1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Kprobes-based tracing events 4 * 5 * Created by Masami Hiramatsu <mhiramat@redhat.com> 6 * 7 */ 8 #define pr_fmt(fmt) "trace_kprobe: " fmt 9 10 #include <linux/bpf-cgroup.h> 11 #include <linux/cleanup.h> 12 #include <linux/error-injection.h> 13 #include <linux/module.h> 14 #include <linux/rculist.h> 15 #include <linux/security.h> 16 #include <linux/uaccess.h> 17 18 #include <asm/setup.h> /* for COMMAND_LINE_SIZE */ 19 20 #include "trace_dynevent.h" 21 #include "trace_kprobe_selftest.h" 22 #include "trace_probe.h" 23 #include "trace_probe_kernel.h" 24 #include "trace_probe_tmpl.h" 25 26 #define KPROBE_EVENT_SYSTEM "kprobes" 27 #define KRETPROBE_MAXACTIVE_MAX 4096 28 29 /* Kprobe early definition from command line */ 30 static char kprobe_boot_events_buf[COMMAND_LINE_SIZE] __initdata; 31 32 static int __init set_kprobe_boot_events(char *str) 33 { 34 trace_append_boot_param(kprobe_boot_events_buf, str, ';', 35 COMMAND_LINE_SIZE); 36 disable_tracing_selftest("running kprobe events"); 37 38 return 1; 39 } 40 __setup("kprobe_event=", set_kprobe_boot_events); 41 42 static int trace_kprobe_create(const char *raw_command); 43 static int trace_kprobe_show(struct seq_file *m, struct dyn_event *ev); 44 static int trace_kprobe_release(struct dyn_event *ev); 45 static bool trace_kprobe_is_busy(struct dyn_event *ev); 46 static bool trace_kprobe_match(const char *system, const char *event, 47 int argc, const char **argv, struct dyn_event *ev); 48 49 static struct dyn_event_operations trace_kprobe_ops = { 50 .create = trace_kprobe_create, 51 .show = trace_kprobe_show, 52 .is_busy = trace_kprobe_is_busy, 53 .free = trace_kprobe_release, 54 .match = trace_kprobe_match, 55 }; 56 57 /* 58 * Kprobe event core functions 59 */ 60 struct trace_kprobe { 61 struct dyn_event devent; 62 struct kretprobe rp; /* Use rp.kp for kprobe use */ 63 unsigned long __percpu *nhit; 64 const char *symbol; /* symbol name */ 65 struct trace_probe tp; 66 }; 67 68 static bool is_trace_kprobe(struct dyn_event *ev) 69 { 70 return ev->ops == &trace_kprobe_ops; 71 } 72 73 static struct trace_kprobe *to_trace_kprobe(struct dyn_event *ev) 74 { 75 return container_of(ev, struct trace_kprobe, devent); 76 } 77 78 /** 79 * for_each_trace_kprobe - iterate over the trace_kprobe list 80 * @pos: the struct trace_kprobe * for each entry 81 * @dpos: the struct dyn_event * to use as a loop cursor 82 */ 83 #define for_each_trace_kprobe(pos, dpos) \ 84 for_each_dyn_event(dpos) \ 85 if (is_trace_kprobe(dpos) && (pos = to_trace_kprobe(dpos))) 86 #define trace_kprobe_list_empty() list_empty(&dyn_event_list) 87 88 static nokprobe_inline bool trace_kprobe_is_return(struct trace_kprobe *tk) 89 { 90 return tk->rp.handler != NULL; 91 } 92 93 static nokprobe_inline const char *trace_kprobe_symbol(struct trace_kprobe *tk) 94 { 95 return tk->symbol ? tk->symbol : "unknown"; 96 } 97 98 static nokprobe_inline unsigned long trace_kprobe_offset(struct trace_kprobe *tk) 99 { 100 return tk->rp.kp.offset; 101 } 102 103 static nokprobe_inline bool trace_kprobe_has_gone(struct trace_kprobe *tk) 104 { 105 return kprobe_gone(&tk->rp.kp); 106 } 107 108 static nokprobe_inline bool trace_kprobe_within_module(struct trace_kprobe *tk, 109 struct module *mod) 110 { 111 int len = strlen(module_name(mod)); 112 const char *name = trace_kprobe_symbol(tk); 113 114 return strncmp(module_name(mod), name, len) == 0 && name[len] == ':'; 115 } 116 117 #ifdef CONFIG_MODULES 118 static nokprobe_inline bool trace_kprobe_module_exist(struct trace_kprobe *tk) 119 { 120 char *p; 121 bool ret; 122 123 if (!tk->symbol) 124 return false; 125 p = strchr(tk->symbol, ':'); 126 if (!p) 127 return true; 128 *p = '\0'; 129 scoped_guard(rcu) 130 ret = !!find_module(tk->symbol); 131 *p = ':'; 132 133 return ret; 134 } 135 #else 136 static inline bool trace_kprobe_module_exist(struct trace_kprobe *tk) 137 { 138 return false; 139 } 140 #endif 141 142 static bool trace_kprobe_is_busy(struct dyn_event *ev) 143 { 144 struct trace_kprobe *tk = to_trace_kprobe(ev); 145 146 return trace_probe_is_enabled(&tk->tp); 147 } 148 149 static bool trace_kprobe_match_command_head(struct trace_kprobe *tk, 150 int argc, const char **argv) 151 { 152 char buf[MAX_ARGSTR_LEN + 1]; 153 154 if (!argc) 155 return true; 156 157 if (!tk->symbol) 158 snprintf(buf, sizeof(buf), "0x%p", tk->rp.kp.addr); 159 else if (tk->rp.kp.offset) 160 snprintf(buf, sizeof(buf), "%s+%u", 161 trace_kprobe_symbol(tk), tk->rp.kp.offset); 162 else 163 snprintf(buf, sizeof(buf), "%s", trace_kprobe_symbol(tk)); 164 if (strcmp(buf, argv[0])) 165 return false; 166 argc--; argv++; 167 168 return trace_probe_match_command_args(&tk->tp, argc, argv); 169 } 170 171 static bool trace_kprobe_match(const char *system, const char *event, 172 int argc, const char **argv, struct dyn_event *ev) 173 { 174 struct trace_kprobe *tk = to_trace_kprobe(ev); 175 176 return (event[0] == '\0' || 177 strcmp(trace_probe_name(&tk->tp), event) == 0) && 178 (!system || strcmp(trace_probe_group_name(&tk->tp), system) == 0) && 179 trace_kprobe_match_command_head(tk, argc, argv); 180 } 181 182 static nokprobe_inline unsigned long trace_kprobe_nhit(struct trace_kprobe *tk) 183 { 184 unsigned long nhit = 0; 185 int cpu; 186 187 for_each_possible_cpu(cpu) 188 nhit += *per_cpu_ptr(tk->nhit, cpu); 189 190 return nhit; 191 } 192 193 static nokprobe_inline bool trace_kprobe_is_registered(struct trace_kprobe *tk) 194 { 195 return !(list_empty(&tk->rp.kp.list) && 196 hlist_unhashed(&tk->rp.kp.hlist)); 197 } 198 199 /* Return 0 if it fails to find the symbol address */ 200 static nokprobe_inline 201 unsigned long trace_kprobe_address(struct trace_kprobe *tk) 202 { 203 unsigned long addr; 204 205 if (tk->symbol) { 206 addr = (unsigned long) 207 kallsyms_lookup_name(trace_kprobe_symbol(tk)); 208 if (addr) 209 addr += tk->rp.kp.offset; 210 } else { 211 addr = (unsigned long)tk->rp.kp.addr; 212 } 213 return addr; 214 } 215 216 static nokprobe_inline struct trace_kprobe * 217 trace_kprobe_primary_from_call(struct trace_event_call *call) 218 { 219 struct trace_probe *tp; 220 221 tp = trace_probe_primary_from_call(call); 222 if (WARN_ON_ONCE(!tp)) 223 return NULL; 224 225 return container_of(tp, struct trace_kprobe, tp); 226 } 227 228 bool trace_kprobe_on_func_entry(struct trace_event_call *call) 229 { 230 struct trace_kprobe *tk = trace_kprobe_primary_from_call(call); 231 232 return tk ? (kprobe_on_func_entry(tk->rp.kp.addr, 233 tk->rp.kp.addr ? NULL : tk->rp.kp.symbol_name, 234 tk->rp.kp.addr ? 0 : tk->rp.kp.offset) == 0) : false; 235 } 236 237 bool trace_kprobe_error_injectable(struct trace_event_call *call) 238 { 239 struct trace_kprobe *tk = trace_kprobe_primary_from_call(call); 240 241 return tk ? within_error_injection_list(trace_kprobe_address(tk)) : 242 false; 243 } 244 245 static int register_kprobe_event(struct trace_kprobe *tk); 246 static int unregister_kprobe_event(struct trace_kprobe *tk); 247 248 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs); 249 static int kretprobe_dispatcher(struct kretprobe_instance *ri, 250 struct pt_regs *regs); 251 252 static void free_trace_kprobe(struct trace_kprobe *tk) 253 { 254 if (tk) { 255 trace_probe_cleanup(&tk->tp); 256 kfree(tk->symbol); 257 free_percpu(tk->nhit); 258 kfree(tk); 259 } 260 } 261 262 DEFINE_FREE(free_trace_kprobe, struct trace_kprobe *, 263 if (!IS_ERR_OR_NULL(_T)) free_trace_kprobe(_T)) 264 265 /* 266 * Allocate new trace_probe and initialize it (including kprobes). 