1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * event probes
4 *
5 * Part of this code was copied from kernel/trace/trace_kprobe.c written by
6 * Masami Hiramatsu <mhiramat@kernel.org>
7 *
8 * Copyright (C) 2021, VMware Inc, Steven Rostedt <rostedt@goodmis.org>
9 * Copyright (C) 2021, VMware Inc, Tzvetomir Stoyanov tz.stoyanov@gmail.com>
10 *
11 */
12 #include <linux/cleanup.h>
13 #include <linux/ftrace.h>
14 #include <linux/module.h>
15 #include <linux/mutex.h>
16
17 #include "trace_dynevent.h"
18 #include "trace_probe.h"
19 #include "trace_probe_kernel.h"
20 #include "trace_probe_tmpl.h"
21
22 #define EPROBE_EVENT_SYSTEM "eprobes"
23
24 struct trace_eprobe {
25 /* tracepoint system */
26 const char *event_system;
27
28 /* tracepoint event */
29 const char *event_name;
30
31 /* filter string for the tracepoint */
32 char *filter_str;
33
34 struct trace_event_call *event;
35
36 struct dyn_event devent;
37 struct trace_probe tp;
38 };
39
40 struct eprobe_data {
41 struct trace_event_file *file;
42 struct trace_eprobe *ep;
43 };
44
45
46 #define for_each_trace_eprobe_tp(ep, _tp) \
47 list_for_each_entry(ep, trace_probe_probe_list(_tp), tp.list)
48
49 static int __trace_eprobe_create(int argc, const char *argv[]);
50
trace_event_probe_cleanup(struct trace_eprobe * ep)51 static void trace_event_probe_cleanup(struct trace_eprobe *ep)
52 {
53 if (!ep)
54 return;
55 trace_probe_cleanup(&ep->tp);
56 kfree(ep->event_name);
57 kfree(ep->event_system);
58 if (ep->event)
59 trace_event_put_ref(ep->event);
60 kfree(ep->filter_str);
61 kfree(ep);
62 }
63
to_trace_eprobe(struct dyn_event * ev)64 static struct trace_eprobe *to_trace_eprobe(struct dyn_event *ev)
65 {
66 return container_of(ev, struct trace_eprobe, devent);
67 }
68
eprobe_dyn_event_create(const char * raw_command)69 static int eprobe_dyn_event_create(const char *raw_command)
70 {
71 return trace_probe_create(raw_command, __trace_eprobe_create);
72 }
73
eprobe_dyn_event_show(struct seq_file * m,struct dyn_event * ev)74 static int eprobe_dyn_event_show(struct seq_file *m, struct dyn_event *ev)
75 {
76 struct trace_eprobe *ep = to_trace_eprobe(ev);
77 int i;
78
79 seq_printf(m, "e:%s/%s", trace_probe_group_name(&ep->tp),
80 trace_probe_name(&ep->tp));
81 seq_printf(m, " %s.%s", ep->event_system, ep->event_name);
82
83 for (i = 0; i < ep->tp.nr_args; i++)
84 seq_printf(m, " %s=%s", ep->tp.args[i].name, ep->tp.args[i].comm);
85 seq_putc(m, '\n');
86
87 return 0;
88 }
89
unregister_trace_eprobe(struct trace_eprobe * ep)90 static int unregister_trace_eprobe(struct trace_eprobe *ep)
91 {
92 /* If other probes are on the event, just unregister eprobe */
93 if (trace_probe_has_sibling(&ep->tp))
94 goto unreg;
95
96 /* Enabled event can not be unregistered */
97 if (trace_probe_is_enabled(&ep->tp))
98 return -EBUSY;
99
100 /* Will fail if probe is being used by ftrace or perf */
101 if (trace_probe_unregister_event_call(&ep->tp))
102 return -EBUSY;
103
104 unreg:
105 dyn_event_remove(&ep->devent);
106 trace_probe_unlink(&ep->tp);
107
108 return 0;
109 }
110
eprobe_dyn_event_release(struct dyn_event * ev)111 static int eprobe_dyn_event_release(struct dyn_event *ev)
112 {
113 struct trace_eprobe *ep = to_trace_eprobe(ev);
114 int ret = unregister_trace_eprobe(ep);
115
116 if (!ret)
117 trace_event_probe_cleanup(ep);
118 return ret;
119 }
120
eprobe_dyn_event_is_busy(struct dyn_event * ev)121 static bool eprobe_dyn_event_is_busy(struct dyn_event *ev)
122 {
123 struct trace_eprobe *ep = to_trace_eprobe(ev);
124
125 return trace_probe_is_enabled(&ep->tp);
126 }
127
eprobe_dyn_event_match(const char * system,const char * event,int argc,const char ** argv,struct dyn_event * ev)128 static bool eprobe_dyn_event_match(const char *system, const char *event,
129 int argc, const char **argv, struct dyn_event *ev)
130 {
131 struct trace_eprobe *ep = to_trace_eprobe(ev);
132 const char *slash;
133
134 /*
135 * We match the following:
136 * event only - match all eprobes with event name
137 * system and event only - match all system/event probes
138 * system only - match all system probes
139 *
140 * The below has the above satisfied with more arguments:
141 *
142 * attached system/event - If the arg has the system and event
143 * the probe is attached to, match
144 * probes with the attachment.
