned long a2,
-# unsigned long a3, unsigned long a4, unsigned long a5,
-# struct pt_regs *regs)
-#
-probe syscall.sys32_execve = kernel.function("sys32_execve") ? {
- name = "sys32_execve"
- filename = user_string($a0)
- args = __get_argv($a1, 0)
- argstr = sprintf("%s %s", user_string_quoted($a0), __get_argv($a1, 1))
-}
-probe syscall.sys32_execve.return =
- kernel.function("sys32_execve").return ? {
- name = "sys32_execve"
- retstr = returnstr(1)
-}
-
-
# ppc64_sys32_stime ________________________________________
#
# long ppc64_sys32_stime(int __user * tptr)
#
probe syscall.ppc64_sys32_stime = kernel.function("ppc64_sys32_stime") ? {
name = "ppc64_sys32_stime"
- /* FIXME */
t_uaddr = $tptr
- argstr = sprintf("%p", t_uaddr)
+ argstr = sprintf("%p", $tptr)
}
-probe syscall.ppc64_sys32_stime.return =
- kernel.function("ppc64_sys32_stime").return ? {
+probe syscall.ppc64_sys32_stime.return = kernel.function("ppc64_sys32_stime").return ? {
name = "ppc64_sys32_stime"
retstr = returnstr(1)
}
# sys32_ptrace ________________________________________
-#
+# (obsolete)
# int sys32_ptrace(long request, long pid, unsigned long addr,
# unsigned long data)
#
@@ -323,24 +66,23 @@ probe syscall.sys32_ptrace = kernel.function("sys32_ptrace") ? {
pid = $pid
addr = $addr
data = $data
- argstr = sprintf("%p, %p, %p, %p", request, pid,
- addr, data)
+ argstr = sprintf("%p, %p, %p, %p", $request, $pid, $addr, $data)
}
probe syscall.sys32_ptrace.return = kernel.function("sys32_ptrace").return ? {
name = "sys32_ptrace"
retstr = returnstr(1)
}
+
# sys32_sysinfo ________________________________________
#
-# asmlinkage long sys32_sysinfo(struct sysinfo32 __user *info)
+# (obsolete) long sys32_sysinfo(struct sysinfo32 __user *info)
#
probe syscall.sys32_sysinfo = kernel.function("sys32_sysinfo") ? {
name = "sys32_sysinfo"
info_uaddr = $info
argstr = sprintf("%p", info_uaddr)
}
-probe syscall.sys32_sysinfo.return =
- kernel.function("sys32_sysinfo").return ? {
+probe syscall.sys32_sysinfo.return = kernel.function("sys32_sysinfo").return ? {
name = "sys32_sysinfo"
retstr = returnstr(1)
}
@@ -374,7 +116,7 @@ probe syscall.sys32_sigreturn = kernel.function("sys32_sigreturn") ? {
r7 = $r7
r8 = $r8
argstr = sprintf("%p, %p, %p, %p, %p, %p",
- r3, r4, r5, r6, r7, r8)
+ $r3, $r4, $r5, $r6, $r7, $r8)
}
probe syscall.sys32_sigreturn.return =
kernel.function("sys32_sigreturn").return ? {
@@ -383,7 +125,7 @@ probe syscall.sys32_sigreturn.return =
}
# sys32_adjtimex ________________________________________
#
-# asmlinkage long sys32_adjtimex(struct timex32 __user *utp)
+# long sys32_adjtimex(struct timex32 __user *utp)
#
probe syscall.sys32_adjtimex = kernel.function("sys32_adjtimex") ? {
name = "sys32_adjtimex"
diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp
index d08be0a8..ce49e6fd 100644
--- a/tapset/syscalls.stp
+++ b/tapset/syscalls.stp
@@ -28,14 +28,14 @@
# accept _____________________________________________________
# long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr,
# int __user *upeer_addrlen)
-probe syscall.accept = kernel.function("sys_accept") {
+probe syscall.accept = kernel.function("sys_accept") ? {
name = "accept"
sockfd = $fd
addr_uaddr = $upeer_sockaddr
addrlen_uaddr = $upeer_addrlen
argstr = sprintf("%d, %p, %p", $fd, $upeer_sockaddr, $upeer_addrlen)
}
-probe syscall.accept.return = kernel.function("sys_accept").return {
+probe syscall.accept.return = kernel.function("sys_accept").return ? {
name = "accept"
retstr = returnstr(1)
}
@@ -160,14 +160,14 @@ probe syscall.bdflush.return = kernel.function("sys_bdflush").return {
# bind _______________________________________________________
# long sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen)
-probe syscall.bind = kernel.function("sys_bind") {
+probe syscall.bind = kernel.function("sys_bind") ? {
name = "bind"
sockfd = $fd
my_addr_uaddr = $umyaddr
addrlen = $addrlen
argstr = sprintf("%d, %s, %d", $fd, _struct_sockaddr_u($umyaddr,$addrlen),$addrlen)
}
-probe syscall.bind.return = kernel.function("sys_bind").return {
+probe syscall.bind.return = kernel.function("sys_bind").return ? {
name = "bind"
retstr = returnstr(1)
}
@@ -410,14 +410,14 @@ probe syscall.close.return = kernel.function("sys_close").return {
}
# connect ____________________________________________________
# long sys_connect(int fd, struct sockaddr __user *uservaddr, int addrlen)
-probe syscall.connect = kernel.function("sys_connect") {
+probe syscall.connect = kernel.function("sys_connect") ? {
name = "connect"
sockfd = $fd
serv_addr_uaddr = $uservaddr
addrlen = $addrlen
argstr = sprintf("%d, %s, %d", $fd, _struct_sockaddr_u($uservaddr,$addrlen),$addrlen)
}
-probe syscall.connect.return = kernel.function("sys_connect").return {
+probe syscall.connect.return = kernel.function("sys_connect").return ? {
name = "connect"
retstr = returnstr(1)
}
@@ -439,13 +439,13 @@ probe syscall.creat.return = kernel.function("sys_creat").return ?
