From 8cede8106ff367292ea4ffdd6fa828aa06c0e698 Mon Sep 17 00:00:00 2001
From: Martin Cermak <mcermak@redhat.com>
Date: Fri, 23 Dec 2016 17:02:54 +0100
Subject: [PATCH] PR20333/init_module

---
 tapset/linux/nd_syscalls.stp      | 21 -------------
 tapset/linux/sysc_init_module.stp | 52 +++++++++++++++++++++++++++++++
 tapset/linux/syscalls.stp         | 19 -----------
 3 files changed, 52 insertions(+), 40 deletions(-)
 create mode 100644 tapset/linux/sysc_init_module.stp

diff --git a/tapset/linux/nd_syscalls.stp b/tapset/linux/nd_syscalls.stp
index 8c269236e..2fb9f1ace 100644
--- a/tapset/linux/nd_syscalls.stp
+++ b/tapset/linux/nd_syscalls.stp
@@ -1,25 +1,4 @@
 
-# init_module ________________________________________________
-# long sys_init_module(void __user *umod,
-#		unsigned long len,
-#		const char __user *uargs)
-#
-probe nd_syscall.init_module = kprobe.function("sys_init_module") ?
-{
-	name = "init_module"
-	asmlinkage()
-	umod_uaddr = pointer_arg(1)
-	len = ulong_arg(2)
-	uargs = user_string_quoted(pointer_arg(3))
-	argstr = sprintf("%p, %u, %s", umod_uaddr, len, uargs)
-}
-probe nd_syscall.init_module.return =
-	kprobe.function("sys_init_module").return ?
-{
-	name = "init_module"
-	retstr = returnstr(1)
-}
-
 # inotify_add_watch __________________________________________
 #
 # long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
diff --git a/tapset/linux/sysc_init_module.stp b/tapset/linux/sysc_init_module.stp
new file mode 100644
index 000000000..82e9d5ade
--- /dev/null
+++ b/tapset/linux/sysc_init_module.stp
@@ -0,0 +1,52 @@
+# init_module ________________________________________________
+# long sys_init_module(void __user *umod,
+#		unsigned long len,
+#		const char __user *uargs)
+#
+
+@define _SYSCALL_INIT_MODULE_NAME
+%(
+	name = "init_module"
+%)
+
+@define _SYSCALL_INIT_MODULE_ARGSTR
+%(
+	argstr = sprintf("%p, %u, %s", umod_uaddr, len, uargs)
+%)
+
+probe syscall.init_module = dw_syscall.init_module !, nd_syscall.init_module {}
+probe syscall.init_module.return = dw_syscall.init_module.return !, nd_syscall.init_module.return {}
+
+# dw_init_module _____________________________________________________
+
+probe dw_syscall.init_module = kernel.function("sys_init_module").call ?
+{
+	@_SYSCALL_INIT_MODULE_NAME
+	umod_uaddr = $umod
+	len = __ulong($len)
+	uargs = user_string_quoted($uargs)
+	@_SYSCALL_INIT_MODULE_ARGSTR
+}
+probe dw_syscall.init_module.return = kernel.function("sys_init_module").return ?
+{
+	@_SYSCALL_INIT_MODULE_NAME
+	retstr = return_str(1, $return)
+}
+
+# nd_init_module _____________________________________________________
+
+probe nd_syscall.init_module = kprobe.function("sys_init_module") ?
+{
+	@_SYSCALL_INIT_MODULE_NAME
+	asmlinkage()
+	umod_uaddr = pointer_arg(1)
+	len = ulong_arg(2)
+	uargs = user_string_quoted(pointer_arg(3))
+	@_SYSCALL_INIT_MODULE_ARGSTR
+}
+probe nd_syscall.init_module.return =
+	kprobe.function("sys_init_module").return ?
+{
+	@_SYSCALL_INIT_MODULE_NAME
+	retstr = returnstr(1)
+}
diff --git a/tapset/linux/syscalls.stp b/tapset/linux/syscalls.stp
index be2d418fa..ba0040e5b 100644
--- a/tapset/linux/syscalls.stp
+++ b/tapset/linux/syscalls.stp
@@ -1,23 +1,4 @@
 
-# init_module ________________________________________________
-# long sys_init_module(void __user *umod,
-#		unsigned long len,
-#		const char __user *uargs)
-#
-probe syscall.init_module = kernel.function("sys_init_module").call ?
-{
-	name = "init_module"
-	umod_uaddr = $umod
-	len = __ulong($len)
-	uargs = user_string_quoted($uargs)
-	argstr = sprintf("%p, %u, %s", $umod, len, user_string_quoted($uargs))
-}
-probe syscall.init_module.return = kernel.function("sys_init_module").return ?
-{
-	name = "init_module"
-	retstr = return_str(1, $return)
-}
-
 # inotify_add_watch __________________________________________
 #
 # long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
-- 
2.43.5