[PATCH v7 0/8] New filtering architecture

Nikolay Marchuk marchuk.nikolay.a at gmail.com
Fri Aug 11 10:43:45 UTC 2017 

These patches implement new filtering architecture. Currently supported actions:
trace, inject, fault, read, write, raw, abbrev, verbose. Currently supported
filters: syscall, fd, path.
Changes in filtering language:
* Delimiter of action arguments is now ';'.
* Supported logical operators: and, or, not. Also C-like forms of these 
  operators are supported: &&, ||, !.
* Syscall filter accepts syscalls' set, class or regex with old set description
  syntax.

Changes since v1:
* qualify.c is now splitted in separate commit.

Changes since v2:
* Fixed segmentation fault in inject/fault parsing.
* basic_filters.c (run_fd_filter): Changed returns to true/false.

Changes since v3:
* Fixed invalid accounting of syscalls for inject/fault actions.
* Fixed order of filter actions with same priority.
* Refactored inject arguments parsing.
* Refactored fd filtering.
* Refactored tests for syscall set syntax.
* Improved diagnostics of filtering errors.
* Rewritten algorithms of parsing for new filtering language.

Changes since v4:
* Fixes in fd and path filtering.
* Added tests for fd filtering.
* Syscall tests refactoring is now in a separate commit.
* Style and readability fixes.

Known issues in v4:
* Fd filter returns valid results only if negative fds are not filtered.

Changes since v5:
* Refactored parsing.
* Fixes in fd and path filtering.
* Improved diagnostics.
* Added stacktrace action.
* Style fixes.

Changes since v6:
* Refactored fd and path filtering.
* Fixed memory leaks in parser.
* Fixed some corner cases of parsing.
* Disabled set inversions in new syntax.
* Improved tests.

Notes for v7:
"Improve fd filtering" patch should be applied after
"pathtrace: fix matching of execveat syscall" and
"Add TF flag to inotify_add_watch entries" patches.

Nikolay Marchuk (8):
  tests: improve syscall syntax testing
  Introduce new filtering architecture
  Improve fd filtering
  Optimize default filtering
  Implement new filtering language parsing
  Add path filter
  tests: check fd filter
  Add stacktrace filter action

 Makefile.am                         |   5 +
 basic_actions.c                     | 147 ++++++++++++
 basic_filters.c                     | 208 ++++++++++++-----
 defs.h                              |  20 +-
 filter.c                            | 148 ++++++++++++
 filter.h                            |  46 +++-
 filter_action.c                     | 263 +++++++++++++++++++++
 filter_expression.c                 | 455 ++++++++++++++++++++++++++++++++++++
 filter_parse.c                      | 223 ++++++++++++++++++
 filter_qualify.c                    | 280 +++++++++++-----------
 pathtrace.c                         | 199 +++++++++-------
 strace.c                            |  19 +-
 syscall.c                           |  30 +--
 tests/.gitignore                    |   1 +
 tests/Makefile.am                   |   4 +
 tests/filtering_fd-syntax.test      |  71 ++++++
 tests/filtering_fd.c                | 202 ++++++++++++++++
 tests/filtering_fd.test             |  29 +++
 tests/filtering_syscall-syntax.test |  98 ++++++++
 tests/options-syntax.test           |  28 ---
 tests/qual_fault-syntax.test        |  26 +--
 tests/qual_inject-syntax.test       |  27 +--
 unwind.c                            |   6 +
 23 files changed, 2147 insertions(+), 388 deletions(-)
 create mode 100644 basic_actions.c
 create mode 100644 filter.c
 create mode 100644 filter_action.c
 create mode 100644 filter_expression.c
 create mode 100644 filter_parse.c
 create mode 100755 tests/filtering_fd-syntax.test
 create mode 100644 tests/filtering_fd.c
 create mode 100755 tests/filtering_fd.test
 create mode 100755 tests/filtering_syscall-syntax.test

-- 
2.11.0

More information about the Strace-devel mailing list