kernel/trace/trace_eprobe.c

0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * event probes
0004  *
0005  * Part of this code was copied from kernel/trace/trace_kprobe.c written by
0006  * Masami Hiramatsu <mhiramat@kernel.org>
0007  *
0008  * Copyright (C) 2021, VMware Inc, Steven Rostedt <rostedt@goodmis.org>
0009  * Copyright (C) 2021, VMware Inc, Tzvetomir Stoyanov tz.stoyanov@gmail.com>
0010  *
0011  */
0012 #include <linux/module.h>
0013 #include <linux/mutex.h>
0014 #include <linux/ftrace.h>
0015
0016 #include "trace_dynevent.h"
0017 #include "trace_probe.h"
0018 #include "trace_probe_tmpl.h"
0019
0020 #define EPROBE_EVENT_SYSTEM "eprobes"
0021
0022 struct trace_eprobe {
0023     /* tracepoint system */
0024     const char *event_system;
0025
0026     /* tracepoint event */
0027     const char *event_name;
0028
0029     struct trace_event_call *event;
0030
0031     struct dyn_event    devent;
0032     struct trace_probe  tp;
0033 };
0034
0035 struct eprobe_data {
0036     struct trace_event_file *file;
0037     struct trace_eprobe *ep;
0038 };
0039
0040 static int __trace_eprobe_create(int argc, const char *argv[]);
0041
0042 static void trace_event_probe_cleanup(struct trace_eprobe *ep)
0043 {
0044     if (!ep)
0045         return;
0046     trace_probe_cleanup(&ep->tp);
0047     kfree(ep->event_name);
0048     kfree(ep->event_system);
0049     if (ep->event)
0050         trace_event_put_ref(ep->event);
0051     kfree(ep);
0052 }
0053
0054 static struct trace_eprobe *to_trace_eprobe(struct dyn_event *ev)
0055 {
0056     return container_of(ev, struct trace_eprobe, devent);
0057 }
0058
0059 static int eprobe_dyn_event_create(const char *raw_command)
0060 {
0061     return trace_probe_create(raw_command, __trace_eprobe_create);
0062 }
0063
0064 static int eprobe_dyn_event_show(struct seq_file *m, struct dyn_event *ev)
0065 {
0066     struct trace_eprobe *ep = to_trace_eprobe(ev);
0067     int i;
0068
0069     seq_printf(m, "e:%s/%s", trace_probe_group_name(&ep->tp),
0070                 trace_probe_name(&ep->tp));
0071     seq_printf(m, " %s.%s", ep->event_system, ep->event_name);
0072
0073     for (i = 0; i < ep->tp.nr_args; i++)
0074         seq_printf(m, " %s=%s", ep->tp.args[i].name, ep->tp.args[i].comm);
0075     seq_putc(m, '\n');
0076
0077     return 0;
0078 }
0079
0080 static int unregister_trace_eprobe(struct trace_eprobe *ep)
0081 {
0082     /* If other probes are on the event, just unregister eprobe */
0083     if (trace_probe_has_sibling(&ep->tp))
0084         goto unreg;
0085
0086     /* Enabled event can not be unregistered */
0087     if (trace_probe_is_enabled(&ep->tp))
0088         return -EBUSY;
0089
0090     /* Will fail if probe is being used by ftrace or perf */
0091     if (trace_probe_unregister_event_call(&ep->tp))
0092         return -EBUSY;
0093
0094 unreg:
0095     dyn_event_remove(&ep->devent);
0096     trace_probe_unlink(&ep->tp);
0097
0098     return 0;
0099 }
0100
0101 static int eprobe_dyn_event_release(struct dyn_event *ev)
0102 {
0103     struct trace_eprobe *ep = to_trace_eprobe(ev);
0104     int ret = unregister_trace_eprobe(ep);
0105
0106     if (!ret)
0107         trace_event_probe_cleanup(ep);
0108     return ret;
0109 }
0110
0111 static bool eprobe_dyn_event_is_busy(struct dyn_event *ev)
0112 {
0113     struct trace_eprobe *ep = to_trace_eprobe(ev);
0114
0115     return trace_probe_is_enabled(&ep->tp);
0116 }
0117
0118 static bool eprobe_dyn_event_match(const char *system, const char *event,
0119             int argc, const char **argv, struct dyn_event *ev)
0120 {
0121     struct trace_eprobe *ep = to_trace_eprobe(ev);
0122     const char *slash;
0123
0124     /*
0125      * We match the following:
0126      *  event only          - match all eprobes with event name
0127      *  system and event only   - match all system/event probes
0128      *  system only         - match all system probes
0129      *
0130      * The below has the above satisfied with more arguments:
0131      *
0132      *  attached system/event   - If the arg has the system and event
0133      *                the probe is attached to, match
0134      *                probes with the attachment.
