trace_syscalls.c 5.3 KB
Newer Older
1
#include <trace/syscall.h>
2
3
4
5
6
7
#include <linux/kernel.h>
#include <asm/syscall.h>

#include "trace_output.h"
#include "trace.h"

8
9
10
11
12
/* Keep a counter of the syscall tracing users */
static int refcount;

/* Prevent from races on thread flags toggling */
static DEFINE_MUTEX(syscall_trace_lock);
13

14
/* Option to display the parameters types */
15
16
17
18
19
20
21
22
23
24
enum {
	TRACE_SYSCALLS_OPT_TYPES = 0x1,
};

static struct tracer_opt syscalls_opts[] = {
	{ TRACER_OPT(syscall_arg_type, TRACE_SYSCALLS_OPT_TYPES) },
	{ }
};

static struct tracer_flags syscalls_flags = {
25
	.val = 0, /* By default: no parameters types */
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
	.opts = syscalls_opts
};

enum print_line_t
print_syscall_enter(struct trace_iterator *iter, int flags)
{
	struct trace_seq *s = &iter->seq;
	struct trace_entry *ent = iter->ent;
	struct syscall_trace_enter *trace;
	struct syscall_metadata *entry;
	int i, ret, syscall;

	trace_assign_type(trace, ent);

	syscall = trace->nr;

	entry = syscall_nr_to_meta(syscall);
	if (!entry)
		goto end;

	ret = trace_seq_printf(s, "%s(", entry->name);
	if (!ret)
		return TRACE_TYPE_PARTIAL_LINE;

	for (i = 0; i < entry->nb_args; i++) {
		/* parameter types */
		if (syscalls_flags.val & TRACE_SYSCALLS_OPT_TYPES) {
			ret = trace_seq_printf(s, "%s ", entry->types[i]);
			if (!ret)
				return TRACE_TYPE_PARTIAL_LINE;
		}
		/* parameter values */
		ret = trace_seq_printf(s, "%s: %lx%s ", entry->args[i],
				       trace->args[i],
				       i == entry->nb_args - 1 ? ")" : ",");
		if (!ret)
			return TRACE_TYPE_PARTIAL_LINE;
	}

end:
	trace_seq_printf(s, "\n");
	return TRACE_TYPE_HANDLED;
}

enum print_line_t
print_syscall_exit(struct trace_iterator *iter, int flags)
{
	struct trace_seq *s = &iter->seq;
	struct trace_entry *ent = iter->ent;
	struct syscall_trace_exit *trace;
	int syscall;
	struct syscall_metadata *entry;
	int ret;

	trace_assign_type(trace, ent);

	syscall = trace->nr;

	entry = syscall_nr_to_meta(syscall);
	if (!entry) {
		trace_seq_printf(s, "\n");
		return TRACE_TYPE_HANDLED;
	}

	ret = trace_seq_printf(s, "%s -> 0x%lx\n", entry->name,
				trace->ret);
	if (!ret)
		return TRACE_TYPE_PARTIAL_LINE;

	return TRACE_TYPE_HANDLED;
}

98
99
100
101
102
void start_ftrace_syscalls(void)
{
	unsigned long flags;
	struct task_struct *g, *t;

103
104
	mutex_lock(&syscall_trace_lock);

105
	/* Don't enable the flag on the tasks twice */
106
107
	if (++refcount != 1)
		goto unlock;
108
109
110
111
112
113
114
115

	read_lock_irqsave(&tasklist_lock, flags);

	do_each_thread(g, t) {
		set_tsk_thread_flag(t, TIF_SYSCALL_FTRACE);
	} while_each_thread(g, t);

	read_unlock_irqrestore(&tasklist_lock, flags);
116
117
118

unlock:
	mutex_unlock(&syscall_trace_lock);
119
120
121
122
123
124
125
}

void stop_ftrace_syscalls(void)
{
	unsigned long flags;
	struct task_struct *g, *t;

