1 ////////////////////////////////////////////////////////////////////////////////////
3 // FILE: us_proc_inst.c
6 // This file is C source for SWAP driver.
8 // SEE ALSO: us_proc_inst.h
9 // AUTHOR: A.Gerenkov, E. Gorelkina
10 // COMPANY NAME: Samsung Research Center in Moscow
11 // DEPT NAME: Advanced Software Group
12 // CREATED: 2008.06.02
14 // REVISION DATE: 2008.12.02
16 ////////////////////////////////////////////////////////////////////////////////////
19 #include "us_proc_inst.h"
21 #include "../kprobe/dbi_kprobes_deps.h"
22 #include "../kprobe/dbi_uprobes.h"
24 #define mm_read_lock(task, mm, atomic, lock) \
25 mm = atomic ? task->active_mm : get_task_mm(task); \
28 panic("ERRR mm_read_lock: mm == NULL\n"); \
32 lock = down_read_trylock(&mm->mmap_sem); \
35 down_read(&mm->mmap_sem); \
38 #define mm_read_unlock(mm, atomic, lock) \
40 up_read(&mm->mmap_sem); \
47 DEFINE_PER_CPU (us_proc_vtp_t *, gpVtp) = NULL;
48 DEFINE_PER_CPU (struct pt_regs *, gpCurVtpRegs) = NULL;
50 #if defined(CONFIG_MIPS)
51 # define ARCH_REG_VAL(regs, idx) regs->regs[idx]
52 #elif defined(CONFIG_ARM)
53 # define ARCH_REG_VAL(regs, idx) regs->uregs[idx]
55 # define ARCH_REG_VAL(regs, idx) 0
56 # warning ARCH_REG_VAL is not implemented for this architecture. FBI will work improperly or even crash!!!
59 unsigned long ujprobe_event_pre_handler (us_proc_ip_t * ip, struct pt_regs *regs);
60 void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6);
61 int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *regs, us_proc_ip_t * ip);
63 static int register_usprobe(struct task_struct *task, us_proc_ip_t *ip, int atomic);
64 static int unregister_usprobe(struct task_struct *task, us_proc_ip_t * ip, int atomic, int no_rp2);
68 struct task_inst_info_node {
69 struct list_head plist;
70 inst_us_proc_t * task_inst_info;
73 LIST_HEAD(task_inst_info_list);
76 struct dentry *launchpad_daemon_dentry = NULL;
77 EXPORT_SYMBOL_GPL(launchpad_daemon_dentry);
81 unsigned long android_app_vma_start = 0;
82 unsigned long android_app_vma_end = 0;
83 struct dentry *app_process_dentry = NULL;
84 #endif /* ANDROID_APP */
87 struct dentry *libdvm_dentry = NULL;
88 /* Defines below are for libdvm.so with md5sum:
89 * 5941c87b49198368e7db726c2977bf1d */
90 #define LIBDVM_ENTRY 0x30a64
91 #define LIBDVM_RETURN 0x30bdc
92 #endif /* __ANDROID */
95 static inline int is_libonly(void)
97 return !strcmp(us_proc_info.path,"*");
100 // is user-space instrumentation
101 static inline int is_us_instrumentation(void)
103 return !!us_proc_info.path;
106 us_proc_otg_ip_t *find_otg_probe(unsigned long addr)
110 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
111 if (p->ip.offset == addr) {
119 int add_otg_probe_to_list(unsigned long addr, us_proc_otg_ip_t **pprobe)
121 us_proc_otg_ip_t *new_probe;
122 us_proc_otg_ip_t *probe;
127 /* check if such probe does already exist */
128 probe = find_otg_probe(addr);
133 new_probe = kmalloc(sizeof(us_proc_otg_ip_t), GFP_KERNEL);
135 EPRINTF ("no memory for new probe!");
138 memset(new_probe,0, sizeof(us_proc_otg_ip_t));
140 new_probe->ip.offset = addr;
141 new_probe->ip.jprobe.kp.addr =
142 new_probe->ip.retprobe.kp.addr = (kprobe_opcode_t *)addr;
143 new_probe->ip.jprobe.priv_arg =
144 new_probe->ip.retprobe.priv_arg = new_probe;
146 INIT_LIST_HEAD(&new_probe->list);
147 list_add_rcu(&new_probe->list, &otg_us_proc_info);
155 int remove_otg_probe_from_list(unsigned long addr)
159 //check if such probe does exist
160 p = find_otg_probe(addr);
162 /* We do not care about it. Nothing bad. */
166 list_del_rcu(&p->list);
174 static struct proc_probes *proc_p_copy(struct proc_probes *proc_p);
175 static void print_proc_probes(const struct proc_probes *proc_p);
177 * Prepare copy of instrumentation data for task
178 * in case of library only instrumentation
181 inst_us_proc_t* copy_task_inst_info (struct task_struct *task, inst_us_proc_t * task_inst_info)
184 kprobe_opcode_t *entry_save;
185 kprobe_pre_entry_handler_t pre_entry_save;
186 kretprobe_handler_t handler_save;
188 inst_us_proc_t* copy_info = 0;
190 int unres_ips_count = 0, unres_vtps_count = 0;
192 copy_info = kmalloc (sizeof (inst_us_proc_t), GFP_ATOMIC);
193 memset ((void *) copy_info, 0, sizeof (inst_us_proc_t));
195 copy_info->path = task_inst_info->path;
196 copy_info->m_f_dentry = NULL;
198 copy_info->libs_count = task_inst_info->libs_count;
200 kmalloc (task_inst_info->libs_count * sizeof (us_proc_lib_t), GFP_ATOMIC);
202 if (!copy_info->p_libs) {
203 DPRINTF ("No enough memory for copy_info->p_libs");
206 memcpy (copy_info->p_libs, task_inst_info->p_libs,
207 copy_info->libs_count * sizeof (us_proc_lib_t));
209 for (i = 0; i < copy_info->libs_count; i++) {
210 if (copy_info->p_libs[i].ips_count > 0)
212 unres_ips_count += copy_info->p_libs[i].ips_count;
214 copy_info->p_libs[i].p_ips =
215 kmalloc (copy_info->p_libs[i].ips_count * sizeof (us_proc_ip_t), GFP_ATOMIC);
217 if (!copy_info->p_libs[i].p_ips) {
218 DPRINTF ("No enough memory for copy_info->p_libs[i].p_ips");
222 memcpy (copy_info->p_libs[i].p_ips, task_inst_info->p_libs[i].p_ips,
223 copy_info->p_libs[i].ips_count * sizeof (us_proc_ip_t));
224 for (j = 0; j < copy_info->p_libs[i].ips_count; j++) {
226 entry_save = copy_info->p_libs[i].p_ips[j].jprobe.entry;
227 pre_entry_save = copy_info->p_libs[i].p_ips[j].jprobe.pre_entry;
228 handler_save = copy_info->p_libs[i].p_ips[j].retprobe.handler;
230 copy_info->p_libs[i].p_ips[j].installed = 0;
231 memset(©_info->p_libs[i].p_ips[j].jprobe, 0, sizeof(struct jprobe));
232 memset(©_info->p_libs[i].p_ips[j].retprobe, 0, sizeof(struct kretprobe));
235 copy_info->p_libs[i].p_ips[j].jprobe.entry = entry_save;
236 copy_info->p_libs[i].p_ips[j].jprobe.pre_entry = pre_entry_save;
237 copy_info->p_libs[i].p_ips[j].retprobe.handler = handler_save;
240 unres_ips_count += copy_info->p_libs[i].ips_count;
243 for (j = 0; j < copy_info->p_libs[i].plt_count; j++)
245 copy_info->p_libs[i].p_plt[j].real_func_addr = 0;
248 if (copy_info->p_libs[i].vtps_count > 0) {
249 unres_vtps_count += copy_info->p_libs[i].vtps_count;
251 copy_info->p_libs[i].p_vtps =
252 kmalloc (copy_info->p_libs[i].vtps_count * sizeof (us_proc_vtp_t), GFP_ATOMIC);
254 if (!copy_info->p_libs[i].p_vtps) {
255 DPRINTF ("No enough memory for copy_info->p_libs[i].p_vtps");
259 memcpy (copy_info->p_libs[i].p_vtps, task_inst_info->p_libs[i].p_vtps,
260 copy_info->p_libs[i].vtps_count * sizeof (us_proc_vtp_t));
261 for (j = 0; j < copy_info->p_libs[i].vtps_count; j++) {
262 copy_info->p_libs[i].p_vtps[j].installed = 0;
263 memset (©_info->p_libs[i].p_vtps[j].jprobe, 0, sizeof(struct jprobe));
265 unres_vtps_count = copy_info->p_libs[i].vtps_count;
268 copy_info->p_libs[i].m_f_dentry = task_inst_info->p_libs[i].m_f_dentry;
269 copy_info->p_libs[i].loaded = 0;
271 copy_info->p_libs[i].vma_start = 0;
272 copy_info->p_libs[i].vma_end = 0;
274 copy_info->unres_ips_count = unres_ips_count;
275 copy_info->unres_vtps_count = unres_vtps_count;
277 copy_info->pp = proc_p_copy(task_inst_info->pp);
279 // print_proc_probes(copy_info->pp);
284 inst_us_proc_t* get_task_inst_node(struct task_struct *task)
286 struct task_inst_info_node *node, *tnode;
