2 * Kprobes-based tracing events
4 * Created by Masami Hiramatsu <mhiramat@redhat.com>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/module.h>
21 #include <linux/uaccess.h>
23 #include "trace_probe.h"
25 #define KPROBE_EVENT_SYSTEM "kprobes"
28 * Kprobe event core functions
31 struct list_head list;
32 struct kretprobe rp; /* Use rp.kp for kprobe use */
33 unsigned long __percpu *nhit;
34 const char *symbol; /* symbol name */
35 struct trace_probe tp;
38 #define SIZEOF_TRACE_KPROBE(n) \
39 (offsetof(struct trace_kprobe, tp.args) + \
40 (sizeof(struct probe_arg) * (n)))
43 static nokprobe_inline bool trace_kprobe_is_return(struct trace_kprobe *tk)
45 return tk->rp.handler != NULL;
48 static nokprobe_inline const char *trace_kprobe_symbol(struct trace_kprobe *tk)
50 return tk->symbol ? tk->symbol : "unknown";
53 static nokprobe_inline unsigned long trace_kprobe_offset(struct trace_kprobe *tk)
55 return tk->rp.kp.offset;
58 static nokprobe_inline bool trace_kprobe_has_gone(struct trace_kprobe *tk)
60 return !!(kprobe_gone(&tk->rp.kp));
63 static nokprobe_inline bool trace_kprobe_within_module(struct trace_kprobe *tk,
66 int len = strlen(mod->name);
67 const char *name = trace_kprobe_symbol(tk);
68 return strncmp(mod->name, name, len) == 0 && name[len] == ':';
71 static nokprobe_inline bool trace_kprobe_is_on_module(struct trace_kprobe *tk)
73 return !!strchr(trace_kprobe_symbol(tk), ':');
76 static int register_kprobe_event(struct trace_kprobe *tk);
77 static int unregister_kprobe_event(struct trace_kprobe *tk);
79 static DEFINE_MUTEX(probe_lock);
80 static LIST_HEAD(probe_list);
82 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs);
83 static int kretprobe_dispatcher(struct kretprobe_instance *ri,
84 struct pt_regs *regs);
86 /* Memory fetching by symbol */
93 unsigned long update_symbol_cache(struct symbol_cache *sc)
95 sc->addr = (unsigned long)kallsyms_lookup_name(sc->symbol);
98 sc->addr += sc->offset;
103 void free_symbol_cache(struct symbol_cache *sc)
109 struct symbol_cache *alloc_symbol_cache(const char *sym, long offset)
111 struct symbol_cache *sc;
113 if (!sym || strlen(sym) == 0)
116 sc = kzalloc(sizeof(struct symbol_cache), GFP_KERNEL);
120 sc->symbol = kstrdup(sym, GFP_KERNEL);
126 update_symbol_cache(sc);
132 * Kprobes-specific fetch functions
134 #define DEFINE_FETCH_stack(type) \
135 static void FETCH_FUNC_NAME(stack, type)(struct pt_regs *regs, \
136 void *offset, void *dest) \
138 *(type *)dest = (type)regs_get_kernel_stack_nth(regs, \
139 (unsigned int)((unsigned long)offset)); \
141 NOKPROBE_SYMBOL(FETCH_FUNC_NAME(stack, type));
143 DEFINE_BASIC_FETCH_FUNCS(stack)
144 /* No string on the stack entry */
145 #define fetch_stack_string NULL
146 #define fetch_stack_string_size NULL
148 #define DEFINE_FETCH_memory(type) \
149 static void FETCH_FUNC_NAME(memory, type)(struct pt_regs *regs, \
150 void *addr, void *dest) \
153 if (probe_kernel_address(addr, retval)) \
156 *(type *)dest = retval; \
158 NOKPROBE_SYMBOL(FETCH_FUNC_NAME(memory, type));
160 DEFINE_BASIC_FETCH_FUNCS(memory)
162 * Fetch a null-terminated string. Caller MUST set *(u32 *)dest with max
163 * length and relative data location.