145 *
146 * If any more args are given, then it requires a full match.
147 */
148
149 /*
150 * If system exists, but this probe is not part of that system
151 * do not match.
152 */
153 if (system && strcmp(trace_probe_group_name(&ep->tp), system) != 0)
154 return false;
155
156 /* Must match the event name */
157 if (event[0] != '\0' && strcmp(trace_probe_name(&ep->tp), event) != 0)
158 return false;
159
160 /* No arguments match all */
161 if (argc < 1)
162 return true;
163
164 /* First argument is the system/event the probe is attached to */
165
166 slash = strchr(argv[0], '/');
167 if (!slash)
168 slash = strchr(argv[0], '.');
169 if (!slash)
170 return false;
171
172 if (strncmp(ep->event_system, argv[0], slash - argv[0]))
173 return false;
174 if (strcmp(ep->event_name, slash + 1))
175 return false;
176
177 argc--;
178 argv++;
179
180 /* If there are no other args, then match */
181 if (argc < 1)
182 return true;
183
184 return trace_probe_match_command_args(&ep->tp, argc, argv);
185 }
186
187 static struct dyn_event_operations eprobe_dyn_event_ops = {
188 .create = eprobe_dyn_event_create,
189 .show = eprobe_dyn_event_show,
190 .is_busy = eprobe_dyn_event_is_busy,
191 .free = eprobe_dyn_event_release,
192 .match = eprobe_dyn_event_match,
193 };
194
alloc_event_probe(const char * group,const char * this_event,struct trace_event_call * event,int nargs)195 static struct trace_eprobe *alloc_event_probe(const char *group,
196 const char *this_event,
197 struct trace_event_call *event,
198 int nargs)
199 {
200 struct trace_eprobe *ep;
201 const char *event_name;
202 const char *sys_name;
203 int ret = -ENOMEM;
204
205 if (!event)
206 return ERR_PTR(-ENODEV);
207
208 sys_name = event->class->system;
209 event_name = trace_event_name(event);
210
211 ep = kzalloc(struct_size(ep, tp.args, nargs), GFP_KERNEL);
212 if (!ep) {
213 trace_event_put_ref(event);
214 goto error;
215 }
216 ep->event = event;
217 ep->event_name = kstrdup(event_name, GFP_KERNEL);
218 if (!ep->event_name)
219 goto error;
220 ep->event_system = kstrdup(sys_name, GFP_KERNEL);
221 if (!ep->event_system)
222 goto error;
223
224 ret = trace_probe_init(&ep->tp, this_event, group, false, nargs);
225 if (ret < 0)
226 goto error;
227
228 dyn_event_init(&ep->devent, &eprobe_dyn_event_ops);
229 return ep;
230 error:
231 trace_event_probe_cleanup(ep);
232 return ERR_PTR(ret);
233 }
234
eprobe_event_define_fields(struct trace_event_call * event_call)235 static int eprobe_event_define_fields(struct trace_event_call *event_call)
236 {
237 struct eprobe_trace_entry_head field;
238 struct trace_probe *tp;
239
240 tp = trace_probe_primary_from_call(event_call);
241 if (WARN_ON_ONCE(!tp))
242 return -ENOENT;
243
244 return traceprobe_define_arg_fields(event_call, sizeof(field), tp);
245 }
246
247 static struct trace_event_fields eprobe_fields_array[] = {
248 { .type = TRACE_FUNCTION_TYPE,
249 .define_fields = eprobe_event_define_fields },
250 {}
251 };
252
253 /* Event entry printers */
254 static enum print_line_t
print_eprobe_event(struct trace_iterator * iter,int flags,struct trace_event * event)255 print_eprobe_event(struct trace_iterator *iter, int flags,
256 struct trace_event *event)
257 {
258 struct eprobe_trace_entry_head *field;
259 struct trace_event_call *pevent;
