lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 19 Aug 2009 19:43:26 +0200
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Jason Baron <jbaron@...hat.com>
Cc:	Josh Stone <jistone@...hat.com>, linux-kernel@...r.kernel.org,
	mingo@...e.hu, laijs@...fujitsu.com, rostedt@...dmis.org,
	peterz@...radead.org, mathieu.desnoyers@...ymtl.ca,
	jiayingz@...gle.com, mbligh@...gle.com, lizf@...fujitsu.com
Subject: Re: [PATCH] tracing: Create generic syscall TRACE_EVENTs

On Wed, Aug 19, 2009 at 12:16:52PM -0400, Jason Baron wrote:
> On Tue, Aug 18, 2009 at 03:25:59PM -0700, Josh Stone wrote:
> > This converts the syscall_enter/exit tracepoints into TRACE_EVENTs, so
> > you can have generic ftrace events that capture all system calls with
> > arguments and return values.
> > 
> > The existing event_syscall_enter/exit trace_event structs are renamed to
> > event_sys_enter/exit, so they don't conflict with the names generated
> > automatically by ftrace.
> > 
> > Signed-off-by: Josh Stone <jistone@...hat.com>
> > Cc: Jason Baron <jbaron@...hat.com>
> > ---
> >  arch/s390/kernel/ptrace.c       |    3 ++
> >  arch/x86/kernel/ptrace.c        |    8 ++---
> >  include/linux/syscalls.h        |    4 +-
> >  include/trace/events/syscalls.h |   66 +++++++++++++++++++++++++++++++++++++++
> >  include/trace/syscall.h         |   17 +---------
> >  kernel/trace/trace_syscalls.c   |    5 ++-
> >  6 files changed, 79 insertions(+), 24 deletions(-)
> >  create mode 100644 include/trace/events/syscalls.h
> > 
> > diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c
> > index 05f57cd..8730fa7 100644
> > --- a/arch/s390/kernel/ptrace.c
> > +++ b/arch/s390/kernel/ptrace.c
> > @@ -51,6 +51,9 @@
> >  #include "compat_ptrace.h"
> >  #endif
> >  
> > +#define CREATE_TRACE_POINTS
> > +#include <trace/events/syscalls.h>
> > +
> >  enum s390_regset {
> >  	REGSET_GENERAL,
> >  	REGSET_FP,
> 
> this will have to be rebased to remove the new s390 DECLARE_TRACE()
> calls here like x86.
> 
> > diff --git a/arch/x86/kernel/ptrace.c b/arch/x86/kernel/ptrace.c
> > index 692fc14..530ff6f 100644
> > --- a/arch/x86/kernel/ptrace.c
> > +++ b/arch/x86/kernel/ptrace.c
> > @@ -35,13 +35,11 @@
> >  #include <asm/proto.h>
> >  #include <asm/ds.h>
> >  
> > -#include <trace/syscall.h>
> > -
> > -DEFINE_TRACE_WITH_CALLBACK(syscall_enter, syscall_regfunc, syscall_unregfunc);
> > -DEFINE_TRACE_WITH_CALLBACK(syscall_exit, syscall_regfunc, syscall_unregfunc);
> > -
> >  #include "tls.h"
> >  
> > +#define CREATE_TRACE_POINTS
> > +#include <trace/events/syscalls.h>
> > +
> >  enum x86_regset {
> >  	REGSET_GENERAL,
> >  	REGSET_FP,
> > diff --git a/include/linux/syscalls.h b/include/linux/syscalls.h
> > index 87d06c1..19b49fd 100644
> > --- a/include/linux/syscalls.h
> > +++ b/include/linux/syscalls.h
> > @@ -187,7 +187,7 @@ static void prof_sysexit_disable_##sname(struct ftrace_event_call *event_call) \
> >  	  event_enter_##sname = {					\
> >  		.name                   = "sys_enter"#sname,		\
> >  		.system                 = "syscalls",			\
> > -		.event                  = &event_syscall_enter,		\
> > +		.event                  = &event_sys_enter,		\
> >  		.raw_init		= init_enter_##sname,		\
> >  		.show_format		= ftrace_format_syscall,	\
> >  		.regfunc		= reg_event_syscall_enter,	\
> > @@ -223,7 +223,7 @@ static void prof_sysexit_disable_##sname(struct ftrace_event_call *event_call) \
> >  	  event_exit_##sname = {					\
> >  		.name                   = "sys_exit"#sname,		\
> >  		.system                 = "syscalls",			\
> > -		.event                  = &event_syscall_exit,		\
> > +		.event                  = &event_sys_exit,		\
> >  		.raw_init		= init_exit_##sname,		\
> >  		.regfunc		= reg_event_syscall_exit,	\
> >  		.unregfunc		= unreg_event_syscall_exit,	\
> > diff --git a/include/trace/events/syscalls.h b/include/trace/events/syscalls.h
> > new file mode 100644
> > index 0000000..75ccc61
> > --- /dev/null
> > +++ b/include/trace/events/syscalls.h
> > @@ -0,0 +1,66 @@
> > +#undef TRACE_SYSTEM
> > +#define TRACE_SYSTEM syscalls
> > +
> > +#if !defined(_TRACE_EVENTS_SYSCALL_H) || defined(TRACE_HEADER_MULTI_READ)
> > +#define _TRACE_EVENTS_SYSCALL_H
> > +
> > +#include <linux/tracepoint.h>
> > +
> > +#include <asm/ptrace.h>
> > +#include <asm/syscall.h>
> > +
> > +extern void syscall_regfunc(void);
> > +extern void syscall_unregfunc(void);
> > +
> > +
> > +TRACE_EVENT_WITH_CALLBACK(syscall_enter,
> > +
> 
> do we want to call this something like, 'syscall_enter_generic'? to make
> it more clear this is the high level syscall tracepoint. similar for
> exit.


Yeah, that would be indeed less confusing.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