1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Kprobes-based tracing events 4 * 5 * Created by Masami Hiramatsu <mhiramat@redhat.com> 6 * 7 */ 8 #define pr_fmt(fmt) "trace_kprobe: " fmt 9 10 #include <linux/bpf-cgroup.h> 11 #include <linux/security.h> 12 #include <linux/module.h> 13 #include <linux/uaccess.h> 14 #include <linux/rculist.h> 15 #include <linux/error-injection.h> 16 17 #include <asm/setup.h> /* for COMMAND_LINE_SIZE */ 18 19 #include "trace_dynevent.h" 20 #include "trace_kprobe_selftest.h" 21 #include "trace_probe.h" 22 #include "trace_probe_tmpl.h" 23 #include "trace_probe_kernel.h" 24 25 #define KPROBE_EVENT_SYSTEM "kprobes" 26 #define KRETPROBE_MAXACTIVE_MAX 4096 27 28 /* Kprobe early definition from command line */ 29 static char kprobe_boot_events_buf[COMMAND_LINE_SIZE] __initdata; 30 set_kprobe_boot_events(char * str)31 static int __init set_kprobe_boot_events(char *str) 32 { 33 strscpy(kprobe_boot_events_buf, str, COMMAND_LINE_SIZE); 34 disable_tracing_selftest("running kprobe events"); 35 36 return 1; 37 } 38 __setup("kprobe_event=", set_kprobe_boot_events); 39 40 static int trace_kprobe_create(const char *raw_command); 41 static int trace_kprobe_show(struct seq_file *m, struct dyn_event *ev); 42 static int trace_kprobe_release(struct dyn_event *ev); 43 static bool trace_kprobe_is_busy(struct dyn_event *ev); 44 static bool trace_kprobe_match(const char *system, const char *event, 45 int argc, const char **argv, struct dyn_event *ev); 46 47 static struct dyn_event_operations trace_kprobe_ops = { 48 .create = trace_kprobe_create, 49 .show = trace_kprobe_show, 50 .is_busy = trace_kprobe_is_busy, 51 .free = trace_kprobe_release, 52 .match = trace_kprobe_match, 53 }; 54 55 /* 56 * Kprobe event core functions 57 */ 58 struct trace_kprobe { 59 struct dyn_event devent; 60 struct kretprobe rp; /* Use rp.kp for kprobe use */ 61 unsigned long __percpu *nhit; 62 const char *symbol; /* symbol name */ 63 struct trace_probe tp; 64 }; 65 is_trace_kprobe(struct dyn_event * ev)66 static bool is_trace_kprobe(struct dyn_event *ev) 67 { 68 return ev->ops == &trace_kprobe_ops; 69 } 70 to_trace_kprobe(struct dyn_event * ev)71 static struct trace_kprobe *to_trace_kprobe(struct dyn_event *ev) 72 { 73 return container_of(ev, struct trace_kprobe, devent); 74 } 75 76 /** 77 * for_each_trace_kprobe - iterate over the trace_kprobe list 78 * @pos: the struct trace_kprobe * for each entry 79 * @dpos: the struct dyn_event * to use as a loop cursor 80 */ 81 #define for_each_trace_kprobe(pos, dpos) \ 82 for_each_dyn_event(dpos) \ 83 if (is_trace_kprobe(dpos) && (pos = to_trace_kprobe(dpos))) 84 trace_kprobe_is_return(struct trace_kprobe * tk)85 static nokprobe_inline bool trace_kprobe_is_return(struct trace_kprobe *tk) 86 { 87 return tk->rp.handler != NULL; 88 } 89 trace_kprobe_symbol(struct trace_kprobe * tk)90 static nokprobe_inline const char *trace_kprobe_symbol(struct trace_kprobe *tk) 91 { 92 return tk->symbol ? tk->symbol : "unknown"; 93 } 94 trace_kprobe_offset(struct trace_kprobe * tk)95 static nokprobe_inline unsigned long trace_kprobe_offset(struct trace_kprobe *tk) 96 { 97 return tk->rp.kp.offset; 98 } 99 trace_kprobe_has_gone(struct trace_kprobe * tk)100 static nokprobe_inline bool trace_kprobe_has_gone(struct trace_kprobe *tk) 101 { 102 return kprobe_gone(&tk->rp.kp); 103 } 104 trace_kprobe_within_module(struct trace_kprobe * tk,struct module * mod)105 static nokprobe_inline bool trace_kprobe_within_module(struct trace_kprobe *tk, 106 struct module *mod) 107 { 108 int len = strlen(module_name(mod)); 109 const char *name = trace_kprobe_symbol(tk); 110 111 return strncmp(module_name(mod), name, len) == 0 && name[len] == ':'; 112 } 113 trace_kprobe_module_exist(struct trace_kprobe * tk)114 static nokprobe_inline bool trace_kprobe_module_exist(struct trace_kprobe *tk) 115 { 116 char *p; 117 bool ret; 118 119 if (!tk->symbol) 120 return false; 121 p = strchr(tk->symbol, ':'); 122 if (!p) 123 return true; 124 *p = '\0'; 125 rcu_read_lock_sched(); 126 ret = !!find_module(tk->symbol); 127 rcu_read_unlock_sched(); 128 *p = ':'; 129 130 return ret; 131 } 132 trace_kprobe_is_busy(struct dyn_event * ev)133 static bool trace_kprobe_is_busy(struct dyn_event *ev) 134 { 135 struct trace_kprobe *tk = to_trace_kprobe(ev); 136 137 return trace_probe_is_enabled(&tk->tp); 138 } 139 trace_kprobe_match_command_head(struct trace_kprobe * tk,int argc,const char ** argv)140 static bool trace_kprobe_match_command_head(struct trace_kprobe *tk, 141 int argc, const char **argv) 142 { 143 char buf[MAX_ARGSTR_LEN + 1]; 144 145 if (!argc) 146 return true; 147 148 if (!tk->symbol) 149 snprintf(buf, sizeof(buf), "0x%p", tk->rp.kp.addr); 150 else if (tk->rp.kp.offset) 151 snprintf(buf, sizeof(buf), "%s+%u", 152 trace_kprobe_symbol(tk), tk->rp.kp.offset); 153 else 154 snprintf(buf, sizeof(buf), "%s", trace_kprobe_symbol(tk)); 155 if (strcmp(buf, argv[0])) 156 return false; 157 argc--; argv++; 158 159 return trace_probe_match_command_args(&tk->tp, argc, argv); 160 } 161 trace_kprobe_match(const char * system,const char * event,int argc,const char ** argv,struct dyn_event * ev)162 static bool trace_kprobe_match(const char *system, const char *event, 163 int argc, const char **argv, struct dyn_event *ev) 164 { 165 struct trace_kprobe *tk = to_trace_kprobe(ev); 166 167 return (event[0] == '\0' || 168 strcmp(trace_probe_name(&tk->tp), event) == 0) && 169 (!system || strcmp(trace_probe_group_name(&tk->tp), system) == 0) && 170 trace_kprobe_match_command_head(tk, argc, argv); 171 } 172 trace_kprobe_nhit(struct trace_kprobe * tk)173 static nokprobe_inline unsigned long trace_kprobe_nhit(struct trace_kprobe *tk) 174 { 175 unsigned long nhit = 0; 176 int cpu; 177 178 for_each_possible_cpu(cpu) 179 nhit += *per_cpu_ptr(tk->nhit, cpu); 180 181 return nhit; 182 } 183 trace_kprobe_is_registered(struct trace_kprobe * tk)184 static nokprobe_inline bool trace_kprobe_is_registered(struct trace_kprobe *tk) 185 { 186 return !(list_empty(&tk->rp.kp.list) && 187 hlist_unhashed(&tk->rp.kp.hlist)); 188 } 189 190 /* Return 0 if it fails to find the symbol address */ 191 static nokprobe_inline trace_kprobe_address(struct trace_kprobe * tk)192 unsigned long trace_kprobe_address(struct trace_kprobe *tk) 193 { 194 unsigned long addr; 195 196 if (tk->symbol) { 197 addr = (unsigned long) 198 kallsyms_lookup_name(trace_kprobe_symbol(tk)); 199 if (addr) 200 addr += tk->rp.kp.offset; 201 } else { 202 addr = (unsigned long)tk->rp.kp.addr; 203 } 204 return addr; 205 } 206 207 static nokprobe_inline struct trace_kprobe * trace_kprobe_primary_from_call(struct trace_event_call * call)208 trace_kprobe_primary_from_call(struct trace_event_call *call) 209 { 210 struct trace_probe *tp; 211 212 tp = trace_probe_primary_from_call(call); 213 if (WARN_ON_ONCE(!tp)) 214 return NULL; 215 216 return container_of(tp, struct trace_kprobe, tp); 217 } 218 trace_kprobe_on_func_entry(struct trace_event_call * call)219 bool trace_kprobe_on_func_entry(struct trace_event_call *call) 220 { 221 struct trace_kprobe *tk = trace_kprobe_primary_from_call(call); 222 223 return tk ? (kprobe_on_func_entry(tk->rp.kp.addr, 224 tk->rp.kp.addr ? NULL : tk->rp.kp.symbol_name, 225 tk->rp.kp.addr ? 0 : tk->rp.kp.offset) == 0) : false; 226 } 227 trace_kprobe_error_injectable(struct trace_event_call * call)228 bool trace_kprobe_error_injectable(struct trace_event_call *call) 229 { 230 struct trace_kprobe *tk = trace_kprobe_primary_from_call(call); 231 232 return tk ? within_error_injection_list(trace_kprobe_address(tk)) : 233 false; 234 } 235 236 static int register_kprobe_event(struct trace_kprobe *tk); 237 static int unregister_kprobe_event(struct trace_kprobe *tk); 238 239 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs); 240 static int kretprobe_dispatcher(struct kretprobe_instance *ri, 241 struct pt_regs *regs); 242 free_trace_kprobe(struct trace_kprobe * tk)243 static void free_trace_kprobe(struct trace_kprobe *tk) 244 { 245 if (tk) { 246 trace_probe_cleanup(&tk->tp); 247 kfree(tk->symbol); 248 free_percpu(tk->nhit); 249 kfree(tk); 250 } 251 } 252 253 /* 254 * Allocate new trace_probe and initialize it (including kprobes). 