# delete_module ______________________________________________
# long sys_delete_module(const char __user *name_user, unsigned int flags)
-probe syscall.delete_module = kernel.function("sys_delete_module") {
+probe syscall.delete_module = kernel.function("sys_delete_module") ? {
name = "delete_module"
name_user = user_string($name_user)
flags = $flags
- argstr = sprintf("%s, %s", user_string_quoted($name_user), _module_flags_str(flags))
+ argstr = sprintf("%s, %s", user_string_quoted($name_user), _module_flags_str($flags))
}
-probe syscall.delete_module.return = kernel.function("sys_delete_module").return {
+probe syscall.delete_module.return = kernel.function("sys_delete_module").return ? {
name = "delete_module"
retstr = returnstr(1)
}
@@ -477,12 +477,12 @@ probe syscall.dup2.return = kernel.function("sys_dup2").return {
# epoll_create _______________________________________________
# long sys_epoll_create(int size)
-probe syscall.epoll_create = kernel.function("sys_epoll_create") {
+probe syscall.epoll_create = kernel.function("sys_epoll_create") ? {
name = "epoll_create"
size = $size
argstr = sprint($size)
}
-probe syscall.epoll_create.return = kernel.function("sys_epoll_create").return {
+probe syscall.epoll_create.return = kernel.function("sys_epoll_create").return ? {
name = "epoll_create"
retstr = returnstr(1)
}
@@ -490,8 +490,13 @@ probe syscall.epoll_create.return = kernel.function("sys_epoll_create").return {
# epoll_ctl __________________________________________________
#
# long sys_epoll_ctl(int epfd, int op, int fd, struct epoll_event __user *event)
+# long compat_sys_epoll_ctl(int epfd, int op, int fd,
+# struct compat_epoll_event __user *event)
#
-probe syscall.epoll_ctl = kernel.function("sys_epoll_ctl") {
+probe syscall.epoll_ctl =
+ kernel.function("sys_epoll_ctl") ?,
+ kernel.function("compat_sys_epoll_ctl") ?
+{
name = "epoll_ctl"
epfd = $epfd
op = $op
@@ -500,17 +505,53 @@ probe syscall.epoll_ctl = kernel.function("sys_epoll_ctl") {
event_uaddr = $event
argstr = sprintf("%d, %s, %d, %p", $epfd, _opoll_op_str($op), $fd, $event)
}
-probe syscall.epoll_ctl.return = kernel.function("sys_epoll_ctl").return {
+probe syscall.epoll_ctl.return =
+ kernel.function("sys_epoll_ctl").return ?,
+ kernel.function("compat_sys_epoll_ctl").return ?
+{
name = "epoll_ctl"
retstr = returnstr(1)
}
+# epoll_pwait _________________________________________________
+#
+# long sys_epoll_pwait(int epfd, struct epoll_event __user *events,
+# int maxevents, int timeout, const sigset_t __user *sigmask,
+# size_t sigsetsize)
+# long compat_sys_epoll_pwait(int epfd,
+# struct compat_epoll_event __user *events,
+# int maxevents, int timeout,
+# const compat_sigset_t __user *sigmask,
+# compat_size_t sigsetsize)
+#
+probe syscall.epoll_pwait =
+ kernel.function("sys_epoll_pwait") ?,
+ kernel.function("compat_sys_epoll_pwait") ?
+{
+ name = "epoll_pwait"
+ argstr = sprintf("%d, %p, %d, %d, %p, %d",
+ $epfd, $events, $maxevents, $timeout, $sigmask, $sigsetsize)
+}
+probe syscall.epoll_pwait.return =
+ kernel.function("sys_epoll_pwait").return ?,
+ kernel.function("compat_sys_epoll_pwait").return ?
+{
+ name = "epoll_pwait"
+ retstr = returnstr(1)
+}
+
# epoll_wait _________________________________________________
#
# long sys_epoll_wait(int epfd, struct epoll_event __user *events,
# int maxevents, int timeout)
+# long compat_sys_epoll_wait(int epfd,
+# struct compat_epoll_event __user *events,
+# int maxevents, int timeout)
#
-probe syscall.epoll_wait = kernel.function("sys_epoll_wait") {
+probe syscall.epoll_wait =
+ kernel.function("sys_epoll_wait") ?,
+ kernel.function("compat_sys_epoll_wait") ?
+{
name = "epoll_wait"
epfd = $epfd
events_uaddr = $events
@@ -518,11 +559,26 @@ probe syscall.epoll_wait = kernel.function("sys_epoll_wait") {
timeout = $timeout
argstr = sprintf("%d, %p, %d, %d", $epfd, $events, $maxevents, $timeout)
}
-probe syscall.epoll_wait.return = kernel.function("sys_epoll_wait").return {
+probe syscall.epoll_wait.return =
+ kernel.function("sys_epoll_wait").return ?,
+ kernel.function("compat_sys_epoll_wait").return ?
+{
name = "epoll_wait"
retstr = returnstr(1)
}
+# eventfd _____________________________________________________
+# long sys_eventfd(unsigned int count)
+#
+probe syscall.eventfd = kernel.function("sys_eventfd") ? {
+ name = "eventfd"
+ argstr = sprint($count)
+}
+probe syscall.eventfd.return = kernel.function("sys_eventfd").return ? {
+ name = "eventfd"
+ retstr = returnstr(1)
+}
+
# execve _____________________________________________________
# int sys_execve(struct pt_regs regs)
# which breaks out the args and immediately calls
@@ -715,7 +771,7 @@ probe syscall.fcntl =
cmd = $cmd
cmd_str = _fcntl_cmd_str($cmd)
arg = $arg
- argstr = sprintf("%d, %s, %p", $fd, cmd_str, $arg)
+ argstr = sprintf("%d, %s, %p", $fd, _fcntl_cmd_str($cmd), $arg)
}
probe syscall.fcntl.return =
kernel.function("sys_fcntl").return ?,
@@ -888,27 +944,23 @@ probe syscall.fstat.return =
# sys32_fstatat64(unsigned int dfd, char __user *filename, struct stat64_emu31 __user* statbuf, int flag)
# long sys_newfstatat(int dfd, char __user *filename, struct stat __user *statbuf, int flag)
# long sys_fstatat64(int dfd, char __user *filename, struct stat64 __user *statbuf, int flag)
-#
+# long compat_sys_newfstatat(unsigned int dfd, char __user *filename, struct compat_stat __user *statbuf, int flag)
probe syscall.fstatat =
kernel.function("sys_fstatat64") ?,
kernel.function("sys_newfstatat") ?,
+ kernel.function("compat_sys_newfstatat") ?,
kernel.function("sys32_fstatat64") ?