165 static void FETCH_FUNC_NAME(memory, string)(struct pt_regs *regs,
166 void *addr, void *dest)
168 int maxlen = get_rloc_len(*(u32 *)dest);
169 u8 *dst = get_rloc_data(dest);
176 * Try to get string again, since the string can be changed while
179 ret = strncpy_from_unsafe(dst, addr, maxlen);
181 if (ret < 0) { /* Failed to fetch string */
183 *(u32 *)dest = make_data_rloc(0, get_rloc_offs(*(u32 *)dest));
185 *(u32 *)dest = make_data_rloc(ret, get_rloc_offs(*(u32 *)dest));
188 NOKPROBE_SYMBOL(FETCH_FUNC_NAME(memory, string));
190 /* Return the length of string -- including null terminal byte */
191 static void FETCH_FUNC_NAME(memory, string_size)(struct pt_regs *regs,
192 void *addr, void *dest)
203 ret = __copy_from_user_inatomic(&c, (u8 *)addr + len, 1);
205 } while (c && ret == 0 && len < MAX_STRING_SIZE);
210 if (ret < 0) /* Failed to check the length */
215 NOKPROBE_SYMBOL(FETCH_FUNC_NAME(memory, string_size));
217 #define DEFINE_FETCH_symbol(type) \
218 void FETCH_FUNC_NAME(symbol, type)(struct pt_regs *regs, void *data, void *dest)\
220 struct symbol_cache *sc = data; \
222 fetch_memory_##type(regs, (void *)sc->addr, dest); \
226 NOKPROBE_SYMBOL(FETCH_FUNC_NAME(symbol, type));
228 DEFINE_BASIC_FETCH_FUNCS(symbol)
229 DEFINE_FETCH_symbol(string)
230 DEFINE_FETCH_symbol(string_size)
232 /* kprobes don't support file_offset fetch methods */
233 #define fetch_file_offset_u8 NULL
234 #define fetch_file_offset_u16 NULL
235 #define fetch_file_offset_u32 NULL
236 #define fetch_file_offset_u64 NULL
237 #define fetch_file_offset_string NULL
238 #define fetch_file_offset_string_size NULL
240 /* Fetch type information table */
241 static const struct fetch_type kprobes_fetch_type_table[] = {
243 [FETCH_TYPE_STRING] = __ASSIGN_FETCH_TYPE("string", string, string,
244 sizeof(u32), 1, "__data_loc char[]"),
245 [FETCH_TYPE_STRSIZE] = __ASSIGN_FETCH_TYPE("string_size", u32,
246 string_size, sizeof(u32), 0, "u32"),
248 ASSIGN_FETCH_TYPE(u8, u8, 0),
249 ASSIGN_FETCH_TYPE(u16, u16, 0),
250 ASSIGN_FETCH_TYPE(u32, u32, 0),
251 ASSIGN_FETCH_TYPE(u64, u64, 0),
252 ASSIGN_FETCH_TYPE(s8, u8, 1),
253 ASSIGN_FETCH_TYPE(s16, u16, 1),
254 ASSIGN_FETCH_TYPE(s32, u32, 1),
255 ASSIGN_FETCH_TYPE(s64, u64, 1),
256 ASSIGN_FETCH_TYPE_ALIAS(x8, u8, u8, 0),
257 ASSIGN_FETCH_TYPE_ALIAS(x16, u16, u16, 0),
258 ASSIGN_FETCH_TYPE_ALIAS(x32, u32, u32, 0),
259 ASSIGN_FETCH_TYPE_ALIAS(x64, u64, u64, 0),
261 ASSIGN_FETCH_TYPE_END
265 * Allocate new trace_probe and initialize it (including kprobes).
267 static struct trace_kprobe *alloc_trace_kprobe(const char *group,
272 int nargs, bool is_return)
274 struct trace_kprobe *tk;
277 tk = kzalloc(SIZEOF_TRACE_KPROBE(nargs), GFP_KERNEL);
281 tk->nhit = alloc_percpu(unsigned long);
286 tk->symbol = kstrdup(symbol, GFP_KERNEL);
289 tk->rp.kp.symbol_name = tk->symbol;
290 tk->rp.kp.offset = offs;
292 tk->rp.kp.addr = addr;
295 tk->rp.handler = kretprobe_dispatcher;
297 tk->rp.kp.pre_handler = kprobe_dispatcher;
299 if (!event || !is_good_name(event)) {
304 tk->tp.call.class = &tk->tp.class;
305 tk->tp.call.name = kstrdup(event, GFP_KERNEL);
306 if (!tk->tp.call.name)
309 if (!group || !is_good_name(group)) {
314 tk->tp.class.system = kstrdup(group, GFP_KERNEL);
315 if (!tk->tp.class.system)
318 INIT_LIST_HEAD(&tk->list);
319 INIT_LIST_HEAD(&tk->tp.files);
322 kfree(tk->tp.call.name);
324 free_percpu(tk->nhit);
329 static void free_trace_kprobe(struct trace_kprobe *tk)
333 for (i = 0; i < tk->tp.nr_args; i++)
334 traceprobe_free_probe_arg(&tk->tp.args[i]);
336 kfree(tk->tp.call.class->system);
337 kfree(tk->tp.call.name);
339 free_percpu(tk->nhit);
343 static struct trace_kprobe *find_trace_kprobe(const char *event,
346 struct trace_kprobe *tk;
348 list_for_each_entry(tk, &probe_list, list)
349 if (strcmp(trace_event_name(&tk->tp.call), event) == 0 &&
350 strcmp(tk->tp.call.class->system, group) == 0)
357 * if the file is NULL, enable "perf" handler, or enable "trace" handler.
360 enable_trace_kprobe(struct trace_kprobe *tk, struct trace_event_file *file)
365 struct event_file_link *link;
367 link = kmalloc(sizeof(*link), GFP_KERNEL);
374 list_add_tail_rcu(&link->list, &tk->tp.files);
376 tk->tp.flags |= TP_FLAG_TRACE;
378 tk->tp.flags |= TP_FLAG_PROFILE;
380 if (trace_probe_is_registered(&tk->tp) && !trace_kprobe_has_gone(tk)) {
381 if (trace_kprobe_is_return(tk))
382 ret = enable_kretprobe(&tk->rp);
384 ret = enable_kprobe(&tk->rp.kp);
391 * Disable trace_probe
392 * if the file is NULL, disable "perf" handler, or disable "trace" handler.
