|
 |
cab4ad |
From f614583a605f4c23d2f6e1a2ad31e089d10f8d8e Mon Sep 17 00:00:00 2001
|
|
|
cab4ad |
From: Serhei Makarov <smakarov@redhat.com>
|
|
|
cab4ad |
Date: Tue, 16 Oct 2018 18:17:25 -0400
|
|
|
cab4ad |
Subject: [PATCH 06/32] stapbpf assembler WIP #5 :: basic kernel_string()
|
|
|
cab4ad |
implementation
|
|
|
cab4ad |
|
|
|
cab4ad |
---
|
|
|
cab4ad |
tapset/bpf/conversions.stp | 108 +++++++++++++++++++++++++++++++++++++++++++++
|
|
|
cab4ad |
1 file changed, 108 insertions(+)
|
|
|
cab4ad |
create mode 100644 tapset/bpf/conversions.stp
|
|
|
cab4ad |
|
|
|
cab4ad |
diff --git a/tapset/bpf/conversions.stp b/tapset/bpf/conversions.stp
|
|
|
cab4ad |
new file mode 100644
|
|
|
cab4ad |
index 000000000..d741ec584
|
|
|
cab4ad |
--- /dev/null
|
|
|
cab4ad |
+++ b/tapset/bpf/conversions.stp
|
|
|
cab4ad |
@@ -0,0 +1,108 @@
|
|
|
cab4ad |
+// conversions tapset -- eBPF version
|
|
|
cab4ad |
+// Copyright (C) 2018 Red Hat Inc.
|
|
|
cab4ad |
+//
|
|
|
cab4ad |
+// This file is part of systemtap, and is free software. You can
|
|
|
cab4ad |
+// redistribute it and/or modify it under the terms of the GNU General
|
|
|
cab4ad |
+// Public License (GPL); either version 2, or (at your option) any
|
|
|
cab4ad |
+// later version.
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+/**
|
|
|
cab4ad |
+ * sfunction kernel_string - Retrieves string from kernel memory
|
|
|
cab4ad |
+ * @addr: The kernel address to retrieve the string from
|
|
|
cab4ad |
+ *
|
|
|
cab4ad |
+ * Description: This function returns the null terminated C string
|
|
|
cab4ad |
+ * from a given kernel memory address. Reports an error on string
|
|
|
cab4ad |
+ * copy fault.
|
|
|
cab4ad |
+ */
|
|
|
cab4ad |
+function kernel_string:string (addr:long) {
|
|
|
cab4ad |
+ return kernel_string_n(addr, 64 /*TODO: define BPF_MAXSTRINGLEN*/)
|
|
|
cab4ad |
+}
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_string:string(addr:long, err_msg:string)
|
|
|
cab4ad |
+// TODO kernel_string2:string(addr:long, err_msg:string)
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+/**
|
|
|
cab4ad |
+ * sfunction kernel_string - Retrieves string from kernel memory with alternative error string
|
|
|
cab4ad |
+ * @addr: The kernel address to retrieve the string from
|
|
|
cab4ad |
+ * @err_msg: The error message to return when data isn't available
|
|
|
cab4ad |
+ *
|
|
|
cab4ad |
+ * Description: This function returns the null terminated C string
|
|
|
cab4ad |
+ * from a given kernel memory address. Reports the given error message
|
|
|
cab4ad |
+ * on string copy fault.
|
|
|
cab4ad |
+ */
|
|
|
cab4ad |
+function kernel_string:string (addr:long, err_msg:string)
|
|
|
cab4ad |
+%{ /* bpf */ /* pure */
|
|
|
cab4ad |
+ /* buf = bpf_stk_alloc(BPF_MAXSTRINGLEN);
|
|
|
cab4ad |
+ buf[0] = 0x0; // guarantee NUL byte
|
|
|
cab4ad |
+ rc = bpf_probe_read_str(buf, n, addr); */
|
|
|
cab4ad |
+ alloc, $buf, BPF_MAXSTRINGLEN;
|
|
|
cab4ad |
+ 0x62, $buf, -, -, 0x0; /* stw [$buf+0], 0x0 -- guarantee NUL byte */
|
|
|
cab4ad |
+ call, $rc, bpf_probe_read_str, $buf, BPF_MAXSTRINGLEN, $addr;
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+ /* if (rc < 0) return err_msg;
|
|
|
cab4ad |
+ return buf; */
|
|
|
cab4ad |
+ 0xa5, rc, 0, _err, -; /* jlt $rc, 0, _err */
|
|
|
cab4ad |
+ 0xbf, $$, $buf, -, -; /* mov $$, $buf */
|
|
|
cab4ad |
+ 0x05, -, -, _done, -; /* ja _done; */
|
|
|
cab4ad |
+ label, _err;
|
|
|
cab4ad |
+ 0xbf, $$, $err_msg, -, -; /* mov $$, $err_msg */
|
|
|
cab4ad |
+ label, _done;
|
|
|
cab4ad |
+%}
|
|
|
cab4ad |
+function kernel_string2:string (addr:long, err_msg:string) {
|
|
|
cab4ad |
+ return kernel_string(addr, err_msg);
|
|
|
cab4ad |
+}
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_string_quoted:string(addr:long) -- requires pseudo-loop to quote unprintable chars
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+/**
|
|
|
cab4ad |
+ * sfunction kernel_string_n - Retrieves string of given length from kernel memory
|
|
|
cab4ad |
+ * @addr: The kernel address to retrieve the string from
|
|
|
cab4ad |
+ * @n: The maximum length of the string (if not null terminated)
|
|
|
cab4ad |
+ *
|
|
|
cab4ad |
+ * Description: Returns the C string of a maximum given length from a
|
|
|
cab4ad |
+ * given kernel memory address. Reports an error on string copy fault.