0135      *
0136      *  If any more args are given, then it requires a full match.
0137      */
0138
0139     /*
0140      * If system exists, but this probe is not part of that system
0141      * do not match.
0142      */
0143     if (system && strcmp(trace_probe_group_name(&ep->tp), system) != 0)
0144         return false;
0145
0146     /* Must match the event name */
0147     if (event[0] != '\0' && strcmp(trace_probe_name(&ep->tp), event) != 0)
0148         return false;
0149
0150     /* No arguments match all */
0151     if (argc < 1)
0152         return true;
0153
0154     /* First argument is the system/event the probe is attached to */
0155
0156     slash = strchr(argv[0], '/');
0157     if (!slash)
0158         slash = strchr(argv[0], '.');
0159     if (!slash)
0160         return false;
0161
0162     if (strncmp(ep->event_system, argv[0], slash - argv[0]))
0163         return false;
0164     if (strcmp(ep->event_name, slash + 1))
0165         return false;
0166
0167     argc--;
0168     argv++;
0169
0170     /* If there are no other args, then match */
0171     if (argc < 1)
0172         return true;
0173
0174     return trace_probe_match_command_args(&ep->tp, argc, argv);
0175 }
0176
0177 static struct dyn_event_operations eprobe_dyn_event_ops = {
0178     .create = eprobe_dyn_event_create,
0179     .show = eprobe_dyn_event_show,
0180     .is_busy = eprobe_dyn_event_is_busy,
0181     .free = eprobe_dyn_event_release,
0182     .match = eprobe_dyn_event_match,
0183 };
0184
0185 static struct trace_eprobe *alloc_event_probe(const char *group,
0186                           const char *this_event,
0187                           struct trace_event_call *event,
0188                           int nargs)
0189 {
0190     struct trace_eprobe *ep;
0191     const char *event_name;
0192     const char *sys_name;
0193     int ret = -ENOMEM;
0194
0195     if (!event)
0196         return ERR_PTR(-ENODEV);
0197
0198     sys_name = event->class->system;
0199     event_name = trace_event_name(event);
0200
0201     ep = kzalloc(struct_size(ep, tp.args, nargs), GFP_KERNEL);
0202     if (!ep) {
0203         trace_event_put_ref(event);
0204         goto error;
0205     }
0206     ep->event = event;
0207     ep->event_name = kstrdup(event_name, GFP_KERNEL);
0208     if (!ep->event_name)
0209         goto error;
0210     ep->event_system = kstrdup(sys_name, GFP_KERNEL);
0211     if (!ep->event_system)
0212         goto error;
0213
0214     ret = trace_probe_init(&ep->tp, this_event, group, false);
0215     if (ret < 0)
0216         goto error;
0217
0218     dyn_event_init(&ep->devent, &eprobe_dyn_event_ops);
0219     return ep;
0220 error:
0221     trace_event_probe_cleanup(ep);
0222     return ERR_PTR(ret);
0223 }
0224
0225 static int trace_eprobe_tp_arg_update(struct trace_eprobe *ep, int i)
0226 {
0227     struct probe_arg *parg = &ep->tp.args[i];
0228     struct ftrace_event_field *field;
0229     struct list_head *head;
0230     int ret = -ENOENT;
0231
0232     head = trace_get_fields(ep->event);
0233     list_for_each_entry(field, head, link) {
0234         if (!strcmp(parg->code->data, field->name)) {
0235             kfree(parg->code->data);
0236             parg->code->data = field;
0237             return 0;
0238         }
0239     }
0240
0241     /*
0242      * Argument not found on event. But allow for comm and COMM
0243      * to be used to get the current->comm.
