1 ////////////////////////////////////////////////////////////////////////////////////
3 // FILE: us_proc_inst.c
6 // This file is C source for SWAP driver.
8 // SEE ALSO: us_proc_inst.h
9 // AUTHOR: A.Gerenkov, E. Gorelkina
10 // COMPANY NAME: Samsung Research Center in Moscow
11 // DEPT NAME: Advanced Software Group
12 // CREATED: 2008.06.02
14 // REVISION DATE: 2008.12.02
16 ////////////////////////////////////////////////////////////////////////////////////
19 #include "us_proc_inst.h"
21 #include "../kprobe/dbi_kprobes_deps.h"
22 #include "../kprobe/dbi_uprobes.h"
24 DEFINE_PER_CPU (us_proc_vtp_t *, gpVtp) = NULL;
25 DEFINE_PER_CPU (struct pt_regs *, gpCurVtpRegs) = NULL;
27 #if defined(CONFIG_MIPS)
28 # define ARCH_REG_VAL(regs, idx) regs->regs[idx]
29 #elif defined(CONFIG_ARM)
30 # define ARCH_REG_VAL(regs, idx) regs->uregs[idx]
32 # define ARCH_REG_VAL(regs, idx) 0
33 # warning ARCH_REG_VAL is not implemented for this architecture. FBI will work improperly or even crash!!!
36 unsigned long (*dbi_ujprobe_event_pre_handler_custom_p)
37 (us_proc_ip_t *, struct pt_regs *) = NULL;
38 EXPORT_SYMBOL(dbi_ujprobe_event_pre_handler_custom_p);
39 void (*dbi_ujprobe_event_handler_custom_p)(void) = NULL;
40 EXPORT_SYMBOL(dbi_ujprobe_event_handler_custom_p);
41 int (*dbi_uretprobe_event_handler_custom_p)
42 (struct kretprobe_instance *, struct pt_regs *, us_proc_ip_t *) = NULL;
43 EXPORT_SYMBOL(dbi_uretprobe_event_handler_custom_p);
45 unsigned long ujprobe_event_pre_handler (us_proc_ip_t * ip, struct pt_regs *regs);
46 void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6);
47 int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *regs, us_proc_ip_t * ip);
49 static int register_usprobe (struct task_struct *task, struct mm_struct *mm, us_proc_ip_t * ip, int atomic, kprobe_opcode_t * islot);
50 static int unregister_usprobe (struct task_struct *task, us_proc_ip_t * ip, int atomic);
54 struct task_inst_info_node {
55 struct list_head plist;
56 inst_us_proc_t * task_inst_info;
59 LIST_HEAD(task_inst_info_list);
62 struct dentry *launchpad_daemon_dentry = NULL;
63 EXPORT_SYMBOL_GPL(launchpad_daemon_dentry);
67 unsigned long android_app_vma_start = 0;
68 unsigned long android_app_vma_end = 0;
69 struct dentry *app_process_dentry = NULL;
70 #endif /* ANDROID_APP */
73 struct dentry *libdvm_dentry = NULL;
74 /* Defines below are for libdvm.so with md5sum:
75 * 5941c87b49198368e7db726c2977bf1d */
76 #define LIBDVM_ENTRY 0x30a64
77 #define LIBDVM_RETURN 0x30bdc
78 #endif /* __ANDROID */
80 us_proc_otg_ip_t *find_otg_probe(unsigned long addr)
84 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
85 if (p->ip.offset == addr) {
93 int add_otg_probe_to_list(unsigned long addr, us_proc_otg_ip_t **pprobe)
95 us_proc_otg_ip_t *new_probe;
96 us_proc_otg_ip_t *probe;
101 /* check if such probe does already exist */
102 probe = find_otg_probe(addr);
107 new_probe = kmalloc(sizeof(us_proc_otg_ip_t), GFP_KERNEL);
109 EPRINTF ("no memory for new probe!");
112 memset(new_probe,0, sizeof(us_proc_otg_ip_t));
114 new_probe->ip.offset = addr;
115 new_probe->ip.jprobe.kp.addr =
116 new_probe->ip.retprobe.kp.addr = (kprobe_opcode_t *)addr;
117 new_probe->ip.jprobe.priv_arg =
118 new_probe->ip.retprobe.priv_arg = new_probe;
120 INIT_LIST_HEAD(&new_probe->list);
121 list_add_rcu(&new_probe->list, &otg_us_proc_info);
129 int remove_otg_probe_from_list(unsigned long addr)
133 //check if such probe does exist
134 p = find_otg_probe(addr);
136 /* We do not care about it. Nothing bad. */
140 list_del_rcu(&p->list);
148 * Prepare copy of instrumentation data for task
149 * in case of library only instrumentation
152 inst_us_proc_t* copy_task_inst_info (struct task_struct *task, inst_us_proc_t * task_inst_info)
155 kprobe_opcode_t *entry_save;
156 kprobe_pre_entry_handler_t pre_entry_save;
157 kretprobe_handler_t handler_save;
159 inst_us_proc_t* copy_info = 0;
161 int unres_ips_count = 0, unres_vtps_count = 0;
163 copy_info = kmalloc (sizeof (inst_us_proc_t), GFP_ATOMIC);
164 memset ((void *) copy_info, 0, sizeof (inst_us_proc_t));
166 copy_info->path = task_inst_info->path;
167 copy_info->m_f_dentry = NULL;
169 copy_info->libs_count = task_inst_info->libs_count;
171 kmalloc (task_inst_info->libs_count * sizeof (us_proc_lib_t), GFP_ATOMIC);
173 if (!copy_info->p_libs) {
174 DPRINTF ("No enough memory for copy_info->p_libs");
177 memcpy (copy_info->p_libs, task_inst_info->p_libs,
178 copy_info->libs_count * sizeof (us_proc_lib_t));
180 for (i = 0; i < copy_info->libs_count; i++) {
181 if (copy_info->p_libs[i].ips_count > 0)
183 unres_ips_count += copy_info->p_libs[i].ips_count;
185 copy_info->p_libs[i].p_ips =
186 kmalloc (copy_info->p_libs[i].ips_count * sizeof (us_proc_ip_t), GFP_ATOMIC);
188 if (!copy_info->p_libs[i].p_ips) {
189 DPRINTF ("No enough memory for copy_info->p_libs[i].p_ips");
193 memcpy (copy_info->p_libs[i].p_ips, task_inst_info->p_libs[i].p_ips,
194 copy_info->p_libs[i].ips_count * sizeof (us_proc_ip_t));
195 for (j = 0; j < copy_info->p_libs[i].ips_count; j++) {
197 entry_save = copy_info->p_libs[i].p_ips[j].jprobe.entry;
198 pre_entry_save = copy_info->p_libs[i].p_ips[j].jprobe.pre_entry;
199 handler_save = copy_info->p_libs[i].p_ips[j].retprobe.handler;
201 copy_info->p_libs[i].p_ips[j].installed = 0;
202 memset(©_info->p_libs[i].p_ips[j].jprobe, 0, sizeof(struct jprobe));
203 memset(©_info->p_libs[i].p_ips[j].retprobe, 0, sizeof(struct kretprobe));
206 copy_info->p_libs[i].p_ips[j].jprobe.entry = entry_save;
207 copy_info->p_libs[i].p_ips[j].jprobe.pre_entry = pre_entry_save;