260 struct trace_event *probed_event;
261 struct trace_seq *s = &iter->seq;
262 struct trace_eprobe *ep;
263 struct trace_probe *tp;
264 unsigned int type;
265
266 field = (struct eprobe_trace_entry_head *)iter->ent;
267 tp = trace_probe_primary_from_call(
268 container_of(event, struct trace_event_call, event));
269 if (WARN_ON_ONCE(!tp))
270 goto out;
271
272 ep = container_of(tp, struct trace_eprobe, tp);
273 type = ep->event->event.type;
274
275 trace_seq_printf(s, "%s: (", trace_probe_name(tp));
276
277 probed_event = ftrace_find_event(type);
278 if (probed_event) {
279 pevent = container_of(probed_event, struct trace_event_call, event);
280 trace_seq_printf(s, "%s.%s", pevent->class->system,
281 trace_event_name(pevent));
282 } else {
283 trace_seq_printf(s, "%u", type);
284 }
285
286 trace_seq_putc(s, ')');
287
288 if (trace_probe_print_args(s, tp->args, tp->nr_args,
289 (u8 *)&field[1], field) < 0)
290 goto out;
291
292 trace_seq_putc(s, '\n');
293 out:
294 return trace_handle_return(s);
295 }
296
297 static nokprobe_inline unsigned long
get_event_field(struct fetch_insn * code,void * rec)298 get_event_field(struct fetch_insn *code, void *rec)
299 {
300 struct ftrace_event_field *field = code->data;
301 unsigned long val;
302 void *addr;
303
304 addr = rec + field->offset;
305
306 if (is_string_field(field)) {
307 switch (field->filter_type) {
308 case FILTER_DYN_STRING:
309 val = (unsigned long)(rec + (*(unsigned int *)addr & 0xffff));
310 break;
311 case FILTER_RDYN_STRING:
312 val = (unsigned long)(addr + (*(unsigned int *)addr & 0xffff));
313 break;
314 case FILTER_STATIC_STRING:
315 val = (unsigned long)addr;
316 break;
317 case FILTER_PTR_STRING:
318 val = (unsigned long)(*(char *)addr);
319 break;
320 default:
321 WARN_ON_ONCE(1);
322 return 0;
323 }
324 return val;
325 }
326
327 switch (field->size) {
328 case 1:
329 if (field->is_signed)
330 val = *(char *)addr;
331 else
332 val = *(unsigned char *)addr;
333 break;
334 case 2:
335 if (field->is_signed)
336 val = *(short *)addr;
337 else
338 val = *(unsigned short *)addr;
339 break;
340 case 4:
341 if (field->is_signed)
342 val = *(int *)addr;
343 else
344 val = *(unsigned int *)addr;
345 break;
346 default:
347 if (field->size == sizeof(long)) {
348 if (field->is_signed)
349 val = *(long *)addr;
350 else
351 val = *(unsigned long *)addr;
352 break;
353 }
354 /* This is an array, point to the addr itself */
355 val = (unsigned long)addr;
356 break;
357 }
358 return val;
359 }
360
get_eprobe_size(struct trace_probe * tp,void * rec)361 static int get_eprobe_size(struct trace_probe *tp, void *rec)
362 {
363 struct fetch_insn *code;
364 struct probe_arg *arg;
365 int i, len, ret = 0;
366
367 for (i = 0; i < tp->nr_args; i++) {
368 arg = tp->args + i;
369 if (arg->dynamic) {
370 unsigned long val;
371
372 code = arg->code;
373 retry:
374 switch (code->op) {
375 case FETCH_OP_TP_ARG:
376 val = get_event_field(code, rec);
377 break;
378 case FETCH_NOP_SYMBOL: /* Ignore a place holder */
379 code++;
380 goto retry;
381 default:
382 if (process_common_fetch_insn(code, &val) < 0)
383 continue;
384 }
385 code++;
386 len = process_fetch_insn_bottom(code, val, NULL, NULL);
387 if (len > 0)
388 ret += len;
389 }
390 }
391
392 return ret;
393 }
394
395 /* Kprobe specific fetch functions */
396