288 list_for_each_entry_safe(node, tnode, &task_inst_info_list, plist)
290 if (node && task && node->tgid == task->tgid) {
291 return node->task_inst_info;
297 void put_task_inst_node(struct task_struct *task, inst_us_proc_t *task_inst_info)
299 struct task_inst_info_node * node;
301 node = kmalloc (sizeof(struct task_inst_info_node), GFP_ATOMIC);
303 node->tgid = task->tgid;
304 node->task_inst_info = task_inst_info;
306 list_add_tail (&(node->plist), &task_inst_info_list);
310 void clear_task_inst_info(void)
312 struct list_head *node, *tmp;
314 list_for_each_safe(node, tmp, &task_inst_info_list)
319 static int is_slp_app_with_dentry(struct vm_area_struct *vma,
320 struct dentry *dentry)
322 struct vm_area_struct *slp_app_vma = NULL;
324 if (vma->vm_file->f_dentry == launchpad_daemon_dentry) {
326 while (slp_app_vma) {
327 if (slp_app_vma->vm_file) {
328 if (slp_app_vma->vm_file->f_dentry == dentry &&
329 slp_app_vma->vm_pgoff == 0) {
333 slp_app_vma = slp_app_vma->vm_next;
342 static int is_android_app_with_dentry(struct vm_area_struct *vma,
343 struct dentry *dentry)
345 struct vm_area_struct *android_app_vma = NULL;
347 if (vma->vm_file->f_dentry == app_process_dentry) {
348 android_app_vma = vma;
349 while (android_app_vma) {
350 if (android_app_vma->vm_file) {
351 if (android_app_vma->vm_file->f_dentry == dentry) {
352 android_app_vma_start = android_app_vma->vm_start;
353 android_app_vma_end = android_app_vma->vm_end;
357 android_app_vma = android_app_vma->vm_next;
363 #endif /* ANDROID_APP */
366 void find_libdvm_for_task(struct task_struct *task, inst_us_proc_t *info)
368 struct vm_area_struct *vma = NULL;
369 struct mm_struct *mm = NULL;
371 mm = get_task_mm(task);
376 if (vma->vm_file->f_dentry == libdvm_dentry) {
377 info->libdvm_start = vma->vm_start;
378 info->libdvm_end = vma->vm_end;
387 #endif /* __ANDROID */
389 struct dentry *dentry_by_path(const char *path)
391 struct dentry *dentry;
392 #if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38)
394 if (kern_path(path, LOOKUP_FOLLOW, &st_path) != 0) {
395 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
397 if (path_lookup(path, LOOKUP_FOLLOW, &nd) != 0) {
398 #endif /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
399 EPRINTF("failed to lookup dentry for path %s!", path);
403 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25)
406 #elif LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 38)
407 dentry = nd.path.dentry;
409 #else /* LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 38) */
410 dentry = st_path.dentry;
412 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 25) */
416 static int find_task_by_path (const char *path, struct task_struct **p_task, struct list_head *tids)
419 struct task_struct *task;
420 struct vm_area_struct *vma;
421 struct mm_struct *mm;
422 struct dentry *dentry = dentry_by_path(path);
426 /* find corresponding dir entry, this is also check for valid path */
427 // TODO: test - try to instrument process with non-existing path
428 // TODO: test - try to instrument process with existing path and delete file just after start
429 if (dentry == NULL) {
434 for_each_process (task) {
436 if ( 0 != inst_pid && ( inst_pid != task->pid ) )
439 mm = get_task_mm(task);
444 if ((vma->vm_flags & VM_EXECUTABLE) && vma->vm_file) {
445 if (vma->vm_file->f_dentry == dentry) {
448 get_task_struct (task);
454 if (is_slp_app_with_dentry(vma, dentry)) {
456 get_task_struct(task);
462 if (is_android_app_with_dentry(vma, dentry)) {
464 get_task_struct(task);
467 #endif /* ANDROID_APP */
471 // only decrement usage count on mm since we cannot sleep here
472 atomic_dec(&mm->mm_users);
479 DPRINTF ("found pid %d for %s.", (*p_task)->pid, path);
480 *p_task = (*p_task)->group_leader;
481 gl_nNotifyTgid = (*p_task)->tgid;
483 DPRINTF ("pid for %s not found!", path);
490 static void us_vtp_event_pre_handler (us_proc_vtp_t * vtp, struct pt_regs *regs)
492 __get_cpu_var(gpVtp) = vtp;
493 __get_cpu_var(gpCurVtpRegs) = regs;
496 static void us_vtp_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6)
498 us_proc_vtp_t *vtp = __get_cpu_var(gpVtp);
499 #if !defined(CONFIG_X86)
500 struct pt_regs *regs = __get_cpu_var(gpCurVtpRegs);
506 us_proc_vtp_data_t *vtp_data;
512 list_for_each_entry_rcu (vtp_data, &vtp->list, list) {
513 // DPRINTF ("[%d]proc %s(%d): %lx", nCount++, current->comm, current->pid, vtp->addr);
514 fmt[1] = vtp_data->type;
515 if (vtp_data->reg == -1)
516 vaddr = vtp_data->off;
518 vaddr = ARCH_REG_VAL (regs, vtp_data->reg) + vtp_data->off;
519 // DPRINTF ("VTP type '%c'", vtp_data->type);
520 switch (vtp_data->type)
525 if (read_proc_vm_atomic (current, vaddr, &ival, sizeof (ival)) < sizeof (ival))
526 EPRINTF ("failed to read vm of proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
528 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, ival, vtp_data->name);
531 if (read_proc_vm_atomic (current, vaddr, &ival, sizeof (ival)) < sizeof (ival))
532 EPRINTF ("failed to read vm of proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
534 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, ival, vtp_data->name);
537 if (read_proc_vm_atomic (current, vaddr, &cval, sizeof (cval)) < sizeof (cval))
538 EPRINTF ("failed to read vm of proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
540 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, cval, vtp_data->name);
543 if (current->active_mm) {
545 struct vm_area_struct *vma;
548 if (get_user_pages_atomic (current, current->active_mm, vaddr, 1, 0, 1, &page, &vma) <= 0) {
549 EPRINTF ("get_user_pages_atomic failed for proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
552 maddr = kmap_atomic (page, KM_USER0);
553 len = strlen (maddr + (vaddr & ~PAGE_MASK));
554 sval = kmalloc (len + 1, GFP_KERNEL);
556 EPRINTF ("failed to alloc memory for string in proc %s/%u addr %lu!", current->comm, current->pid, vaddr);
558 copy_from_user_page (vma, page, vaddr, sval, maddr + (vaddr & ~PAGE_MASK), len + 1);
559 pack_event_info (VTP_PROBE_ID, RECORD_ENTRY, fmt, vtp->jprobe.kp.addr, sval, vtp_data->name);
562 kunmap_atomic (maddr, KM_USER0);
563 page_cache_release (page);
566 EPRINTF ("task %s/%u has no mm!", current->comm, current->pid);
569 EPRINTF ("unknown variable type '%c'", vtp_data->type);
572 dbi_uprobe_return ();
575 static int install_mapped_ips (struct task_struct *task, inst_us_proc_t* task_inst_info, int atomic)
577 struct vm_area_struct *vma;
580 unsigned int old_ips_count, old_vtps_count;
582 struct task_struct *t;
583 struct mm_struct *mm;
585 mm = atomic ? task->active_mm : get_task_mm (task);
587 return task_inst_info->unres_ips_count + task_inst_info->unres_vtps_count;
589 old_ips_count = task_inst_info->unres_ips_count;
590 old_vtps_count = task_inst_info->unres_vtps_count;
592 down_read (&mm->mmap_sem);
595 // skip non-text section
597 if (vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC) || !vma->vm_file || (vma->vm_flags & VM_ACCOUNT) ||
598 !(vma->vm_flags & (VM_WRITE | VM_MAYWRITE)) ||
599 !(vma->vm_flags & (VM_READ | VM_MAYREAD))) {
601 if (vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC) || !vma->vm_file) {
607 * After process was forked, some time it inherits parent process environment.
