libclues
Linux C++ Tracing Library
Loading...
Searching...
No Matches
fs.cxx
1// clues
2#include <clues/logger.hxx>
3#include <clues/syscalls/fs.hxx>
4#include <clues/Tracee.hxx>
5
6namespace clues {
7
8void FcntlSystemCall::prepareNewSystemCall() {
9 /* drop all but the fixed initial two parameters */
10 m_pars.erase(m_pars.begin() + 2, m_pars.end());
11
12 // setup the default return value
13 result.emplace(item::SuccessResult{});
14 setReturnItem(*result);
15
16 /* args */
17 dup_lowest.reset();
18 fd_flags_arg.reset();
19 status_flags_arg.reset();
20 flock_arg.reset();
21 owner_arg.reset();
22 ext_owner_arg.reset();
23 io_signal_arg.reset();
24 lease_arg.reset();
25 dnotify_arg.reset();
26 pipe_size_arg.reset();
27 file_seals_arg.reset();
28 rw_hint_arg.reset();
29
30 /* retvals */
31 ret_dupfd.reset();
32 ret_fd_flags.reset();
33 ret_status_flags.reset();
34 ret_owner.reset();
35 ret_io_signal.reset();
36 ret_lease.reset();
37 ret_pipe_size.reset();
38 ret_seals.reset();
39}
40
41bool FcntlSystemCall::check2ndPass(const Tracee &) {
42 auto setExtraParameter = [this](auto &extra_par) {
43 addParameters(extra_par);
44 };
45 auto setNewReturnItem = [this](auto &new_ret) {
46 result.reset();
47 setReturnItem(new_ret);
48 };
49
50 using Oper = item::FcntlOperation::Oper;
51 switch (operation.operation()) {
52 case Oper::DUPFD: [[fallthrough]];
53 case Oper::DUPFD_CLOEXEC: {
54 dup_lowest.emplace(item::FileDescriptor{ItemType::PARAM_IN, item::AtSemantics{false},
55 "lowest_fd", "lowest dup file descriptor number"});
56 ret_dupfd.emplace(item::FileDescriptor{ItemType::RETVAL, item::AtSemantics{false},
57 "dupfd", "duplicated file descriptor"});
58 setNewReturnItem(*ret_dupfd);
59 setExtraParameter(*dup_lowest);
60 break;
61 } case Oper::GETFD: {
62 ret_fd_flags.emplace(item::FileDescFlagsValue{ItemType::RETVAL});
63 setNewReturnItem(*ret_fd_flags);
64 break;
65 } case Oper::SETFD: {
66 fd_flags_arg.emplace(item::FileDescFlagsValue{ItemType::PARAM_IN});
67 setExtraParameter(*fd_flags_arg);
68 break;
69 } case Oper::GETFL: {
70 ret_status_flags.emplace(item::OpenFlagsValue{ItemType::RETVAL});
71 setNewReturnItem(*ret_status_flags);
72 break;
73 } case Oper::SETFL: {
74 status_flags_arg.emplace(item::OpenFlagsValue{ItemType::PARAM_IN});
75 setExtraParameter(*status_flags_arg);
76 break;
77 } case Oper::SETLK: [[fallthrough]];
78 case Oper::SETLKW: [[fallthrough]];
79 case Oper::GETLK: [[fallthrough]];
80 case Oper::SETLK64: [[fallthrough]];
81 case Oper::SETLKW64: [[fallthrough]];
82 case Oper::GETLK64: [[fallthrough]];
83 case Oper::OFD_SETLK: [[fallthrough]];
84 case Oper::OFD_SETLKW: [[fallthrough]];
85 case Oper::OFD_GETLK: {
86 /*
87 * OFD locks and old style locks use the same API
88 * details
89 */
90 flock_arg.emplace(item::FLockParameter{});
91 setExtraParameter(*flock_arg);
92 break;
93 } case Oper::GETOWN: {
94 ret_owner.emplace(item::FileDescOwner{ItemType::RETVAL});
95 setNewReturnItem(*ret_owner);
96 break;
97 } case Oper::SETOWN: {
98 owner_arg.emplace(item::FileDescOwner{ItemType::PARAM_IN});
99 setExtraParameter(*owner_arg);
100 break;
101 } case Oper::GETOWN_EX: {
102 ext_owner_arg.emplace(item::ExtFileDescOwner{ItemType::PARAM_OUT});
103 setExtraParameter(*ext_owner_arg);
104 break;
105 } case Oper::SETOWN_EX: {
106 ext_owner_arg.emplace(item::ExtFileDescOwner{ItemType::PARAM_IN});
107 setExtraParameter(*ext_owner_arg);
108 break;
109 } case Oper::GETSIG: {
110 ret_io_signal.emplace(item::SignalNumber{ItemType::RETVAL});
111 setNewReturnItem(*ret_io_signal);
112 break;
113 } case Oper::SETSIG: {
114 io_signal_arg.emplace(item::SignalNumber{});
115 setExtraParameter(*io_signal_arg);
116 break;
117 } case Oper::GETLEASE: {