395 disable_trace_kprobe(struct trace_kprobe *tk, struct trace_event_file *file)
397 struct event_file_link *link = NULL;
402 link = find_event_file_link(&tk->tp, file);
408 list_del_rcu(&link->list);
410 if (!list_empty(&tk->tp.files))
413 tk->tp.flags &= ~TP_FLAG_TRACE;
415 tk->tp.flags &= ~TP_FLAG_PROFILE;
417 if (!trace_probe_is_enabled(&tk->tp) && trace_probe_is_registered(&tk->tp)) {
418 if (trace_kprobe_is_return(tk))
419 disable_kretprobe(&tk->rp);
421 disable_kprobe(&tk->rp.kp);
427 * Synchronize with kprobe_trace_func/kretprobe_trace_func
428 * to ensure disabled (all running handlers are finished).
429 * This is not only for kfree(), but also the caller,
430 * trace_remove_event_call() supposes it for releasing
431 * event_call related objects, which will be accessed in
432 * the kprobe_trace_func/kretprobe_trace_func.
435 kfree(link); /* Ignored if link == NULL */
441 /* Internal register function - just handle k*probes and flags */
442 static int __register_trace_kprobe(struct trace_kprobe *tk)
446 if (trace_probe_is_registered(&tk->tp))
449 for (i = 0; i < tk->tp.nr_args; i++)
450 traceprobe_update_arg(&tk->tp.args[i]);
452 /* Set/clear disabled flag according to tp->flag */
453 if (trace_probe_is_enabled(&tk->tp))
454 tk->rp.kp.flags &= ~KPROBE_FLAG_DISABLED;
456 tk->rp.kp.flags |= KPROBE_FLAG_DISABLED;
458 if (trace_kprobe_is_return(tk))
459 ret = register_kretprobe(&tk->rp);
461 ret = register_kprobe(&tk->rp.kp);
464 tk->tp.flags |= TP_FLAG_REGISTERED;
466 pr_warn("Could not insert probe at %s+%lu: %d\n",
467 trace_kprobe_symbol(tk), trace_kprobe_offset(tk), ret);
468 if (ret == -ENOENT && trace_kprobe_is_on_module(tk)) {
469 pr_warn("This probe might be able to register after target module is loaded. Continue.\n");
471 } else if (ret == -EILSEQ) {
472 pr_warn("Probing address(0x%p) is not an instruction boundary.\n",
481 /* Internal unregister function - just handle k*probes and flags */
482 static void __unregister_trace_kprobe(struct trace_kprobe *tk)
484 if (trace_probe_is_registered(&tk->tp)) {
485 if (trace_kprobe_is_return(tk))
486 unregister_kretprobe(&tk->rp);
488 unregister_kprobe(&tk->rp.kp);
489 tk->tp.flags &= ~TP_FLAG_REGISTERED;
490 /* Cleanup kprobe for reuse */
491 if (tk->rp.kp.symbol_name)
492 tk->rp.kp.addr = NULL;
496 /* Unregister a trace_probe and probe_event: call with locking probe_lock */
497 static int unregister_trace_kprobe(struct trace_kprobe *tk)
499 /* Enabled event can not be unregistered */
500 if (trace_probe_is_enabled(&tk->tp))
503 /* Will fail if probe is being used by ftrace or perf */
504 if (unregister_kprobe_event(tk))
507 __unregister_trace_kprobe(tk);
513 /* Register a trace_probe and probe_event */
514 static int register_trace_kprobe(struct trace_kprobe *tk)
516 struct trace_kprobe *old_tk;
519 mutex_lock(&probe_lock);
521 /* Delete old (same name) event if exist */
522 old_tk = find_trace_kprobe(trace_event_name(&tk->tp.call),
523 tk->tp.call.class->system);
525 ret = unregister_trace_kprobe(old_tk);
528 free_trace_kprobe(old_tk);
531 /* Register new event */
532 ret = register_kprobe_event(tk);
534 pr_warn("Failed to register probe event(%d)\n", ret);
538 /* Register k*probe */
539 ret = __register_trace_kprobe(tk);
541 unregister_kprobe_event(tk);
543 list_add_tail(&tk->list, &probe_list);
546 mutex_unlock(&probe_lock);
550 /* Module notifier call back, checking event on the module */
551 static int trace_kprobe_module_callback(struct notifier_block *nb,
552 unsigned long val, void *data)
554 struct module *mod = data;
555 struct trace_kprobe *tk;
558 if (val != MODULE_STATE_COMING)
561 /* Update probes on coming module */
562 mutex_lock(&probe_lock);
563 list_for_each_entry(tk, &probe_list, list) {
564 if (trace_kprobe_within_module(tk, mod)) {
565 /* Don't need to check busy - this should have gone. */
566 __unregister_trace_kprobe(tk);
567 ret = __register_trace_kprobe(tk);
569 pr_warn("Failed to re-register probe %s on %s: %d\n",
570 trace_event_name(&tk->tp.call),
574 mutex_unlock(&probe_lock);
579 static struct notifier_block trace_kprobe_module_nb = {
580 .notifier_call = trace_kprobe_module_callback,
581 .priority = 1 /* Invoked after kprobe module callback */
584 static int create_trace_kprobe(int argc, char **argv)
588 * - Add kprobe: p[:[GRP/]EVENT] [MOD:]KSYM[+OFFS]|KADDR [FETCHARGS]
589 * - Add kretprobe: r[:[GRP/]EVENT] [MOD:]KSYM[+0] [FETCHARGS]
591 * $retval : fetch return value
592 * $stack : fetch stack address
593 * $stackN : fetch Nth of stack (N:0-)
594 * $comm : fetch current task comm
595 * @ADDR : fetch memory at ADDR (ADDR should be in kernel)
596 * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol)
597 * %REG : fetch register REG
598 * Dereferencing memory fetch:
599 * +|-offs(ARG) : fetch memory at ARG +|- offs address.
