1*287e80b3SSadaf Ebrahimilibtracefs(3) 2*287e80b3SSadaf Ebrahimi============= 3*287e80b3SSadaf Ebrahimi 4*287e80b3SSadaf EbrahimiNAME 5*287e80b3SSadaf Ebrahimi---- 6*287e80b3SSadaf Ebrahimitracefs_dynevent_create, tracefs_dynevent_destroy, tracefs_dynevent_destroy_all, 7*287e80b3SSadaf Ebrahimitracefs_dynevent_free, tracefs_dynevent_list_free, tracefs_dynevent_get, tracefs_dynevent_get_all, 8*287e80b3SSadaf Ebrahimitracefs_dynevent_info, tracefs_dynevent_get_event - Create, destroy, free and get dynamic events. 9*287e80b3SSadaf Ebrahimi 10*287e80b3SSadaf EbrahimiSYNOPSIS 11*287e80b3SSadaf Ebrahimi-------- 12*287e80b3SSadaf Ebrahimi[verse] 13*287e80b3SSadaf Ebrahimi-- 14*287e80b3SSadaf Ebrahimi*#include <tracefs.h>* 15*287e80b3SSadaf Ebrahimi 16*287e80b3SSadaf Ebrahimistruct *tracefs_dynevent*; 17*287e80b3SSadaf Ebrahimienum *tracefs_dynevent_type*; 18*287e80b3SSadaf Ebrahimiint *tracefs_dynevent_create*(struct tracefs_dynevent pass:[*]_devent_); 19*287e80b3SSadaf Ebrahimiint *tracefs_dynevent_destroy*(struct tracefs_dynevent pass:[*]_devent_, bool _force_); 20*287e80b3SSadaf Ebrahimiint *tracefs_dynevent_destroy_all*(unsigned int _types_, bool _force_); 21*287e80b3SSadaf Ebrahimivoid *tracefs_dynevent_free*(struct tracefs_dynevent pass:[*]_devent_); 22*287e80b3SSadaf Ebrahimivoid *tracefs_dynevent_list_free*(struct tracefs_dynevent pass:[*]pass:[*]_events_); 23*287e80b3SSadaf Ebrahimistruct tracefs_dynevent pass:[*]*tracefs_dynevent_get*(enum tracefs_dynevent_type _type_, const char pass:[*]_system_, const char pass:[*]_event_); 24*287e80b3SSadaf Ebrahimistruct tracefs_dynevent pass:[*]pass:[*]*tracefs_dynevent_get_all*(unsigned int _types_, const char pass:[*]_system_); 25*287e80b3SSadaf Ebrahimienum tracefs_dynevent_type *tracefs_dynevent_info*(struct tracefs_dynevent pass:[*]_dynevent_, char pass:[*]pass:[*]_system_, char pass:[*]pass:[*]_event_, char pass:[*]pass:[*]_prefix_, char pass:[*]pass:[*]_addr_, char pass:[*]pass:[*]_format_); 26*287e80b3SSadaf Ebrahimistruct tep_event pass:[*]*tracefs_dynevent_get_event*(struct tep_handle pass:[*]_tep_, struct tracefs_dynevent pass:[*]_dynevent_); 27*287e80b3SSadaf Ebrahimi-- 28*287e80b3SSadaf Ebrahimi 29*287e80b3SSadaf EbrahimiDESCRIPTION 30*287e80b3SSadaf Ebrahimi----------- 31*287e80b3SSadaf Ebrahimi 32*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_create*() function creates dynamic event _devent_ in the system. 33*287e80b3SSadaf Ebrahimi 34*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_destroy*() function removes dynamic event _devent_ from the system. If _force_ 35*287e80b3SSadaf Ebrahimiis true, the function will attempt to disable all events in all trace instances, before removing 36*287e80b3SSadaf Ebrahimithe dynamic event. The _devent_ context is not freed, use *tracefs_dynevent_free*() to free it. 37*287e80b3SSadaf Ebrahimi 38*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_destroy_all*() function removes all dynamic