118 ret_lease.emplace(item::LeaseType{ItemType::RETVAL});
119 setNewReturnItem(*ret_lease);
120 break;
121 } case Oper::SETLEASE: {
122 lease_arg.emplace(item::LeaseType{ItemType::PARAM_IN});
123 setExtraParameter(*lease_arg);
124 break;
125 } case Oper::NOTIFY: {
126 dnotify_arg.emplace(item::DNotifySettings{});
127 setExtraParameter(*dnotify_arg);
128 break;
129 } case Oper::SETPIPE_SZ: {
130 pipe_size_arg.emplace(item::IntValue{"pipe size", "pipe buffer size"});
131 setExtraParameter(*pipe_size_arg);
132 /*
133 * SET and GET both return the current pipe size
134 */
135 [[fallthrough]];
136 } case Oper::GETPIPE_SZ: {
137 ret_pipe_size.emplace(item::IntValue{"pipe size", "pipe buffer size", ItemType::RETVAL});
138 setNewReturnItem(*ret_pipe_size);
139 break;
140 } case Oper::ADD_SEALS: {
141 file_seals_arg.emplace(item::FileSealSettings{ItemType::PARAM_IN});
142 setExtraParameter(*file_seals_arg);
143 break;
144 } case Oper::GET_SEALS: {
145 ret_seals.emplace(item::FileSealSettings{ItemType::RETVAL});
146 setNewReturnItem(*ret_seals);
147 break;
148 } case Oper::GET_RW_HINT: [[fallthrough]];
149 case Oper::GET_FILE_RW_HINT: {
150 rw_hint_arg.emplace(item::ReadWriteHint{ItemType::PARAM_OUT});
151 setExtraParameter(*rw_hint_arg);
152 break;
153 } case Oper::SET_RW_HINT: [[fallthrough]];
154 case Oper::SET_FILE_RW_HINT: {
155 rw_hint_arg.emplace(item::ReadWriteHint{ItemType::PARAM_IN});
156 setExtraParameter(*rw_hint_arg);
157 break;
158 } default: {
159 /* unknown operation? keep defaults */
160 break;
161 }
162 }
163
164 return true;
165}
166
167void FcntlSystemCall::updateFDTracking(const Tracee &proc) {
168 using enum item::FcntlOperation::Oper;
169
170 if (cosmos::in_list(operation.operation(), {DUPFD, DUPFD_CLOEXEC})) {
171 auto &info_map = proc.fdInfoMap();
172 if (auto it = info_map.find(fd.fd()); it != info_map.end()) {
173 auto info = it->second;
174 info.fd = ret_dupfd->fd();
175 trackFD(proc, std::move(info));
176 } else {
177 LOG_WARN("[" << cosmos::to_integral(proc.pid()) << "]"
178 << "Couldn't find dup source FD "
179 << cosmos::to_integral(fd.fd())
180 << " for tracking");
181 }
182 }
183}
184
185void OpenSystemCall::prepareNewSystemCall() {
186 m_pars.erase(m_pars.begin() + 2, m_pars.end());
187
188 mode.reset();
189}
190
191bool OpenSystemCall::check2ndPass(const Tracee &) {
192 using enum cosmos::OpenFlag;
193
194 if (const auto _flags = flags.flags(); _flags[CREATE] || _flags[TMPFILE]) {
195 mode.emplace(item::FileModeParameter{});
196 addParameters(*mode);
197 return true;
198 }
199
200 return false;
201}
202
203void OpenSystemCall::updateFDTracking(const Tracee &proc) {
204 FDInfo info{FDInfo::Type::FS_PATH, new_fd.fd()};
205 info.path = filename.str();
206 info.mode = flags.mode();
207 info.flags = flags.flags();
208 trackFD(proc, std::move(info));
209}
210
211void OpenAtSystemCall::prepareNewSystemCall() {
212 m_pars.erase(m_pars.begin() + 3, m_pars.end());
213 mode.reset();
214}
215
216bool OpenAtSystemCall::check2ndPass(const Tracee &) {
217 using enum cosmos::OpenFlag;
218
219 if (const auto _flags = flags.flags(); _flags[CREATE] || _flags[TMPFILE]) {
220 mode.emplace(item::FileModeParameter{});
221 addParameters(*mode);
222 return true;
223 }
224
225 return false;
226}
227
228void OpenAtSystemCall::updateFDTracking(const Tracee &proc) {
229 FDInfo info{FDInfo::Type::FS_PATH, new_fd.fd()};
230 info.path = filename.str();
231 info.mode = flags.mode();
232 info.flags = flags.flags();
233 trackFD(proc, std::move(info));
234}
235
236void CloseSystemCall::updateFDTracking(const Tracee &proc) {
237 dropFD(proc, fd.fd());
238}
239
240} // end ns
clues::SystemCall::setReturnItem
void setReturnItem(SystemCallItem &ret)
Sets the return value system call item.
