On Fri, Jul 14, 2017 at 09:55:31PM +0700, Nikolay Marchuk wrote:
> This change introduces new filtering architecture primitives: filter,
> filter_action and bool_expression. It also changes processing of -e
> strace option.
In which way? My understanding was that only implementation is what has
changed, not the behaviour.
> Now, filtering is done after decoding of syscall and
> tcp->qual_flg stores filtering results. Also this change moves testing
"This change also moves"
> syscall set syntax into separate file.
"testing of syscall set syntax"
"into a separate file"
Btw, I see no reason for this test split being part of this commit; it's
better to move this change in a separate commit.
>
> * basic_actions.c: New file.
> * basic_filters.c: Rename functions, add new filters' functions.
"Rename qualify_* functions to parse_*. Add
{parse,run,free}_{syscall,fd}_filter functions."
or, better:
"(qualify_syscall_number): Rename to parse_syscall_number.
(qualify_syscall_regex): Rename to parse_syscall_regex.
(qualify_syscall_class): Rename to parse_syscall_class.
(qualify_syscall_name): Rename to parse_syscall_name.
(qualify_syscall): Rename to parse_syscall.
(qualify_syscall_tokens): Rename to parse_syscall_set, make static,
remove "name" argument (assume "system call").
(qualify_tokes): Rename to parse_set.
(qualify_read): Rename to parse_read.
(qualify_write): Rename to parse_write.
(qualify_trace): Rename to parse_trace.
(qualify_abbrev): Rename to parse_abbrev.
(qualify_verbose): Rename to parse_verbose.
(qualify_raw): Rename to parse_raw.
(qualify_inject_common): Rename to parse_inject_common.
(qualify_fault): Rename to parse_fault.
(qualify_inject): Rename to parse_inject.
(parse_syscall_filter, parse_fd_filter, run_syscall_filter,
run_fd_filter, free_syscall_filter, free_fd_filter): New functions."
There's also the fact that add_number_to_set is now static is missing.
Btw, there are two mentions of qualify_syscall function left in
basic_filters.c which look odd now.
> * defs.h (struct inject_opts): Add init flag.
> (QUAL_READ, QUAL_WRITE): Change description.
> (read_set, write_set): Remove global set variables.
> (qualify, qual_flags): Remove old declarations ...
> (filter_syscall, parse_qualify_filter,
> filtering_parsing_finish): ... and add new declarations.
> * filter.c: New file.
> * filter.h: Change declarations.
> * filter_action.c: New file.
> * filter_expression.c: Likewise.
> * filter_qualify.c: Generate new filters. Change inject/fault parsing.
> * Makefile.am (strace_SOURCES): Add new files.
> * strace.c (init): Use new filtering for -e option.
> (trace_syscall): Add filtering after syscall decoding.
> * syscall.c (decode_socket_subcall): Remove qual_flags from decoder.
> (decode_ipc_subcall): Likewise.
> (decode_mips_subcall): Likewise.
> (get_scno): Likewise.
> (inject_vec, tcb_inject_opts, tamper_with_syscall_entering,
> tamper_with_syscall_exiting): Remove inject_vec support code.
> (dumpio): Check tcp->qual_flg instead of global set.
> * tests/qual_fault-syntax.test: Remove syscall set syntax testing
> * tests/qual_inject-syntax.test: Likewise.
> * tests/filtering_syscall-syntax.test: Add new file.
> * tests/Makefile.am (MISC_TESTS): Add filtering_syscall-syntax.test.
Changes in tests/options-syntax.test are not mentioned here.
> ---
> Makefile.am | 4 +
> basic_actions.c | 144 +++++++++++++++++++++++
> basic_filters.c | 96 ++++++++++++----
> defs.h | 14 ++-
> filter.c | 142 +++++++++++++++++++++++
> filter.h | 39 ++++++-
> filter_action.c | 215 +++++++++++++++++++++++++++++++++++
> filter_expression.c | 132 +++++++++++++++++++++
> filter_qualify.c | 221
> +++++++++++++++---------------------
> strace.c | 20 ++--
> syscall.c | 20 +---
> tests/Makefile.am | 1 +
> tests/filtering_syscall-syntax.test | 105 +++++++++++++++++
> tests/options-syntax.test | 17 ---
> tests/qual_fault-syntax.test | 17 +--
> tests/qual_inject-syntax.test | 18 +--
> 16 files changed, 970 insertions(+), 235 deletions(-)
> create mode 100644 basic_actions.c
> create mode 100644 filter.c
> create mode 100644 filter_action.c
> create mode 100644 filter_expression.c
> create mode 100755 tests/filtering_syscall-syntax.test
>
> diff --git a/Makefile.am b/Makefile.am
> index 3d85d79..ddc1fed 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> @@ -86,6 +86,7 @@ strace_SOURCES = \
> affinity.c \
> aio.c \
> alpha.c \
> + basic_actions.c \
> basic_filters.c \
> bind.c \
> bjm.c \
> @@ -131,7 +132,10 @@ strace_SOURCES = \
> fetch_struct_statfs.c \
> file_handle.c \
> file_ioctl.c \
> + filter_action.c \
> + filter_expression.c \
> filter_qualify.c \
> + filter.c \
> filter.h \
> flock.c \
> flock.h \
> diff --git a/basic_actions.c b/basic_actions.c
> new file mode 100644
> index 0000000..ae65059
> --- /dev/null
> +++ b/basic_actions.c
> @@ -0,0 +1,143 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikola...@gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +#include "defs.h"
> +#include "filter.h"
> +
> +bool
> +is_traced(struct tcb *tcp)
> +{
> + return (tcp->qual_flg & QUAL_TRACE);
> +}
> +
> +bool
> +not_injected(struct tcb *tcp)
> +{
> + return !(tcp->qual_flg & QUAL_INJECT);
> +}
> +
> +void *
> +parse_null(const char *str)
> +{
> + return NULL;
> +}
> +
> +void
> +free_null(void *_priv_data)
> +{
> + return;
> +}
> +
> +void
> +apply_trace(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_TRACE;
> +}
> +
> +void
> +apply_inject(struct tcb *tcp, void *_priv_data)
> +{
> + struct inject_opts *opts = _priv_data;
Missing empty line after declarations.
