[PATCH v6 3/9] Introduce new filtering architecture
Eugene Syromiatnikov
esyr at redhat.com
Mon Aug 7 04:36:28 UTC 2017
On Wed, Aug 02, 2017 at 12:36:43PM +0700, Nikolay Marchuk wrote:
> This change introduces new filtering architecture primitives: filter,
> filter_action and bool_expression. Filtering is now done after decoding of
> syscall and tcp->qual_flg stores filtering results.
>
> * basic_actions.c: New file.
> * basic_filters.c (number_isset): Return bool.
> (add_number_to_set): Make static.
> (qualify_syscall_number): Rename to parse_syscall_number.
> (qualify_syscall_regex): Rename to parse_syscall_regex.
> (qualify_syscall_class): Rename to parse_syscall_class.
> (qualify_syscall_name): Rename to parse_syscall_name.
> (qualify_syscall): Rename to parse_syscall, use renamed functions.
> (qualify_syscall_tokens): Rename to parse_syscall_set, make static,
> remove "name" argument (assume "system call").
> (qualify_tokens): Rename to parse_set.
> (parse_syscall_filter, parse_fd_filter, run_syscall_filter,
> run_fd_filter, free_syscall_filter, free_fd_filter): New functions.
> * defs.h (struct inject_opts): Add init flag.
> (QUAL_READ, QUAL_WRITE): Change description.
> (dump_read, dump_write): Add macros for checking QUAL_READ/QUAL_WRITE.
> (read_set, write_set): Remove global set variables.
> (qualify, qual_flags): Remove old declarations ...
> (filter_syscall, parse_qualify_filter, filtering_parsing_finish):
> ... and add new declarations.
> * filter.c: New file.
> * filter.h: Change declarations.
> * filter_action.c: New file.
> * filter_expression.c: Likewise.
> * filter_qualify.c (read_set, write_set, abbrev_set, inject_set, raw_set,
> trace_set, verbose_set): Remove set variables.
> (parse_inject_expression): Remove function.
> (parse_inject_common_args): New function.
> (qualify_read): Rename to parse_read.
> (qualify_write): Rename to parse_write.
> (qualify_signals): Use parse_set function.
> (qualify_trace): Rename to parse_trace.
> (qualify_abbrev): Rename to parse_abbrev.
> (qualify_verbose): Rename to parse_verbose.
> (qualify_raw): Rename to parse_raw.
> (qualify_inject_common): Rename to parse_inject_common, use new filters.
> (qualify_fault): Rename to parse_fault.
> (qualify_inject): Rename to parse_inject.
> (qualify): Rename to parse_qualify_filter.
> (qual_flags): Remove function.
> * Makefile.am (strace_SOURCES): Add new files.
> * strace.c (init): Use new filtering for -e option.
> (trace_syscall): Add filtering after syscall decoding.
> * syscall.c (decode_socket_subcall): Remove qual_flags from decoder.
> (decode_ipc_subcall): Likewise.
> (decode_mips_subcall): Likewise.
> (get_scno): Likewise.
> (inject_vec, tamper_with_syscall_entering): Remove inject_vec support code.
> (dumpio): Check new macros instead of global sets.
> ---
> Makefile.am | 4 +
> basic_actions.c | 147 +++++++++++++++++++++++++++++++++
> basic_filters.c | 99 +++++++++++++++++-----
> defs.h | 14 ++--
> filter.c | 145 ++++++++++++++++++++++++++++++++
> filter.h | 37 +++++++--
> filter_action.c | 221 +++++++++++++++++++++++++++++++++++++++++++++++++
> filter_expression.c | 214 +++++++++++++++++++++++++++++++++++++++++++++++
> filter_qualify.c | 233 +++++++++++++++++++++++-----------------------------
> strace.c | 18 ++--
> syscall.c | 24 ++----
> 11 files changed, 969 insertions(+), 187 deletions(-)
> create mode 100644 basic_actions.c
> create mode 100644 filter.c
> create mode 100644 filter_action.c
> create mode 100644 filter_expression.c
>
> diff --git a/Makefile.am b/Makefile.am
> index 12a7ac4..0cc698a 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -86,6 +86,7 @@ strace_SOURCES = \
> affinity.c \
> aio.c \
> alpha.c \
> + basic_actions.c \
> basic_filters.c \
> bind.c \
> bjm.c \
> @@ -131,7 +132,10 @@ strace_SOURCES = \
> fetch_struct_statfs.c \
> file_handle.c \
> file_ioctl.c \
> + filter_action.c \
> + filter_expression.c \
> filter_qualify.c \
> + filter.c \
> filter.h \
> flock.c \
> flock.h \
> diff --git a/basic_actions.c b/basic_actions.c
> new file mode 100644
> index 0000000..5a1ebf8
> --- /dev/null
> +++ b/basic_actions.c
> @@ -0,0 +1,147 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikolay.a at gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#include "defs.h"
> +#include "filter.h"
> +
> +bool
> +is_traced(struct tcb *tcp)
> +{
> + return (tcp->qual_flg & QUAL_TRACE);
> +}
> +
> +bool
> +not_injected(struct tcb *tcp)
> +{
> + return !(tcp->qual_flg & QUAL_INJECT);
> +}
> +
> +void *
> +parse_null(const char *str)
> +{
> + return NULL;
> +}
> +
> +void
> +free_null(void *_priv_data)
> +{
> + return;
> +}
> +
> +void
> +apply_trace(struct tcb *tcp, void *_priv_data)
> +{
> + if (!tracing_paths || pathtrace_match(tcp))
> + tcp->qual_flg |= QUAL_TRACE;
> +}
> +
> +void
> +apply_inject(struct tcb *tcp, void *_priv_data)
> +{
> + struct inject_opts *opts = _priv_data;
> +
> + tcp->qual_flg |= QUAL_INJECT;
> + if (!tcp->inject_vec[current_personality])
> + tcp->inject_vec[current_personality] =
> + xcalloc(nsyscalls, sizeof(struct inject_opts));
> + if (scno_in_range(tcp->scno)
> + && !tcp->inject_vec[current_personality][tcp->scno].init)
> + tcp->inject_vec[current_personality][tcp->scno] = *opts;
> +}
> +
> +static void *
> +parse_inject_common(const char *str, bool fault_tokens_only,
> + const char *description)
> +{
> + struct inject_opts *opts = xmalloc(sizeof(struct inject_opts));
> + char *buf = str ? xstrdup(str) : NULL;
> +
> + parse_inject_common_args(buf, opts, ";", fault_tokens_only);
> + if (!opts->init)
> + error_msg_and_die("invalid %s '%s'", description, str);
> + free(buf);
> + return opts;
> +}
> +
> +void *
> +parse_inject(const char *str)
> +{
> + return parse_inject_common(str, false, "inject argument");
> +}
> +
> +void free_inject(void *_priv_data)
> +{
> + free(_priv_data);
> +}
> +
> +void
> +apply_fault(struct tcb *tcp, void *_priv_data)
> +{
> + apply_inject(tcp, _priv_data);
> +}
> +
> +void *
