7 files changed, 206 insertions, 30 deletions
diff --git a/tapset/context-symbols.stp b/tapset/context-symbols.stp
index e4406d9b..3ec7a866 100644
--- a/tapset/context-symbols.stp
+++ b/tapset/context-symbols.stp
@@ -8,7 +8,7 @@
 // later version.
 // <tapsetdescription>
 // Context functions provide additional information about where an event occurred. These functions can 
-//provide information such as a backtrace to where the event occured and the current register values for the 
+//provide information such as a backtrace to where the event occurred and the current register values for the 
 //processor.
 // </tapsetdescription>
 %{
@@ -19,7 +19,7 @@
 
 /**
  * sfunction print_stack - Print out stack from string.
- * @stk: String with list of hexidecimal addresses.
+ * @stk: String with list of hexadecimal addresses.
  *
  *  Perform a symbolic lookup of the addresses in the given  string,
  *  which is assumed to be the result of a prior call to 
@@ -138,7 +138,7 @@ function symname:string (addr: long) %{ /* pure */
  * Description: Returns the (function) symbol name associated with the
  * given address if known, plus the module name (between brackets) and
  * the offset inside the module, plus the size of the symbol function.
- * If any element is not known it will be ommitted and if the symbol name
+ * If any element is not known it will be omitted and if the symbol name
  * is unknown it will return the hex string for the given address.
  */
 function symdata:string (addr: long) %{ /* pure */
diff --git a/tapset/context-unwind.stp b/tapset/context-unwind.stp
index d6654d25..4ad45dba 100644
--- a/tapset/context-unwind.stp
+++ b/tapset/context-unwind.stp
@@ -8,7 +8,7 @@
 // later version.
 // <tapsetdescription>
 // Context functions provide additional information about where an event occurred. These functions can 
-//provide information such as a backtrace to where the event occured and the current register values for the 
+//provide information such as a backtrace to where the event occurred and the current register values for the 
 //processor.
 // </tapsetdescription>
 %{
diff --git a/tapset/context.stp b/tapset/context.stp
index 92c325ce..21af79b4 100644
--- a/tapset/context.stp
+++ b/tapset/context.stp
@@ -7,8 +7,8 @@
 // Public License (GPL); either version 2, or (at your option) any
 // later version.
 // <tapsetdescription>
-// Context functions provide additional information about where an event occurred. These functions can 
-//provide information such as a backtrace to where the event occured and the current register values for the 
+// Context functions provide additional information about where an event occurred. These functions can
+//provide information such as a backtrace to where the event occurred and the current register values for the
 //processor.
 // </tapsetdescription>
 
@@ -78,7 +78,7 @@ function pgrp:long () %{ /* pure */
 
 /**
  * sfunction sid - Returns the session ID of the current process.
- * 
+ *
  * The session ID of a process is the process group ID of the session
  * leader. Session ID is stored in the signal_struct since Kernel 2.6.0.
  */
@@ -108,9 +108,9 @@ function pexecname:string () %{ /* pure */
  */
 function gid:long () %{ /* pure */
 #ifdef STAPCONF_TASK_UID
-	THIS->__retvalue = current->gid;		
+	THIS->__retvalue = current->gid;
 #else
-	THIS->__retvalue = current_gid();	
+	THIS->__retvalue = current_gid();
 #endif
 %}
 
@@ -119,9 +119,9 @@ function gid:long () %{ /* pure */
  */
 function egid:long () %{ /* pure */
 #ifdef STAPCONF_TASK_UID
-	THIS->__retvalue = current->egid;		
+	THIS->__retvalue = current->egid;
 #else
-	THIS->__retvalue = current_egid();	
+	THIS->__retvalue = current_egid();
 #endif
 %}
 
@@ -130,9 +130,9 @@ function egid:long () %{ /* pure */
  */
 function uid:long () %{ /* pure */
 #ifdef STAPCONF_TASK_UID
-	THIS->__retvalue = current->uid;		
+	THIS->__retvalue = current->uid;
 #else
-	THIS->__retvalue = current_uid();	
+	THIS->__retvalue = current_uid();
 #endif
 %}
 