267 */ 268 static struct trace_kprobe *alloc_trace_kprobe(const char *group, 269 const char *event, 270 void *addr, 271 const char *symbol, 272 unsigned long offs, 273 int maxactive, 274 int nargs, bool is_return) 275 { 276 struct trace_kprobe *tk __free(free_trace_kprobe) = NULL; 277 int ret = -ENOMEM; 278 279 tk = kzalloc_flex(*tk, tp.args, nargs); 280 if (!tk) 281 return ERR_PTR(ret); 282 283 tk->nhit = alloc_percpu(unsigned long); 284 if (!tk->nhit) 285 return ERR_PTR(ret); 286 287 if (symbol) { 288 tk->symbol = kstrdup(symbol, GFP_KERNEL); 289 if (!tk->symbol) 290 return ERR_PTR(ret); 291 tk->rp.kp.symbol_name = tk->symbol; 292 tk->rp.kp.offset = offs; 293 } else 294 tk->rp.kp.addr = addr; 295 296 if (is_return) 297 tk->rp.handler = kretprobe_dispatcher; 298 else 299 tk->rp.kp.pre_handler = kprobe_dispatcher; 300 301 tk->rp.maxactive = maxactive; 302 INIT_HLIST_NODE(&tk->rp.kp.hlist); 303 INIT_LIST_HEAD(&tk->rp.kp.list); 304 305 ret = trace_probe_init(&tk->tp, event, group, false, nargs); 306 if (ret < 0) 307 return ERR_PTR(ret); 308 309 dyn_event_init(&tk->devent, &trace_kprobe_ops); 310 return_ptr(tk); 311 } 312 313 static struct trace_kprobe *find_trace_kprobe(const char *event, 314 const char *group) 315 { 316 struct dyn_event *pos; 317 struct trace_kprobe *tk; 318 319 for_each_trace_kprobe(tk, pos) 320 if (strcmp(trace_probe_name(&tk->tp), event) == 0 && 321 strcmp(trace_probe_group_name(&tk->tp), group) == 0) 322 return tk; 323 return NULL; 324 } 325 326 static inline int __enable_trace_kprobe(struct trace_kprobe *tk) 327 { 328 int ret = 0; 329 330 if (trace_kprobe_is_registered(tk) && !trace_kprobe_has_gone(tk)) { 331 if (trace_kprobe_is_return(tk)) 332 ret = enable_kretprobe(&tk->rp); 333 else 334 ret = enable_kprobe(&tk->rp.kp); 335 } 336 337 return ret; 338 } 339 340 static void __disable_trace_kprobe(struct trace_probe *tp) 341 { 342 struct trace_kprobe *tk; 343 344 list_for_each_entry(tk, trace_probe_probe_list(tp), tp.list) { 345 if (!trace_kprobe_is_registered(tk)) 346 continue; 347 if (trace_kprobe_is_return(tk)) 348 disable_kretprobe(&tk->rp); 349 else 350 disable_kprobe(&tk->rp.kp); 351 } 352 } 353 354 /* 355 * Enable trace_probe 356 * if the file is NULL, enable "perf" handler, or enable "trace" handler. 357 */ 358 static int enable_trace_kprobe(struct trace_event_call *call, 359 struct trace_event_file *file) 360 { 361 struct trace_probe *tp; 362 struct trace_kprobe *tk; 363 bool enabled; 364 int ret = 0; 365 366 tp = trace_probe_primary_from_call(call); 367 if (WARN_ON_ONCE(!tp)) 368 return -ENODEV; 369 enabled = trace_probe_is_enabled(tp); 370 371 /* This also changes "enabled" state */ 372 if (file) { 373 ret = trace_probe_add_file(tp, file); 374 if (ret) 375 return ret; 376 } else 377 trace_probe_set_flag(tp, TP_FLAG_PROFILE); 378 379 if (enabled) 380 return 0; 381 382 list_for_each_entry(tk, trace_probe_probe_list(tp), tp.list) { 383 if (trace_kprobe_has_gone(tk)) 384 continue; 385 ret = __enable_trace_kprobe(tk); 386 if (ret) 387 break; 388 enabled = true; 389 } 390 391 if (ret) { 392 /* Failed to enable one of them. Roll back all */ 393 if (enabled) 394 __disable_trace_kprobe(tp); 395 if (file) 396 trace_probe_remove_file(tp, file); 397 else 398 trace_probe_clear_flag(tp, TP_FLAG_PROFILE); 399 } 400 401 return ret; 402 } 403 404 /* 405 * Disable trace_probe 406 * if the file is NULL, disable "perf" handler, or disable "trace" handler. 407 */ 408 static int disable_trace_kprobe(struct trace_event_call *call, 409 struct trace_event_file *file) 410 { 411 struct trace_probe *tp; 412 413 tp = trace_probe_primary_from_call(call); 414 if (WARN_ON_ONCE(!tp)) 415 return -ENODEV; 416 417 if (file) { 418 if (!trace_probe_get_file_link(tp, file)) 419 return -ENOENT; 420 if (!trace_probe_has_single_file(tp)) 421 goto out; 422 trace_probe_clear_flag(tp, TP_FLAG_TRACE); 423 } else 424 trace_probe_clear_flag(tp, TP_FLAG_PROFILE); 425 426 if (!trace_probe_is_enabled(tp)) 427 __disable_trace_kprobe(tp); 428 429 out: 430 if (file) 431 /* 432 * Synchronization is done in below function. For perf event, 433 * file == NULL and perf_trace_event_unreg() calls 434 * tracepoint_synchronize_unregister() to ensure synchronize 435 * event. We don't need to care about it. 436 */ 437 trace_probe_remove_file(tp, file); 438 439 return 0; 440 } 441 442 #if defined(CONFIG_DYNAMIC_FTRACE) && \ 443 !defined(CONFIG_KPROBE_EVENTS_ON_NOTRACE) 444 static bool __within_notrace_func(unsigned long addr) 445 { 446 unsigned long offset, size; 447 448 if (!addr || !kallsyms_lookup_size_offset(addr, &size, &offset)) 449 return false; 450 451 /* Get the entry address of the target function */ 452 addr -= offset; 453 454 /* 455 * Since ftrace_location_range() does inclusive range check, we need 456 * to subtract 1 byte from the end address. 457 */ 458 return !ftrace_location_range(addr, addr + size - 1); 459 } 460 461 static bool within_notrace_func(struct trace_kprobe *tk) 462 { 463 unsigned long addr = trace_kprobe_address(tk); 464 char symname[KSYM_NAME_LEN], *p; 465 466 if (!__within_notrace_func(addr)) 467 return false; 468 469 /* Check if the address is on a suffixed-symbol */ 470 if (!lookup_symbol_name(addr, symname)) { 471 p = strchr(symname, '.'); 472 if (!p) 473 return true; 474 *p = '\0'; 475 addr = (unsigned long)kprobe_lookup_name(symname, 0); 476 if (addr) 477 return __within_notrace_func(addr); 478 } 479 480 return true; 481 } 482 #else 483 #define within_notrace_func(tk) (false) 484 #endif 485 486 /* Internal register function - just handle k*probes and flags */ 487 static int __register_trace_kprobe(struct trace_kprobe *tk) 488 { 489 int i, ret; 490 491 ret = security_locked_down(LOCKDOWN_KPROBES); 492 if (ret) 493 return ret; 494 495 if (trace_kprobe_is_registered(tk)) 496 return -EINVAL; 497 498 if (within_notrace_func(tk)) { 499 pr_warn("Could not probe notrace function %ps\n", 500 (void *)trace_kprobe_address(tk)); 501 return -EINVAL; 502 } 503 504 for (i = 0; i < tk->tp.nr_args; i++) { 505 ret = traceprobe_update_arg(&tk->tp.args[i]); 506 if (ret) 507 return ret; 508 } 509 510 /* Set/clear disabled flag according to tp->flag */ 511 if (trace_probe_is_enabled(&tk->tp)) 512 tk->rp.kp.flags &= ~KPROBE_FLAG_DISABLED; 513 else 514 tk->rp.kp.flags |= KPROBE_FLAG_DISABLED; 515 516 if (trace_kprobe_is_return(tk)) 517 ret = register_kretprobe(&tk->rp); 518 else 519 ret = register_kprobe(&tk->rp.kp); 520 521 return ret; 522 } 523 524 /* Internal unregister function - just handle k*probes and flags */ 525 static void __unregister_trace_kprobe(struct trace_kprobe *tk) 526 { 527 if (trace_kprobe_is_registered(tk)) { 528 if (trace_kprobe_is_return(tk)) 529 unregister_kretprobe(&tk->rp); 530 else 531 unregister_kprobe(&tk->rp.kp); 532 /* Cleanup kprobe for reuse and mark it unregistered */ 533 INIT_HLIST_NODE(&tk->rp.kp.hlist); 534 INIT_LIST_HEAD(&tk->rp.kp.list); 535 if (tk->rp.kp.symbol_name) 536 tk->rp.kp.addr = NULL; 537 } 538 } 539 540 /* Unregister a trace_probe and probe_event */ 541 static int unregister_trace_kprobe(struct trace_kprobe *tk) 542 { 543 /* If other probes are on the event, just unregister kprobe */ 544 if (trace_probe_has_sibling(&tk->tp)) 545 goto unreg; 546 547 /* Enabled event can not be unregistered */ 548 if (trace_probe_is_enabled(&tk->tp)) 549 return -EBUSY; 550 551 /* If there's a reference to the dynamic event */ 552 if (trace_event_dyn_busy(trace_probe_event_call(&tk->tp))) 553 return -EBUSY; 554 555 /* Will fail if probe is being used by ftrace or perf */ 556 if (unregister_kprobe_event(tk)) 557 return -EBUSY; 558 559 unreg: 560 __unregister_trace_kprobe(tk); 561 dyn_event_remove(&tk->devent); 562 trace_probe_unlink(&tk->tp); 563 564 return 0; 565 } 566 567 static bool trace_kprobe_has_same_kprobe(struct trace_kprobe *orig, 568 struct trace_kprobe *comp) 569 { 570 struct trace_probe_event *tpe = orig->tp.event; 571 int i; 572 573 