1 | // SPDX-License-Identifier: GPL-2.0 |
2 | /* |
3 | * Kprobes-based tracing events |
4 | * |
5 | * Created by Masami Hiramatsu <mhiramat@redhat.com> |
6 | * |
7 | */ |
8 | #define pr_fmt(fmt) "trace_kprobe: " fmt |
9 | |
10 | #include <linux/bpf-cgroup.h> |
11 | #include <linux/security.h> |
12 | #include <linux/module.h> |
13 | #include <linux/uaccess.h> |
14 | #include <linux/rculist.h> |
15 | #include <linux/error-injection.h> |
16 | |
17 | #include <asm/setup.h> /* for COMMAND_LINE_SIZE */ |
18 | |
19 | #include "trace_dynevent.h" |
20 | #include "trace_kprobe_selftest.h" |
21 | #include "trace_probe.h" |
22 | #include "trace_probe_tmpl.h" |
23 | #include "trace_probe_kernel.h" |
24 | |
25 | #define KPROBE_EVENT_SYSTEM "kprobes" |
26 | #define KRETPROBE_MAXACTIVE_MAX 4096 |
27 | |
28 | /* Kprobe early definition from command line */ |
29 | static char kprobe_boot_events_buf[COMMAND_LINE_SIZE] __initdata; |
30 | |
31 | static int __init set_kprobe_boot_events(char *str) |
32 | { |
33 | strscpy(p: kprobe_boot_events_buf, q: str, COMMAND_LINE_SIZE); |
34 | disable_tracing_selftest(reason: "running kprobe events" ); |
35 | |
36 | return 1; |
37 | } |
38 | __setup("kprobe_event=" , set_kprobe_boot_events); |
39 | |
40 | static int trace_kprobe_create(const char *raw_command); |
41 | static int trace_kprobe_show(struct seq_file *m, struct dyn_event *ev); |
42 | static int trace_kprobe_release(struct dyn_event *ev); |
43 | static bool trace_kprobe_is_busy(struct dyn_event *ev); |
44 | static bool trace_kprobe_match(const char *system, const char *event, |
45 | int argc, const char **argv, struct dyn_event *ev); |
46 | |
47 | static struct dyn_event_operations trace_kprobe_ops = { |
48 | .create = trace_kprobe_create, |
49 | .show = trace_kprobe_show, |
50 | .is_busy = trace_kprobe_is_busy, |
51 | .free = trace_kprobe_release, |
52 | .match = trace_kprobe_match, |
53 | }; |
54 | |
55 | /* |
56 | * Kprobe event core functions |
57 | */ |
58 | struct trace_kprobe { |
59 | struct dyn_event devent; |
60 | struct kretprobe rp; /* Use rp.kp for kprobe use */ |
61 | unsigned long __percpu *nhit; |
62 | const char *symbol; /* symbol name */ |
63 | struct trace_probe tp; |
64 | }; |
65 | |
66 | static bool is_trace_kprobe(struct dyn_event *ev) |
67 | { |
68 | return ev->ops == &trace_kprobe_ops; |
69 | } |
70 | |
71 | static struct trace_kprobe *to_trace_kprobe(struct dyn_event *ev) |
72 | { |
73 | return container_of(ev, struct trace_kprobe, devent); |
74 | } |
75 | |
76 | /** |
77 | * for_each_trace_kprobe - iterate over the trace_kprobe list |
78 | * @pos: the struct trace_kprobe * for each entry |
79 | * @dpos: the struct dyn_event * to use as a loop cursor |
80 | */ |
81 | #define for_each_trace_kprobe(pos, dpos) \ |
82 | for_each_dyn_event(dpos) \ |
83 | if (is_trace_kprobe(dpos) && (pos = to_trace_kprobe(dpos))) |
84 | |
85 | static nokprobe_inline bool trace_kprobe_is_return(struct trace_kprobe *tk) |
86 | { |
87 | return tk->rp.handler != NULL; |
88 | } |
89 | |
90 | static nokprobe_inline const char *trace_kprobe_symbol(struct trace_kprobe *tk) |
91 | { |
92 | return tk->symbol ? tk->symbol : "unknown" ; |
93 | } |
94 | |
95 | static nokprobe_inline unsigned long trace_kprobe_offset(struct trace_kprobe *tk) |
96 | { |
97 | return tk->rp.kp.offset; |
98 | } |
99 | |
100 | static nokprobe_inline bool trace_kprobe_has_gone(struct trace_kprobe *tk) |
101 | { |
102 | return kprobe_gone(p: &tk->rp.kp); |
103 | } |
104 | |
105 | static nokprobe_inline bool trace_kprobe_within_module(struct trace_kprobe *tk, |
106 | struct module *mod) |
107 | { |
108 | int len = strlen(module_name(mod)); |
109 | const char *name = trace_kprobe_symbol(tk); |
110 | |
111 | return strncmp(module_name(mod), name, len) == 0 && name[len] == ':'; |
112 | } |
113 | |
114 | static nokprobe_inline bool trace_kprobe_module_exist(struct trace_kprobe *tk) |
115 | { |
116 | char *p; |
117 | bool ret; |
118 | |
119 | if (!tk->symbol) |
120 | return false; |
121 | p = strchr(tk->symbol, ':'); |
122 | if (!p) |
123 | return true; |
124 | *p = '\0'; |
125 | rcu_read_lock_sched(); |
126 | ret = !!find_module(name: tk->symbol); |
127 | rcu_read_unlock_sched(); |
128 | *p = ':'; |
129 | |
130 | return ret; |
131 | } |
132 | |
133 | static bool trace_kprobe_is_busy(struct dyn_event *ev) |
134 | { |
135 | struct trace_kprobe *tk = to_trace_kprobe(ev); |
136 | |
137 | return trace_probe_is_enabled(tp: &tk->tp); |
138 | } |
139 | |
140 | static bool trace_kprobe_match_command_head(struct trace_kprobe *tk, |
141 | int argc, const char **argv) |
142 | { |
143 | char buf[MAX_ARGSTR_LEN + 1]; |
144 | |
145 | if (!argc) |
146 | return true; |
147 | |
148 | if (!tk->symbol) |
149 | snprintf(buf, size: sizeof(buf), fmt: "0x%p" , tk->rp.kp.addr); |
150 | else if (tk->rp.kp.offset) |
151 | snprintf(buf, size: sizeof(buf), fmt: "%s+%u" , |
152 | trace_kprobe_symbol(tk), tk->rp.kp.offset); |
153 | else |
154 | snprintf(buf, size: sizeof(buf), fmt: "%s" , trace_kprobe_symbol(tk)); |
155 | if (strcmp(buf, argv[0])) |
156 | return false; |
157 | argc--; argv++; |
158 | |
159 | return trace_probe_match_command_args(tp: &tk->tp, argc, argv); |
160 | } |
161 | |
162 | static bool trace_kprobe_match(const char *system, const char *event, |
163 | int argc, const char **argv, struct dyn_event *ev) |
164 | { |
165 | struct trace_kprobe *tk = to_trace_kprobe(ev); |
166 | |
167 | return (event[0] == '\0' || |
168 | strcmp(trace_probe_name(tp: &tk->tp), event) == 0) && |
169 | (!system || strcmp(trace_probe_group_name(tp: &tk->tp), system) == 0) && |
170 | trace_kprobe_match_command_head(tk, argc, argv); |
171 | } |
172 | |
173 | static nokprobe_inline unsigned long trace_kprobe_nhit(struct trace_kprobe *tk) |
174 | { |
175 | unsigned long nhit = 0; |
176 | int cpu; |
177 | |
178 | for_each_possible_cpu(cpu) |
179 | nhit += *per_cpu_ptr(tk->nhit, cpu); |
180 | |
181 | return nhit; |
182 | } |
183 | |
184 | static nokprobe_inline bool trace_kprobe_is_registered(struct trace_kprobe *tk) |
185 | { |
186 | return !(list_empty(head: &tk->rp.kp.list) && |
187 | hlist_unhashed(h: &tk->rp.kp.hlist)); |
188 | } |
189 | |
190 | /* Return 0 if it fails to find the symbol address */ |
191 | static nokprobe_inline |
192 | unsigned long trace_kprobe_address(struct trace_kprobe *tk) |
193 | { |
194 | unsigned long addr; |
195 | |
196 | if (tk->symbol) { |
197 | addr = (unsigned long) |
198 | kallsyms_lookup_name(name: trace_kprobe_symbol(tk)); |
199 | if (addr) |
200 | addr += tk->rp.kp.offset; |
201 | } else { |
202 | addr = (unsigned long)tk->rp.kp.addr; |
203 | } |
204 | return addr; |
205 | } |
206 | |
207 | static nokprobe_inline struct trace_kprobe * |
208 | trace_kprobe_primary_from_call(struct trace_event_call *call) |
209 | { |
210 | struct trace_probe *tp; |
211 | |
212 | tp = trace_probe_primary_from_call(call); |
213 | if (WARN_ON_ONCE(!tp)) |
214 | return NULL; |
215 | |
216 | return container_of(tp, struct trace_kprobe, tp); |
217 | } |
218 | |
219 | bool trace_kprobe_on_func_entry(struct trace_event_call *call) |
220 | { |
221 | struct trace_kprobe *tk = trace_kprobe_primary_from_call(call); |
222 | |
223 | return tk ? (kprobe_on_func_entry(addr: tk->rp.kp.addr, |
224 | sym: tk->rp.kp.addr ? NULL : tk->rp.kp.symbol_name, |
225 | offset: tk->rp.kp.addr ? 0 : tk->rp.kp.offset) == 0) : false; |
226 | } |
227 | |
228 | bool trace_kprobe_error_injectable(struct trace_event_call *call) |
229 | { |
230 | struct trace_kprobe *tk = trace_kprobe_primary_from_call(call); |
231 | |
232 | return tk ? within_error_injection_list(addr: trace_kprobe_address(tk)) : |
233 | false; |
234 | } |
235 | |
236 | static int register_kprobe_event(struct trace_kprobe *tk); |
237 | static int unregister_kprobe_event(struct trace_kprobe *tk); |
238 | |
239 | static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs); |
240 | static int kretprobe_dispatcher(struct kretprobe_instance *ri, |
241 | struct pt_regs *regs); |
242 | |
243 | static void free_trace_kprobe(struct trace_kprobe *tk) |
244 | { |
245 | if (tk) { |
246 | trace_probe_cleanup(tp: &tk->tp); |
247 | kfree(objp: tk->symbol); |
248 | free_percpu(pdata: tk->nhit); |
249 | kfree(objp: tk); |
250 | } |
251 | } |
252 | |
253 | /* |
254 | * Allocate new trace_probe and initialize it (including kprobes). |
255 | */ |
256 | static struct trace_kprobe *alloc_trace_kprobe(const char *group, |
257 | const char *event, |
258 | void *addr, |
259 | const char *symbol, |