{
name = "fstatat"
dirfd = $dfd
path = user_string($filename)
buf_uaddr = $statbuf
-
- if ($flag == 0x100)
- flags = "AT_SYMLINK_NOFOLLOW"
- else
- flags = sprintf("0x%x", $flag)
-
- argstr = sprintf("%d, %s, %p, %s", $dfd, user_string_quoted($filename), $statbuf, flags)
+ argstr = sprintf("%s, %s, %p, %s", _dfd_str($dfd), user_string_quoted($filename), $statbuf, _at_flag_str($flag))
}
probe syscall.fstatat.return =
kernel.function("sys_fstatat64").return ?,
kernel.function("sys_newfstatat").return ?,
+ kernel.function("compat_sys_newfstatat").return ?,
kernel.function("sys32_fstatat64").return ?
{
name = "fstatat"
@@ -942,7 +994,7 @@ probe syscall.fstatfs.return =
#
probe syscall.fstatfs64 =
kernel.function("sys_fstatfs64") ?,
- kernel.function("comp_sys_fstatfs64") ?
+ kernel.function("compat_sys_fstatfs64") ?
{
name = "fstatfs"
fd = $fd
@@ -952,7 +1004,7 @@ probe syscall.fstatfs64 =
}
probe syscall.fstatfs64.return =
kernel.function("sys_fstatfs64").return ?,
- kernel.function("comp_sys_fstatfs64").return ?
+ kernel.function("compat_sys_fstatfs64").return ?
{
name = "fstatfs"
retstr = returnstr(1)
@@ -1002,8 +1054,11 @@ probe syscall.ftruncate64.return = kernel.function("sys_ftruncate64").return ? {
# struct timespec __user *utime,
# u32 __user *uaddr2,
# int val3)
+# long compat_sys_futex(u32 __user *uaddr, int op, u32 val,
+# struct compat_timespec __user *utime, u32 __user *uaddr2,
+# u32 val3)
#
-probe syscall.futex = kernel.function("sys_futex") {
+probe syscall.futex = kernel.function("sys_futex") ? {
name = "futex"
futex_uaddr = $uaddr
op = $op
@@ -1018,7 +1073,26 @@ probe syscall.futex = kernel.function("sys_futex") {
argstr = sprintf("%p, %s, %d", $uaddr, _futex_op_str($op),
$val)
}
-probe syscall.futex.return = kernel.function("sys_futex").return {
+probe syscall.futex.return = kernel.function("sys_futex").return ? {
+ name = "futex"
+ retstr = returnstr(1)
+}
+probe syscall.compat_futex = kernel.function("compat_sys_futex") ? {
+ name = "futex"
+ futex_uaddr = $uaddr
+ op = $op
+ val = $val
+ utime_uaddr = $utime
+ uaddr2_uaddr = $uaddr2
+ val3 = $val3
+ if (op == 0)
+ argstr = sprintf("%p, %s, %d, %s", $uaddr, _futex_op_str($op),
+ $val, _struct_compat_timespec_u($utime,1))
+ else
+ argstr = sprintf("%p, %s, %d", $uaddr, _futex_op_str($op),
+ $val)
+}
+probe syscall.compat_futex.return = kernel.function("compat_sys_futex").return ? {
name = "futex"
retstr = returnstr(1)
}
@@ -1035,7 +1109,7 @@ probe syscall.futimesat = kernel.function("sys_futimesat") ? {
filename_uaddr = $filename
filename = user_string($filename)
tvp_uaddr = $utimes
- argstr = sprintf("%d, %s, %s", $dfd, user_string_quoted($filename),
+ argstr = sprintf("%s, %s, %s", _dfd_str($dfd), user_string_quoted($filename),
_struct_timeval_u($utimes, 2))
}
probe syscall.compat_futimesat = kernel.function("compat_sys_futimesat") ? {
@@ -1044,7 +1118,7 @@ probe syscall.compat_futimesat = kernel.function("compat_sys_futimesat") ? {
filename_uaddr = $filename
filename = user_string($filename)
tvp_uaddr = $t
- argstr = sprintf("%d, %s, %s", $dfd, user_string_quoted($filename),
+ argstr = sprintf("%s, %s, %s", _dfd_str($dfd), user_string_quoted($filename),
_struct_compat_timeval_u($t, 2))
}
probe syscall.futimesat.return = kernel.function("sys_futimesat").return ? {
@@ -1248,14 +1322,14 @@ probe syscall.get_mempolicy.return = kernel.function("sys_get_mempolicy").return
# getpeername ________________________________________________
# long sys_getpeername(int fd, struct sockaddr __user *usockaddr, int __user *usockaddr_len)
#
-probe syscall.getpeername = kernel.function("sys_getpeername") {
+probe syscall.getpeername = kernel.function("sys_getpeername") ? {
name = "getpeername"
s = $fd
name_uaddr = $usockaddr
namelen_uaddr = $usockaddr_len
argstr = sprintf("%d, %p, %p", $fd, $usockaddr, $usockaddr_len)
}
-probe syscall.getpeername.return = kernel.function("sys_getpeername").return {
+probe syscall.getpeername.return = kernel.function("sys_getpeername").return ? {
name = "getpeername"
retstr = returnstr(1)
}
@@ -1415,14 +1489,14 @@ probe syscall.getsid.return = kernel.function("sys_getsid").return {
# long sys_getsockname(int fd,
# struct sockaddr __user *usockaddr,
# int __user *usockaddr_len)
-probe syscall.getsockname = kernel.function("sys_getsockname") {
+probe syscall.getsockname = kernel.function("sys_getsockname") ? {
name = "getsockname"
s = $fd
name_uaddr = $usockaddr
namelen_uaddr = $usockaddr_len
argstr = sprintf("%d, %p, %p", $fd, $usockaddr, $usockaddr_len)
}
-probe syscall.getsockname.return = kernel.function("sys_getsockname").return {
+probe syscall.getsockname.return = kernel.function("sys_getsockname").return ? {
name = "getsockname"