events of given types from the 39*287e80b3SSadaf Ebrahimisystem. The _types_ parameter is a type of specific dynamic event, or a bitmask of dynamic events 40*287e80b3SSadaf Ebrahimitypes *tracefs_dynevent_type*, that will be removed. If _types_ is 0, dynamic events from all types 41*287e80b3SSadaf Ebrahimiwill be removed. If _force_ is true, the function will attempt to disable all events in all trace 42*287e80b3SSadaf Ebrahimiinstances, before removing the dynamic events. 43*287e80b3SSadaf Ebrahimi 44*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_get*() function allocates and returns a single instance of a dynamic 45*287e80b3SSadaf Ebrahimievent that matches the given *type*, *system* and *event* that is passed to it. NULL is returned 46*287e80b3SSadaf Ebrahimiif there is no match. The returned event is what is found in the system, and must be freed 47*287e80b3SSadaf Ebrahimiwith *tracefs_dynevent_free*(). If *system* is NULL, then the first *event* of any system 48*287e80b3SSadaf Ebrahimiof the given type that has the name of *event* will be returned. 49*287e80b3SSadaf Ebrahimi 50*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_get_all*() function allocates and returns an array of pointers to dynamic 51*287e80b3SSadaf Ebrahimievents of given types that exist in the system. The last element of the array is a NULL pointer. 52*287e80b3SSadaf EbrahimiThe array must be freed with *tracefs_dynevent_list_free*(). If there are no events a NULL pointer is 53*287e80b3SSadaf Ebrahimireturned. The _types_ parameter is a type of specific dynamic event, or a bitmask of dynamic events 54*287e80b3SSadaf Ebrahimitypes *tracefs_dynevent_type*, that will be retrieved. If _types_ is 0, dynamic events from all 55*287e80b3SSadaf Ebrahimitypes will be retrieved. 56*287e80b3SSadaf Ebrahimi 57*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_free*() function frees a dynamic event context _devent_. 58*287e80b3SSadaf Ebrahimi 59*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_list_free*() function frees an array of pointers to dynamic event, returned 60*287e80b3SSadaf Ebrahimiby *tracefs_dynevent_get_all()* API. 61*287e80b3SSadaf Ebrahimi 62*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_info*() function returns the type and information of a given dynamic event 63*287e80b3SSadaf Ebrahimi_dynevent_. If any of the _system_, _event_, _prefix_, _addr_ or _format_ arguments are not NULL, 64*287e80b3SSadaf Ebrahimithen strings are allocated and returned back via these arguments. The _system_ and _event_ holds the 65*287e80b3SSadaf Ebrahimisystem and the name of the dynamic event. If _prefix_ is non NULL, then it will hold an allocated 66*287e80b3SSadaf Ebrahimistring that holds the prefix portion of the dynamic event (the content up to the ":", exluding it). 