PR23160,PR14690: fix to exclude __do_ variants of syscalls

* tapset/linux/sysc_*.stp: changed wildcards to be more specific

* tapset/linux/syscall_aux2.stpm: new file to define @arch_syscall_prefix

* tapsets.cxx: add support for alternation operators in function probes

* util.cxx: add translation from csh-style brace globs to ksh-style @(a|b) to
  be able to use {foo,bar} syntax in places where fnmatch() is used

* util.h: add function prototype for csh_to_ksh()

diff --git a/tapset/linux/sysc_close.stp b/tapset/linux/sysc_close.stp
index 13b4b6e0e09c5b301d24c087f9f3ae39f516a862..dae12dbb6ac30d8847717b2c1bacab06fca468c5 100644 (file)
--- a/tapset/linux/sysc_close.stp
+++ b/tapset/linux/sysc_close.stp
@@ -50,7 +50,7 @@ probe nd1_syscall.close = kprobe.function("sys_close") ?
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.close = kprobe.function("__*_sys_close") /* _x64_ etc. */
+probe nd2_syscall.close = kprobe.function(@arch_syscall_prefix "sys_close") ?
 {
        __set_syscall_pt_regs(pointer_arg(1))
        @_SYSCALL_CLOSE_NAME
@@ -79,7 +79,7 @@ probe nd1_syscall.close.return = kprobe.function("sys_close").return ?
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.close.return = kprobe.function("__*_sys_close").return /* _x64_ etc. */
+probe nd2_syscall.close.return = kprobe.function(@arch_syscall_prefix "sys_close").return ?
 {
        @_SYSCALL_CLOSE_NAME
        retstr = returnstr(1) /* NB: not in the $regs */

diff --git a/tapset/linux/sysc_creat.stp b/tapset/linux/sysc_creat.stp
index c559357c61c4a34c2af75cc7b82ab0e5458af833..85ab9ca60714f205359ebdf36a82568f270efa9f 100644 (file)
--- a/tapset/linux/sysc_creat.stp
+++ b/tapset/linux/sysc_creat.stp
@@ -48,7 +48,7 @@ probe nd1_syscall.creat = kprobe.function("sys_creat") ?
        @_SYSCALL_CREAT_ARGSTR
 }
 
-probe nd2_syscall.creat = kprobe.function("__*_sys_creat") /* _x64_ etc. */
+probe nd2_syscall.creat = kprobe.function(@arch_syscall_prefix "sys_creat") ?
 {
        __set_syscall_pt_regs(pointer_arg(1))
         @_SYSCALL_CREAT_NAME
@@ -80,7 +80,7 @@ probe nd1_syscall.creat.return = kprobe.function("sys_creat").return ?
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.creat.return = kprobe.function("__*_sys_creat").return /* _x64_ etc. */
+probe nd2_syscall.creat.return = kprobe.function(@arch_syscall_prefix "sys_creat").return ?
 {
        @_SYSCALL_CREAT_NAME
        retstr = returnstr(1) /* NB: not in the $regs */

diff --git a/tapset/linux/sysc_open.stp b/tapset/linux/sysc_open.stp
index 9a1a16d6e5c3ca813b89471689d53695624b1475..1c1eda8eda569ddf78b10bc3f1e5688f3d539f13 100644 (file)
--- a/tapset/linux/sysc_open.stp
+++ b/tapset/linux/sysc_open.stp
@@ -75,7 +75,9 @@ probe nd1_syscall.open = kprobe.function("compat_sys_open") ?,
        @_SYSCALL_OPEN_ARGSTR
 }
 
-probe nd2_syscall.open = kprobe.function("__*_sys_open") /* _x64_ etc. */
+probe nd2_syscall.open = kprobe.function(@arch_syscall_prefix "compat_sys_open") ?,
+                        kprobe.function(@arch_syscall_prefix "sys32_open") ?,
+                        kprobe.function(@arch_syscall_prefix "sys_open") ?
 {
        __set_syscall_pt_regs(pointer_arg(1))
        @_SYSCALL_OPEN_NAME
@@ -108,7 +110,9 @@ probe nd1_syscall.open.return = kprobe.function("compat_sys_open").return ?,
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.open.return = kprobe.function("__*_sys_open").return /* _x64_ etc. */
+probe nd2_syscall.open.return = kprobe.function(@arch_syscall_prefix "compat_sys_open").return ?,
+                               kprobe.function(@arch_syscall_prefix "sys32_open").return ?,
+                               kprobe.function(@arch_syscall_prefix "sys_open").return ?
 {
        @_SYSCALL_OPEN_NAME
        retstr = returnstr(1) /* NB: not in the $regs */