255 */ alloc_trace_kprobe(const char * group,const char * event,void * addr,const char * symbol,unsigned long offs,int maxactive,int nargs,bool is_return)256 static struct trace_kprobe *alloc_trace_kprobe(const char *group, 257 const char *event, 258 void *addr, 259 const char *symbol, 260 unsigned long offs, 261 int maxactive, 262 int nargs, bool is_return) 263 { 264 struct trace_kprobe *tk; 265 int ret = -ENOMEM; 266 267 tk = kzalloc(struct_size(tk, tp.args, nargs), GFP_KERNEL); 268 if (!tk) 269 return ERR_PTR(ret); 270 271 tk->nhit = alloc_percpu(unsigned long); 272 if (!tk->nhit) 273 goto error; 274 275 if (symbol) { 276 tk->symbol = kstrdup(symbol, GFP_KERNEL); 277 if (!tk->symbol) 278 goto error; 279 tk->rp.kp.symbol_name = tk->symbol; 280 tk->rp.kp.offset = offs; 281 } else 282 tk->rp.kp.addr = addr; 283 284 if (is_return) 285 tk->rp.handler = kretprobe_dispatcher; 286 else 287 tk->rp.kp.pre_handler = kprobe_dispatcher; 288 289 tk->rp.maxactive = maxactive; 290 INIT_HLIST_NODE(&tk->rp.kp.hlist); 291 INIT_LIST_HEAD(&tk->rp.kp.list); 292 293 ret = trace_probe_init(&tk->tp, event, group, false, nargs); 294 if (ret < 0) 295 goto error; 296 297 dyn_event_init(&tk->devent, &trace_kprobe_ops); 298 return tk; 299 error: 300 free_trace_kprobe(tk); 301 return ERR_PTR(ret); 302 } 303 find_trace_kprobe(const char * event,const char * group)304 static struct trace_kprobe *find_trace_kprobe(const char *event, 305 const char *group) 306 { 307 struct dyn_event *pos; 308 struct trace_kprobe *tk; 309 310 for_each_trace_kprobe(tk, pos) 311 if (strcmp(trace_probe_name(&tk->tp), event) == 0 && 312 strcmp(trace_probe_group_name(&tk->tp), group) == 0) 313 return tk; 314 return NULL; 315 } 316 __enable_trace_kprobe(struct trace_kprobe * tk)317 static inline int __enable_trace_kprobe(struct trace_kprobe *tk) 318 { 319 int ret = 0; 320 321 if (trace_kprobe_is_registered(tk) && !trace_kprobe_has_gone(tk)) { 322 if (trace_kprobe_is_return(tk)) 323 ret = enable_kretprobe(&tk->rp); 324 else 325 ret = enable_kprobe(&tk->rp.kp); 326 } 327 328 return ret; 329 } 330 __disable_trace_kprobe(struct trace_probe * tp)331 static void __disable_trace_kprobe(struct trace_probe *tp) 332 { 333 struct trace_kprobe *tk; 334 335 list_for_each_entry(tk, trace_probe_probe_list(tp), tp.list) { 336 if (!trace_kprobe_is_registered(tk)) 337 continue; 338 if (trace_kprobe_is_return(tk)) 339 disable_kretprobe(&tk->rp); 340 else 341 disable_kprobe(&tk->rp.kp); 342 } 343 } 344 345 /* 346 * Enable trace_probe 347 * if the file is NULL, enable "perf" handler, or enable "trace" handler. 348 */ enable_trace_kprobe(struct trace_event_call * call,struct trace_event_file * file)349 static int enable_trace_kprobe(struct trace_event_call *call, 350 struct trace_event_file *file) 351 { 352 struct trace_probe *tp; 353 struct trace_kprobe *tk; 354 bool enabled; 355 int ret = 0; 356 357 tp = trace_probe_primary_from_call(call); 358 if (WARN_ON_ONCE(!tp)) 359 return -ENODEV; 360 enabled = trace_probe_is_enabled(tp); 361 362 /* This also changes "enabled" state */ 363 if (file) { 364 ret = trace_probe_add_file(tp, file); 365 if (ret) 366 return ret; 367 } else 368 trace_probe_set_flag(tp, TP_FLAG_PROFILE); 369 370 if (enabled) 371 return 0; 372 373 list_for_each_entry(tk, trace_probe_probe_list(tp), tp.list) { 374 if (trace_kprobe_has_gone(tk)) 375 continue; 376 ret = __enable_trace_kprobe(tk); 377 if (ret) 378 break; 379 enabled = true; 380 } 381 382 if (ret) { 383 /* Failed to enable one of them. Roll back all */ 384 if (enabled) 385 __disable_trace_kprobe(tp); 386 if (file) 387 trace_probe_remove_file(tp, file); 388 else 389 trace_probe_clear_flag(tp, TP_FLAG_PROFILE); 390 } 391 392 return ret; 393 } 394 395 /* 396 * Disable trace_probe 397 * if the file is NULL, disable "perf" handler, or disable "trace" handler. 398 */ disable_trace_kprobe(struct trace_event_call * call,struct trace_event_file * file)399 static int disable_trace_kprobe(struct trace_event_call *call, 400 struct trace_event_file *file) 401 { 402 struct trace_probe *tp; 403 404 tp = trace_probe_primary_from_call(call); 405 if (WARN_ON_ONCE(!tp)) 406 return -ENODEV; 407 408 if (file) { 409 if (!trace_probe_get_file_link(tp, file)) 410 return -ENOENT; 411 if (!trace_probe_has_single_file(tp)) 412 goto out; 413 trace_probe_clear_flag(tp, TP_FLAG_TRACE); 414 } else 415 trace_probe_clear_flag(tp, TP_FLAG_PROFILE); 416 417 if (!trace_probe_is_enabled(tp)) 418 __disable_trace_kprobe(tp); 419 420 out: 421 if (file) 422 /* 423 * Synchronization is done in below function. For perf event, 424 * file == NULL and perf_trace_event_unreg() calls 425 * tracepoint_synchronize_unregister() to ensure synchronize 426 * event. We don't need to care about it. 427 */ 428 trace_probe_remove_file(tp, file); 429 430 return 0; 431 } 432 433 #if defined(CONFIG_DYNAMIC_FTRACE) && \ 434 !defined(CONFIG_KPROBE_EVENTS_ON_NOTRACE) __within_notrace_func(unsigned long addr)435 static bool __within_notrace_func(unsigned long addr) 436 { 437 unsigned long offset, size; 438 439 if (!addr || !kallsyms_lookup_size_offset(addr, &size, &offset)) 440 return false; 441 442 /* Get the entry address of the target function */ 443 addr -= offset; 444 445 /* 446 * Since ftrace_location_range() does inclusive range check, we need 447 * to subtract 1 byte from the end address. 448 */ 449 return !ftrace_location_range(addr, addr + size - 1); 450 } 451 within_notrace_func(struct trace_kprobe * tk)452 static bool within_notrace_func(struct trace_kprobe *tk) 453 { 454 unsigned long addr = trace_kprobe_address(tk); 455 char symname[KSYM_NAME_LEN], *p; 456 457 if (!__within_notrace_func(addr)) 458 return false; 459 460 /* Check if the address is on a suffixed-symbol */ 461 if (!lookup_symbol_name(addr, symname)) { 462 p = strchr(symname, '.'); 463 if (!p) 464 return true; 465 *p = '\0'; 466 addr = (unsigned long)kprobe_lookup_name(symname, 0); 467 if (addr) 468 return __within_notrace_func(addr); 469 } 470 471 return true; 472 } 473 #else 474 #define within_notrace_func(tk) (false) 475 #endif 476 477 /* Internal register function - just handle k*probes and flags */ __register_trace_kprobe(struct trace_kprobe * tk)478 static int __register_trace_kprobe(struct trace_kprobe *tk) 479 { 480 int i, ret; 481 482 ret = security_locked_down(LOCKDOWN_KPROBES); 483 if (ret) 484 return ret; 485 486 if (trace_kprobe_is_registered(tk)) 487 return -EINVAL; 488 489 if (within_notrace_func(tk)) { 490 pr_warn("Could not probe notrace function %s\n", 491 trace_kprobe_symbol(tk)); 492 return -EINVAL; 493 } 494 495 for (i = 0; i < tk->tp.nr_args; i++) { 496 ret = traceprobe_update_arg(&tk->tp.args[i]); 497 if (ret) 498 return ret; 499 } 500 501 /* Set/clear disabled flag according to tp->flag */ 502 if (trace_probe_is_enabled(&tk->tp)) 503 tk->rp.kp.flags &= ~KPROBE_FLAG_DISABLED; 504 else 505 tk->rp.kp.flags |= KPROBE_FLAG_DISABLED; 506 507 if (trace_kprobe_is_return(tk)) 508 ret = register_kretprobe(&tk->rp); 509 else 510 ret = register_kprobe(&tk->rp.kp); 511 512 return ret; 513 } 514 515 /* Internal unregister function - just handle k*probes and flags */ __unregister_trace_kprobe(struct trace_kprobe * tk)516 static void __unregister_trace_kprobe(struct trace_kprobe *tk) 517 { 518 if (trace_kprobe_is_registered(tk)) { 519 if (trace_kprobe_is_return(tk)) 520 unregister_kretprobe(&tk->rp); 521 else 522 unregister_kprobe(&tk->rp.kp); 523 /* Cleanup kprobe for reuse and mark it unregistered */ 524 INIT_HLIST_NODE(&tk->rp.kp.hlist); 525 INIT_LIST_HEAD(&tk->rp.kp.list); 526 if (tk->rp.kp.symbol_name) 527 tk->rp.kp.addr = NULL; 528 } 529 } 530 531 /* Unregister a trace_probe and probe_event */ unregister_trace_kprobe(struct trace_kprobe * tk)532 static int unregister_trace_kprobe(struct trace_kprobe *tk) 533 { 