260 | unsigned long offs, |
261 | int maxactive, |
262 | int nargs, bool is_return) |
263 | { |
264 | struct trace_kprobe *tk; |
265 | int ret = -ENOMEM; |
266 | |
267 | tk = kzalloc(struct_size(tk, tp.args, nargs), GFP_KERNEL); |
268 | if (!tk) |
269 | return ERR_PTR(error: ret); |
270 | |
271 | tk->nhit = alloc_percpu(unsigned long); |
272 | if (!tk->nhit) |
273 | goto error; |
274 | |
275 | if (symbol) { |
276 | tk->symbol = kstrdup(s: symbol, GFP_KERNEL); |
277 | if (!tk->symbol) |
278 | goto error; |
279 | tk->rp.kp.symbol_name = tk->symbol; |
280 | tk->rp.kp.offset = offs; |
281 | } else |
282 | tk->rp.kp.addr = addr; |
283 | |
284 | if (is_return) |
285 | tk->rp.handler = kretprobe_dispatcher; |
286 | else |
287 | tk->rp.kp.pre_handler = kprobe_dispatcher; |
288 | |
289 | tk->rp.maxactive = maxactive; |
290 | INIT_HLIST_NODE(h: &tk->rp.kp.hlist); |
291 | INIT_LIST_HEAD(list: &tk->rp.kp.list); |
292 | |
293 | ret = trace_probe_init(tp: &tk->tp, event, group, alloc_filter: false); |
294 | if (ret < 0) |
295 | goto error; |
296 | |
297 | dyn_event_init(ev: &tk->devent, ops: &trace_kprobe_ops); |
298 | return tk; |
299 | error: |
300 | free_trace_kprobe(tk); |
301 | return ERR_PTR(error: ret); |
302 | } |
303 | |
304 | static struct trace_kprobe *find_trace_kprobe(const char *event, |
305 | const char *group) |
306 | { |
307 | struct dyn_event *pos; |
308 | struct trace_kprobe *tk; |
309 | |
310 | for_each_trace_kprobe(tk, pos) |
311 | if (strcmp(trace_probe_name(tp: &tk->tp), event) == 0 && |
312 | strcmp(trace_probe_group_name(tp: &tk->tp), group) == 0) |
313 | return tk; |
314 | return NULL; |
315 | } |
316 | |
317 | static inline int __enable_trace_kprobe(struct trace_kprobe *tk) |
318 | { |
319 | int ret = 0; |
320 | |
321 | if (trace_kprobe_is_registered(tk) && !trace_kprobe_has_gone(tk)) { |
322 | if (trace_kprobe_is_return(tk)) |
323 | ret = enable_kretprobe(rp: &tk->rp); |
324 | else |
325 | ret = enable_kprobe(kp: &tk->rp.kp); |
326 | } |
327 | |
328 | return ret; |
329 | } |
330 | |
331 | static void __disable_trace_kprobe(struct trace_probe *tp) |
332 | { |
333 | struct trace_kprobe *tk; |
334 | |
335 | list_for_each_entry(tk, trace_probe_probe_list(tp), tp.list) { |
336 | if (!trace_kprobe_is_registered(tk)) |
337 | continue; |
338 | if (trace_kprobe_is_return(tk)) |
339 | disable_kretprobe(rp: &tk->rp); |
340 | else |
341 | disable_kprobe(kp: &tk->rp.kp); |
342 | } |
343 | } |
344 | |
345 | /* |
346 | * Enable trace_probe |
347 | * if the file is NULL, enable "perf" handler, or enable "trace" handler. |
348 | */ |
349 | static int enable_trace_kprobe(struct trace_event_call *call, |
350 | struct trace_event_file *file) |
351 | { |
352 | struct trace_probe *tp; |
353 | struct trace_kprobe *tk; |
354 | bool enabled; |
355 | int ret = 0; |
356 | |
357 | tp = trace_probe_primary_from_call(call); |
358 | if (WARN_ON_ONCE(!tp)) |
359 | return -ENODEV; |
360 | enabled = trace_probe_is_enabled(tp); |
361 | |
362 | /* This also changes "enabled" state */ |
363 | if (file) { |
364 | ret = trace_probe_add_file(tp, file); |
365 | if (ret) |
366 | return ret; |
367 | } else |
368 | trace_probe_set_flag(tp, TP_FLAG_PROFILE); |
369 | |
370 | if (enabled) |
371 | return 0; |
372 | |
373 | list_for_each_entry(tk, trace_probe_probe_list(tp), tp.list) { |
374 | if (trace_kprobe_has_gone(tk)) |
375 | continue; |
376 | ret = __enable_trace_kprobe(tk); |
377 | if (ret) |
378 | break; |
379 | enabled = true; |
380 | } |
381 | |
382 | if (ret) { |
383 | /* Failed to enable one of them. Roll back all */ |
384 | if (enabled) |
385 | __disable_trace_kprobe(tp); |
386 | if (file) |
387 | trace_probe_remove_file(tp, file); |
388 | else |
389 | trace_probe_clear_flag(tp, TP_FLAG_PROFILE); |
390 | } |
391 | |
392 | return ret; |
393 | } |
394 | |
395 | /* |
396 | * Disable trace_probe |
397 | * if the file is NULL, disable "perf" handler, or disable "trace" handler. |
398 | */ |
399 | static int disable_trace_kprobe(struct trace_event_call *call, |
400 | struct trace_event_file *file) |
401 | { |
402 | struct trace_probe *tp; |
403 | |
404 | tp = trace_probe_primary_from_call(call); |
405 | if (WARN_ON_ONCE(!tp)) |
406 | return -ENODEV; |
407 | |
408 | if (file) { |
409 | if (!trace_probe_get_file_link(tp, file)) |
410 | return -ENOENT; |
411 | if (!trace_probe_has_single_file(tp)) |
412 | goto out; |
413 | trace_probe_clear_flag(tp, TP_FLAG_TRACE); |
414 | } else |
415 | trace_probe_clear_flag(tp, TP_FLAG_PROFILE); |
416 | |
417 | if (!trace_probe_is_enabled(tp)) |
418 | __disable_trace_kprobe(tp); |
419 | |
420 | out: |
421 | if (file) |
422 | /* |
423 | * Synchronization is done in below function. For perf event, |
424 | * file == NULL and perf_trace_event_unreg() calls |
425 | * tracepoint_synchronize_unregister() to ensure synchronize |
426 | * event. We don't need to care about it. |
427 | */ |
428 | trace_probe_remove_file(tp, file); |
429 | |
430 | return 0; |
431 | } |
432 | |
433 | #if defined(CONFIG_DYNAMIC_FTRACE) && \ |
434 | !defined(CONFIG_KPROBE_EVENTS_ON_NOTRACE) |
435 | static bool __within_notrace_func(unsigned long addr) |
436 | { |
437 | unsigned long offset, size; |
438 | |
439 | if (!addr || !kallsyms_lookup_size_offset(addr, &size, &offset)) |
440 | return false; |
441 | |
442 | /* Get the entry address of the target function */ |
443 | addr -= offset; |
444 | |
445 | /* |
446 | * Since ftrace_location_range() does inclusive range check, we need |
447 | * to subtract 1 byte from the end address. |
448 | */ |
449 | return !ftrace_location_range(addr, addr + size - 1); |
450 | } |
451 | |
452 | static bool within_notrace_func(struct trace_kprobe *tk) |
453 | { |
454 | unsigned long addr = trace_kprobe_address(tk); |
455 | char symname[KSYM_NAME_LEN], *p; |
456 | |
457 | if (!__within_notrace_func(addr)) |
458 | return false; |
459 | |
460 | /* Check if the address is on a suffixed-symbol */ |
461 | if (!lookup_symbol_name(addr, symname)) { |
462 | p = strchr(symname, '.'); |
463 | if (!p) |
464 | return true; |
465 | *p = '\0'; |
466 | addr = (unsigned long)kprobe_lookup_name(symname, 0); |
467 | if (addr) |
468 | return __within_notrace_func(addr); |
469 | } |
470 | |
471 | return true; |
472 | } |
473 | #else |
474 | #define within_notrace_func(tk) (false) |
475 | #endif |
476 | |
477 | /* Internal register function - just handle k*probes and flags */ |
478 | static int __register_trace_kprobe(struct trace_kprobe *tk) |
479 | { |
480 | int i, ret; |
481 | |
482 | ret = security_locked_down(what: LOCKDOWN_KPROBES); |
483 | if (ret) |
484 | return ret; |
485 | |
486 | if (trace_kprobe_is_registered(tk)) |
487 | return -EINVAL; |
488 | |
489 | if (within_notrace_func(tk)) { |
490 | pr_warn("Could not probe notrace function %s\n" , |
491 | trace_kprobe_symbol(tk)); |
492 | return -EINVAL; |
493 | } |
494 | |
495 | for (i = 0; i < tk->tp.nr_args; i++) { |
496 | ret = traceprobe_update_arg(arg: &tk->tp.args[i]); |
497 | if (ret) |
498 | return ret; |
499 | } |
500 | |
501 | /* Set/clear disabled flag according to tp->flag */ |
502 | if (trace_probe_is_enabled(tp: &tk->tp)) |
503 | tk->rp.kp.flags &= ~KPROBE_FLAG_DISABLED; |
504 | else |
505 | tk->rp.kp.flags |= KPROBE_FLAG_DISABLED; |
506 | |
507 | if (trace_kprobe_is_return(tk)) |
508 | ret = register_kretprobe(rp: &tk->rp); |
509 | else |
510 | ret = register_kprobe(p: &tk->rp.kp); |
511 | |
512 | return ret; |
513 | } |
514 | |
515 | /* Internal unregister function - just handle k*probes and flags */ |
516 | static void __unregister_trace_kprobe(struct trace_kprobe *tk) |
517 | { |
518 | if (trace_kprobe_is_registered(tk)) { |
519 | if (trace_kprobe_is_return(tk)) |
520 | unregister_kretprobe(rp: &tk->rp); |
521 | else |
522 | unregister_kprobe(p: &tk->rp.kp); |
523 | /* Cleanup kprobe for reuse and mark it unregistered */ |
524 | INIT_HLIST_NODE(h: &tk->rp.kp.hlist); |
525 | INIT_LIST_HEAD(list: &tk->rp.kp.list); |
526 | if (tk->rp.kp.symbol_name) |
527 | tk->rp.kp.addr = NULL; |
528 | } |
529 | } |
530 | |
531 | /* Unregister a trace_probe and probe_event */ |
532 | static int unregister_trace_kprobe(struct trace_kprobe *tk) |
533 | { |
534 | /* If other probes are on the event, just unregister kprobe */ |
535 | if (trace_probe_has_sibling(tp: &tk->tp)) |
536 | goto unreg; |
537 | |
538 | /* Enabled event can not be unregistered */ |
539 | if (trace_probe_is_enabled(tp: &tk->tp)) |
540 | return -EBUSY; |
541 | |
542 | /* If there's a reference to the dynamic event */ |
