2 * kprobe based kernel tracer
4 * Created by Masami Hiramatsu <mhiramat@redhat.com>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/module.h>
21 #include <linux/uaccess.h>
22 #include <linux/kprobes.h>
23 #include <linux/seq_file.h>
24 #include <linux/slab.h>
25 #include <linux/smp.h>
26 #include <linux/debugfs.h>
27 #include <linux/types.h>
28 #include <linux/string.h>
29 #include <linux/ctype.h>
30 #include <linux/ptrace.h>
31 #include <linux/perf_event.h>
34 #include "trace_output.h"
36 #define MAX_TRACE_ARGS 128
37 #define MAX_ARGSTR_LEN 63
38 #define MAX_EVENT_NAME_LEN 64
39 #define KPROBE_EVENT_SYSTEM "kprobes"
41 /* currently, trace_kprobe only supports X86. */
44 unsigned long (*func)(struct pt_regs *, void *);
48 static __kprobes unsigned long call_fetch(struct fetch_func *f,
51 return f->func(regs, f->data);
55 static __kprobes unsigned long fetch_register(struct pt_regs *regs,
58 return regs_get_register(regs, (unsigned int)((unsigned long)offset));
61 static __kprobes unsigned long fetch_stack(struct pt_regs *regs,
64 return regs_get_kernel_stack_nth(regs,
65 (unsigned int)((unsigned long)num));
68 static __kprobes unsigned long fetch_memory(struct pt_regs *regs, void *addr)
72 if (probe_kernel_address(addr, retval))
77 static __kprobes unsigned long fetch_argument(struct pt_regs *regs, void *num)
79 return regs_get_argument_nth(regs, (unsigned int)((unsigned long)num));
82 static __kprobes unsigned long fetch_retvalue(struct pt_regs *regs,
85 return regs_return_value(regs);
88 static __kprobes unsigned long fetch_stack_address(struct pt_regs *regs,
91 return kernel_stack_pointer(regs);
94 /* Memory fetching by symbol */
101 static unsigned long update_symbol_cache(struct symbol_cache *sc)
103 sc->addr = (unsigned long)kallsyms_lookup_name(sc->symbol);
105 sc->addr += sc->offset;
109 static void free_symbol_cache(struct symbol_cache *sc)
115 static struct symbol_cache *alloc_symbol_cache(const char *sym, long offset)
117 struct symbol_cache *sc;
119 if (!sym || strlen(sym) == 0)
121 sc = kzalloc(sizeof(struct symbol_cache), GFP_KERNEL);
125 sc->symbol = kstrdup(sym, GFP_KERNEL);
132 update_symbol_cache(sc);
136 static __kprobes unsigned long fetch_symbol(struct pt_regs *regs, void *data)
138 struct symbol_cache *sc = data;
141 return fetch_memory(regs, (void *)sc->addr);
146 /* Special indirect memory access interface */
147 struct indirect_fetch_data {
148 struct fetch_func orig;
152 static __kprobes unsigned long fetch_indirect(struct pt_regs *regs, void *data)
154 struct indirect_fetch_data *ind = data;
157 addr = call_fetch(&ind->orig, regs);
160 return fetch_memory(regs, (void *)addr);
165 static __kprobes void free_indirect_fetch_data(struct indirect_fetch_data *data)
167 if (data->orig.func == fetch_indirect)
168 free_indirect_fetch_data(data->orig.data);
169 else if (data->orig.func == fetch_symbol)
170 free_symbol_cache(data->orig.data);
175 * Kprobe tracer core functions
179 struct fetch_func fetch;
183 /* Flags for trace_probe */
184 #define TP_FLAG_TRACE 1
185 #define TP_FLAG_PROFILE 2
188 struct list_head list;
189 struct kretprobe rp; /* Use rp.kp for kprobe use */
191 unsigned int flags; /* For TP_FLAG_* */
192 const char *symbol; /* symbol name */
193 struct ftrace_event_call call;
194 struct trace_event event;
195 unsigned int nr_args;
196 struct probe_arg args[];
199 #define SIZEOF_TRACE_PROBE(n) \
200 (offsetof(struct trace_probe, args) + \
201 (sizeof(struct probe_arg) * (n)))
203 static __kprobes int probe_is_return(struct trace_probe *tp)
205 return tp->rp.handler != NULL;
208 static __kprobes const char *probe_symbol(struct trace_probe *tp)