@@ -141,15 +141,14 @@ function uid:long () %{ /* pure */
  */
 function euid:long () %{ /* pure */
 #ifdef STAPCONF_TASK_UID
-	THIS->__retvalue = current->euid;		
+	THIS->__retvalue = current->euid;
 #else
-	THIS->__retvalue = current_euid();	
+	THIS->__retvalue = current_euid();
 #endif
 %}
 
 /**
- * sfunction is_myproc - Determines if the current probe point has occurred in
- * the user's own process.
+ * sfunction is_myproc - Determines if the current probe point has occurred in the user's own process.
  *
  *  Return 1 if the current probe point has occurred in the user's own process.
  */
@@ -177,7 +176,7 @@ function cpu:long () %{ /* pure */
  * sfunction pp - Return the probe point associated with the currently running probe handler,
  * including alias and wildcard expansion effects
  * Context:
- * The current probe point. 
+ * The current probe point.
  */
 function pp:string () %{ /* pure */
 	strlcpy (THIS->__retvalue, CONTEXT->probe_point, MAXSTRINGLEN);
@@ -221,8 +220,8 @@ function user_mode:long () %{ /* pure */ /* currently a user-mode address? */
 function is_return:long () %{ /* pure */
 	if (CONTEXT->pi)
 		THIS->__retvalue = 1;
-	else	
-		THIS->__retvalue = 0;	
+	else
+		THIS->__retvalue = 0;
 %}
 