67*287e80b3SSadaf EbrahimiIf _addr_ is non NULL, it will hold the address or function that the dynamic event is attached to, 68*287e80b3SSadaf Ebrahimiif relevant for this event type. If _format_ is non NULL, it will hold the format string of the 69*287e80b3SSadaf Ebrahimidynamic event. Note, that the content in _group_, _event_, _prefix_, _addr_, and _format_ must be 70*287e80b3SSadaf Ebrahimifreed with free(3) if they are set. 71*287e80b3SSadaf Ebrahimi 72*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_get_event*() function returns a tep event, describing the given dynamic event. 73*287e80b3SSadaf EbrahimiThe API detects any newly created or removed dynamic events. The returned pointer to tep event is 74*287e80b3SSadaf Ebrahimicontrolled by @tep and must not be freed. 75*287e80b3SSadaf Ebrahimi 76*287e80b3SSadaf EbrahimiRETURN VALUE 77*287e80b3SSadaf Ebrahimi------------ 78*287e80b3SSadaf Ebrahimi 79*287e80b3SSadaf Ebrahimi*tracefs_dynevent_create*() returns 0 on success, or -1 on error. If a parsing error occurs then 80*287e80b3SSadaf Ebrahimi*tracefs_error_last*(3) may be used to retrieve the error message explaining the parsing issue. 81*287e80b3SSadaf Ebrahimi 82*287e80b3SSadaf Ebrahimi*tracefs_dynevent_destroy*() and *tracefs_dynevent_destroy_all*() return 0 on success, or -1 on 83*287e80b3SSadaf Ebrahimierror. If _force_ is enabled, the functions may fail on disabling the events. 84*287e80b3SSadaf Ebrahimi 85*287e80b3SSadaf Ebrahimi*tracefs_dynevent_get*() function returns an allocated dynamic event from the system that matches 86*287e80b3SSadaf Ebrahimithe type, system and event given. 87*287e80b3SSadaf Ebrahimi 88*287e80b3SSadaf Ebrahimi*tracefs_dynevent_get_all*() function returns allocated array of pointers to dynamic events, or NULL 89*287e80b3SSadaf Ebrahimiin case of an error or in case there are no events in the system. That array must be freed by 90*287e80b3SSadaf Ebrahimi*tracefs_dynevent_list_free*(). 91*287e80b3SSadaf Ebrahimi 92*287e80b3SSadaf Ebrahimi*tracefs_dynevent_info*() returns the type of the given dynamic event or TRACEFS_DYNEVENT_UNKNOWN 93*287e80b3SSadaf Ebrahimion error. If _system_, _event_, _prefix_, _addr_, or _format_ are non NULL, they will contain 94*287e80b3SSadaf Ebrahimiallocated strings that must be freed by free(3). 95*287e80b3SSadaf Ebrahimi 96*287e80b3SSadaf EbrahimiThe *tracefs_dynevent_get_event*() function returns a pointer to a tep event or NULL in case of an 97*287e80b3SSadaf Ebrahimierror or if the requested dynamic event is missing. The returned pointer to tep event is controlled 98*287e80b3SSadaf Ebrahimiby @tep and must not be freed. 99*287e80b3SSadaf Ebrahimi 100*287e80b3SSadaf EbrahimiERRORS 101*287e80b3SSadaf Ebrahimi------ 102*287e80b3SSadaf EbrahimiThe following errors are for all the above calls: 103*287e80b3SSadaf Ebrahimi 104*287e80b3SSadaf Ebrahimi*ENODEV* dynamic events of requested type are not configured for the running kernel. 105*287e80b3SSadaf Ebrahimi 106*287e80b3SSadaf Ebrahimi*ENOMEM* Memory allocation error. 