retstr = returnstr(1)
}
@@ -1541,14 +1615,15 @@ probe syscall.getxattr.return = kernel.function("sys_getxattr").return {
# long sys_init_module(void __user *umod,
# unsigned long len,
# const char __user *uargs)
-probe syscall.init_module = kernel.function("sys_init_module") {
+#
+probe syscall.init_module = kernel.function("sys_init_module") ? {
name = "init_module"
umod_uaddr = $umod
len = $len
uargs = user_string($uargs)
- argstr = sprintf("%p, %d, %s", umod_uaddr, len, uargs)
+ argstr = sprintf("%p, %d, %s", $umod, $len, user_string_quoted($uargs))
}
-probe syscall.init_module.return = kernel.function("sys_init_module").return {
+probe syscall.init_module.return = kernel.function("sys_init_module").return ? {
name = "init_module"
retstr = returnstr(1)
}
@@ -1748,7 +1823,7 @@ probe syscall.compat_io_submit = kernel.function("compat_sys_io_submit") ? {
iocbpp_uaddr = $iocb
argstr = sprintf("%d, %d, %p", $ctx_id, $nr, $iocb)
}
-probe syscall.compat_io_submit.return = kernel.function("sys_io_submit").return ? {
+probe syscall.compat_io_submit.return = kernel.function("compat_sys_io_submit").return ? {
name = "io_submit"
retstr = returnstr(1)
}
@@ -1807,17 +1882,20 @@ probe syscall.kexec_load.return = kernel.function("sys_kexec_load").return ? {
# unsigned long arg3,
# unsigned long arg4,
# unsigned long arg5)
+# long compat_sys_keyctl(u32 option, u32 arg2, u32 arg3, u32 arg4, u32 arg5)
#
-probe syscall.keyctl = kernel.function("sys_keyctl") ? {
+probe syscall.keyctl =
+ kernel.function("sys_keyctl") ?,
+ kernel.function("compat_sys_keyctl") ?
+{
name = "keyctl"
- option = $option
- arg2 = $arg2
- arg3 = $arg3
- arg4 = $arg4
- arg5 = $arg5
- argstr = sprintf("%d", $option)
-}
-probe syscall.keyctl.return = kernel.function("sys_keyctl").return ? {
+ argstr = sprintf("%d, ...", $option)
+
+}
+probe syscall.keyctl.return =
+ kernel.function("sys_keyctl").return ?,
+ kernel.function("compat_sys_keyctl").return ?
+{
name = "keyctl"
retstr = returnstr(1)
}
@@ -1905,13 +1983,13 @@ probe syscall.link.return = kernel.function("sys_link").return {
# listen _____________________________________________________
# long sys_listen(int fd, int backlog)
-probe syscall.listen = kernel.function("sys_listen") {
+probe syscall.listen = kernel.function("sys_listen") ? {
name = "listen"
sockfd = $fd
backlog = $backlog
argstr = sprintf("%d, %d", $fd, $backlog)
}
-probe syscall.listen.return = kernel.function("sys_listen").return {
+probe syscall.listen.return = kernel.function("sys_listen").return ? {
name = "listen"
retstr = returnstr(1)
}
@@ -1973,14 +2051,14 @@ probe syscall.llseek.return = kernel.function("sys_llseek").return ? {
# lookup_dcookie _____________________________________________
# long sys_lookup_dcookie(u64 cookie64, char __user * buf, size_t len)
#
-probe syscall.lookup_dcookie = kernel.function("sys_lookup_dcookie") {
+probe syscall.lookup_dcookie = kernel.function("sys_lookup_dcookie") ? {
name = "lookup_dcookie"
cookie = $cookie64
buffer_uaddr = $buf
len = $len
argstr = sprintf("%d, %p, %d", $cookie64, $buf, $len)
}
-probe syscall.lookup_dcookie.return = kernel.function("sys_lookup_dcookie").return {
+probe syscall.lookup_dcookie.return = kernel.function("sys_lookup_dcookie").return ? {
name = "lookup_dcookie"
retstr = returnstr(1)
}
@@ -2303,29 +2381,45 @@ probe syscall.mprotect.return = kernel.function("sys_mprotect").return {
# long sys_mq_getsetattr(mqd_t mqdes,
# const struct mq_attr __user *u_mqstat,
# struct mq_attr __user *u_omqstat)
+# long compat_sys_mq_getsetattr(mqd_t mqdes,
+# const struct compat_mq_attr __user *u_mqstat,
+# struct compat_mq_attr __user *u_omqstat)
#
-probe syscall.mq_getsetattr = kernel.function("sys_mq_getsetattr") {
+probe syscall.mq_getsetattr =
+ kernel.function("sys_mq_getsetattr") ?,
+ kernel.function("compat_sys_mq_getsetattr") ?
+{
name = "mq_getsetattr"
mqdes = $mqdes
u_mqstat_uaddr = $u_mqstat
u_omqstat_uaddr = $u_omqstat
argstr = sprintf("%d, %p, %p", $mqdes, $u_mqstat, $u_omqstat)
}
-probe syscall.mq_getsetattr.return = kernel.function("sys_mq_getsetattr").return {
+probe syscall.mq_getsetattr.return =
+ kernel.function("sys_mq_getsetattr").return ?,
+ kernel.function("compat_sys_mq_getsetattr").return ?
+{
name = "mq_getsetattr"
retstr = returnstr(1)
}
# mq_notify __________________________________________________
# long sys_mq_notify(mqd_t mqdes, const struct sigevent __user *u_notification)
+# long compat_sys_mq_notify(mqd_t mqdes, const struct compat_sigevent __user *u_notification)
#
-probe syscall.mq_notify = kernel.function("sys_mq_notify") {
+probe syscall.mq_notify =
+ kernel.function("sys_mq_notify") ?,
+ kernel.function("compat_sys_mq_notify") ?
