strace/pathtrace.c
Dmitry V. Levin b93d52fe3d Change the license of strace to LGPL-2.1-or-later
strace is now provided under the terms of the GNU Lesser General
Public License version 2.1 or later, see COPYING for more details.

strace test suite is now provided under the terms of the GNU General
Public License version 2 or later, see tests/COPYING for more details.
2018-12-10 00:00:00 +00:00

363 lines
7.6 KiB
C

/*
* Copyright (c) 2011 Comtrol Corp.
* Copyright (c) 2011-2018 The strace developers.
* All rights reserved.
*
* SPDX-License-Identifier: LGPL-2.1-or-later
*
*/
#include "defs.h"
#include <limits.h>
#include <poll.h>
#include "syscall.h"
#include "xstring.h"
struct path_set global_path_set;
/*
* Return true if specified path matches one that we're tracing.
*/
static bool
pathmatch(const char *path, struct path_set *set)
{
unsigned i;
for (i = 0; i < set->num_selected; ++i) {
if (strcmp(path, set->paths_selected[i]) == 0)
return true;
}
return false;
}
/*
* Return true if specified path (in user-space) matches.
*/
static bool
upathmatch(struct tcb *const tcp, const kernel_ulong_t upath,
struct path_set *set)
{
char path[PATH_MAX + 1];
return umovestr(tcp, upath, sizeof(path), path) > 0 &&
pathmatch(path, set);
}
/*
* Return true if specified fd maps to a path we're tracing.
*/
static bool
fdmatch(struct tcb *tcp, int fd, struct path_set *set)
{
char path[PATH_MAX + 1];
int n = getfdpath(tcp, fd, path, sizeof(path));
return n >= 0 && pathmatch(path, set);
}
/*
* Add a path to the set we're tracing.
* Specifying NULL will delete all paths.
*/
static void
storepath(const char *path, struct path_set *set)
{
if (pathmatch(path, set))
return; /* already in table */
if (set->num_selected >= set->size)
set->paths_selected =
xgrowarray(set->paths_selected, &set->size,
sizeof(set->paths_selected[0]));
set->paths_selected[set->num_selected++] = path;
}
/*
* Get path associated with fd.
*/
int
getfdpath(struct tcb *tcp, int fd, char *buf, unsigned bufsize)
{
char linkpath[sizeof("/proc/%u/fd/%u") + 2 * sizeof(int)*3];
ssize_t n;
if (fd < 0)
return -1;
xsprintf(linkpath, "/proc/%u/fd/%u", tcp->pid, fd);
n = readlink(linkpath, buf, bufsize - 1);
/*
* NB: if buf is too small, readlink doesn't fail,
* it returns truncated result (IOW: n == bufsize - 1).
*/
if (n >= 0)
buf[n] = '\0';
return n;
}
/*
* Add a path to the set we're tracing. Also add the canonicalized
* version of the path. Specifying NULL will delete all paths.
*/
void
pathtrace_select_set(const char *path, struct path_set *set)
{
char *rpath;
storepath(path, set);
rpath = realpath(path, NULL);
if (rpath == NULL)
return;
/* if realpath and specified path are same, we're done */
if (strcmp(path, rpath) == 0) {
free(rpath);
return;
}
error_msg("Requested path '%s' resolved into '%s'", path, rpath);
storepath(rpath, set);
}
static bool
match_xselect_args(struct tcb *tcp, const kernel_ulong_t *args,
struct path_set *set)
{
/* Kernel truncates arg[0] to int, we do the same. */
int nfds = (int) args[0];
/* Kernel rejects negative nfds, so we don't parse it either. */
if (nfds <= 0)
return false;
/* Beware of select(2^31-1, NULL, NULL, NULL) and similar... */
if (nfds > 1024*1024)
nfds = 1024*1024;
unsigned int fdsize = (((nfds + 7) / 8) + current_wordsize-1) & -current_wordsize;
fd_set *fds = xmalloc(fdsize);
for (unsigned int i = 1; i <= 3; ++i) {
if (args[i] == 0)
continue;
if (umoven(tcp, args[i], fdsize, fds) < 0)
continue;
for (int j = 0;; ++j) {
j = next_set_bit(fds, j, nfds);
if (j < 0)
break;
if (fdmatch(tcp, j, set)) {
free(fds);
return true;
}
}
}
free(fds);
return false;
}
/*
* Return true if syscall accesses a selected path
* (or if no paths have been specified for tracing).
*/
bool
pathtrace_match_set(struct tcb *tcp, struct path_set *set)
{
const struct_sysent *s;
s = tcp->s_ent;
if (!(s->sys_flags & (TRACE_FILE | TRACE_DESC | TRACE_NETWORK)))