600 * Alias name of args:
601 * NAME=FETCHARG : set NAME as alias of FETCHARG.
603 * FETCHARG:TYPE : use TYPE instead of unsigned long.
605 struct trace_kprobe *tk;
607 bool is_return = false, is_delete = false;
608 char *symbol = NULL, *event = NULL, *group = NULL;
610 unsigned long offset = 0;
612 char buf[MAX_EVENT_NAME_LEN];
614 /* argc must be >= 1 */
615 if (argv[0][0] == 'p')
617 else if (argv[0][0] == 'r')
619 else if (argv[0][0] == '-')
622 pr_info("Probe definition must be started with 'p', 'r' or"
627 if (argv[0][1] == ':') {
629 if (strchr(event, '/')) {
631 event = strchr(group, '/') + 1;
633 if (strlen(group) == 0) {
634 pr_info("Group name is not specified\n");
638 if (strlen(event) == 0) {
639 pr_info("Event name is not specified\n");
644 group = KPROBE_EVENT_SYSTEM;
648 pr_info("Delete command needs an event name.\n");
651 mutex_lock(&probe_lock);
652 tk = find_trace_kprobe(event, group);
654 mutex_unlock(&probe_lock);
655 pr_info("Event %s/%s doesn't exist.\n", group, event);
658 /* delete an event */
659 ret = unregister_trace_kprobe(tk);
661 free_trace_kprobe(tk);
662 mutex_unlock(&probe_lock);
667 pr_info("Probe point is not specified.\n");
670 if (isdigit(argv[1][0])) {
672 pr_info("Return probe point must be a symbol.\n");
675 /* an address specified */
676 ret = kstrtoul(&argv[1][0], 0, (unsigned long *)&addr);
678 pr_info("Failed to parse address.\n");
682 /* a symbol specified */
684 /* TODO: support .init module functions */
685 ret = traceprobe_split_symbol_offset(symbol, &offset);
687 pr_info("Failed to parse symbol.\n");
690 if (offset && is_return) {
691 pr_info("Return probe must be used without offset.\n");
695 argc -= 2; argv += 2;
699 /* Make a new event name */
701 snprintf(buf, MAX_EVENT_NAME_LEN, "%c_%s_%ld",
702 is_return ? 'r' : 'p', symbol, offset);
704 snprintf(buf, MAX_EVENT_NAME_LEN, "%c_0x%p",
705 is_return ? 'r' : 'p', addr);
708 tk = alloc_trace_kprobe(group, event, addr, symbol, offset, argc,
711 pr_info("Failed to allocate trace_probe.(%d)\n",
716 /* parse arguments */
718 for (i = 0; i < argc && i < MAX_TRACE_ARGS; i++) {
719 struct probe_arg *parg = &tk->tp.args[i];
721 /* Increment count for freeing args in error case */
724 /* Parse argument name */
725 arg = strchr(argv[i], '=');
728 parg->name = kstrdup(argv[i], GFP_KERNEL);
731 /* If argument name is omitted, set "argN" */
732 snprintf(buf, MAX_EVENT_NAME_LEN, "arg%d", i + 1);
733 parg->name = kstrdup(buf, GFP_KERNEL);
737 pr_info("Failed to allocate argument[%d] name.\n", i);
742 if (!is_good_name(parg->name)) {
743 pr_info("Invalid argument[%d] name: %s\n",
749 if (traceprobe_conflict_field_name(parg->name,
751 pr_info("Argument[%d] name '%s' conflicts with "
752 "another field.\n", i, argv[i]);
757 /* Parse fetch argument */
758 ret = traceprobe_parse_probe_arg(arg, &tk->tp.size, parg,
760 kprobes_fetch_type_table);
762 pr_info("Parse error at argument[%d]. (%d)\n", i, ret);
767 ret = register_trace_kprobe(tk);
773 free_trace_kprobe(tk);
777 static int release_all_trace_kprobes(void)
779 struct trace_kprobe *tk;
782 mutex_lock(&probe_lock);
783 /* Ensure no probe is in use. */
784 list_for_each_entry(tk, &probe_list, list)
785 if (trace_probe_is_enabled(&tk->tp)) {
789 /* TODO: Use batch unregistration */
790 while (!list_empty(&probe_list)) {
791 tk = list_entry(probe_list.next, struct trace_kprobe, list);
792 ret = unregister_trace_kprobe(tk);
795 free_trace_kprobe(tk);
799 mutex_unlock(&probe_lock);
804 /* Probes listing interfaces */
805 static void *probes_seq_start(struct seq_file *m, loff_t *pos)
807 mutex_lock(&probe_lock);
808 return seq_list_start(&probe_list, *pos);
811 static void *probes_seq_next(struct seq_file *m, void *v, loff_t *pos)
813 return seq_list_next(v, &probe_list, pos);
816 static void probes_seq_stop(struct seq_file *m, void *v)
818 mutex_unlock(&probe_lock);
821 static int probes_seq_show(struct seq_file *m, void *v)
823 struct trace_kprobe *tk = v;
826 seq_putc(m, trace_kprobe_is_return(tk) ? 'r' : 'p');
827 seq_printf(m, ":%s/%s", tk->tp.call.class->system,
828 trace_event_name(&tk->tp.call));
831 seq_printf(m, " 0x%p", tk->rp.kp.addr);
832 else if (tk->rp.kp.offset)
833 seq_printf(m, " %s+%u", trace_kprobe_symbol(tk),
836 seq_printf(m, " %s", trace_kprobe_symbol(tk));
838 for (i = 0; i < tk->tp.nr_args; i++)
839 seq_printf(m, " %s=%s", tk->tp.args[i].name, tk->tp.args[i].comm);