0244      */
0245     if (strcmp(parg->code->data, "COMM") == 0 ||
0246         strcmp(parg->code->data, "comm") == 0) {
0247         parg->code->op = FETCH_OP_COMM;
0248         ret = 0;
0249     }
0250
0251     kfree(parg->code->data);
0252     parg->code->data = NULL;
0253     return ret;
0254 }
0255
0256 static int eprobe_event_define_fields(struct trace_event_call *event_call)
0257 {
0258     struct eprobe_trace_entry_head field;
0259     struct trace_probe *tp;
0260
0261     tp = trace_probe_primary_from_call(event_call);
0262     if (WARN_ON_ONCE(!tp))
0263         return -ENOENT;
0264
0265     return traceprobe_define_arg_fields(event_call, sizeof(field), tp);
0266 }
0267
0268 static struct trace_event_fields eprobe_fields_array[] = {
0269     { .type = TRACE_FUNCTION_TYPE,
0270       .define_fields = eprobe_event_define_fields },
0271     {}
0272 };
0273
0274 /* Event entry printers */
0275 static enum print_line_t
0276 print_eprobe_event(struct trace_iterator *iter, int flags,
0277            struct trace_event *event)
0278 {
0279     struct eprobe_trace_entry_head *field;
0280     struct trace_event_call *pevent;
0281     struct trace_event *probed_event;
0282     struct trace_seq *s = &iter->seq;
0283     struct trace_eprobe *ep;
0284     struct trace_probe *tp;
0285     unsigned int type;
0286
0287     field = (struct eprobe_trace_entry_head *)iter->ent;
0288     tp = trace_probe_primary_from_call(
0289         container_of(event, struct trace_event_call, event));
0290     if (WARN_ON_ONCE(!tp))
0291         goto out;
0292
0293     ep = container_of(tp, struct trace_eprobe, tp);
0294     type = ep->event->event.type;
0295
0296     trace_seq_printf(s, "%s: (", trace_probe_name(tp));
0297
0298     probed_event = ftrace_find_event(type);
0299     if (probed_event) {
0300         pevent = container_of(probed_event, struct trace_event_call, event);
0301         trace_seq_printf(s, "%s.%s", pevent->class->system,
0302                  trace_event_name(pevent));
0303     } else {
0304         trace_seq_printf(s, "%u", type);
0305     }
0306
0307     trace_seq_putc(s, ')');
0308
0309     if (print_probe_args(s, tp->args, tp->nr_args,
0310                  (u8 *)&field[1], field) < 0)
0311         goto out;
0312
0313     trace_seq_putc(s, '\n');
0314  out:
0315     return trace_handle_return(s);
0316 }
0317
0318 static unsigned long get_event_field(struct fetch_insn *code, void *rec)
0319 {
0320     struct ftrace_event_field *field = code->data;
0321     unsigned long val;
0322     void *addr;
0323
0324     addr = rec + field->offset;
0325
0326     if (is_string_field(field)) {
0327         switch (field->filter_type) {
0328         case FILTER_DYN_STRING:
0329             val = (unsigned long)(rec + (*(unsigned int *)addr & 0xffff));
0330             break;
0331         case FILTER_RDYN_STRING:
0332             val = (unsigned long)(addr + (*(unsigned int *)addr & 0xffff));
0333             break;
0334         case FILTER_STATIC_STRING:
0335             val = (unsigned long)addr;
0336             break;
0337         case FILTER_PTR_STRING:
0338             val = (unsigned long)(*(char *)addr);
0339             break;
0340         default:
0341             WARN_ON_ONCE(1);
0342             return 0;
0343         }
0344         return val;
0345     }
0346
0347     switch (field->size) {
0348     case 1:
0349         if (field->is_signed)
0350             val = *(char *)addr;
0351         else
0352             val = *(unsigned char *)addr;
0353         break;
0354     case 2:
0355         if (field->is_signed)
0356             val = *(short *)addr;
0357         else
0358             val = *(unsigned short *)addr;
0359         break;
0360     case 4:
0361         if (field->is_signed)
0362             val = *(int *)addr;
0363         else
0364             val = *(unsigned int *)addr;
0365         break;
0366     default:
0367         if (field->is_signed)
0368             val = *(long *)addr;
0369         else
0370             val = *(unsigned long *)addr;
0371         break;
0372     }
0373     return val;
0374 }
0375
0376 static int get_eprobe_size(struct trace_probe *tp, void *rec)
0377 {
0378     struct fetch_insn *code;
0379     struct probe_arg *arg;
0380     int i, len, ret = 0;
0381
0382     for (i = 0; i < tp->nr_args; i++) {
0383         arg = tp->args + i;
0384         if (arg->dynamic) {