list_for_each_entry(orig, &tpe->probes, tp.list) { 574 if (strcmp(trace_kprobe_symbol(orig), 575 trace_kprobe_symbol(comp)) || 576 trace_kprobe_offset(orig) != trace_kprobe_offset(comp)) 577 continue; 578 579 /* 580 * trace_probe_compare_arg_type() ensured that nr_args and 581 * each argument name and type are same. Let's compare comm. 582 */ 583 for (i = 0; i < orig->tp.nr_args; i++) { 584 if (strcmp(orig->tp.args[i].comm, 585 comp->tp.args[i].comm)) 586 break; 587 } 588 589 if (i == orig->tp.nr_args) 590 return true; 591 } 592 593 return false; 594 } 595 596 static int append_trace_kprobe(struct trace_kprobe *tk, struct trace_kprobe *to) 597 { 598 int ret; 599 600 ret = trace_probe_compare_arg_type(&tk->tp, &to->tp); 601 if (ret) { 602 /* Note that argument starts index = 2 */ 603 trace_probe_log_set_index(ret + 1); 604 trace_probe_log_err(0, DIFF_ARG_TYPE); 605 return -EEXIST; 606 } 607 if (trace_kprobe_has_same_kprobe(to, tk)) { 608 trace_probe_log_set_index(0); 609 trace_probe_log_err(0, SAME_PROBE); 610 return -EEXIST; 611 } 612 613 /* Append to existing event */ 614 ret = trace_probe_append(&tk->tp, &to->tp); 615 if (ret) 616 return ret; 617 618 /* Register k*probe */ 619 ret = __register_trace_kprobe(tk); 620 if (ret == -ENOENT && !trace_kprobe_module_exist(tk)) { 621 pr_warn("This probe might be able to register after target module is loaded. Continue.\n"); 622 ret = 0; 623 } 624 625 if (ret) 626 trace_probe_unlink(&tk->tp); 627 else 628 dyn_event_add(&tk->devent, trace_probe_event_call(&tk->tp)); 629 630 return ret; 631 } 632 633 /* Register a trace_probe and probe_event */ 634 static int register_trace_kprobe(struct trace_kprobe *tk) 635 { 636 struct trace_kprobe *old_tk; 637 int ret; 638 639 guard(mutex)(&event_mutex); 640 641 old_tk = find_trace_kprobe(trace_probe_name(&tk->tp), 642 trace_probe_group_name(&tk->tp)); 643 if (old_tk) { 644 if (trace_kprobe_is_return(tk) != trace_kprobe_is_return(old_tk)) { 645 trace_probe_log_set_index(0); 646 trace_probe_log_err(0, DIFF_PROBE_TYPE); 647 return -EEXIST; 648 } 649 return append_trace_kprobe(tk, old_tk); 650 } 651 652 /* Register new event */ 653 ret = register_kprobe_event(tk); 654 if (ret) { 655 if (ret == -EEXIST) { 656 trace_probe_log_set_index(0); 657 trace_probe_log_err(0, EVENT_EXIST); 658 } else 659 pr_warn("Failed to register probe event(%d)\n", ret); 660 return ret; 661 } 662 663 /* Register k*probe */ 664 ret = __register_trace_kprobe(tk); 665 if (ret == -ENOENT && !trace_kprobe_module_exist(tk)) { 666 pr_warn("This probe might be able to register after target module is loaded. Continue.\n"); 667 ret = 0; 668 } 669 670 if (ret < 0) 671 unregister_kprobe_event(tk); 672 else 673 dyn_event_add(&tk->devent, trace_probe_event_call(&tk->tp)); 674 675 return ret; 676 } 677 678 #ifdef CONFIG_MODULES 679 static int validate_module_probe_symbol(const char *modname, const char *symbol); 680 681 static int register_module_trace_kprobe(struct module *mod, struct trace_kprobe *tk) 682 { 683 const char *p; 684 int ret = 0; 685 686 p = strchr(trace_kprobe_symbol(tk), ':'); 687 if (p) 688 ret = validate_module_probe_symbol(module_name(mod), p + 1); 689 if (!ret) 690 ret = __register_trace_kprobe(tk); 691 return ret; 692 } 693 694 /* Module notifier call back, checking event on the module */ 695 static int trace_kprobe_module_callback(struct notifier_block *nb, 696 unsigned long val, void *data) 697 { 698 struct module *mod = data; 699 struct dyn_event *pos; 700 struct trace_kprobe *tk; 701 int ret; 702 703 if (val != MODULE_STATE_COMING) 704 return NOTIFY_DONE; 705 706 /* Update probes on coming module */ 707 guard(mutex)(&event_mutex); 708 for_each_trace_kprobe(tk, pos) { 709 if (trace_kprobe_within_module(tk, mod)) { 710 /* Don't need to check busy - this should have gone. */ 711 __unregister_trace_kprobe(tk); 712 ret = register_module_trace_kprobe(mod, tk); 713 if (ret) 714 pr_warn("Failed to re-register probe %s on %s: %d\n", 715 trace_probe_name(&tk->tp), 716 module_name(mod), ret); 717 } 718 } 719 720 return NOTIFY_DONE; 721 } 722 723 static struct notifier_block trace_kprobe_module_nb = { 724 .notifier_call = trace_kprobe_module_callback, 725 .priority = 2 /* Invoked after kprobe and jump_label module callback */ 726 }; 727 static int trace_kprobe_register_module_notifier(void) 728 { 729 return register_module_notifier(&trace_kprobe_module_nb); 730 } 731 #else 732 static int trace_kprobe_register_module_notifier(void) 733 { 734 return 0; 735 } 736 #endif /* CONFIG_MODULES */ 737 738 static int count_symbols(void *data, unsigned long unused) 739 { 740 unsigned int *count = data; 741 742 (*count)++; 743 744 return 0; 745 } 746 747 struct sym_count_ctx { 748 unsigned int count; 749 const char *name; 750 }; 751 752 static int count_mod_symbols(void *data, const char *name, unsigned long unused) 753 { 754 struct sym_count_ctx *ctx = data; 755 756 if (strcmp(name, ctx->name) == 0) 757 ctx->count++; 758 759 return 0; 760 } 761 762 static unsigned int number_of_same_symbols(const char *mod, const char *func_name) 763 { 764 struct sym_count_ctx ctx = { .count = 0, .name = func_name }; 765 766 if (!mod) 767 kallsyms_on_each_match_symbol(count_symbols, func_name, &ctx.count); 768 769 /* 770 * If the symbol is found in vmlinux, use vmlinux resolution only. 771 * This prevents module symbols from shadowing vmlinux symbols 772 * and causing -EADDRNOTAVAIL for unqualified kprobe targets. 773 */ 774 if (!mod && ctx.count > 0) 775 return ctx.count; 776 777 module_kallsyms_on_each_symbol(mod, count_mod_symbols, &ctx); 778 779 return ctx.count; 780 } 781 782 static int validate_module_probe_symbol(const char *modname, const char *symbol) 783 { 784 unsigned int count = number_of_same_symbols(modname, symbol); 785 786 if (count > 1) { 787 /* 788 * Users should use ADDR to remove the ambiguity of 789 * using KSYM only. 790 */ 791 return -EADDRNOTAVAIL; 792 } else if (count == 0) { 793 /* 794 * We can return ENOENT earlier than when register the 795 * kprobe. 796 */ 797 return -ENOENT; 798 } 799 return 0; 800 } 801 802 #ifdef CONFIG_MODULES 803 /* Return NULL if the module is not loaded or under unloading. */ 804 static struct module *try_module_get_by_name(const char *name) 805 { 806 struct module *mod; 807 808 guard(rcu)(); 809 mod = find_module(name); 810 if (mod && !try_module_get(mod)) 811 mod = NULL; 812 return mod; 813 } 814 #else 815 #define try_module_get_by_name(name) (NULL) 816 #endif 817 818 static int validate_probe_symbol(char *symbol) 819 { 820 struct module *mod = NULL; 821 char *modname = NULL, *p; 822 int ret = 0; 823 824 p = strchr(symbol, ':'); 825 if (p) { 826 modname = symbol; 827 symbol = p + 1; 828 *p = '\0'; 829 mod = try_module_get_by_name(modname); 830 if (!mod) 831 goto out; 832 } 833 834 ret = validate_module_probe_symbol(modname, symbol); 835 out: 836 if (p) 837 *p = ':'; 838 if (mod) 839 module_put(mod); 840 return ret; 841 } 842 843 static int trace_kprobe_entry_handler(struct kretprobe_instance *ri, 844 struct pt_regs *regs); 845 846 static int trace_kprobe_create_internal(int argc, const char *argv[], 847 struct traceprobe_parse_context *ctx) 848 { 849 /* 850 * Argument syntax: 851 * - Add kprobe: 852 * p[:[GRP/][EVENT]] [MOD:]KSYM[+OFFS]|KADDR [FETCHARGS] 853 * - Add kretprobe: 854 * r[MAXACTIVE][:[GRP/][EVENT]] [MOD:]KSYM[+0] [FETCHARGS] 855 * Or 856 * p[:[GRP/][EVENT]] [MOD:]KSYM[+0]%return [FETCHARGS] 857 * 858 * Fetch args: 859 * $retval : fetch return value 860 * $stack : fetch stack address 861 * $stackN : fetch Nth of stack (N:0-) 862 * $comm : fetch current task comm 863 * @ADDR : fetch memory at ADDR (ADDR should be in kernel) 864 * @SYM[+|-offs] : fetch memory at SYM +|- offs (SYM is a data symbol) 865 * %REG : fetch register REG 866 * Dereferencing memory fetch: 867 * +|-offs(ARG) : fetch memory at ARG +|- offs address. 