+{
name = "mq_notify"
mqdes = $mqdes
notification_uaddr = $u_notification
argstr = sprintf("%d, %p", $mqdes, $u_notification)
}
-probe syscall.mq_notify.return = kernel.function("sys_mq_notify").return {
+probe syscall.mq_notify.return =
+ kernel.function("sys_mq_notify").return ?,
+ kernel.function("compat_sys_mq_notify").return ?
+{
name = "mq_notify"
retstr = returnstr(1)
}
@@ -2335,8 +2429,14 @@ probe syscall.mq_notify.return = kernel.function("sys_mq_notify").return {
# int oflag,
# mode_t mode,
# struct mq_attr __user *u_attr)
+# long compat_sys_mq_open(const char __user *u_name,
+# int oflag, compat_mode_t mode,
+# struct compat_mq_attr __user *u_attr)
#
-probe syscall.mq_open = kernel.function("sys_mq_open") {
+probe syscall.mq_open =
+ kernel.function("sys_mq_open") ?,
+ kernel.function("compat_sys_mq_open") ?
+{
name = "mq_open"
name_uaddr = $u_name
filename = user_string($u_name)
@@ -2345,11 +2445,14 @@ probe syscall.mq_open = kernel.function("sys_mq_open") {
oflag = $oflag
if (oflag & 64)
argstr = sprintf("%s, %s, %#o, %p", user_string_quoted($u_name),
- _sys_open_flag_str(oflag), $mode, $u_attr)
+ _sys_open_flag_str($oflag), $mode, $u_attr)
else
- argstr = sprintf("%s, %s", user_string_quoted($u_name), _sys_open_flag_str(oflag))
+ argstr = sprintf("%s, %s", user_string_quoted($u_name), _sys_open_flag_str($oflag))
}
-probe syscall.mq_open.return = kernel.function("sys_mq_open").return {
+probe syscall.mq_open.return =
+ kernel.function("sys_mq_open").return ?,
+ kernel.function("compat_sys_mq_open").return ?
+{
name = "mq_open"
retstr = returnstr(1)
}
@@ -2360,8 +2463,15 @@ probe syscall.mq_open.return = kernel.function("sys_mq_open").return {
# size_t msg_len,
# unsigned int __user *u_msg_prio,
# const struct timespec __user *u_abs_timeout)
-#
-probe syscall.mq_timedreceive = kernel.function("sys_mq_timedreceive") {
+# ssize_t compat_sys_mq_timedreceive(mqd_t mqdes,
+# char __user *u_msg_ptr,
+# size_t msg_len, unsigned int __user *u_msg_prio,
+# const struct compat_timespec __user *u_abs_timeout)
+#
+probe syscall.mq_timedreceive =
+ kernel.function("sys_mq_timedreceive") ?,
+ kernel.function("compat_sys_mq_timedreceive") ?
+{
name = "mq_timedreceive"
mqdes = $mqdes
msg_ptr_uaddr = $u_msg_ptr
@@ -2371,7 +2481,10 @@ probe syscall.mq_timedreceive = kernel.function("sys_mq_timedreceive") {
argstr = sprintf("%d, %p, %d, %p, %p", $mqdes, $u_msg_ptr, $msg_len,
$u_msg_prio, $u_abs_timeout)
}
-probe syscall.mq_timedreceive.return = kernel.function("sys_mq_timedreceive").return {
+probe syscall.mq_timedreceive.return =
+ kernel.function("sys_mq_timedreceive").return ?,
+ kernel.function("compat_sys_mq_timedreceive").return ?
+{
name = "mq_timedreceive"
retstr = returnstr(1)
}
@@ -2382,8 +2495,15 @@ probe syscall.mq_timedreceive.return = kernel.function("sys_mq_timedreceive").re
# size_t msg_len,
# unsigned int msg_prio,
# const struct timespec __user *u_abs_timeout)
-#
-probe syscall.mq_timedsend = kernel.function("sys_mq_timedsend") {
+# long compat_sys_mq_timedsend(mqd_t mqdes,
+# const char __user *u_msg_ptr,
+# size_t msg_len, unsigned int msg_prio,
+# const struct compat_timespec __user *u_abs_timeout)
+#
+probe syscall.mq_timedsend =
+ kernel.function("sys_mq_timedsend") ?,
+ kernel.function("compat_sys_mq_timedsend") ?
+{
name = "mq_timedsend"
mqdes = $mqdes
msg_ptr_uaddr = $u_msg_ptr
@@ -2393,7 +2513,10 @@ probe syscall.mq_timedsend = kernel.function("sys_mq_timedsend") {
argstr = sprintf("%d, %p, %d, %d, %p", $mqdes, $u_msg_ptr, $msg_len,
$msg_prio, $u_abs_timeout)
}
-probe syscall.mq_timedsend.return = kernel.function("sys_mq_timedsend").return {
+probe syscall.mq_timedsend.return =
+ kernel.function("sys_mq_timedsend").return ?,
+ kernel.function("compat_sys_mq_timedsend").return ?