107*287e80b3SSadaf Ebrahimi 108*287e80b3SSadaf Ebrahimi*tracefs_dynevent_create*() can fail with the following errors: 109*287e80b3SSadaf Ebrahimi 110*287e80b3SSadaf Ebrahimi*EINVAL* Most likely a parsing error occurred (use *tracefs_error_last*(3) to possibly 111*287e80b3SSadaf Ebrahimi see what that error was). 112*287e80b3SSadaf Ebrahimi 113*287e80b3SSadaf EbrahimiOther errors may also happen caused by internal system calls. 114*287e80b3SSadaf Ebrahimi 115*287e80b3SSadaf EbrahimiEXAMPLE 116*287e80b3SSadaf Ebrahimi------- 117*287e80b3SSadaf Ebrahimi[source,c] 118*287e80b3SSadaf Ebrahimi-- 119*287e80b3SSadaf Ebrahimi#include <stdlib.h> 120*287e80b3SSadaf Ebrahimi#include <unistd.h> 121*287e80b3SSadaf Ebrahimi#include <sys/wait.h> 122*287e80b3SSadaf Ebrahimi 123*287e80b3SSadaf Ebrahimi#include <tracefs.h> 124*287e80b3SSadaf Ebrahimi 125*287e80b3SSadaf Ebrahimistatic struct tep_event *open_event; 126*287e80b3SSadaf Ebrahimistatic struct tep_format_field *file_field; 127*287e80b3SSadaf Ebrahimi 128*287e80b3SSadaf Ebrahimistatic struct tep_event *openret_event; 129*287e80b3SSadaf Ebrahimistatic struct tep_format_field *ret_field; 130*287e80b3SSadaf Ebrahimi 131*287e80b3SSadaf Ebrahimistatic int callback(struct tep_event *event, struct tep_record *record, 132*287e80b3SSadaf Ebrahimi int cpu, void *data) 133*287e80b3SSadaf Ebrahimi{ 134*287e80b3SSadaf Ebrahimi struct trace_seq seq; 135*287e80b3SSadaf Ebrahimi 136*287e80b3SSadaf Ebrahimi trace_seq_init(&seq); 137*287e80b3SSadaf Ebrahimi tep_print_event(event->tep, &seq, record, "%d-%s: ", TEP_PRINT_PID, TEP_PRINT_COMM); 138*287e80b3SSadaf Ebrahimi 139*287e80b3SSadaf Ebrahimi if (event->id == open_event->id) { 140*287e80b3SSadaf Ebrahimi trace_seq_puts(&seq, "open file='"); 141*287e80b3SSadaf Ebrahimi tep_print_field(&seq, record->data, file_field); 142*287e80b3SSadaf Ebrahimi trace_seq_puts(&seq, "'\n"); 143*287e80b3SSadaf Ebrahimi } else if (event->id == openret_event->id) { 144*287e80b3SSadaf Ebrahimi unsigned long long ret; 145*287e80b3SSadaf Ebrahimi tep_read_number_field(ret_field, record->data, &ret); 146*287e80b3SSadaf Ebrahimi trace_seq_printf(&seq, "open ret=%lld\n", ret); 147*287e80b3SSadaf Ebrahimi } else { 148*287e80b3SSadaf Ebrahimi goto out; 149*287e80b3SSadaf Ebrahimi } 150*287e80b3SSadaf Ebrahimi 151*287e80b3SSadaf Ebrahimi trace_seq_terminate(&seq); 152*287e80b3SSadaf Ebrahimi trace_seq_do_printf(&seq); 153*287e80b3SSadaf Ebrahimiout: 154*287e80b3SSadaf Ebrahimi trace_seq_destroy(&seq); 155*287e80b3SSadaf Ebrahimi 156*287e80b3SSadaf Ebrahimi return 0; 157*287e80b3SSadaf Ebrahimi} 158*287e80b3SSadaf Ebrahimi 159*287e80b3SSadaf Ebrahimistatic pid_t run_exec(char **argv, char **env) 160*287e80b3SSadaf Ebrahimi{ 161*287e80b3SSadaf Ebrahimi pid_t pid; 162*287e80b3SSadaf Ebrahimi 163*287e80b3SSadaf Ebrahimi pid = fork(); 164*287e80b3SSadaf Ebrahimi if (pid) 165*287e80b3SSadaf Ebrahimi return pid; 166*287e80b3SSadaf Ebrahimi 167*287e80b3SSadaf Ebrahimi execve(argv[0], argv, env); 