208 copy_info->p_libs[i].p_ips[j].retprobe.handler = handler_save;
211 unres_ips_count += copy_info->p_libs[i].ips_count;
214 if (copy_info->p_libs[i].vtps_count > 0) {
215 unres_vtps_count += copy_info->p_libs[i].vtps_count;
217 copy_info->p_libs[i].p_vtps =
218 kmalloc (copy_info->p_libs[i].vtps_count * sizeof (us_proc_vtp_t), GFP_ATOMIC);
220 if (!copy_info->p_libs[i].p_vtps) {
221 DPRINTF ("No enough memory for copy_info->p_libs[i].p_vtps");
225 memcpy (copy_info->p_libs[i].p_vtps, task_inst_info->p_libs[i].p_vtps,
226 copy_info->p_libs[i].vtps_count * sizeof (us_proc_vtp_t));
227 for (j = 0; j < copy_info->p_libs[i].vtps_count; j++) {
228 copy_info->p_libs[i].p_vtps[j].installed = 0;
229 memset (©_info->p_libs[i].p_vtps[j].jprobe, 0, sizeof(struct jprobe));
231 unres_vtps_count = copy_info->p_libs[i].vtps_count;
234 copy_info->p_libs[i].m_f_dentry = task_inst_info->p_libs[i].m_f_dentry;
235 copy_info->p_libs[i].loaded = 0;
237 copy_info->unres_ips_count = unres_ips_count;
238 copy_info->unres_vtps_count = unres_vtps_count;
243 inst_us_proc_t* get_task_inst_node(struct task_struct *task)
245 struct task_inst_info_node *node, *tnode;
247 list_for_each_entry_safe(node, tnode, &task_inst_info_list, plist)
249 if (node && task && node->tgid == task->tgid) {
250 return node->task_inst_info;
256 void put_task_inst_node(struct task_struct *task, inst_us_proc_t *task_inst_info)
258 struct task_inst_info_node * node;
260 node = kmalloc (sizeof(struct task_inst_info_node), GFP_ATOMIC);
262 node->tgid = task->tgid;
263 node->task_inst_info = task_inst_info;
265 list_add_tail (&(node->plist), &task_inst_info_list);
269 void clear_task_inst_info(void)
271 struct list_head *node, *tmp;
273 list_for_each_safe(node, tmp, &task_inst_info_list)
278 static int is_slp_app_with_dentry(struct vm_area_struct *vma,
279 struct dentry *dentry)
281 struct vm_area_struct *slp_app_vma = NULL;
283 if (vma->vm_file->f_dentry == launchpad_daemon_dentry) {
285 while (slp_app_vma) {
286 if (slp_app_vma->vm_file) {
287 if (slp_app_vma->vm_file->f_dentry == dentry &&
288 slp_app_vma->vm_pgoff == 0) {
292 slp_app_vma = slp_app_vma->vm_next;
301 static int is_android_app_with_dentry(struct vm_area_struct *vma,
302 struct dentry *dentry)
304 struct vm_area_struct *android_app_vma = NULL;
306 if (vma->vm_file->f_dentry == app_process_dentry) {
307 android_app_vma = vma;
308 while (android_app_vma) {
309 if (android_app_vma->vm_file) {
310 if (android_app_vma->vm_file->f_dentry == dentry) {
311 android_app_vma_start = android_app_vma->vm_start;
312 android_app_vma_end = android_app_vma->vm_end;
316 android_app_vma = android_app_vma->vm_next;
322 #endif /* ANDROID_APP */
325 void find_libdvm_for_task(struct task_struct *task, inst_us_proc_t *info)
327 struct vm_area_struct *vma = NULL;
328 struct mm_struct *mm = NULL;
330 mm = get_task_mm(task);
335 if (vma->vm_file->f_dentry == libdvm_dentry) {
336 info->libdvm_start = vma->vm_start;
337 info->libdvm_end = vma->vm_end;
346 #endif /* __ANDROID */
348 static int find_task_by_path (const char *path, struct task_struct **p_task, struct list_head *tids)
351 struct task_struct *task;
352 struct vm_area_struct *vma;
353 struct mm_struct *mm;
354 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
356 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
358 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
362 /* find corresponding dir entry, this is also check for valid path */
363 // TODO: test - try to instrument process with non-existing path
364 // TODO: test - try to instrument process with existing path and delete file just after start
365 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
366 if (kern_path(us_proc_info.path, LOOKUP_FOLLOW, &s_path) != 0) {
367 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
368 if (path_lookup(us_proc_info.path, LOOKUP_FOLLOW, &nd) != 0) {
369 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
370 EPRINTF ("failed to lookup dentry for path %s!", path);
375 for_each_process (task) {
377 if ( 0 != inst_pid && ( inst_pid != task->pid ) )
380 mm = get_task_mm(task);
385 if ((vma->vm_flags & VM_EXECUTABLE) && vma->vm_file) {
386 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
387 if (vma->vm_file->f_dentry == nd.dentry) {
389 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
390 if (vma->vm_file->f_dentry == s_path.dentry ) {
391 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
392 if (vma->vm_file->f_dentry == nd.path.dentry ) {
393 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
397 get_task_struct (task);
403 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
404 if (is_slp_app_with_dentry(vma, nd.dentry)) {
406 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
407 if (is_slp_app_with_dentry(vma, s_path.dentry)) {
408 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
409 if (is_slp_app_with_dentry(vma, nd.path.dentry)) {
410 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
413 get_task_struct(task);
419 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
420 if (is_android_app_with_dentry(vma, nd.dentry)) {
422 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
423 if (is_android_app_with_dentry(vma, s_path.dentry)) {
424 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
425 if (is_android_app_with_dentry(vma, nd.path.dentry)) {
426 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
429 get_task_struct(task);
432 #endif /* ANDROID_APP */
436 // only decrement usage count on mm since we cannot sleep here
437 atomic_dec(&mm->mm_users);
444 DPRINTF ("found pid %d for %s.", (*p_task)->pid, path);
445 *p_task = (*p_task)->group_leader;
