Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /opt/rh/gcc-toolset-11/root/usr/share/systemtap/tapset/linux/ |
# mremap _____________________________________________________
# unsigned long sys_mremap(unsigned long addr,
# unsigned long old_len,
# unsigned long new_len,
# unsigned long flags,
# unsigned long new_addr)
#
@define _SYSCALL_MREMAP_NAME
%(
name = "mremap"
%)
@define _SYSCALL_MREMAP_ARGSTR
%(
argstr = sprintf("%p, %d, %d, %s, %p", old_address, old_size, new_size,
flags_str, new_address)
%)
@define _SYSCALL_MREMAP_REGARGS
%(
old_address = ulong_arg(1)
old_size = ulong_arg(2)
new_size = ulong_arg(3)
flags = ulong_arg(4)
flags_str = _mremap_flags(flags)
new_address = ulong_arg(5)
%)
@define _SYSCALL_MREMAP_REGARGS_STORE
%(
if (@probewrite(old_address))
set_ulong_arg(1, old_address)
if (@probewrite(old_size))
set_ulong_arg(2, old_size)
if (@probewrite(new_size))
set_ulong_arg(3, new_size)
if (@probewrite(flags))
set_ulong_arg(4, flags)
if (@probewrite(new_address))
set_ulong_arg(5, new_address)
%)
probe syscall.mremap = dw_syscall.mremap !, nd_syscall.mremap ? {}
probe syscall.mremap.return = dw_syscall.mremap.return !, nd_syscall.mremap.return ? {}
# dw_mremap _____________________________________________________
probe dw_syscall.mremap = kernel.function("ia64_mremap").call ?,
kernel.function("sys_mremap").call ?
{
@_SYSCALL_MREMAP_NAME
old_address = $addr
old_size = $old_len
new_size = $new_len
flags = $flags
flags_str = _mremap_flags(flags)
new_address = $new_addr
@_SYSCALL_MREMAP_ARGSTR
}
probe dw_syscall.mremap.return = kernel.function("ia64_mremap").return ?,
kernel.function("sys_mremap").return ?
{
@_SYSCALL_MREMAP_NAME
@SYSC_RETVALSTR2($return)
}
# nd_mremap _____________________________________________________
probe nd_syscall.mremap = nd1_syscall.mremap!, nd2_syscall.mremap!, tp_syscall.mremap
{ }
probe nd1_syscall.mremap = kprobe.function("ia64_mremap") ?,
kprobe.function("sys_mremap") ?
{
@_SYSCALL_MREMAP_NAME
asmlinkage()
@_SYSCALL_MREMAP_REGARGS
@_SYSCALL_MREMAP_ARGSTR
}
/* kernel 4.17+ */
probe nd2_syscall.mremap = kprobe.function(@arch_syscall_prefix "sys_mremap") ?
{
__set_syscall_pt_regs(pointer_arg(1))
@_SYSCALL_MREMAP_NAME
@_SYSCALL_MREMAP_REGARGS
@_SYSCALL_MREMAP_ARGSTR
},
{
%( @_IS_SREG_KERNEL %? @_SYSCALL_MREMAP_REGARGS_STORE %)
}
/* kernel 3.5+, but undesirable because it affects all syscalls */
probe tp_syscall.mremap = kernel.trace("sys_enter")
{
__set_syscall_pt_regs($regs)
@__syscall_compat_gate(@const("__NR_mremap"), @const("__NR_compat_mremap"))
@_SYSCALL_MREMAP_NAME
@_SYSCALL_MREMAP_REGARGS
@_SYSCALL_MREMAP_ARGSTR
},
{
%( @_IS_SREG_KERNEL %? @_SYSCALL_MREMAP_REGARGS_STORE %)
}
probe nd_syscall.mremap.return = nd1_syscall.mremap.return!, nd2_syscall.mremap.return!, tp_syscall.mremap.return
{ }
probe nd1_syscall.mremap.return = kprobe.function("ia64_mremap").return ?,
kprobe.function("sys_mremap").return ?
{
@_SYSCALL_MREMAP_NAME
@SYSC_RETVALSTR2(returnval())
}
/* kernel 4.17+ */
probe nd2_syscall.mremap.return = kprobe.function(@arch_syscall_prefix "sys_mremap").return ?
{
@_SYSCALL_MREMAP_NAME
@SYSC_RETVALSTR2(returnval())
}
/* kernel 3.5+, but undesirable because it affects all syscalls */
probe tp_syscall.mremap.return = kernel.trace("sys_exit")
{
__set_syscall_pt_regs($regs)
@__syscall_compat_gate(@const("__NR_mremap"), @const("__NR_compat_mremap"))
@_SYSCALL_MREMAP_NAME
@SYSC_RETVALSTR2($ret)
}