0385             unsigned long val;
0386
0387             code = arg->code;
0388  retry:
0389             switch (code->op) {
0390             case FETCH_OP_TP_ARG:
0391                 val = get_event_field(code, rec);
0392                 break;
0393             case FETCH_OP_IMM:
0394                 val = code->immediate;
0395                 break;
0396             case FETCH_OP_COMM:
0397                 val = (unsigned long)current->comm;
0398                 break;
0399             case FETCH_OP_DATA:
0400                 val = (unsigned long)code->data;
0401                 break;
0402             case FETCH_NOP_SYMBOL:  /* Ignore a place holder */
0403                 code++;
0404                 goto retry;
0405             default:
0406                 continue;
0407             }
0408             code++;
0409             len = process_fetch_insn_bottom(code, val, NULL, NULL);
0410             if (len > 0)
0411                 ret += len;
0412         }
0413     }
0414
0415     return ret;
0416 }
0417
0418 /* Kprobe specific fetch functions */
0419
0420 /* Note that we don't verify it, since the code does not come from user space */
0421 static int
0422 process_fetch_insn(struct fetch_insn *code, void *rec, void *dest,
0423            void *base)
0424 {
0425     unsigned long val;
0426
0427  retry:
0428     switch (code->op) {
0429     case FETCH_OP_TP_ARG:
0430         val = get_event_field(code, rec);
0431         break;
0432     case FETCH_OP_IMM:
0433         val = code->immediate;
0434         break;
0435     case FETCH_OP_COMM:
0436         val = (unsigned long)current->comm;
0437         break;
0438     case FETCH_OP_DATA:
0439         val = (unsigned long)code->data;
0440         break;
0441     case FETCH_NOP_SYMBOL:  /* Ignore a place holder */
0442         code++;
0443         goto retry;
0444     default:
0445         return -EILSEQ;
0446     }
0447     code++;
0448     return process_fetch_insn_bottom(code, val, dest, base);
0449 }
0450 NOKPROBE_SYMBOL(process_fetch_insn)
0451
0452 /* Return the length of string -- including null terminal byte */
0453 static nokprobe_inline int
0454 fetch_store_strlen_user(unsigned long addr)
0455 {
0456     const void __user *uaddr =  (__force const void __user *)addr;
0457
0458     return strnlen_user_nofault(uaddr, MAX_STRING_SIZE);
0459 }
0460
0461 /* Return the length of string -- including null terminal byte */
0462 static nokprobe_inline int
0463 fetch_store_strlen(unsigned long addr)
0464 {
0465     int ret, len = 0;
0466     u8 c;
0467
0468 #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
0469     if (addr < TASK_SIZE)
0470         return fetch_store_strlen_user(addr);
0471 #endif
0472
0473     do {
0474         ret = copy_from_kernel_nofault(&c, (u8 *)addr + len, 1);
0475         len++;
0476     } while (c && ret == 0 && len < MAX_STRING_SIZE);
0477
0478     return (ret < 0) ? ret : len;
0479 }
0480
0481 /*
0482  * Fetch a null-terminated string from user. Caller MUST set *(u32 *)buf
0483  * with max length and relative data location.
0484  */
0485 static nokprobe_inline int
0486 fetch_store_string_user(unsigned long addr, void *dest, void *base)
0487 {
0488     const void __user *uaddr =  (__force const void __user *)addr;
0489     int maxlen = get_loc_len(*(u32 *)dest);
0490     void *__dest;
0491     long ret;
0492
0493     if (unlikely(!maxlen))
0494         return -ENOMEM;
0495
0496     __dest = get_loc_data(dest, base);
0497
0498     ret = strncpy_from_user_nofault(__dest, uaddr, maxlen);
0499     if (ret >= 0)
0500         *(u32 *)dest = make_data_loc(ret, __dest - base);
0501
0502     return ret;
0503 }
0504
0505 /*
0506  * Fetch a null-terminated string. Caller MUST set *(u32 *)buf with max
0507  * length and relative data location.
0508  */
0509 static nokprobe_inline int
0510 fetch_store_string(unsigned long addr, void *dest, void *base)
0511 {
0512     int maxlen = get_loc_len(*(u32 *)dest);
0513     void *__dest;
0514     long ret;
0515
0516 #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
0517     if ((unsigned long)addr < TASK_SIZE)
0518         return fetch_store_string_user(addr, dest, base);
0519 #endif
0520
0521     if (unlikely(!maxlen))
0522         return -ENOMEM;
0523
0524     __dest = get_loc_data(dest, base);
0525
0526     /*
0527      * Try to get string again, since the string can be changed while
0528      * probing.