543 | if (trace_event_dyn_busy(call: trace_probe_event_call(tp: &tk->tp))) |
544 | return -EBUSY; |
545 | |
546 | /* Will fail if probe is being used by ftrace or perf */ |
547 | if (unregister_kprobe_event(tk)) |
548 | return -EBUSY; |
549 | |
550 | unreg: |
551 | __unregister_trace_kprobe(tk); |
552 | dyn_event_remove(ev: &tk->devent); |
553 | trace_probe_unlink(tp: &tk->tp); |
554 | |
555 | return 0; |
556 | } |
557 | |
558 | static bool trace_kprobe_has_same_kprobe(struct trace_kprobe *orig, |
559 | struct trace_kprobe *comp) |
560 | { |
561 | struct trace_probe_event *tpe = orig->tp.event; |
562 | int i; |
563 | |
564 | list_for_each_entry(orig, &tpe->probes, tp.list) { |
565 | if (strcmp(trace_kprobe_symbol(tk: orig), |
566 | trace_kprobe_symbol(tk: comp)) || |
567 | trace_kprobe_offset(tk: orig) != trace_kprobe_offset(tk: comp)) |
568 | continue; |
569 | |
570 | /* |
571 | * trace_probe_compare_arg_type() ensured that nr_args and |
572 | * each argument name and type are same. Let's compare comm. |
573 | */ |
574 | for (i = 0; i < orig->tp.nr_args; i++) { |
575 | if (strcmp(orig->tp.args[i].comm, |
576 | comp->tp.args[i].comm)) |
577 | break; |
578 | } |
579 | |
580 | if (i == orig->tp.nr_args) |
581 | return true; |
582 | } |
583 | |
584 | return false; |
585 | } |
586 | |
587 | static int append_trace_kprobe(struct trace_kprobe *tk, struct trace_kprobe *to) |
588 | { |
589 | int ret; |
590 | |
591 | ret = trace_probe_compare_arg_type(a: &tk->tp, b: &to->tp); |
592 | if (ret) { |
593 | /* Note that argument starts index = 2 */ |
594 | trace_probe_log_set_index(index: ret + 1); |
595 | trace_probe_log_err(0, DIFF_ARG_TYPE); |
596 | return -EEXIST; |
597 | } |
598 | if (trace_kprobe_has_same_kprobe(orig: to, comp: tk)) { |
599 | trace_probe_log_set_index(index: 0); |
600 | trace_probe_log_err(0, SAME_PROBE); |
601 | return -EEXIST; |
602 | } |
603 | |
604 | /* Append to existing event */ |
605 | ret = trace_probe_append(tp: &tk->tp, to: &to->tp); |
606 | if (ret) |
607 | return ret; |
608 | |
609 | /* Register k*probe */ |
610 | ret = __register_trace_kprobe(tk); |
611 | if (ret == -ENOENT && !trace_kprobe_module_exist(tk)) { |
612 | pr_warn("This probe might be able to register after target module is loaded. Continue.\n" ); |
613 | ret = 0; |
614 | } |
615 | |
616 | if (ret) |
617 | trace_probe_unlink(tp: &tk->tp); |
618 | else |
619 | dyn_event_add(ev: &tk->devent, call: trace_probe_event_call(tp: &tk->tp)); |
620 | |
621 | return ret; |
622 | } |
623 | |
624 | /* Register a trace_probe and probe_event */ |
625 | static int register_trace_kprobe(struct trace_kprobe *tk) |
626 | { |
627 | struct trace_kprobe *old_tk; |
628 | int ret; |
629 | |
630 | mutex_lock(&event_mutex); |
631 | |
632 | old_tk = find_trace_kprobe(event: trace_probe_name(tp: &tk->tp), |
633 | group: trace_probe_group_name(tp: &tk->tp)); |
634 | if (old_tk) { |
635 | if (trace_kprobe_is_return(tk) != trace_kprobe_is_return(tk: old_tk)) { |
636 | trace_probe_log_set_index(index: 0); |
637 | trace_probe_log_err(0, DIFF_PROBE_TYPE); |
638 | ret = -EEXIST; |
639 | } else { |
640 | ret = append_trace_kprobe(tk, to: old_tk); |
641 | } |
642 | goto end; |
643 | } |
644 | |
645 | /* Register new event */ |
646 | ret = register_kprobe_event(tk); |
647 | if (ret) { |
648 | if (ret == -EEXIST) { |
649 | trace_probe_log_set_index(index: 0); |
650 | trace_probe_log_err(0, EVENT_EXIST); |
651 | } else |
652 | pr_warn("Failed to register probe event(%d)\n" , ret); |
653 | goto end; |
654 | } |
655 | |
656 | /* Register k*probe */ |
657 | ret = __register_trace_kprobe(tk); |
658 | if (ret == -ENOENT && !trace_kprobe_module_exist(tk)) { |
659 | pr_warn("This probe might be able to register after target module is loaded. Continue.\n" ); |
660 | ret = 0; |
661 | } |
662 | |
663 | if (ret < 0) |
664 | unregister_kprobe_event(tk); |
665 | else |
666 | dyn_event_add(ev: &tk->devent, call: trace_probe_event_call(tp: &tk->tp)); |
667 | |
668 | end: |
669 | mutex_unlock(lock: &event_mutex); |
670 | return ret; |
671 | } |
672 | |
673 | /* Module notifier call back, checking event on the module */ |
674 | static int trace_kprobe_module_callback(struct notifier_block *nb, |
675 | unsigned long val, void *data) |
676 | { |
677 | struct module *mod = data; |
678 | struct dyn_event *pos; |
679 | struct trace_kprobe *tk; |
680 | int ret; |
681 | |
682 | if (val != MODULE_STATE_COMING) |
683 | return NOTIFY_DONE; |
684 | |
685 | /* Update probes on coming module */ |
686 | mutex_lock(&event_mutex); |
687 | for_each_trace_kprobe(tk, pos) { |
688 | if (trace_kprobe_within_module(tk, mod)) { |
689 | /* Don't need to check busy - this should have gone. */ |
690 | __unregister_trace_kprobe(tk); |
691 | ret = __register_trace_kprobe(tk); |
692 | if (ret) |
693 | pr_warn("Failed to re-register probe %s on %s: %d\n" , |
694 | trace_probe_name(&tk->tp), |
695 | module_name(mod), ret); |
696 | } |
697 | } |
698 | mutex_unlock(lock: &event_mutex); |
699 | |
700 | return NOTIFY_DONE; |
701 | } |
702 | |
703 | static struct notifier_block trace_kprobe_module_nb = { |
704 | .notifier_call = trace_kprobe_module_callback, |
705 | .priority = 1 /* Invoked after kprobe module callback */ |
706 | }; |
707 | |
708 | static int count_symbols(void *data, unsigned long unused) |
709 | { |
710 | unsigned int *count = data; |
711 | |
712 | (*count)++; |
713 | |
714 | return 0; |
715 | } |
716 | |
717 | struct sym_count_ctx { |
718 | unsigned int count; |
719 | const char *name; |
720 | }; |
721 | |
722 | static int count_mod_symbols(void *data, const char *name, unsigned long unused) |
723 | { |
724 | struct sym_count_ctx *ctx = data; |
725 | |
726 | if (strcmp(name, ctx->name) == 0) |
727 | ctx->count++; |
728 | |
729 | return 0; |
730 | } |
731 | |
732 | static unsigned int number_of_same_symbols(char *func_name) |
733 | { |
734 | struct sym_count_ctx ctx = { .count = 0, .name = func_name }; |
735 | |
736 | kallsyms_on_each_match_symbol(fn: count_symbols, name: func_name, data: &ctx.count); |
737 | |
738 | module_kallsyms_on_each_symbol(NULL, fn: count_mod_symbols, data: &ctx); |
739 | |
740 | return ctx.count; |
741 | } |
742 | |
743 | static int __trace_kprobe_create(int argc, const char *argv[]) |
744 | { |
745 | /* |
746 | * Argument syntax: |
747 | * - Add kprobe: |
748 | * p[:[GRP/][EVENT]] [MOD:]KSYM[+OFFS]|KADDR [FETCHARGS] |
749 | * - Add kretprobe: |
750 | * r[MAXACTIVE][:[GRP/][EVENT]] [MOD:]KSYM[+0] [FETCHARGS] |
751 | * Or |
752 | * p[:[GRP/][EVENT]] [MOD:]KSYM[+0]%return [FETCHARGS] |
753 | * |
754 | * Fetch args: |
755 | * $retval : fetch return value |
756 | * $stack : fetch stack address |
757 | * $stackN : fetch Nth of stack (N:0-) |
758 | * $comm : fetch current task comm |
759 | * @ADDR : fetch memory at ADDR (ADDR should be in kernel) |
760 | * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol) |
761 | * %REG : fetch register REG |
762 | * Dereferencing memory fetch: |
763 | * +|-offs(ARG) : fetch memory at ARG +|- offs address. |
764 | * Alias name of args: |
765 | * NAME=FETCHARG : set NAME as alias of FETCHARG. |
766 | * Type of args: |
767 | * FETCHARG:TYPE : use TYPE instead of unsigned long. |
768 | */ |
769 | struct trace_kprobe *tk = NULL; |
770 | int i, len, new_argc = 0, ret = 0; |
771 | bool is_return = false; |
772 | char *symbol = NULL, *tmp = NULL; |
773 | const char **new_argv = NULL; |
774 | const char *event = NULL, *group = KPROBE_EVENT_SYSTEM; |
775 | enum probe_print_type ptype; |
776 | int maxactive = 0; |
777 | long offset = 0; |
778 | void *addr = NULL; |
779 | char buf[MAX_EVENT_NAME_LEN]; |
780 | char gbuf[MAX_EVENT_NAME_LEN]; |
781 | char abuf[MAX_BTF_ARGS_LEN]; |
782 | struct traceprobe_parse_context ctx = { .flags = TPARG_FL_KERNEL }; |
783 | |
784 | switch (argv[0][0]) { |
785 | case 'r': |
786 | is_return = true; |
787 | break; |
788 | case 'p': |
789 | break; |
790 | default: |
791 | return -ECANCELED; |
792 | } |
793 | if (argc < 2) |
794 | return -ECANCELED; |
795 | |
796 | trace_probe_log_init(subsystem: "trace_kprobe" , argc, argv); |
797 | |
798 | event = strchr(&argv[0][1], ':'); |
799 | if (event) |
800 | event++; |
801 | |
802 | if (isdigit(c: argv[0][1])) { |
803 | if (!is_return) { |
804 | trace_probe_log_err(1, BAD_MAXACT_TYPE); |
805 | goto parse_error; |
806 | } |
807 | if (event) |
808 | len = event - &argv[0][1] - 1; |
809 | else |
810 | len = strlen(&argv[0][1]); |
811 | if (len > MAX_EVENT_NAME_LEN - 1) { |
812 | trace_probe_log_err(1, BAD_MAXACT); |