> + tcp->qual_flg |= QUAL_INJECT;
> + if (!tcp->inject_vec[current_personality])
> + tcp->inject_vec[current_personality] =
> + xcalloc(nsyscalls, sizeof(struct inject_opts));
> + if (scno_in_range(tcp->scno)
> + && !tcp->inject_vec[current_personality][tcp->scno].init)
> + tcp->inject_vec[current_personality][tcp->scno] = *opts;
> +}
> +
> +static void *
> +parse_inject_common(const char *str, bool fault_tokens_only,
> + const char *description)
> +{
> + struct inject_opts *opts = xmalloc(sizeof(struct inject_opts));
> + char *buf = xstrdup(str);
Missing empty line after declarations.
> + parse_inject_common_args(buf, opts, ";", fault_tokens_only);
> + if (!opts->init)
> + error_msg_and_die("invalid %s '%s'", description, str);
> + free(buf);
> + return opts;
> +}
> +
> +void *
> +parse_inject(const char *str)
> +{
> + return parse_inject_common(str, false, "inject argument");
> +}
> +
> +void free_inject(void *_priv_data)
> +{
> + free(_priv_data);
> +}
> +
> +void
> +apply_fault(struct tcb *tcp, void *_priv_data)
> +{
> + apply_inject(tcp, _priv_data);
> +}
> +
> +void *
> +parse_fault(const char *str)
> +{
> + return parse_inject_common(str, true, "fault argument");
> +}
> +
> +void
> +free_fault(void *_priv_data)
> +{
> + free_inject(_priv_data);
> +}
> +
> +void
> +apply_read(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_READ;
> +}
> +
> +void
> +apply_write(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_WRITE;
> +}
> +
> +void
> +apply_raw(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_RAW;
> +}
> +
> +void
> +apply_abbrev(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_ABBREV;
> +}
> +
> +void
> +apply_verbose(struct tcb *tcp, void *_priv_data)
> +{
> + tcp->qual_flg |= QUAL_VERBOSE;
> +}
> diff --git a/basic_filters.c b/basic_filters.c
> index 316b733..d8842b5 100644
> --- a/basic_filters.c
> +++ b/basic_filters.c
> @@ -48,7 +48,8 @@ number_setbit(const unsigned int i, number_slot_t *const
> vec)
> static bool
> number_isset(const unsigned int i, const number_slot_t *const vec)
> {
> - return vec[i / BITS_PER_SLOT] & ((number_slot_t) 1 << (i %
> BITS_PER_SLOT));
> + return (vec[i / BITS_PER_SLOT]
> + & ((number_slot_t) 1 << (i % BITS_PER_SLOT))) ? true : false;
> }
>
> static void
> @@ -62,7 +63,7 @@ reallocate_number_set(struct number_set *const set, const
> unsigned int new_nslot
> set->nslots = new_nslots;
> }
>
> -void
> +static void
> add_number_to_set(const unsigned int number, struct number_set *const set)
> {
> reallocate_number_set(set, number / BITS_PER_SLOT + 1);
> @@ -77,7 +78,7 @@ is_number_in_set(const unsigned int number, const struct
> number_set *const set)
> }
>
> static bool
> -qualify_syscall_number(const char *s, struct number_set *set)
> +parse_syscall_number(const char *s, struct number_set *set)
> {
> int n = string_to_uint(s);
> if (n < 0)
> @@ -108,7 +109,7 @@ regerror_msg_and_die(int errcode, const regex_t *preg,
> }
>
> static bool
> -qualify_syscall_regex(const char *s, struct number_set *set)
> +parse_syscall_regex(const char *s, struct number_set *set)
> {
> regex_t preg;
> int rc;
> @@ -180,7 +181,7 @@ lookup_class(const char *s)
> }
>
> static bool
> -qualify_syscall_class(const char *s, struct number_set *set)
> +parse_syscall_class(const char *s, struct number_set *set)
> {
> const unsigned int n = lookup_class(s);
> if (!n)
> @@ -203,7 +204,7 @@ qualify_syscall_class(const char *s, struct number_set
> *set)
> }
>
> static bool
> -qualify_syscall_name(const char *s, struct number_set *set)
> +parse_syscall_name(const char *s, struct number_set *set)
> {
> unsigned int p;
> bool found = false;
> @@ -225,7 +226,7 @@ qualify_syscall_name(const char *s, struct number_set
> *set)
> }
>
> static bool
> -qualify_syscall(const char *token, struct number_set *set)
> +parse_syscall(const char *token, struct number_set *set)
> {
> bool ignore_fail = false;
>
> @@ -234,11 +235,11 @@ qualify_syscall(const char *token, struct number_set
> *set)
> ignore_fail = true;
> }
> if (*token >= '0' && *token <= '9')
> - return qualify_syscall_number(token, set) || ignore_fail;
> + return parse_syscall_number(token, set) || ignore_fail;
> if (*token == '/')
> - return qualify_syscall_regex(token + 1, set) || ignore_fail;
> - return qualify_syscall_class(token, set)
> - || qualify_syscall_name(token, set)
> + return parse_syscall_regex(token + 1, set) || ignore_fail;
> + return parse_syscall_class(token, set)
> + || parse_syscall_name(token, set)
> || ignore_fail;
> }
>
> @@ -246,9 +247,8 @@ qualify_syscall(const char *token, struct number_set *set)
> * Add syscall numbers to SETs for each supported personality
> * according to STR specification.