210 return tp->symbol ? tp->symbol : "unknown";
213 static int probe_arg_string(char *buf, size_t n, struct fetch_func *ff)
217 if (ff->func == fetch_argument)
218 ret = snprintf(buf, n, "$a%lu", (unsigned long)ff->data);
219 else if (ff->func == fetch_register) {
221 name = regs_query_register_name((unsigned int)((long)ff->data));
222 ret = snprintf(buf, n, "%%%s", name);
223 } else if (ff->func == fetch_stack)
224 ret = snprintf(buf, n, "$s%lu", (unsigned long)ff->data);
225 else if (ff->func == fetch_memory)
226 ret = snprintf(buf, n, "@0x%p", ff->data);
227 else if (ff->func == fetch_symbol) {
228 struct symbol_cache *sc = ff->data;
229 ret = snprintf(buf, n, "@%s%+ld", sc->symbol, sc->offset);
230 } else if (ff->func == fetch_retvalue)
231 ret = snprintf(buf, n, "$rv");
232 else if (ff->func == fetch_stack_address)
233 ret = snprintf(buf, n, "$sa");
234 else if (ff->func == fetch_indirect) {
235 struct indirect_fetch_data *id = ff->data;
237 ret = snprintf(buf, n, "%+ld(", id->offset);
241 ret = probe_arg_string(buf + l, n - l, &id->orig);
245 ret = snprintf(buf + l, n - l, ")");
254 static int register_probe_event(struct trace_probe *tp);
255 static void unregister_probe_event(struct trace_probe *tp);
257 static DEFINE_MUTEX(probe_lock);
258 static LIST_HEAD(probe_list);
260 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs);
261 static int kretprobe_dispatcher(struct kretprobe_instance *ri,
262 struct pt_regs *regs);
265 * Allocate new trace_probe and initialize it (including kprobes).
267 static struct trace_probe *alloc_trace_probe(const char *group,
272 int nargs, int is_return)
274 struct trace_probe *tp;
276 tp = kzalloc(SIZEOF_TRACE_PROBE(nargs), GFP_KERNEL);
278 return ERR_PTR(-ENOMEM);
281 tp->symbol = kstrdup(symbol, GFP_KERNEL);
284 tp->rp.kp.symbol_name = tp->symbol;
285 tp->rp.kp.offset = offs;
287 tp->rp.kp.addr = addr;
290 tp->rp.handler = kretprobe_dispatcher;
292 tp->rp.kp.pre_handler = kprobe_dispatcher;
296 tp->call.name = kstrdup(event, GFP_KERNEL);
302 tp->call.system = kstrdup(group, GFP_KERNEL);
303 if (!tp->call.system)
306 INIT_LIST_HEAD(&tp->list);
309 kfree(tp->call.name);
312 return ERR_PTR(-ENOMEM);
315 static void free_probe_arg(struct probe_arg *arg)
317 if (arg->fetch.func == fetch_symbol)
318 free_symbol_cache(arg->fetch.data);
319 else if (arg->fetch.func == fetch_indirect)
320 free_indirect_fetch_data(arg->fetch.data);
324 static void free_trace_probe(struct trace_probe *tp)
328 for (i = 0; i < tp->nr_args; i++)
329 free_probe_arg(&tp->args[i]);
331 kfree(tp->call.system);
332 kfree(tp->call.name);
337 static struct trace_probe *find_probe_event(const char *event)
339 struct trace_probe *tp;
341 list_for_each_entry(tp, &probe_list, list)
342 if (!strcmp(tp->call.name, event))
347 /* Unregister a trace_probe and probe_event: call with locking probe_lock */
348 static void unregister_trace_probe(struct trace_probe *tp)
350 if (probe_is_return(tp))
351 unregister_kretprobe(&tp->rp);
353 unregister_kprobe(&tp->rp.kp);
355 unregister_probe_event(tp);
358 /* Register a trace_probe and probe_event */
359 static int register_trace_probe(struct trace_probe *tp)
361 struct trace_probe *old_tp;
364 mutex_lock(&probe_lock);
366 /* register as an event */
367 old_tp = find_probe_event(tp->call.name);
369 /* delete old event */
370 unregister_trace_probe(old_tp);
371 free_trace_probe(old_tp);
373 ret = register_probe_event(tp);
375 pr_warning("Faild to register probe event(%d)\n", ret);
379 tp->rp.kp.flags |= KPROBE_FLAG_DISABLED;
380 if (probe_is_return(tp))
381 ret = register_kretprobe(&tp->rp);
383 ret = register_kprobe(&tp->rp.kp);
386 pr_warning("Could not insert probe(%d)\n", ret);
