관리-도구

편집 파일: sysc_move_pages.stp

# move_pages ____________________________________________________ # long sys_move_pages(pid_t pid, unsigned long nr_pages, # const void __user * __user *pages, # const int __user *nodes, # int __user *status, # int flags) # # long compat_sys_move_pages(pid_t pid, unsigned long nr_pages, # compat_uptr_t __user *pages32, # const int __user *nodes, # int __user *status, # int flags) # @define _SYSCALL_MOVE_PAGES_NAME %( name = "move_pages" %) @define _SYSCALL_MOVE_PAGES_ARGSTR %( argstr = sprintf("%d, %u, %p, %p, %p, %s", pid, nr_pages, pages, nodes, status, flags_str) %) @define _SYSCALL_MOVE_PAGES_REGARGS %( pid = int_arg(1) nr_pages = ulong_arg(2) pages = pointer_arg(3) nodes = pointer_arg(4) status = pointer_arg(5) flags = int_arg(6) flags_str = _mempolicy_flags_str(flags) %) probe syscall.move_pages = dw_syscall.move_pages !, nd_syscall.move_pages ? {} probe syscall.move_pages.return = dw_syscall.move_pages.return !, nd_syscall.move_pages.return ? {} # dw_move_pages _____________________________________________________ probe dw_syscall.move_pages = __syscall.move_pages ?, kernel.function("compat_sys_move_pages").call ? { @_SYSCALL_MOVE_PAGES_NAME pages = @choose_defined($pages32, $pages) pid = __int32($pid) nodes = $nodes status = $status flags = __int32($flags) flags_str = _mempolicy_flags_str(flags) nr_pages = @__compat_ulong($nr_pages) @_SYSCALL_MOVE_PAGES_ARGSTR } probe __syscall.move_pages = kernel.function("sys_move_pages").call { @__syscall_gate(@const("__NR_move_pages")) } probe dw_syscall.move_pages.return = __syscall.move_pages.return ?, kernel.function("compat_sys_move_pages").return ? { @_SYSCALL_MOVE_PAGES_NAME @SYSC_RETVALSTR($return) } probe __syscall.move_pages.return = kernel.function("sys_move_pages").return { @__syscall_gate(@const("__NR_move_pages")) } # nd_move_pages _____________________________________________________ probe nd_syscall.move_pages = nd1_syscall.move_pages!, nd2_syscall.move_pages!, tp_syscall.move_pages { } probe nd1_syscall.move_pages = __nd1_syscall.move_pages ?, kprobe.function("compat_sys_move_pages") ? { @_SYSCALL_MOVE_PAGES_NAME asmlinkage() @_SYSCALL_MOVE_PAGES_REGARGS @_SYSCALL_MOVE_PAGES_ARGSTR } probe __nd1_syscall.move_pages = kprobe.function("sys_move_pages") { @__syscall_gate(@const("__NR_move_pages")) } /* kernel 4.17+ */ probe nd2_syscall.move_pages = kprobe.function(@arch_syscall_prefix "sys_move_pages") ?, kprobe.function(@arch_syscall_prefix "compat_sys_move_pages") ? { __set_syscall_pt_regs(pointer_arg(1)) @_SYSCALL_MOVE_PAGES_NAME @_SYSCALL_MOVE_PAGES_REGARGS @_SYSCALL_MOVE_PAGES_ARGSTR } /* kernel 3.5+, but undesirable because it affects all syscalls */ probe tp_syscall.move_pages = kernel.trace("sys_enter") { __set_syscall_pt_regs($regs) @__syscall_compat_gate(@const("__NR_move_pages"), @const("__NR_compat_move_pages")) @_SYSCALL_MOVE_PAGES_NAME @_SYSCALL_MOVE_PAGES_REGARGS @_SYSCALL_MOVE_PAGES_ARGSTR } probe nd_syscall.move_pages.return = nd1_syscall.move_pages.return!, nd2_syscall.move_pages.return!, tp_syscall.move_pages.return { } probe nd1_syscall.move_pages.return = __nd1_syscall.move_pages.return ?, kprobe.function("compat_sys_move_pages").return ? { @_SYSCALL_MOVE_PAGES_NAME @SYSC_RETVALSTR(returnval()) } probe __nd1_syscall.move_pages.return = kprobe.function("sys_move_pages").return { @__syscall_gate(@const("__NR_move_pages")) } /* kernel 4.17+ */ probe nd2_syscall.move_pages.return = kprobe.function(@arch_syscall_prefix "sys_move_pages").return ?, kprobe.function(@arch_syscall_prefix "compat_sys_move_pages").return ? { @_SYSCALL_MOVE_PAGES_NAME @SYSC_RETVALSTR(returnval()) } /* kernel 3.5+, but undesirable because it affects all syscalls */ probe tp_syscall.move_pages.return = kernel.trace("sys_exit") { __set_syscall_pt_regs($regs) @__syscall_compat_gate(@const("__NR_move_pages"), @const("__NR_compat_move_pages")) @_SYSCALL_MOVE_PAGES_NAME @SYSC_RETVALSTR($ret) }