534 /* If other probes are on the event, just unregister kprobe */ 535 if (trace_probe_has_sibling(&tk->tp)) 536 goto unreg; 537 538 /* Enabled event can not be unregistered */ 539 if (trace_probe_is_enabled(&tk->tp)) 540 return -EBUSY; 541 542 /* If there's a reference to the dynamic event */ 543 if (trace_event_dyn_busy(trace_probe_event_call(&tk->tp))) 544 return -EBUSY; 545 546 /* Will fail if probe is being used by ftrace or perf */ 547 if (unregister_kprobe_event(tk)) 548 return -EBUSY; 549 550 unreg: 551 __unregister_trace_kprobe(tk); 552 dyn_event_remove(&tk->devent); 553 trace_probe_unlink(&tk->tp); 554 555 return 0; 556 } 557 trace_kprobe_has_same_kprobe(struct trace_kprobe * orig,struct trace_kprobe * comp)558 static bool trace_kprobe_has_same_kprobe(struct trace_kprobe *orig, 559 struct trace_kprobe *comp) 560 { 561 struct trace_probe_event *tpe = orig->tp.event; 562 int i; 563 564 list_for_each_entry(orig, &tpe->probes, tp.list) { 565 if (strcmp(trace_kprobe_symbol(orig), 566 trace_kprobe_symbol(comp)) || 567 trace_kprobe_offset(orig) != trace_kprobe_offset(comp)) 568 continue; 569 570 /* 571 * trace_probe_compare_arg_type() ensured that nr_args and 572 * each argument name and type are same. Let's compare comm. 573 */ 574 for (i = 0; i < orig->tp.nr_args; i++) { 575 if (strcmp(orig->tp.args[i].comm, 576 comp->tp.args[i].comm)) 577 break; 578 } 579 580 if (i == orig->tp.nr_args) 581 return true; 582 } 583 584 return false; 585 } 586 append_trace_kprobe(struct trace_kprobe * tk,struct trace_kprobe * to)587 static int append_trace_kprobe(struct trace_kprobe *tk, struct trace_kprobe *to) 588 { 589 int ret; 590 591 ret = trace_probe_compare_arg_type(&tk->tp, &to->tp); 592 if (ret) { 593 /* Note that argument starts index = 2 */ 594 trace_probe_log_set_index(ret + 1); 595 trace_probe_log_err(0, DIFF_ARG_TYPE); 596 return -EEXIST; 597 } 598 if (trace_kprobe_has_same_kprobe(to, tk)) { 599 trace_probe_log_set_index(0); 600 trace_probe_log_err(0, SAME_PROBE); 601 return -EEXIST; 602 } 603 604 /* Append to existing event */ 605 ret = trace_probe_append(&tk->tp, &to->tp); 606 if (ret) 607 return ret; 608 609 /* Register k*probe */ 610 ret = __register_trace_kprobe(tk); 611 if (ret == -ENOENT && !trace_kprobe_module_exist(tk)) { 612 pr_warn("This probe might be able to register after target module is loaded. Continue.\n"); 613 ret = 0; 614 } 615 616 if (ret) 617 trace_probe_unlink(&tk->tp); 618 else 619 dyn_event_add(&tk->devent, trace_probe_event_call(&tk->tp)); 620 621 return ret; 622 } 623 624 /* Register a trace_probe and probe_event */ register_trace_kprobe(struct trace_kprobe * tk)625 static int register_trace_kprobe(struct trace_kprobe *tk) 626 { 627 struct trace_kprobe *old_tk; 628 int ret; 629 630 mutex_lock(&event_mutex); 631 632 old_tk = find_trace_kprobe(trace_probe_name(&tk->tp), 633 trace_probe_group_name(&tk->tp)); 634 if (old_tk) { 635 if (trace_kprobe_is_return(tk) != trace_kprobe_is_return(old_tk)) { 636 trace_probe_log_set_index(0); 637 trace_probe_log_err(0, DIFF_PROBE_TYPE); 638 ret = -EEXIST; 639 } else { 640 ret = append_trace_kprobe(tk, old_tk); 641 } 642 goto end; 643 } 644 645 /* Register new event */ 646 ret = register_kprobe_event(tk); 647 if (ret) { 648 if (ret == -EEXIST) { 649 trace_probe_log_set_index(0); 650 trace_probe_log_err(0, EVENT_EXIST); 651 } else 652 pr_warn("Failed to register probe event(%d)\n", ret); 653 goto end; 654 } 655 656 /* Register k*probe */ 657 ret = __register_trace_kprobe(tk); 658 if (ret == -ENOENT && !trace_kprobe_module_exist(tk)) { 659 pr_warn("This probe might be able to register after target module is loaded. Continue.\n"); 660 ret = 0; 661 } 662 663 if (ret < 0) 664 unregister_kprobe_event(tk); 665 else 666 dyn_event_add(&tk->devent, trace_probe_event_call(&tk->tp)); 667 668 end: 669 mutex_unlock(&event_mutex); 670 return ret; 671 } 672 673 /* Module notifier call back, checking event on the module */ trace_kprobe_module_callback(struct notifier_block * nb,unsigned long val,void * data)674 static int trace_kprobe_module_callback(struct notifier_block *nb, 675 unsigned long val, void *data) 676 { 677 struct module *mod = data; 678 struct dyn_event *pos; 679 struct trace_kprobe *tk; 680 int ret; 681 682 if (val != MODULE_STATE_COMING) 683 return NOTIFY_DONE; 684 685 /* Update probes on coming module */ 686 mutex_lock(&event_mutex); 687 for_each_trace_kprobe(tk, pos) { 688 if (trace_kprobe_within_module(tk, mod)) { 689 /* Don't need to check busy - this should have gone. */ 690 __unregister_trace_kprobe(tk); 691 ret = __register_trace_kprobe(tk); 692 if (ret) 693 pr_warn("Failed to re-register probe %s on %s: %d\n", 694 trace_probe_name(&tk->tp), 695 module_name(mod), ret); 696 } 697 } 698 mutex_unlock(&event_mutex); 699 700 return NOTIFY_DONE; 701 } 702 703 static struct notifier_block trace_kprobe_module_nb = { 704 .notifier_call = trace_kprobe_module_callback, 705 .priority = 2 /* Invoked after kprobe and jump_label module callback */ 706 }; 707 count_symbols(void * data,unsigned long unused)708 static int count_symbols(void *data, unsigned long unused) 709 { 710 unsigned int *count = data; 711 712 (*count)++; 713 714 return 0; 715 } 716 717 struct sym_count_ctx { 718 unsigned int count; 719 const char *name; 720 }; 721 count_mod_symbols(void * data,const char * name,unsigned long unused)722 static int count_mod_symbols(void *data, const char *name, unsigned long unused) 723 { 724 struct sym_count_ctx *ctx = data; 725 726 if (strcmp(name, ctx->name) == 0) 727 ctx->count++; 728 729 return 0; 730 } 731 number_of_same_symbols(char * func_name)732 static unsigned int number_of_same_symbols(char *func_name) 733 { 734 struct sym_count_ctx ctx = { .count = 0, .name = func_name }; 735 736 kallsyms_on_each_match_symbol(count_symbols, func_name, &ctx.count); 737 738 module_kallsyms_on_each_symbol(NULL, count_mod_symbols, &ctx); 739 740 return ctx.count; 741 } 742 743 static int trace_kprobe_entry_handler(struct kretprobe_instance *ri, 744 struct pt_regs *regs); 745 __trace_kprobe_create(int argc,const char * argv[])746 static int __trace_kprobe_create(int argc, const char *argv[]) 747 { 748 /* 749 * Argument syntax: 750 * - Add kprobe: 751 * p[:[GRP/][EVENT]] [MOD:]KSYM[+OFFS]|KADDR [FETCHARGS] 752 * - Add kretprobe: 753 * r[MAXACTIVE][:[GRP/][EVENT]] [MOD:]KSYM[+0] [FETCHARGS] 754 * Or 755 * p[:[GRP/][EVENT]] [MOD:]KSYM[+0]%return [FETCHARGS] 756 * 757 * Fetch args: 758 * $retval : fetch return value 759 * $stack : fetch stack address 760 * $stackN : fetch Nth of stack (N:0-) 761 * $comm : fetch current task comm 762 * @ADDR : fetch memory at ADDR (ADDR should be in kernel) 763 * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol) 764 * %REG : fetch register REG 765 * Dereferencing memory fetch: 766 * +|-offs(ARG) : fetch memory at ARG +|- offs address. 767 * Alias name of args: 768 * NAME=FETCHARG : set NAME as alias of FETCHARG. 769 * Type of args: 770 * FETCHARG:TYPE : use TYPE instead of unsigned long. 771 */ 772 struct trace_kprobe *tk = NULL; 773 int i, len, new_argc = 0, ret = 0; 774 bool is_return = false; 775 char *symbol = NULL, *tmp = NULL; 776 const char **new_argv = NULL; 777 const char *event = NULL, *group = KPROBE_EVENT_SYSTEM; 778 enum probe_print_type ptype; 779 int maxactive = 0; 780 long offset = 0; 781 void *addr = NULL; 782 char buf[MAX_EVENT_NAME_LEN]; 783 char gbuf[MAX_EVENT_NAME_LEN]; 784 char abuf[MAX_BTF_ARGS_LEN]; 785 struct traceprobe_parse_context ctx = { .flags = TPARG_FL_KERNEL }; 786 787 switch (argv[0][0]) { 788 case 'r': 789 is_return = true; 790 break; 791 case 'p': 792 break; 793 default: 794 return -ECANCELED; 795 } 796 if (argc < 2) 797 return -ECANCELED; 798 799 trace_probe_log_init("trace_kprobe", argc, argv); 800 801 event = strchr(&argv[0][1], ':'); 802 if (event) 803 event++; 804 805 if (isdigit(argv[0][1])) { 806 if (!is_return) { 807 trace_probe_log_err(1, BAD_MAXACT_TYPE); 808 goto parse_error; 809 } 810 if (event) 811 len = event - &argv[0][1] - 1; 812 else 813 len = strlen(&argv[0][1]); 814 if (len > MAX_EVENT_NAME_LEN - 1) { 815 trace_probe_log_err(1, BAD_MAXACT); 816 goto parse_error; 817 } 818 memcpy(buf, &argv[0][1], len); 819 buf[len] = '\0'; 820 ret = kstrtouint(buf, 0, &maxactive); 821 if (ret || !maxactive) { 822 trace_probe_log_err(1, BAD_MAXACT); 823 goto parse_error; 824 } 825 /* kretprobes instances are iterated over via a list. The 826 * maximum should stay reasonable. 