systrace.c revision 269272 
1258578Shrs/*
2258578Shrs * CDDL HEADER START
3258578Shrs *
48870Srgrimes * The contents of this file are subject to the terms of the
5258578Shrs * Common Development and Distribution License (the "License").
6258578Shrs * You may not use this file except in compliance with the License.
7258578Shrs *
8258578Shrs * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9258578Shrs * or http://www.opensolaris.org/os/licensing.
10258578Shrs * See the License for the specific language governing permissions
11258578Shrs * and limitations under the License.
12258578Shrs *
13258578Shrs * When distributing Covered Code, include this CDDL HEADER in each
14258578Shrs * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15258578Shrs * If applicable, add the following below this CDDL HEADER, with the
16258578Shrs * fields enclosed by brackets "[]" replaced with your own identifying
17258578Shrs * information: Portions Copyright [yyyy] [name of copyright owner]
18258578Shrs *
19258578Shrs * CDDL HEADER END
20258578Shrs *
21258578Shrs * Portions Copyright 2006-2008 John Birrell jb@freebsd.org
22258578Shrs *
23258578Shrs * $FreeBSD: stable/10/sys/cddl/dev/systrace/systrace.c 269272 2014-07-29 22:26:41Z markj $
24258578Shrs *
25258578Shrs */
26258578Shrs
271901Swollman/*
281901Swollman * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
291901Swollman * Use is subject to license terms.
30136581Sobrien */
3174462Salfred
321901Swollman#include <sys/cdefs.h>
3392990Sobrien#include <sys/param.h>
3492990Sobrien#include <sys/systm.h>
351901Swollman#include <sys/conf.h>
361901Swollman#include <sys/cpuvar.h>
371901Swollman#include <sys/fcntl.h>
381901Swollman#include <sys/filio.h>
391901Swollman#include <sys/kdb.h>
401901Swollman#include <sys/kernel.h>
411901Swollman#include <sys/kmem.h>
421901Swollman#include <sys/kthread.h>
431901Swollman#include <sys/limits.h>
441901Swollman#include <sys/linker.h>
451901Swollman#include <sys/lock.h>
461901Swollman#include <sys/malloc.h>
4774462Salfred#include <sys/module.h>
4874462Salfred#include <sys/mutex.h>
491901Swollman#include <sys/poll.h>
5011666Sphk#include <sys/proc.h>
5174462Salfred#include <sys/selinfo.h>
521901Swollman#include <sys/smp.h>
5374462Salfred#include <sys/sysproto.h>
541901Swollman#include <sys/sysent.h>
551901Swollman#include <sys/uio.h>
561901Swollman#include <sys/unistd.h>
571901Swollman#include <machine/stdarg.h>
581901Swollman
59288113Srodrigc#include <sys/dtrace.h>
601901Swollman
6174462Salfred#ifdef LINUX_SYSTRACE
621901Swollman#if defined(__amd64__)
6374462Salfred#include <amd64/linux32/linux.h>
6474462Salfred#include <amd64/linux32/linux32_proto.h>
651901Swollman#include <amd64/linux32/linux32_syscalls.c>
661901Swollman#include <amd64/linux32/linux32_systrace_args.c>
671901Swollman#define	MODNAME		"linux32"
68241181Spfg#elif defined(__i386__)
691901Swollman#include <i386/linux/linux.h>
701901Swollman#include <i386/linux/linux_proto.h>
7174462Salfred#include <i386/linux/linux_syscalls.c>
7274462Salfred#include <i386/linux/linux_systrace_args.c>
731901Swollman#define	MODNAME		"linux"
7474462Salfred#else
7574462Salfred#error Only i386 and amd64 are supported.
7674462Salfred#endif
771901Swollmanextern struct sysent linux_sysent[];
781901Swollman#define	MAXSYSCALL	LINUX_SYS_MAXSYSCALL
791901Swollman#define	SYSCALLNAMES	linux_syscallnames
801901Swollman#define	SYSENT		linux_sysent
811901Swollman#elif defined(FREEBSD32_SYSTRACE)
821901Swollman/*
831901Swollman * The syscall arguments are processed into a DTrace argument array
841901Swollman * using a generated function. See sys/kern/makesyscalls.sh.