387 if (ret == -EILSEQ) {
388 pr_warning("Probing address(0x%p) is not an "
389 "instruction boundary.\n",
393 unregister_probe_event(tp);
395 list_add_tail(&tp->list, &probe_list);
397 mutex_unlock(&probe_lock);
401 /* Split symbol and offset. */
402 static int split_symbol_offset(char *symbol, unsigned long *offset)
410 tmp = strchr(symbol, '+');
412 /* skip sign because strict_strtol doesn't accept '+' */
413 ret = strict_strtoul(tmp + 1, 0, offset);
422 #define PARAM_MAX_ARGS 16
423 #define PARAM_MAX_STACK (THREAD_SIZE / sizeof(unsigned long))
425 static int parse_probe_vars(char *arg, struct fetch_func *ff, int is_return)
431 case 'a': /* argument */
432 ret = strict_strtoul(arg + 1, 10, ¶m);
433 if (ret || param > PARAM_MAX_ARGS)
436 ff->func = fetch_argument;
437 ff->data = (void *)param;
440 case 'r': /* retval or retaddr */
441 if (is_return && arg[1] == 'v') {
442 ff->func = fetch_retvalue;
447 case 's': /* stack */
449 ff->func = fetch_stack_address;
452 ret = strict_strtoul(arg + 1, 10, ¶m);
453 if (ret || param > PARAM_MAX_STACK)
456 ff->func = fetch_stack;
457 ff->data = (void *)param;
467 static int parse_probe_arg(char *arg, struct fetch_func *ff, int is_return)
476 ret = parse_probe_vars(arg + 1, ff, is_return);
478 case '%': /* named register */
479 ret = regs_query_register_offset(arg + 1);
481 ff->func = fetch_register;
482 ff->data = (void *)(unsigned long)ret;
486 case '@': /* memory or symbol */
487 if (isdigit(arg[1])) {
488 ret = strict_strtoul(arg + 1, 0, ¶m);
491 ff->func = fetch_memory;
492 ff->data = (void *)param;
494 ret = split_symbol_offset(arg + 1, &offset);
497 ff->data = alloc_symbol_cache(arg + 1, offset);
499 ff->func = fetch_symbol;
504 case '+': /* indirect memory */
506 tmp = strchr(arg, '(');
512 ret = strict_strtol(arg + 1, 0, &offset);
518 tmp = strrchr(arg, ')');
520 struct indirect_fetch_data *id;
522 id = kzalloc(sizeof(struct indirect_fetch_data),
527 ret = parse_probe_arg(arg, &id->orig, is_return);
531 ff->func = fetch_indirect;
532 ff->data = (void *)id;
538 /* TODO: support custom handler */
544 static int create_trace_probe(int argc, char **argv)
548 * - Add kprobe: p[:[GRP/]EVENT] KSYM[+OFFS]|KADDR [FETCHARGS]
549 * - Add kretprobe: r[:[GRP/]EVENT] KSYM[+0] [FETCHARGS]
551 * $aN : fetch Nth of function argument. (N:0-)
552 * $rv : fetch return value
553 * $sa : fetch stack address
554 * $sN : fetch Nth of stack (N:0-)
555 * @ADDR : fetch memory at ADDR (ADDR should be in kernel)
556 * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol)
557 * %REG : fetch register REG
558 * Indirect memory fetch:
559 * +|-offs(ARG) : fetch memory at ARG +|- offs address.
560 * Alias name of args:
561 * NAME=FETCHARG : set NAME as alias of FETCHARG.
563 struct trace_probe *tp;
566 char *symbol = NULL, *event = NULL, *arg = NULL, *group = NULL;
567 unsigned long offset = 0;
569 char buf[MAX_EVENT_NAME_LEN];
574 if (argv[0][0] == 'p')
576 else if (argv[0][0] == 'r')
581 if (argv[0][1] == ':') {
583 if (strchr(event, '/')) {
585 event = strchr(group, '/') + 1;
587 if (strlen(group) == 0) {
588 pr_info("Group name is not specifiled\n");
592 if (strlen(event) == 0) {
593 pr_info("Event name is not specifiled\n");
598 if (isdigit(argv[1][0])) {
601 /* an address specified */
602 ret = strict_strtoul(&argv[0][2], 0, (unsigned long *)&addr);
606 /* a symbol specified */
608 /* TODO: support .init module functions */
609 ret = split_symbol_offset(symbol, &offset);
612 if (offset && is_return)
615 argc -= 2; argv += 2;
619 group = KPROBE_EVENT_SYSTEM;
621 /* Make a new event name */
623 snprintf(buf, MAX_EVENT_NAME_LEN, "%c@%s%+ld",