868 * Alias name of args: 869 * NAME=FETCHARG : set NAME as alias of FETCHARG. 870 * Type of args: 871 * FETCHARG:TYPE : use TYPE instead of unsigned long. 872 */ 873 struct trace_kprobe *tk __free(free_trace_kprobe) = NULL; 874 const char *event = NULL, *group = KPROBE_EVENT_SYSTEM; 875 const char **new_argv __free(kfree) = NULL; 876 int i, len, new_argc = 0, ret = 0; 877 char *symbol __free(kfree) = NULL; 878 char *ebuf __free(kfree) = NULL; 879 char *gbuf __free(kfree) = NULL; 880 char *abuf __free(kfree) = NULL; 881 char *dbuf __free(kfree) = NULL; 882 enum probe_print_type ptype; 883 bool is_return = false; 884 int maxactive = 0; 885 void *addr = NULL; 886 char *tmp = NULL; 887 long offset = 0; 888 889 switch (argv[0][0]) { 890 case 'r': 891 is_return = true; 892 break; 893 case 'p': 894 break; 895 default: 896 return -ECANCELED; 897 } 898 if (argc < 2) 899 return -ECANCELED; 900 901 event = strchr(&argv[0][1], ':'); 902 if (event) 903 event++; 904 905 if (isdigit(argv[0][1])) { 906 char *buf __free(kfree) = NULL; 907 908 if (!is_return) { 909 trace_probe_log_err(1, BAD_MAXACT_TYPE); 910 return -EINVAL; 911 } 912 if (event) 913 len = event - &argv[0][1] - 1; 914 else 915 len = strlen(&argv[0][1]); 916 if (len > MAX_EVENT_NAME_LEN - 1) { 917 trace_probe_log_err(1, BAD_MAXACT); 918 return -EINVAL; 919 } 920 buf = kmemdup(&argv[0][1], len + 1, GFP_KERNEL); 921 if (!buf) 922 return -ENOMEM; 923 buf[len] = '\0'; 924 ret = kstrtouint(buf, 0, &maxactive); 925 if (ret || !maxactive) { 926 trace_probe_log_err(1, BAD_MAXACT); 927 return -EINVAL; 928 } 929 /* kretprobes instances are iterated over via a list. The 930 * maximum should stay reasonable. 931 */ 932 if (maxactive > KRETPROBE_MAXACTIVE_MAX) { 933 trace_probe_log_err(1, MAXACT_TOO_BIG); 934 return -EINVAL; 935 } 936 } 937 938 /* try to parse an address. if that fails, try to read the 939 * input as a symbol. */ 940 if (kstrtoul(argv[1], 0, (unsigned long *)&addr)) { 941 trace_probe_log_set_index(1); 942 /* Check whether uprobe event specified */ 943 if (strchr(argv[1], '/') && strchr(argv[1], ':')) 944 return -ECANCELED; 945 946 /* a symbol specified */ 947 symbol = kstrdup(argv[1], GFP_KERNEL); 948 if (!symbol) 949 return -ENOMEM; 950 951 tmp = strchr(symbol, '%'); 952 if (tmp) { 953 if (!strcmp(tmp, "%return")) { 954 *tmp = '\0'; 955 is_return = true; 956 } else { 957 trace_probe_log_err(tmp - symbol, BAD_ADDR_SUFFIX); 958 return -EINVAL; 959 } 960 } 961 962 /* TODO: support .init module functions */ 963 ret = traceprobe_split_symbol_offset(symbol, &offset); 964 if (ret || offset < 0 || offset > UINT_MAX) { 965 trace_probe_log_err(0, BAD_PROBE_ADDR); 966 return -EINVAL; 967 } 968 ret = validate_probe_symbol(symbol); 969 if (ret) { 970 if (ret == -EADDRNOTAVAIL) 971 trace_probe_log_err(0, NON_UNIQ_SYMBOL); 972 else 973 trace_probe_log_err(0, BAD_PROBE_ADDR); 974 return -EINVAL; 975 } 976 if (is_return) 977 ctx->flags |= TPARG_FL_RETURN; 978 ret = kprobe_on_func_entry(NULL, symbol, offset); 979 if (ret == 0 && !is_return) 980 ctx->flags |= TPARG_FL_FENTRY; 981 /* Defer the ENOENT case until register kprobe */ 982 if (ret == -EINVAL && is_return) { 983 trace_probe_log_err(0, BAD_RETPROBE); 984 return -EINVAL; 985 } 986 } 987 988 trace_probe_log_set_index(0); 989 if (event) { 990 gbuf = kmalloc(MAX_EVENT_NAME_LEN, GFP_KERNEL); 991 if (!gbuf) 992 return -ENOMEM; 993 ret = traceprobe_parse_event_name(&event, &group, gbuf, 994 event - argv[0]); 995 if (ret) 996 return ret; 997 } 998 999 if (!event) { 1000 /* Make a new event name */ 1001 ebuf = kmalloc(MAX_EVENT_NAME_LEN, GFP_KERNEL); 1002 if (!ebuf) 1003 return -ENOMEM; 1004 if (symbol) 1005 snprintf(ebuf, MAX_EVENT_NAME_LEN, "%c_%s_%ld", 1006 is_return ? 'r' : 'p', symbol, offset); 1007 else 1008 snprintf(ebuf, MAX_EVENT_NAME_LEN, "%c_0x%p", 1009 is_return ? 'r' : 'p', addr); 1010 sanitize_event_name(ebuf); 1011 event = ebuf; 1012 } 1013 1014 abuf = kmalloc(MAX_BTF_ARGS_LEN, GFP_KERNEL); 1015 if (!abuf) 1016 return -ENOMEM; 1017 argc -= 2; argv += 2; 1018 ctx->funcname = symbol; 1019 new_argv = traceprobe_expand_meta_args(argc, argv, &new_argc, 1020 abuf, MAX_BTF_ARGS_LEN, ctx); 1021 if (IS_ERR(new_argv)) { 1022 ret = PTR_ERR(new_argv); 1023 new_argv = NULL; 1024 return ret; 1025 } 1026 if (new_argv) { 1027 argc = new_argc; 1028 argv = new_argv; 1029 } 1030 if (argc > MAX_TRACE_ARGS) { 1031 trace_probe_log_set_index(2); 1032 trace_probe_log_err(0, TOO_MANY_ARGS); 1033 return -E2BIG; 1034 } 1035 1036 ret = traceprobe_expand_dentry_args(argc, argv, &dbuf); 1037 if (ret) 1038 return ret; 1039 1040 /* setup a probe */ 1041 tk = alloc_trace_kprobe(group, event, addr, symbol, offset, maxactive, 1042 argc, is_return); 1043 if (IS_ERR(tk)) { 1044 ret = PTR_ERR(tk); 1045 /* This must return -ENOMEM, else there is a bug */ 1046 WARN_ON_ONCE(ret != -ENOMEM); 1047 return ret; /* We know tk is not allocated */ 1048 } 1049 1050 /* parse arguments */ 1051 for (i = 0; i < argc; i++) { 1052 trace_probe_log_set_index(i + 2); 1053 ctx->offset = 0; 1054 ret = traceprobe_parse_probe_arg(&tk->tp, i, argv[i], ctx); 1055 if (ret) 1056 return ret; /* This can be -ENOMEM */ 1057 } 1058 /* entry handler for kretprobe */ 1059 if (is_return && tk->tp.entry_arg) { 1060 tk->rp.entry_handler = trace_kprobe_entry_handler; 1061 tk->rp.data_size = traceprobe_get_entry_data_size(&tk->tp); 1062 } 1063 1064 ptype = is_return ? PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL; 1065 ret = traceprobe_set_print_fmt(&tk->tp, ptype); 1066 if (ret < 0) 1067 return ret; 1068 1069 ret = register_trace_kprobe(tk); 1070 if (ret) { 1071 trace_probe_log_set_index(1); 1072 if (ret == -EILSEQ) 1073 trace_probe_log_err(0, BAD_INSN_BNDRY); 1074 else if (ret == -ENOENT) 1075 trace_probe_log_err(0, BAD_PROBE_ADDR); 1076 else if (ret != -ENOMEM && ret != -EEXIST) 1077 trace_probe_log_err(0, FAIL_REG_PROBE); 1078 return ret; 1079 } 1080 /* 1081 * Here, 'tk' has been registered to the list successfully, 1082 * so we don't need to free it. 1083 */ 1084 tk = NULL; 1085 1086 return 0; 1087 } 1088 1089 static int trace_kprobe_create_cb(int argc, const char *argv[]) 1090 { 1091 struct traceprobe_parse_context *ctx __free(traceprobe_parse_context) = NULL; 1092 int ret; 1093 1094 ctx = kzalloc_obj(*ctx); 1095 if (!ctx) 1096 return -ENOMEM; 1097 ctx->flags = TPARG_FL_KERNEL; 1098 1099 trace_probe_log_init("trace_kprobe", argc, argv); 1100 1101 ret = trace_kprobe_create_internal(argc, argv, ctx); 1102 1103 trace_probe_log_clear(); 1104 return ret; 1105 } 1106 1107 static int trace_kprobe_create(const char *raw_command) 1108 { 1109 return trace_probe_create(raw_command, trace_kprobe_create_cb); 1110 } 1111 1112 static int create_or_delete_trace_kprobe(const char *raw_command) 1113 { 1114 int ret; 1115 1116 if (raw_command[0] == '-') 1117 return dyn_event_release(raw_command, &trace_kprobe_ops); 1118 1119 ret = dyn_event_create(raw_command, &trace_kprobe_ops); 1120 return ret == -ECANCELED ? -EINVAL : ret; 1121 } 1122 1123 static int trace_kprobe_run_command(struct dynevent_cmd *cmd) 1124 { 1125 return create_or_delete_trace_kprobe(cmd->seq.buffer); 1126 } 1127 1128 /** 1129 * kprobe_event_cmd_init - Initialize a kprobe event command object 1130 * @cmd: A pointer to the dynevent_cmd struct representing the new event 1131 * @buf: A pointer to the buffer used to build the command 1132 * @maxlen: The length of the buffer passed in @buf 1133 * 1134 * Initialize a synthetic event command object. Use this before 1135 * calling any of the other kprobe_event functions. 