827 */ 828 if (maxactive > KRETPROBE_MAXACTIVE_MAX) { 829 trace_probe_log_err(1, MAXACT_TOO_BIG); 830 goto parse_error; 831 } 832 } 833 834 /* try to parse an address. if that fails, try to read the 835 * input as a symbol. */ 836 if (kstrtoul(argv[1], 0, (unsigned long *)&addr)) { 837 trace_probe_log_set_index(1); 838 /* Check whether uprobe event specified */ 839 if (strchr(argv[1], '/') && strchr(argv[1], ':')) { 840 ret = -ECANCELED; 841 goto error; 842 } 843 /* a symbol specified */ 844 symbol = kstrdup(argv[1], GFP_KERNEL); 845 if (!symbol) 846 return -ENOMEM; 847 848 tmp = strchr(symbol, '%'); 849 if (tmp) { 850 if (!strcmp(tmp, "%return")) { 851 *tmp = '\0'; 852 is_return = true; 853 } else { 854 trace_probe_log_err(tmp - symbol, BAD_ADDR_SUFFIX); 855 goto parse_error; 856 } 857 } 858 859 /* TODO: support .init module functions */ 860 ret = traceprobe_split_symbol_offset(symbol, &offset); 861 if (ret || offset < 0 || offset > UINT_MAX) { 862 trace_probe_log_err(0, BAD_PROBE_ADDR); 863 goto parse_error; 864 } 865 if (is_return) 866 ctx.flags |= TPARG_FL_RETURN; 867 ret = kprobe_on_func_entry(NULL, symbol, offset); 868 if (ret == 0 && !is_return) 869 ctx.flags |= TPARG_FL_FENTRY; 870 /* Defer the ENOENT case until register kprobe */ 871 if (ret == -EINVAL && is_return) { 872 trace_probe_log_err(0, BAD_RETPROBE); 873 goto parse_error; 874 } 875 } 876 877 if (symbol && !strchr(symbol, ':')) { 878 unsigned int count; 879 880 count = number_of_same_symbols(symbol); 881 if (count > 1) { 882 /* 883 * Users should use ADDR to remove the ambiguity of 884 * using KSYM only. 885 */ 886 trace_probe_log_err(0, NON_UNIQ_SYMBOL); 887 ret = -EADDRNOTAVAIL; 888 889 goto error; 890 } else if (count == 0) { 891 /* 892 * We can return ENOENT earlier than when register the 893 * kprobe. 894 */ 895 trace_probe_log_err(0, BAD_PROBE_ADDR); 896 ret = -ENOENT; 897 898 goto error; 899 } 900 } 901 902 trace_probe_log_set_index(0); 903 if (event) { 904 ret = traceprobe_parse_event_name(&event, &group, gbuf, 905 event - argv[0]); 906 if (ret) 907 goto parse_error; 908 } 909 910 if (!event) { 911 /* Make a new event name */ 912 if (symbol) 913 snprintf(buf, MAX_EVENT_NAME_LEN, "%c_%s_%ld", 914 is_return ? 'r' : 'p', symbol, offset); 915 else 916 snprintf(buf, MAX_EVENT_NAME_LEN, "%c_0x%p", 917 is_return ? 'r' : 'p', addr); 918 sanitize_event_name(buf); 919 event = buf; 920 } 921 922 argc -= 2; argv += 2; 923 ctx.funcname = symbol; 924 new_argv = traceprobe_expand_meta_args(argc, argv, &new_argc, 925 abuf, MAX_BTF_ARGS_LEN, &ctx); 926 if (IS_ERR(new_argv)) { 927 ret = PTR_ERR(new_argv); 928 new_argv = NULL; 929 goto out; 930 } 931 if (new_argv) { 932 argc = new_argc; 933 argv = new_argv; 934 } 935 if (argc > MAX_TRACE_ARGS) { 936 ret = -E2BIG; 937 goto out; 938 } 939 940 /* setup a probe */ 941 tk = alloc_trace_kprobe(group, event, addr, symbol, offset, maxactive, 942 argc, is_return); 943 if (IS_ERR(tk)) { 944 ret = PTR_ERR(tk); 945 /* This must return -ENOMEM, else there is a bug */ 946 WARN_ON_ONCE(ret != -ENOMEM); 947 goto out; /* We know tk is not allocated */ 948 } 949 950 /* parse arguments */ 951 for (i = 0; i < argc; i++) { 952 trace_probe_log_set_index(i + 2); 953 ctx.offset = 0; 954 ret = traceprobe_parse_probe_arg(&tk->tp, i, argv[i], &ctx); 955 if (ret) 956 goto error; /* This can be -ENOMEM */ 957 } 958 /* entry handler for kretprobe */ 959 if (is_return && tk->tp.entry_arg) { 960 tk->rp.entry_handler = trace_kprobe_entry_handler; 961 tk->rp.data_size = traceprobe_get_entry_data_size(&tk->tp); 962 } 963 964 ptype = is_return ? PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL; 965 ret = traceprobe_set_print_fmt(&tk->tp, ptype); 966 if (ret < 0) 967 goto error; 968 969 ret = register_trace_kprobe(tk); 970 if (ret) { 971 trace_probe_log_set_index(1); 972 if (ret == -EILSEQ) 973 trace_probe_log_err(0, BAD_INSN_BNDRY); 974 else if (ret == -ENOENT) 975 trace_probe_log_err(0, BAD_PROBE_ADDR); 976 else if (ret != -ENOMEM && ret != -EEXIST) 977 trace_probe_log_err(0, FAIL_REG_PROBE); 978 goto error; 979 } 980 981 out: 982 traceprobe_finish_parse(&ctx); 983 trace_probe_log_clear(); 984 kfree(new_argv); 985 kfree(symbol); 986 return ret; 987 988 parse_error: 989 ret = -EINVAL; 990 error: 991 free_trace_kprobe(tk); 992 goto out; 993 } 994 trace_kprobe_create(const char * raw_command)995 static int trace_kprobe_create(const char *raw_command) 996 { 997 return trace_probe_create(raw_command, __trace_kprobe_create); 998 } 999 create_or_delete_trace_kprobe(const char * raw_command)1000 static int create_or_delete_trace_kprobe(const char *raw_command) 1001 { 1002 int ret; 1003 1004 if (raw_command[0] == '-') 1005 return dyn_event_release(raw_command, &trace_kprobe_ops); 1006 1007 ret = trace_kprobe_create(raw_command); 1008 return ret == -ECANCELED ? -EINVAL : ret; 1009 } 1010 trace_kprobe_run_command(struct dynevent_cmd * cmd)1011 static int trace_kprobe_run_command(struct dynevent_cmd *cmd) 1012 { 1013 return create_or_delete_trace_kprobe(cmd->seq.buffer); 1014 } 1015 1016 /** 1017 * kprobe_event_cmd_init - Initialize a kprobe event command object 1018 * @cmd: A pointer to the dynevent_cmd struct representing the new event 1019 * @buf: A pointer to the buffer used to build the command 1020 * @maxlen: The length of the buffer passed in @buf 1021 * 1022 * Initialize a synthetic event command object. Use this before 1023 * calling any of the other kprobe_event functions. 1024 */ kprobe_event_cmd_init(struct dynevent_cmd * cmd,char * buf,int maxlen)1025 void kprobe_event_cmd_init(struct dynevent_cmd *cmd, char *buf, int maxlen) 1026 { 1027 dynevent_cmd_init(cmd, buf, maxlen, DYNEVENT_TYPE_KPROBE, 1028 trace_kprobe_run_command); 1029 } 1030 EXPORT_SYMBOL_GPL(kprobe_event_cmd_init); 1031 1032 /** 1033 * __kprobe_event_gen_cmd_start - Generate a kprobe event command from arg list 1034 * @cmd: A pointer to the dynevent_cmd struct representing the new event 1035 * @kretprobe: Is this a return probe? 1036 * @name: The name of the kprobe event 1037 * @loc: The location of the kprobe event 1038 * @...: Variable number of arg (pairs), one pair for each field 1039 * 1040 * NOTE: Users normally won't want to call this function directly, but 1041 * rather use the kprobe_event_gen_cmd_start() wrapper, which automatically 1042 * adds a NULL to the end of the arg list. If this function is used 1043 * directly, make sure the last arg in the variable arg list is NULL. 1044 * 1045 * Generate a kprobe event command to be executed by 1046 * kprobe_event_gen_cmd_end(). This function can be used to generate the 1047 * complete command or only the first part of it; in the latter case, 1048 * kprobe_event_add_fields() can be used to add more fields following this. 1049 * 1050 * Unlikely the synth_event_gen_cmd_start(), @loc must be specified. This 1051 * returns -EINVAL if @loc == NULL. 1052 * 1053 * Return: 0 if successful, error otherwise. 1054 */ __kprobe_event_gen_cmd_start(struct dynevent_cmd * cmd,bool kretprobe,const char * name,const char * loc,...)1055 int __kprobe_event_gen_cmd_start(struct dynevent_cmd *cmd, bool kretprobe, 1056 const char *name, const char *loc, ...) 