624 is_return ? 'r' : 'p', symbol, offset);
626 snprintf(buf, MAX_EVENT_NAME_LEN, "%c@0x%p",
627 is_return ? 'r' : 'p', addr);
630 tp = alloc_trace_probe(group, event, addr, symbol, offset, argc,
635 /* parse arguments */
637 for (i = 0; i < argc && i < MAX_TRACE_ARGS; i++) {
638 /* Parse argument name */
639 arg = strchr(argv[i], '=');
644 tp->args[i].name = kstrdup(argv[i], GFP_KERNEL);
646 /* Parse fetch argument */
647 if (strlen(arg) > MAX_ARGSTR_LEN) {
648 pr_info("Argument%d(%s) is too long.\n", i, arg);
652 ret = parse_probe_arg(arg, &tp->args[i].fetch, is_return);
658 ret = register_trace_probe(tp);
664 free_trace_probe(tp);
668 static void cleanup_all_probes(void)
670 struct trace_probe *tp;
672 mutex_lock(&probe_lock);
673 /* TODO: Use batch unregistration */
674 while (!list_empty(&probe_list)) {
675 tp = list_entry(probe_list.next, struct trace_probe, list);
676 unregister_trace_probe(tp);
677 free_trace_probe(tp);
679 mutex_unlock(&probe_lock);
683 /* Probes listing interfaces */
684 static void *probes_seq_start(struct seq_file *m, loff_t *pos)
686 mutex_lock(&probe_lock);
687 return seq_list_start(&probe_list, *pos);
690 static void *probes_seq_next(struct seq_file *m, void *v, loff_t *pos)
692 return seq_list_next(v, &probe_list, pos);
695 static void probes_seq_stop(struct seq_file *m, void *v)
697 mutex_unlock(&probe_lock);
700 static int probes_seq_show(struct seq_file *m, void *v)
702 struct trace_probe *tp = v;
704 char buf[MAX_ARGSTR_LEN + 1];
706 seq_printf(m, "%c", probe_is_return(tp) ? 'r' : 'p');
707 seq_printf(m, ":%s", tp->call.name);
710 seq_printf(m, " %s+%u", probe_symbol(tp), tp->rp.kp.offset);
712 seq_printf(m, " 0x%p", tp->rp.kp.addr);
714 for (i = 0; i < tp->nr_args; i++) {
715 ret = probe_arg_string(buf, MAX_ARGSTR_LEN, &tp->args[i].fetch);
717 pr_warning("Argument%d decoding error(%d).\n", i, ret);
720 seq_printf(m, " %s=%s", tp->args[i].name, buf);
726 static const struct seq_operations probes_seq_op = {
727 .start = probes_seq_start,
728 .next = probes_seq_next,
729 .stop = probes_seq_stop,
730 .show = probes_seq_show
733 static int probes_open(struct inode *inode, struct file *file)
735 if ((file->f_mode & FMODE_WRITE) &&
736 (file->f_flags & O_TRUNC))
737 cleanup_all_probes();
739 return seq_open(file, &probes_seq_op);
742 static int command_trace_probe(const char *buf)
745 int argc = 0, ret = 0;
747 argv = argv_split(GFP_KERNEL, buf, &argc);
752 ret = create_trace_probe(argc, argv);
758 #define WRITE_BUFSIZE 128
760 static ssize_t probes_write(struct file *file, const char __user *buffer,
761 size_t count, loff_t *ppos)
768 kbuf = kmalloc(WRITE_BUFSIZE, GFP_KERNEL);
773 while (done < count) {
775 if (size >= WRITE_BUFSIZE)
776 size = WRITE_BUFSIZE - 1;
777 if (copy_from_user(kbuf, buffer + done, size)) {
782 tmp = strchr(kbuf, '\n');
785 size = tmp - kbuf + 1;
786 } else if (done + size < count) {
787 pr_warning("Line length is too long: "
788 "Should be less than %d.", WRITE_BUFSIZE);
793 /* Remove comments */
794 tmp = strchr(kbuf, '#');
798 ret = command_trace_probe(kbuf);
808 static const struct file_operations kprobe_events_ops = {
809 .owner = THIS_MODULE,
813 .release = seq_release,
814 .write = probes_write,
817 /* Probes profiling interfaces */
818 static int probes_profile_seq_show(struct seq_file *m, void *v)
820 struct trace_probe *tp = v;
822 seq_printf(m, " %-44s %15lu %15lu\n", tp->call.name, tp->nhit,
828 static const struct seq_operations profile_seq_op = {
829 .start = probes_seq_start,
830 .next = probes_seq_next,
831 .stop = probes_seq_stop,
832 .show = probes_profile_seq_show
835 static int profile_open(struct inode *inode, struct file *file)
