2 * Kprobes-based tracing events
4 * Created by Masami Hiramatsu <mhiramat@redhat.com>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/module.h>
21 #include <linux/uaccess.h>
22 #include <linux/kprobes.h>
23 #include <linux/seq_file.h>
24 #include <linux/slab.h>
25 #include <linux/smp.h>
26 #include <linux/debugfs.h>
27 #include <linux/types.h>
28 #include <linux/string.h>
29 #include <linux/ctype.h>
30 #include <linux/ptrace.h>
31 #include <linux/perf_event.h>
32 #include <linux/stringify.h>
33 #include <asm/bitsperlong.h>
36 #include "trace_output.h"
38 #define MAX_TRACE_ARGS 128
39 #define MAX_ARGSTR_LEN 63
40 #define MAX_EVENT_NAME_LEN 64
41 #define KPROBE_EVENT_SYSTEM "kprobes"
43 /* Reserved field names */
44 #define FIELD_STRING_IP "__probe_ip"
45 #define FIELD_STRING_RETIP "__probe_ret_ip"
46 #define FIELD_STRING_FUNC "__probe_func"
48 const char *reserved_field_names[] = {
51 "common_preempt_count",
60 /* Printing function type */
61 typedef int (*print_type_func_t)(struct trace_seq *, const char *, void *);
62 #define PRINT_TYPE_FUNC_NAME(type) print_type_##type
63 #define PRINT_TYPE_FMT_NAME(type) print_type_format_##type
65 /* Printing in basic type function template */
66 #define DEFINE_BASIC_PRINT_TYPE_FUNC(type, fmt, cast) \
67 static __kprobes int PRINT_TYPE_FUNC_NAME(type)(struct trace_seq *s, \
68 const char *name, void *data)\
70 return trace_seq_printf(s, " %s=" fmt, name, (cast)*(type *)data);\
72 static const char PRINT_TYPE_FMT_NAME(type)[] = fmt;
74 DEFINE_BASIC_PRINT_TYPE_FUNC(u8, "%x", unsigned int)
75 DEFINE_BASIC_PRINT_TYPE_FUNC(u16, "%x", unsigned int)
76 DEFINE_BASIC_PRINT_TYPE_FUNC(u32, "%lx", unsigned long)
77 DEFINE_BASIC_PRINT_TYPE_FUNC(u64, "%llx", unsigned long long)
78 DEFINE_BASIC_PRINT_TYPE_FUNC(s8, "%d", int)
79 DEFINE_BASIC_PRINT_TYPE_FUNC(s16, "%d", int)
80 DEFINE_BASIC_PRINT_TYPE_FUNC(s32, "%ld", long)
81 DEFINE_BASIC_PRINT_TYPE_FUNC(s64, "%lld", long long)
83 /* Data fetch function type */
84 typedef void (*fetch_func_t)(struct pt_regs *, void *, void *);
91 static __kprobes void call_fetch(struct fetch_param *fprm,
92 struct pt_regs *regs, void *dest)
94 return fprm->fn(regs, fprm->data, dest);
97 #define FETCH_FUNC_NAME(kind, type) fetch_##kind##_##type
99 * Define macro for basic types - we don't need to define s* types, because
100 * we have to care only about bitwidth at recording time.
102 #define DEFINE_BASIC_FETCH_FUNCS(kind) \
103 DEFINE_FETCH_##kind(u8) \
104 DEFINE_FETCH_##kind(u16) \
105 DEFINE_FETCH_##kind(u32) \
106 DEFINE_FETCH_##kind(u64)
108 #define CHECK_BASIC_FETCH_FUNCS(kind, fn) \
109 ((FETCH_FUNC_NAME(kind, u8) == fn) || \
110 (FETCH_FUNC_NAME(kind, u16) == fn) || \
111 (FETCH_FUNC_NAME(kind, u32) == fn) || \
112 (FETCH_FUNC_NAME(kind, u64) == fn))
114 /* Data fetch function templates */
115 #define DEFINE_FETCH_reg(type) \
116 static __kprobes void FETCH_FUNC_NAME(reg, type)(struct pt_regs *regs, \
117 void *offset, void *dest) \
119 *(type *)dest = (type)regs_get_register(regs, \
120 (unsigned int)((unsigned long)offset)); \
122 DEFINE_BASIC_FETCH_FUNCS(reg)
124 #define DEFINE_FETCH_stack(type) \
125 static __kprobes void FETCH_FUNC_NAME(stack, type)(struct pt_regs *regs,\
126 void *offset, void *dest) \
128 *(type *)dest = (type)regs_get_kernel_stack_nth(regs, \
129 (unsigned int)((unsigned long)offset)); \
131 DEFINE_BASIC_FETCH_FUNCS(stack)
133 #define DEFINE_FETCH_retval(type) \
134 static __kprobes void FETCH_FUNC_NAME(retval, type)(struct pt_regs *regs,\
135 void *dummy, void *dest) \
137 *(type *)dest = (type)regs_return_value(regs); \
139 DEFINE_BASIC_FETCH_FUNCS(retval)
141 #define DEFINE_FETCH_memory(type) \
142 static __kprobes void FETCH_FUNC_NAME(memory, type)(struct pt_regs *regs,\
143 void *addr, void *dest) \
146 if (probe_kernel_address(addr, retval)) \
149 *(type *)dest = retval; \
151 DEFINE_BASIC_FETCH_FUNCS(memory)
153 /* Memory fetching by symbol */
154 struct symbol_cache {
160 static unsigned long update_symbol_cache(struct symbol_cache *sc)
162 sc->addr = (unsigned long)kallsyms_lookup_name(sc->symbol);
164 sc->addr += sc->offset;
168 static void free_symbol_cache(struct symbol_cache *sc)
174 static struct symbol_cache *alloc_symbol_cache(const char *sym, long offset)
176 struct symbol_cache *sc;
178 if (!sym || strlen(sym) == 0)
180 sc = kzalloc(sizeof(struct symbol_cache), GFP_KERNEL);
184 sc->symbol = kstrdup(sym, GFP_KERNEL);
191 update_symbol_cache(sc);
195 #define DEFINE_FETCH_symbol(type) \