1057 { 1058 char buf[MAX_EVENT_NAME_LEN]; 1059 struct dynevent_arg arg; 1060 va_list args; 1061 int ret; 1062 1063 if (cmd->type != DYNEVENT_TYPE_KPROBE) 1064 return -EINVAL; 1065 1066 if (!loc) 1067 return -EINVAL; 1068 1069 if (kretprobe) 1070 snprintf(buf, MAX_EVENT_NAME_LEN, "r:kprobes/%s", name); 1071 else 1072 snprintf(buf, MAX_EVENT_NAME_LEN, "p:kprobes/%s", name); 1073 1074 ret = dynevent_str_add(cmd, buf); 1075 if (ret) 1076 return ret; 1077 1078 dynevent_arg_init(&arg, 0); 1079 arg.str = loc; 1080 ret = dynevent_arg_add(cmd, &arg, NULL); 1081 if (ret) 1082 return ret; 1083 1084 va_start(args, loc); 1085 for (;;) { 1086 const char *field; 1087 1088 field = va_arg(args, const char *); 1089 if (!field) 1090 break; 1091 1092 if (++cmd->n_fields > MAX_TRACE_ARGS) { 1093 ret = -EINVAL; 1094 break; 1095 } 1096 1097 arg.str = field; 1098 ret = dynevent_arg_add(cmd, &arg, NULL); 1099 if (ret) 1100 break; 1101 } 1102 va_end(args); 1103 1104 return ret; 1105 } 1106 EXPORT_SYMBOL_GPL(__kprobe_event_gen_cmd_start); 1107 1108 /** 1109 * __kprobe_event_add_fields - Add probe fields to a kprobe command from arg list 1110 * @cmd: A pointer to the dynevent_cmd struct representing the new event 1111 * @...: Variable number of arg (pairs), one pair for each field 1112 * 1113 * NOTE: Users normally won't want to call this function directly, but 1114 * rather use the kprobe_event_add_fields() wrapper, which 1115 * automatically adds a NULL to the end of the arg list. If this 1116 * function is used directly, make sure the last arg in the variable 1117 * arg list is NULL. 1118 * 1119 * Add probe fields to an existing kprobe command using a variable 1120 * list of args. Fields are added in the same order they're listed. 1121 * 1122 * Return: 0 if successful, error otherwise. 1123 */ __kprobe_event_add_fields(struct dynevent_cmd * cmd,...)1124 int __kprobe_event_add_fields(struct dynevent_cmd *cmd, ...) 1125 { 1126 struct dynevent_arg arg; 1127 va_list args; 1128 int ret = 0; 1129 1130 if (cmd->type != DYNEVENT_TYPE_KPROBE) 1131 return -EINVAL; 1132 1133 dynevent_arg_init(&arg, 0); 1134 1135 va_start(args, cmd); 1136 for (;;) { 1137 const char *field; 1138 1139 field = va_arg(args, const char *); 1140 if (!field) 1141 break; 1142 1143 if (++cmd->n_fields > MAX_TRACE_ARGS) { 1144 ret = -EINVAL; 1145 break; 1146 } 1147 1148 arg.str = field; 1149 ret = dynevent_arg_add(cmd, &arg, NULL); 1150 if (ret) 1151 break; 1152 } 1153 va_end(args); 1154 1155 return ret; 1156 } 1157 EXPORT_SYMBOL_GPL(__kprobe_event_add_fields); 1158 1159 /** 1160 * kprobe_event_delete - Delete a kprobe event 1161 * @name: The name of the kprobe event to delete 1162 * 1163 * Delete a kprobe event with the give @name from kernel code rather 1164 * than directly from the command line. 1165 * 1166 * Return: 0 if successful, error otherwise. 1167 */ kprobe_event_delete(const char * name)1168 int kprobe_event_delete(const char *name) 1169 { 1170 char buf[MAX_EVENT_NAME_LEN]; 1171 1172 snprintf(buf, MAX_EVENT_NAME_LEN, "-:%s", name); 1173 1174 return create_or_delete_trace_kprobe(buf); 1175 } 1176 EXPORT_SYMBOL_GPL(kprobe_event_delete); 1177 trace_kprobe_release(struct dyn_event * ev)1178 static int trace_kprobe_release(struct dyn_event *ev) 1179 { 1180 struct trace_kprobe *tk = to_trace_kprobe(ev); 1181 int ret = unregister_trace_kprobe(tk); 1182 1183 if (!ret) 1184 free_trace_kprobe(tk); 1185 return ret; 1186 } 1187 trace_kprobe_show(struct seq_file * m,struct dyn_event * ev)1188 static int trace_kprobe_show(struct seq_file *m, struct dyn_event *ev) 1189 { 1190 struct trace_kprobe *tk = to_trace_kprobe(ev); 1191 int i; 1192 1193 seq_putc(m, trace_kprobe_is_return(tk) ? 'r' : 'p'); 1194 if (trace_kprobe_is_return(tk) && tk->rp.maxactive) 1195 seq_printf(m, "%d", tk->rp.maxactive); 1196 seq_printf(m, ":%s/%s", trace_probe_group_name(&tk->tp), 1197 trace_probe_name(&tk->tp)); 1198 1199 if (!tk->symbol) 1200 seq_printf(m, " 0x%p", tk->rp.kp.addr); 1201 else if (tk->rp.kp.offset) 1202 seq_printf(m, " %s+%u", trace_kprobe_symbol(tk), 1203 tk->rp.kp.offset); 1204 else 1205 seq_printf(m, " %s", trace_kprobe_symbol(tk)); 1206 1207 for (i = 0; i < tk->tp.nr_args; i++) 1208 seq_printf(m, " %s=%s", tk->tp.args[i].name, tk->tp.args[i].comm); 1209 seq_putc(m, '\n'); 1210 1211 return 0; 1212 } 1213 probes_seq_show(struct seq_file * m,void * v)1214 static int probes_seq_show(struct seq_file *m, void *v) 1215 { 1216 struct dyn_event *ev = v; 1217 1218 if (!is_trace_kprobe(ev)) 1219 return 0; 1220 1221 return trace_kprobe_show(m, ev); 1222 } 1223 1224 static const struct seq_operations probes_seq_op = { 1225 .start = dyn_event_seq_start, 1226 .next = dyn_event_seq_next, 1227 .stop = dyn_event_seq_stop, 1228 .show = probes_seq_show 1229 }; 1230 probes_open(struct inode * inode,struct file * file)1231 static int probes_open(struct inode *inode, struct file *file) 1232 { 1233 int ret; 1234 1235 ret = security_locked_down(LOCKDOWN_TRACEFS); 1236 if (ret) 1237 return ret; 1238 1239 if ((file->f_mode & FMODE_WRITE) && (file->f_flags & O_TRUNC)) { 1240 ret = dyn_events_release_all(&trace_kprobe_ops); 1241 if (ret < 0) 1242 return ret; 1243 } 1244 1245 return seq_open(file, &probes_seq_op); 1246 } 1247 probes_write(struct file * file,const char __user * buffer,size_t count,loff_t * ppos)1248 static ssize_t probes_write(struct file *file, const char __user *buffer, 1249 size_t count, loff_t *ppos) 1250 { 1251 return trace_parse_run_command(file, buffer, count, ppos, 1252 create_or_delete_trace_kprobe); 1253 } 1254 1255 static const struct file_operations kprobe_events_ops = { 1256 .owner = THIS_MODULE, 1257 .open = probes_open, 1258 .read = seq_read, 1259 .llseek = seq_lseek, 1260 .release = seq_release, 1261 .write = probes_write, 1262 }; 1263 trace_kprobe_missed(struct trace_kprobe * tk)1264 static unsigned long trace_kprobe_missed(struct trace_kprobe *tk) 1265 { 1266 return trace_kprobe_is_return(tk) ? 1267 tk->rp.kp.nmissed + tk->rp.nmissed : tk->rp.kp.nmissed; 1268 } 1269 1270 /* Probes profiling interfaces */ probes_profile_seq_show(struct seq_file * m,void * v)1271 static int probes_profile_seq_show(struct seq_file *m, void *v) 1272 { 1273 struct dyn_event *ev = v; 1274 struct trace_kprobe *tk; 1275 unsigned long nmissed; 1276 1277 if (!is_trace_kprobe(ev)) 1278 return 0; 1279 1280 tk = to_trace_kprobe(ev); 1281 nmissed = trace_kprobe_missed(tk); 1282 seq_printf(m, " %-44s %15lu %15lu\n", 1283 trace_probe_name(&tk->tp), 1284 trace_kprobe_nhit(tk), 1285 nmissed); 1286 1287 return 0; 1288 } 1289 1290 static const struct seq_operations profile_seq_op = { 1291 .start = dyn_event_seq_start, 1292 .next = dyn_event_seq_next, 1293 .stop = dyn_event_seq_stop, 1294 .show = probes_profile_seq_show 1295 }; 1296 profile_open(struct inode * inode,struct file * file)1297 static int profile_open(struct inode *inode, struct file *file) 1298 { 1299 int ret; 1300 1301 ret = security_locked_down(LOCKDOWN_TRACEFS); 1302 if (ret) 1303 return ret; 1304 1305 return seq_open(file, &profile_seq_op); 1306 } 1307 1308 static const struct file_operations kprobe_profile_ops = { 1309 .owner = THIS_MODULE, 1310 .open = profile_open, 1311 .read = seq_read, 1312 .llseek = seq_lseek, 1313 .release = seq_release, 1314 }; 1315 1316 /* Note that we don't verify it, since the code does not come from user space */ 1317 static int process_fetch_insn(struct fetch_insn * code,void * rec,void * edata,void * dest,void * base)1318 process_fetch_insn(struct fetch_insn *code, void *rec, void *edata, 1319 void *dest, void *base) 1320 { 1321 struct pt_regs *regs = rec; 1322 unsigned long val; 1323 int ret; 1324 1325 retry: 1326 /* 1st stage: get value from context */ 1327 switch (code->op) { 1328 case FETCH_OP_REG: 1329 val = regs_get_register(regs, code->param); 1330 break; 1331 case FETCH_OP_STACK: 1332 val = regs_get_kernel_stack_nth(regs, code->param); 1333 break; 1334 case FETCH_OP_STACKP: 1335 val = kernel_stack_pointer(regs); 1336 break; 1337 case FETCH_OP_RETVAL: 1338 val = regs_return_value(regs); 1339 break; 1340 #ifdef CONFIG_HAVE_FUNCTION_ARG_ACCESS_API 1341 case FETCH_OP_ARG: 1342 val = regs_get_kernel_argument(regs, code->param); 1343 break; 1344 case FETCH_OP_EDATA: 1345 val = *(unsigned long *)((unsigned long)edata + code->offset); 1346 break; 1347 #endif 1348 case FETCH_NOP_SYMBOL: /* Ignore a place holder */ 1349 code++; 1350 goto retry; 1351 default: 1352 ret = process_common_fetch_insn(code, &val); 1353 if (ret < 0) 1354 return ret; 1355 } 1356 code++; 1357 1358 return process_fetch_insn_bottom(code, val, dest, base); 1359 } NOKPROBE_SYMBOL(process_fetch_insn)1360 NOKPROBE_SYMBOL(process_fetch_insn) 1361 1362 /* Kprobe handler */ 1363 static nokprobe_inline void 1364 __kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs, 1365 struct trace_event_file *trace_file) 1366 { 1367 struct kprobe_trace_entry_head *entry; 1368 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1369 struct trace_event_buffer fbuffer; 1370 int dsize; 1371 1372 WARN_ON(call != trace_file->event_call); 1373 1374 if (trace_trigger_soft_disabled(trace_file)) 1375 return; 1376 1377 dsize = __get_data_size(&tk->tp, regs, NULL); 1378 1379 entry = trace_event_buffer_reserve(&fbuffer, trace_file, 1380 sizeof(*entry) + tk->tp.size + dsize); 1381 if (!entry) 1382 return; 1383 1384 fbuffer.regs = regs; 1385 entry->ip = (unsigned long)tk->rp.kp.addr; 1386 store_trace_args(&entry[1], &tk->tp, regs, NULL, sizeof(*entry), dsize); 1387 1388 trace_event_buffer_commit(&fbuffer); 1389 } 1390 1391 static void kprobe_trace_func(struct trace_kprobe * tk,struct pt_regs * regs)1392 kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs) 1393 { 1394 struct event_file_link *link; 1395 1396 trace_probe_for_each_link_rcu(link, &tk->tp) 1397 __kprobe_trace_func(tk, regs, link->file); 1398 } 1399 NOKPROBE_SYMBOL(kprobe_trace_func); 1400 1401 /* Kretprobe handler */ 1402 trace_kprobe_entry_handler(struct kretprobe_instance * ri,struct pt_regs * regs)1403 static int trace_kprobe_entry_handler(struct kretprobe_instance *ri, 1404 struct pt_regs *regs) 1405 { 1406 struct kretprobe *rp = get_kretprobe(ri); 1407 struct trace_kprobe *tk; 1408 1409 /* 1410 * There is a small chance that get_kretprobe(ri) returns NULL when 1411 * the kretprobe is unregister on another CPU between kretprobe's 1412 * trampoline_handler and this function. 1413 */ 1414 if (unlikely(!rp)) 1415 return -ENOENT; 1416 1417 tk = container_of(rp, struct trace_kprobe, rp); 1418 1419 /* store argument values into ri->data as entry data */ 1420 if (tk->tp.entry_arg) 1421 store_trace_entry_data(ri->data, &tk->tp, regs); 1422 1423 return 0; 1424 } 1425 1426 1427 static nokprobe_inline void __kretprobe_trace_func(struct trace_kprobe * tk,struct kretprobe_instance * ri,struct pt_regs * regs,struct trace_event_file * trace_file)1428 __kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, 1429 struct pt_regs *regs, 1430 struct trace_event_file *trace_file) 1431 { 1432 struct kretprobe_trace_entry_head *entry; 1433 struct trace_event_buffer fbuffer; 1434 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1435 int dsize; 1436 1437 WARN_ON(call != trace_file->event_call); 1438 1439 if (trace_trigger_soft_disabled(trace_file)) 1440 return; 1441 1442 dsize = __get_data_size(&tk->tp, regs, ri->data); 1443 1444 entry = trace_event_buffer_reserve(&fbuffer, trace_file, 1445 sizeof(*entry) + tk->tp.size + dsize); 1446 if (!entry) 1447 return; 1448 1449 fbuffer.regs = regs; 1450 entry->func = (unsigned long)tk->rp.kp.addr; 1451 entry->ret_ip = get_kretprobe_retaddr(ri); 1452 store_trace_args(&entry[1], &tk->tp, regs, ri->data, sizeof(*entry), dsize); 1453 1454 trace_event_buffer_commit(&fbuffer); 1455 } 1456 1457 static void kretprobe_trace_func(struct trace_kprobe * tk,struct kretprobe_instance * ri,struct pt_regs * regs)1458 kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, 1459 struct pt_regs *regs) 1460 { 1461 struct event_file_link *link; 1462 1463 trace_probe_for_each_link_rcu(link, &tk->tp) 1464 __kretprobe_trace_func(tk, ri, regs, link->file); 1465 } 1466 NOKPROBE_SYMBOL(kretprobe_trace_func); 1467 1468 /* Event entry printers */ 1469 static enum print_line_t print_kprobe_event(struct trace_iterator * iter,int flags,struct trace_event * event)1470 print_kprobe_event(struct trace_iterator *iter, int flags, 1471 struct trace_event *event) 1472 { 1473 struct kprobe_trace_entry_head *field; 1474 struct trace_seq *s = &iter->seq; 1475 struct trace_probe *tp; 1476 1477 field = (struct kprobe_trace_entry_head *)iter->ent; 1478 tp = trace_probe_primary_from_call( 1479 container_of(event, struct trace_event_call, event)); 1480 if (WARN_ON_ONCE(!tp)) 1481 goto out; 1482 1483 trace_seq_printf(s, "%s: (", trace_probe_name(tp)); 1484 1485 if (!seq_print_ip_sym(s, field->ip, flags | TRACE_ITER_SYM_OFFSET)) 1486 goto out; 1487 1488 trace_seq_putc(s, ')'); 1489 1490 if (trace_probe_print_args(s, tp->args, tp->nr_args, 1491 (u8 *)&field[1], field) < 0) 1492 goto out; 1493 1494 trace_seq_putc(s, '\n'); 1495 out: 1496 return trace_handle_return(s); 1497 } 1498 1499 static enum print_line_t print_kretprobe_event(struct trace_iterator * iter,int flags,struct trace_event * event)1500 print_kretprobe_event(struct trace_iterator *iter, int flags, 1501 struct trace_event *event) 1502 { 1503 struct kretprobe_trace_entry_head *field; 1504 struct trace_seq *s = &iter->seq; 1505 struct trace_probe *tp; 1506 1507 field = (struct kretprobe_trace_entry_head *)iter->ent; 1508 tp = trace_probe_primary_from_call( 1509 container_of(event, struct trace_event_call, event)); 1510 if (WARN_ON_ONCE(!tp)) 1511 goto out; 1512 1513 trace_seq_printf(s, "%s: (", trace_probe_name(tp)); 1514 1515 if (!seq_print_ip_sym(s, field->ret_ip, flags | TRACE_ITER_SYM_OFFSET)) 1516 goto out; 1517 1518 trace_seq_puts(s, " <- "); 1519 1520 if (!seq_print_ip_sym(s, field->func, flags & ~TRACE_ITER_SYM_OFFSET)) 1521 goto out; 1522 1523 trace_seq_putc(s, ')'); 1524 1525 if (trace_probe_print_args(s, tp->args, tp->nr_args, 1526 (u8 *)&field[1], field) < 0) 1527 goto out; 1528 1529 trace_seq_putc(s, '\n'); 1530 1531 out: 1532 return trace_handle_return(s); 1533 } 1534 1535 kprobe_event_define_fields(struct trace_event_call * event_call)1536 static int kprobe_event_define_fields(struct trace_event_call *event_call) 1537 { 1538 int ret; 1539 struct kprobe_trace_entry_head field; 1540 struct trace_probe *tp; 1541 1542 tp = trace_probe_primary_from_call(event_call); 1543 if (WARN_ON_ONCE(!tp)) 1544 return -ENOENT; 1545 1546 DEFINE_FIELD(unsigned long, ip, FIELD_STRING_IP, 0); 1547 1548 return traceprobe_define_arg_fields(event_call, sizeof(field), tp); 1549 } 1550 kretprobe_event_define_fields(struct trace_event_call * event_call)1551 static int kretprobe_event_define_fields(struct trace_event_call *event_call) 1552 { 1553 int ret; 1554 struct kretprobe_trace_entry_head field; 1555 struct trace_probe *tp; 1556 1557 tp = trace_probe_primary_from_call(event_call); 1558 if (WARN_ON_ONCE(!tp)) 1559 return -ENOENT; 1560 1561 DEFINE_FIELD(unsigned long, func, FIELD_STRING_FUNC, 0); 1562 DEFINE_FIELD(unsigned long, ret_ip, FIELD_STRING_RETIP, 0); 1563 1564 return traceprobe_define_arg_fields(event_call, sizeof(field), tp); 1565 } 1566 1567 #ifdef CONFIG_PERF_EVENTS 1568 1569 /* Kprobe profile handler */ 1570 static int kprobe_perf_func(struct trace_kprobe * tk,struct pt_regs * regs)1571 kprobe_perf_func(struct trace_kprobe *tk, struct pt_regs *regs) 1572 { 1573 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1574 struct kprobe_trace_entry_head *entry; 1575 struct hlist_head *head; 1576 int size, __size, dsize; 1577 int rctx; 1578 1579 if (bpf_prog_array_valid(call)) { 1580 unsigned long orig_ip = instruction_pointer(regs); 1581 int ret; 1582 1583 ret = trace_call_bpf(call, regs); 1584 1585 /* 1586 * We need to check and see if we modified the pc of the 1587 * pt_regs, and if so return 1 so that we don't do the 1588 * single stepping. 