> */
> -void
> -qualify_syscall_tokens(const char *const str, struct number_set *const set,
> - const char *const name)
> +static void
> +parse_syscall_set(const char *const str, struct number_set *const set)
> {
> /* Clear all sets. */
> unsigned int p;
> @@ -298,25 +298,49 @@ handle_inversion:
>
> for (token = strtok_r(copy, ",", &saveptr); token;
> token = strtok_r(NULL, ",", &saveptr)) {
> - done = qualify_syscall(token, set);
> + done = parse_syscall(token, set);
> if (!done) {
> - error_msg_and_die("invalid %s '%s'", name, token);
> + error_msg_and_die("invalid system call '%s'", token);
> }
> }
>
> free(copy);
>
> if (!done) {
> - error_msg_and_die("invalid %s '%s'", name, str);
> + error_msg_and_die("invalid system call '%s'", str);
> }
> }
>
> -/*
> - * Add numbers to SET according to STR specification.
> - */
> +void*
> +parse_syscall_filter(const char *str)
> +{
> + struct number_set *set = xcalloc(SUPPORTED_PERSONALITIES,
> + sizeof(struct number_set));
Missing empty line after declaration.
> + parse_syscall_set(str, set);
> + return set;
> +}
> +
> +bool
> +run_syscall_filter(struct tcb *tcp, void *_priv_data)
> +{
> + struct number_set *set = _priv_data;
Missing empty line after declaration.
> + return is_number_in_set(tcp->scno, &set[current_personality]);
> +}
> +
> +void
> +free_syscall_filter(void *_priv_data)
> +{
> + struct number_set *set = _priv_data;
> + unsigned int p;
Missing empty line after declarations.
> + for (p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
> + free(set[p].vec);
> + }
> + free(set);
> +}
> +
> void
> -qualify_tokens(const char *const str, struct number_set *const set,
> - string_to_uint_func func, const char *const name)
> +parse_set(const char *const str, struct number_set *const set,
> + string_to_uint_func func, const char *const name)
> {
> /* Clear the set. */
> if (set->nslots)
> @@ -373,3 +397,31 @@ handle_inversion:
> error_msg_and_die("invalid %s '%s'", name, str);
> }
> }
> +
> +void*
> +parse_fd_filter(const char *str)
> +{
> + struct number_set *set = xmalloc(sizeof(struct number_set));
Missing empty line after declaration.
> + memset(set, 0, sizeof(struct number_set));
> + parse_set(str, set, string_to_uint, "descriptor");
> + return set;
> +}
> +
> +bool
> +run_fd_filter(struct tcb *tcp, void *_priv_data)
> +{
> + int fd = tcp->u_arg[0];
Missing empty line after declaration.
> + if (fd < 0)
> + return false;
> + struct number_set *set = _priv_data;
> + return is_number_in_set(fd, set);
> +}
> +
> +void
> +free_fd_filter(void *_priv_data)
> +{
> + struct number_set *set = _priv_data;
Missing empty line after declaration.