837 return seq_open(file, &profile_seq_op);
840 static const struct file_operations kprobe_profile_ops = {
841 .owner = THIS_MODULE,
842 .open = profile_open,
845 .release = seq_release,
849 static __kprobes int kprobe_trace_func(struct kprobe *kp, struct pt_regs *regs)
851 struct trace_probe *tp = container_of(kp, struct trace_probe, rp.kp);
852 struct kprobe_trace_entry *entry;
853 struct ring_buffer_event *event;
854 struct ring_buffer *buffer;
856 unsigned long irq_flags;
857 struct ftrace_event_call *call = &tp->call;
861 local_save_flags(irq_flags);
862 pc = preempt_count();
864 size = SIZEOF_KPROBE_TRACE_ENTRY(tp->nr_args);
866 event = trace_current_buffer_lock_reserve(&buffer, call->id, size,
871 entry = ring_buffer_event_data(event);
872 entry->nargs = tp->nr_args;
873 entry->ip = (unsigned long)kp->addr;
874 for (i = 0; i < tp->nr_args; i++)
875 entry->args[i] = call_fetch(&tp->args[i].fetch, regs);
877 if (!filter_current_check_discard(buffer, call, entry, event))
878 trace_nowake_buffer_unlock_commit(buffer, event, irq_flags, pc);
882 /* Kretprobe handler */
883 static __kprobes int kretprobe_trace_func(struct kretprobe_instance *ri,
884 struct pt_regs *regs)
886 struct trace_probe *tp = container_of(ri->rp, struct trace_probe, rp);
887 struct kretprobe_trace_entry *entry;
888 struct ring_buffer_event *event;
889 struct ring_buffer *buffer;
891 unsigned long irq_flags;
892 struct ftrace_event_call *call = &tp->call;
894 local_save_flags(irq_flags);
895 pc = preempt_count();
897 size = SIZEOF_KRETPROBE_TRACE_ENTRY(tp->nr_args);
899 event = trace_current_buffer_lock_reserve(&buffer, call->id, size,
904 entry = ring_buffer_event_data(event);
905 entry->nargs = tp->nr_args;
906 entry->func = (unsigned long)tp->rp.kp.addr;
907 entry->ret_ip = (unsigned long)ri->ret_addr;
908 for (i = 0; i < tp->nr_args; i++)
909 entry->args[i] = call_fetch(&tp->args[i].fetch, regs);
911 if (!filter_current_check_discard(buffer, call, entry, event))
912 trace_nowake_buffer_unlock_commit(buffer, event, irq_flags, pc);
917 /* Event entry printers */
919 print_kprobe_event(struct trace_iterator *iter, int flags)
921 struct kprobe_trace_entry *field;
922 struct trace_seq *s = &iter->seq;
923 struct trace_event *event;
924 struct trace_probe *tp;
927 field = (struct kprobe_trace_entry *)iter->ent;
928 event = ftrace_find_event(field->ent.type);
929 tp = container_of(event, struct trace_probe, event);
931 if (!trace_seq_printf(s, "%s: (", tp->call.name))
934 if (!seq_print_ip_sym(s, field->ip, flags | TRACE_ITER_SYM_OFFSET))
937 if (!trace_seq_puts(s, ")"))
940 for (i = 0; i < field->nargs; i++)
941 if (!trace_seq_printf(s, " %s=%lx",
942 tp->args[i].name, field->args[i]))
945 if (!trace_seq_puts(s, "\n"))
948 return TRACE_TYPE_HANDLED;
950 return TRACE_TYPE_PARTIAL_LINE;
954 print_kretprobe_event(struct trace_iterator *iter, int flags)
956 struct kretprobe_trace_entry *field;
957 struct trace_seq *s = &iter->seq;
958 struct trace_event *event;
959 struct trace_probe *tp;
962 field = (struct kretprobe_trace_entry *)iter->ent;
963 event = ftrace_find_event(field->ent.type);
964 tp = container_of(event, struct trace_probe, event);
966 if (!trace_seq_printf(s, "%s: (", tp->call.name))
969 if (!seq_print_ip_sym(s, field->ret_ip, flags | TRACE_ITER_SYM_OFFSET))
972 if (!trace_seq_puts(s, " <- "))
975 if (!seq_print_ip_sym(s, field->func, flags & ~TRACE_ITER_SYM_OFFSET))
978 if (!trace_seq_puts(s, ")"))
981 for (i = 0; i < field->nargs; i++)
982 if (!trace_seq_printf(s, " %s=%lx",
983 tp->args[i].name, field->args[i]))
986 if (!trace_seq_puts(s, "\n"))
989 return TRACE_TYPE_HANDLED;
991 return TRACE_TYPE_PARTIAL_LINE;