608 * We need to renew instrumentation when we detect that process gets own environment.
610 for (i = 0; i < task_inst_info->libs_count; i++) {
611 // struct path tmp_path;
612 // tmp_path.dentry = task_inst_info->p_libs[i].m_f_dentry;
613 // tmp_path.mnt = task_inst_info->p_libs[i].m_vfs_mount;
614 // char* p_path = d_path ( &tmp_path, path_buffer, 255 );
615 // DPRINTF("f_dentry:%x m_f_dentry:%x path:%s", vma->vm_file->f_dentry,
616 // task_inst_info->p_libs[i].m_f_dentry, p_path );
618 //TODO: test - try to instrument non-existing libs
619 if (vma->vm_file->f_dentry == task_inst_info->p_libs[i].m_f_dentry) {
620 // DPRINTF("vm_flags:%x loaded:%x ips_count:%d vtps_count:%d",
621 // vma->vm_flags, task_inst_info->p_libs[i].loaded,
622 // task_inst_info->p_libs[i].ips_count, task_inst_info->p_libs[i].vtps_count );
623 if (!task_inst_info->p_libs[i].loaded) {
624 // DPRINTF("!VM_EXECUTABLE && !loaded");
626 int app_flag = (vma->vm_file->f_dentry == task_inst_info->m_f_dentry);
627 DPRINTF ("post dyn lib event %s/%s", current->comm, task_inst_info->p_libs[i].path);
628 // if we installed something, post library info for those IPs
629 p = strrchr(task_inst_info->p_libs[i].path, '/');
631 p = task_inst_info->p_libs[i].path;
634 task_inst_info->p_libs[i].loaded = 1;
635 task_inst_info->p_libs[i].vma_start = vma->vm_start;
636 task_inst_info->p_libs[i].vma_end = vma->vm_end;
637 task_inst_info->p_libs[i].vma_flag = vma->vm_flags;
638 pack_event_info (DYN_LIB_PROBE_ID, RECORD_ENTRY, "dspdd",
639 task->tgid, p, vma->vm_start, vma->vm_end-vma->vm_start, app_flag);
641 for (k = 0; k < task_inst_info->p_libs[i].ips_count; k++) {
642 DPRINTF("ips_count current:%d", k);
643 if (!task_inst_info->p_libs[i].p_ips[k].installed) {
644 DPRINTF("!installed");
645 addr = task_inst_info->p_libs[i].p_ips[k].offset;
646 addr += vma->vm_start;
647 if (page_present (mm, addr)) {
648 DPRINTF ("pid %d, %s sym is loaded at %lx/%lx.",
649 task->pid, task_inst_info->p_libs[i].path,
650 task_inst_info->p_libs[i].p_ips[k].offset, addr);
651 task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr = (kprobe_opcode_t *) addr;
652 task_inst_info->p_libs[i].p_ips[k].retprobe.kp.addr = (kprobe_opcode_t *) addr;
653 task_inst_info->unres_ips_count--;
654 err = register_usprobe(task, &task_inst_info->p_libs[i].p_ips[k], atomic);
656 DPRINTF ("failed to install IP at %lx/%p. Error %d!",
657 task_inst_info->p_libs[i].p_ips[k].offset,
658 task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr, err);
663 for (k = 0; k < task_inst_info->p_libs[i].vtps_count; k++) {
664 DPRINTF("vtps_count current:%d", k);
665 if (!task_inst_info->p_libs[i].p_vtps[k].installed) {
666 DPRINTF("!installed");
667 addr = task_inst_info->p_libs[i].p_vtps[k].addr;
668 if (!(vma->vm_flags & VM_EXECUTABLE))
669 addr += vma->vm_start;
670 if (page_present (mm, addr)) {
671 DPRINTF ("pid %d, %s sym is loaded at %lx/%lx.",
672 task->pid, task_inst_info->p_libs[i].path,
673 task_inst_info->p_libs[i].p_ips[k].offset, addr);
674 task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.tgid = task_inst_info->tgid;
675 task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.addr = (kprobe_opcode_t *) addr;
676 task_inst_info->p_libs[i].p_vtps[k].jprobe.entry = (kprobe_opcode_t *) us_vtp_event_handler;
677 task_inst_info->p_libs[i].p_vtps[k].jprobe.pre_entry = (kprobe_pre_entry_handler_t) us_vtp_event_pre_handler;
678 task_inst_info->p_libs[i].p_vtps[k].jprobe.priv_arg = &task_inst_info->p_libs[i].p_vtps[k];
679 task_inst_info->p_libs[i].p_vtps[k].installed = 1;
680 task_inst_info->unres_vtps_count--;
681 err = dbi_register_ujprobe(task, &task_inst_info->p_libs[i].p_vtps[k].jprobe, atomic);
683 EPRINTF ("failed to install VTP at %p. Error %d!",
684 task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.addr, err);
692 if (is_java_inst_enabled()
693 && vma->vm_file->f_dentry == libdvm_dentry) {
694 us_proc_ip_t *entp = &task_inst_info->libdvm_entry_ip;
696 && task_inst_info->libdvm_start) {
697 unsigned long addr = LIBDVM_ENTRY + task_inst_info->libdvm_start;
698 if (page_present(mm, addr)) {
699 entp->jprobe.kp.tgid = task->tgid;
700 entp->jprobe.pre_entry = ujprobe_event_pre_handler;
701 entp->jprobe.entry = ujprobe_event_handler;
702 entp->jprobe.priv_arg = entp;
703 entp->jprobe.kp.addr = addr;
704 entp->retprobe.kp.tgid = task->tgid;
705 entp->retprobe.handler = uretprobe_event_handler;
706 entp->retprobe.priv_arg = entp;
707 entp->retprobe.kp.addr = addr;
708 err = register_usprobe(task, mm, entp, atomic, 0);
710 DPRINTF("failed to install IP at %p", addr);
715 us_proc_ip_t *retp = &task_inst_info->libdvm_return_ip;
717 && task_inst_info->libdvm_start) {
718 unsigned long addr = LIBDVM_RETURN + task_inst_info->libdvm_start;
719 if (page_present(mm, addr)) {
720 retp->jprobe.kp.tgid = task->tgid;
721 retp->jprobe.pre_entry = ujprobe_event_pre_handler;
722 retp->jprobe.entry = ujprobe_event_handler;
723 retp->jprobe.priv_arg = retp;
724 retp->jprobe.kp.addr = addr;
725 retp->retprobe.kp.tgid = task->tgid;
726 retp->retprobe.handler = uretprobe_event_handler;
727 retp->retprobe.priv_arg = retp;
728 retp->retprobe.kp.addr = addr;
729 err = register_usprobe(task, mm, retp, atomic, 0);
731 DPRINTF("failed to install IP at %p", addr);
737 #endif /* __ANDROID */
740 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
741 if (p->ip.installed) {
745 if (!page_present(mm, p->ip.offset)) {
746 DPRINTF("Page isn't present for %p.",
751 err = register_usprobe(task, &p->ip, atomic);
753 DPRINTF("failed to install IP at %lx/%p. Error %d!",
755 p->ip.jprobe.kp.addr, err);
758 task_inst_info->unres_otg_ips_count--;
761 up_read (&mm->mmap_sem);
764 return task_inst_info->unres_ips_count + task_inst_info->unres_vtps_count;
767 int install_otg_ip(unsigned long addr,
768 kprobe_pre_entry_handler_t pre_handler,