> + free(set->vec);
> + free(set);
> + return;
> +}
> diff --git a/defs.h b/defs.h
> index 21f1704..b03693d 100644
> --- a/defs.h
> +++ b/defs.h
> @@ -202,6 +202,7 @@ struct inject_opts {
> uint16_t step;
> uint16_t signo;
> int rval;
> + bool init;
> };
>
> #define MAX_ERRNO_VALUE 4095
> @@ -271,8 +272,8 @@ struct tcb {
> #define QUAL_RAW 0x008 /* print all args in hex for this syscall */
> #define QUAL_INJECT 0x010 /* tamper with this system call on purpose */
> #define QUAL_SIGNAL 0x100 /* report events with this signal */
> -#define QUAL_READ 0x200 /* dump data read from this file descriptor */
> -#define QUAL_WRITE 0x400 /* dump data written to this file descriptor */
> +#define QUAL_READ 0x200 /* dump data read in this syscall */
> +#define QUAL_WRITE 0x400 /* dump data written in this syscall */
>
> #define DEFAULT_QUAL_FLAGS (QUAL_TRACE | QUAL_ABBREV | QUAL_VERBOSE)
>
> @@ -281,6 +282,8 @@ struct tcb {
> #define syserror(tcp) ((tcp)->u_error != 0)
> #define verbose(tcp) ((tcp)->qual_flg & QUAL_VERBOSE)
> #define abbrev(tcp) ((tcp)->qual_flg & QUAL_ABBREV)
> +#define dump_read(tcp) ((tcp)->qual_flg & QUAL_READ)
> +#define dump_write(tcp) ((tcp)->qual_flg & QUAL_WRITE)
> #define filtered(tcp) ((tcp)->flags & TCB_FILTERED)
> #define hide_log(tcp) ((tcp)->flags & TCB_HIDE_LOG)
>
> @@ -676,13 +679,12 @@ print_struct_statfs64(struct tcb *, kernel_ulong_t
> addr, kernel_ulong_t size);
> extern void print_ifindex(unsigned int);
>
> struct number_set;
> -extern struct number_set read_set;
> -extern struct number_set write_set;
> extern struct number_set signal_set;
>
> extern bool is_number_in_set(unsigned int number, const struct number_set *);
> -extern void qualify(const char *);
> -extern unsigned int qual_flags(const unsigned int);
> +extern void filtering_parsing_finish(void);
> +extern void filter_syscall(struct tcb *);
> +extern void parse_qualify_filter(const char *);
>
> #define DECL_IOCTL(name) \
> extern int \
> diff --git a/filter.c b/filter.c
> new file mode 100644
> index 0000000..05382b7
> --- /dev/null
> +++ b/filter.c
> @@ -0,0 +1,142 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikola...@gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +#include "defs.h"
> +#include <ctype.h>
> +#include "filter.h"
> +
> +#define DECL_FILTER(name) \
> +extern void *
> \
> +parse_ ## name ## _filter(const char *); \
> +extern bool \
> +run_ ## name ## _filter(struct tcb *, void *);
> \
> +extern void \
> +free_ ## name ## _filter(void *)
Missing indentation of the macro definition.
> +DECL_FILTER(syscall);
> +DECL_FILTER(fd);
> +#undef DECL_FILTER
> +
> +#define FILTER_TYPE(name) \
> +{#name, parse_ ## name ## _filter, run_ ## name ## _filter, \
> + free_ ## name ## _filter}
Missing indentation of the macro definition.
> +
> +static const struct filter_type {
> + const char *name;
> + void *(*parse_filter)(const char *);
> + bool (*run_filter)(struct tcb *, void *);
> + void (*free_priv_data)(void *);
> +} filter_types[] = {
> + FILTER_TYPE(syscall),
> + FILTER_TYPE(fd)
> +};
> +
> +#undef FILTER_TYPE
> +
> +struct filter {
> + const struct filter_type *type;
> + void *_priv_data;
> +};
> +
> +static const struct filter_type *
> +lookup_filter_type(const char *str)
> +{
> + unsigned int i;
Missing empty line after declaration.
> + for (i = 0; i < ARRAY_SIZE(filter_types); i++) {
> + const char *name = filter_types[i].name;
Missing empty line after declaration.
> + if (!strcmp(name, str)) {
> + return &filter_types[i];
> + }
Curly braces may be omitted here.
> + }
> + return NULL;
> +}
> +
> +struct filter *
> +add_filter_to_array(struct filter **filters, unsigned int *nfilters,
> + const char *name)
> +{
> + const struct filter_type *type = lookup_filter_type(name);
Missing empty line after declaration.
> + if (!type)
> + error_msg_and_die("invalid filter '%s'", name);
> + *filters = xreallocarray(*filters, ++(*nfilters),
> + sizeof(struct filter));
> + struct filter *filter = &((*filters)[*nfilters - 1]);
> + filter->type = type;
> + return filter;
> +}
> +
> +void
> +parse_filter(struct filter *filter, const char *str)
> +{
> + filter->_priv_data = filter->type->parse_filter(str);
> +}
> +
> +static bool
> +run_filter(struct tcb *tcp, struct filter *filter)
> +{
> + return filter->type->run_filter(tcp, filter->_priv_data);
> +}
> +
> +void
> +run_filters(struct tcb *tcp, struct filter *filters, unsigned int nfilters)
> +{
> + unsigned int i;
Missing empty line after declaration.
> + for (i = 0; i < nfilters; ++i) {
> + variables_buf[i] = run_filter(tcp, &filters[i]);
> + }
Curly braces may be omitted here.
> +}
> +
> +void
> +free_filter(struct filter *filter)
> +{
> + if (!filter)
> + return;
> + filter->type->free_priv_data(filter->_priv_data);
> +}
> +
> +void *
> +get_filter_priv_data(struct filter *filter)
> +{
> + return filter ? filter->_priv_data : NULL;
> +}
> +
> +void
> +set_filter_priv_data(struct filter *filter, void *_priv_data)
> +{
> + if (filter)
> + filter->_priv_data = _priv_data;
> +}
> +
> +void
> +set_filters_qualify_mode(struct filter **filters, unsigned int *nfilters)
> +{
> + unsigned int i;
Missing empty line after declaration.