0529      */
0530     ret = strncpy_from_kernel_nofault(__dest, (void *)addr, maxlen);
0531     if (ret >= 0)
0532         *(u32 *)dest = make_data_loc(ret, __dest - base);
0533
0534     return ret;
0535 }
0536
0537 static nokprobe_inline int
0538 probe_mem_read_user(void *dest, void *src, size_t size)
0539 {
0540     const void __user *uaddr =  (__force const void __user *)src;
0541
0542     return copy_from_user_nofault(dest, uaddr, size);
0543 }
0544
0545 static nokprobe_inline int
0546 probe_mem_read(void *dest, void *src, size_t size)
0547 {
0548 #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
0549     if ((unsigned long)src < TASK_SIZE)
0550         return probe_mem_read_user(dest, src, size);
0551 #endif
0552     return copy_from_kernel_nofault(dest, src, size);
0553 }
0554
0555 /* eprobe handler */
0556 static inline void
0557 __eprobe_trace_func(struct eprobe_data *edata, void *rec)
0558 {
0559     struct eprobe_trace_entry_head *entry;
0560     struct trace_event_call *call = trace_probe_event_call(&edata->ep->tp);
0561     struct trace_event_buffer fbuffer;
0562     int dsize;
0563
0564     if (WARN_ON_ONCE(call != edata->file->event_call))
0565         return;
0566
0567     if (trace_trigger_soft_disabled(edata->file))
0568         return;
0569
0570     dsize = get_eprobe_size(&edata->ep->tp, rec);
0571
0572     entry = trace_event_buffer_reserve(&fbuffer, edata->file,
0573                        sizeof(*entry) + edata->ep->tp.size + dsize);
0574
0575     if (!entry)
0576         return;
0577
0578     entry = fbuffer.entry = ring_buffer_event_data(fbuffer.event);
0579     store_trace_args(&entry[1], &edata->ep->tp, rec, sizeof(*entry), dsize);
0580
0581     trace_event_buffer_commit(&fbuffer);
0582 }
0583
0584 /*
0585  * The event probe implementation uses event triggers to get access to
0586  * the event it is attached to, but is not an actual trigger. The below
0587  * functions are just stubs to fulfill what is needed to use the trigger
0588  * infrastructure.
0589  */
0590 static int eprobe_trigger_init(struct event_trigger_data *data)
0591 {
0592     return 0;
0593 }
0594
0595 static void eprobe_trigger_free(struct event_trigger_data *data)
0596 {
0597
0598 }
0599
0600 static int eprobe_trigger_print(struct seq_file *m,
0601                 struct event_trigger_data *data)
0602 {
0603     /* Do not print eprobe event triggers */
0604     return 0;
0605 }
0606
0607 static void eprobe_trigger_func(struct event_trigger_data *data,
0608                 struct trace_buffer *buffer, void *rec,
0609                 struct ring_buffer_event *rbe)
0610 {
0611     struct eprobe_data *edata = data->private_data;
0612
0613     __eprobe_trace_func(edata, rec);
0614 }
0615
0616 static struct event_trigger_ops eprobe_trigger_ops = {
0617     .trigger        = eprobe_trigger_func,
0618     .print          = eprobe_trigger_print,
0619     .init           = eprobe_trigger_init,
0620     .free           = eprobe_trigger_free,
0621 };
0622
0623 static int eprobe_trigger_cmd_parse(struct event_command *cmd_ops,
0624                     struct trace_event_file *file,
0625                     char *glob, char *cmd,
0626                     char *param_and_filter)
0627 {
0628     return -1;
0629 }
0630
0631 static int eprobe_trigger_reg_func(char *glob,
0632                    struct event_trigger_data *data,
0633                    struct trace_event_file *file)
0634 {
0635     return -1;
0636 }
0637
0638 static void eprobe_trigger_unreg_func(char *glob,
0639                       struct event_trigger_data *data,
0640                       struct trace_event_file *file)
0641 {
0642
0643 }
0644
0645 static struct event_trigger_ops *eprobe_trigger_get_ops(char *cmd,
0646                             char *param)
0647 {
0648     return &eprobe_trigger_ops;
0649 }
0650
0651 static struct event_command event_trigger_cmd = {
0652     .name           = "eprobe",
0653     .trigger_type       = ETT_EVENT_EPROBE,
0654     .flags          = EVENT_CMD_FL_NEEDS_REC,
0655     .parse          = eprobe_trigger_cmd_parse,
