src - FreeBSD source tree

diff options


context:
space:
mode:

author	Bryan Drewery <bdrewery@FreeBSD.org>	2016-01-28 01:17:55 +0000
committer	Bryan Drewery <bdrewery@FreeBSD.org>	2016-01-28 01:17:55 +0000
commit	2f6009620fa80bcf3899fdd6da19f4f088ce3c50 (patch)
tree	58ca788cce5e80083eb67e975c1721e4edd6d073 /sys/dev/filemon
parent	79d699139be5eba4ac71fe2879fa2757097941b5 (diff)
download	src-2f6009620fa80bcf3899fdd6da19f4f088ce3c50.tar.gz src-2f6009620fa80bcf3899fdd6da19f4f088ce3c50.zip

filemon: Trace fork via process_fork event.

This avoids needing ugly hooks and needing both a vfork and fork handler. MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division

Notes

Notes: svn path=/head/; revision=294967

Diffstat (limited to 'sys/dev/filemon')

-rw-r--r--

sys/dev/filemon/filemon_wrapper.c

1 files changed, 14 insertions, 47 deletions

diff --git a/sys/dev/filemon/filemon_wrapper.c b/sys/dev/filemon/filemon_wrapper.c
index fcf459d7d394..ea44175c8bcc 100644
--- a/sys/dev/filemon/filemon_wrapper.c
+++ b/sys/dev/filemon/filemon_wrapper.c

@@ -45,20 +45,19 @@ __FBSDID("$FreeBSD$");

9-CURRENT September 10th-16th. */

#define sys_chdir chdir

#define sys_execve execve

-#define sys_fork fork

#define sys_link link

#define sys_open open

#define sys_rename rename

#define sys_stat stat

#define sys_symlink symlink

#define sys_unlink unlink

-#define sys_vfork vfork

#ifdef FILEMON_HAS_LINKAT

#define sys_linkat linkat

#endif

#endif /* __FreeBSD_version */

static eventhandler_tag filemon_exit_tag;

+static eventhandler_tag filemon_fork_tag;

static void

filemon_output(struct filemon *filemon, char *msg, size_t len)

@@ -196,29 +195,6 @@ filemon_wrapper_freebsd32_execve(struct thread *td,

#endif

static int

-filemon_wrapper_fork(struct thread *td, struct fork_args *uap)

- int ret;

- size_t len;

- struct filemon *filemon;

- if ((ret = sys_fork(td, uap)) == 0) {

- if ((filemon = filemon_pid_check(curproc)) != NULL) {

- len = snprintf(filemon->msgbufr,

- sizeof(filemon->msgbufr), "F %d %ld\n",

- curproc->p_pid, (long)curthread->td_retval[0]);

- filemon_output(filemon, filemon->msgbufr, len);

- /* Unlock the found filemon structure. */

- filemon_filemon_unlock(filemon);

- }

- return (ret);

-static int

filemon_wrapper_open(struct thread *td, struct open_args *uap)

{

int ret;

@@ -545,27 +521,23 @@ filemon_wrapper_unlink(struct thread *td, struct unlink_args *uap)

return (ret);

}

-static int

-filemon_wrapper_vfork(struct thread *td, struct vfork_args *uap)

+static void

+filemon_event_process_fork(void *arg __unused, struct proc *p1,

+ struct proc *p2, int flags)

{

- int ret;

size_t len;

struct filemon *filemon;

- if ((ret = sys_vfork(td, uap)) == 0) {

- if ((filemon = filemon_pid_check(curproc)) != NULL) {

- len = snprintf(filemon->msgbufr,

- sizeof(filemon->msgbufr), "F %d %ld\n",

- curproc->p_pid, (long)curthread->td_retval[0]);

+ if ((filemon = filemon_pid_check(p1)) != NULL) {

+ len = snprintf(filemon->msgbufr,

+ sizeof(filemon->msgbufr), "F %d %d\n",

+ p1->p_pid, p2->p_pid);

- filemon_output(filemon, filemon->msgbufr, len);

+ filemon_output(filemon, filemon->msgbufr, len);

- /* Unlock the found filemon structure. */

- filemon_filemon_unlock(filemon);

- }

+ /* Unlock the found filemon structure. */

+ filemon_filemon_unlock(filemon);

}

- return (ret);

}

static void

@@ -579,13 +551,11 @@ filemon_wrapper_install(void)

sv_table[SYS_chdir].sy_call = (sy_call_t *) filemon_wrapper_chdir;

sv_table[SYS_execve].sy_call = (sy_call_t *) filemon_wrapper_execve;