return false;
/*
* Check for special cases where we need to do something
* other than test arg[0].
*/
switch (s->sen) {
case SEN_dup2:
case SEN_dup3:
case SEN_kexec_file_load:
case SEN_sendfile:
case SEN_sendfile64:
case SEN_tee:
/* fd, fd */
return fdmatch(tcp, tcp->u_arg[0], set) ||
fdmatch(tcp, tcp->u_arg[1], set);
case SEN_execveat:
case SEN_faccessat:
case SEN_fchmodat:
case SEN_fchownat:
case SEN_fstatat64:
case SEN_futimesat:
case SEN_inotify_add_watch:
case SEN_mkdirat:
case SEN_mknodat:
case SEN_name_to_handle_at:
case SEN_newfstatat:
case SEN_openat:
case SEN_readlinkat:
case SEN_statx:
case SEN_unlinkat:
case SEN_utimensat:
/* fd, path */
return fdmatch(tcp, tcp->u_arg[0], set) ||
upathmatch(tcp, tcp->u_arg[1], set);
case SEN_link:
case SEN_mount:
case SEN_pivotroot:
/* path, path */
return upathmatch(tcp, tcp->u_arg[0], set) ||
upathmatch(tcp, tcp->u_arg[1], set);
case SEN_quotactl:
case SEN_symlink:
/* x, path */
return upathmatch(tcp, tcp->u_arg[1], set);
case SEN_linkat:
case SEN_renameat2:
case SEN_renameat:
/* fd, path, fd, path */
return fdmatch(tcp, tcp->u_arg[0], set) ||
fdmatch(tcp, tcp->u_arg[2], set) ||
upathmatch(tcp, tcp->u_arg[1], set) ||
upathmatch(tcp, tcp->u_arg[3], set);
#if HAVE_ARCH_OLD_MMAP
case SEN_old_mmap:
# if HAVE_ARCH_OLD_MMAP_PGOFF
case SEN_old_mmap_pgoff:
# endif
{
kernel_ulong_t *args =
fetch_indirect_syscall_args(tcp, tcp->u_arg[0], 6);
return args && fdmatch(tcp, args[4], set);
}
#endif /* HAVE_ARCH_OLD_MMAP */
case SEN_mmap:
case SEN_mmap_4koff:
case SEN_mmap_pgoff:
case SEN_ARCH_mmap:
/* x, x, x, x, fd */
return fdmatch(tcp, tcp->u_arg[4], set);
case SEN_symlinkat:
/* x, fd, path */
return fdmatch(tcp, tcp->u_arg[1], set) ||
upathmatch(tcp, tcp->u_arg[2], set);
case SEN_copy_file_range:
case SEN_splice:
/* fd, x, fd, x, x, x */
return fdmatch(tcp, tcp->u_arg[0], set) ||
fdmatch(tcp, tcp->u_arg[2], set);
case SEN_epoll_ctl:
/* x, x, fd, x */
return fdmatch(tcp, tcp->u_arg[2], set);
case SEN_fanotify_mark:
{
/* x, x, mask (64 bit), fd, path */
unsigned long long mask = 0;
int argn = getllval(tcp, &mask, 2);
return fdmatch(tcp, tcp->u_arg[argn], set) ||
upathmatch(tcp, tcp->u_arg[argn + 1], set);
}
#if HAVE_ARCH_OLD_SELECT
case SEN_oldselect:
{
kernel_ulong_t *args =
fetch_indirect_syscall_args(tcp, tcp->u_arg[0], 5);
return args && match_xselect_args(tcp, args, set);
}
#endif
case SEN_pselect6:
case SEN_select:
return match_xselect_args(tcp, tcp->u_arg, set);
case SEN_poll:
case SEN_ppoll:
{
struct pollfd fds;
unsigned nfds;
kernel_ulong_t start, cur, end;
start = tcp->u_arg[0];
nfds = tcp->u_arg[1];
if (nfds > 1024 * 1024)
nfds = 1024 * 1024;
end = start + sizeof(fds) * nfds;
if (nfds == 0 || end < start)
return false;
for (cur = start; cur < end; cur += sizeof(fds)) {
if (umove(tcp, cur, &fds))
break;
if (fdmatch(tcp, fds.fd, set))
return true;
}
return false;
}
case SEN_accept4:
case SEN_accept:
case SEN_bpf:
case SEN_epoll_create:
case SEN_epoll_create1:
case SEN_eventfd2:
case SEN_eventfd:
case SEN_fanotify_init:
case SEN_inotify_init:
case SEN_inotify_init1:
case SEN_memfd_create:
case SEN_mq_getsetattr:
case SEN_mq_notify:
case SEN_mq_open:
case SEN_mq_timedreceive:
case SEN_mq_timedsend:
case SEN_perf_event_open:
case SEN_pipe:
case SEN_pipe2:
case SEN_printargs:
case SEN_signalfd4:
case SEN_signalfd:
case SEN_socket:
case SEN_socketpair:
case SEN_timerfd_create:
case SEN_timerfd_gettime:
case SEN_timerfd_settime:
case SEN_userfaultfd:
/*
* These have TRACE_FILE or TRACE_DESCRIPTOR or TRACE_NETWORK set,
* but they don't have any file descriptor or path args to test.
*/
return false;
}
/*
* Our fallback position for calls that haven't already
* been handled is to just check arg[0].
*/
if (s->sys_flags & TRACE_FILE)
return upathmatch(tcp, tcp->u_arg[0], set);
if (s->sys_flags & (TRACE_DESC | TRACE_NETWORK))
return fdmatch(tcp, tcp->u_arg[0], set);
return false;
}