1136 */ 1137 void kprobe_event_cmd_init(struct dynevent_cmd *cmd, char *buf, int maxlen) 1138 { 1139 dynevent_cmd_init(cmd, buf, maxlen, DYNEVENT_TYPE_KPROBE, 1140 trace_kprobe_run_command); 1141 } 1142 EXPORT_SYMBOL_GPL(kprobe_event_cmd_init); 1143 1144 /** 1145 * __kprobe_event_gen_cmd_start - Generate a kprobe event command from arg list 1146 * @cmd: A pointer to the dynevent_cmd struct representing the new event 1147 * @kretprobe: Is this a return probe? 1148 * @name: The name of the kprobe event 1149 * @loc: The location of the kprobe event 1150 * @...: Variable number of arg (pairs), one pair for each field 1151 * 1152 * NOTE: Users normally won't want to call this function directly, but 1153 * rather use the kprobe_event_gen_cmd_start() wrapper, which automatically 1154 * adds a NULL to the end of the arg list. If this function is used 1155 * directly, make sure the last arg in the variable arg list is NULL. 1156 * 1157 * Generate a kprobe event command to be executed by 1158 * kprobe_event_gen_cmd_end(). This function can be used to generate the 1159 * complete command or only the first part of it; in the latter case, 1160 * kprobe_event_add_fields() can be used to add more fields following this. 1161 * 1162 * Unlikely the synth_event_gen_cmd_start(), @loc must be specified. This 1163 * returns -EINVAL if @loc == NULL. 1164 * 1165 * Return: 0 if successful, error otherwise. 1166 */ 1167 int __kprobe_event_gen_cmd_start(struct dynevent_cmd *cmd, bool kretprobe, 1168 const char *name, const char *loc, ...) 1169 { 1170 char buf[MAX_EVENT_NAME_LEN]; 1171 struct dynevent_arg arg; 1172 va_list args; 1173 int ret; 1174 1175 if (cmd->type != DYNEVENT_TYPE_KPROBE) 1176 return -EINVAL; 1177 1178 if (!loc) 1179 return -EINVAL; 1180 1181 if (kretprobe) 1182 snprintf(buf, MAX_EVENT_NAME_LEN, "r:kprobes/%s", name); 1183 else 1184 snprintf(buf, MAX_EVENT_NAME_LEN, "p:kprobes/%s", name); 1185 1186 ret = dynevent_str_add(cmd, buf); 1187 if (ret) 1188 return ret; 1189 1190 dynevent_arg_init(&arg, 0); 1191 arg.str = loc; 1192 ret = dynevent_arg_add(cmd, &arg, NULL); 1193 if (ret) 1194 return ret; 1195 1196 va_start(args, loc); 1197 for (;;) { 1198 const char *field; 1199 1200 field = va_arg(args, const char *); 1201 if (!field) 1202 break; 1203 1204 if (++cmd->n_fields > MAX_TRACE_ARGS) { 1205 ret = -EINVAL; 1206 break; 1207 } 1208 1209 arg.str = field; 1210 ret = dynevent_arg_add(cmd, &arg, NULL); 1211 if (ret) 1212 break; 1213 } 1214 va_end(args); 1215 1216 return ret; 1217 } 1218 EXPORT_SYMBOL_GPL(__kprobe_event_gen_cmd_start); 1219 1220 /** 1221 * __kprobe_event_add_fields - Add probe fields to a kprobe command from arg list 1222 * @cmd: A pointer to the dynevent_cmd struct representing the new event 1223 * @...: Variable number of arg (pairs), one pair for each field 1224 * 1225 * NOTE: Users normally won't want to call this function directly, but 1226 * rather use the kprobe_event_add_fields() wrapper, which 1227 * automatically adds a NULL to the end of the arg list. If this 1228 * function is used directly, make sure the last arg in the variable 1229 * arg list is NULL. 1230 * 1231 * Add probe fields to an existing kprobe command using a variable 1232 * list of args. Fields are added in the same order they're listed. 1233 * 1234 * Return: 0 if successful, error otherwise. 1235 */ 1236 int __kprobe_event_add_fields(struct dynevent_cmd *cmd, ...) 1237 { 1238 struct dynevent_arg arg; 1239 va_list args; 1240 int ret = 0; 1241 1242 if (cmd->type != DYNEVENT_TYPE_KPROBE) 1243 return -EINVAL; 1244 1245 dynevent_arg_init(&arg, 0); 1246 1247 va_start(args, cmd); 1248 for (;;) { 1249 const char *field; 1250 1251 field = va_arg(args, const char *); 1252 if (!field) 1253 break; 1254 1255 if (++cmd->n_fields > MAX_TRACE_ARGS) { 1256 ret = -EINVAL; 1257 break; 1258 } 1259 1260 arg.str = field; 1261 ret = dynevent_arg_add(cmd, &arg, NULL); 1262 if (ret) 1263 break; 1264 } 1265 va_end(args); 1266 1267 return ret; 1268 } 1269 EXPORT_SYMBOL_GPL(__kprobe_event_add_fields); 1270 1271 /** 1272 * kprobe_event_delete - Delete a kprobe event 1273 * @name: The name of the kprobe event to delete 1274 * 1275 * Delete a kprobe event with the give @name from kernel code rather 1276 * than directly from the command line. 1277 * 1278 * Return: 0 if successful, error otherwise. 1279 */ 1280 int kprobe_event_delete(const char *name) 1281 { 1282 char buf[MAX_EVENT_NAME_LEN]; 1283 1284 snprintf(buf, MAX_EVENT_NAME_LEN, "-:%s", name); 1285 1286 return create_or_delete_trace_kprobe(buf); 1287 } 1288 EXPORT_SYMBOL_GPL(kprobe_event_delete); 1289 1290 static int trace_kprobe_release(struct dyn_event *ev) 1291 { 1292 struct trace_kprobe *tk = to_trace_kprobe(ev); 1293 int ret = unregister_trace_kprobe(tk); 1294 1295 if (!ret) 1296 free_trace_kprobe(tk); 1297 return ret; 1298 } 1299 1300 static int trace_kprobe_show(struct seq_file *m, struct dyn_event *ev) 1301 { 1302 struct trace_kprobe *tk = to_trace_kprobe(ev); 1303 int i; 1304 1305 seq_putc(m, trace_kprobe_is_return(tk) ? 'r' : 'p'); 1306 if (trace_kprobe_is_return(tk) && tk->rp.maxactive) 1307 seq_printf(m, "%d", tk->rp.maxactive); 1308 seq_printf(m, ":%s/%s", trace_probe_group_name(&tk->tp), 1309 trace_probe_name(&tk->tp)); 1310 1311 if (!tk->symbol) 1312 seq_printf(m, " 0x%p", tk->rp.kp.addr); 1313 else if (tk->rp.kp.offset) 1314 seq_printf(m, " %s+%u", trace_kprobe_symbol(tk), 1315 tk->rp.kp.offset); 1316 else 1317 seq_printf(m, " %s", trace_kprobe_symbol(tk)); 1318 1319 for (i = 0; i < tk->tp.nr_args; i++) 1320 seq_printf(m, " %s=%s", tk->tp.args[i].name, tk->tp.args[i].comm); 1321 seq_putc(m, '\n'); 1322 1323 return 0; 1324 } 1325 1326 static int probes_seq_show(struct seq_file *m, void *v) 1327 { 1328 struct dyn_event *ev = v; 1329 1330 if (!is_trace_kprobe(ev)) 1331 return 0; 1332 1333 return trace_kprobe_show(m, ev); 1334 } 1335 1336 static const struct seq_operations probes_seq_op = { 1337 .start = dyn_event_seq_start, 1338 .next = dyn_event_seq_next, 1339 .stop = dyn_event_seq_stop, 1340 .show = probes_seq_show 1341 }; 1342 1343 static int probes_open(struct inode *inode, struct file *file) 1344 { 1345 int ret; 1346 1347 ret = security_locked_down(LOCKDOWN_TRACEFS); 1348 if (ret) 1349 return ret; 1350 1351 if ((file->f_mode & FMODE_WRITE) && (file->f_flags & O_TRUNC)) { 1352 ret = dyn_events_release_all(&trace_kprobe_ops); 1353 if (ret < 0) 1354 return ret; 1355 } 1356 1357 return seq_open(file, &probes_seq_op); 1358 } 1359 1360 static ssize_t probes_write(struct file *file, const char __user *buffer, 1361 size_t count, loff_t *ppos) 1362 { 1363 return trace_parse_run_command(file, buffer, count, ppos, 1364 create_or_delete_trace_kprobe); 1365 } 1366 1367 static const struct file_operations kprobe_events_ops = { 1368 .owner = THIS_MODULE, 1369 .open = probes_open, 1370 .read = seq_read, 1371 .llseek = seq_lseek, 1372 .release = seq_release, 1373 .write = probes_write, 1374 }; 1375 1376 static unsigned long trace_kprobe_missed(struct trace_kprobe *tk) 1377 { 1378 return trace_kprobe_is_return(tk) ? 