1 ////////////////////////////////////////////////////////////////////////////////////
3 // FILE: us_proc_inst.c
6 // This file is C source for SWAP driver.
8 // SEE ALSO: us_proc_inst.h
9 // AUTHOR: A.Gerenkov, E. Gorelkina
10 // COMPANY NAME: Samsung Research Center in Moscow
11 // DEPT NAME: Advanced Software Group
12 // CREATED: 2008.06.02
14 // REVISION DATE: 2008.12.02
16 ////////////////////////////////////////////////////////////////////////////////////
19 #include "us_proc_inst.h"
21 #include "../kprobe/dbi_kprobes_deps.h"
22 #include "../kprobe/dbi_uprobes.h"
24 #include "sspt/sspt.h"
25 #include "java_inst.h"
27 #define mm_read_lock(task, mm, atomic, lock) \
28 mm = atomic ? task->active_mm : get_task_mm(task); \
31 panic("ERRR mm_read_lock: mm == NULL\n"); \
35 lock = down_read_trylock(&mm->mmap_sem); \
38 down_read(&mm->mmap_sem); \
41 #define mm_read_unlock(mm, atomic, lock) \
43 up_read(&mm->mmap_sem); \
50 DEFINE_PER_CPU (us_proc_vtp_t *, gpVtp) = NULL;
51 DEFINE_PER_CPU (struct pt_regs *, gpCurVtpRegs) = NULL;
53 #if defined(CONFIG_MIPS)
54 # define ARCH_REG_VAL(regs, idx) regs->regs[idx]
55 #elif defined(CONFIG_ARM)
56 # define ARCH_REG_VAL(regs, idx) regs->uregs[idx]
58 # define ARCH_REG_VAL(regs, idx) 0
59 # warning ARCH_REG_VAL is not implemented for this architecture. FBI will work improperly or even crash!!!
62 unsigned long ujprobe_event_pre_handler (struct us_ip *ip, struct pt_regs *regs);
63 void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6);
64 int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *regs, struct us_ip *ip);
66 static int register_usprobe(struct task_struct *task, struct us_ip *ip, int atomic);
67 static int unregister_usprobe(struct task_struct *task, struct us_ip *ip, int atomic, int no_rp2);
71 LIST_HEAD(proc_probes_list);
74 struct dentry *launchpad_daemon_dentry = NULL;
75 EXPORT_SYMBOL_GPL(launchpad_daemon_dentry);
79 unsigned long android_app_vma_start = 0;
80 unsigned long android_app_vma_end = 0;
81 struct dentry *app_process_dentry = NULL;
82 #endif /* ANDROID_APP */
85 #define print_event(fmt, args...) \
88 sprintf(buf, fmt, ##args); \
89 pack_event_info(US_PROBE_ID, RECORD_ENTRY, "ds", 0x0badc0de, buf); \
92 static inline int is_libonly(void)
94 return !strcmp(us_proc_info.path,"*");
97 // is user-space instrumentation
98 static inline int is_us_instrumentation(void)
100 return !!us_proc_info.path;
103 static struct sspt_procs *get_proc_probes_by_task(struct task_struct *task)
105 struct sspt_procs *procs, *tmp;
108 if (task != current) {
109 printk("ERROR get_proc_probes_by_task: \'task != current\'\n");
113 return us_proc_info.pp;
116 list_for_each_entry_safe(procs, tmp, &proc_probes_list, list) {
117 if (procs->tgid == task->tgid) {
125 static void add_proc_probes(struct task_struct *task, struct sspt_procs *procs)
127 list_add_tail(&procs->list, &proc_probes_list);
130 static struct sspt_procs *get_proc_probes_by_task_or_new(struct task_struct *task)
132 struct sspt_procs *procs = get_proc_probes_by_task(task);
134 procs = sspt_procs_copy(us_proc_info.pp, task);
135 add_proc_probes(task, procs);
142 static int is_slp_app_with_dentry(struct vm_area_struct *vma,
143 struct dentry *dentry)
145 struct vm_area_struct *slp_app_vma = NULL;
147 if (vma->vm_file->f_dentry == launchpad_daemon_dentry) {
149 while (slp_app_vma) {
150 if (slp_app_vma->vm_file) {
151 if (slp_app_vma->vm_file->f_dentry == dentry &&
152 slp_app_vma->vm_pgoff == 0) {
156 slp_app_vma = slp_app_vma->vm_next;
165 static int is_android_app_with_dentry(struct vm_area_struct *vma,
166 struct dentry *dentry)
168 struct vm_area_struct *android_app_vma = NULL;
170 if (vma->vm_file->f_dentry == app_process_dentry) {
171 android_app_vma = vma;
172 while (android_app_vma) {