813 | goto parse_error; |
814 | } |
815 | memcpy(buf, &argv[0][1], len); |
816 | buf[len] = '\0'; |
817 | ret = kstrtouint(s: buf, base: 0, res: &maxactive); |
818 | if (ret || !maxactive) { |
819 | trace_probe_log_err(1, BAD_MAXACT); |
820 | goto parse_error; |
821 | } |
822 | /* kretprobes instances are iterated over via a list. The |
823 | * maximum should stay reasonable. |
824 | */ |
825 | if (maxactive > KRETPROBE_MAXACTIVE_MAX) { |
826 | trace_probe_log_err(1, MAXACT_TOO_BIG); |
827 | goto parse_error; |
828 | } |
829 | } |
830 | |
831 | /* try to parse an address. if that fails, try to read the |
832 | * input as a symbol. */ |
833 | if (kstrtoul(s: argv[1], base: 0, res: (unsigned long *)&addr)) { |
834 | trace_probe_log_set_index(index: 1); |
835 | /* Check whether uprobe event specified */ |
836 | if (strchr(argv[1], '/') && strchr(argv[1], ':')) { |
837 | ret = -ECANCELED; |
838 | goto error; |
839 | } |
840 | /* a symbol specified */ |
841 | symbol = kstrdup(s: argv[1], GFP_KERNEL); |
842 | if (!symbol) |
843 | return -ENOMEM; |
844 | |
845 | tmp = strchr(symbol, '%'); |
846 | if (tmp) { |
847 | if (!strcmp(tmp, "%return" )) { |
848 | *tmp = '\0'; |
849 | is_return = true; |
850 | } else { |
851 | trace_probe_log_err(tmp - symbol, BAD_ADDR_SUFFIX); |
852 | goto parse_error; |
853 | } |
854 | } |
855 | |
856 | /* TODO: support .init module functions */ |
857 | ret = traceprobe_split_symbol_offset(symbol, offset: &offset); |
858 | if (ret || offset < 0 || offset > UINT_MAX) { |
859 | trace_probe_log_err(0, BAD_PROBE_ADDR); |
860 | goto parse_error; |
861 | } |
862 | if (is_return) |
863 | ctx.flags |= TPARG_FL_RETURN; |
864 | ret = kprobe_on_func_entry(NULL, sym: symbol, offset); |
865 | if (ret == 0 && !is_return) |
866 | ctx.flags |= TPARG_FL_FENTRY; |
867 | /* Defer the ENOENT case until register kprobe */ |
868 | if (ret == -EINVAL && is_return) { |
869 | trace_probe_log_err(0, BAD_RETPROBE); |
870 | goto parse_error; |
871 | } |
872 | } |
873 | |
874 | if (symbol && !strchr(symbol, ':')) { |
875 | unsigned int count; |
876 | |
877 | count = number_of_same_symbols(func_name: symbol); |
878 | if (count > 1) { |
879 | /* |
880 | * Users should use ADDR to remove the ambiguity of |
881 | * using KSYM only. |
882 | */ |
883 | trace_probe_log_err(0, NON_UNIQ_SYMBOL); |
884 | ret = -EADDRNOTAVAIL; |
885 | |
886 | goto error; |
887 | } else if (count == 0) { |
888 | /* |
889 | * We can return ENOENT earlier than when register the |
890 | * kprobe. |
891 | */ |
892 | trace_probe_log_err(0, BAD_PROBE_ADDR); |
893 | ret = -ENOENT; |
894 | |
895 | goto error; |
896 | } |
897 | } |
898 | |
899 | trace_probe_log_set_index(index: 0); |
900 | if (event) { |
901 | ret = traceprobe_parse_event_name(pevent: &event, pgroup: &group, buf: gbuf, |
902 | offset: event - argv[0]); |
903 | if (ret) |
904 | goto parse_error; |
905 | } |
906 | |
907 | if (!event) { |
908 | /* Make a new event name */ |
909 | if (symbol) |
910 | snprintf(buf, MAX_EVENT_NAME_LEN, fmt: "%c_%s_%ld" , |
911 | is_return ? 'r' : 'p', symbol, offset); |
912 | else |
913 | snprintf(buf, MAX_EVENT_NAME_LEN, fmt: "%c_0x%p" , |
914 | is_return ? 'r' : 'p', addr); |
915 | sanitize_event_name(name: buf); |
916 | event = buf; |
917 | } |
918 | |
919 | argc -= 2; argv += 2; |
920 | ctx.funcname = symbol; |
921 | new_argv = traceprobe_expand_meta_args(argc, argv, new_argc: &new_argc, |
922 | buf: abuf, MAX_BTF_ARGS_LEN, ctx: &ctx); |
923 | if (IS_ERR(ptr: new_argv)) { |
924 | ret = PTR_ERR(ptr: new_argv); |
925 | new_argv = NULL; |
926 | goto out; |
927 | } |
928 | if (new_argv) { |
929 | argc = new_argc; |
930 | argv = new_argv; |
931 | } |
932 | |
933 | /* setup a probe */ |
934 | tk = alloc_trace_kprobe(group, event, addr, symbol, offs: offset, maxactive, |
935 | nargs: argc, is_return); |
936 | if (IS_ERR(ptr: tk)) { |
937 | ret = PTR_ERR(ptr: tk); |
938 | /* This must return -ENOMEM, else there is a bug */ |
939 | WARN_ON_ONCE(ret != -ENOMEM); |
940 | goto out; /* We know tk is not allocated */ |
941 | } |
942 | |
943 | /* parse arguments */ |
944 | for (i = 0; i < argc && i < MAX_TRACE_ARGS; i++) { |
945 | trace_probe_log_set_index(index: i + 2); |
946 | ctx.offset = 0; |
947 | ret = traceprobe_parse_probe_arg(tp: &tk->tp, i, argv: argv[i], ctx: &ctx); |
948 | if (ret) |
949 | goto error; /* This can be -ENOMEM */ |
950 | } |
951 | |
952 | ptype = is_return ? PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL; |
953 | ret = traceprobe_set_print_fmt(tp: &tk->tp, ptype); |
954 | if (ret < 0) |
955 | goto error; |
956 | |
957 | ret = register_trace_kprobe(tk); |
958 | if (ret) { |
959 | trace_probe_log_set_index(index: 1); |
960 | if (ret == -EILSEQ) |
961 | trace_probe_log_err(0, BAD_INSN_BNDRY); |
962 | else if (ret == -ENOENT) |
963 | trace_probe_log_err(0, BAD_PROBE_ADDR); |
964 | else if (ret != -ENOMEM && ret != -EEXIST) |
965 | trace_probe_log_err(0, FAIL_REG_PROBE); |
966 | goto error; |
967 | } |
968 | |
969 | out: |
970 | traceprobe_finish_parse(ctx: &ctx); |
971 | trace_probe_log_clear(); |
972 | kfree(objp: new_argv); |
973 | kfree(objp: symbol); |
974 | return ret; |
975 | |
976 | parse_error: |
977 | ret = -EINVAL; |
978 | error: |
979 | free_trace_kprobe(tk); |
980 | goto out; |
981 | } |
982 | |
983 | static int trace_kprobe_create(const char *raw_command) |
984 | { |
985 | return trace_probe_create(raw_command, createfn: __trace_kprobe_create); |
986 | } |
987 | |
988 | static int create_or_delete_trace_kprobe(const char *raw_command) |
989 | { |
990 | int ret; |
991 | |
992 | if (raw_command[0] == '-') |
993 | return dyn_event_release(raw_command, type: &trace_kprobe_ops); |
994 | |
995 | ret = trace_kprobe_create(raw_command); |
996 | return ret == -ECANCELED ? -EINVAL : ret; |
997 | } |
998 | |
999 | static int trace_kprobe_run_command(struct dynevent_cmd *cmd) |
1000 | { |
1001 | return create_or_delete_trace_kprobe(raw_command: cmd->seq.buffer); |
1002 | } |
1003 | |
1004 | /** |
1005 | * kprobe_event_cmd_init - Initialize a kprobe event command object |
1006 | * @cmd: A pointer to the dynevent_cmd struct representing the new event |
1007 | * @buf: A pointer to the buffer used to build the command |
1008 | * @maxlen: The length of the buffer passed in @buf |
1009 | * |
1010 | * Initialize a synthetic event command object. Use this before |
1011 | * calling any of the other kprobe_event functions. |
1012 | */ |
1013 | void kprobe_event_cmd_init(struct dynevent_cmd *cmd, char *buf, int maxlen) |
1014 | { |
1015 | dynevent_cmd_init(cmd, buf, maxlen, type: DYNEVENT_TYPE_KPROBE, |
1016 | run_command: trace_kprobe_run_command); |
1017 | } |
1018 | EXPORT_SYMBOL_GPL(kprobe_event_cmd_init); |
1019 | |
1020 | /** |
1021 | * __kprobe_event_gen_cmd_start - Generate a kprobe event command from arg list |
1022 | * @cmd: A pointer to the dynevent_cmd struct representing the new event |
1023 | * @name: The name of the kprobe event |
1024 | * @loc: The location of the kprobe event |
1025 | * @kretprobe: Is this a return probe? |
1026 | * @...: Variable number of arg (pairs), one pair for each field |
1027 | * |
1028 | * NOTE: Users normally won't want to call this function directly, but |
1029 | * rather use the kprobe_event_gen_cmd_start() wrapper, which automatically |
1030 | * adds a NULL to the end of the arg list. If this function is used |
1031 | * directly, make sure the last arg in the variable arg list is NULL. |
1032 | * |
1033 | * Generate a kprobe event command to be executed by |
1034 | * kprobe_event_gen_cmd_end(). This function can be used to generate the |
1035 | * complete command or only the first part of it; in the latter case, |
1036 | * kprobe_event_add_fields() can be used to add more fields following this. |
1037 | * |
1038 | * Unlikely the synth_event_gen_cmd_start(), @loc must be specified. This |
1039 | * returns -EINVAL if @loc == NULL. |
1040 | * |
1041 | * Return: 0 if successful, error otherwise. |
1042 | */ |
1043 | int __kprobe_event_gen_cmd_start(struct dynevent_cmd *cmd, bool kretprobe, |
1044 | const char *name, const char *loc, ...) |
1045 | { |
1046 | char buf[MAX_EVENT_NAME_LEN]; |
1047 | struct dynevent_arg arg; |
1048 | va_list args; |
1049 | int ret; |
1050 | |
1051 | if (cmd->type != DYNEVENT_TYPE_KPROBE) |
1052 | return -EINVAL; |
1053 | |
1054 | if (!loc) |
1055 | return -EINVAL; |
1056 | |
1057 | if (kretprobe) |
1058 | snprintf(buf, MAX_EVENT_NAME_LEN, fmt: "r:kprobes/%s" , name); |
1059 | else |
