From b7b6ee32cbb31b574c2330c3b348f946eb6832ed Mon Sep 17 00:00:00 2001
From: Martin Cermak <mcermak@redhat.com>
Date: Thu, 22 Dec 2016 18:08:16 +0100
Subject: [PATCH] PR20333/fstat

---
 tapset/linux/nd_syscalls.stp | 33 ----------------
 tapset/linux/sysc_fstat.stp  | 73 ++++++++++++++++++++++++++++++++++++
 tapset/linux/syscalls.stp    | 32 ----------------
 3 files changed, 73 insertions(+), 65 deletions(-)
 create mode 100644 tapset/linux/sysc_fstat.stp

diff --git a/tapset/linux/nd_syscalls.stp b/tapset/linux/nd_syscalls.stp
index f9f36a7f2..2cc39b55c 100644
--- a/tapset/linux/nd_syscalls.stp
+++ b/tapset/linux/nd_syscalls.stp
@@ -1,37 +1,4 @@
 
-# fstat ______________________________________________________
-# long sys_fstat(unsigned int fd, struct __old_kernel_stat __user * statbuf)
-# long sys_fstat64(unsigned long fd, struct stat64 __user * statbuf)
-# long sys32_fstat64(unsigned int fd, struct stat64 __user *statbuf)
-# long sys_newfstat(unsigned int fd, struct stat __user * statbuf)
-# long sys_oabi_fstat64(char __user * filename,
-#			struct oldabi_stat64 __user * statbuf)
-# long compat_sys_newfstat(unsigned int fd, struct compat_stat __user * statbuf)
-#
-probe nd_syscall.fstat = kprobe.function("sys_fstat") ?,
-                         kprobe.function("sys_fstat64") ?,
-                         kprobe.function("sys32_fstat64") ?,
-                         kprobe.function("sys_newfstat") ?,
-                         kprobe.function("sys_oabi_fstat64") ?,
-                         kprobe.function("compat_sys_newfstat") ?
-{
-	name = "fstat"
-	asmlinkage()
-	filedes = int_arg(1)
-	buf_uaddr = pointer_arg(2)
-	argstr = sprintf("%d, %p", filedes, buf_uaddr)
-}
-probe nd_syscall.fstat.return = kprobe.function("sys_fstat").return ?,
-                                kprobe.function("sys_fstat64").return ?,
-                                kprobe.function("sys32_fstat64").return ?,
-                                kprobe.function("sys_newfstat").return ?,
-                                kprobe.function("sys_oabi_fstat64").return ?,
-                                kprobe.function("compat_sys_newfstat").return ?
-{
-	name = "fstat"
-	retstr = returnstr(1)
-}
-
 # fstatat ____________________________________________________
 # sys32_fstatat64(unsigned int dfd, char __user *filename, struct stat64_emu31 __user* statbuf, int flag)
 # long sys_newfstatat(int dfd, char __user *filename, struct stat __user *statbuf, int flag)
diff --git a/tapset/linux/sysc_fstat.stp b/tapset/linux/sysc_fstat.stp
new file mode 100644
index 000000000..5d7d255b1
--- /dev/null
+++ b/tapset/linux/sysc_fstat.stp
@@ -0,0 +1,73 @@
+# fstat ______________________________________________________
+# long sys_fstat(unsigned int fd, struct __old_kernel_stat __user * statbuf)
+# long sys_fstat64(unsigned long fd, struct stat64 __user * statbuf)
+# long sys32_fstat64(unsigned int fd, struct stat64 __user *statbuf)
+# long sys_newfstat(unsigned int fd, struct stat __user * statbuf)
+# long sys_oabi_fstat64(char __user * filename,
+#			struct oldabi_stat64 __user * statbuf)
+# long compat_sys_newfstat(unsigned int fd, struct compat_stat __user * statbuf)
+#
+
+@define _SYSCALL_FSTAT_NAME
+%(
+	name = "fstat"
+%)
+
+@define _SYSCALL_FSTAT_ARGSTR
+%(
+	argstr = sprintf("%d, %p", filedes, buf_uaddr)
+%)
+
+probe syscall.fstat = dw_syscall.fstat !, nd_syscall.fstat {}
+probe syscall.fstat.return = dw_syscall.fstat.return !, nd_syscall.fstat.return {}
+
+# dw_fstat _____________________________________________________
+
+probe dw_syscall.fstat = kernel.function("sys_fstat").call ?,
+                      kernel.function("sys_fstat64").call ?,
+                      kernel.function("sys32_fstat64").call ?,
+                      kernel.function("sys_newfstat").call ?,
+                      kernel.function("sys_oabi_fstat64").call ?,
+                      kernel.function("compat_sys_newfstat").call ?
+{
+	@_SYSCALL_FSTAT_NAME
+	filedes = __int32($fd)
+	buf_uaddr = $statbuf
+	@_SYSCALL_FSTAT_ARGSTR
+}
+probe dw_syscall.fstat.return = kernel.function("sys_fstat").return ?,
+                             kernel.function("sys_fstat64").return ?,
+                             kernel.function("sys32_fstat64").return ?,
+                             kernel.function("sys_newfstat").return ?,
+                             kernel.function("sys_oabi_fstat64").return ?,
+                             kernel.function("compat_sys_newfstat").return ?
+{
+	@_SYSCALL_FSTAT_NAME
+	retstr = return_str(1, $return)
+}
+
+# nd_fstat _____________________________________________________
+
+probe nd_syscall.fstat = kprobe.function("sys_fstat") ?,
+                         kprobe.function("sys_fstat64") ?,
+                         kprobe.function("sys32_fstat64") ?,
+                         kprobe.function("sys_newfstat") ?,
+                         kprobe.function("sys_oabi_fstat64") ?,
+                         kprobe.function("compat_sys_newfstat") ?
+{
+	@_SYSCALL_FSTAT_NAME
+	asmlinkage()
+	filedes = int_arg(1)
+	buf_uaddr = pointer_arg(2)
+	@_SYSCALL_FSTAT_ARGSTR
+}
+probe nd_syscall.fstat.return = kprobe.function("sys_fstat").return ?,
+                                kprobe.function("sys_fstat64").return ?,
+                                kprobe.function("sys32_fstat64").return ?,
+                                kprobe.function("sys_newfstat").return ?,
+                                kprobe.function("sys_oabi_fstat64").return ?,
+                                kprobe.function("compat_sys_newfstat").return ?
+{
+	@_SYSCALL_FSTAT_NAME
+	retstr = returnstr(1)
+}
diff --git a/tapset/linux/syscalls.stp b/tapset/linux/syscalls.stp
index 53b8d5794..ce176f96f 100644
--- a/tapset/linux/syscalls.stp
+++ b/tapset/linux/syscalls.stp
@@ -1,36 +1,4 @@
 
