# arch_prctl _________________________________________________
/*
 * long sys_arch_prctl(int code,
 *                     unsigned long addr)
 */
probe kernel.syscall.arch_prctl =
   kernel.function("sys_arch_prctl") {
      name = "arch_prctl"
      code = $code
      addr = $addr
   }
probe kernel.syscall.arch_prctl.return =
   kernel.function("sys_arch_prctl").return {
      name = "arch_prctl.return"
   }
# get_mempolicy ______________________________________________
/*
 * asmlinkage long
 * sys_get_mempolicy(int __user *policy,
 *                   unsigned long __user *nmask,
 *                   unsigned long maxnode,
 *                   unsigned long addr,
 *                   unsigned long flags)
 */
probe kernel.syscall.get_mempolicy =
   kernel.function("sys_get_mempolicy") {
      name = "get_mempolicy"
      policy_uaddr = $policy
      nmask_uaddr = $nmask
      maxnode = $maxnode
      addr = $addr
      flags = $flags
   }
probe kernel.syscall.get_mempolicy.return =
   kernel.function("sys_get_mempolicy").return {
      name = "get_mempolicy.return"
   }
# iopl _______________________________________________________
/*
 * asmlinkage long
 * sys_iopl(unsigned long unused)
 */
probe kernel.syscall.iopl =
   kernel.function("sys_iopl") {
      name = "iopl"
      level = $level
      regs_uaddr = $regs
   }
probe kernel.syscall.iopl.return =
   kernel.function("sys_iopl").return {
      name = "iopl.return"
   }
# mbind ______________________________________________________
/*
 * asmlinkage long
 * sys_mbind(unsigned long start,
 *           unsigned long len,
 *           unsigned long mode,
 *           unsigned long __user *nmask,
 *           unsigned long maxnode,
 *           unsigned flags)
 */
probe kernel.syscall.mbind =
   kernel.function("sys_mbind") {
      name = "mbind"
      start = $start
      len = $len
      mode = $mode
      nmask_uaddr = $nmask
      maxnode = $maxnode
      flags = $flags
   }
probe kernel.syscall.mbind.return =
   kernel.function("sys_mbind").return {
      name = "mbind.return"
   }
# mmap _______________________________________________________
/*
 * long
 * sys_mmap(unsigned long addr,
 *          unsigned long len,
 *          unsigned long prot,
 *          unsigned long flags,
 *          unsigned long fd,
 *          unsigned long off)
 */
probe kernel.syscall.mmap =
   kernel.function("sys_mmap") {
      name = "mmap"
      addr = $addr
      len = $len
      prot = $prot
      flags = $flags
      fd = $fd
      off = $off
   }
probe kernel.syscall.mmap.return =
   kernel.function("sys_mmap").return {
      name = "mmap.return"
   }
# rt_sigreturn _______________________________________________
/*
 * asmlinkage int
 * sys_rt_sigreturn(unsigned long __unused)
 */
probe kernel.syscall.rt_sigreturn =
   kernel.function("sys_rt_sigreturn") {
      name = "rt_sigreturn"
      regs_uaddr = $regs
   }
probe kernel.syscall.rt_sigreturn.return =
   kernel.function("sys_rt_sigreturn").return {
      name = "rt_sigreturn.return"
   }
# sched_setaffinity __________________________________________
/*
 * asmlinkage long
 * sys_sched_setaffinity(pid_t pid,
 *                       unsigned int len,
 *                       unsigned long __user *user_mask_ptr)
 */
probe kernel.syscall.sched_setaffinity =
   kernel.function("sys_sched_setaffinity") {
      name = "sched_setaffinity"
      pid = $pid
      /*
       * doesnt like $len on x86_64 ????
       */
      mask_uaddr = $user_mask_ptr
   }
probe kernel.syscall.sched_setaffinity.return =
   kernel.function("sys_sched_setaffinity").return {
      name = "sched_setaffinity.return"
   }
# set_mempolicy ______________________________________________
/*
 * asmlinkage long
 * sys_set_mempolicy(int mode,
 *                   unsigned long __user *nmask,
 *                   unsigned long maxnode)
 */
probe kernel.syscall.set_mempolicy =
   kernel.function("sys_set_mempolicy") {
      name = "set_mempolicy"
      mode = $mode
      nmask_uaddr = $nmask
      maxnode = $maxnode
   }
probe kernel.syscall.set_mempolicy.return =
   kernel.function("sys_set_mempolicy").return {
      name = "set_mempolicy.return"
   }
# sigaltstack ________________________________________________
/*
 * asmlinkage int
 * sys_sigaltstack(unsigned long ebx)
 */
probe kernel.syscall.sigaltstack =
   kernel.function("sys_sigaltstack") {
      name = "sigaltstack"
      uss_uaddr = $uss
      uoss_uaddr = $uoss
      regs_uaddr = $regs
   }
probe kernel.syscall.sigaltstack.return =
   kernel.function("sys_sigaltstack").return {
      name = "sigaltstack.return"
   }
# time64 _____________________________________________________
/*
 * asmlinkage long
 * sys_time64(long __user * tloc)
 */
probe kernel.syscall.time64 =
   kernel.function("sys_time64") {
      name = "time64"
      t_uaddr = $tloc
   }
probe kernel.syscall.time64.return =
   kernel.function("sys_time64").return {
      name = "time64.return"
   }
# tux ________________________________________________________
/*
 * asmlinkage long
 * sys_tux (unsigned int action,
 *          user_req_t *u_info)
 */
probe kernel.syscall.tux =
   kernel.function("sys_tux") {
      name = "tux"
      action = $action
      u_info_uaddr = $u_info
   }
probe kernel.syscall.tux.return =
   kernel.function("sys_tux").return {
      name = "tux.return"
   }
# umask ______________________________________________________
/*
 * asmlinkage long
 * sys_umask(int mask)
 */
probe kernel.syscall.umask =
   kernel.function("sys_umask") {
      name = "umask"
      /*
       * doesnt like $mask on x86_64 ????
       */
   }
probe kernel.syscall.umask.return =
   kernel.function("sys_umask").return {
      name = "umask.return"
   }