173 if (android_app_vma->vm_file) {
174 if (android_app_vma->vm_file->f_dentry == dentry) {
175 android_app_vma_start = android_app_vma->vm_start;
176 android_app_vma_end = android_app_vma->vm_end;
180 android_app_vma = android_app_vma->vm_next;
186 #endif /* ANDROID_APP */
188 struct dentry *dentry_by_path(const char *path)
190 struct dentry *dentry;
191 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
193 if (kern_path(path, LOOKUP_FOLLOW, &st_path) != 0) {
194 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
196 if (path_lookup(path, LOOKUP_FOLLOW, &nd) != 0) {
197 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
198 EPRINTF("failed to lookup dentry for path %s!", path);
202 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
205 #elif LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 38)
206 dentry = nd.path.dentry;
208 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
209 dentry = st_path.dentry;
211 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25) */
215 static int check_vma(struct vm_area_struct *vma)
218 return vma->vm_file && !(vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC) || (vma->vm_flags & VM_ACCOUNT) ||
219 !(vma->vm_flags & (VM_WRITE | VM_MAYWRITE)) ||
220 !(vma->vm_flags & (VM_READ | VM_MAYREAD)));
222 return vma->vm_file && !(vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC));
226 static int find_task_by_path (const char *path, struct task_struct **p_task, struct list_head *tids)
229 struct task_struct *task;
230 struct vm_area_struct *vma;
231 struct mm_struct *mm;
232 struct dentry *dentry = dentry_by_path(path);
236 /* find corresponding dir entry, this is also check for valid path */
237 // TODO: test - try to instrument process with non-existing path
238 // TODO: test - try to instrument process with existing path and delete file just after start
239 if (dentry == NULL) {
244 for_each_process (task) {
246 if ( 0 != inst_pid && ( inst_pid != task->pid ) )
249 mm = get_task_mm(task);
254 if (check_vma(vma)) {
255 if (vma->vm_file->f_dentry == dentry) {
258 get_task_struct (task);
264 if (is_slp_app_with_dentry(vma, dentry)) {
266 get_task_struct(task);
272 if (is_android_app_with_dentry(vma, dentry)) {
274 get_task_struct(task);
277 #endif /* ANDROID_APP */
281 // only decrement usage count on mm since we cannot sleep here
282 atomic_dec(&mm->mm_users);
289 DPRINTF ("found pid %d for %s.", (*p_task)->pid, path);
290 *p_task = (*p_task)->group_leader;
291 gl_nNotifyTgid = (*p_task)->tgid;
293 DPRINTF ("pid for %s not found!", path);
299 static void set_mapping_file(struct sspt_file *file,
300 const struct sspt_procs *procs,
301 const struct task_struct *task,
302 const struct vm_area_struct *vma);
304 int install_otg_ip(unsigned long addr,
305 kprobe_pre_entry_handler_t pre_handler,
306 unsigned long jp_handler,
307 kretprobe_handler_t rp_handler)
310 struct task_struct *task = current->group_leader;
311 struct mm_struct *mm = task->mm;
314 struct vm_area_struct *vma = find_vma(mm, addr);
315 if (vma && (vma->vm_flags & VM_EXEC) &&
316 vma->vm_file && vma->vm_file->f_dentry) {
317 unsigned long offset_addr = addr - vma->vm_start;
318 struct dentry *dentry = vma->vm_file->f_dentry;
319 char *name = dentry->d_iname;
320 struct sspt_procs *procs = get_proc_probes_by_task(task);
321 struct ip_data pd = {
322 .offset = offset_addr,
323 .pre_handler = pre_handler,
324 .jp_handler = jp_handler,
325 .rp_handler = rp_handler,
329 struct sspt_file *file = sspt_procs_find_file_or_new(procs, dentry, name);
330 struct sspt_page *page = sspt_get_page(file, offset_addr);
331 struct us_ip *ip = sspt_find_ip(page, offset_addr & ~PAGE_MASK);
334 set_mapping_file(file, procs, task, vma);
339 // TODO: sspt_procs_find_file_or_new --> sspt_procs_find_file ?!