845 static const struct seq_operations probes_seq_op = {
846 .start = probes_seq_start,
847 .next = probes_seq_next,
848 .stop = probes_seq_stop,
849 .show = probes_seq_show
852 static int probes_open(struct inode *inode, struct file *file)
856 if ((file->f_mode & FMODE_WRITE) && (file->f_flags & O_TRUNC)) {
857 ret = release_all_trace_kprobes();
862 return seq_open(file, &probes_seq_op);
865 static ssize_t probes_write(struct file *file, const char __user *buffer,
866 size_t count, loff_t *ppos)
868 return traceprobe_probes_write(file, buffer, count, ppos,
869 create_trace_kprobe);
872 static const struct file_operations kprobe_events_ops = {
873 .owner = THIS_MODULE,
877 .release = seq_release,
878 .write = probes_write,
881 /* Probes profiling interfaces */
882 static int probes_profile_seq_show(struct seq_file *m, void *v)
884 struct trace_kprobe *tk = v;
885 unsigned long nhit = 0;
888 for_each_possible_cpu(cpu)
889 nhit += *per_cpu_ptr(tk->nhit, cpu);
891 seq_printf(m, " %-44s %15lu %15lu\n",
892 trace_event_name(&tk->tp.call), nhit,
898 static const struct seq_operations profile_seq_op = {
899 .start = probes_seq_start,
900 .next = probes_seq_next,
901 .stop = probes_seq_stop,
902 .show = probes_profile_seq_show
905 static int profile_open(struct inode *inode, struct file *file)
907 return seq_open(file, &profile_seq_op);
910 static const struct file_operations kprobe_profile_ops = {
911 .owner = THIS_MODULE,
912 .open = profile_open,
915 .release = seq_release,
919 static nokprobe_inline void
920 __kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs,
921 struct trace_event_file *trace_file)
923 struct kprobe_trace_entry_head *entry;
924 struct ring_buffer_event *event;
925 struct ring_buffer *buffer;
927 unsigned long irq_flags;
928 struct trace_event_call *call = &tk->tp.call;
930 WARN_ON(call != trace_file->event_call);
932 if (trace_trigger_soft_disabled(trace_file))
935 local_save_flags(irq_flags);
936 pc = preempt_count();
938 dsize = __get_data_size(&tk->tp, regs);
939 size = sizeof(*entry) + tk->tp.size + dsize;
941 event = trace_event_buffer_lock_reserve(&buffer, trace_file,
943 size, irq_flags, pc);
947 entry = ring_buffer_event_data(event);
948 entry->ip = (unsigned long)tk->rp.kp.addr;
949 store_trace_args(sizeof(*entry), &tk->tp, regs, (u8 *)&entry[1], dsize);
951 event_trigger_unlock_commit_regs(trace_file, buffer, event,
952 entry, irq_flags, pc, regs);
956 kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs)
958 struct event_file_link *link;
960 list_for_each_entry_rcu(link, &tk->tp.files, list)
961 __kprobe_trace_func(tk, regs, link->file);
963 NOKPROBE_SYMBOL(kprobe_trace_func);
965 /* Kretprobe handler */
966 static nokprobe_inline void
967 __kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri,
968 struct pt_regs *regs,
969 struct trace_event_file *trace_file)
971 struct kretprobe_trace_entry_head *entry;
972 struct ring_buffer_event *event;
973 struct ring_buffer *buffer;
975 unsigned long irq_flags;
976 struct trace_event_call *call = &tk->tp.call;
978 WARN_ON(call != trace_file->event_call);
980 if (trace_trigger_soft_disabled(trace_file))
983 local_save_flags(irq_flags);
984 pc = preempt_count();
986 dsize = __get_data_size(&tk->tp, regs);
987 size = sizeof(*entry) + tk->tp.size + dsize;
989 event = trace_event_buffer_lock_reserve(&buffer, trace_file,
991 size, irq_flags, pc);
995 entry = ring_buffer_event_data(event);
996 entry->func = (unsigned long)tk->rp.kp.addr;
997 entry->ret_ip = (unsigned long)ri->ret_addr;
998 store_trace_args(sizeof(*entry), &tk->tp, regs, (u8 *)&entry[1], dsize);
1000 event_trigger_unlock_commit_regs(trace_file, buffer, event,
1001 entry, irq_flags, pc, regs);
1005 kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri,
1006 struct pt_regs *regs)
1008 struct event_file_link *link;
1010 list_for_each_entry_rcu(link, &tk->tp.files, list)
1011 __kretprobe_trace_func(tk, ri, regs, link->file);
1013 NOKPROBE_SYMBOL(kretprobe_trace_func);
1015 /* Event entry printers */
1016 static enum print_line_t
1017 print_kprobe_event(struct trace_iterator *iter, int flags,
1018 struct trace_event *event)
1020 struct kprobe_trace_entry_head *field;
1021 struct trace_seq *s = &iter->seq;
1022 struct trace_probe *tp;
1026 field = (struct kprobe_trace_entry_head *)iter->ent;
1027 tp = container_of(event, struct trace_probe, call.event);