196 static __kprobes void FETCH_FUNC_NAME(symbol, type)(struct pt_regs *regs,\
197 void *data, void *dest) \
199 struct symbol_cache *sc = data; \
201 fetch_memory_##type(regs, (void *)sc->addr, dest); \
205 DEFINE_BASIC_FETCH_FUNCS(symbol)
207 /* Dereference memory access function */
208 struct deref_fetch_param {
209 struct fetch_param orig;
213 #define DEFINE_FETCH_deref(type) \
214 static __kprobes void FETCH_FUNC_NAME(deref, type)(struct pt_regs *regs,\
215 void *data, void *dest) \
217 struct deref_fetch_param *dprm = data; \
218 unsigned long addr; \
219 call_fetch(&dprm->orig, regs, &addr); \
221 addr += dprm->offset; \
222 fetch_memory_##type(regs, (void *)addr, dest); \
226 DEFINE_BASIC_FETCH_FUNCS(deref)
228 static __kprobes void free_deref_fetch_param(struct deref_fetch_param *data)
230 if (CHECK_BASIC_FETCH_FUNCS(deref, data->orig.fn))
231 free_deref_fetch_param(data->orig.data);
232 else if (CHECK_BASIC_FETCH_FUNCS(symbol, data->orig.fn))
233 free_symbol_cache(data->orig.data);
237 /* Default (unsigned long) fetch type */
238 #define __DEFAULT_FETCH_TYPE(t) u##t
239 #define _DEFAULT_FETCH_TYPE(t) __DEFAULT_FETCH_TYPE(t)
240 #define DEFAULT_FETCH_TYPE _DEFAULT_FETCH_TYPE(BITS_PER_LONG)
241 #define DEFAULT_FETCH_TYPE_STR __stringify(DEFAULT_FETCH_TYPE)
243 #define ASSIGN_FETCH_FUNC(kind, type) \
244 .kind = FETCH_FUNC_NAME(kind, type)
246 #define ASSIGN_FETCH_TYPE(ptype, ftype, sign) \
248 .size = sizeof(ftype), \
250 .print = PRINT_TYPE_FUNC_NAME(ptype), \
251 .fmt = PRINT_TYPE_FMT_NAME(ptype), \
252 ASSIGN_FETCH_FUNC(reg, ftype), \
253 ASSIGN_FETCH_FUNC(stack, ftype), \
254 ASSIGN_FETCH_FUNC(retval, ftype), \
255 ASSIGN_FETCH_FUNC(memory, ftype), \
256 ASSIGN_FETCH_FUNC(symbol, ftype), \
257 ASSIGN_FETCH_FUNC(deref, ftype), \
260 /* Fetch type information table */
261 static const struct fetch_type {
262 const char *name; /* Name of type */
263 size_t size; /* Byte size of type */
264 int is_signed; /* Signed flag */
265 print_type_func_t print; /* Print functions */
266 const char *fmt; /* Fromat string */
267 /* Fetch functions */
274 } fetch_type_table[] = {
275 ASSIGN_FETCH_TYPE(u8, u8, 0),
276 ASSIGN_FETCH_TYPE(u16, u16, 0),
277 ASSIGN_FETCH_TYPE(u32, u32, 0),
278 ASSIGN_FETCH_TYPE(u64, u64, 0),
279 ASSIGN_FETCH_TYPE(s8, u8, 1),
280 ASSIGN_FETCH_TYPE(s16, u16, 1),
281 ASSIGN_FETCH_TYPE(s32, u32, 1),
282 ASSIGN_FETCH_TYPE(s64, u64, 1),
285 static const struct fetch_type *find_fetch_type(const char *type)
290 type = DEFAULT_FETCH_TYPE_STR;
292 for (i = 0; i < ARRAY_SIZE(fetch_type_table); i++)
293 if (strcmp(type, fetch_type_table[i].name) == 0)
294 return &fetch_type_table[i];
298 /* Special function : only accept unsigned long */
299 static __kprobes void fetch_stack_address(struct pt_regs *regs,
300 void *dummy, void *dest)
302 *(unsigned long *)dest = kernel_stack_pointer(regs);
306 * Kprobe event core functions
310 struct fetch_param fetch;
311 unsigned int offset; /* Offset from argument entry */
312 const char *name; /* Name of this argument */
313 const char *comm; /* Command of this argument */
314 const struct fetch_type *type; /* Type of this argument */
317 /* Flags for trace_probe */
318 #define TP_FLAG_TRACE 1
319 #define TP_FLAG_PROFILE 2
322 struct list_head list;
323 struct kretprobe rp; /* Use rp.kp for kprobe use */
325 unsigned int flags; /* For TP_FLAG_* */
326 const char *symbol; /* symbol name */
327 struct ftrace_event_class class;
328 struct ftrace_event_call call;
329 ssize_t size; /* trace entry size */
330 unsigned int nr_args;
331 struct probe_arg args[];
334 #define SIZEOF_TRACE_PROBE(n) \
335 (offsetof(struct trace_probe, args) + \
336 (sizeof(struct probe_arg) * (n)))
339 static __kprobes int probe_is_return(struct trace_probe *tp)
341 return tp->rp.handler != NULL;
344 static __kprobes const char *probe_symbol(struct trace_probe *tp)
346 return tp->symbol ? tp->symbol : "unknown";
349 static int register_probe_event(struct trace_probe *tp);
350 static void unregister_probe_event(struct trace_probe *tp);
352 static DEFINE_MUTEX(probe_lock);
353 static LIST_HEAD(probe_list);
355 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs);
356 static int kretprobe_dispatcher(struct kretprobe_instance *ri,
357 struct pt_regs *regs);
359 /* Check the name is good for event/group */
360 static int check_event_name(const char *name)
362 if (!isalpha(*name) && *name != '_')
364 while (*++name != '\0') {
365 if (!isalpha(*name) && !isdigit(*name) && *name != '_')
372 * Allocate new trace_probe and initialize it (including kprobes).