1060 | snprintf(buf, MAX_EVENT_NAME_LEN, fmt: "p:kprobes/%s" , name); |
1061 | |
1062 | ret = dynevent_str_add(cmd, str: buf); |
1063 | if (ret) |
1064 | return ret; |
1065 | |
1066 | dynevent_arg_init(arg: &arg, separator: 0); |
1067 | arg.str = loc; |
1068 | ret = dynevent_arg_add(cmd, arg: &arg, NULL); |
1069 | if (ret) |
1070 | return ret; |
1071 | |
1072 | va_start(args, loc); |
1073 | for (;;) { |
1074 | const char *field; |
1075 | |
1076 | field = va_arg(args, const char *); |
1077 | if (!field) |
1078 | break; |
1079 | |
1080 | if (++cmd->n_fields > MAX_TRACE_ARGS) { |
1081 | ret = -EINVAL; |
1082 | break; |
1083 | } |
1084 | |
1085 | arg.str = field; |
1086 | ret = dynevent_arg_add(cmd, arg: &arg, NULL); |
1087 | if (ret) |
1088 | break; |
1089 | } |
1090 | va_end(args); |
1091 | |
1092 | return ret; |
1093 | } |
1094 | EXPORT_SYMBOL_GPL(__kprobe_event_gen_cmd_start); |
1095 | |
1096 | /** |
1097 | * __kprobe_event_add_fields - Add probe fields to a kprobe command from arg list |
1098 | * @cmd: A pointer to the dynevent_cmd struct representing the new event |
1099 | * @...: Variable number of arg (pairs), one pair for each field |
1100 | * |
1101 | * NOTE: Users normally won't want to call this function directly, but |
1102 | * rather use the kprobe_event_add_fields() wrapper, which |
1103 | * automatically adds a NULL to the end of the arg list. If this |
1104 | * function is used directly, make sure the last arg in the variable |
1105 | * arg list is NULL. |
1106 | * |
1107 | * Add probe fields to an existing kprobe command using a variable |
1108 | * list of args. Fields are added in the same order they're listed. |
1109 | * |
1110 | * Return: 0 if successful, error otherwise. |
1111 | */ |
1112 | int __kprobe_event_add_fields(struct dynevent_cmd *cmd, ...) |
1113 | { |
1114 | struct dynevent_arg arg; |
1115 | va_list args; |
1116 | int ret = 0; |
1117 | |
1118 | if (cmd->type != DYNEVENT_TYPE_KPROBE) |
1119 | return -EINVAL; |
1120 | |
1121 | dynevent_arg_init(arg: &arg, separator: 0); |
1122 | |
1123 | va_start(args, cmd); |
1124 | for (;;) { |
1125 | const char *field; |
1126 | |
1127 | field = va_arg(args, const char *); |
1128 | if (!field) |
1129 | break; |
1130 | |
1131 | if (++cmd->n_fields > MAX_TRACE_ARGS) { |
1132 | ret = -EINVAL; |
1133 | break; |
1134 | } |
1135 | |
1136 | arg.str = field; |
1137 | ret = dynevent_arg_add(cmd, arg: &arg, NULL); |
1138 | if (ret) |
1139 | break; |
1140 | } |
1141 | va_end(args); |
1142 | |
1143 | return ret; |
1144 | } |
1145 | EXPORT_SYMBOL_GPL(__kprobe_event_add_fields); |
1146 | |
1147 | /** |
1148 | * kprobe_event_delete - Delete a kprobe event |
1149 | * @name: The name of the kprobe event to delete |
1150 | * |
1151 | * Delete a kprobe event with the give @name from kernel code rather |
1152 | * than directly from the command line. |
1153 | * |
1154 | * Return: 0 if successful, error otherwise. |
1155 | */ |
1156 | int kprobe_event_delete(const char *name) |
1157 | { |
1158 | char buf[MAX_EVENT_NAME_LEN]; |
1159 | |
1160 | snprintf(buf, MAX_EVENT_NAME_LEN, fmt: "-:%s" , name); |
1161 | |
1162 | return create_or_delete_trace_kprobe(raw_command: buf); |
1163 | } |
1164 | EXPORT_SYMBOL_GPL(kprobe_event_delete); |
1165 | |
1166 | static int trace_kprobe_release(struct dyn_event *ev) |
1167 | { |
1168 | struct trace_kprobe *tk = to_trace_kprobe(ev); |
1169 | int ret = unregister_trace_kprobe(tk); |
1170 | |
1171 | if (!ret) |
1172 | free_trace_kprobe(tk); |
1173 | return ret; |
1174 | } |
1175 | |
1176 | static int trace_kprobe_show(struct seq_file *m, struct dyn_event *ev) |
1177 | { |
1178 | struct trace_kprobe *tk = to_trace_kprobe(ev); |
1179 | int i; |
1180 | |
1181 | seq_putc(m, c: trace_kprobe_is_return(tk) ? 'r' : 'p'); |
1182 | if (trace_kprobe_is_return(tk) && tk->rp.maxactive) |
1183 | seq_printf(m, fmt: "%d" , tk->rp.maxactive); |
1184 | seq_printf(m, fmt: ":%s/%s" , trace_probe_group_name(tp: &tk->tp), |
1185 | trace_probe_name(tp: &tk->tp)); |
1186 | |
1187 | if (!tk->symbol) |
1188 | seq_printf(m, fmt: " 0x%p" , tk->rp.kp.addr); |
1189 | else if (tk->rp.kp.offset) |
1190 | seq_printf(m, fmt: " %s+%u" , trace_kprobe_symbol(tk), |
1191 | tk->rp.kp.offset); |
1192 | else |
1193 | seq_printf(m, fmt: " %s" , trace_kprobe_symbol(tk)); |
1194 | |
1195 | for (i = 0; i < tk->tp.nr_args; i++) |
1196 | seq_printf(m, fmt: " %s=%s" , tk->tp.args[i].name, tk->tp.args[i].comm); |
1197 | seq_putc(m, c: '\n'); |
1198 | |
1199 | return 0; |
1200 | } |
1201 | |
1202 | static int probes_seq_show(struct seq_file *m, void *v) |
1203 | { |
1204 | struct dyn_event *ev = v; |
1205 | |
1206 | if (!is_trace_kprobe(ev)) |
1207 | return 0; |
1208 | |
1209 | return trace_kprobe_show(m, ev); |
1210 | } |
1211 | |
1212 | static const struct seq_operations probes_seq_op = { |
1213 | .start = dyn_event_seq_start, |
1214 | .next = dyn_event_seq_next, |
1215 | .stop = dyn_event_seq_stop, |
1216 | .show = probes_seq_show |
1217 | }; |
1218 | |
1219 | static int probes_open(struct inode *inode, struct file *file) |
1220 | { |
1221 | int ret; |
1222 | |
1223 | ret = security_locked_down(what: LOCKDOWN_TRACEFS); |
1224 | if (ret) |
1225 | return ret; |
1226 | |
1227 | if ((file->f_mode & FMODE_WRITE) && (file->f_flags & O_TRUNC)) { |
1228 | ret = dyn_events_release_all(type: &trace_kprobe_ops); |
1229 | if (ret < 0) |
1230 | return ret; |
1231 | } |
1232 | |
1233 | return seq_open(file, &probes_seq_op); |
1234 | } |
1235 | |
1236 | static ssize_t probes_write(struct file *file, const char __user *buffer, |
1237 | size_t count, loff_t *ppos) |
1238 | { |
1239 | return trace_parse_run_command(file, buffer, count, ppos, |
1240 | createfn: create_or_delete_trace_kprobe); |
1241 | } |
1242 | |
1243 | static const struct file_operations kprobe_events_ops = { |
1244 | .owner = THIS_MODULE, |
1245 | .open = probes_open, |
1246 | .read = seq_read, |
1247 | .llseek = seq_lseek, |
1248 | .release = seq_release, |
1249 | .write = probes_write, |
1250 | }; |
1251 | |
1252 | static unsigned long trace_kprobe_missed(struct trace_kprobe *tk) |
1253 | { |
1254 | return trace_kprobe_is_return(tk) ? |
1255 | tk->rp.kp.nmissed + tk->rp.nmissed : tk->rp.kp.nmissed; |
1256 | } |
1257 | |
1258 | /* Probes profiling interfaces */ |
1259 | static int probes_profile_seq_show(struct seq_file *m, void *v) |
1260 | { |
1261 | struct dyn_event *ev = v; |
1262 | struct trace_kprobe *tk; |
1263 | unsigned long nmissed; |
1264 | |
1265 | if (!is_trace_kprobe(ev)) |
1266 | return 0; |
1267 | |
1268 | tk = to_trace_kprobe(ev); |
1269 | nmissed = trace_kprobe_missed(tk); |
1270 | seq_printf(m, fmt: " %-44s %15lu %15lu\n" , |
1271 | trace_probe_name(tp: &tk->tp), |
1272 | trace_kprobe_nhit(tk), |
1273 | nmissed); |
1274 | |
1275 | return 0; |
1276 | } |
1277 | |
1278 | static const struct seq_operations profile_seq_op = { |
1279 | .start = dyn_event_seq_start, |
1280 | .next = dyn_event_seq_next, |
1281 | .stop = dyn_event_seq_stop, |
1282 | .show = probes_profile_seq_show |
1283 | }; |
1284 | |
1285 | static int profile_open(struct inode *inode, struct file *file) |
1286 | { |
1287 | int ret; |
1288 | |
1289 | ret = security_locked_down(what: LOCKDOWN_TRACEFS); |
1290 | if (ret) |
1291 | return ret; |
1292 | |
1293 | return seq_open(file, &profile_seq_op); |
1294 | } |
1295 | |
1296 | static const struct file_operations kprobe_profile_ops = { |
1297 | .owner = THIS_MODULE, |
1298 | .open = profile_open, |
1299 | .read = seq_read, |
1300 | .llseek = seq_lseek, |
1301 | .release = seq_release, |
1302 | }; |
1303 | |
1304 | /* Note that we don't verify it, since the code does not come from user space */ |
1305 | static int |
1306 | process_fetch_insn(struct fetch_insn *code, void *rec, void *dest, |
1307 | void *base) |
1308 | { |
1309 | struct pt_regs *regs = rec; |
1310 | unsigned long val; |
1311 | int ret; |
1312 | |
1313 | retry: |
1314 | /* 1st stage: get value from context */ |
1315 | switch (code->op) { |
1316 | case FETCH_OP_REG: |
1317 | val = regs_get_register(regs, offset: code->param); |
1318 | break; |
1319 | case FETCH_OP_STACK: |
1320 | val = regs_get_kernel_stack_nth(regs, n: code->param); |
1321 | break; |
1322 | case FETCH_OP_STACKP: |
1323 | val = kernel_stack_pointer(regs); |
1324 | break; |
1325 | case FETCH_OP_RETVAL: |
1326 | val = regs_return_value(regs); |
1327 | break; |
1328 | #ifdef CONFIG_HAVE_FUNCTION_ARG_ACCESS_API |
1329 | case FETCH_OP_ARG: |
1330 | val = regs_get_kernel_argument(regs, n: code->param); |
1331 | break; |
1332 | #endif |