769 unsigned long jp_handler,
770 kretprobe_handler_t rp_handler)
773 us_proc_otg_ip_t *pprobe;
774 struct task_struct *task = current->group_leader;
775 struct mm_struct *mm = task->mm;
777 /* Probe preparing */
778 err = add_otg_probe_to_list(addr, &pprobe);
781 DPRINTF("OTG probe %p already installed.", addr);
784 DPRINTF("Failed to add new OTG probe, err=%d",err);
789 pprobe->ip.jprobe.pre_entry = pre_handler;
790 pprobe->ip.jprobe.entry = (kprobe_opcode_t *)jp_handler;
791 pprobe->ip.retprobe.handler = rp_handler;
793 pprobe->tgid = task->tgid;
794 if (!page_present(mm, addr)) {
795 DPRINTF("Page isn't present for %p.", addr);
797 us_proc_info.unres_otg_ips_count++;
798 /* Probe will be installed in do_page_fault handler */
801 DPRINTF("Page present for %p.", addr);
803 /* Probe installing */
804 err = register_usprobe(task, &pprobe->ip, 1);
806 DPRINTF("failed to install IP at %lx/%p. Error %d!",
807 addr, pprobe->ip.jprobe.kp.addr, err);
813 EXPORT_SYMBOL_GPL(install_otg_ip);
816 static int uninstall_mapped_ips (struct task_struct *task, inst_us_proc_t* task_inst_info, int atomic)
821 for (i = 0; i < task_inst_info->libs_count; i++)
823 DPRINTF ("clear lib %s.", task_inst_info->p_libs[i].path);
824 for (k = 0; k < task_inst_info->p_libs[i].ips_count; k++)
826 if (task_inst_info->p_libs[i].p_ips[k].installed)
828 DPRINTF ("remove IP at %p.", task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr);
829 err = unregister_usprobe (task, &task_inst_info->p_libs[i].p_ips[k], atomic, 0);
832 EPRINTF ("failed to uninstall IP at %p. Error %d!", task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr, err);
835 task_inst_info->unres_ips_count++;
838 for (k = 0; k < task_inst_info->p_libs[i].vtps_count; k++)
840 if (task_inst_info->p_libs[i].p_vtps[k].installed)
842 dbi_unregister_ujprobe (task, &task_inst_info->p_libs[i].p_vtps[k].jprobe, atomic);
843 task_inst_info->unres_vtps_count++;
844 task_inst_info->p_libs[i].p_vtps[k].installed = 0;
847 task_inst_info->p_libs[i].loaded = 0;
850 if (is_java_inst_enabled()) {
851 us_proc_ip_t *entp = &task_inst_info->libdvm_entry_ip;
852 if (entp->installed) {
853 unregister_usprobe(task, entp, atomic);
856 us_proc_ip_t *retp = &task_inst_info->libdvm_return_ip;
857 if (retp->installed) {
858 unregister_usprobe(task, retp, atomic);
862 #endif /* __ANDROID */
863 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
864 if (!p->ip.installed) {
867 DPRINTF("remove OTG IP at %p.", p->ip.offset);
868 err = unregister_usprobe(task, &p->ip, atomic, 0);
870 EPRINTF("failed to uninstall IP at %p. Error %d!",
871 p->ip.jprobe.kp.addr, err);
876 DPRINTF ("Ures IPs %d.", task_inst_info->unres_ips_count);
877 DPRINTF ("Ures VTPs %d.", task_inst_info->unres_vtps_count);
881 static int uninstall_kernel_probe (unsigned long addr, int uflag, int kflag, kernel_probe_t ** pprobe)
883 kernel_probe_t *probe = NULL;
885 if (probes_flags & kflag) {
886 probe = find_probe(addr);
888 iRet = remove_probe_from_list (addr);
890 EPRINTF ("remove_probe_from_list(0x%lx) result=%d!", addr, iRet);
894 probes_flags &= ~kflag;
896 if (us_proc_probes & uflag) {
897 if (!(probes_flags & uflag)) {
899 iRet = unregister_kernel_probe(probe);
901 EPRINTF ("unregister_kernel_probe(0x%lx) result=%d!",
907 us_proc_probes &= ~uflag;
915 static int uninstall_us_proc_probes(struct task_struct *task, struct proc_probes *proc_p, enum US_FLAGS flag);
917 int deinst_usr_space_proc (void)
919 int iRet = 0, found = 0;
920 struct task_struct *task = 0;
921 inst_us_proc_t *task_inst_info = NULL;
923 if (!is_us_instrumentation()) {
927 iRet = uninstall_kernel_probe (pf_addr, US_PROC_PF_INSTLD,
930 EPRINTF ("uninstall_kernel_probe(do_page_fault) result=%d!", iRet);
932 iRet = uninstall_kernel_probe (cp_addr, US_PROC_CP_INSTLD,
935 EPRINTF ("uninstall_kernel_probe(copy_process) result=%d!", iRet);
937 iRet = uninstall_kernel_probe (mr_addr, US_PROC_MR_INSTLD,
940 EPRINTF ("uninstall_kernel_probe(mm_release) result=%d!", iRet);
942 iRet = uninstall_kernel_probe (exit_addr, US_PROC_EXIT_INSTLD,
945 EPRINTF ("uninstall_kernel_probe(do_exit) result=%d!", iRet);
947 iRet = uninstall_kernel_probe (unmap_addr, US_PROC_UNMAP_INSTLD,
950 EPRINTF ("uninstall_kernel_probe(do_munmap) result=%d!", iRet);
954 for_each_process (task)
956 task_inst_info = get_task_inst_node(task);
959 iRet = uninstall_us_proc_probes(task, task_inst_info->pp, US_UNREGS_PROBE);
961 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
962 dbi_unregister_all_uprobes(task, 1);
968 if (us_proc_info.tgid == 0)
971 for_each_process (task)
973 if (task->tgid == us_proc_info.tgid)
976 get_task_struct (task);
985 iRet = uninstall_us_proc_probes(task, us_proc_info.pp, US_UNREGS_PROBE);
987 EPRINTF ("failed to uninstall IPs %d!", iRet);
988 put_task_struct (task);
990 printk("### 1 ### dbi_unregister_all_uprobes:\n");
991 dbi_unregister_all_uprobes(task, 1);
992 us_proc_info.tgid = 0;
993 for(i = 0; i < us_proc_info.libs_count; i++)
994 us_proc_info.p_libs[i].loaded = 0;
1000 static int install_kernel_probe (unsigned long addr, int uflag, int kflag, kernel_probe_t ** pprobe)
1002 kernel_probe_t *probe = NULL;
1005 DPRINTF("us_proc_probes = 0x%x, uflag = 0x%x, "
1006 "probes_flags = 0x%x, kflag = 0x%x",
1007 us_proc_probes, uflag, probes_flags, kflag);
1009 if (!(probes_flags & kflag)) {
1010 iRet = add_probe_to_list (addr, &probe);
1012 EPRINTF ("add_probe_to_list(0x%lx) result=%d!", addr, iRet);
1015 probes_flags |= kflag;
1017 if (!(us_proc_probes & uflag)) {
1018 if (!(probes_flags & uflag)) {
1019 iRet = register_kernel_probe (probe);
1021 EPRINTF ("register_kernel_probe(0x%lx) result=%d!", addr, iRet);
1025 us_proc_probes |= uflag;
1034 static void install_proc_probes(struct task_struct *task, struct proc_probes *proc_p, int atomic);
1036 int inst_usr_space_proc (void)
