관리-도구

편집 파일: sysc_sysctl32.stp

# sysctl _____________________________________________________ # # long sys32_sysctl (struct sysctl32 __user *args) # @define _SYSCALL_SYSCTL32_NAME %( name = "sysctl" %) @define _SYSCALL_SYSCTL32_ARGSTR %( argstr = sprintf("%p", $args) %) probe syscall.sysctl32 = dw_syscall.sysctl32 !, nd_syscall.sysctl32 ? {} probe syscall.sysctl32.return = dw_syscall.sysctl32.return !, nd_syscall.sysctl32.return ? {} # dw_sysctl32 _____________________________________________________ probe dw_syscall.sysctl32 = kernel.function("sys32_sysctl") ? { @_SYSCALL_SYSCTL32_NAME @_SYSCALL_SYSCTL32_ARGSTR } probe dw_syscall.sysctl32.return = kernel.function("sys32_sysctl").return ? { @_SYSCALL_SYSCTL32_NAME @SYSC_RETVALSTR($return) } # nd_sysctl32 _____________________________________________________ probe nd_syscall.sysctl32 = kprobe.function("sys32_sysctl") ? { @_SYSCALL_SYSCTL32_NAME // @_SYSCALL_SYSCTL32_ARGSTR asmlinkage() @_SYSCALL_SYSCTL32_ARGSTR } probe nd_syscall.sysctl32.return = kprobe.function("sys32_sysctl").return ? { @_SYSCALL_SYSCTL32_NAME @SYSC_RETVALSTR(returnval()) }