994 static int probe_event_enable(struct ftrace_event_call *call)
996 struct trace_probe *tp = (struct trace_probe *)call->data;
998 tp->flags |= TP_FLAG_TRACE;
999 if (probe_is_return(tp))
1000 return enable_kretprobe(&tp->rp);
1002 return enable_kprobe(&tp->rp.kp);
1005 static void probe_event_disable(struct ftrace_event_call *call)
1007 struct trace_probe *tp = (struct trace_probe *)call->data;
1009 tp->flags &= ~TP_FLAG_TRACE;
1010 if (!(tp->flags & (TP_FLAG_TRACE | TP_FLAG_PROFILE))) {
1011 if (probe_is_return(tp))
1012 disable_kretprobe(&tp->rp);
1014 disable_kprobe(&tp->rp.kp);
1018 static int probe_event_raw_init(struct ftrace_event_call *event_call)
1020 INIT_LIST_HEAD(&event_call->fields);
1026 #define DEFINE_FIELD(type, item, name, is_signed) \
1028 ret = trace_define_field(event_call, #type, name, \
1029 offsetof(typeof(field), item), \
1030 sizeof(field.item), is_signed, \
1036 static int kprobe_event_define_fields(struct ftrace_event_call *event_call)
1039 struct kprobe_trace_entry field;
1040 struct trace_probe *tp = (struct trace_probe *)event_call->data;
1042 ret = trace_define_common_fields(event_call);
1046 DEFINE_FIELD(unsigned long, ip, "ip", 0);
1047 DEFINE_FIELD(int, nargs, "nargs", 1);
1048 /* Set argument names as fields */
1049 for (i = 0; i < tp->nr_args; i++)
1050 DEFINE_FIELD(unsigned long, args[i], tp->args[i].name, 0);
1054 static int kretprobe_event_define_fields(struct ftrace_event_call *event_call)
1057 struct kretprobe_trace_entry field;
1058 struct trace_probe *tp = (struct trace_probe *)event_call->data;
1060 ret = trace_define_common_fields(event_call);
1064 DEFINE_FIELD(unsigned long, func, "func", 0);
1065 DEFINE_FIELD(unsigned long, ret_ip, "ret_ip", 0);
1066 DEFINE_FIELD(int, nargs, "nargs", 1);
1067 /* Set argument names as fields */
1068 for (i = 0; i < tp->nr_args; i++)
1069 DEFINE_FIELD(unsigned long, args[i], tp->args[i].name, 0);
1073 static int __probe_event_show_format(struct trace_seq *s,
1074 struct trace_probe *tp, const char *fmt,
1080 if (!trace_seq_printf(s, "\nprint fmt: \"%s", fmt))
1083 for (i = 0; i < tp->nr_args; i++)
1084 if (!trace_seq_printf(s, " %s=%%lx", tp->args[i].name))
1087 if (!trace_seq_printf(s, "\", %s", arg))
1090 for (i = 0; i < tp->nr_args; i++)
1091 if (!trace_seq_printf(s, ", REC->%s", tp->args[i].name))
1094 return trace_seq_puts(s, "\n");
1098 #define SHOW_FIELD(type, item, name) \
1100 ret = trace_seq_printf(s, "\tfield: " #type " %s;\t" \
1101 "offset:%u;\tsize:%u;\n", name, \
1102 (unsigned int)offsetof(typeof(field), item),\
1103 (unsigned int)sizeof(type)); \
1108 static int kprobe_event_show_format(struct ftrace_event_call *call,
1109 struct trace_seq *s)
1111 struct kprobe_trace_entry field __attribute__((unused));
1113 struct trace_probe *tp = (struct trace_probe *)call->data;
1115 SHOW_FIELD(unsigned long, ip, "ip");
1116 SHOW_FIELD(int, nargs, "nargs");
1119 for (i = 0; i < tp->nr_args; i++)
1120 SHOW_FIELD(unsigned long, args[i], tp->args[i].name);
1121 trace_seq_puts(s, "\n");
1123 return __probe_event_show_format(s, tp, "(%lx)", "REC->ip");
1126 static int kretprobe_event_show_format(struct ftrace_event_call *call,
1127 struct trace_seq *s)
1129 struct kretprobe_trace_entry field __attribute__((unused));
1131 struct trace_probe *tp = (struct trace_probe *)call->data;
1133 SHOW_FIELD(unsigned long, func, "func");
1134 SHOW_FIELD(unsigned long, ret_ip, "ret_ip");
1135 SHOW_FIELD(int, nargs, "nargs");
1138 for (i = 0; i < tp->nr_args; i++)
1139 SHOW_FIELD(unsigned long, args[i], tp->args[i].name);
1140 trace_seq_puts(s, "\n");
1142 return __probe_event_show_format(s, tp, "(%lx <- %lx)",
1143 "REC->func, REC->ret_ip");