446 gl_nNotifyTgid = (*p_task)->tgid;
448 DPRINTF ("pid for %s not found!", path);
451 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
454 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
456 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
458 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
464 static void us_vtp_event_pre_handler (us_proc_vtp_t * vtp, struct pt_regs *regs)
466 __get_cpu_var(gpVtp) = vtp;
467 __get_cpu_var(gpCurVtpRegs) = regs;
470 static void us_vtp_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6)
472 us_proc_vtp_t *vtp = __get_cpu_var(gpVtp);
473 #if !defined(CONFIG_X86)
474 struct pt_regs *regs = __get_cpu_var(gpCurVtpRegs);
480 us_proc_vtp_data_t *vtp_data;
486 list_for_each_entry_rcu (vtp_data, &vtp->list, list) {
487 // DPRINTF ("[%d]proc %s(%d): %lx", nCount++, current->comm, current->pid, vtp->addr);
488 fmt[1] = vtp_data->type;
489 if (vtp_data->reg == -1)
490 vaddr = vtp_data->off;
492 vaddr = ARCH_REG_VAL (regs, vtp_data->reg) + vtp_data->off;
493 // DPRINTF ("VTP type '%c'", vtp_data->type);
494 switch (vtp_data->type)
499 if (read_proc_vm_atomic (current, vaddr, &ival, sizeof (ival)) < sizeof (ival))
500 EPRINTF ("failed to read vm of proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
502 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, ival, vtp_data->name);
505 if (read_proc_vm_atomic (current, vaddr, &ival, sizeof (ival)) < sizeof (ival))
506 EPRINTF ("failed to read vm of proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
508 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, ival, vtp_data->name);
511 if (read_proc_vm_atomic (current, vaddr, &cval, sizeof (cval)) < sizeof (cval))
512 EPRINTF ("failed to read vm of proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
514 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, cval, vtp_data->name);
517 if (current->active_mm) {
519 struct vm_area_struct *vma;
522 if (get_user_pages_atomic (current, current->active_mm, vaddr, 1, 0, 1, &page, &vma) <= 0) {
523 EPRINTF ("get_user_pages_atomic failed for proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
526 maddr = kmap_atomic (page, KM_USER0);
527 len = strlen (maddr + (vaddr & ~PAGE_MASK));
528 sval = kmalloc (len + 1, GFP_KERNEL);
530 EPRINTF ("failed to alloc memory for string in proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
532 copy_from_user_page (vma, page, vaddr, sval, maddr + (vaddr & ~PAGE_MASK), len + 1);
533 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, sval, vtp_data->name);
536 kunmap_atomic (maddr, KM_USER0);
537 page_cache_release (page);
540 EPRINTF ("task %s/%u has no mm!", current->comm, current->pid);
543 EPRINTF ("unknown variable type '%c'", vtp_data->type);
546 dbi_uprobe_return ();
549 static int install_mapped_ips (struct task_struct *task, inst_us_proc_t* task_inst_info, int atomic)
551 struct vm_area_struct *vma;
554 unsigned int old_ips_count, old_vtps_count;
556 struct task_struct *t;
557 struct mm_struct *mm;
559 mm = atomic ? task->active_mm : get_task_mm (task);
561 return task_inst_info->unres_ips_count + task_inst_info->unres_vtps_count;
563 old_ips_count = task_inst_info->unres_ips_count;
564 old_vtps_count = task_inst_info->unres_vtps_count;
566 down_read (&mm->mmap_sem);
569 // skip non-text section
571 if (vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC) || !vma->vm_file || (vma->vm_flags & VM_ACCOUNT) ||
572 !(vma->vm_flags & (VM_WRITE | VM_MAYWRITE)) ||
573 !(vma->vm_flags & (VM_READ | VM_MAYREAD))) {
575 if (vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC) || !vma->vm_file) {
581 * After process was forked, some time it inherits parent process environment.
582 * We need to renew instrumentation when we detect that process gets own environment.
584 for (i = 0; i < task_inst_info->libs_count; i++) {
585 // struct path tmp_path;
586 // tmp_path.dentry = task_inst_info->p_libs[i].m_f_dentry;
587 // tmp_path.mnt = task_inst_info->p_libs[i].m_vfs_mount;
588 // char* p_path = d_path ( &tmp_path, path_buffer, 255 );
589 // DPRINTF("f_dentry:%x m_f_dentry:%x path:%s", vma->vm_file->f_dentry,
590 // task_inst_info->p_libs[i].m_f_dentry, p_path );
592 //TODO: test - try to instrument non-existing libs
593 if (vma->vm_file->f_dentry == task_inst_info->p_libs[i].m_f_dentry) {
594 // DPRINTF("vm_flags:%x loaded:%x ips_count:%d vtps_count:%d",
595 // vma->vm_flags, task_inst_info->p_libs[i].loaded,
596 // task_inst_info->p_libs[i].ips_count, task_inst_info->p_libs[i].vtps_count );
597 if (!task_inst_info->p_libs[i].loaded) {
598 // DPRINTF("!VM_EXECUTABLE && !loaded");
600 int app_flag = (vma->vm_file->f_dentry == task_inst_info->m_f_dentry);
601 DPRINTF ("post dyn lib event %s/%s", current->comm, task_inst_info->p_libs[i].path);
602 // if we installed something, post library info for those IPs
603 p = strrchr(task_inst_info->p_libs[i].path, '/');
605 p = task_inst_info->p_libs[i].path;
608 task_inst_info->p_libs[i].loaded = 1;
609 pack_event_info (DYN_LIB_PROBE_ID, RECORD_ENTRY, "dspdd",
610 task->tgid, p, vma->vm_start, vma->vm_end-vma->vm_start, app_flag);
612 for (k = 0; k < task_inst_info->p_libs[i].ips_count; k++) {
613 DPRINTF("ips_count current:%d", k);
614 if (!task_inst_info->p_libs[i].p_ips[k].installed) {
615 DPRINTF("!installed");
616 addr = task_inst_info->p_libs[i].p_ips[k].offset;
617 addr += vma->vm_start;
618 if (page_present (mm, addr)) {
619 DPRINTF ("pid %d, %s sym is loaded at %lx/%lx.",
620 task->pid, task_inst_info->p_libs[i].path,
621 task_inst_info->p_libs[i].p_ips[k].offset, addr);