340 struct sspt_file *file = sspt_procs_find_file_or_new(procs, dentry, name);
341 sspt_file_add_ip(file, &pd);
343 /* if addr mapping, that probe install, else it be installed in do_page_fault handler */
344 if (page_present(mm, addr)) {
345 ip = sspt_find_ip(page, offset_addr & ~PAGE_MASK);
346 sspt_set_ip_addr(ip, page, file);
349 ret = register_usprobe_my(task, ip);
351 sspt_page_installed(page);
353 printk("ERROR install_otg_ip: ret=%d\n", ret);
364 EXPORT_SYMBOL_GPL(install_otg_ip);
366 static int uninstall_kernel_probe (unsigned long addr, int uflag, int kflag, kernel_probe_t ** pprobe)
368 kernel_probe_t *probe = NULL;
370 if (probes_flags & kflag) {
371 probe = find_probe(addr);
373 iRet = remove_probe_from_list (addr);
375 EPRINTF ("remove_probe_from_list(0x%lx) result=%d!", addr, iRet);
379 probes_flags &= ~kflag;
381 if (us_proc_probes & uflag) {
382 if (!(probes_flags & uflag)) {
384 iRet = unregister_kernel_probe(probe);
386 EPRINTF ("unregister_kernel_probe(0x%lx) result=%d!",
392 us_proc_probes &= ~uflag;
397 static int uninstall_us_proc_probes(struct task_struct *task, struct sspt_procs *procs, enum US_FLAGS flag);
399 int deinst_usr_space_proc (void)
401 int iRet = 0, found = 0;
402 struct task_struct *task = NULL;
404 if (!is_us_instrumentation()) {
408 iRet = uninstall_kernel_probe (pf_addr, US_PROC_PF_INSTLD,
411 EPRINTF ("uninstall_kernel_probe(do_page_fault) result=%d!", iRet);
413 iRet = uninstall_kernel_probe (cp_addr, US_PROC_CP_INSTLD,
416 EPRINTF ("uninstall_kernel_probe(copy_process) result=%d!", iRet);
418 iRet = uninstall_kernel_probe (mr_addr, US_PROC_MR_INSTLD,
421 EPRINTF ("uninstall_kernel_probe(mm_release) result=%d!", iRet);
423 iRet = uninstall_kernel_probe (exit_addr, US_PROC_EXIT_INSTLD,
426 EPRINTF ("uninstall_kernel_probe(do_exit) result=%d!", iRet);
428 iRet = uninstall_kernel_probe (unmap_addr, US_PROC_UNMAP_INSTLD,
431 EPRINTF ("uninstall_kernel_probe(do_munmap) result=%d!", iRet);
434 struct sspt_procs *procs;
436 for_each_process(task) {
437 procs = get_proc_probes_by_task(task);
439 int ret = uninstall_us_proc_probes(task, procs, US_UNREGS_PROBE);
441 EPRINTF ("failed to uninstall IPs (%d)!", ret);
444 dbi_unregister_all_uprobes(task, 1);
450 if (us_proc_info.tgid == 0)
453 for_each_process (task)
455 if (task->tgid == us_proc_info.tgid)
458 get_task_struct (task);
467 ret = uninstall_us_proc_probes(task, us_proc_info.pp, US_UNREGS_PROBE);
469 EPRINTF ("failed to uninstall IPs %d!", ret);
472 put_task_struct (task);
474 printk("### 1 ### dbi_unregister_all_uprobes:\n");
475 dbi_unregister_all_uprobes(task, 1);
476 us_proc_info.tgid = 0;
477 for(i = 0; i < us_proc_info.libs_count; i++)
478 us_proc_info.p_libs[i].loaded = 0;
484 static int install_kernel_probe (unsigned long addr, int uflag, int kflag, kernel_probe_t ** pprobe)
486 kernel_probe_t *probe = NULL;
489 DPRINTF("us_proc_probes = 0x%x, uflag = 0x%x, "
490 "probes_flags = 0x%x, kflag = 0x%x",
491 us_proc_probes, uflag, probes_flags, kflag);
493 if (!(probes_flags & kflag)) {
494 iRet = add_probe_to_list (addr, &probe);
496 EPRINTF ("add_probe_to_list(0x%lx) result=%d!", addr, iRet);
499 probes_flags |= kflag;
501 if (!(us_proc_probes & uflag)) {
502 if (!(probes_flags & uflag)) {
503 iRet = register_kernel_probe (probe);
505 EPRINTF ("register_kernel_probe(0x%lx) result=%d!", addr, iRet);
509 us_proc_probes |= uflag;
518 static void install_proc_probes(struct task_struct *task, struct sspt_procs *procs, int atomic);
520 int inst_usr_space_proc (void)
523 struct task_struct *task = NULL;
525 if (!is_us_instrumentation()) {
529 DPRINTF("User space instr");
532 launchpad_daemon_dentry = dentry_by_path("/usr/bin/launchpad_preloading_preinitializing_daemon");