374 static struct trace_probe *alloc_trace_probe(const char *group,
379 int nargs, int is_return)
381 struct trace_probe *tp;
384 tp = kzalloc(SIZEOF_TRACE_PROBE(nargs), GFP_KERNEL);
389 tp->symbol = kstrdup(symbol, GFP_KERNEL);
392 tp->rp.kp.symbol_name = tp->symbol;
393 tp->rp.kp.offset = offs;
395 tp->rp.kp.addr = addr;
398 tp->rp.handler = kretprobe_dispatcher;
400 tp->rp.kp.pre_handler = kprobe_dispatcher;
402 if (!event || !check_event_name(event)) {
407 tp->call.class = &tp->class;
408 tp->call.name = kstrdup(event, GFP_KERNEL);
412 if (!group || !check_event_name(group)) {
417 tp->class.system = kstrdup(group, GFP_KERNEL);
418 if (!tp->class.system)
421 INIT_LIST_HEAD(&tp->list);
424 kfree(tp->call.name);
430 static void free_probe_arg(struct probe_arg *arg)
432 if (CHECK_BASIC_FETCH_FUNCS(deref, arg->fetch.fn))
433 free_deref_fetch_param(arg->fetch.data);
434 else if (CHECK_BASIC_FETCH_FUNCS(symbol, arg->fetch.fn))
435 free_symbol_cache(arg->fetch.data);
440 static void free_trace_probe(struct trace_probe *tp)
444 for (i = 0; i < tp->nr_args; i++)
445 free_probe_arg(&tp->args[i]);
447 kfree(tp->call.class->system);
448 kfree(tp->call.name);
453 static struct trace_probe *find_probe_event(const char *event,
456 struct trace_probe *tp;
458 list_for_each_entry(tp, &probe_list, list)
459 if (strcmp(tp->call.name, event) == 0 &&
460 strcmp(tp->call.class->system, group) == 0)
465 /* Unregister a trace_probe and probe_event: call with locking probe_lock */
466 static void unregister_trace_probe(struct trace_probe *tp)
468 if (probe_is_return(tp))
469 unregister_kretprobe(&tp->rp);
471 unregister_kprobe(&tp->rp.kp);
473 unregister_probe_event(tp);
476 /* Register a trace_probe and probe_event */
477 static int register_trace_probe(struct trace_probe *tp)
479 struct trace_probe *old_tp;
482 mutex_lock(&probe_lock);
484 /* register as an event */
485 old_tp = find_probe_event(tp->call.name, tp->call.class->system);
487 /* delete old event */
488 unregister_trace_probe(old_tp);
489 free_trace_probe(old_tp);
491 ret = register_probe_event(tp);
493 pr_warning("Faild to register probe event(%d)\n", ret);
497 tp->rp.kp.flags |= KPROBE_FLAG_DISABLED;
498 if (probe_is_return(tp))
499 ret = register_kretprobe(&tp->rp);
501 ret = register_kprobe(&tp->rp.kp);
504 pr_warning("Could not insert probe(%d)\n", ret);
505 if (ret == -EILSEQ) {
506 pr_warning("Probing address(0x%p) is not an "
507 "instruction boundary.\n",
511 unregister_probe_event(tp);
513 list_add_tail(&tp->list, &probe_list);
515 mutex_unlock(&probe_lock);
519 /* Split symbol and offset. */
520 static int split_symbol_offset(char *symbol, unsigned long *offset)
528 tmp = strchr(symbol, '+');
530 /* skip sign because strict_strtol doesn't accept '+' */
531 ret = strict_strtoul(tmp + 1, 0, offset);
540 #define PARAM_MAX_ARGS 16
541 #define PARAM_MAX_STACK (THREAD_SIZE / sizeof(unsigned long))
543 static int parse_probe_vars(char *arg, const struct fetch_type *t,
544 struct fetch_param *f, int is_return)
549 if (strcmp(arg, "retval") == 0) {
554 } else if (strncmp(arg, "stack", 5) == 0) {
555 if (arg[5] == '\0') {
556 if (strcmp(t->name, DEFAULT_FETCH_TYPE_STR) == 0)
557 f->fn = fetch_stack_address;
560 } else if (isdigit(arg[5])) {
561 ret = strict_strtoul(arg + 5, 10, ¶m);
562 if (ret || param > PARAM_MAX_STACK)
566 f->data = (void *)param;
575 /* Recursive argument parser */
576 static int __parse_probe_arg(char *arg, const struct fetch_type *t,
577 struct fetch_param *f, int is_return)
586 ret = parse_probe_vars(arg + 1, t, f, is_return);
588 case '%': /* named register */
589 ret = regs_query_register_offset(arg + 1);
592 f->data = (void *)(unsigned long)ret;
596 case '@': /* memory or symbol */
597 if (isdigit(arg[1])) {
598 ret = strict_strtoul(arg + 1, 0, ¶m);
602 f->data = (void *)param;
604 ret = split_symbol_offset(arg + 1, &offset);
607 f->data = alloc_symbol_cache(arg + 1, offset);
612 case '+': /* deref memory */
614 tmp = strchr(arg, '(');
618 ret = strict_strtol(arg + 1, 0, &offset);
624 tmp = strrchr(arg, ')');
626 struct deref_fetch_param *dprm;
627 const struct fetch_type *t2 = find_fetch_type(NULL);
629 dprm = kzalloc(sizeof(struct deref_fetch_param),
633 dprm->offset = offset;
634 ret = __parse_probe_arg(arg, t2, &dprm->orig,
640 f->data = (void *)dprm;