|
|
|
cab4ad |
+ */
|
|
|
cab4ad |
+function kernel_string_n:string (addr:long, n:long)
|
|
|
cab4ad |
+%{ /* bpf */ /* pure */
|
|
|
cab4ad |
+ /* if (n > BPF_MAXSTRINGLEN) n = BPF_MAXSTRINGLEN; */
|
|
|
cab4ad |
+ 0xb5, $n, -, _skip, BPF_MAXSTRINGLEN; /* jle n, BPF_MAXSTRINGLEN, _skip */
|
|
|
cab4ad |
+ 0xb7, $n, -, -, BPF_MAXSTRINGLEN; /* mov $n, BPF_MAXSTRINGLEN */
|
|
|
cab4ad |
+ label, _skip;
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+ /* buf = bpf_stk_alloc(BPF_MAXSTRINGLEN);
|
|
|
cab4ad |
+ buf[0] = 0x0; // guarantee NUL byte
|
|
|
cab4ad |
+ rc = bpf_probe_read_str(buf, n, addr); */
|
|
|
cab4ad |
+ alloc, $buf, BPF_MAXSTRINGLEN;
|
|
|
cab4ad |
+ 0x62, $buf, -, -, 0x0; /* stw [buf+0], 0 -- guarantee NUL byte */
|
|
|
cab4ad |
+ call, $rc, probe_read_str, $buf, $n, $addr; /* TODO: should work with bpf_probe_read_str too */
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+ /* TODO pending implementation of error */
|
|
|
cab4ad |
+ /* if (rc < 0) error("...", addr); */
|
|
|
cab4ad |
+ /*0x35, $rc, 0, _done, -; /* jge rc, 0, _done */
|
|
|
cab4ad |
+ /*error, "kernel string copy fault at 0x%p [man error::fault]", $addr; /* TODO document bpf version of error::fault */
|
|
|
cab4ad |
+ /*label, _done;*/
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+ /* return buf; */
|
|
|
cab4ad |
+ 0xbf, $$, $buf, -, -; /* mov $$, buf */
|
|
|
cab4ad |
+%}
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_string_utf32:string(addr:long)
|
|
|
cab4ad |
+// TODO kernel_string_utf32:string(addr:long,err_msg:string)
|
|
|
cab4ad |
+// TODO kernel_string2_utf32:string(addr:long,err_msg:string)
|
|
|
cab4ad |
+// TODO kernel_string_quoted_utf32:string(addr:long)
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_string_utf16:string(addr:long)
|
|
|
cab4ad |
+// TODO kernel_string_utf16:string(addr:long,err_msg:string)
|
|
|
cab4ad |
+// TODO kernel_string2_utf16:string(addr:long,err_msg:string)
|
|
|
cab4ad |
+// TODO kernel_string_quoted_utf16:string(addr:long)
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_long:long(addr:long)
|
|
|
cab4ad |
+// TODO kernel_int:long(addr:long)
|
|
|
cab4ad |
+// TODO kernel_short:long(addr:long)
|
|
|
cab4ad |
+// TODO kernel_char:long(addr:long)
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_pointer:long(addr:long)
|
|
|
cab4ad |
+
|
|
|
cab4ad |
+// TODO kernel_buffer_quoted:string(addr:long,inlen:long)
|
|
|
cab4ad |
+// TODO kernel_buffer_quoted:string(addr:long,inlen:long,outlen:long)
|
|
|
cab4ad |
+// TODO kernel_buffer_quoted_error:string(addr:long,inlen:long,outlen:long)
|
|
|
cab4ad |
--
|
|
|
cab4ad |
2.14.5
|
|
|
cab4ad |
|