> + for (i = 0; i < *nfilters - 1; ++i) {
> + free_filter(*filters + i);
> + }
Curly braces may be omitted here.
> + (*filters)[0] = (*filters)[*nfilters - 1];
> + *filters = xreallocarray(*filters, 1, sizeof(struct filter));
> + *nfilters = 1;
> +}
> diff --git a/filter.h b/filter.h
> index a798199..7525b15 100644
> --- a/filter.h
> +++ b/filter.h
> @@ -28,11 +28,40 @@
> # define STRACE_FILTER_H
> # include "defs.h"
>
> +struct filter;
> +
> +struct filter_action;
> +
> +struct bool_expression;
> +
> +extern bool *variables_buf;
> +
> typedef int (*string_to_uint_func)(const char *);
> +void parse_set(const char *const, struct number_set *const,
> + string_to_uint_func, const char *const);
> +void parse_inject_common_args(char *, struct inject_opts *, const char
> *delim,
> + const bool fault_tokens_only);
> +
> +/* filter api */
> +struct filter* add_filter_to_array(struct filter **, unsigned int *nfilters,
> + const char *name);
> +void parse_filter(struct filter *, const char *str);
> +void run_filters(struct tcb *, struct filter *, unsigned int);
> +void free_filter(struct filter *);
> +void *get_filter_priv_data(struct filter *);
> +void set_filter_priv_data(struct filter *, void *);
> +void set_filters_qualify_mode(struct filter **, unsigned int *nfilters);
> +
> +/* filter action api */
> +struct filter *create_filter(struct filter_action *, const char *name);
> +struct filter_action *find_or_add_action(const char *);
> +void *get_filter_action_priv_data(struct filter_action *);
> +void set_filter_action_priv_data(struct filter_action *, void *);
> +void set_qualify_mode(struct filter_action *);
> +
> +/* filter expression api */
> +struct bool_expression *create_expression();
> +bool run_expression(struct bool_expression *, unsigned int, bool *);
> +void set_expression_qualify_mode(struct bool_expression *);
>
> -void add_number_to_set(const unsigned int, struct number_set *const);
> -void qualify_tokens(const char *const, struct number_set *const,
> - string_to_uint_func, const char *const);
> -void qualify_syscall_tokens(const char *const, struct number_set *const,
> - const char *const);
> #endif
> diff --git a/filter_action.c b/filter_action.c
> new file mode 100644
> index 0000000..3bd3d0c
> --- /dev/null
> +++ b/filter_action.c
> @@ -0,0 +1,215 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikola...@gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
Missing empty line.
> +#include "defs.h"
> +#include <ctype.h>
> +#include "filter.h"
> +
> +#define DECL_FILTER_ACTION(name) \
> +extern void \
> +apply_ ## name(struct tcb *, void *)
Missing indentation of the macro definition.
> +DECL_FILTER_ACTION(trace);
> +DECL_FILTER_ACTION(inject);
> +DECL_FILTER_ACTION(fault);
> +DECL_FILTER_ACTION(read);
> +DECL_FILTER_ACTION(write);
> +DECL_FILTER_ACTION(raw);
> +DECL_FILTER_ACTION(abbrev);
> +DECL_FILTER_ACTION(verbose);
> +#undef DECL_FILTER_ACTION
> +
> +extern bool is_traced(struct tcb *);
> +extern bool not_injected(struct tcb *);
> +
> +#define DECL_FILTER_ACTION_PARSER(name)
> \
> +extern void *
> \
> +parse_ ## name(const char *);
> \
> +extern void \
> +free_ ## name(void *)
Missing indentation of the macro definitions.
> +DECL_FILTER_ACTION_PARSER(null);
> +DECL_FILTER_ACTION_PARSER(inject);
> +DECL_FILTER_ACTION_PARSER(fault);
> +#undef DECL_FILTER_ACTION_PARSER
> +
> +#define FILTER_ACTION_TYPE(NAME, PRIORITY, PARSER, PREFILTER)
> \
> +{#NAME, PRIORITY, parse_ ## PARSER, free_ ## PARSER, PREFILTER, apply_ ##
> NAME}
Missing indentation of the macro definition.
> +
> +static const struct filter_action_type {
> + const char *name;
> + unsigned int priority;
> + void *(*parse_args)(const char *);
> + void (*free_priv_data)(void *);
> + bool (*prefilter)(struct tcb *);
> + void (*apply)(struct tcb *, void *);
> +} action_types[] = {
> + FILTER_ACTION_TYPE(trace, 2, null, NULL),
> + FILTER_ACTION_TYPE(inject, 2, inject, not_injected),
> + FILTER_ACTION_TYPE(fault, 2, fault, not_injected),
So, it is not allowed to write fault(open; when=+3), fault(open; when=+5)?
That's a bummer. Well, yet another reason for converting syscall invocation
counter from injection-specific option to general filter.