+{
name = "mq_timedsend"
retstr = returnstr(1)
}
@@ -2401,13 +2524,13 @@ probe syscall.mq_timedsend.return = kernel.function("sys_mq_timedsend").return {
# mq_unlink __________________________________________________
# long sys_mq_unlink(const char __user *u_name)
#
-probe syscall.mq_unlink = kernel.function("sys_mq_unlink") {
+probe syscall.mq_unlink = kernel.function("sys_mq_unlink") ? {
name = "mq_unlink"
u_name_uaddr = $u_name
u_name = user_string($u_name)
argstr = user_string_quoted($u_name)
}
-probe syscall.mq_unlink.return = kernel.function("sys_mq_unlink").return {
+probe syscall.mq_unlink.return = kernel.function("sys_mq_unlink").return ? {
name = "mq_unlink"
retstr = returnstr(1)
}
@@ -2437,14 +2560,14 @@ probe syscall.mremap.return = kernel.function("sys_mremap").return {
# msgctl _____________________________________________________
# long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf)
#
-probe syscall.msgctl = kernel.function("sys_msgctl") {
+probe syscall.msgctl = kernel.function("sys_msgctl") ? {
name = "msgctl"
msqid = $msqid
cmd = $cmd
buf_uaddr = $buf
argstr = sprintf("%d, %d, %p", $msqid, $cmd, $buf)
}
-probe syscall.msgctl.return = kernel.function("sys_msgctl").return {
+probe syscall.msgctl.return = kernel.function("sys_msgctl").return ? {
name = "msgctl"
retstr = returnstr(1)
}
@@ -2464,14 +2587,14 @@ probe syscall.compat_sys_msgctl.return = kernel.function("compat_sys_msgctl").re
# msgget _____________________________________________________
# long sys_msgget (key_t key, int msgflg)
#
-probe syscall.msgget = kernel.function("sys_msgget") {
+probe syscall.msgget = kernel.function("sys_msgget") ? {
name = "msgget"
key = $key
msgflg = $msgflg
msgflg_str = _sys_open_flag_str($msgflg)
argstr = sprintf("%d, %s", $key, _sys_open_flag_str($msgflg))
}
-probe syscall.msgget.return = kernel.function("sys_msgget").return {
+probe syscall.msgget.return = kernel.function("sys_msgget").return ? {
name = "msgget"
retstr = returnstr(1)
}
@@ -2483,7 +2606,7 @@ probe syscall.msgget.return = kernel.function("sys_msgget").return {
# long msgtyp,
# int msgflg)
#
-probe syscall.msgrcv = kernel.function("sys_msgrcv") {
+probe syscall.msgrcv = kernel.function("sys_msgrcv") ? {
name = "msgrcv"
msqid = $msqid
msgp_uaddr = $msgp
@@ -2492,7 +2615,7 @@ probe syscall.msgrcv = kernel.function("sys_msgrcv") {
msgflg = $msgflg
argstr = sprintf("%d, %p, %d, %d, %d", $msqid, $msgp, $msgsz, $msgtyp, $msgflg)
}
-probe syscall.msgrcv.return = kernel.function("sys_msgrcv").return {
+probe syscall.msgrcv.return = kernel.function("sys_msgrcv").return ? {
name = "msgrcv"
retstr = returnstr(1)
}
@@ -2516,7 +2639,7 @@ probe syscall.compat_sys_msgrcv.return = kernel.function("compat_sys_msgrcv").re
# size_t msgsz,
# int msgflg)
#
-probe syscall.msgsnd = kernel.function("sys_msgsnd") {
+probe syscall.msgsnd = kernel.function("sys_msgsnd") ? {
name = "msgsnd"
msqid = $msqid
msgp_uaddr = $msgp
@@ -2524,7 +2647,7 @@ probe syscall.msgsnd = kernel.function("sys_msgsnd") {
msgflg = $msgflg
argstr = sprintf("%d, %p, %d, %d", $msqid, $msgp, $msgsz, $msgflg)
}
-probe syscall.msgsnd.return = kernel.function("sys_msgsnd").return {
+probe syscall.msgsnd.return = kernel.function("sys_msgsnd").return ? {
name = "msgsnd"
retstr = returnstr(1)
}
diff --git a/tapset/syscalls2.stp b/tapset/syscalls2.stp
index 6606624c..f042cadd 100644
--- a/tapset/syscalls2.stp
+++ b/tapset/syscalls2.stp
@@ -101,6 +101,8 @@ probe syscall.ni_syscall.return = kernel.function("sys_ni_syscall").return {
# open _______________________________________________________
# long sys_open(const char __user * filename, int flags, int mode)
+# (obsolete) long sys32_open(const char * filename, int flags, int mode)
+#
probe syscall.open =
kernel.function("sys_open") ?,
kernel.function("compat_sys_open") ?,
@@ -447,7 +449,7 @@ probe syscall.compat_pselect7a = kernel.function("compat_sys_pselect7") ? {
argstr = sprintf("%d, %p, %p, %p, %s, %p, %d", $n, $inp, $outp, $exp,
_struct_compat_timespec_u($tsp,1), $sigmask, $sigsetsize)
}
-probe syscall.compat_pselect7.return = kernel.function("compat_sys_pselect").return ? {
+probe syscall.compat_pselect7.return = kernel.function("compat_sys_pselect7").return ? {
name = "pselect7"
retstr = returnstr(1)
}
@@ -578,12 +580,19 @@ probe syscall.readahead.return = kernel.function("sys_readahead").return {
# readdir ___________________________________________________
#
# long compat_sys_old_readdir(unsigned int fd, struct compat_old_linux_dirent __user *dirent, unsigned int count)
-#
-probe syscall.readdir = kernel.function("compat_sys_old_readdir") ? {
+# int old32_readdir(unsigned int fd, struct old_linux_dirent32 *dirent, unsigned int count)
+#
+probe syscall.readdir =
+ kernel.function("compat_sys_old_readdir") ?,
+ kernel.function("old32_readdir") ?
+{
name = "readdir"
argstr = sprintf("%d, %p, %d", $fd, $dirent, $count)
}
-probe syscall.readdir.return = kernel.function("compat_sys_old_readdir").return ? {
+probe syscall.readdir.return =
+ kernel.function("compat_sys_old_readdir").return ?,
+ kernel.function("old32_readdir").return ?