1333 | case FETCH_NOP_SYMBOL: /* Ignore a place holder */ |
1334 | code++; |
1335 | goto retry; |
1336 | default: |
1337 | ret = process_common_fetch_insn(code, val: &val); |
1338 | if (ret < 0) |
1339 | return ret; |
1340 | } |
1341 | code++; |
1342 | |
1343 | return process_fetch_insn_bottom(code, val, dest, base); |
1344 | } |
1345 | NOKPROBE_SYMBOL(process_fetch_insn) |
1346 | |
1347 | /* Kprobe handler */ |
1348 | static nokprobe_inline void |
1349 | __kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs, |
1350 | struct trace_event_file *trace_file) |
1351 | { |
1352 | struct kprobe_trace_entry_head *entry; |
1353 | struct trace_event_call *call = trace_probe_event_call(tp: &tk->tp); |
1354 | struct trace_event_buffer fbuffer; |
1355 | int dsize; |
1356 | |
1357 | WARN_ON(call != trace_file->event_call); |
1358 | |
1359 | if (trace_trigger_soft_disabled(file: trace_file)) |
1360 | return; |
1361 | |
1362 | dsize = __get_data_size(tp: &tk->tp, regs); |
1363 | |
1364 | entry = trace_event_buffer_reserve(fbuffer: &fbuffer, trace_file, |
1365 | len: sizeof(*entry) + tk->tp.size + dsize); |
1366 | if (!entry) |
1367 | return; |
1368 | |
1369 | fbuffer.regs = regs; |
1370 | entry->ip = (unsigned long)tk->rp.kp.addr; |
1371 | store_trace_args(data: &entry[1], tp: &tk->tp, rec: regs, header_size: sizeof(*entry), maxlen: dsize); |
1372 | |
1373 | trace_event_buffer_commit(fbuffer: &fbuffer); |
1374 | } |
1375 | |
1376 | static void |
1377 | kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs) |
1378 | { |
1379 | struct event_file_link *link; |
1380 | |
1381 | trace_probe_for_each_link_rcu(link, &tk->tp) |
1382 | __kprobe_trace_func(tk, regs, trace_file: link->file); |
1383 | } |
1384 | NOKPROBE_SYMBOL(kprobe_trace_func); |
1385 | |
1386 | /* Kretprobe handler */ |
1387 | static nokprobe_inline void |
1388 | __kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, |
1389 | struct pt_regs *regs, |
1390 | struct trace_event_file *trace_file) |
1391 | { |
1392 | struct kretprobe_trace_entry_head *entry; |
1393 | struct trace_event_buffer fbuffer; |
1394 | struct trace_event_call *call = trace_probe_event_call(tp: &tk->tp); |
1395 | int dsize; |
1396 | |
1397 | WARN_ON(call != trace_file->event_call); |
1398 | |
1399 | if (trace_trigger_soft_disabled(file: trace_file)) |
1400 | return; |
1401 | |
1402 | dsize = __get_data_size(tp: &tk->tp, regs); |
1403 | |
1404 | entry = trace_event_buffer_reserve(fbuffer: &fbuffer, trace_file, |
1405 | len: sizeof(*entry) + tk->tp.size + dsize); |
1406 | if (!entry) |
1407 | return; |
1408 | |
1409 | fbuffer.regs = regs; |
1410 | entry->func = (unsigned long)tk->rp.kp.addr; |
1411 | entry->ret_ip = get_kretprobe_retaddr(ri); |
1412 | store_trace_args(data: &entry[1], tp: &tk->tp, rec: regs, header_size: sizeof(*entry), maxlen: dsize); |
1413 | |
1414 | trace_event_buffer_commit(fbuffer: &fbuffer); |
1415 | } |
1416 | |
1417 | static void |
1418 | kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, |
1419 | struct pt_regs *regs) |
1420 | { |
1421 | struct event_file_link *link; |
1422 | |
1423 | trace_probe_for_each_link_rcu(link, &tk->tp) |
1424 | __kretprobe_trace_func(tk, ri, regs, trace_file: link->file); |
1425 | } |
1426 | NOKPROBE_SYMBOL(kretprobe_trace_func); |
1427 | |
1428 | /* Event entry printers */ |
1429 | static enum print_line_t |
1430 | print_kprobe_event(struct trace_iterator *iter, int flags, |
1431 | struct trace_event *event) |
1432 | { |
1433 | struct kprobe_trace_entry_head *field; |
1434 | struct trace_seq *s = &iter->seq; |
1435 | struct trace_probe *tp; |
1436 | |
1437 | field = (struct kprobe_trace_entry_head *)iter->ent; |
1438 | tp = trace_probe_primary_from_call( |
1439 | container_of(event, struct trace_event_call, event)); |
1440 | if (WARN_ON_ONCE(!tp)) |
1441 | goto out; |
1442 | |
1443 | trace_seq_printf(s, fmt: "%s: (" , trace_probe_name(tp)); |
1444 | |
1445 | if (!seq_print_ip_sym(s, ip: field->ip, sym_flags: flags | TRACE_ITER_SYM_OFFSET)) |
1446 | goto out; |
1447 | |
1448 | trace_seq_putc(s, c: ')'); |
1449 | |
1450 | if (trace_probe_print_args(s, args: tp->args, nr_args: tp->nr_args, |
1451 | data: (u8 *)&field[1], field) < 0) |
1452 | goto out; |
1453 | |
1454 | trace_seq_putc(s, c: '\n'); |
1455 | out: |
1456 | return trace_handle_return(s); |
1457 | } |
1458 | |
1459 | static enum print_line_t |
1460 | print_kretprobe_event(struct trace_iterator *iter, int flags, |
1461 | struct trace_event *event) |
1462 | { |
1463 | struct kretprobe_trace_entry_head *field; |
1464 | struct trace_seq *s = &iter->seq; |
1465 | struct trace_probe *tp; |
1466 | |
1467 | field = (struct kretprobe_trace_entry_head *)iter->ent; |
1468 | tp = trace_probe_primary_from_call( |
1469 | container_of(event, struct trace_event_call, event)); |
1470 | if (WARN_ON_ONCE(!tp)) |
1471 | goto out; |
1472 | |
1473 | trace_seq_printf(s, fmt: "%s: (" , trace_probe_name(tp)); |
1474 | |
1475 | if (!seq_print_ip_sym(s, ip: field->ret_ip, sym_flags: flags | TRACE_ITER_SYM_OFFSET)) |
1476 | goto out; |
1477 | |
1478 | trace_seq_puts(s, str: " <- " ); |
1479 | |
1480 | if (!seq_print_ip_sym(s, ip: field->func, sym_flags: flags & ~TRACE_ITER_SYM_OFFSET)) |
1481 | goto out; |
1482 | |
1483 | trace_seq_putc(s, c: ')'); |
1484 | |
1485 | if (trace_probe_print_args(s, args: tp->args, nr_args: tp->nr_args, |
1486 | data: (u8 *)&field[1], field) < 0) |
1487 | goto out; |
1488 | |
1489 | trace_seq_putc(s, c: '\n'); |
1490 | |
1491 | out: |
1492 | return trace_handle_return(s); |
1493 | } |
1494 | |
1495 | |
1496 | static int kprobe_event_define_fields(struct trace_event_call *event_call) |
1497 | { |
1498 | int ret; |
1499 | struct kprobe_trace_entry_head field; |
1500 | struct trace_probe *tp; |
1501 | |
1502 | tp = trace_probe_primary_from_call(call: event_call); |
1503 | if (WARN_ON_ONCE(!tp)) |
1504 | return -ENOENT; |
1505 | |
1506 | DEFINE_FIELD(unsigned long, ip, FIELD_STRING_IP, 0); |
1507 | |
1508 | return traceprobe_define_arg_fields(event_call, offset: sizeof(field), tp); |
1509 | } |
1510 | |
1511 | static int kretprobe_event_define_fields(struct trace_event_call *event_call) |
1512 | { |
1513 | int ret; |
1514 | struct kretprobe_trace_entry_head field; |
1515 | struct trace_probe *tp; |
1516 | |
1517 | tp = trace_probe_primary_from_call(call: event_call); |
1518 | if (WARN_ON_ONCE(!tp)) |
1519 | return -ENOENT; |
1520 | |
1521 | DEFINE_FIELD(unsigned long, func, FIELD_STRING_FUNC, 0); |
1522 | DEFINE_FIELD(unsigned long, ret_ip, FIELD_STRING_RETIP, 0); |
1523 | |
1524 | return traceprobe_define_arg_fields(event_call, offset: sizeof(field), tp); |
1525 | } |
1526 | |
1527 | #ifdef CONFIG_PERF_EVENTS |
1528 | |
1529 | /* Kprobe profile handler */ |
1530 | static int |
1531 | kprobe_perf_func(struct trace_kprobe *tk, struct pt_regs *regs) |
1532 | { |
1533 | struct trace_event_call *call = trace_probe_event_call(tp: &tk->tp); |
1534 | struct kprobe_trace_entry_head *entry; |
1535 | struct hlist_head *head; |
1536 | int size, __size, dsize; |
1537 | int rctx; |
1538 | |
1539 | if (bpf_prog_array_valid(call)) { |
1540 | unsigned long orig_ip = instruction_pointer(regs); |
1541 | int ret; |
1542 | |
1543 | ret = trace_call_bpf(call, ctx: regs); |
1544 | |
1545 | /* |
1546 | * We need to check and see if we modified the pc of the |
1547 | * pt_regs, and if so return 1 so that we don't do the |
1548 | * single stepping. |
1549 | */ |
1550 | if (orig_ip != instruction_pointer(regs)) |
1551 | return 1; |
1552 | if (!ret) |
1553 | return 0; |
1554 | } |
1555 | |
1556 | head = this_cpu_ptr(call->perf_events); |
1557 | if (hlist_empty(h: head)) |
1558 | return 0; |
1559 | |
1560 | dsize = __get_data_size(tp: &tk->tp, regs); |
1561 | __size = sizeof(*entry) + tk->tp.size + dsize; |
1562 | size = ALIGN(__size + sizeof(u32), sizeof(u64)); |
1563 | size -= sizeof(u32); |
1564 | |
1565 | entry = perf_trace_buf_alloc(size, NULL, rctxp: &rctx); |
1566 | if (!entry) |
1567 | return 0; |
1568 | |
1569 | entry->ip = (unsigned long)tk->rp.kp.addr; |
1570 | memset(&entry[1], 0, dsize); |
1571 | store_trace_args(data: &entry[1], tp: &tk->tp, rec: regs, header_size: sizeof(*entry), maxlen: dsize); |
1572 | perf_trace_buf_submit(raw_data: entry, size, rctx, type: call->event.type, count: 1, regs, |
1573 | head, NULL); |
1574 | return 0; |
1575 | } |
1576 | NOKPROBE_SYMBOL(kprobe_perf_func); |
1577 | |
1578 | /* Kretprobe profile handler */ |
1579 | static void |
1580 | kretprobe_perf_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, |