diff --git a/tapset/linux/sysc_openat.stp b/tapset/linux/sysc_openat.stp
index cd4f7ce5293c93a3578d84b16c352a61ddcd0590..55074f50ee068125c7dcc64968a3d9aaf1aa98b7 100644 (file)
--- a/tapset/linux/sysc_openat.stp
+++ b/tapset/linux/sysc_openat.stp
@@ -66,7 +66,8 @@ probe nd1_syscall.openat = kprobe.function("compat_sys_openat") ?,
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.openat = kprobe.function("__*_sys_openat") /* _x64_ etc. */
+probe nd2_syscall.openat = kprobe.function(@arch_syscall_prefix "compat_sys_openat") ?,
+                           kprobe.function(@arch_syscall_prefix "sys_openat") ?
 {
        __set_syscall_pt_regs(pointer_arg(1))
        @_SYSCALL_OPENAT_NAME
@@ -103,7 +104,8 @@ probe nd1_syscall.openat.return = kprobe.function("compat_sys_openat").return ?,
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.openat.return = kprobe.function("__*_sys_openat").return /* _x64_ etc. */
+probe nd2_syscall.openat.return = kprobe.function(@arch_syscall_prefix "compat_sys_openat").return ?,
+                                  kprobe.function(@arch_syscall_prefix "sys_openat").return ?
 {
        @_SYSCALL_OPENAT_NAME
        retstr = returnstr(1) /* NB: not in the $regs */

diff --git a/tapset/linux/sysc_read.stp b/tapset/linux/sysc_read.stp
index 5afc5aac59314c157c8b70d2c9181b7914c56065..9ef18d43f1732544eb6b71c92fda4db9c22681e9 100644 (file)
--- a/tapset/linux/sysc_read.stp
+++ b/tapset/linux/sysc_read.stp
@@ -68,7 +68,6 @@ probe __syscall.read.return = kernel.function("sys_read").return
 probe nd_syscall.read = nd1_syscall.read!, nd2_syscall.read!, tp_syscall.read
   { }
 
-
 probe nd1_syscall.read =  
 %( arch == "s390" %?
        __nd1_syscall.read, kprobe.function("sys32_read") ?,
@@ -90,9 +89,8 @@ probe __nd1_syscall.read = kprobe.function("sys_read")
 %)
 }
 
-  
 /* kernel 4.17+ */
-probe nd2_syscall.read = kprobe.function("__*_sys_read") /* _x64_ etc. */
+probe nd2_syscall.read = kprobe.function(@arch_syscall_prefix "sys_read")
 {
         __set_syscall_pt_regs(pointer_arg(1))
        @_SYSCALL_READ_NAME
@@ -114,12 +112,8 @@ probe tp_syscall.read = kernel.trace("sys_enter")
        @_SYSCALL_READ_ARGSTR
 }
 
-  
-
 probe nd_syscall.read.return = nd1_syscall.read.return!, nd2_syscall.read.return!, tp_syscall.read.return
   { }
-
-
   
 probe nd1_syscall.read.return =
 %( arch == "s390" %?
@@ -139,15 +133,13 @@ probe __nd1_syscall.read.return = kprobe.function("sys_read").return
 %)
 }
 
-
 /* kernel 4.17+ */
-probe nd2_syscall.read.return = kprobe.function("__*_sys_read").return /* _x64_ etc. */
+probe nd2_syscall.read.return = kprobe.function(@arch_syscall_prefix "sys_read").return
 {
        @_SYSCALL_READ_NAME
        retstr = returnstr(1) /* NB: not in the $regs */
 }
-
-  
+ 
 /* kernel 3.5+, but undesirable because it affects all syscalls */
 probe tp_syscall.read.return = kernel.trace("sys_exit")
 {

diff --git a/tapset/linux/sysc_write.stp b/tapset/linux/sysc_write.stp
index b86df05f6e01b4b46c352d19799eb5fbebfded47..b86b7aca47a1c6bea58577ef602f319d00ddc702 100644 (file)
--- a/tapset/linux/sysc_write.stp
+++ b/tapset/linux/sysc_write.stp
@@ -93,7 +93,7 @@ probe __nd1_syscall.write = kprobe.function("sys_write")
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.write = kprobe.function("__*_sys_write") /* _x64_ etc. */
+probe nd2_syscall.write = kprobe.function(@arch_syscall_prefix "sys_write")
 {
        __set_syscall_pt_regs(pointer_arg(1))
        @_SYSCALL_WRITE_NAME
@@ -139,7 +139,7 @@ probe __nd1_syscall.write.return = kprobe.function("sys_write").return
 }
 