- sv_table[SYS_fork].sy_call = (sy_call_t *) filemon_wrapper_fork;

sv_table[SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open;

sv_table[SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat;

sv_table[SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename;

sv_table[SYS_stat].sy_call = (sy_call_t *) filemon_wrapper_stat;

sv_table[SYS_unlink].sy_call = (sy_call_t *) filemon_wrapper_unlink;

- sv_table[SYS_vfork].sy_call = (sy_call_t *) filemon_wrapper_vfork;

sv_table[SYS_link].sy_call = (sy_call_t *) filemon_wrapper_link;

sv_table[SYS_symlink].sy_call = (sy_call_t *) filemon_wrapper_symlink;

#ifdef FILEMON_HAS_LINKAT

@@ -597,13 +567,11 @@ filemon_wrapper_install(void)

sv_table[FREEBSD32_SYS_chdir].sy_call = (sy_call_t *) filemon_wrapper_chdir;

sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_execve;

- sv_table[FREEBSD32_SYS_fork].sy_call = (sy_call_t *) filemon_wrapper_fork;

sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open;

sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat;

sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename;

sv_table[FREEBSD32_SYS_freebsd32_stat].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_stat;

sv_table[FREEBSD32_SYS_unlink].sy_call = (sy_call_t *) filemon_wrapper_unlink;

- sv_table[FREEBSD32_SYS_vfork].sy_call = (sy_call_t *) filemon_wrapper_vfork;

sv_table[FREEBSD32_SYS_link].sy_call = (sy_call_t *) filemon_wrapper_link;

sv_table[FREEBSD32_SYS_symlink].sy_call = (sy_call_t *) filemon_wrapper_symlink;

#ifdef FILEMON_HAS_LINKAT

@@ -613,6 +581,8 @@ filemon_wrapper_install(void)

filemon_exit_tag = EVENTHANDLER_REGISTER(process_exit,

filemon_event_process_exit, NULL, EVENTHANDLER_PRI_LAST);

+ filemon_fork_tag = EVENTHANDLER_REGISTER(process_fork,

+ filemon_event_process_fork, NULL, EVENTHANDLER_PRI_LAST);

}

static void

@@ -626,13 +596,11 @@ filemon_wrapper_deinstall(void)

sv_table[SYS_chdir].sy_call = (sy_call_t *)sys_chdir;

sv_table[SYS_execve].sy_call = (sy_call_t *)sys_execve;

- sv_table[SYS_fork].sy_call = (sy_call_t *)sys_fork;

sv_table[SYS_open].sy_call = (sy_call_t *)sys_open;

sv_table[SYS_openat].sy_call = (sy_call_t *)sys_openat;

sv_table[SYS_rename].sy_call = (sy_call_t *)sys_rename;

sv_table[SYS_stat].sy_call = (sy_call_t *)sys_stat;

sv_table[SYS_unlink].sy_call = (sy_call_t *)sys_unlink;

- sv_table[SYS_vfork].sy_call = (sy_call_t *)sys_vfork;

sv_table[SYS_link].sy_call = (sy_call_t *)sys_link;

sv_table[SYS_symlink].sy_call = (sy_call_t *)sys_symlink;

#ifdef FILEMON_HAS_LINKAT

@@ -644,13 +612,11 @@ filemon_wrapper_deinstall(void)

sv_table[FREEBSD32_SYS_chdir].sy_call = (sy_call_t *)sys_chdir;

sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *)freebsd32_execve;

- sv_table[FREEBSD32_SYS_fork].sy_call = (sy_call_t *)sys_fork;

sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *)sys_open;

sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *)sys_openat;

sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *)sys_rename;

sv_table[FREEBSD32_SYS_freebsd32_stat].sy_call = (sy_call_t *)freebsd32_stat;

sv_table[FREEBSD32_SYS_unlink].sy_call = (sy_call_t *)sys_unlink;

- sv_table[FREEBSD32_SYS_vfork].sy_call = (sy_call_t *)sys_vfork;

sv_table[FREEBSD32_SYS_link].sy_call = (sy_call_t *)sys_link;

sv_table[FREEBSD32_SYS_symlink].sy_call = (sy_call_t *)sys_symlink;

#ifdef FILEMON_HAS_LINKAT

@@ -659,4 +625,5 @@ filemon_wrapper_deinstall(void)

#endif /* COMPAT_ARCH32 */

EVENTHANDLER_DEREGISTER(process_exit, filemon_exit_tag);

+ EVENTHANDLER_DEREGISTER(process_fork, filemon_fork_tag);

}