> +parse_fault(const char *str)
> +{
> + return parse_inject_common(str, true, "fault argument");
> +}
> +
> +void
> +free_fault(void *_priv_data)
> +{
> + free_inject(_priv_data);
> +}
> +
> +void
> +apply_read(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_READ;
> +}
> +
> +void
> +apply_write(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_WRITE;
> +}
> +
> +void
> +apply_raw(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_RAW;
> +}
> +
> +void
> +apply_abbrev(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_ABBREV;
> +}
> +
> +void
> +apply_verbose(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_VERBOSE;
> +}
> diff --git a/basic_filters.c b/basic_filters.c
> index 316b733..85eb58b 100644
> --- a/basic_filters.c
> +++ b/basic_filters.c
> @@ -48,7 +48,8 @@ number_setbit(const unsigned int i, number_slot_t *const vec)
> static bool
> number_isset(const unsigned int i, const number_slot_t *const vec)
> {
> - return vec[i / BITS_PER_SLOT] & ((number_slot_t) 1 << (i % BITS_PER_SLOT));
> + return (vec[i / BITS_PER_SLOT]
> + & ((number_slot_t) 1 << (i % BITS_PER_SLOT))) ? true : false;
> }
>
> static void
> @@ -62,7 +63,7 @@ reallocate_number_set(struct number_set *const set, const unsigned int new_nslot
> set->nslots = new_nslots;
> }
>
> -void
> +static void
> add_number_to_set(const unsigned int number, struct number_set *const set)
> {
> reallocate_number_set(set, number / BITS_PER_SLOT + 1);
> @@ -77,7 +78,7 @@ is_number_in_set(const unsigned int number, const struct number_set *const set)
> }
>
> static bool
> -qualify_syscall_number(const char *s, struct number_set *set)
> +parse_syscall_number(const char *s, struct number_set *set)
> {
> int n = string_to_uint(s);
> if (n < 0)
> @@ -108,7 +109,7 @@ regerror_msg_and_die(int errcode, const regex_t *preg,
> }
>
> static bool
> -qualify_syscall_regex(const char *s, struct number_set *set)
> +parse_syscall_regex(const char *s, struct number_set *set)
> {
> regex_t preg;
> int rc;
> @@ -180,7 +181,7 @@ lookup_class(const char *s)
> }
>
> static bool
> -qualify_syscall_class(const char *s, struct number_set *set)
> +parse_syscall_class(const char *s, struct number_set *set)
> {
> const unsigned int n = lookup_class(s);
> if (!n)
> @@ -203,7 +204,7 @@ qualify_syscall_class(const char *s, struct number_set *set)
> }
>
> static bool
> -qualify_syscall_name(const char *s, struct number_set *set)
> +parse_syscall_name(const char *s, struct number_set *set)
> {
> unsigned int p;
> bool found = false;
> @@ -225,7 +226,7 @@ qualify_syscall_name(const char *s, struct number_set *set)
> }
>
> static bool
> -qualify_syscall(const char *token, struct number_set *set)
> +parse_syscall(const char *token, struct number_set *set)
> {
> bool ignore_fail = false;
>
> @@ -234,11 +235,11 @@ qualify_syscall(const char *token, struct number_set *set)
> ignore_fail = true;
> }
> if (*token >= '0' && *token <= '9')
> - return qualify_syscall_number(token, set) || ignore_fail;
> + return parse_syscall_number(token, set) || ignore_fail;
> if (*token == '/')
> - return qualify_syscall_regex(token + 1, set) || ignore_fail;
> - return qualify_syscall_class(token, set)
> - || qualify_syscall_name(token, set)
> + return parse_syscall_regex(token + 1, set) || ignore_fail;
> + return parse_syscall_class(token, set)
> + || parse_syscall_name(token, set)
> || ignore_fail;
> }
>
> @@ -247,8 +248,7 @@ qualify_syscall(const char *token, struct number_set *set)
> * according to STR specification.
> */
> void
> -qualify_syscall_tokens(const char *const str, struct number_set *const set,
> - const char *const name)
> +parse_syscall_set(const char *const str, struct number_set *const set)
> {
> /* Clear all sets. */
> unsigned int p;
> @@ -286,10 +286,10 @@ handle_inversion:
>
> /*
> * Split the string into comma separated tokens.
> - * For each token, call qualify_syscall that will take care
> + * For each token, call parse_syscall that will take care
> * if adding appropriate syscall numbers to sets.
> * The absence of tokens or a negative return code
> - * from qualify_syscall is a fatal error.
> + * from parse_syscall is a fatal error.
> */
> char *copy = xstrdup(s);
> char *saveptr = NULL;
> @@ -298,24 +298,54 @@ handle_inversion:
>
> for (token = strtok_r(copy, ",", &saveptr); token;
> token = strtok_r(NULL, ",", &saveptr)) {
> - done = qualify_syscall(token, set);
> + done = parse_syscall(token, set);
> if (!done) {
> - error_msg_and_die("invalid %s '%s'", name, token);
> + error_msg_and_die("invalid system call '%s'", token);
> }
> }
>
> free(copy);
>
> if (!done) {
> - error_msg_and_die("invalid %s '%s'", name, str);
> + error_msg_and_die("invalid system call '%s'", str);
> + }
> +}
> +
> +void *
> +parse_syscall_filter(const char *str)
> +{
> + struct number_set *set = xcalloc(SUPPORTED_PERSONALITIES,
> + sizeof(struct number_set));
> +
> + parse_syscall_set(str, set);
> + return set;
> +}
> +
> +bool
> +run_syscall_filter(struct tcb *tcp, void *_priv_data)
> +{
> + struct number_set *set = _priv_data;
> +
> + return is_number_in_set(tcp->scno, &set[current_personality]);
> +}
> +
> +void
> +free_syscall_filter(void *_priv_data)
> +{
> + struct number_set *set = _priv_data;
> + unsigned int p;
> +
> + for (p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
> + free(set[p].vec);
> }
> + free(set);
> }
>
> /*
> * Add numbers to SET according to STR specification.
> */
> void
> -qualify_tokens(const char *const str, struct number_set *const set,
> +parse_set(const char *const str, struct number_set *const set,
> string_to_uint_func func, const char *const name)
> {
> /* Clear the set. */
> @@ -373,3 +403,34 @@ handle_inversion:
> error_msg_and_die("invalid %s '%s'", name, str);
> }
> }
> +
> +void *
> +parse_fd_filter(const char *str)
> +{
> + struct number_set *set = xmalloc(sizeof(struct number_set));
> +
> + memset(set, 0, sizeof(struct number_set));
The pair of xmalloc and memset calls can be replaced with xcalloc(1, sizeof()).
