From c57ae67a66682d0d87fb84e089b2a1a2ac67589e Mon Sep 17 00:00:00 2001 From: Alexander Aksenov Date: Fri, 2 Nov 2012 20:19:34 +0400 Subject: [PATCH] Now plt works with app lib and lib only instrumentation --- driver/storage.c | 7 +-- driver/us_proc_inst.c | 171 ++++++++++++++++++++++++-------------------------- 2 files changed, 83 insertions(+), 95 deletions(-) diff --git a/driver/storage.c b/driver/storage.c index f772f59..4dc1555 100644 --- a/driver/storage.c +++ b/driver/storage.c @@ -916,7 +916,6 @@ char *find_lib_path(const char *lib_name) return NULL; } -#if LINUX_VERSION_CODE > KERNEL_VERSION(2, 6, 27) #define list_for_each_rcu(pos, head) __list_for_each_rcu(pos, head) #endif @@ -969,10 +968,8 @@ void unlink_bundle(void) } kfree ((void *) d_lib->p_vtps); } -// FIXME Under construction d_lib->plt_count = 0; kfree((void*) d_lib->p_plt); -// Under construction ends } kfree ((void *) us_proc_info.p_libs); us_proc_info.p_libs = 0; @@ -1022,6 +1019,7 @@ int link_bundle() int lib_name_len; int handler_index; + /* Get user-defined us handlers (if they are provided) */ get_uprobes = (get_my_uprobes_info_t)lookup_name("get_my_uprobes_info"); if (get_uprobes) @@ -1285,7 +1283,6 @@ int link_bundle() d_lib->plt_count = *(u_int32_t*)p; p += sizeof(u_int32_t); - printk("+++ PLT count : %d", d_lib->plt_count); if (d_lib->plt_count > 0) { int j; @@ -1302,8 +1299,6 @@ int link_bundle() p += sizeof(u_int32_t); d_lib->p_plt[j].got_addr = *(u_int32_t*)p; p += sizeof(u_int32_t); - printk("plt addr : %x\n", d_lib->p_plt[j].func_addr); - printk("plt got : %x\n", d_lib->p_plt[j].got_addr); d_lib->p_plt[j].real_func_addr = 0; } } diff --git a/driver/us_proc_inst.c b/driver/us_proc_inst.c index 993075a..af50347 100644 --- a/driver/us_proc_inst.c +++ b/driver/us_proc_inst.c @@ -210,9 +210,11 @@ inst_us_proc_t* copy_task_inst_info (struct task_struct *task, inst_us_proc_t * unres_ips_count += copy_info->p_libs[i].ips_count; } - - printk("++ Where are my plt?!\n"); - printk("++ %d\n", copy_info->p_libs[i].plt_count); + + for (j = 0; j < copy_info->p_libs[i].plt_count; j++) + { + copy_info->p_libs[i].p_plt[j].real_func_addr = 0; + } if (copy_info->p_libs[i].vtps_count > 0) { unres_vtps_count += copy_info->p_libs[i].vtps_count; @@ -236,6 +238,9 @@ inst_us_proc_t* copy_task_inst_info (struct task_struct *task, inst_us_proc_t * copy_info->p_libs[i].m_f_dentry = task_inst_info->p_libs[i].m_f_dentry; copy_info->p_libs[i].loaded = 0; + + copy_info->p_libs[i].vma_start = 0; + copy_info->p_libs[i].vma_end = 0; } copy_info->unres_ips_count = unres_ips_count; copy_info->unres_vtps_count = unres_vtps_count; @@ -608,19 +613,6 @@ static int install_mapped_ips (struct task_struct *task, inst_us_proc_t* task_in else p++; task_inst_info->p_libs[i].loaded = 1; - printk("loaded library : %s at : %x dentry short name : %s\n", task_inst_info->p_libs[i].path, vma->vm_start, vma->vm_file->f_dentry->d_iname); - if (task_inst_info->p_libs[i].plt_count > 0) - { - int j; - for (j = 0; j < task_inst_info->p_libs[i].plt_count; j++) - { - task_inst_info->p_libs[i].p_plt[j].func_addr += vma->vm_start; - if (strcmp(task_inst_info->p_libs[i].path, task_inst_info->path)) - { - task_inst_info->p_libs[i].p_plt[j].got_addr += vma->vm_start; - } - } - } task_inst_info->p_libs[i].vma_start = vma->vm_start; task_inst_info->p_libs[i].vma_end = vma->vm_end; pack_event_info (DYN_LIB_PROBE_ID, RECORD_ENTRY, "dspdd", @@ -1559,78 +1551,79 @@ void ujprobe_event_handler (unsigned long arg1, unsigned long arg2, unsigned lon void find_plt_address(struct kretprobe_instance *probe, us_proc_ip_t * ip) { - unsigned long addr = (unsigned long)ip->jprobe.kp.addr; - inst_us_proc_t *task_inst_info = NULL; - int i; - unsigned real_addr; - struct vm_area_struct *vma; - us_proc_lib_t *p_lib = NULL; - char *szLibPath = NULL; - - // Search for library structure to check whether this function plt or not - if (strcmp(us_proc_info.path, "*")) - { - // If lib only instrumentation - task_inst_info = get_task_inst_node(current); - } - { - // If app lib instrumentation - task_inst_info = &us_proc_info; - } - if (task_inst_info != NULL) - { - for (i = 0; i < task_inst_info->libs_count; i++) - { - if ((task_inst_info->p_libs[i].loaded) && (task_inst_info->p_libs[i].plt_count > 0) && (addr > task_inst_info->p_libs[i].vma_start) && (addr < task_inst_info->p_libs[i].vma_end)) - { - p_lib = &(task_inst_info->p_libs[i]); - break; - } - } - } - else - { - printk("task_inst_info not found!\n"); - return; - } - - if (p_lib != NULL) - { - for (i = 0; i < p_lib->plt_count; i++) - { - if (addr == p_lib->p_plt[i].func_addr) - { - if (!read_proc_vm_atomic(current, (unsigned long)p_lib->p_plt[i].got_addr, &real_addr, sizeof(unsigned long))) - { - printk("Failed to read memory %p!\n", p_lib->p_plt[i].got_addr); - break; - } - if (real_addr != p_lib->p_plt[i].real_func_addr) - { - p_lib->p_plt[i].real_func_addr = real_addr; - vma = find_vma(current->mm, real_addr); - if ((vma->vm_start <= real_addr) && (vma->vm_end > real_addr)) - { - if (vma->vm_file != NULL) - { - szLibPath = &(vma->vm_file->f_dentry->d_iname); - } - } - - if (szLibPath) - { - pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "ps", real_addr, szLibPath); - break; - } - else - { - pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "p", real_addr); - break; - } - } - } - } - } + unsigned long addr = (unsigned long)ip->jprobe.kp.addr; + inst_us_proc_t *task_inst_info = NULL; + int i; + unsigned real_addr; + struct vm_area_struct *vma; + us_proc_lib_t *p_lib = NULL; + char *szLibPath = NULL; + + // Search for library structure to check whether this function plt or not + if (strcmp(us_proc_info.path, "*")) + { + // If app lib instrumentation + task_inst_info = &us_proc_info; + } + else + { + // If lib only instrumentation + task_inst_info = get_task_inst_node(current); + } + if (task_inst_info != NULL) + { + for (i = 0; i < task_inst_info->libs_count; i++) + { + if ((task_inst_info->p_libs[i].loaded) && (task_inst_info->p_libs[i].plt_count > 0) && (addr > task_inst_info->p_libs[i].vma_start) && (addr < task_inst_info->p_libs[i].vma_end)) + { + p_lib = &(task_inst_info->p_libs[i]); + break; + } + } + } + else + { + printk("task_inst_info not found!\n"); + return; + } + + if (p_lib != NULL) + { + for (i = 0; i < p_lib->plt_count; i++) + { + if (addr == p_lib->p_plt[i].func_addr + p_lib->vma_start) + { + if (!read_proc_vm_atomic(current, (unsigned long)(p_lib->p_plt[i].got_addr + p_lib->vma_start), &real_addr, sizeof(unsigned long))) + { + printk("Failed to read memory %p!\n", p_lib->p_plt[i].got_addr + p_lib->vma_start); + break; + } + if (real_addr != p_lib->p_plt[i].real_func_addr) + { + p_lib->p_plt[i].real_func_addr = real_addr; + vma = find_vma(current->mm, real_addr); + if ((vma->vm_start <= real_addr) && (vma->vm_end > real_addr)) + { + if (vma->vm_file != NULL) + { + szLibPath = &(vma->vm_file->f_dentry->d_iname); + } + } + + if (szLibPath) + { + pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "pps", addr, real_addr, szLibPath); + break; + } + else + { + pack_event_info(PLT_ADDR_PROBE_ID, RECORD_RET, "pp", addr, real_addr); + break; + } + } + } + } + } } int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *regs, us_proc_ip_t * ip) @@ -1638,7 +1631,7 @@ int uretprobe_event_handler (struct kretprobe_instance *probe, struct pt_regs *r int retval = regs_return_value(regs); unsigned long addr = (unsigned long)ip->jprobe.kp.addr; - find_plt_address(probe, ip); + find_plt_address(probe, ip); #if defined(CONFIG_ARM) if (ip->offset & 0x01) -- 2.7.4