 /* kernel 4.17+ */
-probe nd2_syscall.write.return = kprobe.function("__*_sys_write").return /* _x64_ etc. */
+probe nd2_syscall.write.return = kprobe.function(@arch_syscall_prefix "sys_write").return
 {
        @_SYSCALL_WRITE_NAME
        retstr = returnstr(1) /* NB: not in the $regs */

diff --git a/tapset/linux/syscall_aux2.stpm b/tapset/linux/syscall_aux2.stpm
new file mode 100644 (file)
index 0000000..02f2477
--- /dev/null
+++ b/tapset/linux/syscall_aux2.stpm
@@ -0,0 +1 @@
+@define arch_syscall_prefix %( "__{ia32,x64}_" %)

diff --git a/tapsets.cxx b/tapsets.cxx
index 5ba6f50b99f738c678aea655ea048d0bf88318db..ae6cfd83fa973f8bdc79d3815c3e4ba04f90839d 100644 (file)
--- a/tapsets.cxx
+++ b/tapsets.cxx
@@ -10190,19 +10190,19 @@ kprobe_builder::build(systemtap_session & sess,
           vector<interned_string> matches;
 
           // Simple names can be found directly
-          if (function_string_val.find_first_of("*?[") == string::npos)
+          if (function_string_val.find_first_of("*?[{") == string::npos)
             {
               if (sess.kernel_functions.count(function_string_val))
                 matches.push_back(function_string_val);
             }
           else // Search function name list for matching names
             {
-              const string& val = function_string_val;
+              const string& val = csh_to_ksh(function_string_val);
               for (auto it = sess.kernel_functions.cbegin();
                    it != sess.kernel_functions.cend(); it++)
                 {
                   // fnmatch returns zero for matching.
-                  if (fnmatch(val.c_str(), it->to_string().c_str(), 0) == 0)
+                  if (fnmatch(val.c_str(), it->to_string().c_str(), FNM_EXTMATCH) == 0)
                     matches.push_back(*it);
                 }
             }

diff --git a/util.cxx b/util.cxx
index 99dfc68c4bd9b335b4b0c4e77341d3ee79aa9b76..1b1127995b039c91fcbcaf03dc8637c4bd7452fd 100644 (file)
--- a/util.cxx
+++ b/util.cxx
@@ -1147,6 +1147,26 @@ string unescape_glob_chars (const string& str)
   return op;
 }
 
+// PR23391, this is still incomplete but enough is
+// complete to handle "__{ia32,x64}_sys_$syscall"
+// functions.
+string csh_to_ksh (const string& csh)
+{
+  string ksh;
+  for (unsigned i=0; i<csh.size(); i++)
+    {
+      if (csh[i] == '{')
+        ksh += "@(";
+      else if (csh[i] == '}')
+        ksh += ')';
+      else if (csh[i] == ',')
+        ksh += '|';
+      else
+        ksh += csh[i];
+    }
+  return ksh;
+}
+
 bool identifier_string_needs_escape (const string& str)
 {
   for (unsigned i = 0; i < str.size (); i++)

diff --git a/util.h b/util.h
index 11414458d6276914397608161ac6f09e6cf038d6..b4c4e40b7284192ab6e80df1e49909a2f52c51ee 100644 (file)
--- a/util.h
+++ b/util.h
@@ -120,6 +120,7 @@ int regexp_match (const std::string& value, const std::string& re, std::vector<s
 bool contains_glob_chars (const std::string &str);
 std::string escape_glob_chars (const std::string& str);
 std::string unescape_glob_chars (const std::string& str);
+std::string csh_to_ksh (const std::string& csh);
 bool identifier_string_needs_escape (const std::string& str);
 std::string escaped_identifier_string (const std::string& str);
 std::string escaped_character (unsigned c);