 /**
@@ -285,7 +284,7 @@ function stack_unused:long () %{ /* pure */
  * sfunction uaddr - User space address of current running task. EXPERIMENTAL.
  *
  * Description: Returns the address in userspace that the current
- * task was at when the probe occured. When the current running task
+ * task was at when the probe occurred. When the current running task
  * isn't a user space thread, or the address cannot be found, zero
  * is returned. Can be used to see where the current task is combined
  * with usymname() or symdata(). Often the task will be in the VDSO
diff --git a/tapset/networking.stp b/tapset/networking.stp
index f6d78536..0c9d8afb 100644
--- a/tapset/networking.stp
+++ b/tapset/networking.stp
@@ -8,11 +8,17 @@
 // <tapsetdescription>
 // This family of probe points is used to probe the activities of the network device. 
 // </tapsetdescription>
+
+/* A function that returns the device name given the net_device struct */
+function get_netdev_name:string (addr:long) {
+	return kernel_string(@cast(addr, "net_device")->name)
+}
+
 /**
- * probe netdev.receive - Data recieved from network device.
+ * probe netdev.receive - Data received from network device.
  * @dev_name: The name of the device. e.g: eth0, ath1.
  * @length: The length of the receiving buffer.
- * @protocol: Protocol of recieved packet.
+ * @protocol: Protocol of received packet.
  *
  */
 ///    <varlistentry><term>protocol</term>
@@ -66,7 +72,7 @@ probe netdev.receive
  * @dev_name: The name of the device. e.g: eth0, ath1.
  * @length: The length of the transmit buffer.
  * @protocol: The protocol of this packet.
- * @truesize: The size of the the data to be transmitted.
+ * @truesize: The size of the data to be transmitted.
  *
  */
 // Queue a buffer for transmission to a network device
@@ -78,3 +84,174 @@ probe netdev.transmit
 	protocol = $skb->protocol
 	truesize = $skb->truesize
 }
+
+/**
+ * probe netdev.change_mtu - Called when the netdev MTU is changed
+ * @dev_name: The device that will have the MTU changed
+ * @old_mtu: The current MTU
+ * @new_mtu: The new MTU
+ */
+probe netdev.change_mtu
+	= kernel.function("dev_set_mtu")
+{
+	old_mtu = $dev->mtu
+	new_mtu = $new_mtu
+	dev_name = get_netdev_name($dev)
+}
+
+/**
+ * probe netdev.open - Called when the device is opened
+ * @dev_name: The device that is going to be opened
+ */
+probe netdev.open
+	= kernel.function("dev_open")
+{
+	dev_name = get_netdev_name($dev)
+}
+
+/**
+ * probe netdev.close - Called when the device is closed
+ * @dev_name: The device that is going to be closed
+ */
+probe netdev.close
+	= kernel.function("dev_close")
+{
+	dev_name = get_netdev_name($dev)
+}
+
+/**
+ * probe netdev.hard_transmit - Called when the devices is going to TX (hard)
+ * @dev_name: The device scheduled to transmit
+ * @protocol: The protocol used in the transmission
+ * @length: The length of the transmit buffer.
+ * @truesize: The size of the data to be transmitted.
+ */
+probe netdev.hard_transmit
+	= kernel.function("dev_hard_start_xmit")
+{
+	dev_name = get_netdev_name($dev)
+	protocol = $skb->protocol
+	length = $skb->len
+	truesize = $skb->truesize
+}
+
+/**
+ * probe netdev.rx - Called when the device is going to receive a packet
+ * @dev_name: The device received the packet
+ * @protocol: The packet protocol
+ */
+probe netdev.rx
+	= kernel.function("netif_rx")
+{
+	netdev = $skb->dev
+	dev_name = get_netdev_name(netdev)
+	protocol = $skb->protocol
+}
+
+/**
+ * probe netdev.change_rx_flag - Called when the device RX flag will be changed
+ * @dev_name: The device that will be changed
+ * @flags: The new flags
+ */
+probe netdev.change_rx_flag
+	= kernel.function("dev_change_rx_flags")
+{
+	dev_name = get_netdev_name($dev)
+	flags = $flags
+}
+
+/**
+ * probe netdev.set_promiscuity - Called when the device enters/leaves promiscuity
+ * @dev_name: The device that is entering/leaving promiscuity mode
+ * @enable: If the device is entering promiscuity mode
+ * @disable: If the device is leaving promiscuity mode
+ * @inc: Count the number of promiscuity openers
+ */
+probe netdev.set_promiscuity
+	= kernel.function("dev_set_promiscuity")
+{
+	dev_name = get_netdev_name($dev)
+	if ($inc){
+		enable = 1
+	} else {
+		disable = 1
+	}
+	inc = $inc
+}
+
+/**
+ * probe netdev.ioctl - Called when the device suffers an IOCTL
+ * @cmd: The IOCTL request
+ * @arg: The IOCTL argument (usually the netdev interface)
+ */
+probe netdev.ioctl
+	= kernel.function("dev_ioctl")
+{
+	cmd = $cmd
+	arg = user_string($arg)
+}
+
+/**
+ * probe netdev.register - Called when the device is registered
+ * @dev_name: The device that is going to be registered
+ */
+probe netdev.register
+	= kernel.function("register_netdevice"),
+	  kernel.function("register_netdev")
+{
+	dev_name = get_netdev_name($dev)
+}
+
+/**
+ * probe netdev.unregister - Called when the device is being unregistered
+ * @dev_name: The device that is going to be unregistered
+ */
+probe netdev.unregister
+	= kernel.function("unregister_netdev")
+{
+	dev_name = get_netdev_name($dev)
+}
+
+/**
+ * probe netdev.get_stats - Called when someone asks the device statistics
+ * @dev_name: The device that is going to provide the statistics
+ */
+probe netdev.get_stats
+	= kernel.function("dev_get_stats")
+{
+	dev_name = get_netdev_name($dev)
+}
+
+/**
+ * probe netdev.change_mac - Called when the netdev_name has the MAC changed
+ * @dev_name: The device that will have the MTU changed
+ * @mac_len: The MAC length
+ * @old_mac: The current MAC address
+ * @new_mac: The new MAC address
+ */
+probe netdev.change_mac
+	= kernel.function("dev_set_mac_address")
+{
+	dev_name = get_netdev_name($dev)
+	mac_len = $dev->addr_len
+
+	// Old MAC Address
+	zero = $dev->dev_addr[0]
+	one =  $dev->dev_addr[1]
+	two =  $dev->dev_addr[2]
+	three =$dev->dev_addr[3]
+	four = $dev->dev_addr[4]
+	five = $dev->dev_addr[5]
+	old_mac = sprintf("%02x:%02x:%02x:%02x:%02x:%02x",
+			 zero, one, two, three, four, five)
+
+	// New MAC Address
+	zero = $sa->sa_data[0]
+	one  = $sa->sa_data[1]
+	two  = $sa->sa_data[2]
+	three =$sa->sa_data[3]
+	four  =$sa->sa_data[4]
+	five = $sa->sa_data[5]
+	new_mac = sprintf("%02x:%02x:%02x:%02x:%02x:%02x",
+			 zero, one, two, three, four, five)
+}
diff --git a/tapset/signal.stp b/tapset/signal.stp
index 02c761c3..2e10af0c 100644
--- a/tapset/signal.stp
+++ b/tapset/signal.stp
@@ -414,7 +414,7 @@ probe signal.syskill.return = syscall.kill.return
  *
  * The <command>tkill</command> call is analogous to <command>kill(2)</command>,
  * except that it also allows a process within a specific thread group to
- * be targetted. Such processes are targetted through their unique
+ * be targeted. Such processes are targeted through their unique
  * thread IDs (TID).
  */
 probe signal.systkill = syscall.tkill
@@ -632,7 +632,7 @@ probe signal.procmask.return = kernel.function("sigprocmask").return
 