+{
name = "readdir"
retstr = returnstr(1)
}
@@ -674,7 +683,7 @@ probe syscall.recv = kernel.function("sys_recv") ? {
len = $size
flags = $flags
flags_str = _recvflags_str($flags)
- argstr = sprintf("%d, %p, %d, %s", $fd, $ubuf, $size, flags_str)
+ argstr = sprintf("%d, %p, %d, %s", $fd, $ubuf, $size, _recvflags_str($flags))
}
probe syscall.recv.return = kernel.function("sys_recv").return ? {
name = "recv"
@@ -690,7 +699,7 @@ probe syscall.recv.return = kernel.function("sys_recv").return ? {
# struct sockaddr __user *addr,
# int __user *addr_len)
#
-probe syscall.recvfrom = kernel.function("sys_recvfrom") {
+probe syscall.recvfrom = kernel.function("sys_recvfrom") ? {
name = "recvfrom"
s = $fd
buf_uaddr = $ubuf
@@ -700,7 +709,7 @@ probe syscall.recvfrom = kernel.function("sys_recvfrom") {
addr_uaddr = $addr
addrlen_uaddr = $addr_len
argstr = sprintf("%d, %p, %d, %s, %p, %p",
- $fd, $ubuf, $size, flags_str, $addr, $addr_len)
+ $fd, $ubuf, $size, _recvflags_str($flags), $addr, $addr_len)
}
probe syscall.recvfrom.return = kernel.function("sys_recvfrom").return ? {
name = "recvfrom"
@@ -1102,34 +1111,28 @@ probe syscall.sched_get_priority_min.return =
}
# sched_getscheduler _________________________________________
#
-# asmlinkage long
-# sys_sched_getscheduler(pid_t pid)
+# long sys_sched_getscheduler(pid_t pid)
#
probe syscall.sched_getscheduler = kernel.function("sys_sched_getscheduler") {
name = "sched_getscheduler"
pid = $pid
- argstr = sprint(pid)
+ argstr = sprint($pid)
}
-probe syscall.sched_getscheduler.return =
- kernel.function("sys_sched_getscheduler").return {
+probe syscall.sched_getscheduler.return = kernel.function("sys_sched_getscheduler").return {
name = "sched_getscheduler"
retstr = returnstr(1)
}
# sched_rr_get_interval ______________________________________
#
-# asmlinkage long
-# sys_sched_rr_get_interval(pid_t pid,
-# struct timespec __user *interval)
+# long sys_sched_rr_get_interval(pid_t pid, struct timespec __user *interval)
#
-probe syscall.sched_rr_get_interval =
- kernel.function("sys_sched_rr_get_interval") {
+probe syscall.sched_rr_get_interval = kernel.function("sys_sched_rr_get_interval") {
name = "sched_rr_get_interval"
pid = $pid
tp_uaddr = $interval
argstr = sprintf("%d, %s", $pid, _struct_timespec_u($interval,1))
}
-probe syscall.sched_rr_get_interval.return =
- kernel.function("sys_sched_rr_get_interval").return {
+probe syscall.sched_rr_get_interval.return = kernel.function("sys_sched_rr_get_interval").return {
name = "sched_rr_get_interval"
retstr = returnstr(1)
}
@@ -2108,6 +2111,29 @@ probe syscall.signal.return = kernel.function("sys_signal").return ? {
retstr = returnstr(1)
}
+# signalfd _____________________________________________________
+#
+# long sys_signalfd(int ufd, sigset_t __user *user_mask, size_t sizemask)
+# long compat_sys_signalfd(int ufd, const compat_sigset_t __user *sigmask,
+# compat_size_t sigsetsize)
+#
+probe syscall.signalfd = kernel.function("sys_signalfd") ? {
+ name = "signalfd"
+ argstr = sprintf("%d, %p, %d", $ufd, $user_mask, $sizemask)
+}
+probe syscall.signalfd.return = kernel.function("sys_signalfd").return ? {
+ name = "signalfd"
+ retstr = returnstr(1)
+}
+probe syscall.compat_signalfd = kernel.function("compat_sys_signalfd") ? {
+ name = "compat_signalfd"
+ argstr = sprintf("%d, %p, %d", $ufd, $sigmask, $sigsetsize)
+}
+probe syscall.compat_signalfd.return = kernel.function("compat_sys_signalfd").return ? {
+ name = "compat_signalfd"
+ retstr = returnstr(1)
+}
+
# sigpending _________________________________________________
# long sys_sigpending(old_sigset_t __user *set)
#
@@ -2195,13 +2221,13 @@ probe syscall.socket.return = kernel.function("sys_socket").return ? {
#
# long sys_socketcall(int call, unsigned long __user *args)
#
-#probe syscall.socketcall = kernel.function("sys_socketcall") {
+#probe syscall.socketcall = kernel.function("sys_socketcall") ? {
# name = "socketcall"
# call = $call
# args_uaddr = $args
# argstr = sprintf("%d, %p", $call, args_uaddr)
#}
-#probe syscall.socketcall.return = kernel.function("sys_socketcall").return {
+#probe syscall.socketcall.return = kernel.function("sys_socketcall").return ? {
# name = "socketcall"
# retstr = returnstr(1)
#}
@@ -2228,17 +2254,32 @@ probe syscall.socketpair.return = kernel.function("sys_socketpair").return ? {
retstr = returnstr(1)
}
+# splice ___________________________________________________
+#
+# long sys_splice(int fd_in, loff_t __user *off_in,
+# int fd_out, loff_t __user *off_out,
+# size_t len, unsigned int flags)
+#
+probe syscall.splice = kernel.function("sys_splice") ? {
+ name = "splice"
+ argstr = sprintf("%d, %p, %d, %p, %d, 0x%x",
+ $fd_in, $off_in, $fd_out, $off_out, $len, $flags)
+}
+probe syscall.splice.return = kernel.function("sys_splice").return ? {
+ name = "splice"
+ retstr = returnstr(1)
+}
+
# ssetmask ___________________________________________________
#
-# asmlinkage long
-# sys_ssetmask(int newmask)
+# long sys_ssetmask(int newmask)
#
-probe syscall.ssetmask = kernel.function("sys_ssetmask")? {
+probe syscall.ssetmask = kernel.function("sys_ssetmask") ? {
name = "ssetmask"
newmask = $newmask
argstr = sprint($newmask)
}
-probe syscall.ssetmask.return = kernel.function("sys_ssetmask").return ?{
+probe syscall.ssetmask.return = kernel.function("sys_ssetmask").return ? {
name = "ssetmask"
retstr = returnstr(1)
}
@@ -2303,7 +2344,7 @@ probe syscall.statfs.return =
#
probe syscall.statfs64 =
kernel.function("sys_statfs64") ?,
- kernel.function("comp_sys_statfs64") ?