> + parse_set(str, set, string_to_uint, "descriptor");
> + return set;
> +}
> +
> +bool
> +run_fd_filter(struct tcb *tcp, void *_priv_data)
> +{
> + int fd = tcp->u_arg[0];
> + struct number_set *set = _priv_data;
> +
> + if (fd < 0)
> + return false;
> + return is_number_in_set(fd, set);
> +}
> +
> +void
> +free_fd_filter(void *_priv_data)
> +{
> + struct number_set *set = _priv_data;
> +
> + free(set->vec);
> + free(set);
> + return;
> +}
> diff --git a/defs.h b/defs.h
> index a45d37b..491664a 100644
> --- a/defs.h
> +++ b/defs.h
> @@ -197,6 +197,7 @@ struct inject_opts {
> uint16_t step;
> uint16_t signo;
> int rval;
> + bool init;
> };
>
> #define MAX_ERRNO_VALUE 4095
> @@ -266,8 +267,8 @@ struct tcb {
> #define QUAL_RAW 0x008 /* print all args in hex for this syscall */
> #define QUAL_INJECT 0x010 /* tamper with this system call on purpose */
> #define QUAL_SIGNAL 0x100 /* report events with this signal */
> -#define QUAL_READ 0x200 /* dump data read from this file descriptor */
> -#define QUAL_WRITE 0x400 /* dump data written to this file descriptor */
> +#define QUAL_READ 0x200 /* dump data read in this syscall */
> +#define QUAL_WRITE 0x400 /* dump data written in this syscall */
>
> #define DEFAULT_QUAL_FLAGS (QUAL_TRACE | QUAL_ABBREV | QUAL_VERBOSE)
>
> @@ -276,6 +277,8 @@ struct tcb {
> #define syserror(tcp) ((tcp)->u_error != 0)
> #define verbose(tcp) ((tcp)->qual_flg & QUAL_VERBOSE)
> #define abbrev(tcp) ((tcp)->qual_flg & QUAL_ABBREV)
> +#define dump_read(tcp) ((tcp)->qual_flg & QUAL_READ)
> +#define dump_write(tcp) ((tcp)->qual_flg & QUAL_WRITE)
> #define filtered(tcp) ((tcp)->flags & TCB_FILTERED)
> #define hide_log(tcp) ((tcp)->flags & TCB_HIDE_LOG)
>
> @@ -674,13 +677,12 @@ print_struct_statfs64(struct tcb *, kernel_ulong_t addr, kernel_ulong_t size);
> extern void print_ifindex(unsigned int);
>
> struct number_set;
> -extern struct number_set read_set;
> -extern struct number_set write_set;
> extern struct number_set signal_set;
>
> extern bool is_number_in_set(unsigned int number, const struct number_set *);
> -extern void qualify(const char *);
> -extern unsigned int qual_flags(const unsigned int);
> +extern void filtering_parsing_finish(void);
> +extern void filter_syscall(struct tcb *);
> +extern void parse_qualify_filter(const char *);
>
> #define DECL_IOCTL(name) \
> extern int \
> diff --git a/filter.c b/filter.c
> new file mode 100644
> index 0000000..590228f
> --- /dev/null
> +++ b/filter.c
> @@ -0,0 +1,145 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikolay.a at gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#include "defs.h"
> +#include "filter.h"
> +
> +#define DECL_FILTER(name) \
> +extern void * \
> +parse_ ## name ## _filter(const char *); \
> +extern bool \
> +run_ ## name ## _filter(struct tcb *, void *); \
> +extern void \
> +free_ ## name ## _filter(void *) \
> +/* End of DECL_FILTER definition. */
> +
> +DECL_FILTER(syscall);
> +DECL_FILTER(fd);
> +#undef DECL_FILTER
> +
> +#define FILTER_TYPE(name) \
> +{#name, parse_ ## name ## _filter, run_ ## name ## _filter, \
> + free_ ## name ## _filter}
Please, either add /* End of ... */ comment, or indent this definition.
> +
> +static const struct filter_type {
> + const char *name;
> + void *(*parse_filter)(const char *);
> + bool (*run_filter)(struct tcb *, void *);
> + void (*free_priv_data)(void *);
> +} filter_types[] = {
> + FILTER_TYPE(syscall),
> + FILTER_TYPE(fd),
> +};
> +#undef FILTER_TYPE
> +
> +struct filter {
> + const struct filter_type *type;
> + void *_priv_data;
> +};
> +
> +static const struct filter_type *
> +lookup_filter_type(const char *str)
> +{
> + unsigned int i;
> +
> + for (i = 0; i < ARRAY_SIZE(filter_types); i++) {
> + if (!strcmp(filter_types[i].name, str))
> + return &filter_types[i];
> + }
> + return NULL;
> +}
> +
> +struct filter *
> +add_filter_to_array(struct filter **filters, unsigned int *nfilters,
> + const char *name)
> +{
> + const struct filter_type *type = lookup_filter_type(name);
> + struct filter *filter;
> +
> + if (!type)
> + error_msg_and_die("invalid filter '%s'", name);
> + *filters = xreallocarray(*filters, ++(*nfilters),
> + sizeof(struct filter));
> + filter = &((*filters)[*nfilters - 1]);
> + filter->type = type;
> + return filter;
> +}
> +
> +void
> +parse_filter(struct filter *filter, const char *str)
> +{
> + filter->_priv_data = filter->type->parse_filter(str);
> +}
> +
> +static bool
> +run_filter(struct tcb *tcp, struct filter *filter)
> +{
> + return filter->type->run_filter(tcp, filter->_priv_data);
> +}
> +
> +void
> +run_filters(struct tcb *tcp, struct filter *filters, unsigned int nfilters,
> + bool *variables_buf)
> +{
> + unsigned int i;
> +
> + for (i = 0; i < nfilters; ++i)
> + variables_buf[i] = run_filter(tcp, &filters[i]);
> +}
> +
> +void
> +free_filter(struct filter *filter)
> +{
> + if (!filter)
> + return;
> + filter->type->free_priv_data(filter->_priv_data);
> +}
> +
> +void *
> +get_filter_priv_data(struct filter *filter)
> +{
> + return filter ? filter->_priv_data : NULL;
> +}
> +
> +void
> +set_filter_priv_data(struct filter *filter, void *_priv_data)
> +{
> + if (filter)
> + filter->_priv_data = _priv_data;
> +}
> +
> +void
> +set_filters_qualify_mode(struct filter **filters, unsigned int *nfilters)
> +{
> + unsigned int i;
> +
> + for (i = 0; i < *nfilters - 1; ++i)
> + free_filter(*filters + i);
> + (*filters)[0] = (*filters)[*nfilters - 1];
> + *filters = xreallocarray(*filters, 1, sizeof(struct filter));
> + *nfilters = 1;
> +}