533 if (launchpad_daemon_dentry == NULL) {
540 app_process_dentry = dentry_by_path("/system/bin/app_process");
541 if (app_process_dentry == NULL) {
545 android_app_vma_start = 0;
546 android_app_vma_end = 0;
547 #endif /* ANDROID_APP */
549 for (i = 0; i < us_proc_info.libs_count; i++) {
550 us_proc_info.p_libs[i].loaded = 0;
552 /* check whether process is already running
553 * 1) if process is running - look for the libraries in the process maps
554 * 1.1) check if page for symbol does exist
555 * 1.1.1) if page exists - instrument it
556 * 1.1.2) if page does not exist - make sure that do_page_fault handler is installed
557 * 2) if process is not running - make sure that do_page_fault handler is installed
562 // FIXME: clear_task_inst_info();
563 for_each_process (task) {
564 struct sspt_procs *procs;
566 if (task->flags & PF_KTHREAD){
567 DPRINTF("ignored kernel thread %d\n",
572 procs = get_proc_probes_by_task_or_new(task);
573 DPRINTF("trying process");
574 install_proc_probes(task, procs, 1);
575 //put_task_struct (task);
580 ret = find_task_by_path (us_proc_info.path, &task, NULL);
583 DPRINTF("task found. installing probes");
584 us_proc_info.tgid = task->pid;
585 install_proc_probes(task, us_proc_info.pp, 0);
586 put_task_struct (task);
590 // enable 'do_page_fault' probe to detect when they will be loaded
591 ret = install_kernel_probe (pf_addr, US_PROC_PF_INSTLD, 0, &pf_probe);
594 EPRINTF ("install_kernel_probe(do_page_fault) result=%d!", ret);
597 // enable 'do_exit' probe to detect for remove task_struct
598 ret = install_kernel_probe (exit_addr, US_PROC_EXIT_INSTLD, 0, &exit_probe);
601 EPRINTF ("install_kernel_probe(do_exit) result=%d!", ret);
604 /* enable 'copy_process' */
605 ret = install_kernel_probe (cp_addr, US_PROC_CP_INSTLD, 0, &cp_probe);
608 EPRINTF ("instpall_kernel_probe(copy_process) result=%d!", ret);
612 // enable 'mm_release' probe to detect when for remove user space probes
613 ret = install_kernel_probe (mr_addr, US_PROC_MR_INSTLD, 0, &mr_probe);
616 EPRINTF ("install_kernel_probe(mm_release) result=%d!", ret);
620 // enable 'do_munmap' probe to detect when for remove user space probes
621 ret = install_kernel_probe (unmap_addr, US_PROC_UNMAP_INSTLD, 0, &unmap_probe);
624 EPRINTF ("install_kernel_probe(do_munmap) result=%d!", ret);
630 #include "../../tools/gpmu/probes/entry_data.h"
632 extern storage_arg_t sa_dpf;
634 void do_page_fault_j_pre_code(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
636 struct task_struct *task = current->group_leader;
638 if (task->flags & PF_KTHREAD) {
639 DPRINTF("ignored kernel thread %d\n", task->pid);
643 if (is_us_instrumentation()) {
644 swap_put_entry_data((void *)addr, &sa_dpf);
647 EXPORT_SYMBOL_GPL(do_page_fault_j_pre_code);
650 unsigned long imi_sum_time = 0;
651 unsigned long imi_sum_hit = 0;
652 EXPORT_SYMBOL_GPL (imi_sum_time);
653 EXPORT_SYMBOL_GPL (imi_sum_hit);
655 static void set_mapping_file(struct sspt_file *file,
656 const struct sspt_procs *procs,
657 const struct task_struct *task,
658 const struct vm_area_struct *vma)
660 int app_flag = (vma->vm_file->f_dentry == procs->dentry);
662 file->vm_start = vma->vm_start;
663 file->vm_end = vma->vm_end;
665 pack_event_info(DYN_LIB_PROBE_ID, RECORD_ENTRY, "dspdd",
666 task->tgid, file->name, vma->vm_start,
667 vma->vm_end - vma->vm_start, app_flag);
670 void print_vma(struct mm_struct *mm);
672 static int register_us_page_probe(struct sspt_page *page,
673 const struct sspt_file *file,
674 struct task_struct *task)
679 spin_lock(&page->lock);
681 if (sspt_page_is_install(page)) {
682 printk("page %lx in %s task[tgid=%u, pid=%u] already installed\n",
683 page->offset, file->dentry->d_iname, task->tgid, task->pid);