622 task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr = (kprobe_opcode_t *) addr;
623 task_inst_info->p_libs[i].p_ips[k].retprobe.kp.addr = (kprobe_opcode_t *) addr;
624 task_inst_info->p_libs[i].p_ips[k].installed = 1;
625 task_inst_info->unres_ips_count--;
626 err = register_usprobe (task, mm, &task_inst_info->p_libs[i].p_ips[k], atomic, 0);
628 DPRINTF ("failed to install IP at %lx/%p. Error %d!",
629 task_inst_info->p_libs[i].p_ips[k].offset,
630 task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr, err);
635 for (k = 0; k < task_inst_info->p_libs[i].vtps_count; k++) {
636 DPRINTF("vtps_count current:%d", k);
637 if (!task_inst_info->p_libs[i].p_vtps[k].installed) {
638 DPRINTF("!installed");
639 addr = task_inst_info->p_libs[i].p_vtps[k].addr;
640 if (!(vma->vm_flags & VM_EXECUTABLE))
641 addr += vma->vm_start;
642 if (page_present (mm, addr)) {
643 DPRINTF ("pid %d, %s sym is loaded at %lx/%lx.",
644 task->pid, task_inst_info->p_libs[i].path,
645 task_inst_info->p_libs[i].p_ips[k].offset, addr);
646 task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.tgid = task_inst_info->tgid;
647 task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.addr = (kprobe_opcode_t *) addr;
648 task_inst_info->p_libs[i].p_vtps[k].jprobe.entry = (kprobe_opcode_t *) us_vtp_event_handler;
649 task_inst_info->p_libs[i].p_vtps[k].jprobe.pre_entry = (kprobe_pre_entry_handler_t) us_vtp_event_pre_handler;
650 task_inst_info->p_libs[i].p_vtps[k].jprobe.priv_arg = &task_inst_info->p_libs[i].p_vtps[k];
651 task_inst_info->p_libs[i].p_vtps[k].installed = 1;
652 task_inst_info->unres_vtps_count--;
653 err = dbi_register_ujprobe (task, mm, &task_inst_info->p_libs[i].p_vtps[k].jprobe, atomic);
655 EPRINTF ("failed to install VTP at %p. Error %d!",
656 task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.addr, err);
664 if (is_java_inst_enabled()
665 && vma->vm_file->f_dentry == libdvm_dentry) {
666 us_proc_ip_t *entp = &task_inst_info->libdvm_entry_ip;
668 && task_inst_info->libdvm_start) {
669 unsigned long addr = LIBDVM_ENTRY + task_inst_info->libdvm_start;
670 if (page_present(mm, addr)) {
671 entp->jprobe.kp.tgid = task->tgid;
672 entp->jprobe.pre_entry = ujprobe_event_pre_handler;
673 entp->jprobe.entry = ujprobe_event_handler;
674 entp->jprobe.priv_arg = entp;
675 entp->jprobe.kp.addr = addr;
676 entp->retprobe.kp.tgid = task->tgid;
677 entp->retprobe.handler = uretprobe_event_handler;
678 entp->retprobe.priv_arg = entp;
679 entp->retprobe.kp.addr = addr;
680 err = register_usprobe(task, mm, entp, atomic, 0);
682 DPRINTF("failed to install IP at %p", addr);
687 us_proc_ip_t *retp = &task_inst_info->libdvm_return_ip;
689 && task_inst_info->libdvm_start) {
690 unsigned long addr = LIBDVM_RETURN + task_inst_info->libdvm_start;
691 if (page_present(mm, addr)) {
692 retp->jprobe.kp.tgid = task->tgid;
693 retp->jprobe.pre_entry = ujprobe_event_pre_handler;
694 retp->jprobe.entry = ujprobe_event_handler;
695 retp->jprobe.priv_arg = retp;
696 retp->jprobe.kp.addr = addr;
697 retp->retprobe.kp.tgid = task->tgid;
698 retp->retprobe.handler = uretprobe_event_handler;
699 retp->retprobe.priv_arg = retp;
700 retp->retprobe.kp.addr = addr;
701 err = register_usprobe(task, mm, retp, atomic, 0);
703 DPRINTF("failed to install IP at %p", addr);
709 #endif /* __ANDROID */
712 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
713 if (p->ip.installed) {
717 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 26)
718 t = find_task_by_pid(p->tgid);
720 t = pid_task(find_pid_ns(p->tgid, &init_pid_ns),
728 DPRINTF("task for pid %d not found! Dead probe?",
735 if (!page_present(t->active_mm, p->ip.offset)) {
736 DPRINTF("Page isn't present for %p.",
741 err = register_usprobe(current, t->active_mm,
744 DPRINTF("failed to install IP at %lx/%p. Error %d!",
746 p->ip.jprobe.kp.addr, err);
749 task_inst_info->unres_otg_ips_count--;
752 up_read (&mm->mmap_sem);
755 return task_inst_info->unres_ips_count + task_inst_info->unres_vtps_count;
758 static int install_otg_ip(unsigned long addr,
759 unsigned long pre_handler,
760 unsigned long jp_handler,
761 unsigned long rp_handler)
764 us_proc_otg_ip_t *pprobe;
765 struct mm_struct *mm;
767 inst_us_proc_t *task_inst_info = NULL;
768 struct task_struct *task;
770 /* Probe preparing */
771 err = add_otg_probe_to_list(addr, &pprobe);
774 DPRINTF("OTG probe %p already installed.", addr);
777 DPRINTF("Failed to add new OTG probe, err=%d",err);
782 pprobe->ip.jprobe.pre_entry =
783 (kprobe_pre_entry_handler_t)pre_handler;
785 pprobe->ip.jprobe.pre_entry =
786 (kprobe_pre_entry_handler_t)
787 dbi_ujprobe_event_pre_handler_custom_p;
791 pprobe->ip.jprobe.entry =
792 (kprobe_opcode_t *)jp_handler;
794 pprobe->ip.jprobe.entry =
796 dbi_ujprobe_event_handler_custom_p;
799 pprobe->ip.retprobe.handler =
800 (kretprobe_handler_t)rp_handler;
802 pprobe->ip.retprobe.handler =
803 (kretprobe_handler_t)
804 dbi_uretprobe_event_handler_custom_p;
807 mm = get_task_mm(current);
808 if (!page_present(mm, addr)) {
809 DPRINTF("Page isn't present for %p.", addr);
811 pprobe->tgid = current->tgid;
812 task = current->group_leader;
814 task_inst_info = get_task_inst_node(task);
817 task_inst_info = copy_task_inst_info(task, &us_proc_info);
818 put_task_inst_node(task, task_inst_info);
820 us_proc_info.unres_otg_ips_count++;
821 /* Probe will be installed in do_page_fault handler */
824 DPRINTF("Page present for %p.", addr);
826 /* Probe installing */
827 pprobe->tgid = current->tgid;
828 pprobe->ip.installed = 1;
829 err = register_usprobe(current, mm, &pprobe->ip, 1, 0);
831 DPRINTF("failed to install IP at %lx/%p. Error %d!",