1029 trace_seq_printf(s, "%s: (", trace_event_name(&tp->call));
1031 if (!seq_print_ip_sym(s, field->ip, flags | TRACE_ITER_SYM_OFFSET))
1034 trace_seq_putc(s, ')');
1036 data = (u8 *)&field[1];
1037 for (i = 0; i < tp->nr_args; i++)
1038 if (!tp->args[i].type->print(s, tp->args[i].name,
1039 data + tp->args[i].offset, field))
1042 trace_seq_putc(s, '\n');
1044 return trace_handle_return(s);
1047 static enum print_line_t
1048 print_kretprobe_event(struct trace_iterator *iter, int flags,
1049 struct trace_event *event)
1051 struct kretprobe_trace_entry_head *field;
1052 struct trace_seq *s = &iter->seq;
1053 struct trace_probe *tp;
1057 field = (struct kretprobe_trace_entry_head *)iter->ent;
1058 tp = container_of(event, struct trace_probe, call.event);
1060 trace_seq_printf(s, "%s: (", trace_event_name(&tp->call));
1062 if (!seq_print_ip_sym(s, field->ret_ip, flags | TRACE_ITER_SYM_OFFSET))
1065 trace_seq_puts(s, " <- ");
1067 if (!seq_print_ip_sym(s, field->func, flags & ~TRACE_ITER_SYM_OFFSET))
1070 trace_seq_putc(s, ')');
1072 data = (u8 *)&field[1];
1073 for (i = 0; i < tp->nr_args; i++)
1074 if (!tp->args[i].type->print(s, tp->args[i].name,
1075 data + tp->args[i].offset, field))
1078 trace_seq_putc(s, '\n');
1081 return trace_handle_return(s);
1085 static int kprobe_event_define_fields(struct trace_event_call *event_call)
1088 struct kprobe_trace_entry_head field;
1089 struct trace_kprobe *tk = (struct trace_kprobe *)event_call->data;
1091 DEFINE_FIELD(unsigned long, ip, FIELD_STRING_IP, 0);
1092 /* Set argument names as fields */
1093 for (i = 0; i < tk->tp.nr_args; i++) {
1094 struct probe_arg *parg = &tk->tp.args[i];
1096 ret = trace_define_field(event_call, parg->type->fmttype,
1098 sizeof(field) + parg->offset,
1100 parg->type->is_signed,
1108 static int kretprobe_event_define_fields(struct trace_event_call *event_call)
1111 struct kretprobe_trace_entry_head field;
1112 struct trace_kprobe *tk = (struct trace_kprobe *)event_call->data;
1114 DEFINE_FIELD(unsigned long, func, FIELD_STRING_FUNC, 0);
1115 DEFINE_FIELD(unsigned long, ret_ip, FIELD_STRING_RETIP, 0);
1116 /* Set argument names as fields */
1117 for (i = 0; i < tk->tp.nr_args; i++) {
1118 struct probe_arg *parg = &tk->tp.args[i];
1120 ret = trace_define_field(event_call, parg->type->fmttype,
1122 sizeof(field) + parg->offset,
1124 parg->type->is_signed,
1132 #ifdef CONFIG_PERF_EVENTS
1134 /* Kprobe profile handler */
1136 kprobe_perf_func(struct trace_kprobe *tk, struct pt_regs *regs)
1138 struct trace_event_call *call = &tk->tp.call;
1139 struct bpf_prog *prog = call->prog;
1140 struct kprobe_trace_entry_head *entry;
1141 struct hlist_head *head;
1142 int size, __size, dsize;
1145 if (prog && !trace_call_bpf(prog, regs))
1148 head = this_cpu_ptr(call->perf_events);
1149 if (hlist_empty(head))
1152 dsize = __get_data_size(&tk->tp, regs);
1153 __size = sizeof(*entry) + tk->tp.size + dsize;
1154 size = ALIGN(__size + sizeof(u32), sizeof(u64));
1155 size -= sizeof(u32);
1157 entry = perf_trace_buf_alloc(size, NULL, &rctx);
1161 entry->ip = (unsigned long)tk->rp.kp.addr;
1162 memset(&entry[1], 0, dsize);
1163 store_trace_args(sizeof(*entry), &tk->tp, regs, (u8 *)&entry[1], dsize);
1164 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs,
1167 NOKPROBE_SYMBOL(kprobe_perf_func);
1169 /* Kretprobe profile handler */
1171 kretprobe_perf_func(struct trace_kprobe *tk, struct kretprobe_instance *ri,
1172 struct pt_regs *regs)
1174 struct trace_event_call *call = &tk->tp.call;
1175 struct bpf_prog *prog = call->prog;
1176 struct kretprobe_trace_entry_head *entry;
1177 struct hlist_head *head;
1178 int size, __size, dsize;
1181 if (prog && !trace_call_bpf(prog, regs))
1184 head = this_cpu_ptr(call->perf_events);
1185 if (hlist_empty(head))
1188 dsize = __get_data_size(&tk->tp, regs);
1189 __size = sizeof(*entry) + tk->tp.size + dsize;
1190 size = ALIGN(__size + sizeof(u32), sizeof(u64));
1191 size -= sizeof(u32);
1193 entry = perf_trace_buf_alloc(size, NULL, &rctx);
1197 entry->func = (unsigned long)tk->rp.kp.addr;
1198 entry->ret_ip = (unsigned long)ri->ret_addr;
1199 store_trace_args(sizeof(*entry), &tk->tp, regs, (u8 *)&entry[1], dsize);
1200 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs,
1203 NOKPROBE_SYMBOL(kretprobe_perf_func);
1204 #endif /* CONFIG_PERF_EVENTS */
1207 * called by perf_trace_init() or __ftrace_set_clr_event() under event_mutex.
