From b911ecc857b4a990bcee7bcd6790c11ef6469660 Mon Sep 17 00:00:00 2001
From: Martin Cermak <mcermak@redhat.com>
Date: Fri, 23 Dec 2016 17:33:23 +0100
Subject: [PATCH] PR20333/kill

---
 tapset/linux/nd_syscalls.stp | 16 ------------
 tapset/linux/sysc_kill.stp   | 48 ++++++++++++++++++++++++++++++++++++
 tapset/linux/syscalls.stp    | 15 -----------
 3 files changed, 48 insertions(+), 31 deletions(-)
 create mode 100644 tapset/linux/sysc_kill.stp

diff --git a/tapset/linux/nd_syscalls.stp b/tapset/linux/nd_syscalls.stp
index fc1ebc118..1f5a94e27 100644
--- a/tapset/linux/nd_syscalls.stp
+++ b/tapset/linux/nd_syscalls.stp
@@ -1,20 +1,4 @@
 
-# kill _______________________________________________________
-# long sys_kill(int pid, int sig)
-probe nd_syscall.kill = kprobe.function("sys_kill") ?
-{
-	name = "kill"
-	asmlinkage()
-	pid = int_arg(1)
-	sig = int_arg(2)
-	argstr = sprintf("%d, %s", pid, _signal_name(sig))
-}
-probe nd_syscall.kill.return = kprobe.function("sys_kill").return ?
-{
-	name = "kill"
-	retstr = returnstr(1)
-}
-
 # lchown _____________________________________________________
 # long sys_lchown(const char __user * filename, uid_t user, gid_t group)
 #
diff --git a/tapset/linux/sysc_kill.stp b/tapset/linux/sysc_kill.stp
new file mode 100644
index 000000000..ec7804f94
--- /dev/null
+++ b/tapset/linux/sysc_kill.stp
@@ -0,0 +1,48 @@
+# kill _______________________________________________________
+# long sys_kill(int pid, int sig)
+
+@define _SYSCALL_KILL_NAME
+%(
+	name = "kill"
+%)
+
+@define _SYSCALL_KILL_ARGSTR
+%(
+	argstr = sprintf("%d, %s", pid, sig_name)
+%)
+
+probe syscall.kill = dw_syscall.kill !, nd_syscall.kill {}
+probe syscall.kill.return = dw_syscall.kill.return !, nd_syscall.kill.return {}
+
+# dw_kill _____________________________________________________
+
+probe dw_syscall.kill = kernel.function("sys_kill").call
+{
+	@_SYSCALL_KILL_NAME
+	pid = __int32($pid)
+	sig = __int32($sig)
+	sig_name = _signal_name(sig)
+	@_SYSCALL_KILL_ARGSTR
+}
+probe dw_syscall.kill.return = kernel.function("sys_kill").return
+{
+	@_SYSCALL_KILL_NAME
+	retstr = return_str(1, $return)
+}
+
+# nd_kill _____________________________________________________
+
+probe nd_syscall.kill = kprobe.function("sys_kill") ?
+{
+	@_SYSCALL_KILL_NAME
+	asmlinkage()
+	pid = int_arg(1)
+	sig = int_arg(2)
+	sig_name = _signal_name(sig)
+	@_SYSCALL_KILL_ARGSTR
+}
+probe nd_syscall.kill.return = kprobe.function("sys_kill").return ?
+{
+	@_SYSCALL_KILL_NAME
+	retstr = returnstr(1)
+}
diff --git a/tapset/linux/syscalls.stp b/tapset/linux/syscalls.stp
index 6eecddb18..230c42d90 100644
--- a/tapset/linux/syscalls.stp
+++ b/tapset/linux/syscalls.stp
@@ -1,19 +1,4 @@
 
-# kill _______________________________________________________
-# long sys_kill(int pid, int sig)
-probe syscall.kill = kernel.function("sys_kill").call
-{
-	name = "kill"
-	pid = __int32($pid)
-	sig = __int32($sig)
-	argstr = sprintf("%d, %s", __int32($pid), _signal_name(__int32($sig)))
-}
-probe syscall.kill.return = kernel.function("sys_kill").return
-{
-	name = "kill"
-	retstr = return_str(1, $return)
-}
-
 # lchown _____________________________________________________
 # long sys_lchown(const char __user * filename, uid_t user, gid_t group)
 #
-- 
2.43.5