# getgroups16 ________________________________________________
# long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist)
probe syscall.getgroups16 = kernel.function("sys_getgroups16") {
	name = "getgroups16"
	size = $gidsetsize
	list_uaddr = $grouplist
	argstr = sprintf("%d, %p", size, list_uaddr)
}
probe syscall.getgroups16.return = kernel.function("sys_getgroups16").return {
	name = "getgroups16"
	retstr = returnstr(1)
}

# setgroups16 ________________________________________________
#
# asmlinkage long
# sys_setgroups16(int gidsetsize,
#		     old_gid_t __user *grouplist)
#
probe syscall.setgroups16 = kernel.function("sys_setgroups16") {
	name = "setgroups16"
	size = $gidsetsize
	list_uaddr = $grouplist
	argstr = ""
}
probe syscall.setgroups16.return = kernel.function("sys_setgroups16").return {
	name = "setgroups16"
	retstr = returnstr(1)
}



# quotactl ___________________________________________________
#
# asmlinkage long
# sys_quotactl(unsigned int cmd,
#		  const char __user *special,
#		  qid_t id,
#		  void __user *addr)
#
probe syscall.quotactl = kernel.function("sys_quotactl") {
	name = "quotactl"
	cmd = $cmd
	cmd_str = _quotactl_cmd_str($cmd)
	special_str = user_string($special)
	id = $id
	addr_uaddr = $addr
	argstr = sprintf("%s, %s, %p, %p", cmd_str, special_str,
				id, addr_uaddr)
}
probe syscall.quotactl.return = kernel.function("sys_quotactl").return {
	name = "quotactl"
	retstr = returnstr(1)
}
# request_key ________________________________________________
#
# asmlinkage long
# sys_request_key(const char __user *_type,
#		     const char __user *_description,
#		     const char __user *_callout_info,
#		     key_serial_t destringid)
#
probe syscall.request_key = kernel.function("sys_request_key") ? {
	name = "request_key"
	type_uaddr = $_type
	description_uaddr = $_description
	callout_info_uaddr = $_callout_info
	destringid = $destringid
	argstr = sprintf("%p, %p, %p, %p", type_uaddr,
			description_uaddr, callout_info_uaddr, destringid)
}
probe syscall.request_key.return = kernel.function("sys_request_key").return ? {
	name = "request_key"
	retstr = returnstr(1)
}


# arch_prctl _________________________________________________
# long sys_arch_prctl(int code, unsigned long addr)
#
# NOTE: x86_64 only.
#
probe syscall.arch_prctl = kernel.function("sys_arch_prctl") {
	name = "arch_prctl"
	code = $code
	addr = $addr
	argstr = sprintf("%d, %p", $code, $addr)
}
probe syscall.arch_prctl.return = kernel.function("sys_arch_prctl").return {
	name = "arch_prctl"
	retstr = returnstr(1)
}

# iopl _______________________________________________________
# long sys_iopl(unsigned int level, struct pt_regs *regs);
# NOTE. This function is only in i386 and x86_64 and its args vary
# between those two archs.
#
probe syscall.iopl = kernel.function("sys_iopl") {
	name = "iopl"
	level = $level
	argstr = sprint($level)	
}
probe syscall.iopl.return = kernel.function("sys_iopl").return {
	name = "iopl"
	retstr = returnstr(1)
}

# sigaltstack ________________________________________________
# long sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss,
#		struct pt_regs *regs)
#
# NOTE: args vary between archs.
#
probe syscall.sigaltstack = kernel.function("sys_sigaltstack") {
	name = "sigaltstack"
	uss_uaddr = $uss
	uoss_uaddr = $uoss
	regs_uaddr = $regs
	argstr = sprintf("%p, %p", $uss, $uoss)
}
probe syscall.sigaltstack.return = kernel.function("sys_sigaltstack").return {
	name = "sigaltstack"
	retstr = returnstr(1)
}