1379 tk->rp.kp.nmissed + tk->rp.nmissed : tk->rp.kp.nmissed; 1380 } 1381 1382 /* Probes profiling interfaces */ 1383 static int probes_profile_seq_show(struct seq_file *m, void *v) 1384 { 1385 struct dyn_event *ev = v; 1386 struct trace_kprobe *tk; 1387 unsigned long nmissed; 1388 1389 if (!is_trace_kprobe(ev)) 1390 return 0; 1391 1392 tk = to_trace_kprobe(ev); 1393 nmissed = trace_kprobe_missed(tk); 1394 seq_printf(m, " %-44s %15lu %15lu\n", 1395 trace_probe_name(&tk->tp), 1396 trace_kprobe_nhit(tk), 1397 nmissed); 1398 1399 return 0; 1400 } 1401 1402 static const struct seq_operations profile_seq_op = { 1403 .start = dyn_event_seq_start, 1404 .next = dyn_event_seq_next, 1405 .stop = dyn_event_seq_stop, 1406 .show = probes_profile_seq_show 1407 }; 1408 1409 static int profile_open(struct inode *inode, struct file *file) 1410 { 1411 int ret; 1412 1413 ret = security_locked_down(LOCKDOWN_TRACEFS); 1414 if (ret) 1415 return ret; 1416 1417 return seq_open(file, &profile_seq_op); 1418 } 1419 1420 static const struct file_operations kprobe_profile_ops = { 1421 .owner = THIS_MODULE, 1422 .open = profile_open, 1423 .read = seq_read, 1424 .llseek = seq_lseek, 1425 .release = seq_release, 1426 }; 1427 1428 /* Note that we don't verify it, since the code does not come from user space */ 1429 static int 1430 process_fetch_insn(struct fetch_insn *code, void *rec, void *edata, 1431 void *dest, void *base) 1432 { 1433 struct pt_regs *regs = rec; 1434 unsigned long val; 1435 int ret; 1436 1437 retry: 1438 /* 1st stage: get value from context */ 1439 switch (code->op) { 1440 case FETCH_OP_REG: 1441 val = regs_get_register(regs, code->param); 1442 break; 1443 case FETCH_OP_STACK: 1444 val = regs_get_kernel_stack_nth(regs, code->param); 1445 break; 1446 case FETCH_OP_STACKP: 1447 val = kernel_stack_pointer(regs); 1448 break; 1449 case FETCH_OP_RETVAL: 1450 val = regs_return_value(regs); 1451 break; 1452 #ifdef CONFIG_HAVE_FUNCTION_ARG_ACCESS_API 1453 case FETCH_OP_ARG: 1454 val = regs_get_kernel_argument(regs, code->param); 1455 break; 1456 case FETCH_OP_EDATA: 1457 val = *(unsigned long *)((unsigned long)edata + code->offset); 1458 break; 1459 #endif 1460 case FETCH_NOP_SYMBOL: /* Ignore a place holder */ 1461 code++; 1462 goto retry; 1463 default: 1464 ret = process_common_fetch_insn(code, &val); 1465 if (ret < 0) 1466 return ret; 1467 } 1468 code++; 1469 1470 return process_fetch_insn_bottom(code, val, dest, base); 1471 } 1472 NOKPROBE_SYMBOL(process_fetch_insn) 1473 1474 /* Kprobe handler */ 1475 static nokprobe_inline void 1476 __kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs, 1477 struct trace_event_file *trace_file) 1478 { 1479 struct kprobe_trace_entry_head *entry; 1480 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1481 struct trace_event_buffer fbuffer; 1482 int dsize; 1483 1484 WARN_ON(call != trace_file->event_call); 1485 1486 if (trace_trigger_soft_disabled(trace_file)) 1487 return; 1488 1489 dsize = __get_data_size(&tk->tp, regs, NULL); 1490 1491 entry = trace_event_buffer_reserve(&fbuffer, trace_file, 1492 sizeof(*entry) + tk->tp.size + dsize); 1493 if (!entry) 1494 return; 1495 1496 fbuffer.regs = regs; 1497 entry->ip = (unsigned long)tk->rp.kp.addr; 1498 store_trace_args(&entry[1], &tk->tp, regs, NULL, sizeof(*entry), dsize); 1499 1500 trace_event_buffer_commit(&fbuffer); 1501 } 1502 1503 static void 1504 kprobe_trace_func(struct trace_kprobe *tk, struct pt_regs *regs) 1505 { 1506 struct event_file_link *link; 1507 1508 trace_probe_for_each_link_rcu(link, &tk->tp) 1509 __kprobe_trace_func(tk, regs, link->file); 1510 } 1511 NOKPROBE_SYMBOL(kprobe_trace_func); 1512 1513 /* Kretprobe handler */ 1514 1515 static int trace_kprobe_entry_handler(struct kretprobe_instance *ri, 1516 struct pt_regs *regs) 1517 { 1518 struct kretprobe *rp = get_kretprobe(ri); 1519 struct trace_kprobe *tk; 1520 1521 /* 1522 * There is a small chance that get_kretprobe(ri) returns NULL when 1523 * the kretprobe is unregister on another CPU between kretprobe's 1524 * trampoline_handler and this function. 1525 */ 1526 if (unlikely(!rp)) 1527 return -ENOENT; 1528 1529 tk = container_of(rp, struct trace_kprobe, rp); 1530 1531 /* store argument values into ri->data as entry data */ 1532 if (tk->tp.entry_arg) 1533 store_trace_entry_data(ri->data, &tk->tp, regs); 1534 1535 return 0; 1536 } 1537 1538 1539 static nokprobe_inline void 1540 __kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, 1541 struct pt_regs *regs, 1542 struct trace_event_file *trace_file) 1543 { 1544 struct kretprobe_trace_entry_head *entry; 1545 struct trace_event_buffer fbuffer; 1546 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1547 int dsize; 1548 1549 WARN_ON(call != trace_file->event_call); 1550 1551 if (trace_trigger_soft_disabled(trace_file)) 1552 return; 1553 1554 dsize = __get_data_size(&tk->tp, regs, ri->data); 1555 1556 entry = trace_event_buffer_reserve(&fbuffer, trace_file, 1557 sizeof(*entry) + tk->tp.size + dsize); 1558 if (!entry) 1559 return; 1560 1561 fbuffer.regs = regs; 1562 entry->func = (unsigned long)tk->rp.kp.addr; 1563 entry->ret_ip = get_kretprobe_retaddr(ri); 1564 store_trace_args(&entry[1], &tk->tp, regs, ri->data, sizeof(*entry), dsize); 1565 1566 trace_event_buffer_commit(&fbuffer); 1567 } 1568 1569 static void 1570 kretprobe_trace_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, 1571 struct pt_regs *regs) 1572 { 1573 struct event_file_link *link; 1574 1575 trace_probe_for_each_link_rcu(link, &tk->tp) 1576 __kretprobe_trace_func(tk, ri, regs, link->file); 1577 } 1578 NOKPROBE_SYMBOL(kretprobe_trace_func); 1579 1580 /* Event entry printers */ 1581 static enum print_line_t 1582 print_kprobe_event(struct trace_iterator *iter, int flags, 1583 struct trace_event *event) 1584 { 1585 struct kprobe_trace_entry_head *field; 1586 struct trace_seq *s = &iter->seq; 1587 struct trace_probe *tp; 1588 1589 field = (struct kprobe_trace_entry_head *)iter->ent; 1590 tp = trace_probe_primary_from_call( 1591 container_of(event, struct trace_event_call, event)); 1592 if (WARN_ON_ONCE(!tp)) 1593 goto out; 1594 1595 trace_seq_printf(s, "%s: (", trace_probe_name(tp)); 1596 1597 if (!seq_print_ip_sym_offset(s, field->ip, flags)) 1598 goto out; 1599 1600 trace_seq_putc(s, ')'); 1601 1602 if (trace_probe_print_args(s, tp->args, tp->nr_args, 1603 (u8 *)&field[1], field) < 0) 1604 goto out; 1605 1606 trace_seq_putc(s, '\n'); 1607 out: 1608 return trace_handle_return(s); 1609 } 1610 1611 static enum print_line_t 1612 print_kretprobe_event(struct trace_iterator *iter, int flags, 1613 struct trace_event *event) 1614 { 1615 struct kretprobe_trace_entry_head *field; 1616 struct trace_seq *s = &iter->seq; 1617 struct trace_probe *tp; 1618 1619 field = (struct kretprobe_trace_entry_head *)iter->ent; 1620 tp = trace_probe_primary_from_call( 1621 container_of(event, struct trace_event_call, event)); 1622 if (WARN_ON_ONCE(!tp)) 1623 goto out; 1624 1625 trace_seq_printf(s, "%s: (", trace_probe_name(tp)); 1626 1627 if (!seq_print_ip_sym_offset(s, field->ret_ip, flags)) 1628 goto out; 1629 1630 trace_seq_puts(s, " <- "); 1631 1632 if (!seq_print_ip_sym_no_offset(s, field->func, flags)) 1633 goto out; 1634 1635 trace_seq_putc(s, ')'); 1636 1637 if (trace_probe_print_args(s, tp->args, tp->nr_args, 1638 (u8 *)&field[1], field) < 0) 1639 goto out; 1640 1641 trace_seq_putc(s, '\n'); 1642 1643 out: 1644 return trace_handle_return(s); 1645 } 1646 1647 1648 static int kprobe_event_define_fields(struct trace_event_call *event_call) 1649 { 1650 int ret; 1651 struct kprobe_trace_entry_head field; 1652 struct trace_probe *tp; 1653 1654 tp = trace_probe_primary_from_call(event_call); 1655 if (WARN_ON_ONCE(!tp)) 1656 return -ENOENT; 1657 1658 DEFINE_FIELD(unsigned long, ip, FIELD_STRING_IP, 0); 1659 1660 return traceprobe_define_arg_fields(event_call, sizeof(field), tp); 1661 } 1662 1663 static int kretprobe_event_define_fields(struct trace_event_call *event_call) 1664 { 1665 int ret; 1666 struct kretprobe_trace_entry_head field; 1667 struct trace_probe *tp; 1668 1669 tp = trace_probe_primary_from_call(event_call); 1670 if (WARN_ON_ONCE(!tp)) 1671 return -ENOENT; 1672 1673 DEFINE_FIELD(unsigned long, func, FIELD_STRING_FUNC, 0); 1674 DEFINE_FIELD(unsigned long, ret_ip, FIELD_STRING_RETIP, 0); 1675 1676 return traceprobe_define_arg_fields(event_call, sizeof(field), tp); 1677 } 1678 1679 #ifdef CONFIG_PERF_EVENTS 1680 1681 /* Kprobe profile handler */ 1682 static int 1683 kprobe_perf_func(struct trace_kprobe *tk, struct pt_regs *regs) 1684 { 1685 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1686 struct kprobe_trace_entry_head *entry; 1687 struct hlist_head *head; 1688 int size, __size, dsize; 1689 int rctx; 1690 1691 if (bpf_prog_array_valid(call)) { 1692 unsigned long orig_ip = instruction_pointer(regs); 1693 int ret; 1694 1695 ret = trace_call_bpf(call, regs); 1696 1697 /* 1698 * We need to check and see if we modified the pc of the 1699 * pt_regs, and if so return 1 so that we don't do the 1700 * single stepping. 