832 addr, pprobe->ip.jprobe.kp.addr, err);
837 EXPORT_SYMBOL_GPL(install_otg_ip);
840 static int uninstall_mapped_ips (struct task_struct *task, inst_us_proc_t* task_inst_info, int atomic)
845 for (i = 0; i < task_inst_info->libs_count; i++)
847 DPRINTF ("clear lib %s.", task_inst_info->p_libs[i].path);
848 for (k = 0; k < task_inst_info->p_libs[i].ips_count; k++)
850 if (task_inst_info->p_libs[i].p_ips[k].installed)
852 DPRINTF ("remove IP at %p.", task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr);
853 err = unregister_usprobe (task, &task_inst_info->p_libs[i].p_ips[k], atomic);
856 EPRINTF ("failed to uninstall IP at %p. Error %d!", task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr, err);
859 task_inst_info->unres_ips_count++;
860 task_inst_info->p_libs[i].p_ips[k].installed = 0;
863 for (k = 0; k < task_inst_info->p_libs[i].vtps_count; k++)
865 if (task_inst_info->p_libs[i].p_vtps[k].installed)
867 dbi_unregister_ujprobe (task, &task_inst_info->p_libs[i].p_vtps[k].jprobe, atomic);
868 task_inst_info->unres_vtps_count++;
869 task_inst_info->p_libs[i].p_vtps[k].installed = 0;
872 task_inst_info->p_libs[i].loaded = 0;
875 if (is_java_inst_enabled()) {
876 us_proc_ip_t *entp = &task_inst_info->libdvm_entry_ip;
877 if (entp->installed) {
878 unregister_usprobe(task, entp, atomic);
881 us_proc_ip_t *retp = &task_inst_info->libdvm_return_ip;
882 if (retp->installed) {
883 unregister_usprobe(task, retp, atomic);
887 #endif /* __ANDROID */
888 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
889 if (!p->ip.installed) {
892 DPRINTF("remove OTG IP at %p.", p->ip.offset);
893 err = unregister_usprobe(task, &p->ip, atomic);
895 EPRINTF("failed to uninstall IP at %p. Error %d!",
896 p->ip.jprobe.kp.addr, err);
902 DPRINTF ("Ures IPs %d.", task_inst_info->unres_ips_count);
903 DPRINTF ("Ures VTPs %d.", task_inst_info->unres_vtps_count);
907 void send_sig_jprobe_event_handler (int sig, struct siginfo *info, struct task_struct *t, struct sigpending *signals)
910 struct task_struct *task;
911 inst_us_proc_t *task_inst_info = NULL;
913 //if user-space instrumentation is not set
914 if (!us_proc_info.path)
920 if (!strcmp(us_proc_info.path,"*"))
922 task_inst_info = get_task_inst_node(t);
925 iRet = uninstall_mapped_ips (t, task_inst_info, 1);
927 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
928 dbi_unregister_all_uprobes(t, 1);
934 if (current->tgid != us_proc_info.tgid)
938 // look for another process with the same tgid
940 for_each_process (task)
942 if ((task->pid != t->pid) && (task->tgid == us_proc_info.tgid))
951 DPRINTF ("%s(%d) send_signal SIGKILL for the last target proc %s(%d)",
952 current->comm, current->pid, t->comm, t->pid);
953 iRet = uninstall_mapped_ips (t, &us_proc_info, 1);
955 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
959 static int uninstall_kernel_probe (unsigned long addr, int uflag, int kflag, kernel_probe_t ** pprobe)
961 kernel_probe_t *probe = NULL;
963 if (probes_flags & kflag) {
964 probe = find_probe(addr);
966 iRet = remove_probe_from_list (addr);
968 EPRINTF ("remove_probe_from_list(0x%lx) result=%d!", addr, iRet);
972 probes_flags &= ~kflag;
974 if (us_proc_probes & uflag) {
975 if (!(probes_flags & uflag)) {
977 iRet = unregister_kernel_probe(probe);
979 EPRINTF ("unregister_kernel_probe(0x%lx) result=%d!",
985 us_proc_probes &= ~uflag;
990 int deinst_usr_space_proc (void)
992 int iRet = 0, found = 0;
993 struct task_struct *task = 0;
994 inst_us_proc_t *task_inst_info = NULL;
996 //if user-space instrumentation is not set
997 if (!us_proc_info.path)
1000 iRet = uninstall_kernel_probe (pf_addr, US_PROC_PF_INSTLD,
1003 EPRINTF ("uninstall_kernel_probe(do_page_fault) result=%d!", iRet);
1005 iRet = uninstall_kernel_probe (cp_addr, US_PROC_CP_INSTLD,
1008 EPRINTF ("uninstall_kernel_probe(copy_process) result=%d!", iRet);
1010 iRet = uninstall_kernel_probe (mr_addr, US_PROC_MR_INSTLD,
1013 EPRINTF ("uninstall_kernel_probe(mm_release) result=%d!", iRet);
1015 iRet = uninstall_kernel_probe (exit_addr, US_PROC_EXIT_INSTLD,
1018 EPRINTF ("uninstall_kernel_probe(do_exit) result=%d!", iRet);
1020 if (!strcmp(us_proc_info.path,"*"))
1022 for_each_process (task)
1024 task_inst_info = get_task_inst_node(task);
1027 iRet = uninstall_mapped_ips (task, task_inst_info, 1);
1029 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
1030 dbi_unregister_all_uprobes(task, 1);
1036 if (us_proc_info.tgid == 0)
1039 for_each_process (task)
1041 if (task->tgid == us_proc_info.tgid)
1044 get_task_struct (task);
1053 iRet = uninstall_mapped_ips (task, &us_proc_info, 0);
1055 EPRINTF ("failed to uninstall IPs %d!", iRet);
1056 put_task_struct (task);
1057 dbi_unregister_all_uprobes(task, 1);
1058 us_proc_info.tgid = 0;
1059 for(i = 0; i < us_proc_info.libs_count; i++)
1060 us_proc_info.p_libs[i].loaded = 0;
1066 static int install_kernel_probe (unsigned long addr, int uflag, int kflag, kernel_probe_t ** pprobe)
1068 kernel_probe_t *probe = NULL;
1071 DPRINTF("us_proc_probes = 0x%x, uflag = 0x%x, "
1072 "probes_flags = 0x%x, kflag = 0x%x",
1073 us_proc_probes, uflag, probes_flags, kflag);
1075 if (!(probes_flags & kflag)) {
1076 iRet = add_probe_to_list (addr, &probe);
1078 EPRINTF ("add_probe_to_list(0x%lx) result=%d!", addr, iRet);
1081 probes_flags |= kflag;
1083 if (!(us_proc_probes & uflag)) {
1084 if (!(probes_flags & uflag)) {
1085 iRet = register_kernel_probe (probe);
1087 EPRINTF ("register_kernel_probe(0x%lx) result=%d!", addr, iRet);
1091 us_proc_probes |= uflag;
1100 static struct dentry *get_dentry(const char *path)
1102 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