-# fstat ______________________________________________________
-# long sys_fstat(unsigned int fd, struct __old_kernel_stat __user * statbuf)
-# long sys_fstat64(unsigned long fd, struct stat64 __user * statbuf)
-# long sys32_fstat64(unsigned int fd, struct stat64 __user *statbuf)
-# long sys_newfstat(unsigned int fd, struct stat __user * statbuf)
-# long sys_oabi_fstat64(char __user * filename,
-#			struct oldabi_stat64 __user * statbuf)
-# long compat_sys_newfstat(unsigned int fd, struct compat_stat __user * statbuf)
-#
-probe syscall.fstat = kernel.function("sys_fstat").call ?,
-                      kernel.function("sys_fstat64").call ?,
-                      kernel.function("sys32_fstat64").call ?,
-                      kernel.function("sys_newfstat").call ?,
-                      kernel.function("sys_oabi_fstat64").call ?,
-                      kernel.function("compat_sys_newfstat").call ?
-{
-	name = "fstat"
-	filedes = __int32($fd)
-	buf_uaddr = $statbuf
-	argstr = sprintf("%d, %p", __int32($fd), $statbuf)
-}
-probe syscall.fstat.return = kernel.function("sys_fstat").return ?,
-                             kernel.function("sys_fstat64").return ?,
-                             kernel.function("sys32_fstat64").return ?,
-                             kernel.function("sys_newfstat").return ?,
-                             kernel.function("sys_oabi_fstat64").return ?,
-                             kernel.function("compat_sys_newfstat").return ?
-{
-	name = "fstat"
-	retstr = return_str(1, $return)
-}
-
 # fstatat ____________________________________________________
 # sys32_fstatat64(unsigned int dfd, char __user *filename, struct stat64_emu31 __user* statbuf, int flag)
 # long sys_newfstatat(int dfd, char __user *filename, struct stat __user *statbuf, int flag)
-- 
2.43.5