168*287e80b3SSadaf Ebrahimi perror("exec"); 169*287e80b3SSadaf Ebrahimi exit(-1); 170*287e80b3SSadaf Ebrahimi} 171*287e80b3SSadaf Ebrahimi 172*287e80b3SSadaf Ebrahimiconst char *mykprobe = "my_kprobes"; 173*287e80b3SSadaf Ebrahimi 174*287e80b3SSadaf Ebrahimiint main (int argc, char **argv, char **env) 175*287e80b3SSadaf Ebrahimi{ 176*287e80b3SSadaf Ebrahimi struct tracefs_dynevent *kprobe, *kretprobe; 177*287e80b3SSadaf Ebrahimi const char *sysnames[] = { mykprobe, NULL }; 178*287e80b3SSadaf Ebrahimi struct tracefs_instance *instance; 179*287e80b3SSadaf Ebrahimi struct tep_handle *tep; 180*287e80b3SSadaf Ebrahimi pid_t pid; 181*287e80b3SSadaf Ebrahimi 182*287e80b3SSadaf Ebrahimi if (argc < 2) { 183*287e80b3SSadaf Ebrahimi printf("usage: %s command\n", argv[0]); 184*287e80b3SSadaf Ebrahimi exit(-1); 185*287e80b3SSadaf Ebrahimi } 186*287e80b3SSadaf Ebrahimi 187*287e80b3SSadaf Ebrahimi instance = tracefs_instance_create("exec_open"); 188*287e80b3SSadaf Ebrahimi if (!instance) { 189*287e80b3SSadaf Ebrahimi perror("creating instance"); 190*287e80b3SSadaf Ebrahimi exit(-1); 191*287e80b3SSadaf Ebrahimi } 192*287e80b3SSadaf Ebrahimi 193*287e80b3SSadaf Ebrahimi tracefs_dynevent_destroy_all(TRACEFS_DYNEVENT_KPROBE | TRACEFS_DYNEVENT_KRETPROBE, true); 194*287e80b3SSadaf Ebrahimi 195*287e80b3SSadaf Ebrahimi kprobe = tracefs_kprobe_alloc(mykprobe, "open", "do_sys_openat2", 196*287e80b3SSadaf Ebrahimi "file=+0($arg2):ustring flags=+0($arg3):x64 mode=+8($arg3):x64\n"); 197*287e80b3SSadaf Ebrahimi kretprobe = tracefs_kretprobe_alloc(mykprobe, "openret", "do_sys_openat2", "ret=%ax", 0); 198*287e80b3SSadaf Ebrahimi if (!kprobe || !kretprobe) { 199*287e80b3SSadaf Ebrahimi perror("allocating dynamic events"); 200*287e80b3SSadaf Ebrahimi exit(-1); 201*287e80b3SSadaf Ebrahimi } 202*287e80b3SSadaf Ebrahimi 203*287e80b3SSadaf Ebrahimi if (tracefs_dynevent_create(kprobe) || tracefs_dynevent_create(kretprobe)){ 204*287e80b3SSadaf Ebrahimi char *err = tracefs_error_last(NULL); 205*287e80b3SSadaf Ebrahimi perror("Failed to create kprobes:"); 206*287e80b3SSadaf Ebrahimi if (err && strlen(err)) 207*287e80b3SSadaf Ebrahimi fprintf(stderr, "%s\n", err); 208*287e80b3SSadaf Ebrahimi exit(-1); 209*287e80b3SSadaf Ebrahimi } 210*287e80b3SSadaf Ebrahimi 211*287e80b3SSadaf Ebrahimi tep = tracefs_local_events_system(NULL, sysnames); 212*287e80b3SSadaf Ebrahimi if (!tep) { 213*287e80b3SSadaf Ebrahimi perror("reading events"); 214*287e80b3SSadaf Ebrahimi exit(-1); 215*287e80b3SSadaf Ebrahimi } 216*287e80b3SSadaf Ebrahimi open_event = tep_find_event_by_name(tep, mykprobe, "open"); 217*287e80b3SSadaf Ebrahimi file_field = tep_find_field(open_event, "file"); 218*287e80b3SSadaf Ebrahimi 219*287e80b3SSadaf Ebrahimi openret_event = tep_find_event_by_name(tep, mykprobe, "openret"); 220*287e80b3SSadaf Ebrahimi ret_field = tep_find_field(openret_event, "ret"); 221*287e80b3SSadaf Ebrahimi 222*287e80b3SSadaf Ebrahimi