688 sspt_page_assert_install(page);
689 sspt_set_all_ip_addr(page, file);
691 list_for_each_entry(ip, &page->ip_list, list) {
692 err = register_usprobe_my(task, ip);
699 sspt_page_installed(page);
702 spin_unlock(&page->lock);
707 static int unregister_us_page_probe(struct task_struct *task,
708 struct sspt_page *page, enum US_FLAGS flag)
713 spin_lock(&page->lock);
714 if (!sspt_page_is_install(page)) {
715 spin_unlock(&page->lock);
719 list_for_each_entry(ip, &page->ip_list, list) {
720 err = unregister_usprobe_my(task, ip, flag);
727 if (flag != US_DISARM) {
728 sspt_page_uninstalled(page);
730 spin_unlock(&page->lock);
735 static void install_page_probes(unsigned long page_addr, struct task_struct *task, struct sspt_procs *procs, int atomic)
738 struct mm_struct *mm;
739 struct vm_area_struct *vma;
741 mm_read_lock(task, mm, atomic, lock);
743 vma = find_vma(mm, page_addr);
744 if (vma && check_vma(vma)) {
745 struct dentry *dentry = vma->vm_file->f_dentry;
746 struct sspt_file *file = sspt_procs_find_file(procs, dentry);
748 struct sspt_page *page;
750 set_mapping_file(file, procs, task, vma);
754 page = sspt_find_page_mapped(file, page_addr);
756 register_us_page_probe(page, file, task);
761 mm_read_unlock(mm, atomic, lock);
764 static void install_file_probes(struct task_struct *task, struct mm_struct *mm, struct sspt_file *file)
766 struct sspt_page *page = NULL;
767 struct hlist_node *node = NULL;
768 struct hlist_head *head = NULL;
769 int i, table_size = (1 << file->page_probes_hash_bits);
771 for (i = 0; i < table_size; ++i) {
772 head = &file->page_probes_table[i];
773 hlist_for_each_entry_rcu(page, node, head, hlist) {
774 if (page_present(mm, page->offset)) {
775 register_us_page_probe(page, file, task);
781 static void install_proc_probes(struct task_struct *task, struct sspt_procs *procs, int atomic)
784 struct vm_area_struct *vma;
785 struct mm_struct *mm;
787 mm_read_lock(task, mm, atomic, lock);
789 for (vma = mm->mmap; vma; vma = vma->vm_next) {
790 if (check_vma(vma)) {
791 struct dentry *dentry = vma->vm_file->f_dentry;
792 struct sspt_file *file = sspt_procs_find_file(procs, dentry);
795 set_mapping_file(file, procs, task, vma);
799 install_file_probes(task, mm, file);
804 mm_read_unlock(mm, atomic, lock);
807 static int check_install_pages_in_file(struct task_struct *task, struct sspt_file *file)
810 int table_size = (1 << file->page_probes_hash_bits);
811 struct sspt_page *page;
812 struct hlist_node *node, *tmp;
813 struct hlist_head *head;
815 for (i = 0; i < table_size; ++i) {
816 head = &file->page_probes_table[i];
817 hlist_for_each_entry_safe (page, node, tmp, head, hlist) {
827 static int unregister_us_file_probes(struct task_struct *task, struct sspt_file *file, enum US_FLAGS flag)
830 int table_size = (1 << file->page_probes_hash_bits);
831 struct sspt_page *page;
832 struct hlist_node *node, *tmp;
833 struct hlist_head *head;
835 for (i = 0; i < table_size; ++i) {
836 head = &file->page_probes_table[i];
837 hlist_for_each_entry_safe (page, node, tmp, head, hlist) {
838 err = unregister_us_page_probe(task, page, flag);
846 if (flag != US_DISARM) {
853 static int uninstall_us_proc_probes(struct task_struct *task, struct sspt_procs *procs, enum US_FLAGS flag)
856 struct sspt_file *file;
858 list_for_each_entry_rcu(file, &procs->file_list, list) {
859 err = unregister_us_file_probes(task, file, flag);
869 static pid_t find_proc_by_task(const struct task_struct *task, struct dentry *dentry)
871 struct vm_area_struct *vma;
872 struct mm_struct *mm = task->active_mm;
877 for (vma = mm->mmap; vma; vma = vma->vm_next) {
878 if (check_vma(vma)) {
879 if (vma->vm_file->f_dentry == dentry) {
