diff options
author | bdrewery <bdrewery@FreeBSD.org> | 2016-01-28 01:17:55 +0000 |
---|---|---|
committer | bdrewery <bdrewery@FreeBSD.org> | 2016-01-28 01:17:55 +0000 |
commit | f0449fbcaad82b04afc03e3dfa798c4c4ec0ddc1 (patch) | |
tree | 58ca788cce5e80083eb67e975c1721e4edd6d073 | |
parent | 466bcd3bf3e6f555e202cc0271a68224d44ad7b7 (diff) | |
download | FreeBSD-src-f0449fbcaad82b04afc03e3dfa798c4c4ec0ddc1.zip FreeBSD-src-f0449fbcaad82b04afc03e3dfa798c4c4ec0ddc1.tar.gz |
filemon: Trace fork via process_fork event.
This avoids needing ugly hooks and needing both a vfork and fork
handler.
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
-rw-r--r-- | sys/dev/filemon/filemon_wrapper.c | 61 |
1 files changed, 14 insertions, 47 deletions
diff --git a/sys/dev/filemon/filemon_wrapper.c b/sys/dev/filemon/filemon_wrapper.c index fcf459d..ea44175 100644 --- a/sys/dev/filemon/filemon_wrapper.c +++ b/sys/dev/filemon/filemon_wrapper.c @@ -45,20 +45,19 @@ __FBSDID("$FreeBSD$"); 9-CURRENT September 10th-16th. */ #define sys_chdir chdir #define sys_execve execve -#define sys_fork fork #define sys_link link #define sys_open open #define sys_rename rename #define sys_stat stat #define sys_symlink symlink #define sys_unlink unlink -#define sys_vfork vfork #ifdef FILEMON_HAS_LINKAT #define sys_linkat linkat #endif #endif /* __FreeBSD_version */ static eventhandler_tag filemon_exit_tag; +static eventhandler_tag filemon_fork_tag; static void filemon_output(struct filemon *filemon, char *msg, size_t len) @@ -196,29 +195,6 @@ filemon_wrapper_freebsd32_execve(struct thread *td, #endif static int -filemon_wrapper_fork(struct thread *td, struct fork_args *uap) -{ - int ret; - size_t len; - struct filemon *filemon; - - if ((ret = sys_fork(td, uap)) == 0) { - if ((filemon = filemon_pid_check(curproc)) != NULL) { - len = snprintf(filemon->msgbufr, - sizeof(filemon->msgbufr), "F %d %ld\n", - curproc->p_pid, (long)curthread->td_retval[0]); - - filemon_output(filemon, filemon->msgbufr, len); - - /* Unlock the found filemon structure. */ - filemon_filemon_unlock(filemon); - } - } - - return (ret); -} - -static int filemon_wrapper_open(struct thread *td, struct open_args *uap) { int ret; @@ -545,27 +521,23 @@ filemon_wrapper_unlink(struct thread *td, struct unlink_args *uap) return (ret); } -static int -filemon_wrapper_vfork(struct thread *td, struct vfork_args *uap) +static void +filemon_event_process_fork(void *arg __unused, struct proc *p1, + struct proc *p2, int flags) { - int ret; size_t len; struct filemon *filemon; - if ((ret = sys_vfork(td, uap)) == 0) { - if ((filemon = filemon_pid_check(curproc)) != NULL) { - len = snprintf(filemon->msgbufr, - sizeof(filemon->msgbufr), "F %d %ld\n", - curproc->p_pid, (long)curthread->td_retval[0]); + if ((filemon = filemon_pid_check(p1)) != NULL) { + len = snprintf(filemon->msgbufr, + sizeof(filemon->msgbufr), "F %d %d\n", + p1->p_pid, p2->p_pid); - filemon_output(filemon, filemon->msgbufr, len); + filemon_output(filemon, filemon->msgbufr, len); - /* Unlock the found filemon structure. */ - filemon_filemon_unlock(filemon); - } + /* Unlock the found filemon structure. */ + filemon_filemon_unlock(filemon); } - - return (ret); } static void @@ -579,13 +551,11 @@ filemon_wrapper_install(void) sv_table[SYS_chdir].sy_call = (sy_call_t *) filemon_wrapper_chdir; sv_table[SYS_execve].sy_call = (sy_call_t *) filemon_wrapper_execve; - sv_table[SYS_fork].sy_call = (sy_call_t *) filemon_wrapper_fork; sv_table[SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open; sv_table[SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat; sv_table[SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename; sv_table[SYS_stat].sy_call = (sy_call_t *) filemon_wrapper_stat; sv_table[SYS_unlink].sy_call = (sy_call_t *) filemon_wrapper_unlink; - sv_table[SYS_vfork].sy_call = (sy_call_t *) filemon_wrapper_vfork; sv_table[SYS_link].sy_call = (sy_call_t *) filemon_wrapper_link; sv_table[SYS_symlink].sy_call = (sy_call_t *) filemon_wrapper_symlink; #ifdef FILEMON_HAS_LINKAT @@ -597,13 +567,11 @@ filemon_wrapper_install(void) sv_table[FREEBSD32_SYS_chdir].sy_call = (sy_call_t *) filemon_wrapper_chdir; sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_execve; - sv_table[FREEBSD32_SYS_fork].sy_call = (sy_call_t *) filemon_wrapper_fork; sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open; sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat; sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename; sv_table[FREEBSD32_SYS_freebsd32_stat].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_stat; sv_table[FREEBSD32_SYS_unlink].sy_call = (sy_call_t *) filemon_wrapper_unlink; - sv_table[FREEBSD32_SYS_vfork].sy_call = (sy_call_t *) filemon_wrapper_vfork; sv_table[FREEBSD32_SYS_link].sy_call = (sy_call_t *) filemon_wrapper_link; sv_table[FREEBSD32_SYS_symlink].sy_call = (sy_call_t *) filemon_wrapper_symlink; #ifdef FILEMON_HAS_LINKAT @@ -613,6 +581,8 @@ filemon_wrapper_install(void) filemon_exit_tag = EVENTHANDLER_REGISTER(process_exit, filemon_event_process_exit, NULL, EVENTHANDLER_PRI_LAST); + filemon_fork_tag = EVENTHANDLER_REGISTER(process_fork, + filemon_event_process_fork, NULL, EVENTHANDLER_PRI_LAST); } static void @@ -626,13 +596,11 @@ filemon_wrapper_deinstall(void) sv_table[SYS_chdir].sy_call = (sy_call_t *)sys_chdir; sv_table[SYS_execve].sy_call = (sy_call_t *)sys_execve; - sv_table[SYS_fork].sy_call = (sy_call_t *)sys_fork; sv_table[SYS_open].sy_call = (sy_call_t *)sys_open; sv_table[SYS_openat].sy_call = (sy_call_t *)sys_openat; sv_table[SYS_rename].sy_call = (sy_call_t *)sys_rename; sv_table[SYS_stat].sy_call = (sy_call_t *)sys_stat; sv_table[SYS_unlink].sy_call = (sy_call_t *)sys_unlink; - sv_table[SYS_vfork].sy_call = (sy_call_t *)sys_vfork; sv_table[SYS_link].sy_call = (sy_call_t *)sys_link; sv_table[SYS_symlink].sy_call = (sy_call_t *)sys_symlink; #ifdef FILEMON_HAS_LINKAT @@ -644,13 +612,11 @@ filemon_wrapper_deinstall(void) sv_table[FREEBSD32_SYS_chdir].sy_call = (sy_call_t *)sys_chdir; sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *)freebsd32_execve; - sv_table[FREEBSD32_SYS_fork].sy_call = (sy_call_t *)sys_fork; sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *)sys_open; sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *)sys_openat; sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *)sys_rename; sv_table[FREEBSD32_SYS_freebsd32_stat].sy_call = (sy_call_t *)freebsd32_stat; sv_table[FREEBSD32_SYS_unlink].sy_call = (sy_call_t *)sys_unlink; - sv_table[FREEBSD32_SYS_vfork].sy_call = (sy_call_t *)sys_vfork; sv_table[FREEBSD32_SYS_link].sy_call = (sy_call_t *)sys_link; sv_table[FREEBSD32_SYS_symlink].sy_call = (sy_call_t *)sys_symlink; #ifdef FILEMON_HAS_LINKAT @@ -659,4 +625,5 @@ filemon_wrapper_deinstall(void) #endif /* COMPAT_ARCH32 */ EVENTHANDLER_DEREGISTER(process_exit, filemon_exit_tag); + EVENTHANDLER_DEREGISTER(process_fork, filemon_fork_tag); } |