1701 */ 1702 if (orig_ip != instruction_pointer(regs)) 1703 return 1; 1704 if (!ret) 1705 return 0; 1706 } 1707 1708 head = this_cpu_ptr(call->perf_events); 1709 if (hlist_empty(head)) 1710 return 0; 1711 1712 dsize = __get_data_size(&tk->tp, regs, NULL); 1713 __size = sizeof(*entry) + tk->tp.size + dsize; 1714 size = ALIGN(__size + sizeof(u32), sizeof(u64)); 1715 size -= sizeof(u32); 1716 1717 entry = perf_trace_buf_alloc(size, NULL, &rctx); 1718 if (!entry) 1719 return 0; 1720 1721 entry->ip = (unsigned long)tk->rp.kp.addr; 1722 memset(&entry[1], 0, dsize); 1723 store_trace_args(&entry[1], &tk->tp, regs, NULL, sizeof(*entry), dsize); 1724 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs, 1725 head, NULL); 1726 return 0; 1727 } 1728 NOKPROBE_SYMBOL(kprobe_perf_func); 1729 1730 /* Kretprobe profile handler */ 1731 static void 1732 kretprobe_perf_func(struct trace_kprobe *tk, struct kretprobe_instance *ri, 1733 struct pt_regs *regs) 1734 { 1735 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1736 struct kretprobe_trace_entry_head *entry; 1737 struct hlist_head *head; 1738 int size, __size, dsize; 1739 int rctx; 1740 1741 if (bpf_prog_array_valid(call) && !trace_call_bpf(call, regs)) 1742 return; 1743 1744 head = this_cpu_ptr(call->perf_events); 1745 if (hlist_empty(head)) 1746 return; 1747 1748 dsize = __get_data_size(&tk->tp, regs, ri->data); 1749 __size = sizeof(*entry) + tk->tp.size + dsize; 1750 size = ALIGN(__size + sizeof(u32), sizeof(u64)); 1751 size -= sizeof(u32); 1752 1753 entry = perf_trace_buf_alloc(size, NULL, &rctx); 1754 if (!entry) 1755 return; 1756 1757 entry->func = (unsigned long)tk->rp.kp.addr; 1758 entry->ret_ip = get_kretprobe_retaddr(ri); 1759 store_trace_args(&entry[1], &tk->tp, regs, ri->data, sizeof(*entry), dsize); 1760 perf_trace_buf_submit(entry, size, rctx, call->event.type, 1, regs, 1761 head, NULL); 1762 } 1763 NOKPROBE_SYMBOL(kretprobe_perf_func); 1764 1765 int bpf_get_kprobe_info(const struct perf_event *event, u32 *fd_type, 1766 const char **symbol, u64 *probe_offset, 1767 u64 *probe_addr, unsigned long *missed, 1768 bool perf_type_tracepoint) 1769 { 1770 const char *pevent = trace_event_name(event->tp_event); 1771 const char *group = event->tp_event->class->system; 1772 struct trace_kprobe *tk; 1773 1774 if (perf_type_tracepoint) 1775 tk = find_trace_kprobe(pevent, group); 1776 else 1777 tk = trace_kprobe_primary_from_call(event->tp_event); 1778 if (!tk) 1779 return -EINVAL; 1780 1781 *fd_type = trace_kprobe_is_return(tk) ? BPF_FD_TYPE_KRETPROBE 1782 : BPF_FD_TYPE_KPROBE; 1783 *probe_offset = tk->rp.kp.offset; 1784 *probe_addr = kallsyms_show_value(current_cred()) ? 1785 (unsigned long)tk->rp.kp.addr : 0; 1786 *symbol = tk->symbol; 1787 if (missed) 1788 *missed = trace_kprobe_missed(tk); 1789 return 0; 1790 } 1791 #endif /* CONFIG_PERF_EVENTS */ 1792 1793 /* 1794 * called by perf_trace_init() or __ftrace_set_clr_event() under event_mutex. 1795 * 1796 * kprobe_trace_self_tests_init() does enable_trace_probe/disable_trace_probe 1797 * lockless, but we can't race with this __init function. 1798 */ 1799 static int kprobe_register(struct trace_event_call *event, 1800 enum trace_reg type, void *data) 1801 { 1802 struct trace_event_file *file = data; 1803 1804 switch (type) { 1805 case TRACE_REG_REGISTER: 1806 return enable_trace_kprobe(event, file); 1807 case TRACE_REG_UNREGISTER: 1808 return disable_trace_kprobe(event, file); 1809 1810 #ifdef CONFIG_PERF_EVENTS 1811 case TRACE_REG_PERF_REGISTER: 1812 return enable_trace_kprobe(event, NULL); 1813 case TRACE_REG_PERF_UNREGISTER: 1814 return disable_trace_kprobe(event, NULL); 1815 case TRACE_REG_PERF_OPEN: 1816 case TRACE_REG_PERF_CLOSE: 1817 case TRACE_REG_PERF_ADD: 1818 case TRACE_REG_PERF_DEL: 1819 return 0; 1820 #endif 1821 } 1822 return 0; 1823 } 1824 1825 static int kprobe_dispatcher(struct kprobe *kp, struct pt_regs *regs) 1826 { 1827 struct trace_kprobe *tk = container_of(kp, struct trace_kprobe, rp.kp); 1828 unsigned int flags = trace_probe_load_flag(&tk->tp); 1829 int ret = 0; 1830 1831 raw_cpu_inc(*tk->nhit); 1832 1833 if (flags & TP_FLAG_TRACE) 1834 kprobe_trace_func(tk, regs); 1835 #ifdef CONFIG_PERF_EVENTS 1836 if (flags & TP_FLAG_PROFILE) 1837 ret = kprobe_perf_func(tk, regs); 1838 #endif 1839 return ret; 1840 } 1841 NOKPROBE_SYMBOL(kprobe_dispatcher); 1842 1843 static int 1844 kretprobe_dispatcher(struct kretprobe_instance *ri, struct pt_regs *regs) 1845 { 1846 struct kretprobe *rp = get_kretprobe(ri); 1847 struct trace_kprobe *tk; 1848 unsigned int flags; 1849 1850 /* 1851 * There is a small chance that get_kretprobe(ri) returns NULL when 1852 * the kretprobe is unregister on another CPU between kretprobe's 1853 * trampoline_handler and this function. 1854 */ 1855 if (unlikely(!rp)) 1856 return 0; 1857 1858 tk = container_of(rp, struct trace_kprobe, rp); 1859 raw_cpu_inc(*tk->nhit); 1860 1861 flags = trace_probe_load_flag(&tk->tp); 1862 if (flags & TP_FLAG_TRACE) 1863 kretprobe_trace_func(tk, ri, regs); 1864 #ifdef CONFIG_PERF_EVENTS 1865 if (flags & TP_FLAG_PROFILE) 1866 kretprobe_perf_func(tk, ri, regs); 1867 #endif 1868 return 0; /* We don't tweak kernel, so just return 0 */ 1869 } 1870 NOKPROBE_SYMBOL(kretprobe_dispatcher); 1871 1872 static struct trace_event_functions kretprobe_funcs = { 1873 .trace = print_kretprobe_event 1874 }; 1875 1876 static struct trace_event_functions kprobe_funcs = { 1877 .trace = print_kprobe_event 1878 }; 1879 1880 static struct trace_event_fields kretprobe_fields_array[] = { 1881 { .type = TRACE_FUNCTION_TYPE, 1882 .define_fields = kretprobe_event_define_fields }, 1883 {} 1884 }; 1885 1886 static struct trace_event_fields kprobe_fields_array[] = { 1887 { .type = TRACE_FUNCTION_TYPE, 1888 .define_fields = kprobe_event_define_fields }, 1889 {} 1890 }; 1891 1892 static inline void init_trace_event_call(struct trace_kprobe *tk) 1893 { 1894 struct trace_event_call *call = trace_probe_event_call(&tk->tp); 1895 1896 if (trace_kprobe_is_return(tk)) { 1897 call->event.funcs = &kretprobe_funcs; 1898 call->class->fields_array = kretprobe_fields_array; 1899 } else { 1900 call->event.funcs = &kprobe_funcs; 1901 call->class->fields_array = kprobe_fields_array; 1902 } 1903 1904 call->flags = TRACE_EVENT_FL_KPROBE; 1905 call->class->reg = kprobe_register; 1906 } 1907 1908 static int register_kprobe_event(struct trace_kprobe *tk) 1909 { 1910 init_trace_event_call(tk); 1911 1912 return trace_probe_register_event_call(&tk->tp); 1913 } 1914 1915 static int unregister_kprobe_event(struct trace_kprobe *tk) 1916 { 1917 return trace_probe_unregister_event_call(&tk->tp); 1918 } 1919 1920 #ifdef CONFIG_PERF_EVENTS 1921 1922 /* create a trace_kprobe, but don't add it to global lists */ 1923 struct trace_event_call * 1924 create_local_trace_kprobe(char *func, void *addr, unsigned long offs, 1925 bool is_return) 1926 { 1927 enum probe_print_type ptype; 1928 struct trace_kprobe *tk __free(free_trace_kprobe) = NULL; 1929 int ret; 1930 char *event; 1931 1932 if (func) { 1933 ret = validate_probe_symbol(func); 1934 if (ret) 1935 return ERR_PTR(ret); 1936 } 1937 1938 /* 1939 * local trace_kprobes are not added to dyn_event, so they are never 1940 * searched in find_trace_kprobe(). Therefore, there is no concern of 1941 * duplicated name here. 1942 */ 1943 event = func ? func : "DUMMY_EVENT"; 1944 1945 tk = alloc_trace_kprobe(KPROBE_EVENT_SYSTEM, event, (void *)addr, func, 1946 offs, 0 /* maxactive */, 0 /* nargs */, 1947 is_return); 1948 1949 if (IS_ERR(tk)) { 1950 pr_info("Failed to allocate trace_probe.