883 if (is_slp_app_with_dentry(vma, dentry)) {
888 if (is_android_app_with_dentry(vma, dentry)) {
891 #endif /* ANDROID_APP */
898 void do_page_fault_ret_pre_code (void)
900 struct task_struct *task = current->group_leader;
901 struct mm_struct *mm = task->mm;
902 struct sspt_procs *procs = NULL;
904 * Because process threads have same address space
905 * we instrument only group_leader of all this threads
907 unsigned long addr = 0;
911 struct timeval imi_tv1;
912 struct timeval imi_tv2;
913 #define USEC_IN_SEC_NUM 1000000
915 if (task->flags & PF_KTHREAD) {
916 DPRINTF("ignored kernel thread %d\n", task->pid);
920 if (!is_us_instrumentation()) {
924 addr = (unsigned long)swap_get_entry_data(&sa_dpf);
927 printk("WARNING: do_page_fault_ret_pre_code addr = 0\n");
934 valid_addr = mm && page_present(mm, addr);
940 procs = get_proc_probes_by_task_or_new(task);
943 if (us_proc_info.tgid == 0) {
944 pid_t tgid = find_proc_by_task(task, us_proc_info.m_f_dentry);
946 us_proc_info.tgid = gl_nNotifyTgid = tgid;
948 /* install probes in already mapped memory */
949 install_proc_probes(task, us_proc_info.pp, 1);
953 if (us_proc_info.tgid == task->tgid) {
954 procs = us_proc_info.pp;
959 unsigned long page = addr & PAGE_MASK;
962 do_gettimeofday(&imi_tv1);
963 install_page_probes(page, task, procs, 1);
964 do_gettimeofday(&imi_tv2);
966 imi_sum_time += ((imi_tv2.tv_sec - imi_tv1.tv_sec) * USEC_IN_SEC_NUM +
967 (imi_tv2.tv_usec - imi_tv1.tv_usec));
971 EXPORT_SYMBOL_GPL(do_page_fault_ret_pre_code);
974 void do_exit_probe_pre_code (void)
978 EXPORT_SYMBOL_GPL(do_exit_probe_pre_code);
980 void print_vma(struct mm_struct *mm)
982 struct vm_area_struct *vma;
983 printk("### print_vma: START\n");\
984 printk("### print_vma: START\n");
986 for (vma = mm->mmap; vma; vma = vma->vm_next) {
987 char *x = vma->vm_flags & VM_EXEC ? "x" : "-";
988 char *r = vma->vm_flags & VM_READ ? "r" : "-";
989 char *w = vma->vm_flags & VM_WRITE ? "w" : "-";
990 char *name = vma->vm_file ? (char *)vma->vm_file->f_dentry->d_iname : "N/A";
992 printk("### [%8lx..%8lx] %s%s%s pgoff=\'%8lu\' %s\n",
993 vma->vm_start, vma->vm_end, x, r, w, vma->vm_pgoff, name);
995 printk("### print_vma: END\n");
998 static int remove_unmap_probes(struct task_struct *task, struct sspt_procs *procs, unsigned long start, size_t len)
1000 struct mm_struct *mm = task->mm;
1001 struct vm_area_struct *vma;
1003 if ((start & ~PAGE_MASK) || start > TASK_SIZE || len > TASK_SIZE - start) {
1007 if ((len = PAGE_ALIGN(len)) == 0) {
1011 vma = find_vma(mm, start);
1012 if (vma && check_vma(vma)) {
1013 struct sspt_file *file;
1014 unsigned long end = start + len;
1015 struct dentry *dentry = vma->vm_file->f_dentry;
1017 file = sspt_procs_find_file(procs, dentry);
1019 if (vma->vm_start == start || vma->vm_end == end) {
1020 unregister_us_file_probes(task, file, US_NOT_RP2);
1023 unsigned long page_addr;
1024 struct sspt_page *page;
1026 for (page_addr = vma->vm_start; page_addr < vma->vm_end; page_addr += PAGE_SIZE) {
1027 page = sspt_find_page_mapped(file, page_addr);
1029 unregister_us_page_probe(task, page, US_NOT_RP2);
1033 if (check_install_pages_in_file(task, file)) {
1043 void do_munmap_probe_pre_code(struct mm_struct *mm, unsigned long start, size_t len)
1045 struct sspt_procs *procs = NULL;
1046 struct task_struct *task = current;
1048 //if user-space instrumentation is not set
1049 if (!is_us_instrumentation()) {
1054 procs = get_proc_probes_by_task(task);
1056 if (task->tgid == us_proc_info.tgid) {
1057 procs = us_proc_info.pp;
1062 if (remove_unmap_probes(task, procs, start, len)) {
1063 printk("ERROR do_munmap: start=%lx, len=%x\n", start, len);
1067 EXPORT_SYMBOL_GPL(do_munmap_probe_pre_code);
1069 void mm_release_probe_pre_code(void)