1209 * kprobe_trace_self_tests_init() does enable_trace_probe/disable_trace_probe
1210 * lockless, but we can't race with this __init function.
1212 static int kprobe_register(struct trace_event_call *event,
1213 enum trace_reg type, void *data)
1215 struct trace_kprobe *tk = (struct trace_kprobe *)event->data;
1216 struct trace_event_file *file = data;
1219 case TRACE_REG_REGISTER:
1220 return enable_trace_kprobe(tk, file);
1221 case TRACE_REG_UNREGISTER:
1222 return disable_trace_kprobe(tk, file);
1224 #ifdef CONFIG_PERF_EVENTS
1225 case TRACE_REG_PERF_REGISTER:
1226 return enable_trace_kprobe(tk, NULL);
1227 case TRACE_REG_PERF_UNREGISTER:
1228 return disable_trace_kprobe(tk, NULL);
1229 case TRACE_REG_PERF_OPEN:
1230 case TRACE_REG_PERF_CLOSE:
1231 case TRACE_REG_PERF_ADD:
1232 case TRACE_REG_PERF_DEL:
1239 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs)
1241 struct trace_kprobe *tk = container_of(kp, struct trace_kprobe, rp.kp);
1243 raw_cpu_inc(*tk->nhit);
1245 if (tk->tp.flags & TP_FLAG_TRACE)
1246 kprobe_trace_func(tk, regs);
1247 #ifdef CONFIG_PERF_EVENTS
1248 if (tk->tp.flags & TP_FLAG_PROFILE)
1249 kprobe_perf_func(tk, regs);
1251 return 0; /* We don't tweek kernel, so just return 0 */
1253 NOKPROBE_SYMBOL(kprobe_dispatcher);
1256 kretprobe_dispatcher(struct kretprobe_instance *ri, struct pt_regs *regs)
1258 struct trace_kprobe *tk = container_of(ri->rp, struct trace_kprobe, rp);
1260 raw_cpu_inc(*tk->nhit);
1262 if (tk->tp.flags & TP_FLAG_TRACE)
1263 kretprobe_trace_func(tk, ri, regs);
1264 #ifdef CONFIG_PERF_EVENTS
1265 if (tk->tp.flags & TP_FLAG_PROFILE)
1266 kretprobe_perf_func(tk, ri, regs);
1268 return 0; /* We don't tweek kernel, so just return 0 */
1270 NOKPROBE_SYMBOL(kretprobe_dispatcher);
1272 static struct trace_event_functions kretprobe_funcs = {
1273 .trace = print_kretprobe_event
1276 static struct trace_event_functions kprobe_funcs = {
1277 .trace = print_kprobe_event
1280 static int register_kprobe_event(struct trace_kprobe *tk)
1282 struct trace_event_call *call = &tk->tp.call;
1285 /* Initialize trace_event_call */
1286 INIT_LIST_HEAD(&call->class->fields);
1287 if (trace_kprobe_is_return(tk)) {
1288 call->event.funcs = &kretprobe_funcs;
1289 call->class->define_fields = kretprobe_event_define_fields;
1291 call->event.funcs = &kprobe_funcs;
1292 call->class->define_fields = kprobe_event_define_fields;
1294 if (set_print_fmt(&tk->tp, trace_kprobe_is_return(tk)) < 0)
1296 ret = register_trace_event(&call->event);
1298 kfree(call->print_fmt);
1301 call->flags = TRACE_EVENT_FL_KPROBE;
1302 call->class->reg = kprobe_register;
1304 ret = trace_add_event_call(call);
1306 pr_info("Failed to register kprobe event: %s\n",
1307 trace_event_name(call));
1308 kfree(call->print_fmt);
1309 unregister_trace_event(&call->event);
1314 static int unregister_kprobe_event(struct trace_kprobe *tk)
1318 /* tp->event is unregistered in trace_remove_event_call() */
1319 ret = trace_remove_event_call(&tk->tp.call);
1321 kfree(tk->tp.call.print_fmt);
1325 /* Make a tracefs interface for controlling probe points */
1326 static __init int init_kprobe_trace(void)
1328 struct dentry *d_tracer;
1329 struct dentry *entry;
1331 if (register_module_notifier(&trace_kprobe_module_nb))
1334 d_tracer = tracing_init_dentry();
1335 if (IS_ERR(d_tracer))
1338 entry = tracefs_create_file("kprobe_events", 0644, d_tracer,
1339 NULL, &kprobe_events_ops);
1341 /* Event list interface */
1343 pr_warn("Could not create tracefs 'kprobe_events' entry\n");
1345 /* Profile interface */
1346 entry = tracefs_create_file("kprobe_profile", 0444, d_tracer,
1347 NULL, &kprobe_profile_ops);
1350 pr_warn("Could not create tracefs 'kprobe_profile' entry\n");
1353 fs_initcall(init_kprobe_trace);
1356 #ifdef CONFIG_FTRACE_STARTUP_TEST
1359 * The "__used" keeps gcc from removing the function symbol
1360 * from the kallsyms table.