397 /* Note that we don't verify it, since the code does not come from user space */
398 static int
process_fetch_insn(struct fetch_insn * code,void * rec,void * edata,void * dest,void * base)399 process_fetch_insn(struct fetch_insn *code, void *rec, void *edata,
400 void *dest, void *base)
401 {
402 unsigned long val;
403 int ret;
404
405 retry:
406 switch (code->op) {
407 case FETCH_OP_TP_ARG:
408 val = get_event_field(code, rec);
409 break;
410 case FETCH_NOP_SYMBOL: /* Ignore a place holder */
411 code++;
412 goto retry;
413 default:
414 ret = process_common_fetch_insn(code, &val);
415 if (ret < 0)
416 return ret;
417 }
418 code++;
419 return process_fetch_insn_bottom(code, val, dest, base);
420 }
NOKPROBE_SYMBOL(process_fetch_insn)421 NOKPROBE_SYMBOL(process_fetch_insn)
422
423 /* eprobe handler */
424 static inline void
425 __eprobe_trace_func(struct eprobe_data *edata, void *rec)
426 {
427 struct eprobe_trace_entry_head *entry;
428 struct trace_event_call *call = trace_probe_event_call(&edata->ep->tp);
429 struct trace_event_buffer fbuffer;
430 int dsize;
431
432 if (WARN_ON_ONCE(call != edata->file->event_call))
433 return;
434
435 if (trace_trigger_soft_disabled(edata->file))
436 return;
437
438 dsize = get_eprobe_size(&edata->ep->tp, rec);
439
440 entry = trace_event_buffer_reserve(&fbuffer, edata->file,
441 sizeof(*entry) + edata->ep->tp.size + dsize);
442
443 if (!entry)
444 return;
445
446 entry = fbuffer.entry = ring_buffer_event_data(fbuffer.event);
447 store_trace_args(&entry[1], &edata->ep->tp, rec, NULL, sizeof(*entry), dsize);
448
449 trace_event_buffer_commit(&fbuffer);
450 }
451
452 /*
453 * The event probe implementation uses event triggers to get access to
454 * the event it is attached to, but is not an actual trigger. The below
455 * functions are just stubs to fulfill what is needed to use the trigger
456 * infrastructure.
457 */
eprobe_trigger_init(struct event_trigger_data * data)458 static int eprobe_trigger_init(struct event_trigger_data *data)
459 {
460 return 0;
461 }
462
eprobe_trigger_free(struct event_trigger_data * data)463 static void eprobe_trigger_free(struct event_trigger_data *data)
464 {
465
466 }
467
eprobe_trigger_print(struct seq_file * m,struct event_trigger_data * data)468 static int eprobe_trigger_print(struct seq_file *m,
469 struct event_trigger_data *data)
470 {
471 /* Do not print eprobe event triggers */
472 return 0;
473 }
474
eprobe_trigger_func(struct event_trigger_data * data,struct trace_buffer * buffer,void * rec,struct ring_buffer_event * rbe)475 static void eprobe_trigger_func(struct event_trigger_data *data,
476 struct trace_buffer *buffer, void *rec,
477 struct ring_buffer_event *rbe)
478 {
479 struct eprobe_data *edata = data->private_data;
480
481 if (unlikely(!rec))
482 return;
483
484 __eprobe_trace_func(edata, rec);
485 }
486
487 static const struct event_trigger_ops eprobe_trigger_ops = {
488 .trigger = eprobe_trigger_func,
489 .print = eprobe_trigger_print,
490 .init = eprobe_trigger_init,
491 .free = eprobe_trigger_free,
492 };
493
eprobe_trigger_cmd_parse(struct event_command * cmd_ops,struct trace_event_file * file,char * glob,char * cmd,char * param_and_filter)494 static int eprobe_trigger_cmd_parse(struct event_command *cmd_ops,
495 struct trace_event_file *file,