 
 /**
- * probe signal.flush - Flusing all pending signals for a task
+ * probe signal.flush - Flushing all pending signals for a task
  * @task: The task handler of the process performing the flush
  * @sig_pid: The PID of the process associated with the task
  * performing the flush
diff --git a/tapset/socket.stp b/tapset/socket.stp
index de778d7c..b4d4981c 100644
--- a/tapset/socket.stp
+++ b/tapset/socket.stp
@@ -81,7 +81,7 @@ probe socket.receive = socket.recvmsg.return,
  *  The message sender
  *
  * Fires at the beginning of sending a message on a socket
- * via the the sock_sendmsg() function
+ * via the sock_sendmsg() function
  */
 probe socket.sendmsg = kernel.function ("sock_sendmsg")
 {
diff --git a/tapset/ucontext-symbols.stp b/tapset/ucontext-symbols.stp
index 5502f5cd..7fed71d2 100644
--- a/tapset/ucontext-symbols.stp
+++ b/tapset/ucontext-symbols.stp
@@ -9,7 +9,7 @@
 // <tapsetdescription>
 // User context symbol functions provide additional information about
 // addresses from an application. These functions can provide
-// information about the user space map (library) that the event occured or
+// information about the user space map (library) that the event occurred or
 // the function symbol of an address.
 // </tapsetdescription>
 
@@ -43,7 +43,7 @@ function usymname:string (addr: long) %{ /* pure */
  * given address in the current task if known, plus the module name
  * (between brackets) and the offset inside the module (shared library),
  * plus the size of the symbol function. If any element is not known it
- * will be ommitted and if the symbol name is unknown it will return the
+ * will be omitted and if the symbol name is unknown it will return the
  * hex string for the given address.
  */
 function usymdata:string (addr: long) %{ /* pure */
@@ -53,7 +53,7 @@ function usymdata:string (addr: long) %{ /* pure */
 
 /**
  * sfunction print_ustack - Print out stack for the current task from string. EXPERIMENTAL!
- * @stk: String with list of hexidecimal addresses for the current task.
+ * @stk: String with list of hexadecimal addresses for the current task.
  *
  *  Perform a symbolic lookup of the addresses in the given string,
  *  which is assumed to be the result of a prior call to