|
 |
e4e640 |
commit aacee6563b7fd835b9a21e4ae5a0b4f7f743c7ef
|
|
|
e4e640 |
Author: Martin Cermak <mcermak@redhat.com>
|
|
|
e4e640 |
Date: Thu Dec 6 13:52:20 2018 +0100
|
|
|
e4e640 |
|
|
|
e4e640 |
Make sysc_bdflush.stp compatible with 4.17+ kernels.
|
|
|
e4e640 |
|
|
|
e4e640 |
The bdflush syscall itself appears to be obsolete since 2.6,
|
|
|
e4e640 |
but this way we at least won't end up with pass 1 "resolution
|
|
|
e4e640 |
failed in alias expansion builder" when randomly probing for it.
|
|
|
e4e640 |
There is an old customer rh bz 544960 related to bdflush.
|
|
|
e4e640 |
|
|
|
e4e640 |
diff --git a/tapset/linux/sysc_bdflush.stp b/tapset/linux/sysc_bdflush.stp
|
|
|
e4e640 |
index 0798964..48a04b9 100644
|
|
|
e4e640 |
--- a/tapset/linux/sysc_bdflush.stp
|
|
|
e4e640 |
+++ b/tapset/linux/sysc_bdflush.stp
|
|
|
e4e640 |
@@ -11,6 +11,12 @@
|
|
|
e4e640 |
argstr = sprintf("%d, %s", func, data_str)
|
|
|
e4e640 |
%)
|
|
|
e4e640 |
|
|
|
e4e640 |
+@define _SYSCALL_BDFLUSH_REGARGS
|
|
|
e4e640 |
+%(
|
|
|
e4e640 |
+ func = int_arg(1)
|
|
|
e4e640 |
+ data = long_arg(2)
|
|
|
e4e640 |
+%)
|
|
|
e4e640 |
+
|
|
|
e4e640 |
probe syscall.bdflush = dw_syscall.bdflush !, nd_syscall.bdflush ? {}
|
|
|
e4e640 |
probe syscall.bdflush.return = dw_syscall.bdflush.return !, nd_syscall.bdflush.return ? {}
|
|
|
e4e640 |
|
|
|
e4e640 |
@@ -35,20 +41,72 @@ probe dw_syscall.bdflush.return = kernel.function("sys_bdflush").return ?
|
|
|
e4e640 |
|
|
|
e4e640 |
# nd_bdflush _____________________________________________________
|
|
|
e4e640 |
|
|
|
e4e640 |
-probe nd_syscall.bdflush = kprobe.function("sys_bdflush") ?
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+probe nd_syscall.bdflush = nd1_syscall.bdflush!, nd2_syscall.bdflush!, tp_syscall.bdflush
|
|
|
e4e640 |
+{
|
|
|
e4e640 |
+}
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+probe nd1_syscall.bdflush = kprobe.function("sys_bdflush") ?
|
|
|
e4e640 |
{
|
|
|
e4e640 |
@_SYSCALL_BDFLUSH_NAME
|
|
|
e4e640 |
asmlinkage()
|
|
|
e4e640 |
- func = int_arg(1)
|
|
|
e4e640 |
- data = long_arg(2)
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_REGARGS
|
|
|
e4e640 |
if ((func >= 2) && (func % 2 == 0))
|
|
|
e4e640 |
data_str = sprintf("%p", data)
|
|
|
e4e640 |
else
|
|
|
e4e640 |
data_str = sprintf("%d", data)
|
|
|
e4e640 |
@_SYSCALL_BDFLUSH_ARGSTR
|
|
|
e4e640 |
}
|
|
|
e4e640 |
-probe nd_syscall.bdflush.return = kprobe.function("sys_bdflush").return ?
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+/* kernel 4.17+ */
|
|
|
e4e640 |
+probe nd2_syscall.bdflush = kprobe.function(@arch_syscall_prefix "sys_bdflush") ?
|
|
|
e4e640 |
+{
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_NAME
|
|
|
e4e640 |
+ asmlinkage()
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_REGARGS
|
|
|
e4e640 |
+ if ((func >= 2) && (func % 2 == 0))
|
|
|
e4e640 |
+ data_str = sprintf("%p", data)
|
|
|
e4e640 |
+ else
|
|
|
e4e640 |
+ data_str = sprintf("%d", data)
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_ARGSTR
|
|
|
e4e640 |
+}
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+/* kernel 3.5+, but undesirable because it affects all syscalls */
|
|
|
e4e640 |
+probe tp_syscall.bdflush = kernel.trace("sys_enter")
|
|
|
e4e640 |
+{
|
|
|
e4e640 |
+ __set_syscall_pt_regs($regs)
|
|
|
e4e640 |
+ @__syscall_compat_gate(@const("__NR_bdflush"), @const("__NR_compat_bdflush"))
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_NAME
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_REGARGS
|
|
|
e4e640 |
+ if ((func >= 2) && (func % 2 == 0))
|
|
|
e4e640 |
+ data_str = sprintf("%p", data)
|
|
|
e4e640 |
+ else
|
|
|
e4e640 |
+ data_str = sprintf("%d", data)
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_ARGSTR
|
|
|
e4e640 |
+}
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+probe nd_syscall.bdflush.return = nd1_syscall.bdflush.return!, nd2_syscall.bdflush.return!, tp_syscall.bdflush.return
|
|
|
e4e640 |
+{
|
|
|
e4e640 |
+}
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+probe nd1_syscall.bdflush.return = kprobe.function("sys_bdflush").return ?
|
|
|
e4e640 |
+{
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_NAME
|
|
|
e4e640 |
+ @SYSC_RETVALSTR(returnval())
|
|
|
e4e640 |
+}
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+/* kernel 4.17+ */
|
|
|
e4e640 |
+probe nd2_syscall.bdflush.return = kprobe.function(@arch_syscall_prefix "sys_bdflush").return ?
|
|
|
e4e640 |
{
|
|
|
e4e640 |
@_SYSCALL_BDFLUSH_NAME
|
|
|
e4e640 |
@SYSC_RETVALSTR(returnval())
|
|
|
e4e640 |
}
|
|
|
e4e640 |
+
|
|
|
e4e640 |
+/* kernel 3.5+, but undesirable because it affects all syscalls */
|
|
|
e4e640 |
+probe tp_syscall.bdflush.return = kernel.trace("sys_exit")
|
|
|
e4e640 |
+{
|
|
|
e4e640 |
+ __set_syscall_pt_regs($regs)
|
|
|
e4e640 |
+ @__syscall_compat_gate(@const("__NR_bdflush"), @const("__NR_compat_bdflush"))
|
|
|
e4e640 |
+ @_SYSCALL_BDFLUSH_NAME
|
|
|
e4e640 |
+ @SYSC_RETVALSTR($ret)
|
|
|
e4e640 |
+}
|