> diff --git a/filter.h b/filter.h
> index a798199..4085d45 100644
> --- a/filter.h
> +++ b/filter.h
> @@ -28,11 +28,38 @@
> # define STRACE_FILTER_H
> # include "defs.h"
>
> +struct filter;
> +
> +struct filter_action;
> +
> +struct bool_expression;
> +
> typedef int (*string_to_uint_func)(const char *);
> +void parse_set(const char *const, struct number_set *const,
> + string_to_uint_func, const char *const);
> +void parse_inject_common_args(char *, struct inject_opts *, const char *delim,
> + const bool fault_tokens_only);
> +
> +/* filter api */
> +struct filter* add_filter_to_array(struct filter **, unsigned int *nfilters,
> + const char *name);
> +void parse_filter(struct filter *, const char *str);
> +void run_filters(struct tcb *, struct filter *, unsigned int, bool *);
> +void free_filter(struct filter *);
> +void *get_filter_priv_data(struct filter *);
> +void set_filter_priv_data(struct filter *, void *);
> +void set_filters_qualify_mode(struct filter **, unsigned int *nfilters);
> +
> +/* filter action api */
> +struct filter *create_filter(struct filter_action *, const char *name);
> +struct filter_action *find_or_add_action(const char *);
> +void *get_filter_action_priv_data(struct filter_action *);
> +void set_filter_action_priv_data(struct filter_action *, void *);
> +void set_qualify_mode(struct filter_action *);
> +
> +/* filter expression api */
> +struct bool_expression *create_expression();
> +bool run_expression(struct bool_expression *, bool *, unsigned int);
> +void set_expression_qualify_mode(struct bool_expression *);
>
> -void add_number_to_set(const unsigned int, struct number_set *const);
> -void qualify_tokens(const char *const, struct number_set *const,
> - string_to_uint_func, const char *const);
> -void qualify_syscall_tokens(const char *const, struct number_set *const,
> - const char *const);
> #endif
> diff --git a/filter_action.c b/filter_action.c
> new file mode 100644
> index 0000000..f8bca97
> --- /dev/null
> +++ b/filter_action.c
> @@ -0,0 +1,221 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikolay.a at gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#include "defs.h"
> +#include "filter.h"
> +
> +#define DECL_FILTER_ACTION(name) \
> +extern void \
> +apply_ ## name(struct tcb *, void *) \
> +/* End of DECL_FILTER_ACTION definition. */
> +
> +DECL_FILTER_ACTION(trace);
> +DECL_FILTER_ACTION(inject);
> +DECL_FILTER_ACTION(fault);
> +DECL_FILTER_ACTION(read);
> +DECL_FILTER_ACTION(write);
> +DECL_FILTER_ACTION(raw);
> +DECL_FILTER_ACTION(abbrev);
> +DECL_FILTER_ACTION(verbose);
> +#undef DECL_FILTER_ACTION
> +
> +extern bool is_traced(struct tcb *);
> +extern bool not_injected(struct tcb *);
> +
> +#define DECL_FILTER_ACTION_PARSER(name) \
> +extern void * \
> +parse_ ## name(const char *); \
> +extern void \
> +free_ ## name(void *) \
> +/* End of DECL_FILTER_ACTION_PARSER definition. */
> +
> +DECL_FILTER_ACTION_PARSER(null);
> +DECL_FILTER_ACTION_PARSER(inject);
> +DECL_FILTER_ACTION_PARSER(fault);
> +#undef DECL_FILTER_ACTION_PARSER
> +
> +#define FILTER_ACTION_TYPE(NAME, PRIORITY, PARSER, PREFILTER) \
> +{#NAME, PRIORITY, parse_ ## PARSER, free_ ## PARSER, PREFILTER, apply_ ## NAME}
> +
> +static const struct filter_action_type {
> + const char *name;
> + unsigned int priority;
> + void * (*parse_args)(const char *);
> + void (*free_priv_data)(void *);
> + bool (*prefilter)(struct tcb *);
> + void (*apply)(struct tcb *, void *);
> +} action_types[] = {
> + FILTER_ACTION_TYPE(trace, 2, null, NULL),
> + FILTER_ACTION_TYPE(inject, 2, inject, not_injected),
> + FILTER_ACTION_TYPE(fault, 2, fault, not_injected),
> + FILTER_ACTION_TYPE(read, 1, null, is_traced),
> + FILTER_ACTION_TYPE(write, 1, null, is_traced),
> + FILTER_ACTION_TYPE(raw, 1, null, is_traced),
> + FILTER_ACTION_TYPE(abbrev, 1, null, is_traced),
> + FILTER_ACTION_TYPE(verbose, 1, null, is_traced),
> +};
> +#undef FILTER_ACTION_TYPE
> +
> +struct filter_action {
> + /* Used to correct order of actions with same priority. */
"with the same"
> + unsigned int id;
> + const struct filter_action_type *type;
> + struct bool_expression *expr;
> + unsigned int nfilters;
> + struct filter *filters;
> + void *_priv_data;
> +};
> +
> +static struct filter_action *filter_actions;
> +static unsigned int nfilter_actions;
> +
> +static bool *variables_buf;
> +
> +/* Compares actions priority. If actions have same priority, uses LIFO order */
"action priorities", "actions' priorities", or "priorities of actions"
"have the same"
> +static int
> +compare_action_priority(const void *a, const void *b)
> +{
> + const struct filter_action *action_a = a;
> + const struct filter_action *action_b = b;
> + unsigned int priority_a = action_a->type->priority;
> + unsigned int priority_b = action_b->type->priority;
> +
> + if (priority_a != priority_b) {
> + return (priority_a > priority_b) ? -1 : 1;
> + } else {
> + return (action_a->id > action_b->id) ? -1 : 1;
> + }
> +}
> +
> +void
> +filtering_parsing_finish(void)
> +{
> + unsigned int maxfilters = 0;
> + unsigned int i;
> +
> + /* Sort actions by priority */
> + qsort(filter_actions, nfilter_actions, sizeof(struct filter_action),
> + &compare_action_priority);
> +
> + /* Allocate variables_buf sufficient for any action */
> + for (i = 0; i < nfilter_actions; ++i) {
> + if (filter_actions[i].nfilters > maxfilters)
> + maxfilters = filter_actions[i].nfilters;
> + }
> + variables_buf = xcalloc(maxfilters, sizeof(bool));
> +}
> +
> +static const struct filter_action_type *
> +lookup_filter_action_type(const char *str)