(%d)\n", 1951 (int)PTR_ERR(tk)); 1952 return ERR_CAST(tk); 1953 } 1954 1955 init_trace_event_call(tk); 1956 1957 ptype = trace_kprobe_is_return(tk) ? 1958 PROBE_PRINT_RETURN : PROBE_PRINT_NORMAL; 1959 if (traceprobe_set_print_fmt(&tk->tp, ptype) < 0) 1960 return ERR_PTR(-ENOMEM); 1961 1962 ret = __register_trace_kprobe(tk); 1963 if (ret < 0) 1964 return ERR_PTR(ret); 1965 1966 return trace_probe_event_call(&(no_free_ptr(tk)->tp)); 1967 } 1968 1969 void destroy_local_trace_kprobe(struct trace_event_call *event_call) 1970 { 1971 struct trace_kprobe *tk; 1972 1973 tk = trace_kprobe_primary_from_call(event_call); 1974 if (unlikely(!tk)) 1975 return; 1976 1977 if (trace_probe_is_enabled(&tk->tp)) { 1978 WARN_ON(1); 1979 return; 1980 } 1981 1982 __unregister_trace_kprobe(tk); 1983 1984 free_trace_kprobe(tk); 1985 } 1986 #endif /* CONFIG_PERF_EVENTS */ 1987 1988 static __init void enable_boot_kprobe_events(void) 1989 { 1990 struct trace_array *tr = top_trace_array(); 1991 struct trace_event_file *file; 1992 struct trace_kprobe *tk; 1993 struct dyn_event *pos; 1994 1995 if (trace_kprobe_list_empty()) 1996 return; 1997 1998 guard(mutex)(&event_mutex); 1999 for_each_trace_kprobe(tk, pos) { 2000 list_for_each_entry(file, &tr->events, list) 2001 if (file->event_call == trace_probe_event_call(&tk->tp)) 2002 trace_event_enable_disable(file, 1, 0); 2003 } 2004 } 2005 2006 static __init void setup_boot_kprobe_events(void) 2007 { 2008 char *p, *cmd = kprobe_boot_events_buf; 2009 int ret; 2010 2011 strreplace(kprobe_boot_events_buf, ',', ' '); 2012 2013 while (cmd && *cmd != '\0') { 2014 p = strchr(cmd, ';'); 2015 if (p) 2016 *p++ = '\0'; 2017 2018 ret = create_or_delete_trace_kprobe(cmd); 2019 if (ret) 2020 pr_warn("Failed to add event(%d): %s\n", ret, cmd); 2021 2022 cmd = p; 2023 } 2024 2025 enable_boot_kprobe_events(); 2026 } 2027 2028 /* 2029 * Register dynevent at core_initcall. This allows kernel to setup kprobe 2030 * events in postcore_initcall without tracefs. 2031 */ 2032 static __init int init_kprobe_trace_early(void) 2033 { 2034 int ret; 2035 2036 ret = dyn_event_register(&trace_kprobe_ops); 2037 if (ret) 2038 return ret; 2039 2040 if (trace_kprobe_register_module_notifier()) 2041 return -EINVAL; 2042 2043 return 0; 2044 } 2045 core_initcall(init_kprobe_trace_early); 2046 2047 /* Make a tracefs interface for controlling probe points */ 2048 static __init int init_kprobe_trace(void) 2049 { 2050 int ret; 2051 2052 ret = tracing_init_dentry(); 2053 if (ret) 2054 return 0; 2055 2056 /* Event list interface */ 2057 trace_create_file("kprobe_events", TRACE_MODE_WRITE, 2058 NULL, NULL, &kprobe_events_ops); 2059 2060 /* Profile interface */ 2061 trace_create_file("kprobe_profile", TRACE_MODE_READ, 2062 NULL, NULL, &kprobe_profile_ops); 2063 2064 /* If no 'kprobe_event=' cmd is provided, return directly. */ 2065 if (kprobe_boot_events_buf[0] == '\0') 2066 return 0; 2067 2068 setup_boot_kprobe_events(); 2069 2070 return 0; 2071 } 2072 fs_initcall(init_kprobe_trace); 2073 2074 2075 #ifdef CONFIG_FTRACE_STARTUP_TEST 2076 static __init struct trace_event_file * 2077 find_trace_probe_file(struct trace_kprobe *tk, struct trace_array *tr) 2078 { 2079 struct trace_event_file *file; 2080 2081 list_for_each_entry(file, &tr->events, list) 2082 if (file->event_call == trace_probe_event_call(&tk->tp)) 2083 return file; 2084 2085 return NULL; 2086 } 2087 2088 /* 2089 * Nobody but us can call enable_trace_kprobe/disable_trace_kprobe at this 2090 * stage, we can do this lockless. 2091 */ 2092 static __init int kprobe_trace_self_tests_init(void) 2093 { 2094 int ret, warn = 0; 2095 int (*target)(int, int, int, int, int, int); 2096 struct trace_kprobe *tk; 2097 struct trace_event_file *file; 2098 2099 if (unlikely(tracing_disabled)) 2100 return -ENODEV; 2101 2102 if (tracing_selftest_disabled) 2103 return 0; 2104 2105 target = kprobe_trace_selftest_target; 2106 2107 pr_info("Testing kprobe tracing: "); 2108 2109 ret = create_or_delete_trace_kprobe("p:testprobe kprobe_trace_selftest_target $stack $stack0 +0($stack)"); 2110 if (WARN_ONCE(ret, "error on probing function entry.")) { 2111 warn++; 2112 } else { 2113 /* Enable trace point */ 2114 tk = find_trace_kprobe("testprobe", KPROBE_EVENT_SYSTEM); 2115 if (WARN_ONCE(tk == NULL, "error on probing function entry.")) { 2116 warn++; 2117 } else { 2118 file = find_trace_probe_file(tk, top_trace_array()); 2119 if (WARN_ONCE(file == NULL, "error on getting probe file.")) { 2120 warn++; 2121 } else 2122 enable_trace_kprobe( 2123 trace_probe_event_call(&tk->tp), file); 2124 } 2125 } 2126 2127 ret = create_or_delete_trace_kprobe("r:testprobe2 kprobe_trace_selftest_target $retval"); 2128 if (WARN_ONCE(ret, "error on probing function return.")) { 2129 warn++; 2130 } else { 2131 /* Enable trace point */ 2132 tk = find_trace_kprobe("testprobe2", KPROBE_EVENT_SYSTEM); 2133 if (WARN_ONCE(tk == NULL, "error on getting 2nd new probe.")) { 2134 warn++; 2135 } else { 2136 file = find_trace_probe_file(tk, top_trace_array()); 2137 if (WARN_ONCE(file == NULL, "error on getting probe file.")) { 2138 warn++; 2139 } else 2140 enable_trace_kprobe( 2141 trace_probe_event_call(&tk->tp), file); 2142 } 2143 } 2144 2145 if (warn) 2146 goto end; 2147 2148 ret = target(1, 2, 3, 4, 5, 6); 2149 2150 /* 2151 * Not expecting an error here, the check is only to prevent the 2152 * optimizer from removing the call to target() as otherwise there 2153 * are no side-effects and the call is never performed. 2154 */ 2155 if (ret != 21) 2156 warn++; 2157 2158 /* Disable trace points before removing it */ 2159 tk = find_trace_kprobe("testprobe", KPROBE_EVENT_SYSTEM); 2160 if (WARN_ONCE(tk == NULL, "error on getting test probe.")) { 2161 warn++; 2162 } else { 2163 if (WARN_ONCE(trace_kprobe_nhit(tk) != 1, 2164 "incorrect number of testprobe hits.")) 2165 warn++; 2166 2167 file = find_trace_probe_file(tk, top_trace_array()); 2168 if (WARN_ONCE(file == NULL, "error on getting probe file.")) { 2169 warn++; 2170 } else 2171 disable_trace_kprobe( 2172 trace_probe_event_call(&tk->tp), file); 2173 } 2174 2175 tk = find_trace_kprobe("testprobe2", KPROBE_EVENT_SYSTEM); 2176 if (WARN_ONCE(tk == NULL, "error on getting 2nd test probe.")) { 2177 warn++; 2178 } else { 2179 if (WARN_ONCE(trace_kprobe_nhit(tk) != 1, 2180 "incorrect number of testprobe2 hits.")) 2181 warn++; 2182 2183 file = find_trace_probe_file(tk, top_trace_array()); 2184 if (WARN_ONCE(file == NULL, "error on getting probe file.")) { 2185 warn++; 2186 } else 2187 disable_trace_kprobe( 2188 trace_probe_event_call(&tk->tp), file); 2189 } 2190 2191 ret = create_or_delete_trace_kprobe("-:testprobe"); 2192 if (WARN_ONCE(ret, "error on deleting a probe.")) 2193 warn++; 2194 2195 ret = create_or_delete_trace_kprobe("-:testprobe2"); 2196 if (WARN_ONCE(ret, "error on deleting a probe.")) 2197 warn++; 2198 2199 2200 end: 2201 /* 2202 * Wait for the optimizer work to finish. Otherwise it might fiddle 2203 * with probes in already freed __init text. 2204 */ 2205 wait_for_kprobe_optimizer(); 2206 if (warn) 2207 pr_cont("NG: Some tests are failed. Please check them.\n"); 2208 else 2209 pr_cont("OK\n"); 2210 return 0; 2211 } 2212 2213 late_initcall(kprobe_trace_self_tests_init); 2214 2215 #endif 2216