496 char *glob, char *cmd,
497 char *param_and_filter)
498 {
499 return -1;
500 }
501
eprobe_trigger_reg_func(char * glob,struct event_trigger_data * data,struct trace_event_file * file)502 static int eprobe_trigger_reg_func(char *glob,
503 struct event_trigger_data *data,
504 struct trace_event_file *file)
505 {
506 return -1;
507 }
508
eprobe_trigger_unreg_func(char * glob,struct event_trigger_data * data,struct trace_event_file * file)509 static void eprobe_trigger_unreg_func(char *glob,
510 struct event_trigger_data *data,
511 struct trace_event_file *file)
512 {
513
514 }
515
eprobe_trigger_get_ops(char * cmd,char * param)516 static const struct event_trigger_ops *eprobe_trigger_get_ops(char *cmd,
517 char *param)
518 {
519 return &eprobe_trigger_ops;
520 }
521
522 static struct event_command event_trigger_cmd = {
523 .name = "eprobe",
524 .trigger_type = ETT_EVENT_EPROBE,
525 .flags = EVENT_CMD_FL_NEEDS_REC,
526 .parse = eprobe_trigger_cmd_parse,
527 .reg = eprobe_trigger_reg_func,
528 .unreg = eprobe_trigger_unreg_func,
529 .unreg_all = NULL,
530 .get_trigger_ops = eprobe_trigger_get_ops,
531 .set_filter = NULL,
532 };
533
534 static struct event_trigger_data *
new_eprobe_trigger(struct trace_eprobe * ep,struct trace_event_file * file)535 new_eprobe_trigger(struct trace_eprobe *ep, struct trace_event_file *file)
536 {
537 struct event_trigger_data *trigger;
538 struct event_filter *filter = NULL;
539 struct eprobe_data *edata;
540 int ret;
541
542 edata = kzalloc(sizeof(*edata), GFP_KERNEL);
543 trigger = kzalloc(sizeof(*trigger), GFP_KERNEL);
544 if (!trigger || !edata) {
545 ret = -ENOMEM;
546 goto error;
547 }
548
549 trigger->flags = EVENT_TRIGGER_FL_PROBE;
550 trigger->count = -1;
551 trigger->ops = &eprobe_trigger_ops;
552
553 /*
554 * EVENT PROBE triggers are not registered as commands with
555 * register_event_command(), as they are not controlled by the user
556 * from the trigger file
557 */
558 trigger->cmd_ops = &event_trigger_cmd;
559
560 INIT_LIST_HEAD(&trigger->list);
561
562 if (ep->filter_str) {
563 ret = create_event_filter(file->tr, ep->event,
564 ep->filter_str, false, &filter);
565 if (ret)
566 goto error;
567 }
568 RCU_INIT_POINTER(trigger->filter, filter);
569
570 edata->file = file;
571 edata->ep = ep;
572 trigger->private_data = edata;
573
574 return trigger;
575 error:
576 free_event_filter(filter);
577 kfree(edata);
578 kfree(trigger);
579 return ERR_PTR(ret);
580 }
581
enable_eprobe(struct trace_eprobe * ep,struct trace_event_file * eprobe_file)582 static int enable_eprobe(struct trace_eprobe *ep,
583 struct trace_event_file *eprobe_file)
584 {
585 struct event_trigger_data *trigger;
586 struct trace_event_file *file;
587 struct trace_array *tr = eprobe_file->tr;
588
589 file = find_event_file(tr, ep->event_system, ep->event_name);
590 if (!file)
591 return -ENOENT;
592 trigger = new_eprobe_trigger(ep, eprobe_file);
593 if (IS_ERR(trigger))
594 return PTR_ERR(trigger);
595
596 list_add_tail_rcu(&trigger->list, &file->triggers);
597
598 trace_event_trigger_enable_disable(file, 1);
599 update_cond_flag(file);
600
601 return 0;
602 }
603
604 static struct trace_event_functions eprobe_funcs = {
605 .trace = print_eprobe_event
606 };
607
disable_eprobe(struct trace_eprobe * ep,struct trace_array * tr)608 static int disable_eprobe(struct trace_eprobe *ep,