> +{
> + unsigned int i;
> +
> + for (i = 0; i < ARRAY_SIZE(action_types); ++i) {
> + if (!strcmp(action_types[i].name, str))
> + return &action_types[i];
> + }
> + return NULL;
> +}
> +
> +static struct filter_action *
> +add_action(const struct filter_action_type *type)
> +{
> + struct filter_action *action;
> +
> + filter_actions = xreallocarray(filter_actions, ++nfilter_actions,
> + sizeof(struct filter_action));
> + action = &filter_actions[nfilter_actions - 1];
> + memset(action, 0, sizeof(*action));
> + action->id = nfilter_actions - 1;
> + action->type = type;
> + action->expr = create_expression();
> + return action;
> +}
> +
> +struct filter_action *
> +find_or_add_action(const char *name)
> +{
> + const struct filter_action_type *type = lookup_filter_action_type(name);
> + unsigned int i;
> +
> + if (!type)
> + error_msg_and_die("invalid filter action '%s'", name);
> + /* If action takes arguments, add new action */
> + if (type->parse_args != &parse_null)
> + return add_action(type);
On a side note, this doesn't really helps in case of multiple actions
affecting the same syscall, as in strace -e trace=write -e 'fault(syscall
write;error=1;when=2+2)' -e 'fault(syscall write;error=2;when=2+3)' ls
> +
> + for (i = 0; i < nfilter_actions; ++i) {
> + if (filter_actions[i].type == type)
> + return &filter_actions[i];
> + }
> + return add_action(type);
> +}
> +
> +static void
> +run_filter_action(struct tcb *tcp, struct filter_action *action)
> +{
> + if (action->type->prefilter && !action->type->prefilter(tcp))
> + return;
> + run_filters(tcp, action->filters, action->nfilters, variables_buf);
> + if (run_expression(action->expr, variables_buf, action->nfilters))
> + action->type->apply(tcp, action->_priv_data);
> +}
> +
> +struct filter *
> +create_filter(struct filter_action *action, const char *name)
> +{
> + return add_filter_to_array(&action->filters, &action->nfilters, name);
> +}
> +
> +void
> +set_qualify_mode(struct filter_action *action)
> +{
> + set_filters_qualify_mode(&action->filters, &action->nfilters);
> + set_expression_qualify_mode(action->expr);
> +}
> +
> +void
> +filter_syscall(struct tcb *tcp)
> +{
> + unsigned int i;
> +
> + for (i = 0; i < nfilter_actions; ++i)
> + run_filter_action(tcp, &filter_actions[i]);
> +}
> +
> +void *
> +get_filter_action_priv_data(struct filter_action *action)
> +{
> + return action ? action->_priv_data : NULL;
> +}
> +
> +void
> +set_filter_action_priv_data(struct filter_action *action, void *_priv_data)
> +{
> + if (action)
> + action->_priv_data = _priv_data;
> +}
> diff --git a/filter_expression.c b/filter_expression.c
> new file mode 100644
> index 0000000..5dc5e41
> --- /dev/null
> +++ b/filter_expression.c
> @@ -0,0 +1,214 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikolay.a at gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +
> +#include "defs.h"
> +
> +struct expression_token {
> + enum token_type {
> + TOK_VARIABLE,
> + TOK_OPERATOR
> + } type;
> + union token_data {
> + unsigned int variable_id;
> + enum operator_type {
> + OP_NOT,
> + OP_AND,
> + OP_OR
> + } operator_id;
> + } data;
> +};
> +
> +struct bool_expression {
> + unsigned int ntokens;
> + struct expression_token *tokens;
> +};
> +
> +struct bool_expression *
> +create_expression(void)
> +{
> + struct bool_expression *expr = xmalloc(sizeof(struct bool_expression));
> +
> + memset(expr, 0, sizeof(struct bool_expression));
xmalloc+memset can be replaced with xcalloc call.
> + return expr;
> +}
> +
> +static void
> +reallocate_expression(struct bool_expression *const expr,
> + const unsigned int new_ntokens)
> +{
> + if (new_ntokens <= expr->ntokens)
> + return;
> + expr->tokens = xreallocarray(expr->tokens, new_ntokens,
> + sizeof(*expr->tokens));
> + memset(expr->tokens + expr->ntokens, 0,
> + sizeof(*expr->tokens) * (new_ntokens - expr->ntokens));
> + expr->ntokens = new_ntokens;
> +}
> +
> +void
> +set_expression_qualify_mode(struct bool_expression *expr)
> +{
> + if (!expr)
> + error_msg_and_die("invalid expression");
Why reallocate_expression doesn't have the same check?
> + reallocate_expression(expr, 1);
> + expr->tokens[0].type = TOK_VARIABLE;
> + expr->tokens[0].data.variable_id = 0;
> +}
> +
> +/* Print full diagnostics for corrupted expression */
> +static void
> +handle_corrupted_expression(struct bool_expression *expr, bool *stack,
> + unsigned int stack_size, unsigned int current_pos,
> + bool *variables, unsigned int variables_num)
> +{
> + char *buf, *pos;
> + unsigned int buf_size;
> + unsigned int i;
> +
> + error_msg("corrupted filter expression:");
> +
> + /* Print expression. */
> + buf_size = sizeof("expression (ntokens = ):")
> + + 3 * sizeof(unsigned int)
> + + (sizeof("op_") + 3 * sizeof(int)) * expr->ntokens;
> + buf = xcalloc(buf_size, sizeof(char));
There's no need to use calloc if your string is going to be
\0-terminated anyway.
> + pos = buf;
> + pos += sprintf(pos, "expression (ntokens = %u):", expr->ntokens);
snprintf is always better. Return code should be checked as well.
Usually, some helper function is defined, like
int
printf_append(char **ptr, char *end, const char *fmt, ...)
ATTRIBUTE_PRINTF(..)
{
int ret;
va_list args;
va_start(args, fmt)
ret = vsnprintf(*ptr, end - *ptr, fmt, args);
va_end(args);
if (ret < 0)
return ret;
*ptr += MIN(ret, end - *ptr);
return ret;
}
which allows sleeping well even without checking the return code of
any of consecutive printf_append calls, especially when you're sure that
buffer is big enough.