8574462Salfred */
8674462Salfred#include <compat/freebsd32/freebsd32_proto.h>
871901Swollman#include <compat/freebsd32/freebsd32_util.h>
881901Swollman#include <compat/freebsd32/freebsd32_syscall.h>
891901Swollman#include <compat/freebsd32/freebsd32_systrace_args.c>
901901Swollmanextern const char *freebsd32_syscallnames[];
9174462Salfred#define	MODNAME		"freebsd32"
921901Swollman#define	MAXSYSCALL	FREEBSD32_SYS_MAXSYSCALL
931901Swollman#define	SYSCALLNAMES	freebsd32_syscallnames
9421088Speter#define	SYSENT		freebsd32_sysent
9574462Salfred#else
9674462Salfred/*
9774462Salfred * The syscall arguments are processed into a DTrace argument array
981901Swollman * using a generated function. See sys/kern/makesyscalls.sh.
991901Swollman */
1001901Swollman#include <sys/syscall.h>
1011901Swollman#include <kern/systrace_args.c>
1021901Swollman#define	MODNAME		"freebsd"
1031901Swollman#define	MAXSYSCALL	SYS_MAXSYSCALL
10474462Salfred#define	SYSCALLNAMES	syscallnames
1051901Swollman#define	SYSENT		sysent
1061901Swollman#endif
1071901Swollman
1081901Swollman#define	PROVNAME	"syscall"
1091901Swollman#define	DEVNAME	        "dtrace/systrace/" MODNAME
1101901Swollman
11174462Salfred#define	SYSTRACE_ARTIFICIAL_FRAMES	1
11274462Salfred
1131901Swollman#define	SYSTRACE_SHIFT			16
1141901Swollman#define	SYSTRACE_ISENTRY(x)		((int)(x) >> SYSTRACE_SHIFT)
1151901Swollman#define	SYSTRACE_SYSNUM(x)		((int)(x) & ((1 << SYSTRACE_SHIFT) - 1))
1161901Swollman#define	SYSTRACE_ENTRY(id)		((1 << SYSTRACE_SHIFT) | (id))
1171901Swollman#define	SYSTRACE_RETURN(id)		(id)
1181901Swollman
1191901Swollman#if ((1 << SYSTRACE_SHIFT) <= MAXSYSCALL)
1201901Swollman#error 1 << SYSTRACE_SHIFT must exceed number of system calls
1211901Swollman#endif
12226221Swpaul
12374462Salfredstatic d_open_t	systrace_open;
12426221Swpaulstatic int	systrace_unload(void);
12574462Salfredstatic void	systrace_getargdesc(void *, dtrace_id_t, void *, dtrace_argdesc_t *);
12626221Swpaulstatic void	systrace_provide(void *, dtrace_probedesc_t *);
12774462Salfredstatic void	systrace_destroy(void *, dtrace_id_t, void *);
12826221Swpaulstatic void	systrace_enable(void *, dtrace_id_t, void *);
12974462Salfredstatic void	systrace_disable(void *, dtrace_id_t, void *);
13026221Swpaulstatic void	systrace_load(void *);
13126221Swpaul
13226221Swpaulstatic struct cdevsw systrace_cdevsw = {
13326221Swpaul	.d_version	= D_VERSION,
13426221Swpaul	.d_open		= systrace_open,
1351901Swollman#ifdef LINUX_SYSTRACE
1361901Swollman	.d_name		= "systrace_" MODNAME,
1371901Swollman#else
1381901Swollman	.d_name		= "systrace",
1391901Swollman#endif
1401901Swollman};
1411901Swollman
1421901Swollmanstatic union	{
1431901Swollman	const char	**p_constnames;
1441901Swollman	char		**pp_syscallnames;
1451901Swollman} uglyhack = { SYSCALLNAMES };
1461901Swollman
14774462Salfredstatic dtrace_pattr_t systrace_attr = {
148288113Srodrigc{ DTRACE_STABILITY_EVOLVING, DTRACE_STABILITY_EVOLVING, DTRACE_CLASS_COMMON },
1491901Swollman{ DTRACE_STABILITY_PRIVATE, DTRACE_STABILITY_PRIVATE, DTRACE_CLASS_UNKNOWN },
1501901Swollman{ DTRACE_STABILITY_PRIVATE, DTRACE_STABILITY_PRIVATE, DTRACE_CLASS_ISA },
1511901Swollman{ DTRACE_STABILITY_EVOLVING, DTRACE_STABILITY_EVOLVING, DTRACE_CLASS_COMMON },
152{ DTRACE_STABILITY_PRIVATE, DTRACE_STABILITY_PRIVATE, DTRACE_CLASS_ISA },
153};
154
155static dtrace_pops_t systrace_pops = {
156	systrace_provide,
157	NULL,
158	systrace_enable,
159	systrace_disable,
160	NULL,
161	NULL,
162	systrace_getargdesc,
163	NULL,
164	NULL,
165	systrace_destroy
166};
167
168static struct cdev		*systrace_cdev;
169static dtrace_provider_id_t	systrace_id;
170
171typedef void (*systrace_dtrace_probe_t)(dtrace_id_t, uintptr_t, uintptr_t,
172    uintptr_t, uintptr_t, uintptr_t, uintptr_t, uintptr_t, uintptr_t);
173
174#if !defined(LINUX_SYSTRACE)
175/*
176 * Probe callback function.