609 struct trace_array *tr)
610 {
611 struct event_trigger_data *trigger = NULL, *iter;
612 struct trace_event_file *file;
613 struct event_filter *filter;
614 struct eprobe_data *edata;
615
616 file = find_event_file(tr, ep->event_system, ep->event_name);
617 if (!file)
618 return -ENOENT;
619
620 list_for_each_entry(iter, &file->triggers, list) {
621 if (!(iter->flags & EVENT_TRIGGER_FL_PROBE))
622 continue;
623 edata = iter->private_data;
624 if (edata->ep == ep) {
625 trigger = iter;
626 break;
627 }
628 }
629 if (!trigger)
630 return -ENODEV;
631
632 list_del_rcu(&trigger->list);
633
634 trace_event_trigger_enable_disable(file, 0);
635 update_cond_flag(file);
636
637 /* Make sure nothing is using the edata or trigger */
638 tracepoint_synchronize_unregister();
639
640 filter = rcu_access_pointer(trigger->filter);
641
642 if (filter)
643 free_event_filter(filter);
644 kfree(edata);
645 kfree(trigger);
646
647 return 0;
648 }
649
enable_trace_eprobe(struct trace_event_call * call,struct trace_event_file * file)650 static int enable_trace_eprobe(struct trace_event_call *call,
651 struct trace_event_file *file)
652 {
653 struct trace_probe *tp;
654 struct trace_eprobe *ep;
655 bool enabled;
656 int ret = 0;
657 int cnt = 0;
658
659 tp = trace_probe_primary_from_call(call);
660 if (WARN_ON_ONCE(!tp))
661 return -ENODEV;
662 enabled = trace_probe_is_enabled(tp);
663
664 /* This also changes "enabled" state */
665 if (file) {
666 ret = trace_probe_add_file(tp, file);
667 if (ret)
668 return ret;
669 } else
670 trace_probe_set_flag(tp, TP_FLAG_PROFILE);
671
672 if (enabled)
673 return 0;
674
675 for_each_trace_eprobe_tp(ep, tp) {
676 ret = enable_eprobe(ep, file);
677 if (ret)
678 break;
679 enabled = true;
680 cnt++;
681 }
682
683 if (ret) {
684 /* Failed to enable one of them. Roll back all */
685 if (enabled) {
686 /*
687 * It's a bug if one failed for something other than memory
688 * not being available but another eprobe succeeded.
689 */
690 WARN_ON_ONCE(ret != -ENOMEM);
691
692 for_each_trace_eprobe_tp(ep, tp) {
693 disable_eprobe(ep, file->tr);
694 if (!--cnt)
695 break;
696 }
697 }
698 if (file)
699 trace_probe_remove_file(tp, file);
700 else
701 trace_probe_clear_flag(tp, TP_FLAG_PROFILE);
702 }
703
704 return ret;
705 }
706
disable_trace_eprobe(struct trace_event_call * call,struct trace_event_file * file)707 static int disable_trace_eprobe(struct trace_event_call *call,
708 struct trace_event_file *file)
709 {
710 struct trace_probe *tp;
711 struct trace_eprobe *ep;
712
713 tp = trace_probe_primary_from_call(call);
714 if (WARN_ON_ONCE(!tp))
715 return -ENODEV;
716
717 if (file) {
718 if (!trace_probe_get_file_link(tp, file))
719 return -ENOENT;
720 if (!trace_probe_has_single_file(tp))
721 goto out;
722 trace_probe_clear_flag(tp, TP_FLAG_TRACE);
723 } else
724 trace_probe_clear_flag(tp, TP_FLAG_PROFILE);
725
726 if (!trace_probe_is_enabled(tp)) {
727 for_each_trace_eprobe_tp(ep, tp)
728 disable_eprobe(ep, file->tr);
729 }
730
731 out:
732 if (file)
733 /*
734 * Synchronization is done in below function. For perf event,
735 * file == NULL and perf_trace_event_unreg() calls
736 * tracepoint_synchronize_unregister() to ensure synchronize
737 * event. We don't need to care about it.
