/*
* AUTOFILLER
* In simple cases in which extracting an event is just a matter of moving the
* arguments to the buffer, this filler can be used instead of writing a
* filler function.
* The arguments to extract are be specified in g_ppm_events.
*/
int f_sys_autofill(struct event_filler_arguments *args, const struct ppm_event_entry *evinfo)
{
int res;
unsigned long val;
u32 j;
int64_t retval;
ASSERT(evinfo->n_autofill_args <= PPM_MAX_AUTOFILL_ARGS);
for (j = 0; j < evinfo->n_autofill_args; j++) {
if (evinfo->autofill_args[j].id >= 0) {
#ifndef __NR_socketcall
/*
* Regular argument
*/
syscall_get_arguments(current,
args->regs,
evinfo->autofill_args[j].id,
1,
&val);
#else
if (evinfo->paramtype == APT_SOCK) {
val = args->socketcall_args[evinfo->autofill_args[j].id];
} else {
/*
* Regular argument
*/
syscall_get_arguments(current,
args->regs,
evinfo->autofill_args[j].id,
1,
&val);
}
#endif
res = val_to_ring(args, val, 0, true);
if (unlikely(res != PPM_SUCCESS))
return res;
} else if (evinfo->autofill_args[j].id == AF_ID_RETVAL) {
/*
* Return value
*/
retval = (int64_t)(long)syscall_get_return_value(current, args->regs);
res = val_to_ring(args, retval, 0, false);
if (unlikely(res != PPM_SUCCESS))
return res;
} else if (evinfo->autofill_args[j].id == AF_ID_USEDEFAULT) {
/*
* Default Value
*/
res = val_to_ring(args, evinfo->autofill_args[j].default_val, 0, false);
if (unlikely(res != PPM_SUCCESS))
return res;
} else {
ASSERT(false);
}
}
return add_sentinel(args);
}
/*
* Parses the list of buffers of a xreadv or xwritev call, and pushes the size
* (and optionally the data) to the ring.
*/
int32_t parse_readv_writev_bufs(struct event_filler_arguments *args, const struct iovec __user *iovsrc, unsigned long iovcnt, int64_t retval, int flags)
{
int32_t res;
const struct iovec *iov;
u32 copylen;
u32 j;
uint64_t size = 0;
unsigned long bufsize;
char *targetbuf = args->str_storage;
copylen = iovcnt * sizeof(struct iovec);
if (unlikely(copylen >= STR_STORAGE_SIZE))
return PPM_FAILURE_BUFFER_FULL;
if (unlikely(ppm_copy_from_user(targetbuf, iovsrc, copylen)))
return PPM_FAILURE_INVALID_USER_MEMORY;
iov = (const struct iovec *)targetbuf;
/*
* Size
*/
if (flags & PRB_FLAG_PUSH_SIZE) {
for (j = 0; j < iovcnt; j++)
size += iov[j].iov_len;
res = val_to_ring(args, size, 0, false, 0);
if (unlikely(res != PPM_SUCCESS))
return res;
}
/*
* data
* NOTE: for the moment, we limit our data copy to the first buffer.
* We assume that in the vast majority of the cases g_snaplen is much smaller
* than iov[0].iov_len, and therefore we don't bother complicvating the code.
*/
if (flags & PRB_FLAG_PUSH_DATA) {
if (retval > 0 && iovcnt > 0) {
bufsize = min_t(int64_t, retval, (int64_t)iov[0].iov_len);
res = val_to_ring(args,
(unsigned long)iov[0].iov_base,
min(bufsize, (unsigned long)g_snaplen),
true,
0);
if (unlikely(res != PPM_SUCCESS))
return res;
} else {
res = val_to_ring(args, 0, 0, false, 0);
if (unlikely(res != PPM_SUCCESS))
return res;
}
}
return PPM_SUCCESS;
}
/*
* Parses the list of buffers of a xreadv or xwritev call, and pushes the size
* (and optionally the data) to the ring.
*/
int32_t compat_parse_readv_writev_bufs(struct event_filler_arguments *args, const struct compat_iovec __user *iovsrc, unsigned long iovcnt, int64_t retval, int flags)
{
int32_t res;
const struct compat_iovec *iov;
u32 copylen;
u32 j;
u64 size = 0;
unsigned long bufsize;
char *targetbuf = args->str_storage;
u32 targetbuflen = STR_STORAGE_SIZE;
unsigned long val;
u32 notcopied_len;
compat_size_t tocopy_len;
copylen = iovcnt * sizeof(struct compat_iovec);
if (unlikely(copylen >= STR_STORAGE_SIZE))
return PPM_FAILURE_BUFFER_FULL;
if (unlikely(ppm_copy_from_user(args->str_storage, iovsrc, copylen)))
return PPM_FAILURE_INVALID_USER_MEMORY;
iov = (const struct compat_iovec *)(args->str_storage);
targetbuf += copylen;
targetbuflen -= copylen;
/*
* Size
*/
if (flags & PRB_FLAG_PUSH_SIZE) {
for (j = 0; j < iovcnt; j++)
size += iov[j].iov_len;
/*
* Size is the total size of the buffers provided by the user. The number of
* received bytes can be smaller
*/
if ((flags & PRB_FLAG_IS_WRITE) == 0)
if (size > retval)
size = retval;
res = val_to_ring(args, size, 0, false, 0);
if (unlikely(res != PPM_SUCCESS))
return res;
}
/*
* data
*/
if (flags & PRB_FLAG_PUSH_DATA) {
if (retval > 0 && iovcnt > 0) {
/*
* Retrieve the FD. It will be used for dynamic snaplen calculation.
*/
syscall_get_arguments(current, args->regs, 0, 1, &val);
args->fd = (int)val;
/*
* Merge the buffers
*/
bufsize = 0;
for (j = 0; j < iovcnt; j++) {
if ((flags & PRB_FLAG_IS_WRITE) == 0) {
if (bufsize >= retval) {
ASSERT(bufsize >= retval);
/*
* Copied all the data even if we haven't reached the
* end of the buffer.
* Copy must stop here.
*/
break;
}
tocopy_len = min(iov[j].iov_len, (compat_size_t)((size_t)retval - bufsize));
tocopy_len = min(tocopy_len, (compat_size_t)(targetbuflen - bufsize - 1));
} else {
tocopy_len = min(iov[j].iov_len, (compat_size_t)(targetbuflen - bufsize - 1));
}
notcopied_len = (int)ppm_copy_from_user(targetbuf + bufsize,
compat_ptr(iov[j].iov_base),
tocopy_len);
if (unlikely(notcopied_len != 0)) {
/*
* This means we had a page fault. Skip this event.
*/
return PPM_FAILURE_INVALID_USER_MEMORY;
}
bufsize += tocopy_len;
if (tocopy_len != iov[j].iov_len) {
/*
* No space left in the args->str_storage buffer.
* Copy must stop here.
*/
break;
}
}
args->enforce_snaplen = true;
res = val_to_ring(args,
(unsigned long)targetbuf,
bufsize,
false,
0);
if (unlikely(res != PPM_SUCCESS))
return res;
} else {
res = val_to_ring(args, 0, 0, false, 0);
if (unlikely(res != PPM_SUCCESS))
return res;
}
}
return PPM_SUCCESS;
}