0656     .reg            = eprobe_trigger_reg_func,
0657     .unreg          = eprobe_trigger_unreg_func,
0658     .unreg_all      = NULL,
0659     .get_trigger_ops    = eprobe_trigger_get_ops,
0660     .set_filter     = NULL,
0661 };
0662
0663 static struct event_trigger_data *
0664 new_eprobe_trigger(struct trace_eprobe *ep, struct trace_event_file *file)
0665 {
0666     struct event_trigger_data *trigger;
0667     struct eprobe_data *edata;
0668
0669     edata = kzalloc(sizeof(*edata), GFP_KERNEL);
0670     trigger = kzalloc(sizeof(*trigger), GFP_KERNEL);
0671     if (!trigger || !edata) {
0672         kfree(edata);
0673         kfree(trigger);
0674         return ERR_PTR(-ENOMEM);
0675     }
0676
0677     trigger->flags = EVENT_TRIGGER_FL_PROBE;
0678     trigger->count = -1;
0679     trigger->ops = &eprobe_trigger_ops;
0680
0681     /*
0682      * EVENT PROBE triggers are not registered as commands with
0683      * register_event_command(), as they are not controlled by the user
0684      * from the trigger file
0685      */
0686     trigger->cmd_ops = &event_trigger_cmd;
0687
0688     INIT_LIST_HEAD(&trigger->list);
0689     RCU_INIT_POINTER(trigger->filter, NULL);
0690
0691     edata->file = file;
0692     edata->ep = ep;
0693     trigger->private_data = edata;
0694
0695     return trigger;
0696 }
0697
0698 static int enable_eprobe(struct trace_eprobe *ep,
0699              struct trace_event_file *eprobe_file)
0700 {
0701     struct event_trigger_data *trigger;
0702     struct trace_event_file *file;
0703     struct trace_array *tr = eprobe_file->tr;
0704
0705     file = find_event_file(tr, ep->event_system, ep->event_name);
0706     if (!file)
0707         return -ENOENT;
0708     trigger = new_eprobe_trigger(ep, eprobe_file);
0709     if (IS_ERR(trigger))
0710         return PTR_ERR(trigger);
0711
0712     list_add_tail_rcu(&trigger->list, &file->triggers);
0713
0714     trace_event_trigger_enable_disable(file, 1);
0715     update_cond_flag(file);
0716
0717     return 0;
0718 }
0719
0720 static struct trace_event_functions eprobe_funcs = {
0721     .trace      = print_eprobe_event
0722 };
0723
0724 static int disable_eprobe(struct trace_eprobe *ep,
0725               struct trace_array *tr)
0726 {
0727     struct event_trigger_data *trigger = NULL, *iter;
0728     struct trace_event_file *file;
0729     struct eprobe_data *edata;
0730
0731     file = find_event_file(tr, ep->event_system, ep->event_name);
0732     if (!file)
0733         return -ENOENT;
0734
0735     list_for_each_entry(iter, &file->triggers, list) {
0736         if (!(iter->flags & EVENT_TRIGGER_FL_PROBE))
0737             continue;
0738         edata = iter->private_data;
0739         if (edata->ep == ep) {
0740             trigger = iter;
0741             break;
0742         }
0743     }
0744     if (!trigger)
0745         return -ENODEV;
0746
0747     list_del_rcu(&trigger->list);
0748
0749     trace_event_trigger_enable_disable(file, 0);
0750     update_cond_flag(file);
0751
0752     /* Make sure nothing is using the edata or trigger */
0753     tracepoint_synchronize_unregister();
0754
0755     kfree(edata);
0756     kfree(trigger);
0757
0758     return 0;
0759 }
0760
0761 static int enable_trace_eprobe(struct trace_event_call *call,
0762                    struct trace_event_file *file)
0763 {
0764     struct trace_probe *pos, *tp;
0765     struct trace_eprobe *ep;
0766     bool enabled;
0767     int ret = 0;
0768
0769     tp = trace_probe_primary_from_call(call);
0770     if (WARN_ON_ONCE(!tp))
0771         return -ENODEV;
0772     enabled = trace_probe_is_enabled(tp);
0773
0774     /* This also changes "enabled" state */
0775     if (file) {
0776         ret = trace_probe_add_file(tp, file);
0777         if (ret)
0778             return ret;
0779     } else
0780         trace_probe_set_flag(tp, TP_FLAG_PROFILE);
0781
0782     if (enabled)
0783         return 0;
0784
0785     list_for_each_entry(pos, trace_probe_probe_list(tp), list) {
0786         ep = container_of(pos, struct trace_eprobe, tp);