1071 struct task_struct *task = current;
1072 struct sspt_procs *procs = NULL;
1074 if (!is_us_instrumentation() || task->tgid != task->pid) {
1079 procs = get_proc_probes_by_task(task);
1081 if (task->tgid == us_proc_info.tgid) {
1082 procs = get_proc_probes_by_task(task);
1083 us_proc_info.tgid = 0;
1088 int ret = uninstall_us_proc_probes(task, procs, US_NOT_RP2);
1090 EPRINTF ("failed to uninstall IPs (%d)!", ret);
1093 dbi_unregister_all_uprobes(task, 1);
1096 EXPORT_SYMBOL_GPL(mm_release_probe_pre_code);
1099 static void recover_child(struct task_struct *child_task, struct sspt_procs *procs)
1101 uninstall_us_proc_probes(child_task, procs, US_DISARM);
1104 static void rm_uprobes_child(struct task_struct *new_task)
1107 struct sspt_procs *procs = get_proc_probes_by_task(current);
1109 recover_child(new_task, procs);
1112 if(us_proc_info.tgid == current->tgid) {
1113 recover_child(new_task, us_proc_info.pp);
1118 void copy_process_ret_pre_code(struct task_struct *p)
1123 if(p->mm != current->mm) // check flags CLONE_VM
1124 rm_uprobes_child(p);
1128 DEFINE_PER_CPU(struct us_ip *, gpCurIp) = NULL;
1129 EXPORT_PER_CPU_SYMBOL_GPL(gpCurIp);
1130 DEFINE_PER_CPU(struct pt_regs *, gpUserRegs) = NULL;
1131 EXPORT_PER_CPU_SYMBOL_GPL(gpUserRegs);
1134 unsigned long ujprobe_event_pre_handler(struct us_ip *ip, struct pt_regs *regs)
1136 __get_cpu_var (gpCurIp) = ip;
1137 __get_cpu_var (gpUserRegs) = regs;
1141 void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6)
1143 struct us_ip *ip = __get_cpu_var(gpCurIp);
1144 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1147 struct pt_regs *regs = __get_cpu_var(gpUserRegs);
1148 if (is_java_inst_enabled() && handle_java_event(regs)) {
1151 #endif /* __ANDROID */
1154 #if defined(CONFIG_ARM)
1155 if (ip->offset & 0x01)
1157 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr | 0x01, arg1, arg2, arg3, arg4, arg5, arg6);
1159 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr, arg1, arg2, arg3, arg4, arg5, arg6);
1162 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr, arg1, arg2, arg3, arg4, arg5, arg6);
1164 // Mr_Nobody: uncomment for valencia
1165 //unregister_usprobe(current, ip, 1);
1166 dbi_uprobe_return ();
1169 static void send_plt(struct us_ip *ip)
1171 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1172 struct vm_area_struct *vma = find_vma(current->mm, addr);
1174 if (vma && check_vma(vma)) {
1176 unsigned long real_addr;
1177 unsigned long real_got = vma->vm_flags & VM_EXECUTABLE ?
1179 ip->got_addr + vma->vm_start;
1181 if (!read_proc_vm_atomic(current, real_got, &real_addr, sizeof(real_addr))) {
1182 printk("Failed to read got %lx at memory address %lx!\n", ip->got_addr, real_got);
1186 vma = find_vma(current->mm, real_addr);
1187 if (vma && (vma->vm_start <= real_addr) && (vma->vm_end > real_addr)) {
1188 name = vma->vm_file ? vma->vm_file->f_dentry->d_iname : NULL;
1190 printk("Failed to get vma, includes %lx address\n", real_addr);
1195 pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "ppsp", addr, real_addr, name, real_addr - vma->vm_start);
1197 pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "ppp", addr, real_addr, real_addr - vma->vm_start);
1202 int uretprobe_event_handler(struct kretprobe_instance *probe, struct pt_regs *regs, struct us_ip *ip)
1204 int retval = regs_return_value(regs);
1205 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1207 if (ip->got_addr && ip->flag_got == 0) {
1212 #if defined(CONFIG_ARM)
1213 if (ip->offset & 0x01)
1215 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr | 0x01, retval);
1217 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr, retval);
1220 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr, retval);