> + FILTER_ACTION_TYPE(read, 1, null, is_traced),
> + FILTER_ACTION_TYPE(write, 1, null, is_traced),
> + FILTER_ACTION_TYPE(raw, 1, null, is_traced),
> + FILTER_ACTION_TYPE(abbrev, 1, null, is_traced),
> + FILTER_ACTION_TYPE(verbose, 1, null, is_traced)
C99 allows for trailing commas in array initialisations, and it may be
useful for cleaner future patches.
> +};
> +
> +#undef FILTER_ACTION_TYPE
> +
> +struct filter_action {
> + /* Used to correct order of actions with same priority. */
> + unsigned int id;
> + const struct filter_action_type *type;
> + struct bool_expression *expr;
> + unsigned int nfilters;
> + struct filter *filters;
> + void* _priv_data;
void *_priv_data;
> +};
> +
> +static struct filter_action *filter_actions;
> +static unsigned int nfilter_actions;
> +
> +bool *variables_buf;
> +
> +/* Compares actions priority. If actions have same priority, uses LIFO order
> */
> +static int
> +compare_action_priority(const void *a, const void *b)
> +{
> + const struct filter_action *action_a = a;
> + const struct filter_action *action_b = b;
> + unsigned int priority_a = action_a->type->priority;
> + unsigned int priority_b = action_b->type->priority;
Missing empty line after declarations.
> + if (priority_a != priority_b) {
> + return (priority_a > priority_b) ? -1 : 1;
> + } else {
> + return (action_a->id > action_b->id) ? -1 : 1;
> + }
> +}
> +
> +void
> +filtering_parsing_finish(void)
> +{
> + qsort(filter_actions, nfilter_actions, sizeof(struct filter_action),
> + &compare_action_priority);
> + /* Allocate variables_buf sufficient for any action */
> + unsigned int maxfilters = 0;
> + unsigned int i;
Missing empty line after declarations.
> + for (i = 0; i < nfilter_actions; ++i) {
> + if (filter_actions[i].nfilters > maxfilters)
> + maxfilters = filter_actions[i].nfilters;
> + }
> + variables_buf = xcalloc(maxfilters, sizeof(bool));
> +}
> +
> +static const struct filter_action_type *
> +lookup_filter_action_type(const char *str)
> +{
> + unsigned int i;
Missing empty line after declaration.
> + for (i = 0; i < ARRAY_SIZE(action_types); ++i) {
> + const char *name = action_types[i].name;
Missing empty line after declaration.
> + if (!strcmp(name, str)) {
> + return &action_types[i];
> + }
Curly braces may be omitted here.
> + }
> + return NULL;
> +}
> +
> +static struct filter_action *
> +add_action(const struct filter_action_type *type)
> +{
> + filter_actions = xreallocarray(filter_actions, ++nfilter_actions,
> + sizeof(struct filter_action));
> + struct filter_action *action = &filter_actions[nfilter_actions - 1];
> + memset(action, 0, sizeof(*action));
> + action->id = nfilter_actions - 1;
> + action->type = type;
> + action->expr = create_expression();
> + return action;
> +}
> +
> +struct filter_action *
> +find_or_add_action(const char *name)
> +{
> + const struct filter_action_type *type = lookup_filter_action_type(name);
Missing empty line after declaration.
> + if (!type)
> + error_msg_and_die("invalid filter action '%s'", name);
> + /* If action takes arguments, add new action */
> + if (type->parse_args != &parse_null)
> + return add_action(type);
> + unsigned int i;
> + for (i = 0; i < nfilter_actions; i++) {
> + if (filter_actions[i].type == type)
> + return &filter_actions[i];
> + }
> + return add_action(type);
> +}
> +
> +static void
> +run_filter_action(struct tcb *tcp, struct filter_action *action)
> +{
> + if (action->type->prefilter && !action->type->prefilter(tcp))
> + return;
> + run_filters(tcp, action->filters, action->nfilters);
> + bool res = run_expression(action->expr, action->nfilters,
> + variables_buf);
> + if (res) {
> + action->type->apply(tcp, action->_priv_data);
> + }
Missing empty line after declarations.
> +}
> +
> +struct filter *
> +create_filter(struct filter_action *action, const char *name)
> +{
> + return add_filter_to_array(&action->filters,
> + &action->nfilters, name);
> +}
> +
> +void
> +set_qualify_mode(struct filter_action *action)
> +{
> + set_filters_qualify_mode(&action->filters, &action->nfilters);
> + set_expression_qualify_mode(action->expr);
> +}
> +
> +void
> +filter_syscall(struct tcb *tcp)
> +{
> + unsigned int i;
Missing empty line after declaration.
> + for (i = 0; i < nfilter_actions; i++) {
> + run_filter_action(tcp, &filter_actions[i]);
> + }
Curly braces may be omitted here.
> +}
> +
> +void *
> +get_filter_action_priv_data(struct filter_action *action)
> +{
> + return action ? action->_priv_data : NULL;
> +}
> +
> +void
> +set_filter_action_priv_data(struct filter_action *action, void *_priv_data)
> +{
> + if (action)
> + action->_priv_data = _priv_data;
> +}
> diff --git a/filter_expression.c b/filter_expression.c
> new file mode 100644
> index 0000000..8a41783
> --- /dev/null
> +++ b/filter_expression.c
> @@ -0,0 +1,132 @@
> +/*
> + * Copyright (c) 2017 Nikolay Marchuk <marchuk.nikola...@gmail.com>
> + * All rights reserved.