1581 | struct pt_regs *regs) |
1582 | { |
1583 | struct trace_event_call *call = trace_probe_event_call(tp: &tk->tp); |
1584 | struct kretprobe_trace_entry_head *entry; |
1585 | struct hlist_head *head; |
1586 | int size, __size, dsize; |
1587 | int rctx; |
1588 | |
1589 | if (bpf_prog_array_valid(call) && !trace_call_bpf(call, ctx: regs)) |
1590 | return; |
1591 | |
1592 | head = this_cpu_ptr(call->perf_events); |
1593 | if (hlist_empty(h: head)) |
1594 | return; |
1595 | |
1596 | dsize = __get_data_size(tp: &tk->tp, regs); |
1597 | __size = sizeof(*entry) + tk->tp.size + dsize; |
1598 | size = ALIGN(__size + sizeof(u32), sizeof(u64)); |
1599 | size -= sizeof(u32); |
1600 | |
1601 | entry = perf_trace_buf_alloc(size, NULL, rctxp: &rctx); |
1602 | if (!entry) |
1603 | return; |
1604 | |
1605 | entry->func = (unsigned long)tk->rp.kp.addr; |
1606 | entry->ret_ip = get_kretprobe_retaddr(ri); |
1607 | store_trace_args(data: &entry[1], tp: &tk->tp, rec: regs, header_size: sizeof(*entry), maxlen: dsize); |
1608 | perf_trace_buf_submit(raw_data: entry, size, rctx, type: call->event.type, count: 1, regs, |
1609 | head, NULL); |
1610 | } |
1611 | NOKPROBE_SYMBOL(kretprobe_perf_func); |
1612 | |
1613 | int bpf_get_kprobe_info(const struct perf_event *event, u32 *fd_type, |
1614 | const char **symbol, u64 *probe_offset, |
1615 | u64 *probe_addr, unsigned long *missed, |
1616 | bool perf_type_tracepoint) |
1617 | { |
1618 | const char *pevent = trace_event_name(call: event->tp_event); |
1619 | const char *group = event->tp_event->class->system; |
1620 | struct trace_kprobe *tk; |
1621 | |
1622 | if (perf_type_tracepoint) |
1623 | tk = find_trace_kprobe(event: pevent, group); |
1624 | else |
1625 | tk = trace_kprobe_primary_from_call(call: event->tp_event); |
1626 | if (!tk) |
1627 | return -EINVAL; |
1628 | |
1629 | *fd_type = trace_kprobe_is_return(tk) ? BPF_FD_TYPE_KRETPROBE |
1630 | : BPF_FD_TYPE_KPROBE; |
1631 | *probe_offset = tk->rp.kp.offset; |
1632 | *probe_addr = kallsyms_show_value(current_cred()) ? |
1633 | (unsigned long)tk->rp.kp.addr : 0; |
1634 | *symbol = tk->symbol; |
1635 | if (missed) |
1636 | *missed = trace_kprobe_missed(tk); |
1637 | return 0; |
1638 | } |
1639 | #endif /* CONFIG_PERF_EVENTS */ |
1640 | |
1641 | /* |
1642 | * called by perf_trace_init() or __ftrace_set_clr_event() under event_mutex. |
1643 | * |
1644 | * kprobe_trace_self_tests_init() does enable_trace_probe/disable_trace_probe |
1645 | * lockless, but we can't race with this __init function. |
1646 | */ |
1647 | static int kprobe_register(struct trace_event_call *event, |
1648 | enum trace_reg type, void *data) |
1649 | { |
1650 | struct trace_event_file *file = data; |
1651 | |
1652 | switch (type) { |
1653 | case TRACE_REG_REGISTER: |
1654 | return enable_trace_kprobe(call: event, file); |
1655 | case TRACE_REG_UNREGISTER: |
1656 | return disable_trace_kprobe(call: event, file); |
1657 | |
1658 | #ifdef CONFIG_PERF_EVENTS |
1659 | case TRACE_REG_PERF_REGISTER: |
1660 | return enable_trace_kprobe(call: event, NULL); |
1661 | case TRACE_REG_PERF_UNREGISTER: |
1662 | return disable_trace_kprobe(call: event, NULL); |
1663 | case TRACE_REG_PERF_OPEN: |
1664 | case TRACE_REG_PERF_CLOSE: |
1665 | case TRACE_REG_PERF_ADD: |
1666 | case TRACE_REG_PERF_DEL: |
1667 | return 0; |
1668 | #endif |
1669 | } |
1670 | return 0; |
1671 | } |
1672 | |
1673 | static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs) |
1674 | { |
1675 | struct trace_kprobe *tk = container_of(kp, struct trace_kprobe, rp.kp); |
1676 | int ret = 0; |
1677 | |
1678 | raw_cpu_inc(*tk->nhit); |
1679 | |
1680 | if (trace_probe_test_flag(tp: &tk->tp, TP_FLAG_TRACE)) |
1681 | kprobe_trace_func(tk, regs); |
1682 | #ifdef CONFIG_PERF_EVENTS |
1683 | if (trace_probe_test_flag(tp: &tk->tp, TP_FLAG_PROFILE)) |
1684 | ret = kprobe_perf_func(tk, regs); |
1685 | #endif |
1686 | return ret; |
1687 | } |
1688 | NOKPROBE_SYMBOL(kprobe_dispatcher); |
1689 | |
1690 | static int |
1691 | kretprobe_dispatcher(struct kretprobe_instance *ri, struct pt_regs *regs) |
1692 | { |
1693 | struct kretprobe *rp = get_kretprobe(ri); |
1694 | struct trace_kprobe *tk; |
1695 | |
1696 | /* |
1697 | * There is a small chance that get_kretprobe(ri) returns NULL when |
1698 | * the kretprobe is unregister on another CPU between kretprobe's |
1699 | * trampoline_handler and this function. |
1700 | */ |
1701 | if (unlikely(!rp)) |
1702 | return 0; |
1703 | |
1704 | tk = container_of(rp, struct trace_kprobe, rp); |
1705 | raw_cpu_inc(*tk->nhit); |
1706 | |
1707 | if (trace_probe_test_flag(tp: &tk->tp, TP_FLAG_TRACE)) |
1708 | kretprobe_trace_func(tk, ri, regs); |
1709 | #ifdef CONFIG_PERF_EVENTS |
1710 | if (trace_probe_test_flag(tp: &tk->tp, TP_FLAG_PROFILE)) |
1711 | kretprobe_perf_func(tk, ri, regs); |
1712 | #endif |
1713 | return 0; /* We don't tweak kernel, so just return 0 */ |
1714 | } |
1715 | NOKPROBE_SYMBOL(kretprobe_dispatcher); |
1716 | |
1717 | static struct trace_event_functions kretprobe_funcs = { |
1718 | .trace = print_kretprobe_event |
1719 | }; |
1720 | |
1721 | static struct trace_event_functions kprobe_funcs = { |
1722 | .trace = print_kprobe_event |
1723 | }; |
1724 | |
1725 | static struct trace_event_fields kretprobe_fields_array[] = { |
1726 | { .type = TRACE_FUNCTION_TYPE, |
1727 | .define_fields = kretprobe_event_define_fields }, |
1728 | {} |
1729 | }; |
1730 | |
1731 | static struct trace_event_fields kprobe_fields_array[] = { |
1732 | { .type = TRACE_FUNCTION_TYPE, |
1733 | .define_fields = kprobe_event_define_fields }, |
1734 | {} |
1735 | }; |
1736 | |
1737 | static inline void init_trace_event_call(struct trace_kprobe *tk) |
1738 | { |
1739 | struct trace_event_call *call = trace_probe_event_call(tp: &tk->tp); |
1740 | |
1741 | if (trace_kprobe_is_return(tk)) { |
1742 | call->event.funcs = &kretprobe_funcs; |
1743 | call->class->fields_array = kretprobe_fields_array; |
1744 | } else { |
1745 | call->event.funcs = &kprobe_funcs; |
1746 | call->class->fields_array = kprobe_fields_array; |
1747 | } |
1748 | |
1749 | call->flags = TRACE_EVENT_FL_KPROBE; |
1750 | call->class->reg = kprobe_register; |
1751 | } |
1752 | |
1753 | static int register_kprobe_event(struct trace_kprobe *tk) |
1754 | { |
1755 | init_trace_event_call(tk); |
1756 | |
1757 | return trace_probe_register_event_call(tp: &tk->tp); |
1758 | } |
1759 | |
1760 | static int unregister_kprobe_event(struct trace_kprobe *tk) |
1761 | { |
1762 | return trace_probe_unregister_event_call(tp: &tk->tp); |
1763 | } |
1764 | |
1765 | #ifdef CONFIG_PERF_EVENTS |
1766 | |
1767 | /* create a trace_kprobe, but don't add it to global lists */ |
1768 | struct trace_event_call * |
1769 | create_local_trace_kprobe(char *func, void *addr, unsigned long offs, |
1770 | bool is_return) |
1771 | { |
1772 | enum probe_print_type ptype; |
1773 | struct trace_kprobe *tk; |
1774 | int ret; |
1775 | char *event; |
1776 | |
1777 | if (func) { |
1778 | unsigned int count; |
1779 | |
1780 | count = number_of_same_symbols(func_name: func); |
1781 | if (count > 1) |
1782 | /* |
1783 | * Users should use addr to remove the ambiguity of |
1784 | * using func only. |
1785 | */ |
1786 | return ERR_PTR(error: -EADDRNOTAVAIL); |
1787 | else if (count == 0) |
1788 | /* |
1789 | * We can return ENOENT earlier than when register the |
1790 | * kprobe. |
1791 | */ |
1792 | return ERR_PTR(error: -ENOENT); |
1793 | } |
1794 | |
1795 | /* |
1796 | * local trace_kprobes are not added to dyn_event, so they are never |
1797 | * searched in find_trace_kprobe(). Therefore, there is no concern of |
1798 | * duplicated name here. |
1799 | */ |
1800 | event = func ? func : "DUMMY_EVENT" ; |
1801 | |
1802 | tk = alloc_trace_kprobe(KPROBE_EVENT_SYSTEM, event, addr: (void *)addr, symbol: func, |
1803 | offs, maxactive: 0 /* maxactive */, nargs: 0 /* nargs */, |
1804 | is_return); |
1805 | |
1806 | if (IS_ERR(ptr: tk)) { |
1807 | pr_info("Failed to allocate trace_probe.(%d)\n" , |
1808 | (int)PTR_ERR(tk)); |
1809 | return ERR_CAST(ptr: tk); |
1810 | } |
1811 | |
1812 | init_trace_event_call(tk); |
1813 | |
1814 | ptype = trace_kprobe_is_return(tk) ? |
1815 | PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL; |
1816 | if (traceprobe_set_print_fmt(tp: &tk->tp, ptype) < 0) { |
1817 | ret = -ENOMEM; |
1818 | goto error; |
1819 | } |
1820 | |
1821 | ret = __register_trace_kprobe(tk); |
1822 | if (ret < 0) |
1823 | goto error; |
1824 | |
1825 | return trace_probe_event_call(tp: &tk->tp); |