1146 #ifdef CONFIG_EVENT_PROFILE
1148 /* Kprobe profile handler */
1149 static __kprobes int kprobe_profile_func(struct kprobe *kp,
1150 struct pt_regs *regs)
1152 struct trace_probe *tp = container_of(kp, struct trace_probe, rp.kp);
1153 struct ftrace_event_call *call = &tp->call;
1154 struct kprobe_trace_entry *entry;
1155 struct trace_entry *ent;
1156 int size, __size, i, pc, __cpu;
1157 unsigned long irq_flags;
1160 pc = preempt_count();
1161 __size = SIZEOF_KPROBE_TRACE_ENTRY(tp->nr_args);
1162 size = ALIGN(__size + sizeof(u32), sizeof(u64));
1163 size -= sizeof(u32);
1164 if (WARN_ONCE(size > FTRACE_MAX_PROFILE_SIZE,
1165 "profile buffer not large enough"))
1169 * Protect the non nmi buffer
1170 * This also protects the rcu read side
1172 local_irq_save(irq_flags);
1173 __cpu = smp_processor_id();
1176 raw_data = rcu_dereference(trace_profile_buf_nmi);
1178 raw_data = rcu_dereference(trace_profile_buf);
1183 raw_data = per_cpu_ptr(raw_data, __cpu);
1184 /* Zero dead bytes from alignment to avoid buffer leak to userspace */
1185 *(u64 *)(&raw_data[size - sizeof(u64)]) = 0ULL;
1186 entry = (struct kprobe_trace_entry *)raw_data;
1189 tracing_generic_entry_update(ent, irq_flags, pc);
1190 ent->type = call->id;
1191 entry->nargs = tp->nr_args;
1192 entry->ip = (unsigned long)kp->addr;
1193 for (i = 0; i < tp->nr_args; i++)
1194 entry->args[i] = call_fetch(&tp->args[i].fetch, regs);
1195 perf_tp_event(call->id, entry->ip, 1, entry, size);
1197 local_irq_restore(irq_flags);
1201 /* Kretprobe profile handler */
1202 static __kprobes int kretprobe_profile_func(struct kretprobe_instance *ri,
1203 struct pt_regs *regs)
1205 struct trace_probe *tp = container_of(ri->rp, struct trace_probe, rp);
1206 struct ftrace_event_call *call = &tp->call;
1207 struct kretprobe_trace_entry *entry;
1208 struct trace_entry *ent;
1209 int size, __size, i, pc, __cpu;
1210 unsigned long irq_flags;
1213 pc = preempt_count();
1214 __size = SIZEOF_KRETPROBE_TRACE_ENTRY(tp->nr_args);
1215 size = ALIGN(__size + sizeof(u32), sizeof(u64));
1216 size -= sizeof(u32);
1217 if (WARN_ONCE(size > FTRACE_MAX_PROFILE_SIZE,
1218 "profile buffer not large enough"))
1222 * Protect the non nmi buffer
1223 * This also protects the rcu read side
1225 local_irq_save(irq_flags);
1226 __cpu = smp_processor_id();
1229 raw_data = rcu_dereference(trace_profile_buf_nmi);
1231 raw_data = rcu_dereference(trace_profile_buf);
1236 raw_data = per_cpu_ptr(raw_data, __cpu);
1237 /* Zero dead bytes from alignment to avoid buffer leak to userspace */
1238 *(u64 *)(&raw_data[size - sizeof(u64)]) = 0ULL;
1239 entry = (struct kretprobe_trace_entry *)raw_data;
1242 tracing_generic_entry_update(ent, irq_flags, pc);
1243 ent->type = call->id;
1244 entry->nargs = tp->nr_args;
1245 entry->func = (unsigned long)tp->rp.kp.addr;
1246 entry->ret_ip = (unsigned long)ri->ret_addr;
1247 for (i = 0; i < tp->nr_args; i++)
1248 entry->args[i] = call_fetch(&tp->args[i].fetch, regs);
1249 perf_tp_event(call->id, entry->ret_ip, 1, entry, size);
1251 local_irq_restore(irq_flags);
1255 static int probe_profile_enable(struct ftrace_event_call *call)
1257 struct trace_probe *tp = (struct trace_probe *)call->data;
1259 tp->flags |= TP_FLAG_PROFILE;
1261 if (probe_is_return(tp))
1262 return enable_kretprobe(&tp->rp);
1264 return enable_kprobe(&tp->rp.kp);
1267 static void probe_profile_disable(struct ftrace_event_call *call)
1269 struct trace_probe *tp = (struct trace_probe *)call->data;
1271 tp->flags &= ~TP_FLAG_PROFILE;
1273 if (!(tp->flags & TP_FLAG_TRACE)) {
1274 if (probe_is_return(tp))
1275 disable_kretprobe(&tp->rp);
1277 disable_kprobe(&tp->rp.kp);