650 /* String length checking wrapper */
651 static int parse_probe_arg(char *arg, struct trace_probe *tp,
652 struct probe_arg *parg, int is_return)
656 if (strlen(arg) > MAX_ARGSTR_LEN) {
657 pr_info("Argument is too long.: %s\n", arg);
660 parg->comm = kstrdup(arg, GFP_KERNEL);
662 pr_info("Failed to allocate memory for command '%s'.\n", arg);
665 t = strchr(parg->comm, ':');
667 arg[t - parg->comm] = '\0';
670 parg->type = find_fetch_type(t);
672 pr_info("Unsupported type: %s\n", t);
675 parg->offset = tp->size;
676 tp->size += parg->type->size;
677 return __parse_probe_arg(arg, parg->type, &parg->fetch, is_return);
680 /* Return 1 if name is reserved or already used by another argument */
681 static int conflict_field_name(const char *name,
682 struct probe_arg *args, int narg)
685 for (i = 0; i < ARRAY_SIZE(reserved_field_names); i++)
686 if (strcmp(reserved_field_names[i], name) == 0)
688 for (i = 0; i < narg; i++)
689 if (strcmp(args[i].name, name) == 0)
694 static int create_trace_probe(int argc, char **argv)
698 * - Add kprobe: p[:[GRP/]EVENT] KSYM[+OFFS]|KADDR [FETCHARGS]
699 * - Add kretprobe: r[:[GRP/]EVENT] KSYM[+0] [FETCHARGS]
701 * $retval : fetch return value
702 * $stack : fetch stack address
703 * $stackN : fetch Nth of stack (N:0-)
704 * @ADDR : fetch memory at ADDR (ADDR should be in kernel)
705 * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol)
706 * %REG : fetch register REG
707 * Dereferencing memory fetch:
708 * +|-offs(ARG) : fetch memory at ARG +|- offs address.
709 * Alias name of args:
710 * NAME=FETCHARG : set NAME as alias of FETCHARG.
712 * FETCHARG:TYPE : use TYPE instead of unsigned long.
714 struct trace_probe *tp;
716 int is_return = 0, is_delete = 0;
717 char *symbol = NULL, *event = NULL, *group = NULL;
719 unsigned long offset = 0;
721 char buf[MAX_EVENT_NAME_LEN];
723 /* argc must be >= 1 */
724 if (argv[0][0] == 'p')
726 else if (argv[0][0] == 'r')
728 else if (argv[0][0] == '-')
731 pr_info("Probe definition must be started with 'p', 'r' or"
736 if (argv[0][1] == ':') {
738 if (strchr(event, '/')) {
740 event = strchr(group, '/') + 1;
742 if (strlen(group) == 0) {
743 pr_info("Group name is not specified\n");
747 if (strlen(event) == 0) {
748 pr_info("Event name is not specified\n");
753 group = KPROBE_EVENT_SYSTEM;
757 pr_info("Delete command needs an event name.\n");
760 tp = find_probe_event(event, group);
762 pr_info("Event %s/%s doesn't exist.\n", group, event);
765 /* delete an event */
766 unregister_trace_probe(tp);
767 free_trace_probe(tp);
772 pr_info("Probe point is not specified.\n");
775 if (isdigit(argv[1][0])) {
777 pr_info("Return probe point must be a symbol.\n");
780 /* an address specified */
781 ret = strict_strtoul(&argv[1][0], 0, (unsigned long *)&addr);
783 pr_info("Failed to parse address.\n");
787 /* a symbol specified */
789 /* TODO: support .init module functions */
790 ret = split_symbol_offset(symbol, &offset);
792 pr_info("Failed to parse symbol.\n");
795 if (offset && is_return) {
796 pr_info("Return probe must be used without offset.\n");
800 argc -= 2; argv += 2;
804 /* Make a new event name */
806 snprintf(buf, MAX_EVENT_NAME_LEN, "%c_%s_%ld",
807 is_return ? 'r' : 'p', symbol, offset);
809 snprintf(buf, MAX_EVENT_NAME_LEN, "%c_0x%p",
810 is_return ? 'r' : 'p', addr);
813 tp = alloc_trace_probe(group, event, addr, symbol, offset, argc,
816 pr_info("Failed to allocate trace_probe.(%d)\n",
821 /* parse arguments */
823 for (i = 0; i < argc && i < MAX_TRACE_ARGS; i++) {
824 /* Parse argument name */
825 arg = strchr(argv[i], '=');
831 tp->args[i].name = kstrdup(argv[i], GFP_KERNEL);
832 if (!tp->args[i].name) {
833 pr_info("Failed to allocate argument%d name '%s'.\n",
838 tmp = strchr(tp->args[i].name, ':');
840 *tmp = '_'; /* convert : to _ */
842 if (conflict_field_name(tp->args[i].name, tp->args, i)) {
843 pr_info("Argument%d name '%s' conflicts with "
844 "another field.\n", i, argv[i]);
849 /* Parse fetch argument */
850 ret = parse_probe_arg(arg, tp, &tp->args[i], is_return);
852 pr_info("Parse error at argument%d. (%d)\n", i, ret);
853 kfree(tp->args[i].name);
860 ret = register_trace_probe(tp);
866 free_trace_probe(tp);
870 static void cleanup_all_probes(void)
872 struct trace_probe *tp;
874 mutex_lock(&probe_lock);