738 */
739 trace_probe_remove_file(tp, file);
740
741 return 0;
742 }
743
eprobe_register(struct trace_event_call * event,enum trace_reg type,void * data)744 static int eprobe_register(struct trace_event_call *event,
745 enum trace_reg type, void *data)
746 {
747 struct trace_event_file *file = data;
748
749 switch (type) {
750 case TRACE_REG_REGISTER:
751 return enable_trace_eprobe(event, file);
752 case TRACE_REG_UNREGISTER:
753 return disable_trace_eprobe(event, file);
754 #ifdef CONFIG_PERF_EVENTS
755 case TRACE_REG_PERF_REGISTER:
756 case TRACE_REG_PERF_UNREGISTER:
757 case TRACE_REG_PERF_OPEN:
758 case TRACE_REG_PERF_CLOSE:
759 case TRACE_REG_PERF_ADD:
760 case TRACE_REG_PERF_DEL:
761 return 0;
762 #endif
763 }
764 return 0;
765 }
766
init_trace_eprobe_call(struct trace_eprobe * ep)767 static inline void init_trace_eprobe_call(struct trace_eprobe *ep)
768 {
769 struct trace_event_call *call = trace_probe_event_call(&ep->tp);
770
771 call->flags = TRACE_EVENT_FL_EPROBE;
772 call->event.funcs = &eprobe_funcs;
773 call->class->fields_array = eprobe_fields_array;
774 call->class->reg = eprobe_register;
775 }
776
777 static struct trace_event_call *
find_and_get_event(const char * system,const char * event_name)778 find_and_get_event(const char *system, const char *event_name)
779 {
780 struct trace_event_call *tp_event;
781 const char *name;
782
783 list_for_each_entry(tp_event, &ftrace_events, list) {
784 /* Skip other probes and ftrace events */
785 if (tp_event->flags &
786 (TRACE_EVENT_FL_IGNORE_ENABLE |
787 TRACE_EVENT_FL_KPROBE |
788 TRACE_EVENT_FL_UPROBE |
789 TRACE_EVENT_FL_EPROBE))
790 continue;
791 if (!tp_event->class->system ||
792 strcmp(system, tp_event->class->system))
793 continue;
794 name = trace_event_name(tp_event);
795 if (!name || strcmp(event_name, name))
796 continue;
797 if (!trace_event_try_get_ref(tp_event))
798 return NULL;
799 return tp_event;
800 }
801 return NULL;
802 }
803
trace_eprobe_tp_update_arg(struct trace_eprobe * ep,const char * argv[],int i)804 static int trace_eprobe_tp_update_arg(struct trace_eprobe *ep, const char *argv[], int i)
805 {
806 struct traceprobe_parse_context *ctx __free(traceprobe_parse_context) = NULL;
807 int ret;
808
809 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
810 if (!ctx)
811 return -ENOMEM;
812 ctx->event = ep->event;
813 ctx->flags = TPARG_FL_KERNEL | TPARG_FL_TEVENT;
814
815 ret = traceprobe_parse_probe_arg(&ep->tp, i, argv[i], ctx);
816 /* Handle symbols "@" */
817 if (!ret)
818 ret = traceprobe_update_arg(&ep->tp.args[i]);
819
820 return ret;
821 }
822
trace_eprobe_parse_filter(struct trace_eprobe * ep,int argc,const char * argv[])823 static int trace_eprobe_parse_filter(struct trace_eprobe *ep, int argc, const char *argv[])
824 {
825 struct event_filter *dummy = NULL;
826 int i, ret, len = 0;
827 char *p;
828
829 if (argc == 0) {
830 trace_probe_log_err(0, NO_EP_FILTER);
831 return -EINVAL;
832 }
833
834 /* Recover the filter string */
835 for (i = 0; i < argc; i++)
836 len += strlen(argv[i]) + 1;
837
838 ep->filter_str = kzalloc(len, GFP_KERNEL);
839 if (!ep->filter_str)
840 return -ENOMEM;
841
842 p = ep->filter_str;
843 for (i = 0; i < argc; i++) {
844 if (i)
845 ret = snprintf(p, len, " %s", argv[i]);
846 else
847 ret = snprintf(p, len, "%s", argv[i]);
848 p += ret;
849 len -= ret;
850 }
851
852 /*
853 * Ensure the filter string can be parsed correctly. Note, this
854 * filter string is for the original event, not for the eprobe.