1589 */ 1590 if (orig_ip != instruction_pointer(regs)) 1591 return 1; 1592 if (!ret) 1593 return 0; 1594 } 1595 1596 head = this_cpu_ptr(call->perf_events); 1597 if (hlist_empty(head)) 1598 return 0; 1599 1600 dsize = __get_data_size(&tk->tp, regs, NULL); 1601 __size = sizeof(*entry) + tk->tp.size + dsize; 1602 size = ALIGN(__size + sizeof(u32), sizeof(u64)); 1603 size -= sizeof(u32); 1604 1605 entry = perf_trace_buf_alloc(size, NULL, &rctx); 1606 if (!entry) 1607 return 0; 1608 1609 entry->ip = (unsigned long)tk->rp.kp.addr; 1610 memset(&entry[1], 0, dsize); 1611 store_trace_args(&entry[1], &tk->tp, regs, NULL, sizeof(*entry), dsize); 1612 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs, 1613 head, NULL); 1614 return 0; 1615 } 1616 NOKPROBE_SYMBOL(kprobe_perf_func); 1617 1618 /* Kretprobe profile handler */ 1619 static void kretprobe_perf_func(struct trace_kprobe * tk,struct kretprobe_instance * ri,struct pt_regs * regs)1620 kretprobe_perf_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, 1621 struct pt_regs *regs) 1622 { 1623 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1624 struct kretprobe_trace_entry_head *entry; 1625 struct hlist_head *head; 1626 int size, __size, dsize; 1627 int rctx; 1628 1629 if (bpf_prog_array_valid(call) && !trace_call_bpf(call, regs)) 1630 return; 1631 1632 head = this_cpu_ptr(call->perf_events); 1633 if (hlist_empty(head)) 1634 return; 1635 1636 dsize = __get_data_size(&tk->tp, regs, ri->data); 1637 __size = sizeof(*entry) + tk->tp.size + dsize; 1638 size = ALIGN(__size + sizeof(u32), sizeof(u64)); 1639 size -= sizeof(u32); 1640 1641 entry = perf_trace_buf_alloc(size, NULL, &rctx); 1642 if (!entry) 1643 return; 1644 1645 entry->func = (unsigned long)tk->rp.kp.addr; 1646 entry->ret_ip = get_kretprobe_retaddr(ri); 1647 store_trace_args(&entry[1], &tk->tp, regs, ri->data, sizeof(*entry), dsize); 1648 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs, 1649 head, NULL); 1650 } 1651 NOKPROBE_SYMBOL(kretprobe_perf_func); 1652 bpf_get_kprobe_info(const struct perf_event * event,u32 * fd_type,const char ** symbol,u64 * probe_offset,u64 * probe_addr,unsigned long * missed,bool perf_type_tracepoint)1653 int bpf_get_kprobe_info(const struct perf_event *event, u32 *fd_type, 1654 const char **symbol, u64 *probe_offset, 1655 u64 *probe_addr, unsigned long *missed, 1656 bool perf_type_tracepoint) 1657 { 1658 const char *pevent = trace_event_name(event->tp_event); 1659 const char *group = event->tp_event->class->system; 1660 struct trace_kprobe *tk; 1661 1662 if (perf_type_tracepoint) 1663 tk = find_trace_kprobe(pevent, group); 1664 else 1665 tk = trace_kprobe_primary_from_call(event->tp_event); 1666 if (!tk) 1667 return -EINVAL; 1668 1669 *fd_type = trace_kprobe_is_return(tk) ? BPF_FD_TYPE_KRETPROBE 1670 : BPF_FD_TYPE_KPROBE; 1671 *probe_offset = tk->rp.kp.offset; 1672 *probe_addr = kallsyms_show_value(current_cred()) ? 1673 (unsigned long)tk->rp.kp.addr : 0; 1674 *symbol = tk->symbol; 1675 if (missed) 1676 *missed = trace_kprobe_missed(tk); 1677 return 0; 1678 } 1679 #endif /* CONFIG_PERF_EVENTS */ 1680 1681 /* 1682 * called by perf_trace_init() or __ftrace_set_clr_event() under event_mutex. 1683 * 1684 * kprobe_trace_self_tests_init() does enable_trace_probe/disable_trace_probe 1685 * lockless, but we can't race with this __init function. 1686 */ kprobe_register(struct trace_event_call * event,enum trace_reg type,void * data)1687 static int kprobe_register(struct trace_event_call *event, 1688 enum trace_reg type, void *data) 1689 { 1690 struct trace_event_file *file = data; 1691 1692 switch (type) { 1693 case TRACE_REG_REGISTER: 1694 return enable_trace_kprobe(event, file); 1695 case TRACE_REG_UNREGISTER: 1696 return disable_trace_kprobe(event, file); 1697 1698 #ifdef CONFIG_PERF_EVENTS 1699 case TRACE_REG_PERF_REGISTER: 1700 return enable_trace_kprobe(event, NULL); 1701 case TRACE_REG_PERF_UNREGISTER: 1702 return disable_trace_kprobe(event, NULL); 1703 case TRACE_REG_PERF_OPEN: 1704 case TRACE_REG_PERF_CLOSE: 1705 case TRACE_REG_PERF_ADD: 1706 case TRACE_REG_PERF_DEL: 1707 return 0; 1708 #endif 1709 } 1710 return 0; 1711 } 1712 kprobe_dispatcher(struct kprobe * kp,struct pt_regs * regs)1713 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs) 1714 { 1715 struct trace_kprobe *tk = container_of(kp, struct trace_kprobe, rp.kp); 1716 int ret = 0; 1717 1718 raw_cpu_inc(*tk->nhit); 1719 1720 if (trace_probe_test_flag(&tk->tp, TP_FLAG_TRACE)) 1721 kprobe_trace_func(tk, regs); 1722 #ifdef CONFIG_PERF_EVENTS 1723 if (trace_probe_test_flag(&tk->tp, TP_FLAG_PROFILE)) 1724 ret = kprobe_perf_func(tk, regs); 1725 #endif 1726 return ret; 1727 } 1728 NOKPROBE_SYMBOL(kprobe_dispatcher); 1729 1730 static int kretprobe_dispatcher(struct kretprobe_instance * ri,struct pt_regs * regs)1731 kretprobe_dispatcher(struct kretprobe_instance *ri, struct pt_regs *regs) 1732 { 1733 struct kretprobe *rp = get_kretprobe(ri); 1734 struct trace_kprobe *tk; 1735 1736 /* 1737 * There is a small chance that get_kretprobe(ri) returns NULL when 1738 * the kretprobe is unregister on another CPU between kretprobe's 1739 * trampoline_handler and this function. 1740 */ 1741 if (unlikely(!rp)) 1742 return 0; 1743 1744 tk = container_of(rp, struct trace_kprobe, rp); 1745 raw_cpu_inc(*tk->nhit); 1746 1747 if (trace_probe_test_flag(&tk->tp, TP_FLAG_TRACE)) 1748 kretprobe_trace_func(tk, ri, regs); 1749 #ifdef CONFIG_PERF_EVENTS 1750 if (trace_probe_test_flag(&tk->tp, TP_FLAG_PROFILE)) 1751 kretprobe_perf_func(tk, ri, regs); 1752 #endif 1753 return 0; /* We don't tweak kernel, so just return 0 */ 1754 } 1755 NOKPROBE_SYMBOL(kretprobe_dispatcher); 1756 1757 static struct trace_event_functions kretprobe_funcs = { 1758 .trace = print_kretprobe_event 1759 }; 1760 1761 static struct trace_event_functions kprobe_funcs = { 1762 .trace = print_kprobe_event 1763 }; 1764 1765 static struct trace_event_fields kretprobe_fields_array[] = { 1766 { .type = TRACE_FUNCTION_TYPE, 1767 .define_fields = kretprobe_event_define_fields }, 1768 {} 1769 }; 1770 1771 static struct trace_event_fields kprobe_fields_array[] = { 1772 { .type = TRACE_FUNCTION_TYPE, 1773 .define_fields = kprobe_event_define_fields }, 1774 {} 1775 }; 1776 init_trace_event_call(struct trace_kprobe * tk)1777 static inline void init_trace_event_call(struct trace_kprobe *tk) 1778 { 1779 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1780 1781 if (trace_kprobe_is_return(tk)) { 1782 call->event.funcs = &kretprobe_funcs; 1783 call->class->fields_array = kretprobe_fields_array; 1784 } else { 1785 call->event.funcs = &kprobe_funcs; 1786 call->class->fields_array = kprobe_fields_array; 1787 } 1788 1789 call->flags = TRACE_EVENT_FL_KPROBE; 1790 call->class->reg = kprobe_register; 1791 } 1792 register_kprobe_event(struct trace_kprobe * tk)1793 static int register_kprobe_event(struct trace_kprobe *tk) 1794 { 1795 init_trace_event_call(tk); 1796 1797 return trace_probe_register_event_call(&tk->tp); 1798 } 1799 unregister_kprobe_event(struct trace_kprobe * tk)1800 static int unregister_kprobe_event(struct trace_kprobe *tk) 1801 { 1802 return trace_probe_unregister_event_call(&tk->tp); 1803 } 1804 1805 #ifdef CONFIG_PERF_EVENTS 1806 1807 /* create a trace_kprobe, but don't add it to global lists */ 1808 struct trace_event_call * create_local_trace_kprobe(char * func,void * addr,unsigned long offs,bool is_return)1809 create_local_trace_kprobe(char *func, void *addr, unsigned long offs, 1810 bool is_return) 1811 { 1812 enum probe_print_type ptype; 1813 struct trace_kprobe *tk; 1814 int ret; 1815 char *event; 1816 1817 if (func && !strchr(func, ':')) { 1818 unsigned int count; 1819 1820 count = number_of_same_symbols(func); 1821 if (count > 1) 1822 /* 1823 * Users should use addr to remove the ambiguity of 1824 * using func only. 1825 */ 1826 return ERR_PTR(-EADDRNOTAVAIL); 1827 else if (count == 0) 1828 /* 1829 * We can return ENOENT earlier than when register the 1830 * kprobe. 1831 */ 1832 return ERR_PTR(-ENOENT); 1833 } 1834 1835 /* 1836 * local trace_kprobes are not added to dyn_event, so they are never 1837 * searched in find_trace_kprobe(). Therefore, there is no concern of 1838 * duplicated name here. 1839 */ 1840 event = func ? func : "DUMMY_EVENT"; 1841 1842 tk = alloc_trace_kprobe(KPROBE_EVENT_SYSTEM, event, (void *)addr, func, 1843 offs, 0 /* maxactive */, 0 /* nargs */, 1844 is_return); 1845 1846 if (IS_ERR(tk)) { 1847 pr_info("Failed to allocate trace_probe.