> + for (i = 0; i < expr->ntokens; ++i) {
> + switch (expr->tokens[i].type) {
> + case TOK_VARIABLE:
> + pos += sprintf(pos, "v_%u",
> + expr->tokens[i].data.variable_id);
> + break;
> + case TOK_OPERATOR:
> + switch (expr->tokens[i].data.operator_id) {
> + case OP_NOT:
> + pos += sprintf(pos, "not");
> + break;
> + case OP_AND:
> + pos += sprintf(pos, "and");
> + break;
> + case OP_OR:
> + pos += sprintf(pos, "or");
> + default:
> + pos += sprintf(pos, "op_%d",
> + expr->tokens[i].data.operator_id);
> + }
> + default:
> + pos += sprintf(pos, "?_%d", expr->tokens[i].type);
> + }
> + }
> + error_msg("%s\n", buf);
> + free(buf);
> +
> + /* Print variables. */
> + buf_size = sizeof("variables (nvariables = ):") + 3 * sizeof(int)
> + + sizeof("false") * variables_num;
> + buf = xcalloc(buf_size, sizeof(char));
> + pos = buf;
> + pos += sprintf(pos, "variables (nvariables = %u):", variables_num);
> + for (i = 0; i < variables_num; ++i)
> + pos += sprintf(pos, variables[i] ? " true" : " false");
> + error_msg("%s\n", buf);
> + free(buf);
> +
> + error_msg("current position: %u\n", current_pos);
> +
> + /* Print current stack state. */
> + buf_size = sizeof("stack (stack_size = ):") + 3 * sizeof(int);
> + buf = xcalloc(buf_size, sizeof(char));
> + pos = buf;
> + pos += sprintf(pos, "stack (stack_size = %u):", stack_size);
> + for (i = 0; i < stack_size; ++i)
> + pos += sprintf(pos, stack[i] ? " true" : " false");
> + error_msg_and_die("%s\n", buf);
error_* functions terminate their output with newline already, no need
to pass it explicitly here (I assume it is used in previous calls in
order to produce empty lines).
> +}
Actually, this is far more comprehensive that I expected, thanks.
> +
> +#define MAX_STACK_SIZE 32
> +
> +bool
> +run_expression(struct bool_expression *expr, bool *variables,
> + unsigned int variables_num)
> +{
> + bool stack[MAX_STACK_SIZE];
> + unsigned int stack_size = 0;
> + unsigned int i;
> +
> + for (i = 0; i < expr->ntokens; ++i) {
> + struct expression_token *tok = &expr->tokens[i];
> +
> + switch (tok->type) {
> + case TOK_VARIABLE:
> + if (stack_size == MAX_STACK_SIZE)
> + error_msg_and_die("stack overflow");
> +
> + if (tok->data.variable_id >= variables_num)
> + handle_corrupted_expression(expr, stack,
> + stack_size, i,
> + variables,
> + variables_num);
> + stack[stack_size++] = variables[tok->data.variable_id];
> + break;
> + case TOK_OPERATOR:
> + switch (tok->data.operator_id) {
> + case OP_NOT:
> + if (stack_size == 0)
> + handle_corrupted_expression(expr, stack,
> + stack_size, i,
> + variables,
> + variables_num);
> + stack[stack_size - 1] = !stack[stack_size - 1];
> + break;
> + case OP_AND:
> + if (stack_size < 2)
> + handle_corrupted_expression(expr, stack,
> + stack_size, i,
> + variables,
> + variables_num);
> + stack[stack_size - 2] = stack[stack_size - 2]
> + && stack[stack_size - 1];
> + --stack_size;
> + break;
> + case OP_OR:
> + if (stack_size < 2)
> + handle_corrupted_expression(expr, stack,
> + stack_size, i,
> + variables,
> + variables_num);
> + stack[stack_size - 2] = stack[stack_size - 2]
> + || stack[stack_size - 1];
> + --stack_size;
> + break;
> + }
> + }
> + }
> +
> + if (stack_size != 1)
> + handle_corrupted_expression(expr, stack, stack_size, i,
> + variables, variables_num);
> + return stack[0];
> +}
> diff --git a/filter_qualify.c b/filter_qualify.c
> index 32db332..105afdf 100644
> --- a/filter_qualify.c
> +++ b/filter_qualify.c
> @@ -38,16 +38,8 @@ struct number_set {
> bool not;
> };
>
> -struct number_set read_set;
> -struct number_set write_set;
> struct number_set signal_set;
>
> -static struct number_set abbrev_set[SUPPORTED_PERSONALITIES];
> -static struct number_set inject_set[SUPPORTED_PERSONALITIES];
> -static struct number_set raw_set[SUPPORTED_PERSONALITIES];
> -static struct number_set trace_set[SUPPORTED_PERSONALITIES];
> -static struct number_set verbose_set[SUPPORTED_PERSONALITIES];
> -
> static int
> find_errno_by_name(const char *name)
> {
> @@ -156,174 +148,168 @@ parse_inject_token(const char *const token, struct inject_opts *const fopts,
> return true;
> }
>
> -static char *
> -parse_inject_expression(const char *const s, char **buf,
> - struct inject_opts *const fopts,
> - const bool fault_tokens_only)
> +void
> +parse_inject_common_args(char *str, struct inject_opts *const opts,
> + const char *delim, const bool fault_tokens_only)
> {
> char *saveptr = NULL;
> - char *name = NULL;
> char *token;
>
> - *buf = xstrdup(s);
> - for (token = strtok_r(*buf, ":", &saveptr); token;
> - token = strtok_r(NULL, ":", &saveptr)) {
> - if (!name)
> - name = token;
> - else if (!parse_inject_token(token, fopts, fault_tokens_only))
> - goto parse_error;
> - }
> + opts->first = 1;
> + opts->step = 1;
> + opts->rval = INJECT_OPTS_RVAL_DEFAULT;
> + opts->signo = 0;
> + opts->init = false;
>
> - if (name)
> - return name;
> + for (token = strtok_r(str, delim, &saveptr); token;
> + token = strtok_r(NULL, delim, &saveptr)) {
> + if (!parse_inject_token(token, opts, fault_tokens_only))
> + return;
> + }
>
> -parse_error:
> - free(*buf);
> - return *buf = NULL;
> + /* If neither of retval, error, or signal is specified, then ... */
> + if (opts->rval == INJECT_OPTS_RVAL_DEFAULT && !opts->signo) {
> + if (fault_tokens_only) {
> + /* in fault= syntax the default error code is ENOSYS. */
> + opts->rval = -ENOSYS;
> + } else {
> + /* in inject= syntax this is not allowed. */
> + return;
> + }
> + }
> + opts->init = true;
> }
>
> static void
> -qualify_read(const char *const str)
> +parse_read(const char *const str)
> {
> - qualify_tokens(str, &read_set, string_to_uint, "descriptor");
> + struct filter_action *action = find_or_add_action("read");
> + struct filter *filter = create_filter(action, "fd");
> +
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_write(const char *const str)
> +parse_write(const char *const str)
> {
> - qualify_tokens(str, &write_set, string_to_uint, "descriptor");
> + struct filter_action *action = find_or_add_action("write");
> + struct filter *filter = create_filter(action, "fd");
> +
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> qualify_signals(const char *const str)
> {
> - qualify_tokens(str, &signal_set, sigstr_to_uint, "signal");
> + parse_set(str, &signal_set, sigstr_to_uint, "signal");
> }
>
> static void
> -qualify_trace(const char *const str)
> +parse_trace(const char *const str)
> {
> - qualify_syscall_tokens(str, trace_set, "system call");
> + struct filter_action *action = find_or_add_action("trace");
> + struct filter *filter = create_filter(action, "syscall");
> +
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_abbrev(const char *const str)
> +parse_abbrev(const char *const str)
> {
> - qualify_syscall_tokens(str, abbrev_set, "system call");
> + struct filter_action *action = find_or_add_action("abbrev");
> + struct filter *filter = create_filter(action, "syscall");
> +
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_verbose(const char *const str)
> +parse_verbose(const char *const str)
> {
> - qualify_syscall_tokens(str, verbose_set, "system call");
> + struct filter_action *action = find_or_add_action("verbose");
> + struct filter *filter = create_filter(action, "syscall");
> +
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_raw(const char *const str)
> +parse_raw(const char *const str)
> {
> - qualify_syscall_tokens(str, raw_set, "system call");
> + struct filter_action *action = find_or_add_action("raw");
> + struct filter *filter = create_filter(action, "syscall");
> +
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_inject_common(const char *const str,
> - const bool fault_tokens_only,
> - const char *const description)
> +parse_inject_common(const char *const str, const bool fault_tokens_only,
> + const char *const description)
I just noticed that you have two functions named parse_inject_common.