> + *
> + * Redistribution and use in source and binary forms, with or without
> + * modification, are permitted provided that the following conditions
> + * are met:
> + * 1. Redistributions of source code must retain the above copyright
> + * notice, this list of conditions and the following disclaimer.
> + * 2. Redistributions in binary form must reproduce the above copyright
> + * notice, this list of conditions and the following disclaimer in the
> + * documentation and/or other materials provided with the distribution.
> + * 3. The name of the author may not be used to endorse or promote products
> + * derived from this software without specific prior written permission.
> + *
> + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> + */
> +#include "defs.h"
> +
> +struct expression_token {
> + enum token_type {
> + TOK_VARIABLE,
> + TOK_OPERATOR
> + } type;
> + union token_data {
> + unsigned int variable_id;
> + enum operator_type {
> + OP_NOT,
> + OP_AND,
> + OP_OR
> + } operator_id;
> + } data;
> +};
> +
> +struct bool_expression {
> + unsigned int ntokens;
> + struct expression_token *tokens;
> +};
> +
> +struct bool_expression *
> +create_expression(void)
> +{
> + struct bool_expression *expr = xmalloc(sizeof(struct bool_expression));
> + memset(expr, 0, sizeof(struct bool_expression));
> + return expr;
> +}
> +
> +static void
> +reallocate_expression(struct bool_expression *const expr,
> + const unsigned int new_ntokens)
> +{
> + if (new_ntokens <= expr->ntokens)
> + return;
> + expr->tokens = xreallocarray(expr->tokens, new_ntokens,
> + sizeof(*expr->tokens));
> + memset(expr->tokens + expr->ntokens, 0,
> + sizeof(*expr->tokens) * (new_ntokens - expr->ntokens));
> + expr->ntokens = new_ntokens;
> +}
> +
> +#define STACK_SIZE 32
> +static bool stack[STACK_SIZE];
> +
> +void
> +set_expression_qualify_mode(struct bool_expression *expr)
> +{
> + if (!expr)
> + error_msg_and_die("invalid expression");
> + reallocate_expression(expr, 1);
> + expr->tokens[0].type = TOK_VARIABLE;
> + expr->tokens[0].data.variable_id = 0;
> +}
> +
> +bool
> +run_expression(struct bool_expression *expr,
> + unsigned int variables_num, bool *variables)
> +{
> + /* Current stack index */
> + unsigned int index = 0;
> + struct expression_token *tok = expr->tokens;
> + struct expression_token *const tok_end = expr->tokens + expr->ntokens;
Missing empty line after declarations.
> + for (; tok != tok_end; ++tok) {
You can initialize tok here.
> + switch (tok->type) {
> + case TOK_VARIABLE:
> + if (index == STACK_SIZE)
> + error_msg_and_die("stack overflow");
> + if (tok->data.variable_id >= variables_num)
> + error_msg_and_die("corrupted filter "
> + "expression");
> + stack[index] = variables[tok->data.variable_id];
> + index++;
> + break;
> + case TOK_OPERATOR:
> + switch (tok->data.operator_id) {
> + case OP_NOT:
> + if (index == 0)
> + error_msg_and_die("corrupted filter "
> + "expression");
> + stack[index - 1] = !stack[index - 1];
> + break;
> + case OP_AND:
> + if (index < 2)
> + error_msg_and_die("corrupted filter "
> + "expression");
> + stack[index - 2] = stack[index - 2]
> + && stack[index - 1];
> + --index;
> + break;
> + case OP_OR:
> + if (index < 2)
> + error_msg_and_die("corrupted filter "
> + "expression");
> + stack[index - 2] = stack[index - 2]
> + || stack[index - 1];
> + --index;
> + break;
> + }
> + }
> + }
> + if (index != 1)
It's not "index", but rather stack size. Index would be one less than
that.
> + error_msg_and_die("corrupted filter expression");
Taking into the account current state of filter expression parser, the
only message "corrupted filter expression" doesn't seem to be helpful
for figuring out what went wrong, It's probably a good idea to create
error handler which prints stack/expression/position/etc along with more
specific error message.
> + return stack[0];
> +}
> diff --git a/filter_qualify.c b/filter_qualify.c
> index 32db332..7d65963 100644
> --- a/filter_qualify.c
> +++ b/filter_qualify.c
> @@ -38,16 +38,8 @@ struct number_set {
> bool not;
> };
>
> -struct number_set read_set;
> -struct number_set write_set;
> struct number_set signal_set;
>
> -static struct number_set abbrev_set[SUPPORTED_PERSONALITIES];
> -static struct number_set inject_set[SUPPORTED_PERSONALITIES];
> -static struct number_set raw_set[SUPPORTED_PERSONALITIES];
> -static struct number_set trace_set[SUPPORTED_PERSONALITIES];
> -static struct number_set verbose_set[SUPPORTED_PERSONALITIES];
> -
> static int
> find_errno_by_name(const char *name)
> {
> @@ -156,174 +148,162 @@ parse_inject_token(const char *const token, struct
> inject_opts *const fopts,
> return true;
> }
>
> -static char *
> -parse_inject_expression(const char *const s, char **buf,
> - struct inject_opts *const fopts,
> - const bool fault_tokens_only)
> +void
> +parse_inject_common_args(char *str, struct inject_opts *const opts,
> + const char *delim, const bool fault_tokens_only)
> {
> + opts->first = 1;
> + opts->step = 1;
> + opts->rval = INJECT_OPTS_RVAL_DEFAULT;
> + opts->signo = 0;
> + opts->init = false;
Why code before declarations?
