[PATCH] Add support to decode sockets descriptor 'paths' for network calls.

Philippe Ombredanne pombredanne at nexb.com
Thu Jan 30 17:15:25 UTC 2014 

>From 159dcf882dc54d4f1e00c68087c216257f767a9c Thu, 30 Jan 2014 18:09:29 +0100
From: pombredanne <pombredanne at nexb.com>
Date: Thu, 30 Jan 2014 14:37:23 +0100
Subject: [PATCH] Add support to decode sockets descriptor 'paths' for
network calls.


* pathtrace.c: Add decoding for network-related file descriptors to
pathtrace_match with an fdmatch call for allTRACE_NETWORK calls that
have sockfd as arg[0]. No decoding for socket and socketpair calls that
take no descriptors.
* net.c: Add printing of decoded socket descriptors for syscalls that
have such desc as arg[0] instead of printing a bare int.
* tests/net-fd: New test file to test proper decoding of sockfd's.
* tests/Makefile.am (TESTS): Add net-fd to test suite.

diff --git a/net.c b/net.c
index ea785b3..2625149 100644
--- a/net.c
+++ b/net.c
@@ -1651,7 +1651,8 @@
 sys_bind(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printsock(tcp, tcp->u_arg[1], tcp->u_arg[2]);
  tprintf(", %lu", tcp->u_arg[2]);
  }
@@ -1668,7 +1669,9 @@
 sys_listen(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, %lu", tcp->u_arg[0], tcp->u_arg[1]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
+ tprintf("%lu", tcp->u_arg[1]);
  }
  return 0;
 }
@@ -1677,7 +1680,8 @@
 do_accept(struct tcb *tcp, int flags_arg)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  return 0;
  }
  if (!tcp->u_arg[2])
@@ -1717,7 +1721,8 @@
 sys_send(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
  tprintf(", %lu, ", tcp->u_arg[2]);
  /* flags */
@@ -1730,7 +1735,8 @@
 sys_sendto(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
  tprintf(", %lu, ", tcp->u_arg[2]);
  /* flags */
@@ -1750,7 +1756,8 @@
 sys_sendmsg(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printmsghdr(tcp, tcp->u_arg[1], (unsigned long) -1L);
  /* flags */
  tprints(", ");
@@ -1764,7 +1771,8 @@
 {
  if (entering(tcp)) {
  /* sockfd */
- tprintf("%d, ", (int) tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  if (!verbose(tcp)) {
  tprintf("%#lx, %u, ",
  tcp->u_arg[1], (unsigned int) tcp->u_arg[2]);
@@ -1783,7 +1791,8 @@
 sys_recv(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  } else {
  if (syserror(tcp))
  tprintf("%#lx", tcp->u_arg[1]);
@@ -1802,7 +1811,8 @@
  int fromlen;

  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  } else {
  if (syserror(tcp)) {
  tprintf("%#lx, %lu, %lu, %#lx, %#lx",
@@ -1846,7 +1856,8 @@
 sys_recvmsg(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  } else {
  if (syserror(tcp) || !verbose(tcp))
  tprintf("%#lx", tcp->u_arg[1]);
@@ -1866,7 +1877,8 @@
  static char str[5 + TIMESPEC_TEXT_BUFSIZE];

  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  if (verbose(tcp)) {
  sprint_timespec(str, tcp, tcp->u_arg[4]);
  /* Abusing tcp->auxstr as temp storage.
@@ -1916,7 +1928,8 @@
 sys_shutdown(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printxval(shutdown_modes, tcp->u_arg[1], "SHUT_???");
  }
  return 0;
@@ -2017,7 +2030,8 @@
 sys_getsockopt(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printxval(socketlayers, tcp->u_arg[1], "SOL_???");
  tprints(", ");
  switch (tcp->u_arg[1]) {
@@ -2283,7 +2297,8 @@
 sys_setsockopt(struct tcb *tcp)
 {
  if (entering(tcp)) {
- tprintf("%ld, ", tcp->u_arg[0]);
+ printfd(tcp, tcp->u_arg[0]);
+ tprints(", ");
  printsockopt(tcp, tcp->u_arg[1], tcp->u_arg[2],
       tcp->u_arg[3], tcp->u_arg[4]);
  tprintf(", %lu", tcp->u_arg[4]);
diff --git a/pathtrace.c b/pathtrace.c
index 03f6681..1e57b48 100644
--- a/pathtrace.c
+++ b/pathtrace.c
@@ -158,7 +158,7 @@

  s = tcp->s_ent;