Definition SystemCall.hxx:151
clues::SystemCall::m_pars
ParameterVector m_pars
The array of system call parameters, if any.
Definition SystemCall.hxx:226
clues::Tracee
Base class for traced processes.
Definition Tracee.hxx:39
clues::Tracee::fdInfoMap
const FDInfoMap & fdInfoMap() const
Provides access to the current knowledge about file descriptors in the tracee.
Definition Tracee.hxx:87
clues::item::DNotifySettings
The value used with F_NOTIFY fcntl() operations.
Definition fcntl.hxx:238
clues::item::ExtFileDescOwner
The structure used with the F_GETOWN_EX and F_SETOWN_EX fcntl() operations.
Definition fcntl.hxx:191
clues::item::FLockParameter
Corresponds to struct flock Used with fcntl() F_*LK operations.
Definition fcntl.hxx:117
clues::item::FcntlOperation::Oper
Oper
All possible arguments for the op parameter to fcntl(2).
Definition fcntl.hxx:26
clues::item::FileDescOwner
The value used with the F_GETOWN and F_SETOWN fcntl() operations.
Definition fcntl.hxx:154
clues::item::FileDescriptor
Base class for file descriptor system call items.
Definition fs.hxx:28
clues::item::FileModeParameter
File access mode passed e.g. to open(), chmod().
Definition fs.hxx:164
clues::item::FileSealSettings
The enum value used with file seal operations in the fcntl() system call.
Definition fcntl.hxx:277
clues::item::LeaseType
The value used with F_GETLEASE and F_SETLEASE fcntl() operations.
Definition fcntl.hxx:214
clues::item::OpenFlagsValue
The flags passed to calls like open().
Definition fs.hxx:76
clues::item::ReadWriteHint
The read/write hint value used with R/W hint operations in the fcntl() system call.
Definition fcntl.hxx:309
clues::item::SignalNumber
A signal number specification.
Definition signal.hxx:51
clues::item::SuccessResult
An always-success return value.
Definition error.hxx:15
clues::ItemType::PARAM_OUT
@ PARAM_OUT
An output parameter filled by in by the system call.
Definition SystemCallItem.hxx:23
clues::ItemType::PARAM_IN
@ PARAM_IN
An input parameter to the system call.
Definition SystemCallItem.hxx:22
clues::ItemType::RETVAL
@ RETVAL
A system call return value.
Definition SystemCallItem.hxx:25
clues::CloseSystemCall::updateFDTracking
void updateFDTracking(const Tracee &) override
Update file descriptor tracking.
Definition fs.cxx:236
clues::FDInfo
Contextual information about a file descriptor in a Tracee.
Definition types.hxx:75
clues::FDInfo::Type::FS_PATH
@ FS_PATH
a path opened on the file system (this can still be a device special file, named pipe,...
Definition types.hxx:88
clues::FDInfo::path
std::string path
path to the file, if applicable
Definition types.hxx:119
clues::FcntlSystemCall::dup_lowest
std::optional< item::FileDescriptor > dup_lowest
for DUPFD, DUPFD_CLOEXEC
Definition fs.hxx:71
clues::FcntlSystemCall::pipe_size_arg
std::optional< item::IntValue > pipe_size_arg
for SETPIPE_SZ
Definition fs.hxx:80
clues::FcntlSystemCall::check2ndPass
bool check2ndPass(const Tracee &) override
Check whether a second pass needs to be made processing parameters.