0787         ret = enable_eprobe(ep, file);
0788         if (ret)
0789             break;
0790         enabled = true;
0791     }
0792
0793     if (ret) {
0794         /* Failed to enable one of them. Roll back all */
0795         if (enabled)
0796             disable_eprobe(ep, file->tr);
0797         if (file)
0798             trace_probe_remove_file(tp, file);
0799         else
0800             trace_probe_clear_flag(tp, TP_FLAG_PROFILE);
0801     }
0802
0803     return ret;
0804 }
0805
0806 static int disable_trace_eprobe(struct trace_event_call *call,
0807                 struct trace_event_file *file)
0808 {
0809     struct trace_probe *pos, *tp;
0810     struct trace_eprobe *ep;
0811
0812     tp = trace_probe_primary_from_call(call);
0813     if (WARN_ON_ONCE(!tp))
0814         return -ENODEV;
0815
0816     if (file) {
0817         if (!trace_probe_get_file_link(tp, file))
0818             return -ENOENT;
0819         if (!trace_probe_has_single_file(tp))
0820             goto out;
0821         trace_probe_clear_flag(tp, TP_FLAG_TRACE);
0822     } else
0823         trace_probe_clear_flag(tp, TP_FLAG_PROFILE);
0824
0825     if (!trace_probe_is_enabled(tp)) {
0826         list_for_each_entry(pos, trace_probe_probe_list(tp), list) {
0827             ep = container_of(pos, struct trace_eprobe, tp);
0828             disable_eprobe(ep, file->tr);
0829         }
0830     }
0831
0832  out:
0833     if (file)
0834         /*
0835          * Synchronization is done in below function. For perf event,
0836          * file == NULL and perf_trace_event_unreg() calls
0837          * tracepoint_synchronize_unregister() to ensure synchronize
0838          * event. We don't need to care about it.
0839          */
0840         trace_probe_remove_file(tp, file);
0841
0842     return 0;
0843 }
0844
0845 static int eprobe_register(struct trace_event_call *event,
0846                enum trace_reg type, void *data)
0847 {
0848     struct trace_event_file *file = data;
0849
0850     switch (type) {
0851     case TRACE_REG_REGISTER:
0852         return enable_trace_eprobe(event, file);
0853     case TRACE_REG_UNREGISTER:
0854         return disable_trace_eprobe(event, file);
0855 #ifdef CONFIG_PERF_EVENTS
0856     case TRACE_REG_PERF_REGISTER:
0857     case TRACE_REG_PERF_UNREGISTER:
0858     case TRACE_REG_PERF_OPEN:
0859     case TRACE_REG_PERF_CLOSE:
0860     case TRACE_REG_PERF_ADD:
0861     case TRACE_REG_PERF_DEL:
0862         return 0;
0863 #endif
0864     }
0865     return 0;
0866 }
0867
0868 static inline void init_trace_eprobe_call(struct trace_eprobe *ep)
0869 {
0870     struct trace_event_call *call = trace_probe_event_call(&ep->tp);
0871
0872     call->flags = TRACE_EVENT_FL_EPROBE;
0873     call->event.funcs = &eprobe_funcs;
0874     call->class->fields_array = eprobe_fields_array;
0875     call->class->reg = eprobe_register;
0876 }
0877
0878 static struct trace_event_call *
0879 find_and_get_event(const char *system, const char *event_name)
0880 {
0881     struct trace_event_call *tp_event;
0882     const char *name;
0883
0884     list_for_each_entry(tp_event, &ftrace_events, list) {
0885         /* Skip other probes and ftrace events */
0886         if (tp_event->flags &
0887             (TRACE_EVENT_FL_IGNORE_ENABLE |
0888              TRACE_EVENT_FL_KPROBE |
0889              TRACE_EVENT_FL_UPROBE |
0890              TRACE_EVENT_FL_EPROBE))
0891             continue;
0892         if (!tp_event->class->system ||
0893             strcmp(system, tp_event->class->system))
0894             continue;
0895         name = trace_event_name(tp_event);
0896         if (!name || strcmp(event_name, name))
0897             continue;
0898         if (!trace_event_try_get_ref(tp_event)) {
0899             return NULL;
0900             break;
0901         }
0902         return tp_event;
0903         break;
0904     }
0905     return NULL;
0906 }
0907
0908 static int trace_eprobe_tp_update_arg(struct trace_eprobe *ep, const char *argv[], int i)
0909 {
0910     unsigned int flags = TPARG_FL_KERNEL | TPARG_FL_TPOINT;