1280 #endif /* CONFIG_EVENT_PROFILE */
1284 int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs)
1286 struct trace_probe *tp = container_of(kp, struct trace_probe, rp.kp);
1288 if (tp->flags & TP_FLAG_TRACE)
1289 kprobe_trace_func(kp, regs);
1290 #ifdef CONFIG_EVENT_PROFILE
1291 if (tp->flags & TP_FLAG_PROFILE)
1292 kprobe_profile_func(kp, regs);
1293 #endif /* CONFIG_EVENT_PROFILE */
1294 return 0; /* We don't tweek kernel, so just return 0 */
1298 int kretprobe_dispatcher(struct kretprobe_instance *ri, struct pt_regs *regs)
1300 struct trace_probe *tp = container_of(ri->rp, struct trace_probe, rp);
1302 if (tp->flags & TP_FLAG_TRACE)
1303 kretprobe_trace_func(ri, regs);
1304 #ifdef CONFIG_EVENT_PROFILE
1305 if (tp->flags & TP_FLAG_PROFILE)
1306 kretprobe_profile_func(ri, regs);
1307 #endif /* CONFIG_EVENT_PROFILE */
1308 return 0; /* We don't tweek kernel, so just return 0 */
1311 static int register_probe_event(struct trace_probe *tp)
1313 struct ftrace_event_call *call = &tp->call;
1316 /* Initialize ftrace_event_call */
1317 if (probe_is_return(tp)) {
1318 tp->event.trace = print_kretprobe_event;
1319 call->raw_init = probe_event_raw_init;
1320 call->show_format = kretprobe_event_show_format;
1321 call->define_fields = kretprobe_event_define_fields;
1323 tp->event.trace = print_kprobe_event;
1324 call->raw_init = probe_event_raw_init;
1325 call->show_format = kprobe_event_show_format;
1326 call->define_fields = kprobe_event_define_fields;
1328 call->event = &tp->event;
1329 call->id = register_ftrace_event(&tp->event);
1333 call->regfunc = probe_event_enable;
1334 call->unregfunc = probe_event_disable;
1336 #ifdef CONFIG_EVENT_PROFILE
1337 atomic_set(&call->profile_count, -1);
1338 call->profile_enable = probe_profile_enable;
1339 call->profile_disable = probe_profile_disable;
1342 ret = trace_add_event_call(call);
1344 pr_info("Failed to register kprobe event: %s\n", call->name);
1345 unregister_ftrace_event(&tp->event);
1350 static void unregister_probe_event(struct trace_probe *tp)
1352 /* tp->event is unregistered in trace_remove_event_call() */
1353 trace_remove_event_call(&tp->call);
1356 /* Make a debugfs interface for controling probe points */
1357 static __init int init_kprobe_trace(void)
1359 struct dentry *d_tracer;
1360 struct dentry *entry;
1362 d_tracer = tracing_init_dentry();
1366 entry = debugfs_create_file("kprobe_events", 0644, d_tracer,
1367 NULL, &kprobe_events_ops);
1369 /* Event list interface */
1371 pr_warning("Could not create debugfs "
1372 "'kprobe_events' entry\n");
1374 /* Profile interface */
1375 entry = debugfs_create_file("kprobe_profile", 0444, d_tracer,
1376 NULL, &kprobe_profile_ops);
1379 pr_warning("Could not create debugfs "
1380 "'kprobe_profile' entry\n");
1383 fs_initcall(init_kprobe_trace);
1386 #ifdef CONFIG_FTRACE_STARTUP_TEST
1388 static int kprobe_trace_selftest_target(int a1, int a2, int a3,
1389 int a4, int a5, int a6)
1391 return a1 + a2 + a3 + a4 + a5 + a6;
1394 static __init int kprobe_trace_self_tests_init(void)
1397 int (*target)(int, int, int, int, int, int);
1399 target = kprobe_trace_selftest_target;
1401 pr_info("Testing kprobe tracing: ");
1403 ret = command_trace_probe("p:testprobe kprobe_trace_selftest_target "
1404 "a1 a2 a3 a4 a5 a6");
1405 if (WARN_ON_ONCE(ret))
1406 pr_warning("error enabling function entry\n");
1408 ret = command_trace_probe("r:testprobe2 kprobe_trace_selftest_target "
1410 if (WARN_ON_ONCE(ret))
1411 pr_warning("error enabling function return\n");
1413 ret = target(1, 2, 3, 4, 5, 6);
1415 cleanup_all_probes();
1421 late_initcall(kprobe_trace_self_tests_init);
projects / firefly-linux-kernel-4.4.55.git / blob