1103 struct path st_path;
1104 if (kern_path(path, LOOKUP_FOLLOW, &st_path) != 0) {
1105 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
1106 struct nameidata nd;
1107 if (path_lookup(path, LOOKUP_FOLLOW, &nd) != 0) {
1108 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
1109 EPRINTF("failed to lookup dentry for path %s!", path);
1113 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
1115 #elif LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 38)
1116 return nd.path.dentry;
1117 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
1118 return st_path.dentry;
1119 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25) */
1122 int inst_usr_space_proc (void)
1125 struct task_struct *task = 0;
1126 inst_us_proc_t *task_inst_info = NULL;
1128 //if user-space instrumentation is not set
1129 if (!us_proc_info.path)
1132 DPRINTF("User space instr");
1135 launchpad_daemon_dentry = get_dentry("/usr/bin/launchpad_preloading_preinitializing_daemon");
1136 if (launchpad_daemon_dentry == NULL) {
1140 #endif /* SLP_APP */
1143 app_process_dentry = get_dentry("/system/bin/app_process");
1144 if (app_process_dentry == NULL) {
1148 android_app_vma_start = 0;
1149 android_app_vma_end = 0;
1150 #endif /* ANDROID_APP */
1153 if (is_java_inst_enabled()) {
1154 libdvm_dentry = get_dentry("/system/lib/libdvm.so");
1155 if (libdvm_dentry == NULL) {
1159 memset(&us_proc_info.libdvm_entry_ip, 0, sizeof(us_proc_ip_t));
1160 memset(&us_proc_info.libdvm_return_ip, 0, sizeof(us_proc_ip_t));
1161 us_proc_info.libdvm_start = 0;
1162 us_proc_info.libdvm_end = 0;
1164 #endif /* __ANDROID */
1166 for (i = 0; i < us_proc_info.libs_count; i++) {
1167 us_proc_info.p_libs[i].loaded = 0;
1169 /* check whether process is already running
1170 * 1) if process is running - look for the libraries in the process maps
1171 * 1.1) check if page for symbol does exist
1172 * 1.1.1) if page exists - instrument it
1173 * 1.1.2) if page does not exist - make sure that do_page_fault handler is installed
1174 * 2) if process is not running - make sure that do_page_fault handler is installed
1177 if (!strcmp(us_proc_info.path,"*"))
1179 clear_task_inst_info();
1180 for_each_process (task) {
1181 if (task->flags & PF_KTHREAD){
1182 DPRINTF("ignored kernel thread %d\n",
1187 task_inst_info = get_task_inst_node(task);
1188 if (!task_inst_info) {
1190 copy_task_inst_info(task,
1192 put_task_inst_node(task, task_inst_info);
1194 DPRINTF("trying process");
1196 if (is_java_inst_enabled()) {
1197 find_libdvm_for_task(task, task_inst_info);
1199 #endif /* __ANDROID */
1200 install_mapped_ips (task, task_inst_info, 1);
1201 //put_task_struct (task);
1202 task_inst_info = NULL;
1207 ret = find_task_by_path (us_proc_info.path, &task, NULL);
1210 DPRINTF("task found. installing probes");
1211 us_proc_info.tgid = task->pid;
1213 if (is_java_inst_enabled()) {
1214 find_libdvm_for_task(task, &us_proc_info);
1216 #endif /* __ANDROID */
1217 install_mapped_ips (task, &us_proc_info, 0);
1218 put_task_struct (task);
1222 // enable 'do_page_fault' probe to detect when they will be loaded
1223 ret = install_kernel_probe (pf_addr, US_PROC_PF_INSTLD, 0, &pf_probe);
1226 EPRINTF ("install_kernel_probe(do_page_fault) result=%d!", ret);
1229 // enable 'do_exit' probe to detect for remove task_struct
1230 ret = install_kernel_probe (exit_addr, US_PROC_EXIT_INSTLD, 0, &exit_probe);
1233 EPRINTF ("install_kernel_probe(do_exit) result=%d!", ret);
1236 /* enable 'copy_process' */
1237 ret = install_kernel_probe (cp_addr, US_PROC_CP_INSTLD, 0, &cp_probe);
1240 EPRINTF ("instpall_kernel_probe(copy_process) result=%d!", ret);
1244 // enable 'mm_release' probe to detect when for remove user space probes
1245 ret = install_kernel_probe (mr_addr, US_PROC_MR_INSTLD, 0, &mr_probe);
1248 EPRINTF ("install_kernel_probe(mm_release) result=%d!", ret);
1254 void do_page_fault_ret_pre_code (void)
1256 struct mm_struct *mm;
1257 struct vm_area_struct *vma = 0;
1258 inst_us_proc_t *task_inst_info = NULL;
1260 * Because process threads have same address space
1261 * we instrument only group_leader of all this threads
1263 struct task_struct *task = current->group_leader;
1265 //if user-space instrumentation is not set
1266 if (!us_proc_info.path)
1269 if (task->flags & PF_KTHREAD) {
1270 DPRINTF("ignored kernel thread %d\n", task->pid);
1275 if (!strcmp(us_proc_info.path,"*"))
1277 task_inst_info = get_task_inst_node(task);
1278 if (!task_inst_info)
1280 task_inst_info = copy_task_inst_info(task,
1282 put_task_inst_node(task, task_inst_info);
1284 if (is_java_inst_enabled()) {
1285 find_libdvm_for_task(task, task_inst_info);
1287 #endif /* __ANDROID */
1289 install_mapped_ips (task, task_inst_info, 1);
1293 task_inst_info = &us_proc_info;
1294 //DPRINTF("do_page_fault from proc %d-%d-%d", current->pid, task_inst_info->tgid, task_inst_info->unres_ips_count);
1295 if (!is_java_inst_enabled()
1296 && (task_inst_info->unres_ips_count + task_inst_info->unres_vtps_count
1297 + task_inst_info->unres_otg_ips_count) == 0)
1299 //DPRINTF("do_page_fault: there no unresolved IPs");
1303 if (task_inst_info->tgid == 0)
1305 mm = task->active_mm;
1308 // down_read (&mm->mmap_sem);
1312 if ((vma->vm_flags & VM_EXECUTABLE) && vma->vm_file)
1314 if (vma->vm_file->f_dentry == task_inst_info->m_f_dentry)
1319 if (is_slp_app_with_dentry(vma, task_inst_info->m_f_dentry)) {
1322 #endif /* SLP_APP */
1324 if (is_android_app_with_dentry(vma, task_inst_info->m_f_dentry)) {
1327 #endif /* ANDROID_APP */
1331 // up_read (&mm->mmap_sem);
1334 // DPRINTF ("proc %s/%d has no mm", current->comm, current->pid);