1039 struct task_struct *task = 0;
1040 inst_us_proc_t *task_inst_info = NULL;
1042 if (!is_us_instrumentation()) {
1046 DPRINTF("User space instr");
1049 launchpad_daemon_dentry = dentry_by_path("/usr/bin/launchpad_preloading_preinitializing_daemon");
1050 if (launchpad_daemon_dentry == NULL) {
1054 #endif /* SLP_APP */
1057 app_process_dentry = dentry_by_path("/system/bin/app_process");
1058 if (app_process_dentry == NULL) {
1062 android_app_vma_start = 0;
1063 android_app_vma_end = 0;
1064 #endif /* ANDROID_APP */
1067 if (is_java_inst_enabled()) {
1068 libdvm_dentry = dentry_by_path("/system/lib/libdvm.so");
1069 if (libdvm_dentry == NULL) {
1073 memset(&us_proc_info.libdvm_entry_ip, 0, sizeof(us_proc_ip_t));
1074 memset(&us_proc_info.libdvm_return_ip, 0, sizeof(us_proc_ip_t));
1075 us_proc_info.libdvm_start = 0;
1076 us_proc_info.libdvm_end = 0;
1078 #endif /* __ANDROID */
1080 for (i = 0; i < us_proc_info.libs_count; i++) {
1081 us_proc_info.p_libs[i].loaded = 0;
1083 /* check whether process is already running
1084 * 1) if process is running - look for the libraries in the process maps
1085 * 1.1) check if page for symbol does exist
1086 * 1.1.1) if page exists - instrument it
1087 * 1.1.2) if page does not exist - make sure that do_page_fault handler is installed
1088 * 2) if process is not running - make sure that do_page_fault handler is installed
1093 clear_task_inst_info();
1094 for_each_process (task) {
1095 if (task->flags & PF_KTHREAD){
1096 DPRINTF("ignored kernel thread %d\n",
1101 task_inst_info = get_task_inst_node(task);
1102 if (!task_inst_info) {
1104 copy_task_inst_info(task,
1106 put_task_inst_node(task, task_inst_info);
1108 DPRINTF("trying process");
1110 if (is_java_inst_enabled()) {
1111 find_libdvm_for_task(task, task_inst_info);
1113 #endif /* __ANDROID */
1114 install_proc_probes(task, task_inst_info->pp, 1);
1115 //put_task_struct (task);
1116 task_inst_info = NULL;
1121 ret = find_task_by_path (us_proc_info.path, &task, NULL);
1124 DPRINTF("task found. installing probes");
1125 us_proc_info.tgid = task->pid;
1127 if (is_java_inst_enabled()) {
1128 find_libdvm_for_task(task, &us_proc_info);
1130 #endif /* __ANDROID */
1131 install_proc_probes(task, us_proc_info.pp, 0);
1132 put_task_struct (task);
1136 // enable 'do_page_fault' probe to detect when they will be loaded
1137 ret = install_kernel_probe (pf_addr, US_PROC_PF_INSTLD, 0, &pf_probe);
1140 EPRINTF ("install_kernel_probe(do_page_fault) result=%d!", ret);
1143 // enable 'do_exit' probe to detect for remove task_struct
1144 ret = install_kernel_probe (exit_addr, US_PROC_EXIT_INSTLD, 0, &exit_probe);
1147 EPRINTF ("install_kernel_probe(do_exit) result=%d!", ret);
1150 /* enable 'copy_process' */
1151 ret = install_kernel_probe (cp_addr, US_PROC_CP_INSTLD, 0, &cp_probe);
1154 EPRINTF ("instpall_kernel_probe(copy_process) result=%d!", ret);
1158 // enable 'mm_release' probe to detect when for remove user space probes
1159 ret = install_kernel_probe (mr_addr, US_PROC_MR_INSTLD, 0, &mr_probe);
1162 EPRINTF ("install_kernel_probe(mm_release) result=%d!", ret);
1166 // enable 'do_munmap' probe to detect when for remove user space probes
1167 ret = install_kernel_probe (unmap_addr, US_PROC_UNMAP_INSTLD, 0, &unmap_probe);
1170 EPRINTF ("install_kernel_probe(do_munmap) result=%d!", ret);
1176 #include "../../tools/gpmu/probes/entry_data.h"
1178 extern storage_arg_t sa_dpf;
1180 void do_page_fault_j_pre_code(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
1182 struct task_struct *task = current->group_leader;
1184 if (task->flags & PF_KTHREAD) {
1185 DPRINTF("ignored kernel thread %d\n", task->pid);
1189 if (is_us_instrumentation()) {
1190 swap_put_entry_data((void *)addr, &sa_dpf);
1193 EXPORT_SYMBOL_GPL(do_page_fault_j_pre_code);
1196 unsigned long imi_sum_time = 0;
1197 unsigned long imi_sum_hit = 0;
1198 EXPORT_SYMBOL_GPL (imi_sum_time);
1199 EXPORT_SYMBOL_GPL (imi_sum_hit);
1201 static void set_mapping_file(struct file_probes *file_p,
1202 const struct proc_probes *proc_p,
1203 const struct task_struct *task,
1204 const struct vm_area_struct *vma)
1206 int app_flag = (vma->vm_file->f_dentry == proc_p->dentry);
1208 // if we installed something, post library info for those IPs
1209 p = strrchr(file_p->path, '/');
1216 file_p->vm_start = vma->vm_start;
1217 file_p->vm_end = vma->vm_end;
1218 pack_event_info(DYN_LIB_PROBE_ID, RECORD_ENTRY, "dspdd",
1219 task->tgid, p, vma->vm_start,
1220 vma->vm_end - vma->vm_start, app_flag);
1223 static int register_us_page_probe(struct page_probes *page_p,
1224 const struct file_probes *file_p,
1225 const struct task_struct *task)
1230 spin_lock(&page_p->lock);
1232 if (page_p_is_install(page_p)) {
1233 printk("page %x in %s task[tgid=%u, pid=%u] already installed\n",
1234 page_p->offset, file_p->dentry->d_iname, task->tgid, task->pid);
1238 page_p_assert_install(page_p);
1239 page_p_set_all_kp_addr(page_p, file_p);
1241 list_for_each_entry(ip, &page_p->ip_list, list) {
1242 err = register_usprobe_my(task, ip);
1249 page_p_installed(page_p);
1251 spin_unlock(&page_p->lock);
1256 static int unregister_us_page_probe(const struct task_struct *task,
1257 struct page_probes *page_p, enum US_FLAGS flag)
1262 if (page_p->install == 0) {
1266 list_for_each_entry(ip, &page_p->ip_list, list) {
1267 err = unregister_usprobe_my(task, ip, flag);
1274 if (flag != US_DISARM) {
1275 page_p_uninstalled(page_p);
1281 static int check_vma(struct vm_area_struct *vma)
1284 return vma->vm_file && !(vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC) || (vma->vm_flags & VM_ACCOUNT) ||
1285 !(vma->vm_flags & (VM_WRITE | VM_MAYWRITE)) ||
1286 !(vma->vm_flags & (VM_READ | VM_MAYREAD)));
1288 return vma->vm_file && !(vma->vm_pgoff != 0 || !(vma->vm_flags & VM_EXEC));
1293 static void install_page_probes(unsigned long page, struct task_struct *task, struct proc_probes *proc_p, int atomic)