177 *
178 * Note: This function is called for _all_ syscalls, regardless of which sysent
179 *       array the syscall comes from. It could be a standard syscall or a
180 *       compat syscall from something like Linux.
181 */
182static void
183systrace_probe(u_int32_t id, int sysnum, struct sysent *sysent, void *params,
184    int ret)
185{
186	systrace_dtrace_probe_t probe;
187	int		n_args	= 0;
188	u_int64_t	uargs[8];
189
190	memset(uargs, 0, sizeof(uargs));
191	/*
192	 * Check if this syscall has an argument conversion function
193	 * registered.
194	 */
195	if (params && sysent->sy_systrace_args_func != NULL) {
196		/*
197		 * Convert the syscall parameters using the registered
198		 * function.
199		 */
200		(*sysent->sy_systrace_args_func)(sysnum, params, uargs, &n_args);
201	} else if (params) {
202		/*
203		 * Use the built-in system call argument conversion
204		 * function to translate the syscall structure fields
205		 * into the array of 64-bit values that DTrace
206		 * expects.
207		 */
208		systrace_args(sysnum, params, uargs, &n_args);
209	} else {
210		/*
211		 * Since params is NULL, this is a 'return' probe.
212		 * Set arg0 and arg1 as the return value of this syscall.
213		 */
214		uargs[0] = uargs[1] = ret;
215	}
216
217	/* Process the probe using the converted argments. */
218	probe = (systrace_dtrace_probe_t)dtrace_probe;
219	probe(id, uargs[0], uargs[1], uargs[2], uargs[3], uargs[4], uargs[5],
220	    uargs[6], uargs[7]);
221}
222
223#endif
224
225static void
226systrace_getargdesc(void *arg, dtrace_id_t id, void *parg, dtrace_argdesc_t *desc)
227{
228	int sysnum = SYSTRACE_SYSNUM((uintptr_t)parg);
229
230	if (SYSTRACE_ISENTRY((uintptr_t)parg))
231		systrace_entry_setargdesc(sysnum, desc->dtargd_ndx,
232		    desc->dtargd_native, sizeof(desc->dtargd_native));
233	else
234		systrace_return_setargdesc(sysnum, desc->dtargd_ndx,
235		    desc->dtargd_native, sizeof(desc->dtargd_native));
236
237	if (desc->dtargd_native[0] == '\0')
238		desc->dtargd_ndx = DTRACE_ARGNONE;
239
240	return;
241}
242
243static void
244systrace_provide(void *arg, dtrace_probedesc_t *desc)
245{
246	int i;
247
248	if (desc != NULL)
249		return;
250
251	for (i = 0; i < MAXSYSCALL; i++) {
252		if (dtrace_probe_lookup(systrace_id, MODNAME,
253		    uglyhack.pp_syscallnames[i], "entry") != 0)
254			continue;
255
256		(void) dtrace_probe_create(systrace_id, MODNAME, uglyhack.pp_syscallnames[i],
257		    "entry", SYSTRACE_ARTIFICIAL_FRAMES,
258		    (void *)((uintptr_t)SYSTRACE_ENTRY(i)));
259		(void) dtrace_probe_create(systrace_id, MODNAME, uglyhack.pp_syscallnames[i],
260		    "return", SYSTRACE_ARTIFICIAL_FRAMES,
261		    (void *)((uintptr_t)SYSTRACE_RETURN(i)));
262	}
263}
264
265static void
266systrace_destroy(void *arg, dtrace_id_t id, void *parg)
267{
268#ifdef DEBUG
269	int sysnum = SYSTRACE_SYSNUM((uintptr_t)parg);
270
271	/*
272	 * There's nothing to do here but assert that we have actually been
273	 * disabled.