- if (!(s->sys_flags & (TRACE_FILE | TRACE_DESC)))
+ if (!(s->sys_flags & (TRACE_FILE | TRACE_DESC | TRACE_NETWORK)))
  return 0;

  /*
@@ -339,11 +339,13 @@
     s->sys_func == sys_timerfd_settime ||
     s->sys_func == sys_timerfd_gettime ||
     s->sys_func == sys_epoll_create ||
+        s->sys_func == sys_socket ||
+        s->sys_func == sys_socketpair ||
     strcmp(s->sys_name, "fanotify_init") == 0)
  {
  /*
- * These have TRACE_FILE or TRACE_DESCRIPTOR set, but they
- * don't have any file descriptor or path args to test.
+ * These have TRACE_FILE or TRACE_DESCRIPTOR or TRACE_NETWORK set,
+ * but they don't have any file descriptor or path args to test.
  */
  return 0;
  }
@@ -359,5 +361,8 @@
  if (s->sys_flags & TRACE_DESC)
  return fdmatch(tcp, tcp->u_arg[0]);

+ if (s->sys_flags & TRACE_NETWORK)
+ return fdmatch(tcp, tcp->u_arg[0]);
+
  return 0;
 }
diff --git a/tests/Makefile.am b/tests/Makefile.am
index d8262f0..89bc3eb 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -5,7 +5,7 @@
 check_PROGRAMS = net-accept-connect set_ptracer_any sigaction

 TESTS = ptrace_setoptions strace-f qual_syscall sigaction.sh stat net \
- detach-sleeping detach-stopped detach-running
+ detach-sleeping detach-stopped detach-running net-fd

 LOG_COMPILER = $(srcdir)/run.sh

diff --git a/tests/net-fd b/tests/net-fd
new file mode 100644
index 0000000..1be5b77
--- /dev/null
+++ b/tests/net-fd
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+# Check how network syscalls are traced when decoding socket descriptors
+
+. "${srcdir=.}/init.sh"
+
+check_prog grep
+check_prog rm
+
+rm -f $LOG.*
+
+./net-accept-connect ||
+ fail_ 'net-accept-connect failed'
+
+# using -y to test socket descriptors 'paths' decoding
+args="-tt -ff -y -o $LOG -enetwork ./net-accept-connect"
+$STRACE $args ||
+ fail_ "strace $args failed"
+
+"$srcdir"/../strace-log-merge $LOG > $LOG || {
+ cat $LOG
+ fail_ 'strace-log-merge failed'
+}
+
+rm -f $LOG.*
+
+grep_log()
+{
+ local syscall="$1"; shift
+ local prefix='[1-9][0-9]* +[0-9]+:[0-9]+:[0-9]+\.[0-9]+ +'
+
+ LC_ALL=C grep -E -x "$prefix$syscall$@" $LOG > /dev/null || {
+ cat $LOG
+ fail_ "strace -enetwork failed to trace \"$syscall\" properly"
+ }
+}
+grep_log bind '\(0<socket:\[[0-9]+\]>,
\{sa_family=AF_(LOCAL|UNIX|FILE), sun_path="local-stream"\}, 15\) +=
0'
+grep_log listen '\(0<socket:\[[0-9]+\]>, 5\) += 0'
+grep_log getsockname '\(0<socket:\[[0-9]+\]>,
\{sa_family=AF_(LOCAL|UNIX|FILE), sun_path="local-stream"\}, \[15\]\)
+= 0'
+grep_log accept '\(0<socket:\[[0-9]+\]>,
\{sa_family=AF_(LOCAL|UNIX|FILE), NULL\}, \[2\]\) += 1'
+grep_log connect '\(1<socket:\[[0-9]+\]>,
\{sa_family=AF_(LOCAL|UNIX|FILE), sun_path="local-stream"\}, 15\) +=
0'
+
+exit 0

More information about the Strace-devel mailing list