1296 struct mm_struct *mm;
1297 struct vm_area_struct *vma;
1299 mm_read_lock(task, mm, atomic, lock);
1301 vma = find_vma(mm, page);
1302 if (vma && check_vma(vma)) {
1303 struct file_probes *file_p = proc_p_find_file_p(proc_p, vma);
1305 struct page_probes *page_p;
1306 if (!file_p->loaded) {
1307 set_mapping_file(file_p, proc_p, task, vma);
1311 page_p = file_p_find_page_p_mapped(file_p, page);
1313 register_us_page_probe(page_p, file_p, task);
1318 mm_read_unlock(mm, atomic, lock);
1321 static void install_file_probes(struct task_struct *task, struct mm_struct *mm, struct file_probes *file_p)
1323 struct page_probes *page_p = NULL;
1324 struct hlist_node *node = NULL;
1325 struct hlist_head *head = NULL;
1326 int i, table_size = (1 << file_p->page_probes_hash_bits);
1328 for (i = 0; i < table_size; ++i) {
1329 head = &file_p->page_probes_table[i];
1330 hlist_for_each_entry_rcu(page_p, node, head, hlist) {
1331 if (page_present(mm, page_p->offset)) {
1332 register_us_page_probe(page_p, file_p, task);
1338 static void install_proc_probes(struct task_struct *task, struct proc_probes *proc_p, int atomic)
1341 struct vm_area_struct *vma;
1342 struct mm_struct *mm;
1344 mm_read_lock(task, mm, atomic, lock);
1346 for (vma = mm->mmap; vma; vma = vma->vm_next) {
1347 if (check_vma(vma)) {
1348 struct file_probes *file_p = proc_p_find_file_p(proc_p, vma);
1350 if (!file_p->loaded) {
1351 set_mapping_file(file_p, proc_p, task, vma);
1355 install_file_probes(task, mm, file_p);
1360 mm_read_unlock(mm, atomic, lock);
1363 static int unregister_us_file_probes(struct task_struct *task, struct file_probes *file_p, enum US_FLAGS flag)
1366 int table_size = (1 << file_p->page_probes_hash_bits);
1367 struct page_probes *page_p;
1368 struct hlist_node *node, *tmp;
1369 struct hlist_head *head;
1371 for (i = 0; i < table_size; ++i) {
1372 head = &file_p->page_probes_table[i];
1373 hlist_for_each_entry_safe (page_p, node, tmp, head, hlist) {
1374 err = unregister_us_page_probe(task, page_p, flag);
1382 if (flag != US_DISARM) {
1389 static int uninstall_us_proc_probes(struct task_struct *task, struct proc_probes *proc_p, enum US_FLAGS flag)
1392 struct file_probes *file_p;
1394 list_for_each_entry_rcu(file_p, &proc_p->file_list, list) {
1395 err = unregister_us_file_probes(task, file_p, flag);
1405 static pid_t find_proc_by_task(const struct task_struct *task, const struct dentry *dentry)
1407 struct vm_area_struct *vma;
1408 struct mm_struct *mm = task->active_mm;
1413 for (vma = mm->mmap; vma; vma = vma->vm_next) {
1414 if ((vma->vm_flags & VM_EXECUTABLE) && vma->vm_file) {
1415 if (vma->vm_file->f_dentry == dentry) {
1419 if (is_slp_app_with_dentry(vma, dentry)) {
1422 #endif /* SLP_APP */
1424 if (is_android_app_with_dentry(vma, dentry)) {
1427 #endif /* ANDROID_APP */
1434 void do_page_fault_ret_pre_code (void)
1436 struct mm_struct *mm;
1437 struct vm_area_struct *vma = 0;
1438 inst_us_proc_t *task_inst_info = NULL;
1440 * Because process threads have same address space
1441 * we instrument only group_leader of all this threads
1443 struct task_struct *task = current->group_leader;
1444 unsigned long addr = 0;
1447 struct timeval imi_tv1;
1448 struct timeval imi_tv2;
1449 #define USEC_IN_SEC_NUM 1000000
1451 if (task->flags & PF_KTHREAD) {
1452 DPRINTF("ignored kernel thread %d\n", task->pid);
1456 if (!is_us_instrumentation()) {
1460 addr = (unsigned long)swap_get_entry_data(&sa_dpf);
1463 printk("WARNING: do_page_fault_ret_pre_code addr = 0\n");
1468 task_inst_info = get_task_inst_node(task);
1469 if (task_inst_info == NULL) {
1470 task_inst_info = copy_task_inst_info(task, &us_proc_info);
1471 put_task_inst_node(task, task_inst_info);
1474 if (!is_java_inst_enabled() &&
1475 (us_proc_info.unres_ips_count +
1476 us_proc_info.unres_vtps_count +
1477 us_proc_info.unres_otg_ips_count) == 0) {
1482 if (us_proc_info.tgid == 0) {
1483 pid_t tgid = find_proc_by_task(task, us_proc_info.m_f_dentry);
1485 us_proc_info.tgid = gl_nNotifyTgid = tgid;
1489 if (us_proc_info.tgid == task->tgid) {
1490 task_inst_info = &us_proc_info;
1494 if (task_inst_info) {
1495 unsigned long page = addr & PAGE_MASK;
1498 if (is_java_inst_enabled()) {
1499 find_libdvm_for_task(task, &us_proc_info);
1501 #endif /* __ANDROID */
1504 do_gettimeofday(&imi_tv1);
1505 install_page_probes(page, task, task_inst_info->pp, 1);
1506 do_gettimeofday(&imi_tv2);
1508 imi_sum_time += ((imi_tv2.tv_sec - imi_tv1.tv_sec) * USEC_IN_SEC_NUM +
1509 (imi_tv2.tv_usec - imi_tv1.tv_usec));
1513 EXPORT_SYMBOL_GPL(do_page_fault_ret_pre_code);
1516 void do_exit_probe_pre_code (void)
1518 // TODO: remove task
1520 EXPORT_SYMBOL_GPL(do_exit_probe_pre_code);
1522 static int check_addr(unsigned long addr, unsigned long start, size_t len)
1524 if ((addr >= start) && (addr < start + (unsigned long)len)) {
1531 static int remove_unmap_probes(struct task_struct *task, inst_us_proc_t* task_inst_info, unsigned long start, size_t len)
1534 us_proc_otg_ip_t *p;
1536 const int atomic = 1;
1538 for (i = 0; i < task_inst_info->libs_count; ++i) {
1539 for (k = 0; k < task_inst_info->p_libs[i].ips_count; ++k) {
1540 if (task_inst_info->p_libs[i].p_ips[k].installed) {
1541 addr = task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr;
1542 if (check_addr(addr, start, len)) {
1543 err = unregister_usprobe(task, &task_inst_info->p_libs[i].p_ips[k], atomic, 1);
1545 EPRINTF("failed to uninstall IP at %p. Error %d!", task_inst_info->p_libs[i].p_ips[k].jprobe.kp.addr, err);
1548 task_inst_info->unres_ips_count++;
1552 for (k = 0; k < task_inst_info->p_libs[i].vtps_count; ++k) {
1553 if (task_inst_info->p_libs[i].p_vtps[k].installed) {
1554 addr = task_inst_info->p_libs[i].p_vtps[k].jprobe.kp.addr;
1555 if (check_addr(addr, start, len)) {