274	 */
275	if (SYSTRACE_ISENTRY((uintptr_t)parg)) {
276		ASSERT(sysent[sysnum].sy_entry == 0);
277	} else {
278		ASSERT(sysent[sysnum].sy_return == 0);
279	}
280#endif
281}
282
283static void
284systrace_enable(void *arg, dtrace_id_t id, void *parg)
285{
286	int sysnum = SYSTRACE_SYSNUM((uintptr_t)parg);
287
288	if (SYSENT[sysnum].sy_systrace_args_func == NULL)
289		SYSENT[sysnum].sy_systrace_args_func = systrace_args;
290
291	if (SYSTRACE_ISENTRY((uintptr_t)parg))
292		SYSENT[sysnum].sy_entry = id;
293	else
294		SYSENT[sysnum].sy_return = id;
295}
296
297static void
298systrace_disable(void *arg, dtrace_id_t id, void *parg)
299{
300	int sysnum = SYSTRACE_SYSNUM((uintptr_t)parg);
301
302	SYSENT[sysnum].sy_entry = 0;
303	SYSENT[sysnum].sy_return = 0;
304}
305
306static void
307systrace_load(void *dummy)
308{
309	/* Create the /dev/dtrace/systrace entry. */
310	systrace_cdev = make_dev(&systrace_cdevsw, 0, UID_ROOT, GID_WHEEL, 0600,
311	   DEVNAME);
312
313	if (dtrace_register(PROVNAME, &systrace_attr, DTRACE_PRIV_USER,
314	    NULL, &systrace_pops, NULL, &systrace_id) != 0)
315		return;
316
317#if !defined(LINUX_SYSTRACE)
318	systrace_probe_func = systrace_probe;
319#endif
320}
321
322
323static int
324systrace_unload()
325{
326	int error = 0;
327
328	if ((error = dtrace_unregister(systrace_id)) != 0)
329		return (error);
330
331#if !defined(LINUX_SYSTRACE)
332	systrace_probe_func = NULL;
333#endif
334
335	destroy_dev(systrace_cdev);
336
337	return (error);
338}
339
340static int
341systrace_modevent(module_t mod __unused, int type, void *data __unused)
342{
343	int error = 0;
344
345	switch (type) {
346	case MOD_LOAD:
347		break;
348
349	case MOD_UNLOAD:
350		break;
351
352	case MOD_SHUTDOWN:
353		break;
354
355	default:
356		error = EOPNOTSUPP;
357		break;
358
359	}
360	return (error);
361}
362
363static int
364systrace_open(struct cdev *dev __unused, int oflags __unused, int devtype __unused, struct thread *td __unused)
365{
366	return (0);
367}
368
369SYSINIT(systrace_load, SI_SUB_DTRACE_PROVIDER, SI_ORDER_ANY, systrace_load, NULL);
370SYSUNINIT(systrace_unload, SI_SUB_DTRACE_PROVIDER, SI_ORDER_ANY, systrace_unload, NULL);
371
372#ifdef LINUX_SYSTRACE
373DEV_MODULE(systrace_linux32, systrace_modevent, NULL);
374MODULE_VERSION(systrace_linux32, 1);
375MODULE_DEPEND(systrace_linux32, linux, 1, 1, 1);
376MODULE_DEPEND(systrace_linux32, dtrace, 1, 1, 1);
377MODULE_DEPEND(systrace_linux32, opensolaris, 1, 1, 1);
378#elif defined(FREEBSD32_SYSTRACE)
379DEV_MODULE(systrace_freebsd32, systrace_modevent, NULL);
380MODULE_VERSION(systrace_freebsd32, 1);
381MODULE_DEPEND(systrace_freebsd32, dtrace, 1, 1, 1);
382MODULE_DEPEND(systrace_freebsd32, opensolaris, 1, 1, 1);
383#else
384DEV_MODULE(systrace, systrace_modevent, NULL);
385MODULE_VERSION(systrace, 1);
386MODULE_DEPEND(systrace, dtrace, 1, 1, 1);
387MODULE_DEPEND(systrace, opensolaris, 1, 1, 1);
388#endif
389