1338 DPRINTF ("do_page_fault found target proc %s(%d)", task->comm, task->pid);
1339 task_inst_info->tgid = task->pid;
1340 gl_nNotifyTgid = task->tgid;
1343 if (task_inst_info->tgid == task->tgid)
1345 //DPRINTF("do_page_fault from target proc %d", task_inst_info->tgid);
1347 if (is_java_inst_enabled()) {
1348 find_libdvm_for_task(task, &us_proc_info);
1350 #endif /* __ANDROID */
1351 install_mapped_ips (task, &us_proc_info, 1);
1353 //DPRINTF("do_page_fault from proc %d-%d exit", task->pid, task_inst_info->pid);
1356 EXPORT_SYMBOL_GPL(do_page_fault_ret_pre_code);
1359 void do_exit_probe_pre_code (void)
1361 // TODO: remove task
1363 EXPORT_SYMBOL_GPL(do_exit_probe_pre_code);
1365 void mm_release_probe_pre_code(void)
1368 struct task_struct *task;
1369 inst_us_proc_t *task_inst_info = NULL;
1371 //if user-space instrumentation is not set
1372 if (!us_proc_info.path || current->tgid != current->pid)
1375 if (!strcmp(us_proc_info.path,"*"))
1377 task_inst_info = get_task_inst_node(current);
1380 iRet = uninstall_mapped_ips (current, task_inst_info, 1);
1382 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
1383 dbi_unregister_all_uprobes(current, 1);
1388 if (current->tgid != us_proc_info.tgid)
1391 // look for another process with the same tgid
1393 for_each_process (task)
1395 if ((task->pid != current->pid) && (task->tgid == us_proc_info.tgid))
1405 iRet = uninstall_mapped_ips (current, &us_proc_info, 1);
1407 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
1408 dbi_unregister_all_uprobes(current, 1);
1409 us_proc_info.tgid = 0;
1410 for(i = 0; i < us_proc_info.libs_count; i++)
1411 us_proc_info.p_libs[i].loaded = 0;
1415 EXPORT_SYMBOL_GPL(mm_release_probe_pre_code);
1418 static void recover_child(struct task_struct *child_task, inst_us_proc_t *parent_iup)
1421 for(i = 0; i < parent_iup->libs_count; ++i)
1423 for(k = 0; k < parent_iup->p_libs[i].ips_count; ++k)
1424 if(parent_iup->p_libs[i].p_ips[k].installed)
1425 arch_disarm_uprobe(&parent_iup->p_libs[i].p_ips[k].jprobe.kp, child_task);
1427 for(k = 0; k < parent_iup->p_libs[i].vtps_count; ++k)
1428 if(parent_iup->p_libs[i].p_vtps[k].installed)
1429 arch_disarm_uprobe(&parent_iup->p_libs[i].p_vtps[k].jprobe.kp, child_task);
1433 static void rm_uprobes_child(struct task_struct *new_task)
1435 if(!strcmp(us_proc_info.path, "*")) {
1436 inst_us_proc_t *task_inst_info = get_task_inst_node(current);
1438 recover_child(new_task, task_inst_info);
1440 if(us_proc_info.tgid == current->tgid) {
1441 recover_child(new_task, &us_proc_info);
1446 void copy_process_ret_pre_code(struct task_struct *p)
1451 if(p->mm != current->mm) // check flags CLONE_VM
1452 rm_uprobes_child(p);
1456 DEFINE_PER_CPU (us_proc_ip_t *, gpCurIp) = NULL;
1457 EXPORT_PER_CPU_SYMBOL_GPL(gpCurIp);
1458 DEFINE_PER_CPU(struct pt_regs *, gpUserRegs) = NULL;
1459 EXPORT_PER_CPU_SYMBOL_GPL(gpUserRegs);
1462 unsigned long ujprobe_event_pre_handler (us_proc_ip_t * ip, struct pt_regs *regs)
1464 __get_cpu_var (gpCurIp) = ip;
1465 __get_cpu_var (gpUserRegs) = regs;
1470 int handle_java_event(unsigned long addr)
1472 unsigned long start = 0;
1473 struct pt_regs *regs = __get_cpu_var(gpUserRegs);
1475 if (!strcmp(us_proc_info.path, "*")) {
1476 /* TODO: some stuff here */
1478 start = us_proc_info.libdvm_start;
1480 unsigned long end = us_proc_info.libdvm_end;
1482 if (addr == start + LIBDVM_ENTRY) {
1483 unsigned long *p_met = (unsigned long *)regs->ARM_r0;
1484 char *met_name = p_met ? (char *)(p_met[4]) : 0;
1485 unsigned long *p_cl = p_met ? (unsigned long *)p_met[0] : 0;
1486 char *cl_name = p_cl ? (char *)(p_cl[6]) : 0;
1487 if (!cl_name || !met_name) {
1488 EPRINTF("warn: class name or method name null\n");
1490 pack_event_info(JAVA_PROBE_ID, RECORD_ENTRY, "pss", addr, cl_name, met_name);
1492 dbi_uprobe_return ();
1496 if (addr == start + LIBDVM_RETURN) {
1497 unsigned long *p_th = (unsigned long *)regs->ARM_r6;
1498 unsigned long *p_st = p_th;
1499 unsigned long *p_met = p_st ? (unsigned long *)p_st[2] : 0;
1500 char *met_name = p_met ? (char *)(p_met[4]) : 0;
1501 unsigned long *p_cl = p_met ? (unsigned long *)p_met[0] : 0;
1502 char *cl_name = p_cl ? (char *)(p_cl[6]) : 0;
1503 if (!cl_name || !met_name) {
1504 EPRINTF("warn: class name or method name null\n");
1506 pack_event_info(JAVA_PROBE_ID, RECORD_RET, "pss", addr, cl_name, met_name);
1508 dbi_uprobe_return ();
1514 #endif /* __ANDROID */
1516 void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6)
1518 us_proc_ip_t *ip = __get_cpu_var (gpCurIp);
1519 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1522 if (is_java_inst_enabled() && handle_java_event(addr)) {
1525 #endif /* __ANDROID */
1528 #if defined(CONFIG_ARM)
1529 if (ip->offset & 0x01)
1531 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr | 0x01, arg1, arg2, arg3, arg4, arg5, arg6);
1533 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr, arg1, arg2, arg3, arg4, arg5, arg6);
1536 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr, arg1, arg2, arg3, arg4, arg5, arg6);
1538 // Mr_Nobody: uncomment for valencia
1539 //unregister_usprobe(current, ip, 1);
1540 dbi_uprobe_return ();
1543 int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *regs, us_proc_ip_t * ip)
1545 int retval = regs_return_value(regs);
1546 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1548 #if defined(CONFIG_ARM)
1549 if (ip->offset & 0x01)
1551 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr | 0x01, retval);
1553 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr, retval);
1556 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr, retval);