Definition fs.cxx:41
clues::FcntlSystemCall::ret_status_flags
std::optional< item::OpenFlagsValue > ret_status_flags
for GETFL
Definition fs.hxx:88
clues::FcntlSystemCall::ret_fd_flags
std::optional< item::FileDescFlagsValue > ret_fd_flags
for GETFD
Definition fs.hxx:87
clues::FcntlSystemCall::fd_flags_arg
std::optional< item::FileDescFlagsValue > fd_flags_arg
for SETFD
Definition fs.hxx:72
clues::FcntlSystemCall::prepareNewSystemCall
void prepareNewSystemCall() override
Perform any necessary actions before processing a new system call entry event.
Definition fs.cxx:8
clues::FcntlSystemCall::result
std::optional< item::SuccessResult > result
for all other cases
Definition fs.hxx:85
clues::FcntlSystemCall::owner_arg
std::optional< item::FileDescOwner > owner_arg
for SETOWN
Definition fs.hxx:75
clues::FcntlSystemCall::ret_lease
std::optional< item::LeaseType > ret_lease
for GETLEASE
Definition fs.hxx:91
clues::FcntlSystemCall::ret_pipe_size
std::optional< item::IntValue > ret_pipe_size
for GETPIPE_SZ, SETPIPE_SZ
Definition fs.hxx:92
clues::FcntlSystemCall::ret_dupfd
std::optional< item::FileDescriptor > ret_dupfd
for DUPFD, DUPFD_CLOEXEC
Definition fs.hxx:86
clues::FcntlSystemCall::rw_hint_arg
std::optional< item::ReadWriteHint > rw_hint_arg
for {GET,SET}_[FILE]_RW_HINT
Definition fs.hxx:82
clues::FcntlSystemCall::flock_arg
std::optional< item::FLockParameter > flock_arg
for F_SETLK, F_SETLKW, F_GETLK
Definition fs.hxx:74
clues::FcntlSystemCall::ret_owner
std::optional< item::FileDescOwner > ret_owner
for GET_OWNER
Definition fs.hxx:89
clues::FcntlSystemCall::dnotify_arg
std::optional< item::DNotifySettings > dnotify_arg
for NOTIFY
Definition fs.hxx:79
clues::FcntlSystemCall::file_seals_arg
std::optional< item::FileSealSettings > file_seals_arg
for ADD_SEALS
Definition fs.hxx:81
clues::FcntlSystemCall::io_signal_arg
std::optional< item::SignalNumber > io_signal_arg
for SETSIG
Definition fs.hxx:77
clues::FcntlSystemCall::ret_io_signal
std::optional< item::SignalNumber > ret_io_signal
for GETSIG
Definition fs.hxx:90
clues::FcntlSystemCall::ret_seals
std::optional< item::FileSealSettings > ret_seals
for GET_SEALS
Definition fs.hxx:93
clues::FcntlSystemCall::updateFDTracking
void updateFDTracking(const Tracee &proc) override
Update file descriptor tracking.
Definition fs.cxx:167
clues::FcntlSystemCall::ext_owner_arg
std::optional< item::ExtFileDescOwner > ext_owner_arg
for SETOWN_EX, GETOWN_EX
Definition fs.hxx:76
clues::FcntlSystemCall::status_flags_arg
std::optional< item::OpenFlagsValue > status_flags_arg
for SETFL
Definition fs.hxx:73
clues::FcntlSystemCall::lease_arg
std::optional< item::LeaseType > lease_arg
for SETLEASE
Definition fs.hxx:78
clues::OpenAtSystemCall::check2ndPass
bool check2ndPass(const Tracee &) override
Check whether a second pass needs to be made processing parameters.
Definition fs.cxx:216
clues::OpenAtSystemCall::updateFDTracking
void updateFDTracking(const Tracee &) override
Update file descriptor tracking.
Definition fs.cxx:228
clues::OpenAtSystemCall::prepareNewSystemCall
void prepareNewSystemCall() override
Perform any necessary actions before processing a new system call entry event.
Definition fs.cxx:211
clues::OpenSystemCall::updateFDTracking
void updateFDTracking(const Tracee &) override
Update file descriptor tracking.
Definition fs.cxx:203
clues::OpenSystemCall::check2ndPass
bool check2ndPass(const Tracee &) override
Check whether a second pass needs to be made processing parameters.
Definition fs.cxx:191
clues::OpenSystemCall::prepareNewSystemCall
void prepareNewSystemCall() override
Perform any necessary actions before processing a new system call entry event.
Definition fs.cxx:185
clues::item::FileDescFlagsValue
Flags used with fcntl() to set and get file descriptor flags.
Definition fcntl.hxx:95