0911     int ret;
0912
0913     ret = traceprobe_parse_probe_arg(&ep->tp, i, argv[i], flags);
0914     if (ret)
0915         return ret;
0916
0917     if (ep->tp.args[i].code->op == FETCH_OP_TP_ARG) {
0918         ret = trace_eprobe_tp_arg_update(ep, i);
0919         if (ret)
0920             trace_probe_log_err(0, BAD_ATTACH_ARG);
0921     }
0922
0923     /* Handle symbols "@" */
0924     if (!ret)
0925         ret = traceprobe_update_arg(&ep->tp.args[i]);
0926
0927     return ret;
0928 }
0929
0930 static int __trace_eprobe_create(int argc, const char *argv[])
0931 {
0932     /*
0933      * Argument syntax:
0934      *      e[:[GRP/][ENAME]] SYSTEM.EVENT [FETCHARGS]
0935      * Fetch args:
0936      *  <name>=$<field>[:TYPE]
0937      */
0938     const char *event = NULL, *group = EPROBE_EVENT_SYSTEM;
0939     const char *sys_event = NULL, *sys_name = NULL;
0940     struct trace_event_call *event_call;
0941     struct trace_eprobe *ep = NULL;
0942     char buf1[MAX_EVENT_NAME_LEN];
0943     char buf2[MAX_EVENT_NAME_LEN];
0944     char gbuf[MAX_EVENT_NAME_LEN];
0945     int ret = 0;
0946     int i;
0947
0948     if (argc < 2 || argv[0][0] != 'e')
0949         return -ECANCELED;
0950
0951     trace_probe_log_init("event_probe", argc, argv);
0952
0953     event = strchr(&argv[0][1], ':');
0954     if (event) {
0955         event++;
0956         ret = traceprobe_parse_event_name(&event, &group, gbuf,
0957                           event - argv[0]);
0958         if (ret)
0959             goto parse_error;
0960     }
0961
0962     trace_probe_log_set_index(1);
0963     sys_event = argv[1];
0964     ret = traceprobe_parse_event_name(&sys_event, &sys_name, buf2, 0);
0965     if (ret || !sys_event || !sys_name) {
0966         trace_probe_log_err(0, NO_EVENT_INFO);
0967         goto parse_error;
0968     }
0969
0970     if (!event) {
0971         strscpy(buf1, argv[1], MAX_EVENT_NAME_LEN);
0972         sanitize_event_name(buf1);
0973         event = buf1;
0974     }
0975
0976     mutex_lock(&event_mutex);
0977     event_call = find_and_get_event(sys_name, sys_event);
0978     ep = alloc_event_probe(group, event, event_call, argc - 2);
0979     mutex_unlock(&event_mutex);
0980
0981     if (IS_ERR(ep)) {
0982         ret = PTR_ERR(ep);
0983         if (ret == -ENODEV)
0984             trace_probe_log_err(0, BAD_ATTACH_EVENT);
0985         /* This must return -ENOMEM or missing event, else there is a bug */
0986         WARN_ON_ONCE(ret != -ENOMEM && ret != -ENODEV);
0987         ep = NULL;
0988         goto error;
0989     }
0990
0991     argc -= 2; argv += 2;
0992     /* parse arguments */
0993     for (i = 0; i < argc && i < MAX_TRACE_ARGS; i++) {
0994         trace_probe_log_set_index(i + 2);
0995         ret = trace_eprobe_tp_update_arg(ep, argv, i);
0996         if (ret)
0997             goto error;
0998     }
0999     ret = traceprobe_set_print_fmt(&ep->tp, PROBE_PRINT_EVENT);
1000     if (ret < 0)
1001         goto error;
1002     init_trace_eprobe_call(ep);
1003     mutex_lock(&event_mutex);
1004     ret = trace_probe_register_event_call(&ep->tp);
1005     if (ret) {
1006         if (ret == -EEXIST) {
1007             trace_probe_log_set_index(0);
1008             trace_probe_log_err(0, EVENT_EXIST);
1009         }
1010         mutex_unlock(&event_mutex);
1011         goto error;
1012     }
1013     ret = dyn_event_add(&ep->devent, &ep->tp.event->call);
1014     mutex_unlock(&event_mutex);
1015     return ret;
1016 parse_error:
1017     ret = -EINVAL;
1018 error:
1019     trace_event_probe_cleanup(ep);
1020     return ret;
1021 }
1022
1023 /*
1024  * Register dynevent at core_initcall. This allows kernel to setup eprobe
1025  * events in postcore_initcall without tracefs.
1026  */
1027 static __init int trace_events_eprobe_init_early(void)
1028 {
1029     int err = 0;
1030
1031     err = dyn_event_register(&eprobe_dyn_event_ops);
1032     if (err)
1033         pr_warn("Could not register eprobe_dyn_event_ops\n");
1034
1035     return err;
1036 }
1037 core_initcall(trace_events_eprobe_init_early);