1826 | error: |
1827 | free_trace_kprobe(tk); |
1828 | return ERR_PTR(error: ret); |
1829 | } |
1830 | |
1831 | void destroy_local_trace_kprobe(struct trace_event_call *event_call) |
1832 | { |
1833 | struct trace_kprobe *tk; |
1834 | |
1835 | tk = trace_kprobe_primary_from_call(call: event_call); |
1836 | if (unlikely(!tk)) |
1837 | return; |
1838 | |
1839 | if (trace_probe_is_enabled(tp: &tk->tp)) { |
1840 | WARN_ON(1); |
1841 | return; |
1842 | } |
1843 | |
1844 | __unregister_trace_kprobe(tk); |
1845 | |
1846 | free_trace_kprobe(tk); |
1847 | } |
1848 | #endif /* CONFIG_PERF_EVENTS */ |
1849 | |
1850 | static __init void enable_boot_kprobe_events(void) |
1851 | { |
1852 | struct trace_array *tr = top_trace_array(); |
1853 | struct trace_event_file *file; |
1854 | struct trace_kprobe *tk; |
1855 | struct dyn_event *pos; |
1856 | |
1857 | mutex_lock(&event_mutex); |
1858 | for_each_trace_kprobe(tk, pos) { |
1859 | list_for_each_entry(file, &tr->events, list) |
1860 | if (file->event_call == trace_probe_event_call(tp: &tk->tp)) |
1861 | trace_event_enable_disable(file, enable: 1, soft_disable: 0); |
1862 | } |
1863 | mutex_unlock(lock: &event_mutex); |
1864 | } |
1865 | |
1866 | static __init void setup_boot_kprobe_events(void) |
1867 | { |
1868 | char *p, *cmd = kprobe_boot_events_buf; |
1869 | int ret; |
1870 | |
1871 | strreplace(str: kprobe_boot_events_buf, old: ',', new: ' '); |
1872 | |
1873 | while (cmd && *cmd != '\0') { |
1874 | p = strchr(cmd, ';'); |
1875 | if (p) |
1876 | *p++ = '\0'; |
1877 | |
1878 | ret = create_or_delete_trace_kprobe(raw_command: cmd); |
1879 | if (ret) |
1880 | pr_warn("Failed to add event(%d): %s\n" , ret, cmd); |
1881 | |
1882 | cmd = p; |
1883 | } |
1884 | |
1885 | enable_boot_kprobe_events(); |
1886 | } |
1887 | |
1888 | /* |
1889 | * Register dynevent at core_initcall. This allows kernel to setup kprobe |
1890 | * events in postcore_initcall without tracefs. |
1891 | */ |
1892 | static __init int init_kprobe_trace_early(void) |
1893 | { |
1894 | int ret; |
1895 | |
1896 | ret = dyn_event_register(ops: &trace_kprobe_ops); |
1897 | if (ret) |
1898 | return ret; |
1899 | |
1900 | if (register_module_notifier(nb: &trace_kprobe_module_nb)) |
1901 | return -EINVAL; |
1902 | |
1903 | return 0; |
1904 | } |
1905 | core_initcall(init_kprobe_trace_early); |
1906 | |
1907 | /* Make a tracefs interface for controlling probe points */ |
1908 | static __init int init_kprobe_trace(void) |
1909 | { |
1910 | int ret; |
1911 | |
1912 | ret = tracing_init_dentry(); |
1913 | if (ret) |
1914 | return 0; |
1915 | |
1916 | /* Event list interface */ |
1917 | trace_create_file(name: "kprobe_events" , TRACE_MODE_WRITE, |
1918 | NULL, NULL, fops: &kprobe_events_ops); |
1919 | |
1920 | /* Profile interface */ |
1921 | trace_create_file(name: "kprobe_profile" , TRACE_MODE_READ, |
1922 | NULL, NULL, fops: &kprobe_profile_ops); |
1923 | |
1924 | setup_boot_kprobe_events(); |
1925 | |
1926 | return 0; |
1927 | } |
1928 | fs_initcall(init_kprobe_trace); |
1929 | |
1930 | |
1931 | #ifdef CONFIG_FTRACE_STARTUP_TEST |
1932 | static __init struct trace_event_file * |
1933 | find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr) |
1934 | { |
1935 | struct trace_event_file *file; |
1936 | |
1937 | list_for_each_entry(file, &tr->events, list) |
1938 | if (file->event_call == trace_probe_event_call(tp: &tk->tp)) |
1939 | return file; |
1940 | |
1941 | return NULL; |
1942 | } |
1943 | |
1944 | /* |
1945 | * Nobody but us can call enable_trace_kprobe/disable_trace_kprobe at this |
1946 | * stage, we can do this lockless. |
1947 | */ |
1948 | static __init int kprobe_trace_self_tests_init(void) |
1949 | { |
1950 | int ret, warn = 0; |
1951 | int (*target)(int, int, int, int, int, int); |
1952 | struct trace_kprobe *tk; |
1953 | struct trace_event_file *file; |
1954 | |
1955 | if (tracing_is_disabled()) |
1956 | return -ENODEV; |
1957 | |
1958 | if (tracing_selftest_disabled) |
1959 | return 0; |
1960 | |
1961 | target = kprobe_trace_selftest_target; |
1962 | |
1963 | pr_info("Testing kprobe tracing: " ); |
1964 | |
1965 | ret = create_or_delete_trace_kprobe(raw_command: "p:testprobe kprobe_trace_selftest_target $stack $stack0 +0($stack)" ); |
1966 | if (WARN_ON_ONCE(ret)) { |
1967 | pr_warn("error on probing function entry.\n" ); |
1968 | warn++; |
1969 | } else { |
1970 | /* Enable trace point */ |
1971 | tk = find_trace_kprobe(event: "testprobe" , KPROBE_EVENT_SYSTEM); |
1972 | if (WARN_ON_ONCE(tk == NULL)) { |
1973 | pr_warn("error on getting new probe.\n" ); |
1974 | warn++; |
1975 | } else { |
1976 | file = find_trace_probe_file(tk, tr: top_trace_array()); |
1977 | if (WARN_ON_ONCE(file == NULL)) { |
1978 | pr_warn("error on getting probe file.\n" ); |
1979 | warn++; |
1980 | } else |
1981 | enable_trace_kprobe( |
1982 | call: trace_probe_event_call(tp: &tk->tp), file); |
1983 | } |
1984 | } |
1985 | |
1986 | ret = create_or_delete_trace_kprobe(raw_command: "r:testprobe2 kprobe_trace_selftest_target $retval" ); |
1987 | if (WARN_ON_ONCE(ret)) { |
1988 | pr_warn("error on probing function return.\n" ); |
1989 | warn++; |
1990 | } else { |
1991 | /* Enable trace point */ |
1992 | tk = find_trace_kprobe(event: "testprobe2" , KPROBE_EVENT_SYSTEM); |
1993 | if (WARN_ON_ONCE(tk == NULL)) { |
1994 | pr_warn("error on getting 2nd new probe.\n" ); |
1995 | warn++; |
1996 | } else { |
1997 | file = find_trace_probe_file(tk, tr: top_trace_array()); |
1998 | if (WARN_ON_ONCE(file == NULL)) { |
1999 | pr_warn("error on getting probe file.\n" ); |
2000 | warn++; |
2001 | } else |
2002 | enable_trace_kprobe( |
2003 | call: trace_probe_event_call(tp: &tk->tp), file); |
2004 | } |
2005 | } |
2006 | |
2007 | if (warn) |
2008 | goto end; |
2009 | |
2010 | ret = target(1, 2, 3, 4, 5, 6); |
2011 | |
2012 | /* |
2013 | * Not expecting an error here, the check is only to prevent the |
2014 | * optimizer from removing the call to target() as otherwise there |
2015 | * are no side-effects and the call is never performed. |
2016 | */ |
2017 | if (ret != 21) |
2018 | warn++; |
2019 | |
2020 | /* Disable trace points before removing it */ |
2021 | tk = find_trace_kprobe(event: "testprobe" , KPROBE_EVENT_SYSTEM); |
2022 | if (WARN_ON_ONCE(tk == NULL)) { |
2023 | pr_warn("error on getting test probe.\n" ); |
2024 | warn++; |
2025 | } else { |
2026 | if (trace_kprobe_nhit(tk) != 1) { |
2027 | pr_warn("incorrect number of testprobe hits\n" ); |
2028 | warn++; |
2029 | } |
2030 | |
2031 | file = find_trace_probe_file(tk, tr: top_trace_array()); |
2032 | if (WARN_ON_ONCE(file == NULL)) { |
2033 | pr_warn("error on getting probe file.\n" ); |
2034 | warn++; |
2035 | } else |
2036 | disable_trace_kprobe( |
2037 | call: trace_probe_event_call(tp: &tk->tp), file); |
2038 | } |
2039 | |
2040 | tk = find_trace_kprobe(event: "testprobe2" , KPROBE_EVENT_SYSTEM); |
2041 | if (WARN_ON_ONCE(tk == NULL)) { |
2042 | pr_warn("error on getting 2nd test probe.\n" ); |
2043 | warn++; |
2044 | } else { |
2045 | if (trace_kprobe_nhit(tk) != 1) { |
2046 | pr_warn("incorrect number of testprobe2 hits\n" ); |
2047 | warn++; |
2048 | } |
2049 | |
2050 | file = find_trace_probe_file(tk, tr: top_trace_array()); |
2051 | if (WARN_ON_ONCE(file == NULL)) { |
2052 | pr_warn("error on getting probe file.\n" ); |
2053 | warn++; |
2054 | } else |
2055 | disable_trace_kprobe( |
2056 | call: trace_probe_event_call(tp: &tk->tp), file); |
2057 | } |
2058 | |
2059 | ret = create_or_delete_trace_kprobe(raw_command: "-:testprobe" ); |
2060 | if (WARN_ON_ONCE(ret)) { |
2061 | pr_warn("error on deleting a probe.\n" ); |
2062 | warn++; |
2063 | } |
2064 | |
2065 | ret = create_or_delete_trace_kprobe(raw_command: "-:testprobe2" ); |
2066 | if (WARN_ON_ONCE(ret)) { |
2067 | pr_warn("error on deleting a probe.\n" ); |
2068 | warn++; |
2069 | } |
2070 | |
2071 | end: |
2072 | ret = dyn_events_release_all(type: &trace_kprobe_ops); |
2073 | if (WARN_ON_ONCE(ret)) { |
2074 | pr_warn("error on cleaning up probes.\n" ); |
2075 | warn++; |
2076 | } |
2077 | /* |
2078 | * Wait for the optimizer work to finish. Otherwise it might fiddle |
2079 | * with probes in already freed __init text. |
2080 | */ |
2081 | wait_for_kprobe_optimizer(); |
2082 | if (warn) |
2083 | pr_cont("NG: Some tests are failed. Please check them.\n" ); |
2084 | else |
2085 | pr_cont("OK\n" ); |
2086 | return 0; |
2087 | } |
2088 | |
2089 | late_initcall(kprobe_trace_self_tests_init); |
2090 | |
2091 | #endif |
2092 | |