875 /* TODO: Use batch unregistration */
876 while (!list_empty(&probe_list)) {
877 tp = list_entry(probe_list.next, struct trace_probe, list);
878 unregister_trace_probe(tp);
879 free_trace_probe(tp);
881 mutex_unlock(&probe_lock);
885 /* Probes listing interfaces */
886 static void *probes_seq_start(struct seq_file *m, loff_t *pos)
888 mutex_lock(&probe_lock);
889 return seq_list_start(&probe_list, *pos);
892 static void *probes_seq_next(struct seq_file *m, void *v, loff_t *pos)
894 return seq_list_next(v, &probe_list, pos);
897 static void probes_seq_stop(struct seq_file *m, void *v)
899 mutex_unlock(&probe_lock);
902 static int probes_seq_show(struct seq_file *m, void *v)
904 struct trace_probe *tp = v;
907 seq_printf(m, "%c", probe_is_return(tp) ? 'r' : 'p');
908 seq_printf(m, ":%s/%s", tp->call.class->system, tp->call.name);
911 seq_printf(m, " 0x%p", tp->rp.kp.addr);
912 else if (tp->rp.kp.offset)
913 seq_printf(m, " %s+%u", probe_symbol(tp), tp->rp.kp.offset);
915 seq_printf(m, " %s", probe_symbol(tp));
917 for (i = 0; i < tp->nr_args; i++)
918 seq_printf(m, " %s=%s", tp->args[i].name, tp->args[i].comm);
924 static const struct seq_operations probes_seq_op = {
925 .start = probes_seq_start,
926 .next = probes_seq_next,
927 .stop = probes_seq_stop,
928 .show = probes_seq_show
931 static int probes_open(struct inode *inode, struct file *file)
933 if ((file->f_mode & FMODE_WRITE) &&
934 (file->f_flags & O_TRUNC))
935 cleanup_all_probes();
937 return seq_open(file, &probes_seq_op);
940 static int command_trace_probe(const char *buf)
943 int argc = 0, ret = 0;
945 argv = argv_split(GFP_KERNEL, buf, &argc);
950 ret = create_trace_probe(argc, argv);
956 #define WRITE_BUFSIZE 128
958 static ssize_t probes_write(struct file *file, const char __user *buffer,
959 size_t count, loff_t *ppos)
966 kbuf = kmalloc(WRITE_BUFSIZE, GFP_KERNEL);
971 while (done < count) {
973 if (size >= WRITE_BUFSIZE)
974 size = WRITE_BUFSIZE - 1;
975 if (copy_from_user(kbuf, buffer + done, size)) {
980 tmp = strchr(kbuf, '\n');
983 size = tmp - kbuf + 1;
984 } else if (done + size < count) {
985 pr_warning("Line length is too long: "
986 "Should be less than %d.", WRITE_BUFSIZE);
991 /* Remove comments */
992 tmp = strchr(kbuf, '#');
996 ret = command_trace_probe(kbuf);
1006 static const struct file_operations kprobe_events_ops = {
1007 .owner = THIS_MODULE,
1008 .open = probes_open,
1010 .llseek = seq_lseek,
1011 .release = seq_release,
1012 .write = probes_write,
1015 /* Probes profiling interfaces */
1016 static int probes_profile_seq_show(struct seq_file *m, void *v)
1018 struct trace_probe *tp = v;
1020 seq_printf(m, " %-44s %15lu %15lu\n", tp->call.name, tp->nhit,
1026 static const struct seq_operations profile_seq_op = {
1027 .start = probes_seq_start,
1028 .next = probes_seq_next,
1029 .stop = probes_seq_stop,
1030 .show = probes_profile_seq_show
1033 static int profile_open(struct inode *inode, struct file *file)
1035 return seq_open(file, &profile_seq_op);
1038 static const struct file_operations kprobe_profile_ops = {
1039 .owner = THIS_MODULE,
1040 .open = profile_open,
1042 .llseek = seq_lseek,
1043 .release = seq_release,
1046 /* Kprobe handler */
1047 static __kprobes void kprobe_trace_func(struct kprobe *kp, struct pt_regs *regs)
1049 struct trace_probe *tp = container_of(kp, struct trace_probe, rp.kp);
1050 struct kprobe_trace_entry_head *entry;
1051 struct ring_buffer_event *event;
1052 struct ring_buffer *buffer;
1055 unsigned long irq_flags;
1056 struct ftrace_event_call *call = &tp->call;
1060 local_save_flags(irq_flags);
1061 pc = preempt_count();
1063 size = sizeof(*entry) + tp->size;
1065 event = trace_current_buffer_lock_reserve(&buffer, call->event.type,
1066 size, irq_flags, pc);
1070 entry = ring_buffer_event_data(event);
1071 entry->ip = (unsigned long)kp->addr;
1072 data = (u8 *)&entry[1];
1073 for (i = 0; i < tp->nr_args; i++)
1074 call_fetch(&tp->args[i].fetch, regs, data + tp->args[i].offset);
1076 if (!filter_current_check_discard(buffer, call, entry, event))
1077 trace_nowake_buffer_unlock_commit(buffer, event, irq_flags, pc);
1080 /* Kretprobe handler */
1081 static __kprobes void kretprobe_trace_func(struct kretprobe_instance *ri,
1082 struct pt_regs *regs)
1084 struct trace_probe *tp = container_of(ri->rp, struct trace_probe, rp);
