From 5f359caa7cc789ff856009793124d85dfafd35aa Mon Sep 17 00:00:00 2001
From: hunt <hunt>
Date: Thu, 2 Mar 2006 05:20:11 +0000
Subject: [PATCH] *** empty log message ***

---
 tapset/aux_syscalls.stp | 64 ++++++++++++++++++++++-------------------
 tapset/syscalls.stp     | 27 +++++++----------
 2 files changed, 46 insertions(+), 45 deletions(-)

diff --git a/tapset/aux_syscalls.stp b/tapset/aux_syscalls.stp
index 1aae8c9e6..e9d01bb11 100644
--- a/tapset/aux_syscalls.stp
+++ b/tapset/aux_syscalls.stp
@@ -112,6 +112,7 @@ function _struct_itimerval:string(addr:long)
 #include <net/sock.h>
 #include <net/tcp.h>
 #include <linux/socket.h>
+#include <linux/un.h>
 
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,11)
 #define LPORT   (inet->inet.num)
@@ -123,46 +124,50 @@ function _struct_itimerval:string(addr:long)
 
 //FIXME. Not done yet.
 
-void _stp_sockaddr_u(char *str, int family, char *ptr, int len)
+void _stp_sockaddr_str(char *str, const int strlen, char *buf, int len)
 {
-	switch (family) {
+	struct sockaddr *sa = (struct sockaddr *)buf;
+	switch (sa->sa_family) {
 	case AF_INET: 
 	{
-		struct sockaddr_in sin;
-		unsigned char addr[4];
-		if (len < sizeof(sin) || _stp_copy_from_user((char *)&sin, ptr, sizeof(sin))) {
-			strlcpy(str, "[AF_INET:...]", MAXSTRINGLEN);
-			break;
-		}
-		memcpy(addr, &sin.sin_addr, sizeof(addr));
-		snprintf(str, MAXSTRINGLEN, "[AF_INET:%d.%d.%d.%d]", 
-			addr[0], addr[1], addr[2], addr[3]);
+		struct sockaddr_in *sin = (struct sockaddr_in *)buf;
+		const unsigned char *addr = (unsigned char *)&sin->sin_addr;
+		snprintf(str, strlen, "{AF_INET, %d.%d.%d.%d, %d}", 
+			addr[0], addr[1], addr[2], addr[3], ntohs(sin->sin_port));
 		break;
 	}
 	case AF_UNIX:
 	{	
-		char path[128];
-		// FIXME: check len < 128
-		if (_stp_copy_from_user(path, ptr+2, len-2)) {
-			strlcpy(str, "[AF_UNIX:...]", MAXSTRINGLEN);
-			break;
-		}
-		path[len-2] = 0;
-		snprintf(str, MAXSTRINGLEN, "[AF_UNIX:%s]", path); 
+		struct sockaddr_un *sun = (struct sockaddr_un *)buf;	
+		snprintf(str, strlen, "{AF_UNIX, %s}", sun->sun_path); 
 		break;
 	}
 	case AF_NETLINK:
 	{
-		struct sockaddr_nl nl;
-		if (_stp_copy_from_user((char *)&nl, ptr, len)) {
-			strlcpy(str, "[AF_NETLINK:...]", MAXSTRINGLEN);
-			break;
-		}
-		snprintf(str, MAXSTRINGLEN, "[AF_NETLINK:%d,0x%x]", nl.nl_pid, nl.nl_groups); 
+		struct sockaddr_nl *nl = (struct sockaddr_nl *)buf;
+		snprintf(str, strlen, "{AF_NETLINK, pid=%d, groups=%08x}", nl->nl_pid, nl->nl_groups); 
 		break;
 	}
+	case AF_INET6: 
+	{
+		// FIXME. Address is probably not correctly displayed
+		struct sockaddr_in6 *sin = (struct sockaddr_in6 *)buf;
+		snprintf(str, strlen, "{AF_INET6, %016llx, %d}", 
+			*(long long *)&sin->sin6_addr, ntohs(sin->sin6_port));
+		break;
+	}
+	case AF_PACKET: 
+	{
+		/* FIXME. This needs tested */
+		struct sockaddr_ll *sll = (struct sockaddr_ll *)buf;
+		snprintf(str, strlen, "{AF_PACKET, proto=%d, ind=%d, hatype=%d, pkttype=%d, halen=%d, addr=0x%llx}", 
+			(int)sll->sll_protocol, sll->sll_ifindex, (int)sll->sll_hatype, (int)sll->sll_pkttype,
+			(int)sll->sll_halen, *(uint64_t *)sll->sll_addr);
+		break;
+	}
+
 	default:
-		snprintf(str, MAXSTRINGLEN, "[unknown family %d]", family);	
+		snprintf(str, strlen, "{unknown address family %d}", sa->sa_family);	
 	}
 }
 %}
@@ -170,14 +175,15 @@ void _stp_sockaddr_u(char *str, int family, char *ptr, int len)
 function _struct_sockaddr_u:string(uaddr:long, len:long)
 %{
 	char *ptr = (char *)(unsigned long)THIS->uaddr;
-	struct sockaddr sa;
 	if (ptr == NULL)
 		strlcpy (THIS->__retvalue, "NULL", MAXSTRINGLEN);
 	else {
-		if(THIS->len < 2 || _stp_copy_from_user((char *)&sa, ptr, 2))
+		char buf[128];
+		size_t len = THIS->len < 128 ? THIS->len : 128;
+		if(_stp_copy_from_user(buf, ptr, len))
 			strlcpy (THIS->__retvalue, "[...]", MAXSTRINGLEN);
 		else
-			_stp_sockaddr_u(THIS->__retvalue,sa.sa_family,ptr,THIS->len);
+			_stp_sockaddr_str(THIS->__retvalue, MAXSTRINGLEN, buf, len);
 	}
 %}
 
diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp
index 1fafd4210..9412d809c 100644
--- a/tapset/syscalls.stp
+++ b/tapset/syscalls.stp
@@ -376,23 +376,18 @@ probe syscall.close.return = kernel.function("sys_close").return {
 	returnp = 1
 }
 # connect ____________________________________________________
-/*
- * asmlinkage long
- * sys_connect(int fd,
- *             struct sockaddr __user *uservaddr,
- *             int addrlen)
- */
-probe kernel.syscall.connect =
-   kernel.function("sys_connect") {
-      name = "connect"
-      sockfd = $fd
-      serv_addr_uaddr = $uservaddr
-      addrlen = $addrlen
+# long sys_connect(int fd, struct sockaddr __user *uservaddr, int addrlen)
+probe syscall.connect = kernel.function("sys_connect") {
+	name = "connect"
+	sockfd = $fd
+	serv_addr_uaddr = $uservaddr
+	addrlen = $addrlen
+	argstr = sprintf("%d, %s, %d", $fd, _struct_sockaddr_u($uservaddr,$addrlen),$addrlen)
+}
+probe syscall.connect.return =	kernel.function("sys_connect").return {
+	name = "connect"
+	returnp = 1
 }
-probe kernel.syscall.connect.return =
-   kernel.function("sys_connect").return {
-      name = "connect.return"
-   }
 
 # delete_module ______________________________________________
 # long sys_delete_module(const char __user *name_user, unsigned int flags)
-- 
2.43.5