(%d)\n", 1848 (int)PTR_ERR(tk)); 1849 return ERR_CAST(tk); 1850 } 1851 1852 init_trace_event_call(tk); 1853 1854 ptype = trace_kprobe_is_return(tk) ? 1855 PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL; 1856 if (traceprobe_set_print_fmt(&tk->tp, ptype) < 0) { 1857 ret = -ENOMEM; 1858 goto error; 1859 } 1860 1861 ret = __register_trace_kprobe(tk); 1862 if (ret < 0) 1863 goto error; 1864 1865 return trace_probe_event_call(&tk->tp); 1866 error: 1867 free_trace_kprobe(tk); 1868 return ERR_PTR(ret); 1869 } 1870 destroy_local_trace_kprobe(struct trace_event_call * event_call)1871 void destroy_local_trace_kprobe(struct trace_event_call *event_call) 1872 { 1873 struct trace_kprobe *tk; 1874 1875 tk = trace_kprobe_primary_from_call(event_call); 1876 if (unlikely(!tk)) 1877 return; 1878 1879 if (trace_probe_is_enabled(&tk->tp)) { 1880 WARN_ON(1); 1881 return; 1882 } 1883 1884 __unregister_trace_kprobe(tk); 1885 1886 free_trace_kprobe(tk); 1887 } 1888 #endif /* CONFIG_PERF_EVENTS */ 1889 enable_boot_kprobe_events(void)1890 static __init void enable_boot_kprobe_events(void) 1891 { 1892 struct trace_array *tr = top_trace_array(); 1893 struct trace_event_file *file; 1894 struct trace_kprobe *tk; 1895 struct dyn_event *pos; 1896 1897 mutex_lock(&event_mutex); 1898 for_each_trace_kprobe(tk, pos) { 1899 list_for_each_entry(file, &tr->events, list) 1900 if (file->event_call == trace_probe_event_call(&tk->tp)) 1901 trace_event_enable_disable(file, 1, 0); 1902 } 1903 mutex_unlock(&event_mutex); 1904 } 1905 setup_boot_kprobe_events(void)1906 static __init void setup_boot_kprobe_events(void) 1907 { 1908 char *p, *cmd = kprobe_boot_events_buf; 1909 int ret; 1910 1911 strreplace(kprobe_boot_events_buf, ',', ' '); 1912 1913 while (cmd && *cmd != '\0') { 1914 p = strchr(cmd, ';'); 1915 if (p) 1916 *p++ = '\0'; 1917 1918 ret = create_or_delete_trace_kprobe(cmd); 1919 if (ret) 1920 pr_warn("Failed to add event(%d): %s\n", ret, cmd); 1921 1922 cmd = p; 1923 } 1924 1925 enable_boot_kprobe_events(); 1926 } 1927 1928 /* 1929 * Register dynevent at core_initcall. This allows kernel to setup kprobe 1930 * events in postcore_initcall without tracefs. 1931 */ init_kprobe_trace_early(void)1932 static __init int init_kprobe_trace_early(void) 1933 { 1934 int ret; 1935 1936 ret = dyn_event_register(&trace_kprobe_ops); 1937 if (ret) 1938 return ret; 1939 1940 if (register_module_notifier(&trace_kprobe_module_nb)) 1941 return -EINVAL; 1942 1943 return 0; 1944 } 1945 core_initcall(init_kprobe_trace_early); 1946 1947 /* Make a tracefs interface for controlling probe points */ init_kprobe_trace(void)1948 static __init int init_kprobe_trace(void) 1949 { 1950 int ret; 1951 1952 ret = tracing_init_dentry(); 1953 if (ret) 1954 return 0; 1955 1956 /* Event list interface */ 1957 trace_create_file("kprobe_events", TRACE_MODE_WRITE, 1958 NULL, NULL, &kprobe_events_ops); 1959 1960 /* Profile interface */ 1961 trace_create_file("kprobe_profile", TRACE_MODE_READ, 1962 NULL, NULL, &kprobe_profile_ops); 1963 1964 setup_boot_kprobe_events(); 1965 1966 return 0; 1967 } 1968 fs_initcall(init_kprobe_trace); 1969 1970 1971 #ifdef CONFIG_FTRACE_STARTUP_TEST 1972 static __init struct trace_event_file * find_trace_probe_file(struct trace_kprobe * tk,struct trace_array * tr)1973 find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr) 1974 { 1975 struct trace_event_file *file; 1976 1977 list_for_each_entry(file, &tr->events, list) 1978 if (file->event_call == trace_probe_event_call(&tk->tp)) 1979 return file; 1980 1981 return NULL; 1982 } 1983 1984 /* 1985 * Nobody but us can call enable_trace_kprobe/disable_trace_kprobe at this 1986 * stage, we can do this lockless. 1987 */ kprobe_trace_self_tests_init(void)1988 static __init int kprobe_trace_self_tests_init(void) 1989 { 1990 int ret, warn = 0; 1991 int (*target)(int, int, int, int, int, int); 1992 struct trace_kprobe *tk; 1993 struct trace_event_file *file; 1994 1995 if (tracing_is_disabled()) 1996 return -ENODEV; 1997 1998 if (tracing_selftest_disabled) 1999 return 0; 2000 2001 target = kprobe_trace_selftest_target; 2002 2003 pr_info("Testing kprobe tracing: "); 2004 2005 ret = create_or_delete_trace_kprobe("p:testprobe kprobe_trace_selftest_target $stack $stack0 +0($stack)"); 2006 if (WARN_ON_ONCE(ret)) { 2007 pr_warn("error on probing function entry.\n"); 2008 warn++; 2009 } else { 2010 /* Enable trace point */ 2011 tk = find_trace_kprobe("testprobe", KPROBE_EVENT_SYSTEM); 2012 if (WARN_ON_ONCE(tk == NULL)) { 2013 pr_warn("error on getting new probe.\n"); 2014 warn++; 2015 } else { 2016 file = find_trace_probe_file(tk, top_trace_array()); 2017 if (WARN_ON_ONCE(file == NULL)) { 2018 pr_warn("error on getting probe file.\n"); 2019 warn++; 2020 } else 2021 enable_trace_kprobe( 2022 trace_probe_event_call(&tk->tp), file); 2023 } 2024 } 2025 2026 ret = create_or_delete_trace_kprobe("r:testprobe2 kprobe_trace_selftest_target $retval"); 2027 if (WARN_ON_ONCE(ret)) { 2028 pr_warn("error on probing function return.\n"); 2029 warn++; 2030 } else { 2031 /* Enable trace point */ 2032 tk = find_trace_kprobe("testprobe2", KPROBE_EVENT_SYSTEM); 2033 if (WARN_ON_ONCE(tk == NULL)) { 2034 pr_warn("error on getting 2nd new probe.\n"); 2035 warn++; 2036 } else { 2037 file = find_trace_probe_file(tk, top_trace_array()); 2038 if (WARN_ON_ONCE(file == NULL)) { 2039 pr_warn("error on getting probe file.\n"); 2040 warn++; 2041 } else 2042 enable_trace_kprobe( 2043 trace_probe_event_call(&tk->tp), file); 2044 } 2045 } 2046 2047 if (warn) 2048 goto end; 2049 2050 ret = target(1, 2, 3, 4, 5, 6); 2051 2052 /* 2053 * Not expecting an error here, the check is only to prevent the 2054 * optimizer from removing the call to target() as otherwise there 2055 * are no side-effects and the call is never performed. 2056 */ 2057 if (ret != 21) 2058 warn++; 2059 2060 /* Disable trace points before removing it */ 2061 tk = find_trace_kprobe("testprobe", KPROBE_EVENT_SYSTEM); 2062 if (WARN_ON_ONCE(tk == NULL)) { 2063 pr_warn("error on getting test probe.\n"); 2064 warn++; 2065 } else { 2066 if (trace_kprobe_nhit(tk) != 1) { 2067 pr_warn("incorrect number of testprobe hits\n"); 2068 warn++; 2069 } 2070 2071 file = find_trace_probe_file(tk, top_trace_array()); 2072 if (WARN_ON_ONCE(file == NULL)) { 2073 pr_warn("error on getting probe file.\n"); 2074 warn++; 2075 } else 2076 disable_trace_kprobe( 2077 trace_probe_event_call(&tk->tp), file); 2078 } 2079 2080 tk = find_trace_kprobe("testprobe2", KPROBE_EVENT_SYSTEM); 2081 if (WARN_ON_ONCE(tk == NULL)) { 2082 pr_warn("error on getting 2nd test probe.\n"); 2083 warn++; 2084 } else { 2085 if (trace_kprobe_nhit(tk) != 1) { 2086 pr_warn("incorrect number of testprobe2 hits\n"); 2087 warn++; 2088 } 2089 2090 file = find_trace_probe_file(tk, top_trace_array()); 2091 if (WARN_ON_ONCE(file == NULL)) { 2092 pr_warn("error on getting probe file.\n"); 2093 warn++; 2094 } else 2095 disable_trace_kprobe( 2096 trace_probe_event_call(&tk->tp), file); 2097 } 2098 2099 ret = create_or_delete_trace_kprobe("-:testprobe"); 2100 if (WARN_ON_ONCE(ret)) { 2101 pr_warn("error on deleting a probe.\n"); 2102 warn++; 2103 } 2104 2105 ret = create_or_delete_trace_kprobe("-:testprobe2"); 2106 if (WARN_ON_ONCE(ret)) { 2107 pr_warn("error on deleting a probe.\n"); 2108 warn++; 2109 } 2110 2111 end: 2112 ret = dyn_events_release_all(&trace_kprobe_ops); 2113 if (WARN_ON_ONCE(ret)) { 2114 pr_warn("error on cleaning up probes.\n"); 2115 warn++; 2116 } 2117 /* 2118 * Wait for the optimizer work to finish. Otherwise it might fiddle 2119 * with probes in already freed __init text. 2120 */ 2121 wait_for_kprobe_optimizer(); 2122 if (warn) 2123 pr_cont("NG: Some tests are failed. Please check them.\n"); 2124 else 2125 pr_cont("OK\n"); 2126 return 0; 2127 } 2128 2129 late_initcall(kprobe_trace_self_tests_init); 2130 2131 #endif 2132