1085 struct kretprobe_trace_entry_head *entry;
1086 struct ring_buffer_event *event;
1087 struct ring_buffer *buffer;
1090 unsigned long irq_flags;
1091 struct ftrace_event_call *call = &tp->call;
1093 local_save_flags(irq_flags);
1094 pc = preempt_count();
1096 size = sizeof(*entry) + tp->size;
1098 event = trace_current_buffer_lock_reserve(&buffer, call->event.type,
1099 size, irq_flags, pc);
1103 entry = ring_buffer_event_data(event);
1104 entry->func = (unsigned long)tp->rp.kp.addr;
1105 entry->ret_ip = (unsigned long)ri->ret_addr;
1106 data = (u8 *)&entry[1];
1107 for (i = 0; i < tp->nr_args; i++)
1108 call_fetch(&tp->args[i].fetch, regs, data + tp->args[i].offset);
1110 if (!filter_current_check_discard(buffer, call, entry, event))
1111 trace_nowake_buffer_unlock_commit(buffer, event, irq_flags, pc);
1114 /* Event entry printers */
1116 print_kprobe_event(struct trace_iterator *iter, int flags,
1117 struct trace_event *event)
1119 struct kprobe_trace_entry_head *field;
1120 struct trace_seq *s = &iter->seq;
1121 struct trace_probe *tp;
1125 field = (struct kprobe_trace_entry_head *)iter->ent;
1126 tp = container_of(event, struct trace_probe, call.event);
1128 if (!trace_seq_printf(s, "%s: (", tp->call.name))
1131 if (!seq_print_ip_sym(s, field->ip, flags | TRACE_ITER_SYM_OFFSET))
1134 if (!trace_seq_puts(s, ")"))
1137 data = (u8 *)&field[1];
1138 for (i = 0; i < tp->nr_args; i++)
1139 if (!tp->args[i].type->print(s, tp->args[i].name,
1140 data + tp->args[i].offset))
1143 if (!trace_seq_puts(s, "\n"))
1146 return TRACE_TYPE_HANDLED;
1148 return TRACE_TYPE_PARTIAL_LINE;
1152 print_kretprobe_event(struct trace_iterator *iter, int flags,
1153 struct trace_event *event)
1155 struct kretprobe_trace_entry_head *field;
1156 struct trace_seq *s = &iter->seq;
1157 struct trace_probe *tp;
1161 field = (struct kretprobe_trace_entry_head *)iter->ent;
1162 tp = container_of(event, struct trace_probe, call.event);
1164 if (!trace_seq_printf(s, "%s: (", tp->call.name))
1167 if (!seq_print_ip_sym(s, field->ret_ip, flags | TRACE_ITER_SYM_OFFSET))
1170 if (!trace_seq_puts(s, " <- "))
1173 if (!seq_print_ip_sym(s, field->func, flags & ~TRACE_ITER_SYM_OFFSET))
1176 if (!trace_seq_puts(s, ")"))
1179 data = (u8 *)&field[1];
1180 for (i = 0; i < tp->nr_args; i++)
1181 if (!tp->args[i].type->print(s, tp->args[i].name,
1182 data + tp->args[i].offset))
1185 if (!trace_seq_puts(s, "\n"))
1188 return TRACE_TYPE_HANDLED;
1190 return TRACE_TYPE_PARTIAL_LINE;
1193 static int probe_event_enable(struct ftrace_event_call *call)
1195 struct trace_probe *tp = (struct trace_probe *)call->data;
1197 tp->flags |= TP_FLAG_TRACE;
1198 if (probe_is_return(tp))
1199 return enable_kretprobe(&tp->rp);
1201 return enable_kprobe(&tp->rp.kp);
1204 static void probe_event_disable(struct ftrace_event_call *call)
1206 struct trace_probe *tp = (struct trace_probe *)call->data;
1208 tp->flags &= ~TP_FLAG_TRACE;
1209 if (!(tp->flags & (TP_FLAG_TRACE | TP_FLAG_PROFILE))) {
1210 if (probe_is_return(tp))
1211 disable_kretprobe(&tp->rp);
1213 disable_kprobe(&tp->rp.kp);
1217 static int probe_event_raw_init(struct ftrace_event_call *event_call)
1223 #define DEFINE_FIELD(type, item, name, is_signed) \
1225 ret = trace_define_field(event_call, #type, name, \
1226 offsetof(typeof(field), item), \
1227 sizeof(field.item), is_signed, \
1233 static int kprobe_event_define_fields(struct ftrace_event_call *event_call)
1236 struct kprobe_trace_entry_head field;
1237 struct trace_probe *tp = (struct trace_probe *)event_call->data;
1239 DEFINE_FIELD(unsigned long, ip, FIELD_STRING_IP, 0);
1240 /* Set argument names as fields */
1241 for (i = 0; i < tp->nr_args; i++) {
1242 ret = trace_define_field(event_call, tp->args[i].type->name,
1244 sizeof(field) + tp->args[i].offset,
1245 tp->args[i].type->size,
1246 tp->args[i].type->is_signed,
1254 static int kretprobe_event_define_fields(struct ftrace_event_call *event_call)
1257 struct kretprobe_trace_entry_head field;
1258 struct trace_probe *tp = (struct trace_probe *)event_call->data;
1260 DEFINE_FIELD(unsigned long, func, FIELD_STRING_FUNC, 0);
1261 DEFINE_FIELD(unsigned long, ret_ip, FIELD_STRING_RETIP, 0);
1262 /* Set argument names as fields */
1263 for (i = 0; i < tp->nr_args; i++) {
1264 ret = trace_define_field(event_call, tp->args[i].type->name,