1556 dbi_unregister_ujprobe(task, &task_inst_info->p_libs[i].p_vtps[k].jprobe, atomic);
1557 task_inst_info->unres_vtps_count++;
1558 task_inst_info->p_libs[i].p_vtps[k].installed = 0;
1564 if (is_java_inst_enabled()) {
1565 us_proc_ip_t *entp = &task_inst_info->libdvm_entry_ip;
1566 if (entp->installed) {
1567 addr = entp->jprobe.kp.addr;
1568 if (check_addr(addr, start, len)) {
1569 unregister_usprobe(task, entp, atomic, 1);
1570 entp->installed = 0;
1573 us_proc_ip_t *retp = &task_inst_info->libdvm_return_ip;
1574 if (retp->installed) {
1575 addr = retp->jprobe.kp.addr;
1576 if (check_addr(addr, start, len)) {
1577 unregister_usprobe(task, retp, atomic, 1);
1578 retp->installed = 0;
1582 #endif /* __ANDROID */
1584 // remove OTG-probes
1585 list_for_each_entry_rcu (p, &otg_us_proc_info, list) {
1586 if (!p->ip.installed) {
1590 addr = p->ip.jprobe.kp.addr;
1591 if (check_addr(addr, start, len) == 0) {
1595 err = unregister_usprobe(task, &p->ip, atomic, 1);
1597 EPRINTF("failed to uninstall IP at %p. Error %d!",
1598 p->ip.jprobe.kp.addr, err);
1602 remove_otg_probe_from_list(p->ip.offset);
1608 void do_munmap_probe_pre_code(struct mm_struct *mm, unsigned long start, size_t len)
1610 inst_us_proc_t *task_inst_info = NULL;
1611 struct task_struct *task = current;
1613 //if user-space instrumentation is not set
1614 if (!us_proc_info.path || task->tgid != task->pid)
1617 if (!strcmp(us_proc_info.path,"*")) {
1618 task_inst_info = get_task_inst_node(task);
1620 if (task->tgid == us_proc_info.tgid) {
1621 task_inst_info = &us_proc_info;
1625 if (task_inst_info) {
1626 remove_unmap_probes(task, task_inst_info, start, len);
1629 EXPORT_SYMBOL_GPL(do_munmap_probe_pre_code);
1631 void mm_release_probe_pre_code(void)
1634 struct task_struct *task;
1636 if (!is_us_instrumentation() || current->tgid != current->pid) {
1641 inst_us_proc_t *task_inst_info = get_task_inst_node(current);
1642 if (task_inst_info) {
1643 iRet = uninstall_us_proc_probes(current, task_inst_info->pp, US_NOT_RP2);
1645 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
1648 dbi_unregister_all_uprobes(current, 1);
1651 if (current->tgid == us_proc_info.tgid && current->tgid == current->pid) {
1653 iRet = uninstall_us_proc_probes(current, us_proc_info.pp, US_NOT_RP2);
1655 EPRINTF ("failed to uninstall IPs (%d)!", iRet);
1658 dbi_unregister_all_uprobes(current, 1);
1659 us_proc_info.tgid = 0;
1660 for(i = 0; i < us_proc_info.libs_count; i++) {
1661 us_proc_info.p_libs[i].loaded = 0;
1666 EXPORT_SYMBOL_GPL(mm_release_probe_pre_code);
1669 static void recover_child(struct task_struct *child_task, inst_us_proc_t *parent_iup)
1671 uninstall_us_proc_probes(child_task, parent_iup->pp, US_DISARM);
1674 static void rm_uprobes_child(struct task_struct *new_task)
1677 inst_us_proc_t *task_inst_info = get_task_inst_node(current);
1679 recover_child(new_task, task_inst_info);
1681 if(us_proc_info.tgid == current->tgid) {
1682 recover_child(new_task, &us_proc_info);
1687 void copy_process_ret_pre_code(struct task_struct *p)
1692 if(p->mm != current->mm) // check flags CLONE_VM
1693 rm_uprobes_child(p);
1697 DEFINE_PER_CPU (us_proc_ip_t *, gpCurIp) = NULL;
1698 EXPORT_PER_CPU_SYMBOL_GPL(gpCurIp);
1699 DEFINE_PER_CPU(struct pt_regs *, gpUserRegs) = NULL;
1700 EXPORT_PER_CPU_SYMBOL_GPL(gpUserRegs);
1703 unsigned long ujprobe_event_pre_handler (us_proc_ip_t * ip, struct pt_regs *regs)
1705 __get_cpu_var (gpCurIp) = ip;
1706 __get_cpu_var (gpUserRegs) = regs;
1711 int handle_java_event(unsigned long addr)
1713 unsigned long start = 0;
1714 struct pt_regs *regs = __get_cpu_var(gpUserRegs);
1717 /* TODO: some stuff here */
1719 start = us_proc_info.libdvm_start;
1721 unsigned long end = us_proc_info.libdvm_end;
1723 if (addr == start + LIBDVM_ENTRY) {
1724 unsigned long *p_met = (unsigned long *)regs->ARM_r0;
1725 char *met_name = p_met ? (char *)(p_met[4]) : 0;
1726 unsigned long *p_cl = p_met ? (unsigned long *)p_met[0] : 0;
1727 char *cl_name = p_cl ? (char *)(p_cl[6]) : 0;
1728 if (!cl_name || !met_name) {
1729 EPRINTF("warn: class name or method name null\n");
1731 pack_event_info(JAVA_PROBE_ID, RECORD_ENTRY, "pss", addr, cl_name, met_name);
1733 dbi_uprobe_return ();
1737 if (addr == start + LIBDVM_RETURN) {
1738 unsigned long *p_th = (unsigned long *)regs->ARM_r6;
1739 unsigned long *p_st = p_th;
1740 unsigned long *p_met = p_st ? (unsigned long *)p_st[2] : 0;
1741 char *met_name = p_met ? (char *)(p_met[4]) : 0;
1742 unsigned long *p_cl = p_met ? (unsigned long *)p_met[0] : 0;
1743 char *cl_name = p_cl ? (char *)(p_cl[6]) : 0;
1744 if (!cl_name || !met_name) {
1745 EPRINTF("warn: class name or method name null\n");
1747 pack_event_info(JAVA_PROBE_ID, RECORD_RET, "pss", addr, cl_name, met_name);
1749 dbi_uprobe_return ();
1755 #endif /* __ANDROID */
1757 void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6)
1759 us_proc_ip_t *ip = __get_cpu_var (gpCurIp);
1760 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1763 if (is_java_inst_enabled() && handle_java_event(addr)) {
1766 #endif /* __ANDROID */
1769 #if defined(CONFIG_ARM)
1770 if (ip->offset & 0x01)
1772 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr | 0x01, arg1, arg2, arg3, arg4, arg5, arg6);
1774 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr, arg1, arg2, arg3, arg4, arg5, arg6);
1777 pack_event_info (US_PROBE_ID, RECORD_ENTRY, "ppppppp", addr, arg1, arg2, arg3, arg4, arg5, arg6);
1779 // Mr_Nobody: uncomment for valencia
1780 //unregister_usprobe(current, ip, 1);
1781 dbi_uprobe_return ();
1784 void find_plt_address(unsigned long addr)
1786 inst_us_proc_t *task_inst_info = NULL;
1789 struct vm_area_struct *vma;
1790 us_proc_lib_t *p_lib = NULL;
1791 char *szLibPath = NULL;
1793 // Search for library structure to check whether this function plt or not
1794 if (strcmp(us_proc_info.path, "*")){
1795 // If app lib instrumentation