1222 // Mr_Nobody: uncomment for valencia
1223 //unregister_usprobe(current, ip, 1);
1227 static int register_usprobe(struct task_struct *task, struct us_ip *ip, int atomic)
1230 ip->jprobe.kp.tgid = task->tgid;
1232 if (ip->jprobe.entry == NULL) {
1233 ip->jprobe.entry = (kprobe_opcode_t *)ujprobe_event_handler;
1234 DPRINTF("Set default event handler for %x\n", ip->offset);
1237 if (ip->jprobe.pre_entry == NULL) {
1238 ip->jprobe.pre_entry = (kprobe_pre_entry_handler_t)ujprobe_event_pre_handler;
1239 DPRINTF("Set default pre handler for %x\n", ip->offset);
1242 ip->jprobe.priv_arg = ip;
1243 ret = dbi_register_ujprobe(task, &ip->jprobe, atomic);
1245 DPRINTF ("dbi_register_ujprobe() failure %d", ret);
1249 if (ip->flag_retprobe) {
1250 // Mr_Nobody: comment for valencia
1251 ip->retprobe.kp.tgid = task->tgid;
1252 if (ip->retprobe.handler == NULL) {
1253 ip->retprobe.handler = (kretprobe_handler_t)uretprobe_event_handler;
1254 DPRINTF("Set default ret event handler for %x\n", ip->offset);
1257 ip->retprobe.priv_arg = ip;
1258 ret = dbi_register_uretprobe(task, &ip->retprobe, atomic);
1260 EPRINTF ("dbi_register_uretprobe() failure %d", ret);
1268 static int unregister_usprobe(struct task_struct *task, struct us_ip *ip, int atomic, int not_rp2)
1270 dbi_unregister_ujprobe(task, &ip->jprobe, atomic);
1272 if (ip->flag_retprobe) {
1273 dbi_unregister_uretprobe(task, &ip->retprobe, atomic, not_rp2);
1279 unsigned long get_stack_size(struct task_struct *task,
1280 struct pt_regs *regs)
1282 #ifdef CONFIG_ADD_THREAD_STACK_INFO
1283 return (task->stack_start - dbi_get_stack_ptr(regs));
1285 struct vm_area_struct *vma = NULL;
1286 struct mm_struct *mm = NULL;
1287 unsigned long result = 0;
1288 int atomic = in_atomic();
1290 mm = (atomic ? task->active_mm: get_task_mm(task));
1294 down_read(&mm->mmap_sem);
1296 vma = find_vma(mm, dbi_get_stack_ptr(regs));
1299 result = vma->vm_end - dbi_get_stack_ptr(regs);
1304 up_read(&mm->mmap_sem);
1312 EXPORT_SYMBOL_GPL(get_stack_size);
1314 unsigned long get_stack(struct task_struct *task, struct pt_regs *regs,
1315 char *buf, unsigned long sz)
1317 unsigned long stack_sz = get_stack_size(task, regs);
1318 unsigned long real_sz = (stack_sz > sz ? sz: stack_sz);
1319 int res = read_proc_vm_atomic(task, dbi_get_stack_ptr(regs), buf, real_sz);
1322 EXPORT_SYMBOL_GPL(get_stack);
1324 int dump_to_trace(probe_id_t probe_id, void *addr, const char *buf,
1327 unsigned long rest_sz = sz;
1328 const char *data = buf;
1330 while (rest_sz >= EVENT_MAX_SIZE) {
1331 pack_event_info(probe_id, RECORD_ENTRY, "pa",
1332 addr, EVENT_MAX_SIZE, data);
1333 rest_sz -= EVENT_MAX_SIZE;
1334 data += EVENT_MAX_SIZE;
1338 pack_event_info(probe_id, RECORD_ENTRY, "pa", addr, rest_sz, data);
1342 EXPORT_SYMBOL_GPL(dump_to_trace);
1344 int dump_backtrace(probe_id_t probe_id, struct task_struct *task,
1345 void *addr, struct pt_regs *regs, unsigned long sz)
1347 unsigned long real_sz = 0;
1350 buf = (char *)kmalloc(sz, GFP_ATOMIC);
1353 real_sz = get_stack(task, regs, buf, sz);
1355 dump_to_trace(probe_id, addr, buf, real_sz);
1362 EXPORT_SYMBOL_GPL(dump_backtrace);
1364 unsigned long get_ret_addr(struct task_struct *task, struct us_ip *ip)
1366 unsigned long retaddr = 0;
1367 struct hlist_node *item, *tmp_node;
1368 struct kretprobe_instance *ri;
1371 hlist_for_each_safe (item, tmp_node, &ip->retprobe.used_instances) {
1372 ri = hlist_entry (item, struct kretprobe_instance, uflist);
1374 if (ri->task && ri->task->pid == task->pid &&
1375 ri->task->tgid == task->tgid)
1376 retaddr = (unsigned long)ri->ret_addr;
1383 return dbi_get_ret_addr(task_pt_regs(task));
1385 EXPORT_SYMBOL_GPL(get_ret_addr);
projects / kernel / swap-modules.git / blob