1266 sizeof(field) + tp->args[i].offset,
1267 tp->args[i].type->size,
1268 tp->args[i].type->is_signed,
1276 static int __set_print_fmt(struct trace_probe *tp, char *buf, int len)
1281 const char *fmt, *arg;
1283 if (!probe_is_return(tp)) {
1285 arg = "REC->" FIELD_STRING_IP;
1287 fmt = "(%lx <- %lx)";
1288 arg = "REC->" FIELD_STRING_FUNC ", REC->" FIELD_STRING_RETIP;
1291 /* When len=0, we just calculate the needed length */
1292 #define LEN_OR_ZERO (len ? len - pos : 0)
1294 pos += snprintf(buf + pos, LEN_OR_ZERO, "\"%s", fmt);
1296 for (i = 0; i < tp->nr_args; i++) {
1297 pos += snprintf(buf + pos, LEN_OR_ZERO, " %s=%s",
1298 tp->args[i].name, tp->args[i].type->fmt);
1301 pos += snprintf(buf + pos, LEN_OR_ZERO, "\", %s", arg);
1303 for (i = 0; i < tp->nr_args; i++) {
1304 pos += snprintf(buf + pos, LEN_OR_ZERO, ", REC->%s",
1310 /* return the length of print_fmt */
1314 static int set_print_fmt(struct trace_probe *tp)
1319 /* First: called with 0 length to calculate the needed length */
1320 len = __set_print_fmt(tp, NULL, 0);
1321 print_fmt = kmalloc(len + 1, GFP_KERNEL);
1325 /* Second: actually write the @print_fmt */
1326 __set_print_fmt(tp, print_fmt, len + 1);
1327 tp->call.print_fmt = print_fmt;
1332 #ifdef CONFIG_PERF_EVENTS
1334 /* Kprobe profile handler */
1335 static __kprobes void kprobe_perf_func(struct kprobe *kp,
1336 struct pt_regs *regs)
1338 struct trace_probe *tp = container_of(kp, struct trace_probe, rp.kp);
1339 struct ftrace_event_call *call = &tp->call;
1340 struct kprobe_trace_entry_head *entry;
1341 struct hlist_head *head;
1343 int size, __size, i;
1346 __size = sizeof(*entry) + tp->size;
1347 size = ALIGN(__size + sizeof(u32), sizeof(u64));
1348 size -= sizeof(u32);
1349 if (WARN_ONCE(size > PERF_MAX_TRACE_SIZE,
1350 "profile buffer not large enough"))
1353 entry = perf_trace_buf_prepare(size, call->event.type, regs, &rctx);
1357 entry->ip = (unsigned long)kp->addr;
1358 data = (u8 *)&entry[1];
1359 for (i = 0; i < tp->nr_args; i++)
1360 call_fetch(&tp->args[i].fetch, regs, data + tp->args[i].offset);
1362 head = this_cpu_ptr(call->perf_events);
1363 perf_trace_buf_submit(entry, size, rctx, entry->ip, 1, regs, head);
1366 /* Kretprobe profile handler */
1367 static __kprobes void kretprobe_perf_func(struct kretprobe_instance *ri,
1368 struct pt_regs *regs)
1370 struct trace_probe *tp = container_of(ri->rp, struct trace_probe, rp);
1371 struct ftrace_event_call *call = &tp->call;
1372 struct kretprobe_trace_entry_head *entry;
1373 struct hlist_head *head;
1375 int size, __size, i;
1378 __size = sizeof(*entry) + tp->size;
1379 size = ALIGN(__size + sizeof(u32), sizeof(u64));
1380 size -= sizeof(u32);
1381 if (WARN_ONCE(size > PERF_MAX_TRACE_SIZE,
1382 "profile buffer not large enough"))
1385 entry = perf_trace_buf_prepare(size, call->event.type, regs, &rctx);
1389 entry->func = (unsigned long)tp->rp.kp.addr;
1390 entry->ret_ip = (unsigned long)ri->ret_addr;
1391 data = (u8 *)&entry[1];
1392 for (i = 0; i < tp->nr_args; i++)
1393 call_fetch(&tp->args[i].fetch, regs, data + tp->args[i].offset);
1395 head = this_cpu_ptr(call->perf_events);
1396 perf_trace_buf_submit(entry, size, rctx, entry->ret_ip, 1, regs, head);
1399 static int probe_perf_enable(struct ftrace_event_call *call)
1401 struct trace_probe *tp = (struct trace_probe *)call->data;
1403 tp->flags |= TP_FLAG_PROFILE;
1405 if (probe_is_return(tp))
1406 return enable_kretprobe(&tp->rp);
1408 return enable_kprobe(&tp->rp.kp);
1411 static void probe_perf_disable(struct ftrace_event_call *call)
1413 struct trace_probe *tp = (struct trace_probe *)call->data;
1415 tp->flags &= ~TP_FLAG_PROFILE;
1417 if (!(tp->flags & TP_FLAG_TRACE)) {
1418 if (probe_is_return(tp))
1419 disable_kretprobe(&tp->rp);
1421 disable_kprobe(&tp->rp.kp);
1424 #endif /* CONFIG_PERF_EVENTS */
1427 int kprobe_register(struct ftrace_event_call *event, enum trace_reg type)
1430 case TRACE_REG_REGISTER:
1431 return probe_event_enable(event);
1432 case TRACE_REG_UNREGISTER:
1433 probe_event_disable(event);
1436 #ifdef CONFIG_PERF_EVENTS
1437 case TRACE_REG_PERF_REGISTER:
1438 return probe_perf_enable(event);
1439 case TRACE_REG_PERF_UNREGISTER:
1440 probe_perf_disable(event);
1448 int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs)