It's probably not a good idea.
> {
> - struct inject_opts opts = {
> - .first = 1,
> - .step = 1,
> - .rval = INJECT_OPTS_RVAL_DEFAULT,
> - .signo = 0
> - };
> - char *buf = NULL;
> - char *name = parse_inject_expression(str, &buf, &opts, fault_tokens_only);
> - if (!name) {
> - error_msg_and_die("invalid %s '%s'", description, str);
> - }
> -
> - /* If neither of retval, error, or signal is specified, then ... */
> - if (opts.rval == INJECT_OPTS_RVAL_DEFAULT && !opts.signo) {
> - if (fault_tokens_only) {
> - /* in fault= syntax the default error code is ENOSYS. */
> - opts.rval = -ENOSYS;
> - } else {
> - /* in inject= syntax this is not allowed. */
> - error_msg_and_die("invalid %s '%s'", description, str);
> - }
> - }
> -
> - struct number_set tmp_set[SUPPORTED_PERSONALITIES];
> - memset(tmp_set, 0, sizeof(tmp_set));
> - qualify_syscall_tokens(name, tmp_set, description);
> -
> + struct inject_opts *opts = xmalloc(sizeof(struct inject_opts));
> + char *buf = xstrdup(str);
> + struct filter_action *action;
> + struct filter *filter;
> + char *args = strchr(buf, ':');
> +
> + if (args)
> + *(args++) = '\0';
> +
> + action = find_or_add_action(fault_tokens_only ? "fault" : "inject");
> + filter = create_filter(action, "syscall");
> + parse_filter(filter, buf);
> + set_qualify_mode(action);
> + parse_inject_common_args(args, opts, ":", fault_tokens_only);
> + if (!opts->init)
> + error_msg_and_die("invalid %s '%s'", description,
> + args ? args : "");
> free(buf);
> -
> - /*
> - * Initialize inject_vec accourding to tmp_set.
> - * Merge tmp_set into inject_set.
> - */
> - unsigned int p;
> - for (p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
> - if (!tmp_set[p].nslots && !tmp_set[p].not) {
> - continue;
> - }
> -
> - if (!inject_vec[p]) {
> - inject_vec[p] = xcalloc(nsyscall_vec[p],
> - sizeof(*inject_vec[p]));
> - }
> -
> - unsigned int i;
> - for (i = 0; i < nsyscall_vec[p]; ++i) {
> - if (is_number_in_set(i, &tmp_set[p])) {
> - add_number_to_set(i, &inject_set[p]);
> - inject_vec[p][i] = opts;
> - }
> - }
> -
> - free(tmp_set[p].vec);
> - }
> + set_filter_action_priv_data(action, opts);
> }
>
> static void
> -qualify_fault(const char *const str)
> +parse_fault(const char *const str)
> {
The same here.
> - qualify_inject_common(str, true, "fault argument");
> + parse_inject_common(str, true, "fault argument");
> }
>
> static void
> -qualify_inject(const char *const str)
> +parse_inject(const char *const str)
And here.