855 */
856 ret = create_event_filter(top_trace_array(), ep->event, ep->filter_str,
857 true, &dummy);
858 free_event_filter(dummy);
859 if (ret)
860 goto error;
861
862 return 0;
863 error:
864 kfree(ep->filter_str);
865 ep->filter_str = NULL;
866 return ret;
867 }
868
__trace_eprobe_create(int argc,const char * argv[])869 static int __trace_eprobe_create(int argc, const char *argv[])
870 {
871 /*
872 * Argument syntax:
873 * e[:[GRP/][ENAME]] SYSTEM.EVENT [FETCHARGS] [if FILTER]
874 * Fetch args (no space):
875 * <name>=$<field>[:TYPE]
876 */
877 const char *event = NULL, *group = EPROBE_EVENT_SYSTEM;
878 const char *sys_event = NULL, *sys_name = NULL;
879 struct trace_event_call *event_call;
880 char *buf1 __free(kfree) = NULL;
881 char *buf2 __free(kfree) = NULL;
882 char *gbuf __free(kfree) = NULL;
883 struct trace_eprobe *ep = NULL;
884 int ret = 0, filter_idx = 0;
885 int i, filter_cnt;
886
887 if (argc < 2 || argv[0][0] != 'e')
888 return -ECANCELED;
889
890 trace_probe_log_init("event_probe", argc, argv);
891
892 event = strchr(&argv[0][1], ':');
893 if (event) {
894 gbuf = kmalloc(MAX_EVENT_NAME_LEN, GFP_KERNEL);
895 if (!gbuf)
896 goto mem_error;
897 event++;
898 ret = traceprobe_parse_event_name(&event, &group, gbuf,
899 event - argv[0]);
900 if (ret)
901 goto parse_error;
902 }
903
904 trace_probe_log_set_index(1);
905 sys_event = argv[1];
906
907 buf2 = kmalloc(MAX_EVENT_NAME_LEN, GFP_KERNEL);
908 if (!buf2)
909 goto mem_error;
910
911 ret = traceprobe_parse_event_name(&sys_event, &sys_name, buf2, 0);
912 if (ret || !sys_event || !sys_name) {
913 trace_probe_log_err(0, NO_EVENT_INFO);
914 goto parse_error;
915 }
916
917 if (!event) {
918 buf1 = kstrdup(sys_event, GFP_KERNEL);
919 if (!buf1)
920 goto mem_error;
921 event = buf1;
922 }
923
924 for (i = 2; i < argc; i++) {
925 if (!strcmp(argv[i], "if")) {
926 filter_idx = i + 1;
927 filter_cnt = argc - filter_idx;
928 argc = i;
929 break;
930 }
931 }
932
933 if (argc - 2 > MAX_TRACE_ARGS) {
934 trace_probe_log_set_index(2);
935 trace_probe_log_err(0, TOO_MANY_ARGS);
936 ret = -E2BIG;
937 goto error;
938 }
939
940 scoped_guard(mutex, &event_mutex) {
941 event_call = find_and_get_event(sys_name, sys_event);
942 ep = alloc_event_probe(group, event, event_call, argc - 2);
943 }
944
945 if (IS_ERR(ep)) {
946 ret = PTR_ERR(ep);
947 if (ret == -ENODEV)
948 trace_probe_log_err(0, BAD_ATTACH_EVENT);
949 /* This must return -ENOMEM or missing event, else there is a bug */
950 WARN_ON_ONCE(ret != -ENOMEM && ret != -ENODEV);
951 ep = NULL;
952 goto error;
953 }
954
955 if (filter_idx) {
956 trace_probe_log_set_index(filter_idx);
957 ret = trace_eprobe_parse_filter(ep, filter_cnt, argv + filter_idx);
958 if (ret)
959 goto parse_error;
960 } else
961 ep->filter_str = NULL;
962
963 argc -= 2; argv += 2;
964 /* parse arguments */
965 for (i = 0; i < argc; i++) {
966 trace_probe_log_set_index(i + 2);
967 ret = trace_eprobe_tp_update_arg(ep, argv, i);
968 if (ret)
969 goto error;
970 }
971 ret = traceprobe_set_print_fmt(&ep->tp, PROBE_PRINT_EVENT);
972 if (ret < 0)
973 goto error;
974 init_trace_eprobe_call(ep);
975 scoped_guard(mutex, &event_mutex) {
976 ret = trace_probe_register_event_call(&ep->tp);
977 if (ret) {
978 if (ret == -EEXIST) {
979 trace_probe_log_set_index(0);
980 trace_probe_log_err(0, EVENT_EXIST);
981 }
982 goto error;
983 }
984 ret = dyn_event_add(&ep->devent, &ep->tp.event->call);
985 if (ret < 0) {
986 trace_probe_unregister_event_call(&ep->tp);
987 goto error;
988 }
989 }
990 trace_probe_log_clear();
991 return ret;
992
993 mem_error:
994 ret = -ENOMEM;
995 goto error;
996 parse_error:
997 ret = -EINVAL;
998 error:
999 trace_probe_log_clear();
1000 trace_event_probe_cleanup(ep);
1001 return ret;
1002 }
1003
1004 /*
1005 * Register dynevent at core_initcall. This allows kernel to setup eprobe
1006 * events in postcore_initcall without tracefs.
1007 */
trace_events_eprobe_init_early(void)1008 static __init int trace_events_eprobe_init_early(void)
1009 {
1010 int err = 0;
1011
1012 err = dyn_event_register(&eprobe_dyn_event_ops);
1013 if (err)
1014 pr_warn("Could not register eprobe_dyn_event_ops\n");
1015
1016 return err;
1017 }
1018 core_initcall(trace_events_eprobe_init_early);
1019