1450 struct trace_probe *tp = container_of(kp, struct trace_probe, rp.kp);
1452 if (tp->flags & TP_FLAG_TRACE)
1453 kprobe_trace_func(kp, regs);
1454 #ifdef CONFIG_PERF_EVENTS
1455 if (tp->flags & TP_FLAG_PROFILE)
1456 kprobe_perf_func(kp, regs);
1458 return 0; /* We don't tweek kernel, so just return 0 */
1462 int kretprobe_dispatcher(struct kretprobe_instance *ri, struct pt_regs *regs)
1464 struct trace_probe *tp = container_of(ri->rp, struct trace_probe, rp);
1466 if (tp->flags & TP_FLAG_TRACE)
1467 kretprobe_trace_func(ri, regs);
1468 #ifdef CONFIG_PERF_EVENTS
1469 if (tp->flags & TP_FLAG_PROFILE)
1470 kretprobe_perf_func(ri, regs);
1472 return 0; /* We don't tweek kernel, so just return 0 */
1475 static struct trace_event_functions kretprobe_funcs = {
1476 .trace = print_kretprobe_event
1479 static struct trace_event_functions kprobe_funcs = {
1480 .trace = print_kprobe_event
1483 static int register_probe_event(struct trace_probe *tp)
1485 struct ftrace_event_call *call = &tp->call;
1488 /* Initialize ftrace_event_call */
1489 if (probe_is_return(tp)) {
1490 INIT_LIST_HEAD(&call->class->fields);
1491 call->event.funcs = &kretprobe_funcs;
1492 call->class->raw_init = probe_event_raw_init;
1493 call->class->define_fields = kretprobe_event_define_fields;
1495 INIT_LIST_HEAD(&call->class->fields);
1496 call->event.funcs = &kprobe_funcs;
1497 call->class->raw_init = probe_event_raw_init;
1498 call->class->define_fields = kprobe_event_define_fields;
1500 if (set_print_fmt(tp) < 0)
1502 ret = register_ftrace_event(&call->event);
1504 kfree(call->print_fmt);
1508 call->class->reg = kprobe_register;
1510 ret = trace_add_event_call(call);
1512 pr_info("Failed to register kprobe event: %s\n", call->name);
1513 kfree(call->print_fmt);
1514 unregister_ftrace_event(&call->event);
1519 static void unregister_probe_event(struct trace_probe *tp)
1521 /* tp->event is unregistered in trace_remove_event_call() */
1522 trace_remove_event_call(&tp->call);
1523 kfree(tp->call.print_fmt);
1526 /* Make a debugfs interface for controling probe points */
1527 static __init int init_kprobe_trace(void)
1529 struct dentry *d_tracer;
1530 struct dentry *entry;
1532 d_tracer = tracing_init_dentry();
1536 entry = debugfs_create_file("kprobe_events", 0644, d_tracer,
1537 NULL, &kprobe_events_ops);
1539 /* Event list interface */
1541 pr_warning("Could not create debugfs "
1542 "'kprobe_events' entry\n");
1544 /* Profile interface */
1545 entry = debugfs_create_file("kprobe_profile", 0444, d_tracer,
1546 NULL, &kprobe_profile_ops);
1549 pr_warning("Could not create debugfs "
1550 "'kprobe_profile' entry\n");
1553 fs_initcall(init_kprobe_trace);
1556 #ifdef CONFIG_FTRACE_STARTUP_TEST
1558 static int kprobe_trace_selftest_target(int a1, int a2, int a3,
1559 int a4, int a5, int a6)
1561 return a1 + a2 + a3 + a4 + a5 + a6;
1564 static __init int kprobe_trace_self_tests_init(void)
1567 int (*target)(int, int, int, int, int, int);
1568 struct trace_probe *tp;
1570 target = kprobe_trace_selftest_target;
1572 pr_info("Testing kprobe tracing: ");
1574 ret = command_trace_probe("p:testprobe kprobe_trace_selftest_target "
1575 "$stack $stack0 +0($stack)");
1576 if (WARN_ON_ONCE(ret)) {
1577 pr_warning("error on probing function entry.\n");
1580 /* Enable trace point */
1581 tp = find_probe_event("testprobe", KPROBE_EVENT_SYSTEM);
1582 if (WARN_ON_ONCE(tp == NULL)) {
1583 pr_warning("error on getting new probe.\n");
1586 probe_event_enable(&tp->call);
1589 ret = command_trace_probe("r:testprobe2 kprobe_trace_selftest_target "
1591 if (WARN_ON_ONCE(ret)) {
1592 pr_warning("error on probing function return.\n");
1595 /* Enable trace point */
1596 tp = find_probe_event("testprobe2", KPROBE_EVENT_SYSTEM);
1597 if (WARN_ON_ONCE(tp == NULL)) {
1598 pr_warning("error on getting new probe.\n");
1601 probe_event_enable(&tp->call);
1607 ret = target(1, 2, 3, 4, 5, 6);
1609 ret = command_trace_probe("-:testprobe");
1610 if (WARN_ON_ONCE(ret)) {
1611 pr_warning("error on deleting a probe.\n");
1615 ret = command_trace_probe("-:testprobe2");
1616 if (WARN_ON_ONCE(ret)) {
1617 pr_warning("error on deleting a probe.\n");
1622 cleanup_all_probes();
1624 pr_cont("NG: Some tests are failed. Please check them.\n");
1630 late_initcall(kprobe_trace_self_tests_init);
git.openpandora.org / pandora-kernel.git / blob