• Steven Rostedt's avatar
    tracing/syscalls: Allow archs to ignore tracing compat syscalls · f431b634
    Steven Rostedt authored
    The tracing of ia32 compat system calls has been a bit of a pain as they
    use different system call numbers than the 64bit equivalents.
    
    I wrote a simple 'lls' program that lists files. I compiled it as a i686
    ELF binary and ran it under a x86_64 box. This is the result:
    
    echo 0 > /debug/tracing/tracing_on
    echo 1 > /debug/tracing/events/syscalls/enable
    echo 1 > /debug/tracing/tracing_on ; ./lls ; echo 0 > /debug/tracing/tracing_on
    
    grep lls /debug/tracing/trace
    
    [.. skipping calls before TS_COMPAT is set ...]
    
                 lls-1127  [005] d...   936.409188: sys_recvfrom(fd: 0, ubuf: 4d560fc4, size: 0, flags: 8048034, addr: 8, addr_len: f7700420)
                 lls-1127  [005] d...   936.409190: sys_recvfrom -> 0x8a77000
                 lls-1127  [005] d...   936.409211: sys_lgetxattr(pathname: 0, name: 1000, value: 3, size: 22)
                 lls-1127  [005] d...   936.409215: sys_lgetxattr -> 0xf76ff000
                 lls-1127  [005] d...   936.409223: sys_dup2(oldfd: 4d55ae9b, newfd: 4)
                 lls-1127  [005] d...   936.409228: sys_dup2 -> 0xfffffffffffffffe
                 lls-1127  [005] d...   936.409236: sys_newfstat(fd: 4d55b085, statbuf: 80000)
                 lls-1127  [005] d...   936.409242: sys_newfstat -> 0x3
                 lls-1127  [005] d...   936.409243: sys_removexattr(pathname: 3, name: ffcd0060)
                 lls-1127  [005] d...   936.409244: sys_removexattr -> 0x0
                 lls-1127  [005] d...   936.409245: sys_lgetxattr(pathname: 0, name: 19614, value: 1, size: 2)
                 lls-1127  [005] d...   936.409248: sys_lgetxattr -> 0xf76e5000
                 lls-1127  [005] d...   936.409248: sys_newlstat(filename: 3, statbuf: 19614)
                 lls-1127  [005] d...   936.409249: sys_newlstat -> 0x0
                 lls-1127  [005] d...   936.409262: sys_newfstat(fd: f76fb588, statbuf: 80000)
                 lls-1127  [005] d...   936.409279: sys_newfstat -> 0x3
                 lls-1127  [005] d...   936.409279: sys_close(fd: 3)
                 lls-1127  [005] d...   936.421550: sys_close -> 0x200
                 lls-1127  [005] d...   936.421558: sys_removexattr(pathname: 3, name: ffcd00d0)
                 lls-1127  [005] d...   936.421560: sys_removexattr -> 0x0
                 lls-1127  [005] d...   936.421569: sys_lgetxattr(pathname: 4d564000, name: 1b1abc, value: 5, size: 802)
                 lls-1127  [005] d...   936.421574: sys_lgetxattr -> 0x4d564000
                 lls-1127  [005] d...   936.421575: sys_capget(header: 4d70f000, dataptr: 1000)
                 lls-1127  [005] d...   936.421580: sys_capget -> 0x0
                 lls-1127  [005] d...   936.421580: sys_lgetxattr(pathname: 4d710000, name: 3000, value: 3, size: 812)
                 lls-1127  [005] d...   936.421589: sys_lgetxattr -> 0x4d710000
                 lls-1127  [005] d...   936.426130: sys_lgetxattr(pathname: 4d713000, name: 2abc, value: 3, size: 32)
                 lls-1127  [005] d...   936.426141: sys_lgetxattr -> 0x4d713000
                 lls-1127  [005] d...   936.426145: sys_newlstat(filename: 3, statbuf: f76ff3f0)
                 lls-1127  [005] d...   936.426146: sys_newlstat -> 0x0
                 lls-1127  [005] d...   936.431748: sys_lgetxattr(pathname: 0, name: 1000, value: 3, size: 22)
    
    Obviously I'm not calling newfstat with a fd of 4d55b085. The calls are
    obviously incorrect, and confusing.
    
    Other efforts have been made to fix this:
    
    https://lkml.org/lkml/2012/3/26/367
    
    But the real solution is to rewrite the syscall internals and come up
    with a fixed solution. One that doesn't require all the kluge that the
    current solution has.
    
    Thus for now, instead of outputting incorrect data, simply ignore them.
    With this patch the changes now have:
    
     #> grep lls /debug/tracing/trace
     #>
    
    Compat system calls simply are not traced. If users need compat
    syscalls, then they should just use the raw syscall tracepoints.
    
    For an architecture to make their compat syscalls ignored, it must
    define ARCH_TRACE_IGNORE_COMPAT_SYSCALLS (done in asm/ftrace.h) and also
    define an arch_trace_is_compat_syscall() function that will return true
    if the current task should ignore tracing the syscall.
    
    I want to stress that this change does not affect actual syscalls in any
    way, shape or form. It is only used within the tracing system and
    doesn't interfere with the syscall logic at all. The changes are
    consolidated nicely into trace_syscalls.c and asm/ftrace.h.
    
    I had to make one small modification to asm/thread_info.h and that was
    to remove the include of asm/ftrace.h. As asm/ftrace.h required the
    current_thread_info() it was causing include hell. That include was
    added back in 2008 when the function graph tracer was added:
    
     commit caf4b323 "tracing, x86: add low level support for ftrace return tracing"
    
    It does not need to be included there.
    
    Link: http://lkml.kernel.org/r/1360703939.21867.99.camel@gandalf.local.homeAcked-by: default avatarH. Peter Anvin <hpa@zytor.com>
    Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
    f431b634
ftrace.h 2.27 KB