tracefs_event_enable(instance, mykprobe, NULL); 223*287e80b3SSadaf Ebrahimi pid = run_exec(&argv[1], env); 224*287e80b3SSadaf Ebrahimi 225*287e80b3SSadaf Ebrahimi /* Let the child start to run */ 226*287e80b3SSadaf Ebrahimi sched_yield(); 227*287e80b3SSadaf Ebrahimi 228*287e80b3SSadaf Ebrahimi do { 229*287e80b3SSadaf Ebrahimi tracefs_load_cmdlines(NULL, tep); 230*287e80b3SSadaf Ebrahimi tracefs_iterate_raw_events(tep, instance, NULL, 0, callback, NULL); 231*287e80b3SSadaf Ebrahimi } while (waitpid(pid, NULL, WNOHANG) != pid); 232*287e80b3SSadaf Ebrahimi 233*287e80b3SSadaf Ebrahimi /* Will disable the events */ 234*287e80b3SSadaf Ebrahimi tracefs_dynevent_destroy_all(TRACEFS_DYNEVENT_KPROBE | TRACEFS_DYNEVENT_KRETPROBE, true); 235*287e80b3SSadaf Ebrahimi tracefs_dynevent_free(kprobe); 236*287e80b3SSadaf Ebrahimi tracefs_dynevent_free(kretprobe); 237*287e80b3SSadaf Ebrahimi tracefs_instance_destroy(instance); 238*287e80b3SSadaf Ebrahimi tep_free(tep); 239*287e80b3SSadaf Ebrahimi 240*287e80b3SSadaf Ebrahimi return 0; 241*287e80b3SSadaf Ebrahimi} 242*287e80b3SSadaf Ebrahimi-- 243*287e80b3SSadaf Ebrahimi 244*287e80b3SSadaf EbrahimiFILES 245*287e80b3SSadaf Ebrahimi----- 246*287e80b3SSadaf Ebrahimi[verse] 247*287e80b3SSadaf Ebrahimi-- 248*287e80b3SSadaf Ebrahimi*tracefs.h* 249*287e80b3SSadaf Ebrahimi Header file to include in order to have access to the library APIs. 250*287e80b3SSadaf Ebrahimi*-ltracefs* 251*287e80b3SSadaf Ebrahimi Linker switch to add when building a program that uses the library. 252*287e80b3SSadaf Ebrahimi-- 253*287e80b3SSadaf Ebrahimi 254*287e80b3SSadaf EbrahimiSEE ALSO 255*287e80b3SSadaf Ebrahimi-------- 256*287e80b3SSadaf Ebrahimi*libtracefs*(3), 257*287e80b3SSadaf Ebrahimi*libtraceevent*(3), 258*287e80b3SSadaf Ebrahimi*trace-cmd*(1) 259*287e80b3SSadaf Ebrahimi 260*287e80b3SSadaf EbrahimiAUTHOR 261*287e80b3SSadaf Ebrahimi------ 262*287e80b3SSadaf Ebrahimi[verse] 263*287e80b3SSadaf Ebrahimi-- 264*287e80b3SSadaf Ebrahimi*Steven Rostedt* <[email protected]> 265*287e80b3SSadaf Ebrahimi*Tzvetomir Stoyanov* <[email protected]> 266*287e80b3SSadaf Ebrahimi*Yordan Karadzhov* <[email protected]> 267*287e80b3SSadaf Ebrahimi-- 268*287e80b3SSadaf EbrahimiREPORTING BUGS 269*287e80b3SSadaf Ebrahimi-------------- 270*287e80b3SSadaf EbrahimiReport bugs to <[email protected]> 271*287e80b3SSadaf Ebrahimi 272*287e80b3SSadaf EbrahimiLICENSE 273*287e80b3SSadaf Ebrahimi------- 274*287e80b3SSadaf Ebrahimilibtracefs is Free Software licensed under the GNU LGPL 2.1 275*287e80b3SSadaf Ebrahimi 276*287e80b3SSadaf EbrahimiRESOURCES 277*287e80b3SSadaf Ebrahimi--------- 278*287e80b3SSadaf Ebrahimihttps://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/ 279*287e80b3SSadaf Ebrahimi 280*287e80b3SSadaf EbrahimiCOPYING 281*287e80b3SSadaf Ebrahimi------- 282*287e80b3SSadaf EbrahimiCopyright \(C) 2021 VMware, Inc. Free use of this software is granted under 283*287e80b3SSadaf Ebrahimithe terms of the GNU Public License (GPL). 284