From owner-svn-src-all@freebsd.org Thu Jan 28 21:45:26 2016 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B399FA6E4FF; Thu, 28 Jan 2016 21:45:26 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 90938D50; Thu, 28 Jan 2016 21:45:26 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u0SLjPsE028983; Thu, 28 Jan 2016 21:45:25 GMT (envelope-from bdrewery@FreeBSD.org) Received: (from bdrewery@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u0SLjPk5028981; Thu, 28 Jan 2016 21:45:25 GMT (envelope-from bdrewery@FreeBSD.org) Message-Id: <201601282145.u0SLjPk5028981@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bdrewery set sender to bdrewery@FreeBSD.org using -f From: Bryan Drewery Date: Thu, 28 Jan 2016 21:45:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r295017 - in head/sys: dev/filemon modules/filemon X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jan 2016 21:45:26 -0000 Author: bdrewery Date: Thu Jan 28 21:45:25 2016 New Revision: 295017 URL: https://svnweb.freebsd.org/changeset/base/295017 Log: filemon: Use process_exec EVENTHANDLER to capture sys_execve. MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division Modified: head/sys/dev/filemon/filemon_wrapper.c head/sys/modules/filemon/Makefile Modified: head/sys/dev/filemon/filemon_wrapper.c ============================================================================== --- head/sys/dev/filemon/filemon_wrapper.c Thu Jan 28 21:42:10 2016 (r295016) +++ head/sys/dev/filemon/filemon_wrapper.c Thu Jan 28 21:45:25 2016 (r295017) @@ -29,8 +29,10 @@ #include __FBSDID("$FreeBSD$"); +#include #include #include +#include #include "opt_compat.h" @@ -44,7 +46,6 @@ __FBSDID("$FreeBSD$"); (2011-09-10) so this code is broken for 9-CURRENT September 10th-16th. */ #define sys_chdir chdir -#define sys_execve execve #define sys_link link #define sys_open open #define sys_rename rename @@ -56,6 +57,7 @@ __FBSDID("$FreeBSD$"); #endif #endif /* __FreeBSD_version */ +static eventhandler_tag filemon_exec_tag; static eventhandler_tag filemon_exit_tag; static eventhandler_tag filemon_fork_tag; @@ -137,62 +139,33 @@ filemon_wrapper_chdir(struct thread *td, return (ret); } -static int -filemon_wrapper_execve(struct thread *td, struct execve_args *uap) +static void +filemon_event_process_exec(void *arg __unused, struct proc *p, + struct image_params *imgp) { - char fname[MAXPATHLEN]; - int ret; - size_t done; - size_t len; struct filemon *filemon; + char *fullpath, *freepath; + size_t len; - copyinstr(uap->fname, fname, sizeof(fname), &done); - - if ((ret = sys_execve(td, uap)) == 0) { - if ((filemon = filemon_pid_check(curproc)) != NULL) { - len = snprintf(filemon->msgbufr, - sizeof(filemon->msgbufr), "E %d %s\n", - curproc->p_pid, fname); - - filemon_output(filemon, filemon->msgbufr, len); - - /* Unlock the found filemon structure. */ - filemon_filemon_unlock(filemon); - } - } - - return (ret); -} + if ((filemon = filemon_pid_check(p)) != NULL) { + fullpath = ""; + freepath = NULL; -#if defined(COMPAT_IA32) || defined(COMPAT_FREEBSD32) || defined(COMPAT_ARCH32) -static int -filemon_wrapper_freebsd32_execve(struct thread *td, - struct freebsd32_execve_args *uap) -{ - char fname[MAXPATHLEN]; - int ret; - size_t done; - size_t len; - struct filemon *filemon; + vn_fullpath(FIRST_THREAD_IN_PROC(p), imgp->vp, &fullpath, + &freepath); - copyinstr(uap->fname, fname, sizeof(fname), &done); + len = snprintf(filemon->msgbufr, + sizeof(filemon->msgbufr), "E %d %s\n", + p->p_pid, fullpath); - if ((ret = freebsd32_execve(td, uap)) == 0) { - if ((filemon = filemon_pid_check(curproc)) != NULL) { - len = snprintf(filemon->msgbufr, - sizeof(filemon->msgbufr), "E %d %s\n", - curproc->p_pid, fname); + filemon_output(filemon, filemon->msgbufr, len); - filemon_output(filemon, filemon->msgbufr, len); + /* Unlock the found filemon structure. */ + filemon_filemon_unlock(filemon); - /* Unlock the found filemon structure. */ - filemon_filemon_unlock(filemon); - } + free(freepath, M_TEMP); } - - return (ret); } -#endif static int filemon_wrapper_open(struct thread *td, struct open_args *uap) @@ -550,7 +523,6 @@ filemon_wrapper_install(void) #endif sv_table[SYS_chdir].sy_call = (sy_call_t *) filemon_wrapper_chdir; - sv_table[SYS_execve].sy_call = (sy_call_t *) filemon_wrapper_execve; sv_table[SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open; sv_table[SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat; sv_table[SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename; @@ -566,7 +538,6 @@ filemon_wrapper_install(void) sv_table = ia32_freebsd_sysvec.sv_table; sv_table[FREEBSD32_SYS_chdir].sy_call = (sy_call_t *) filemon_wrapper_chdir; - sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_execve; sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open; sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat; sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename; @@ -579,6 +550,8 @@ filemon_wrapper_install(void) #endif #endif /* COMPAT_ARCH32 */ + filemon_exec_tag = EVENTHANDLER_REGISTER(process_exec, + filemon_event_process_exec, NULL, EVENTHANDLER_PRI_LAST); filemon_exit_tag = EVENTHANDLER_REGISTER(process_exit, filemon_event_process_exit, NULL, EVENTHANDLER_PRI_LAST); filemon_fork_tag = EVENTHANDLER_REGISTER(process_fork, @@ -595,7 +568,6 @@ filemon_wrapper_deinstall(void) #endif sv_table[SYS_chdir].sy_call = (sy_call_t *)sys_chdir; - sv_table[SYS_execve].sy_call = (sy_call_t *)sys_execve; sv_table[SYS_open].sy_call = (sy_call_t *)sys_open; sv_table[SYS_openat].sy_call = (sy_call_t *)sys_openat; sv_table[SYS_rename].sy_call = (sy_call_t *)sys_rename; @@ -611,7 +583,6 @@ filemon_wrapper_deinstall(void) sv_table = ia32_freebsd_sysvec.sv_table; sv_table[FREEBSD32_SYS_chdir].sy_call = (sy_call_t *)sys_chdir; - sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *)freebsd32_execve; sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *)sys_open; sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *)sys_openat; sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *)sys_rename; @@ -624,6 +595,7 @@ filemon_wrapper_deinstall(void) #endif #endif /* COMPAT_ARCH32 */ + EVENTHANDLER_DEREGISTER(process_exec, filemon_exec_tag); EVENTHANDLER_DEREGISTER(process_exit, filemon_exit_tag); EVENTHANDLER_DEREGISTER(process_fork, filemon_fork_tag); } Modified: head/sys/modules/filemon/Makefile ============================================================================== --- head/sys/modules/filemon/Makefile Thu Jan 28 21:42:10 2016 (r295016) +++ head/sys/modules/filemon/Makefile Thu Jan 28 21:45:25 2016 (r295017) @@ -4,6 +4,6 @@ KMOD= filemon SRCS= ${KMOD}.c -SRCS+= opt_compat.h +SRCS+= opt_compat.h vnode_if.h .include