126
127
	mutex_lock(&syscall_trace_lock);

128
	/* There are perhaps still some users */
129
130
	if (--refcount)
		goto unlock;
131
132
133
134
135
136
137
138

	read_lock_irqsave(&tasklist_lock, flags);

	do_each_thread(g, t) {
		clear_tsk_thread_flag(t, TIF_SYSCALL_FTRACE);
	} while_each_thread(g, t);

	read_unlock_irqrestore(&tasklist_lock, flags);
139
140
141

unlock:
	mutex_unlock(&syscall_trace_lock);
142
143
144
145
}

void ftrace_syscall_enter(struct pt_regs *regs)
{
146
147
148
149
	struct syscall_trace_enter *entry;
	struct syscall_metadata *sys_data;
	struct ring_buffer_event *event;
	int size;
150
151
152
153
	int syscall_nr;

	syscall_nr = syscall_get_nr(current, regs);

154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
	sys_data = syscall_nr_to_meta(syscall_nr);
	if (!sys_data)
		return;

	size = sizeof(*entry) + sizeof(unsigned long) * sys_data->nb_args;

	event = trace_current_buffer_lock_reserve(TRACE_SYSCALL_ENTER, size,
							0, 0);
	if (!event)
		return;

	entry = ring_buffer_event_data(event);
	entry->nr = syscall_nr;
	syscall_get_arguments(current, regs, 0, sys_data->nb_args, entry->args);

	trace_current_buffer_unlock_commit(event, 0, 0);
	trace_wake_up();
171
172
173
174
}

void ftrace_syscall_exit(struct pt_regs *regs)
{
175
176
177
	struct syscall_trace_exit *entry;
	struct syscall_metadata *sys_data;
	struct ring_buffer_event *event;
178
179
180
181
	int syscall_nr;

	syscall_nr = syscall_get_nr(current, regs);

182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
	sys_data = syscall_nr_to_meta(syscall_nr);
	if (!sys_data)
		return;

	event = trace_current_buffer_lock_reserve(TRACE_SYSCALL_EXIT,
				sizeof(*entry), 0, 0);
	if (!event)
		return;

	entry = ring_buffer_event_data(event);
	entry->nr = syscall_nr;
	entry->ret = syscall_get_return_value(current, regs);

	trace_current_buffer_unlock_commit(event, 0, 0);
	trace_wake_up();
197
198
199
200
201
202
203
204
205
206
207
208
}

static int init_syscall_tracer(struct trace_array *tr)
{
	start_ftrace_syscalls();

	return 0;
}

static void reset_syscall_tracer(struct trace_array *tr)
{
	stop_ftrace_syscalls();
209
	tracing_reset_online_cpus(tr);
210
211
212
}

static struct trace_event syscall_enter_event = {
213
214
	.type	 	= TRACE_SYSCALL_ENTER,
	.trace		= print_syscall_enter,
215
216
217
};

static struct trace_event syscall_exit_event = {
218
219
	.type	 	= TRACE_SYSCALL_EXIT,
	.trace		= print_syscall_exit,
220
221
222
};

static struct tracer syscall_tracer __read_mostly = {
223
	.name	     	= "syscall",
224
	.init		= init_syscall_tracer,
225
226
	.reset		= reset_syscall_tracer,
	.flags		= &syscalls_flags,
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
};

__init int register_ftrace_syscalls(void)
{
	int ret;

	ret = register_ftrace_event(&syscall_enter_event);
	if (!ret) {
		printk(KERN_WARNING "event %d failed to register\n",
		       syscall_enter_event.type);
		WARN_ON_ONCE(1);
	}

	ret = register_ftrace_event(&syscall_exit_event);
	if (!ret) {
		printk(KERN_WARNING "event %d failed to register\n",
		       syscall_exit_event.type);
		WARN_ON_ONCE(1);
	}

	return register_tracer(&syscall_tracer);
}
device_initcall(register_ftrace_syscalls);