1796 task_inst_info = &us_proc_info;
1798 // If lib only instrumentation
1799 task_inst_info = get_task_inst_node(current);
1801 if ((task_inst_info != NULL) && (task_inst_info->is_plt != 0)) {
1802 for (i = 0; i < task_inst_info->libs_count; i++)
1804 if ((task_inst_info->p_libs[i].loaded)
1805 && (task_inst_info->p_libs[i].plt_count > 0)
1806 && (addr > task_inst_info->p_libs[i].vma_start)
1807 && (addr < task_inst_info->p_libs[i].vma_end))
1809 p_lib = &(task_inst_info->p_libs[i]);
1813 if (p_lib != NULL) {
1814 for (i = 0; i < p_lib->plt_count; i++)
1816 if (addr == p_lib->p_plt[i].func_addr + p_lib->vma_start) {
1817 unsigned long real_got;
1818 if (p_lib->vma_flag & VM_EXECUTABLE) {
1819 real_got = p_lib->p_plt[i].got_addr;
1821 real_got = p_lib->p_plt[i].got_addr + p_lib->vma_start;
1823 if (!read_proc_vm_atomic(current, (unsigned long)(real_got), &real_addr, sizeof(unsigned long))) {
1824 printk("Failed to read got %p at memory address %p!\n", p_lib->p_plt[i].got_addr, real_got);
1827 if (real_addr != p_lib->p_plt[i].real_func_addr) {
1828 p_lib->p_plt[i].real_func_addr = real_addr;
1829 vma = find_vma(current->mm, real_addr);
1830 if ((vma != NULL) && (vma->vm_start <= real_addr) && (vma->vm_end > real_addr)) {
1831 if (vma->vm_file != NULL) {
1832 szLibPath = &(vma->vm_file->f_dentry->d_iname);
1835 printk("Failed to get vma, includes %x address\n", real_addr);
1839 pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "ppsp", addr, real_addr, szLibPath, real_addr - vma->vm_start);
1842 pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "ppp", addr, real_addr, real_addr - vma->vm_start);
1854 int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *regs, us_proc_ip_t * ip)
1856 int retval = regs_return_value(regs);
1857 unsigned long addr = (unsigned long)ip->jprobe.kp.addr;
1859 find_plt_address(addr);
1861 #if defined(CONFIG_ARM)
1862 if (ip->offset & 0x01)
1864 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr | 0x01, retval);
1866 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr, retval);
1869 pack_event_info (US_PROBE_ID, RECORD_RET, "pd", addr, retval);
1871 // Mr_Nobody: uncomment for valencia
1872 //unregister_usprobe(current, ip, 1);
1876 static int register_usprobe(struct task_struct *task, us_proc_ip_t *ip, int atomic)
1879 ip->jprobe.kp.tgid = task->tgid;
1881 if (ip->jprobe.entry == NULL) {
1882 ip->jprobe.entry = (kprobe_opcode_t *)ujprobe_event_handler;
1883 DPRINTF("Set default event handler for %x\n", ip->offset);
1886 if (ip->jprobe.pre_entry == NULL) {
1887 ip->jprobe.pre_entry = (kprobe_pre_entry_handler_t)ujprobe_event_pre_handler;
1888 DPRINTF("Set default pre handler for %x\n", ip->offset);
1891 ip->jprobe.priv_arg = ip;
1892 ret = dbi_register_ujprobe(task, &ip->jprobe, atomic);
1894 DPRINTF ("dbi_register_ujprobe() failure %d", ret);
1898 if (ip->flags & FLAG_RETPROBE) {
1899 // Mr_Nobody: comment for valencia
1900 ip->retprobe.kp.tgid = task->tgid;
1901 if (ip->retprobe.handler == NULL) {
1902 ip->retprobe.handler = (kretprobe_handler_t)uretprobe_event_handler;
1903 DPRINTF("Set default ret event handler for %x\n", ip->offset);
1906 ip->retprobe.priv_arg = ip;
1907 ret = dbi_register_uretprobe(task, &ip->retprobe, atomic);
1909 EPRINTF ("dbi_register_uretprobe() failure %d", ret);
1919 static int unregister_usprobe(struct task_struct *task, us_proc_ip_t * ip, int atomic, int not_rp2)
1921 dbi_unregister_ujprobe(task, &ip->jprobe, atomic);
1923 if (ip->flags & FLAG_RETPROBE) {
1924 dbi_unregister_uretprobe(task, &ip->retprobe, atomic, not_rp2);
1932 unsigned long get_stack_size(struct task_struct *task,
1933 struct pt_regs *regs)
1935 #ifdef CONFIG_ADD_THREAD_STACK_INFO
1936 return (task->stack_start - dbi_get_stack_ptr(regs));
1938 struct vm_area_struct *vma = NULL;
1939 struct mm_struct *mm = NULL;
1940 unsigned long result = 0;
1941 int atomic = in_atomic();
1943 mm = (atomic ? task->active_mm: get_task_mm(task));
1947 down_read(&mm->mmap_sem);
1949 vma = find_vma(mm, dbi_get_stack_ptr(regs));
1952 result = vma->vm_end - dbi_get_stack_ptr(regs);
1957 up_read(&mm->mmap_sem);
1965 EXPORT_SYMBOL_GPL(get_stack_size);
1967 unsigned long get_stack(struct task_struct *task, struct pt_regs *regs,
1968 char *buf, unsigned long sz)
1970 unsigned long stack_sz = get_stack_size(task, regs);
1971 unsigned long real_sz = (stack_sz > sz ? sz: stack_sz);
1972 int res = read_proc_vm_atomic(task, dbi_get_stack_ptr(regs), buf, real_sz);
1975 EXPORT_SYMBOL_GPL(get_stack);
1977 int dump_to_trace(probe_id_t probe_id, void *addr, const char *buf,
1980 unsigned long rest_sz = sz;
1981 const char *data = buf;
1983 while (rest_sz >= EVENT_MAX_SIZE) {
1984 pack_event_info(probe_id, RECORD_ENTRY, "pa",
1985 addr, EVENT_MAX_SIZE, data);
1986 rest_sz -= EVENT_MAX_SIZE;
1987 data += EVENT_MAX_SIZE;
1991 pack_event_info(probe_id, RECORD_ENTRY, "pa", addr, rest_sz, data);
1995 EXPORT_SYMBOL_GPL(dump_to_trace);
1997 int dump_backtrace(probe_id_t probe_id, struct task_struct *task,
1998 void *addr, struct pt_regs *regs, unsigned long sz)
2000 unsigned long real_sz = 0;
2003 buf = (char *)kmalloc(sz, GFP_ATOMIC);
2006 real_sz = get_stack(task, regs, buf, sz);
2008 dump_to_trace(probe_id, addr, buf, real_sz);
2015 EXPORT_SYMBOL_GPL(dump_backtrace);
2017 unsigned long get_ret_addr(struct task_struct *task, us_proc_ip_t *ip)
2019 unsigned long retaddr = 0;
2020 struct hlist_node *item, *tmp_node;
2021 struct kretprobe_instance *ri;
2024 hlist_for_each_safe (item, tmp_node, &ip->retprobe.used_instances) {
2025 ri = hlist_entry (item, struct kretprobe_instance, uflist);
2027 if (ri->task && ri->task->pid == task->pid &&
2028 ri->task->tgid == task->tgid)
2029 retaddr = (unsigned long)ri->ret_addr;
2036 return dbi_get_ret_addr(task_pt_regs(task));
2038 EXPORT_SYMBOL_GPL(get_ret_addr);
projects / kernel / swap-modules.git / blob