From 132149eb8b33c2c827c08fb7a861e69022478652 Mon Sep 17 00:00:00 2001 From: Martin Cermak Date: Fri, 23 Dec 2016 15:03:19 +0100 Subject: [PATCH] PR20333/getegid --- tapset/linux/nd_syscalls.stp | 20 -------------- tapset/linux/sysc_getegid.stp | 52 +++++++++++++++++++++++++++++++++++ tapset/linux/syscalls.stp | 20 -------------- 3 files changed, 52 insertions(+), 40 deletions(-) create mode 100644 tapset/linux/sysc_getegid.stp diff --git a/tapset/linux/nd_syscalls.stp b/tapset/linux/nd_syscalls.stp index 8541cc8bb..fdf545b7a 100644 --- a/tapset/linux/nd_syscalls.stp +++ b/tapset/linux/nd_syscalls.stp @@ -1,24 +1,4 @@ -# getegid ____________________________________________________ -# long sys_getegid(void) -# long sys_getegid16(void) -# long sys32_getegid16(void) -# -probe nd_syscall.getegid = kprobe.function("sys_getegid16") ?, - kprobe.function("sys32_getegid16") ?, - kprobe.function("sys_getegid") -{ - name = "getegid" - argstr = "" -} -probe nd_syscall.getegid.return = kprobe.function("sys_getegid16").return ?, - kprobe.function("sys32_getegid16").return ?, - kprobe.function("sys_getegid").return -{ - name = "getegid" - retstr = returnstr(1) -} - # geteuid ____________________________________________________ # long sys_geteuid(void) # long sys32_geteuid16(void) diff --git a/tapset/linux/sysc_getegid.stp b/tapset/linux/sysc_getegid.stp new file mode 100644 index 000000000..de46fe55f --- /dev/null +++ b/tapset/linux/sysc_getegid.stp @@ -0,0 +1,52 @@ +# getegid ____________________________________________________ +# long sys_getegid(void) +# long sys_getegid16(void) +# long sys32_getegid16(void) +# + +@define _SYSCALL_GETEGID_NAME +%( + name = "getegid" +%) + +@define _SYSCALL_GETEGID_ARGSTR +%( + argstr = "" +%) + +probe syscall.getegid = dw_syscall.getegid !, nd_syscall.getegid {} +probe syscall.getegid.return = dw_syscall.getegid.return !, nd_syscall.getegid.return {} + +# dw_getegid _____________________________________________________ + +probe dw_syscall.getegid = kernel.function("sys_getegid16").call ?, + kernel.function("sys32_getegid16").call ?, + kernel.function("sys_getegid").call +{ + @_SYSCALL_GETEGID_NAME + @_SYSCALL_GETEGID_ARGSTR +} +probe dw_syscall.getegid.return = kernel.function("sys_getegid16").return ?, + kernel.function("sys32_getegid16").return ?, + kernel.function("sys_getegid").return +{ + @_SYSCALL_GETEGID_NAME + retstr = return_str(1, $return) +} + +# nd_getegid _____________________________________________________ + +probe nd_syscall.getegid = kprobe.function("sys_getegid16") ?, + kprobe.function("sys32_getegid16") ?, + kprobe.function("sys_getegid") +{ + @_SYSCALL_GETEGID_NAME + @_SYSCALL_GETEGID_ARGSTR +} +probe nd_syscall.getegid.return = kprobe.function("sys_getegid16").return ?, + kprobe.function("sys32_getegid16").return ?, + kprobe.function("sys_getegid").return +{ + @_SYSCALL_GETEGID_NAME + retstr = returnstr(1) +} diff --git a/tapset/linux/syscalls.stp b/tapset/linux/syscalls.stp index ab39c08a9..a316fb2b5 100644 --- a/tapset/linux/syscalls.stp +++ b/tapset/linux/syscalls.stp @@ -1,24 +1,4 @@ -# getegid ____________________________________________________ -# long sys_getegid(void) -# long sys_getegid16(void) -# long sys32_getegid16(void) -# -probe syscall.getegid = kernel.function("sys_getegid16").call ?, - kernel.function("sys32_getegid16").call ?, - kernel.function("sys_getegid").call -{ - name = "getegid" - argstr = "" -} -probe syscall.getegid.return = kernel.function("sys_getegid16").return ?, - kernel.function("sys32_getegid16").return ?, - kernel.function("sys_getegid").return -{ - name = "getegid" - retstr = return_str(1, $return) -} - # geteuid ____________________________________________________ # long sys_geteuid(void) # long sys32_geteuid16(void) -- 2.43.5