+ kernel.function("compat_sys_statfs64") ?
{
name = "statfs"
path = user_string($path)
@@ -2313,7 +2354,7 @@ probe syscall.statfs64 =
}
probe syscall.statfs64.return =
kernel.function("sys_statfs64").return ?,
- kernel.function("comp_sys_statfs64").return ?
+ kernel.function("compat_sys_statfs64").return ?
{
name = "statfs"
retstr = returnstr(1)
@@ -2465,6 +2506,19 @@ probe syscall.syslog.return = kernel.function("sys_syslog").return {
retstr = returnstr(1)
}
+# tee _____________________________________________________
+#
+# long sys_tee(int fdin, int fdout, size_t len, unsigned int flags)
+#
+probe syscall.tee = kernel.function("sys_tee") ? {
+ name = "tee"
+ argstr = sprintf("%d, %d, %d, 0x%x", $fdin, $fdout, $len, $flags)
+}
+probe syscall.tee.return = kernel.function("sys_tee").return {
+ name = "tee"
+ retstr = returnstr(1)
+}
+
# tgkill _____________________________________________________
#
# asmlinkage long
@@ -2599,6 +2653,28 @@ probe syscall.timer_settime.return =
retstr = returnstr(1)
}
+# timerfd ______________________________________________
+#
+# long sys_timerfd(int ufd, int clockid, int flags,
+# const struct itimerspec __user *utmr)
+# long compat_sys_timerfd(int ufd, int clockid, int flags,
+# const struct compat_itimerspec __user *utmr)
+#
+probe syscall.timerfd =
+ kernel.function("sys_timerfd") ?,
+ kernel.function("compat_sys_timerfd") ?
+{
+ name = "timerfd"
+ argstr = sprintf("%d, %d, 0x%x", $ufd, $clockid, $flags)
+}
+probe syscall.timerfd.return =
+ kernel.function("sys_timerfd").return ?,
+ kernel.function("compat_sys_timerfd").return ?
+{
+ name = "timerfd"
+ retstr = returnstr(1)
+}
+
# times ______________________________________________________
#
# long sys_times(struct tms __user * tbuf)
@@ -2784,7 +2860,7 @@ probe syscall.utime = kernel.function("sys_utime") ? {
filename = user_string($filename)
buf_uaddr = $times
buf_str = _struct_utimbuf_u($times)
- argstr = sprintf("%s, [%s]", user_string_quoted($filename), buf_str)
+ argstr = sprintf("%s, %s", user_string_quoted($filename), buf_str)
}
probe syscall.utime.return = kernel.function("sys_utime").return ? {
name = "utime"
@@ -2798,7 +2874,7 @@ probe syscall.compat_utime = kernel.function("compat_sys_utime") ? {
filename = user_string($filename)
buf_uaddr = $t
buf_str = _struct_compat_utimbuf_u($t)
- argstr = sprintf("%s, [%s]", user_string_quoted($filename), _struct_compat_utimbuf_u($t))
+ argstr = sprintf("%s, %s", user_string_quoted($filename), _struct_compat_utimbuf_u($t))
}
probe syscall.compat_utime.return = kernel.function("compat_sys_utime").return ? {
name = "utime"
@@ -2843,17 +2919,18 @@ probe syscall.compat_sys_utimes.return = kernel.function("compat_sys_utimes").re
probe syscall.utimensat = kernel.function("sys_utimensat") ? {
name = "utimensat"
argstr = sprintf("%s, %s, %s, %s", _dfd_str($dfd), user_string_quoted($filename), _struct_timespec_u($utimes,2),
- _utimensat_flag_str($flags))
+ _at_flag_str($flags))
}
probe syscall.compat_utimensat = kernel.function("compat_sys_utimensat") ? {
name = "utimensat"
argstr = sprintf("%s, %s, %s, %s", _dfd_str($dfd), user_string_quoted($filename), _struct_compat_timespec_u($utimes,2),
- _utimensat_flag_str($flags))
+ _at_flag_str($flags))
}
-probe syscall.utimensat.return =
- kernel.function("sys_utimensat").return ?,
- kernel.function("compat_sys_utimensat").return ?
-{
+probe syscall.utimensat.return = kernel.function("sys_utimensat").return ? {
+ name = "utimensat"
+ retstr = returnstr(1)
+}
+probe syscall.compat_utimensat.return = kernel.function("compat_sys_utimensat").return ? {
name = "utimensat"
retstr = returnstr(1)
}
@@ -2872,6 +2949,30 @@ probe syscall.vhangup.return = kernel.function("sys_vhangup").return {
retstr = returnstr(1)
}
+# vmsplice ___________________________________________________
+#
+# long sys_vmsplice(int fd, const struct iovec __user *iov,
+# unsigned long nr_segs, unsigned int flags)
+# long compat_sys_vmsplice(int fd, const struct compat_iovec __user *iov32,
+# unsigned int nr_segs, unsigned int flags)
+#
+probe syscall.vmsplice = kernel.function("sys_vmsplice") ? {
+ name = "vmsplice"
+ argstr = sprintf("%d, %p, %d, 0x%x", $fd, $iov, $nr_segs, $flags)
+}
+probe syscall.compat_vmsplice = kernel.function("compat_sys_vmsplice") ? {
+ name = "vmsplice"
+ argstr = sprintf("%d, %p, %d, 0x%x", $fd, $iov32, $nr_segs, $flags)
+}
+probe syscall.vmsplice.return = kernel.function("sys_vmsplice").return ? {
+ name = "vmsplice"
+ retstr = returnstr(1)
+}
+probe syscall.compat_vmsplice.return = kernel.function("compat_sys_vmsplice").return ? {
+ name = "vmsplice"
+ retstr = returnstr(1)
+}
+
# wait4 ______________________________________________________
#
# long sys_wait4(pid_t pid,
generated by cgit (git 2.34.1) at 2025-08-06 15:37:01 +0000