1558 // Mr_Nobody: uncomment for valencia
1559 //unregister_usprobe(current, ip, 1);
1563 static int register_usprobe (struct task_struct *task, struct mm_struct *mm, us_proc_ip_t * ip, int atomic, kprobe_opcode_t * islot)
1566 ip->jprobe.kp.tgid = task->tgid;
1567 //ip->jprobe.kp.addr = (kprobe_opcode_t *) addr;
1568 if(!ip->jprobe.entry) {
1569 if (dbi_ujprobe_event_handler_custom_p != NULL)
1571 ip->jprobe.entry = (kprobe_opcode_t *) dbi_ujprobe_event_handler_custom_p;
1572 DPRINTF("Set custom event handler for %x\n", ip->offset);
1576 ip->jprobe.entry = (kprobe_opcode_t *) ujprobe_event_handler;
1577 DPRINTF("Set default event handler for %x\n", ip->offset);
1580 if(!ip->jprobe.pre_entry) {
1581 if (dbi_ujprobe_event_pre_handler_custom_p != NULL)
1583 ip->jprobe.pre_entry = (kprobe_pre_entry_handler_t) dbi_ujprobe_event_pre_handler_custom_p;
1584 DPRINTF("Set custom pre handler for %x\n", ip->offset);
1588 ip->jprobe.pre_entry = (kprobe_pre_entry_handler_t) ujprobe_event_pre_handler;
1589 DPRINTF("Set default pre handler for %x\n", ip->offset);
1592 ip->jprobe.priv_arg = ip;
1593 ret = dbi_register_ujprobe (task, mm, &ip->jprobe, atomic);
1596 DPRINTF ("dbi_register_ujprobe() failure %d", ret);
1600 // Mr_Nobody: comment for valencia
1601 ip->retprobe.kp.tgid = task->tgid;
1602 //ip->retprobe.kp.addr = (kprobe_opcode_t *) addr;
1603 if(!ip->retprobe.handler) {
1604 if (dbi_uretprobe_event_handler_custom_p != NULL)
1605 ip->retprobe.handler = (kretprobe_handler_t) dbi_uretprobe_event_handler_custom_p;
1607 ip->retprobe.handler = (kretprobe_handler_t) uretprobe_event_handler;
1608 //DPRINTF("Failed custom dbi_uretprobe_event_handler_custom_p");
1611 ip->retprobe.priv_arg = ip;
1612 ret = dbi_register_uretprobe (task, mm, &ip->retprobe, atomic);
1615 EPRINTF ("dbi_register_uretprobe() failure %d", ret);
1621 static int unregister_usprobe (struct task_struct *task, us_proc_ip_t * ip, int atomic)
1623 dbi_unregister_ujprobe (task, &ip->jprobe, atomic);
1624 dbi_unregister_uretprobe (task, &ip->retprobe, atomic);
1628 unsigned long get_stack_size(struct task_struct *task,
1629 struct pt_regs *regs)
1631 #ifdef CONFIG_ADD_THREAD_STACK_INFO
1632 return (task->stack_start - dbi_get_stack_ptr(regs));
1634 struct vm_area_struct *vma = NULL;
1635 struct mm_struct *mm = NULL;
1636 unsigned long result = 0;
1637 int atomic = in_atomic();
1639 mm = (atomic ? task->active_mm: get_task_mm(task));
1643 down_read(&mm->mmap_sem);
1645 vma = find_vma(mm, dbi_get_stack_ptr(regs));
1648 result = vma->vm_end - dbi_get_stack_ptr(regs);
1653 up_read(&mm->mmap_sem);
1661 EXPORT_SYMBOL_GPL(get_stack_size);
1663 unsigned long get_stack(struct task_struct *task, struct pt_regs *regs,
1664 char *buf, unsigned long sz)
1666 unsigned long stack_sz = get_stack_size(task, regs);
1667 unsigned long real_sz = (stack_sz > sz ? sz: stack_sz);
1668 int res = read_proc_vm_atomic(task, dbi_get_stack_ptr(regs), buf, real_sz);
1671 EXPORT_SYMBOL_GPL(get_stack);
1673 int dump_to_trace(probe_id_t probe_id, void *addr, const char *buf,
1676 unsigned long rest_sz = sz;
1677 const char *data = buf;
1679 while (rest_sz >= EVENT_MAX_SIZE) {
1680 pack_event_info(probe_id, RECORD_ENTRY, "pa",
1681 addr, EVENT_MAX_SIZE, data);
1682 rest_sz -= EVENT_MAX_SIZE;
1683 data += EVENT_MAX_SIZE;
1687 pack_event_info(probe_id, RECORD_ENTRY, "pa", addr, rest_sz, data);
1691 EXPORT_SYMBOL_GPL(dump_to_trace);
1693 int dump_backtrace(probe_id_t probe_id, struct task_struct *task,
1694 void *addr, struct pt_regs *regs, unsigned long sz)
1696 unsigned long real_sz = 0;
1699 buf = (char *)kmalloc(sz, GFP_ATOMIC);
1702 real_sz = get_stack(task, regs, buf, sz);
1704 dump_to_trace(probe_id, addr, buf, real_sz);
1711 EXPORT_SYMBOL_GPL(dump_backtrace);
1713 unsigned long get_ret_addr(struct task_struct *task, us_proc_ip_t *ip)
1715 unsigned long retaddr = 0;
1716 struct hlist_node *item, *tmp_node;
1717 struct kretprobe_instance *ri;
1720 hlist_for_each_safe (item, tmp_node, &ip->retprobe.used_instances) {
1721 ri = hlist_entry (item, struct kretprobe_instance, uflist);
1723 if (ri->task && ri->task->pid == task->pid &&
1724 ri->task->tgid == task->tgid)
1725 retaddr = (unsigned long)ri->ret_addr;
1732 return dbi_get_ret_addr(task_pt_regs(task));
1734 EXPORT_SYMBOL_GPL(get_ret_addr);
1736 /*function call removes all OTG-probes installed in library "lib_to_delete"*/
1737 void otg_probe_list_clean(char* lib_to_delete)
1739 struct task_struct *task = current->group_leader;
1740 struct mm_struct *mm;
1741 struct vm_area_struct *vma = 0;
1742 char *filename = "";
1744 unsigned long int addr_max = 0;
1745 unsigned long int addr_min = 0;
1747 us_proc_otg_ip_t *p;
1749 mm = task->active_mm;
1750 /*find in process space map file with name "lib_to_delete" and flag VM_EXEC
1751 and save address borders of this file*/
1756 if(vma->vm_file->f_dentry) {
1757 filename = d_path(&vma->vm_file->f_path, buf, 256);
1758 if((strcmp(lib_to_delete, filename) == 0) && (vma->vm_flags & VM_EXEC)) {
1759 addr_min = vma->vm_start;
1760 addr_max = vma->vm_end;
1768 /*remove OTG-probe if its address is between addr_min and addr_max*/
1769 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
1770 if (!p->ip.installed) {
1773 if ( ((unsigned long)p->ip.jprobe.kp.addr < addr_max) &&
1774 ((unsigned long)p->ip.jprobe.kp.addr >= addr_min) ) {
1775 err = unregister_usprobe(task, &p->ip, 1);
1777 EPRINTF("failed to uninstall IP at %p. Error %d!",
1778 p->ip.jprobe.kp.addr, err);
1781 p->ip.installed = 0;
1785 EXPORT_SYMBOL_GPL(otg_probe_list_clean);
projects / kernel / swap-modules.git / blob