> {
> - qualify_inject_common(str, false, "inject argument");
> + parse_inject_common(str, false, "inject argument");
> }
>
> static const struct qual_options {
> const char *name;
> void (*qualify)(const char *);
> } qual_options[] = {
> - { "trace", qualify_trace },
> - { "t", qualify_trace },
> - { "abbrev", qualify_abbrev },
> - { "a", qualify_abbrev },
> - { "verbose", qualify_verbose },
> - { "v", qualify_verbose },
> - { "raw", qualify_raw },
> - { "x", qualify_raw },
> + { "trace", parse_trace },
> + { "t", parse_trace },
> + { "abbrev", parse_abbrev },
> + { "a", parse_abbrev },
> + { "verbose", parse_verbose },
> + { "v", parse_verbose },
> + { "raw", parse_raw },
> + { "x", parse_raw },
> { "signal", qualify_signals },
> { "signals", qualify_signals },
> { "s", qualify_signals },
> - { "read", qualify_read },
> - { "reads", qualify_read },
> - { "r", qualify_read },
> - { "write", qualify_write },
> - { "writes", qualify_write },
> - { "w", qualify_write },
> - { "fault", qualify_fault },
> - { "inject", qualify_inject },
> + { "read", parse_read },
> + { "reads", parse_read },
> + { "r", parse_read },
> + { "write", parse_write },
> + { "writes", parse_write },
> + { "w", parse_write },
> + { "fault", parse_fault },
> + { "inject", parse_inject },
> };
>
> void
> -qualify(const char *str)
> +parse_qualify_filter(const char *str)
> {
> const struct qual_options *opt = qual_options;
> unsigned int i;
> @@ -342,18 +328,3 @@ qualify(const char *str)
>
> opt->qualify(str);
> }
> -
> -unsigned int
> -qual_flags(const unsigned int scno)
> -{
> - return (is_number_in_set(scno, &trace_set[current_personality])
> - ? QUAL_TRACE : 0)
> - | (is_number_in_set(scno, &abbrev_set[current_personality])
> - ? QUAL_ABBREV : 0)
> - | (is_number_in_set(scno, &verbose_set[current_personality])
> - ? QUAL_VERBOSE : 0)
> - | (is_number_in_set(scno, &raw_set[current_personality])
> - ? QUAL_RAW : 0)
> - | (is_number_in_set(scno, &inject_set[current_personality])
> - ? QUAL_INJECT : 0);
> -}
> diff --git a/strace.c b/strace.c
> index 0015ad5..0e82cc5 100644
> --- a/strace.c
> +++ b/strace.c
> @@ -838,7 +838,8 @@ droptcb(struct tcb *tcp)
>
> int p;
> for (p = 0; p < SUPPORTED_PERSONALITIES; ++p)
> - free(tcp->inject_vec[p]);
> + if (tcp->inject_vec[p])
> + free(tcp->inject_vec[p]);
>
> free_tcb_priv_data(tcp);
>
> @@ -1644,13 +1645,13 @@ init(int argc, char *argv[])
> shared_log = stderr;
> set_sortby(DEFAULT_SORTBY);
> set_personality(DEFAULT_PERSONALITY);
> - qualify("trace=all");
> - qualify("abbrev=all");
> - qualify("verbose=all");
> + parse_qualify_filter("trace=all");
> + parse_qualify_filter("abbrev=all");
> + parse_qualify_filter("verbose=all");
> #if DEFAULT_QUAL_FLAGS != (QUAL_TRACE | QUAL_ABBREV | QUAL_VERBOSE)
> # error Bug in DEFAULT_QUAL_FLAGS
> #endif
> - qualify("signal=all");
> + parse_qualify_filter("signal=all");
> while ((c = getopt(argc, argv,
> "+b:cCdfFhiqrtTvVwxyz"
> #ifdef USE_LIBUNWIND
> @@ -1717,7 +1718,7 @@ init(int argc, char *argv[])
> show_fd_path++;
> break;
> case 'v':
> - qualify("abbrev=none");
> + parse_qualify_filter("abbrev=none");
> break;
> case 'V':
> print_version();
> @@ -1732,7 +1733,7 @@ init(int argc, char *argv[])
> error_opt_arg(c, optarg);
> break;
> case 'e':
> - qualify(optarg);
> + parse_qualify_filter(optarg);
> break;
> case 'o':
> outfname = optarg;
> @@ -1780,6 +1781,7 @@ init(int argc, char *argv[])
> break;
> }
> }
> + filtering_parsing_finish();
>
> argv += optind;
> argc -= optind;
> @@ -2478,6 +2480,8 @@ trace_syscall(struct tcb *tcp, unsigned int *sig)
> case 0:
> return 0;
> case 1:
> + if (!tcp->qual_flg)
> + filter_syscall(tcp);
> res = syscall_entering_trace(tcp, sig);
> }
> syscall_entering_finish(tcp, res);
> diff --git a/syscall.c b/syscall.c
> index f21a146..48ee62f 100644
> --- a/syscall.c
> +++ b/syscall.c
> @@ -382,7 +382,6 @@ decode_socket_subcall(struct tcb *tcp)
> return;
>
> tcp->scno = scno;
> - tcp->qual_flg = qual_flags(scno);
> tcp->s_ent = &sysent[scno];
>
> unsigned int i;
> @@ -422,7 +421,6 @@ decode_ipc_subcall(struct tcb *tcp)
> }
>
> tcp->scno = SYS_ipc_subcall + call;
> - tcp->qual_flg = qual_flags(tcp->scno);
> tcp->s_ent = &sysent[tcp->scno];
>
> const unsigned int n = tcp->s_ent->nargs;
> @@ -439,7 +437,6 @@ decode_mips_subcall(struct tcb *tcp)
> if (!scno_is_valid(tcp->u_arg[0]))
> return;
> tcp->scno = tcp->u_arg[0];
> - tcp->qual_flg = qual_flags(tcp->scno);
> tcp->s_ent = &sysent[tcp->scno];
> memmove(&tcp->u_arg[0], &tcp->u_arg[1],
> sizeof(tcp->u_arg) - sizeof(tcp->u_arg[0]));
> @@ -468,7 +465,7 @@ dumpio(struct tcb *tcp)
> if (fd < 0)
> return;
>
> - if (is_number_in_set(fd, &read_set)) {
> + if (dump_read(tcp)) {
> switch (tcp->s_ent->sen) {
> case SEN_read:
> case SEN_pread:
> @@ -491,7 +488,7 @@ dumpio(struct tcb *tcp)
> return;
> }
> }
> - if (is_number_in_set(fd, &write_set)) {
> + if (dump_write(tcp)) {
> switch (tcp->s_ent->sen) {
> case SEN_write:
> case SEN_pwrite:
> @@ -577,8 +574,6 @@ static void get_error(struct tcb *, const bool);
> static int arch_set_error(struct tcb *);
> static int arch_set_success(struct tcb *);
>
> -struct inject_opts *inject_vec[SUPPORTED_PERSONALITIES];
> -
> static struct inject_opts *
> tcb_inject_opts(struct tcb *tcp)
> {
> @@ -590,14 +585,6 @@ tcb_inject_opts(struct tcb *tcp)
> static long
> tamper_with_syscall_entering(struct tcb *tcp, unsigned int *signo)
> {
> - if (!tcp->inject_vec[current_personality]) {
> - tcp->inject_vec[current_personality] =
> - xcalloc(nsyscalls, sizeof(**inject_vec));
> - memcpy(tcp->inject_vec[current_personality],
> - inject_vec[current_personality],
> - nsyscalls * sizeof(**inject_vec));
> - }
> -
> struct inject_opts *opts = tcb_inject_opts(tcp);
>
> if (!opts || opts->first == 0)
> @@ -717,9 +704,7 @@ syscall_entering_trace(struct tcb *tcp, unsigned int *sig)
> break;
> }
>
> - if (!(tcp->qual_flg & QUAL_TRACE)
> - || (tracing_paths && !pathtrace_match(tcp))
> - ) {
> + if (!(tcp->qual_flg & QUAL_TRACE)) {
> tcp->flags |= TCB_FILTERED;
> return 0;
> }
> @@ -1238,7 +1223,8 @@ get_scno(struct tcb *tcp)
>
> if (scno_is_valid(tcp->scno)) {
> tcp->s_ent = &sysent[tcp->scno];
> - tcp->qual_flg = qual_flags(tcp->scno);
> + /* Clear qual_flg to differ valid syscall from printargs */
> + tcp->qual_flg = 0;
> } else {
> struct sysent_buf *s = xcalloc(1, sizeof(*s));
>
> --
> 2.1.4
More information about the Strace-devel
mailing list