lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 12 Jun 2009 17:24:34 -0400
From:	Jason Baron <jbaron@...hat.com>
To:	linux-kernel@...r.kernel.org
Cc:	fweisbec@...il.com, mingo@...e.hu, laijs@...fujitsu.com,
	rostedt@...dmis.org, peterz@...radead.org,
	mathieu.desnoyers@...ymtl.ca, jiayingz@...gle.com,
	bligh@...gle.com, roland@...hat.com, fche@...hat.com
Subject: [PATCH 0/7] add syscall tracepoints

hi,

The following is an implementation of Frederic's syscall tracer on top of
tracepoints. It adds the ability to toggle the entry/exit of each syscall
via the standard events/syscalls/syscall_blah/enable interface. The 
implementation is done by adding 2 tracepoints. One on entry and one for exit.

This implementation required a few 'core' api changes. I've added 
'DECLARE_TRACE_REG()' macro which takes a register and and an unregister
function as arguments. This allowed me to toggle the ftrace tif flag
when the first tracepoint callback is added and the last is removed. Current
callers of 'DECLARE_TRACE()' are not impacted.

Another change was to call arch_init_ftrace_syscalls via an 'arch_initall'. In
this implmentation I needed to access the syscalls_metadata structure at
runtime in order to determine which syscalls were 'traceable'. Although the
implementation uses SYSCALL_DEFINE() to set up the the trace events, for
some reason at runtime there is no syscalls_metadata, associated with some of
the SYSCALL_DEFINE() calls. I'm not quite sure why that is. However, by
calling arch_init_ftrace_syscalls() at boot I can make sure the lists are in
sync.

thanks,

-Jason 


 arch/x86/include/asm/ftrace.h |    4 +-
 arch/x86/kernel/ftrace.c      |   24 +++++-
 arch/x86/kernel/ptrace.c      |    6 +-
 include/linux/syscalls.h      |   63 +++++++++++++++
 include/linux/tracepoint.h    |   27 ++++++-
 include/trace/syscall.h       |   37 +++++++---
 kernel/trace/trace_events.c   |   29 +++++---
 kernel/trace/trace_syscalls.c |  172 +++++++++++++++++++----------------------
 kernel/tracepoint.c           |   38 +++++++++
 9 files changed, 278 insertions(+), 122 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