1362 static __used int kprobe_trace_selftest_target(int a1, int a2, int a3,
1363 int a4, int a5, int a6)
1365 return a1 + a2 + a3 + a4 + a5 + a6;
1368 static struct trace_event_file *
1369 find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr)
1371 struct trace_event_file *file;
1373 list_for_each_entry(file, &tr->events, list)
1374 if (file->event_call == &tk->tp.call)
1381 * Nobody but us can call enable_trace_kprobe/disable_trace_kprobe at this
1382 * stage, we can do this lockless.
1384 static __init int kprobe_trace_self_tests_init(void)
1387 int (*target)(int, int, int, int, int, int);
1388 struct trace_kprobe *tk;
1389 struct trace_event_file *file;
1391 if (tracing_is_disabled())
1394 target = kprobe_trace_selftest_target;
1396 pr_info("Testing kprobe tracing: ");
1398 ret = traceprobe_command("p:testprobe kprobe_trace_selftest_target "
1399 "$stack $stack0 +0($stack)",
1400 create_trace_kprobe);
1401 if (WARN_ON_ONCE(ret)) {
1402 pr_warn("error on probing function entry.\n");
1405 /* Enable trace point */
1406 tk = find_trace_kprobe("testprobe", KPROBE_EVENT_SYSTEM);
1407 if (WARN_ON_ONCE(tk == NULL)) {
1408 pr_warn("error on getting new probe.\n");
1411 file = find_trace_probe_file(tk, top_trace_array());
1412 if (WARN_ON_ONCE(file == NULL)) {
1413 pr_warn("error on getting probe file.\n");
1416 enable_trace_kprobe(tk, file);
1420 ret = traceprobe_command("r:testprobe2 kprobe_trace_selftest_target "
1421 "$retval", create_trace_kprobe);
1422 if (WARN_ON_ONCE(ret)) {
1423 pr_warn("error on probing function return.\n");
1426 /* Enable trace point */
1427 tk = find_trace_kprobe("testprobe2", KPROBE_EVENT_SYSTEM);
1428 if (WARN_ON_ONCE(tk == NULL)) {
1429 pr_warn("error on getting 2nd new probe.\n");
1432 file = find_trace_probe_file(tk, top_trace_array());
1433 if (WARN_ON_ONCE(file == NULL)) {
1434 pr_warn("error on getting probe file.\n");
1437 enable_trace_kprobe(tk, file);
1444 ret = target(1, 2, 3, 4, 5, 6);
1446 /* Disable trace points before removing it */
1447 tk = find_trace_kprobe("testprobe", KPROBE_EVENT_SYSTEM);
1448 if (WARN_ON_ONCE(tk == NULL)) {
1449 pr_warn("error on getting test probe.\n");
1452 file = find_trace_probe_file(tk, top_trace_array());
1453 if (WARN_ON_ONCE(file == NULL)) {
1454 pr_warn("error on getting probe file.\n");
1457 disable_trace_kprobe(tk, file);
1460 tk = find_trace_kprobe("testprobe2", KPROBE_EVENT_SYSTEM);
1461 if (WARN_ON_ONCE(tk == NULL)) {
1462 pr_warn("error on getting 2nd test probe.\n");
1465 file = find_trace_probe_file(tk, top_trace_array());
1466 if (WARN_ON_ONCE(file == NULL)) {
1467 pr_warn("error on getting probe file.\n");
1470 disable_trace_kprobe(tk, file);
1473 ret = traceprobe_command("-:testprobe", create_trace_kprobe);
1474 if (WARN_ON_ONCE(ret)) {
1475 pr_warn("error on deleting a probe.\n");
1479 ret = traceprobe_command("-:testprobe2", create_trace_kprobe);
1480 if (WARN_ON_ONCE(ret)) {
1481 pr_warn("error on deleting a probe.\n");
1486 release_all_trace_kprobes();
1488 pr_cont("NG: Some tests are failed. Please check them.\n");
1494 late_initcall(kprobe_trace_self_tests_init);
projects / cascardo / linux.git / blob