> char *saveptr = NULL;
> - char *name = NULL;
> char *token;
> -
Why removing empty line after declarations?
> - *buf = xstrdup(s);
> - for (token = strtok_r(*buf, ":", &saveptr); token;
> - token = strtok_r(NULL, ":", &saveptr)) {
> - if (!name)
> - name = token;
> - else if (!parse_inject_token(token, fopts, fault_tokens_only))
> - goto parse_error;
> + for (token = strtok_r(str, delim, &saveptr); token;
> + token = strtok_r(NULL, delim, &saveptr)) {
> + if (!parse_inject_token(token, opts, fault_tokens_only))
> + return;
> }
> -
> - if (name)
> - return name;
> -
> -parse_error:
> - free(*buf);
> - return *buf = NULL;
> + /* If neither of retval, error, or signal is specified, then ... */
> + if (opts->rval == INJECT_OPTS_RVAL_DEFAULT && !opts->signo) {
> + if (fault_tokens_only) {
> + /* in fault= syntax the default error code is ENOSYS. */
> + opts->rval = -ENOSYS;
> + } else {
> + /* in inject= syntax this is not allowed. */
> + return;
> + }
> + }
> + opts->init = true;
> }
>
> static void
> -qualify_read(const char *const str)
> +parse_read(const char *const str)
> {
> - qualify_tokens(str, &read_set, string_to_uint, "descriptor");
> + struct filter_action *action = find_or_add_action("read");
> + struct filter *filter = create_filter(action, "fd");
Missing empty line after declarations.
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_write(const char *const str)
> +parse_write(const char *const str)
> {
> - qualify_tokens(str, &write_set, string_to_uint, "descriptor");
> + struct filter_action *action = find_or_add_action("write");
> + struct filter *filter = create_filter(action, "fd");
Missing empty line after declarations.
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> qualify_signals(const char *const str)
> {
> - qualify_tokens(str, &signal_set, sigstr_to_uint, "signal");
> + parse_set(str, &signal_set, sigstr_to_uint, "signal");
> }
>
> static void
> -qualify_trace(const char *const str)
> +parse_trace(const char *const str)
> {
> - qualify_syscall_tokens(str, trace_set, "system call");
> + struct filter_action *action = find_or_add_action("trace");
> + struct filter *filter = create_filter(action, "syscall");
Missing empty line after declarations.
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_abbrev(const char *const str)
> +parse_abbrev(const char *const str)
> {
> - qualify_syscall_tokens(str, abbrev_set, "system call");
> + struct filter_action *action = find_or_add_action("abbrev");
> + struct filter *filter = create_filter(action, "syscall");
Missing empty line after declarations.
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_verbose(const char *const str)
> +parse_verbose(const char *const str)
> {
> - qualify_syscall_tokens(str, verbose_set, "system call");
> + struct filter_action *action = find_or_add_action("verbose");
> + struct filter *filter = create_filter(action, "syscall");
Missing empty line after declarations.
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_raw(const char *const str)
> +parse_raw(const char *const str)
> {
> - qualify_syscall_tokens(str, raw_set, "system call");
> + struct filter_action *action = find_or_add_action("raw");
> + struct filter *filter = create_filter(action, "syscall");
Missing empty line after declarations.
> + parse_filter(filter, str);
> + set_qualify_mode(action);
> }
>
> static void
> -qualify_inject_common(const char *const str,
> +parse_inject_common(const char *const str,
> const bool fault_tokens_only,
> const char *const description)
Indentation of line continuations should be adjusted.
> {
> - struct inject_opts opts = {
> - .first = 1,
> - .step = 1,
> - .rval = INJECT_OPTS_RVAL_DEFAULT,
> - .signo = 0
> - };
> - char *buf = NULL;
> - char *name = parse_inject_expression(str, &buf, &opts,
> fault_tokens_only);
> - if (!name) {
> - error_msg_and_die("invalid %s '%s'", description, str);
> - }
> -
> - /* If neither of retval, error, or signal is specified, then ... */
> - if (opts.rval == INJECT_OPTS_RVAL_DEFAULT && !opts.signo) {
> - if (fault_tokens_only) {
> - /* in fault= syntax the default error code is ENOSYS. */
> - opts.rval = -ENOSYS;
> - } else {
> - /* in inject= syntax this is not allowed. */
> - error_msg_and_die("invalid %s '%s'", description, str);
> - }
> + struct inject_opts *opts = xmalloc(sizeof(struct inject_opts));
> + char *buf = xstrdup(str);
> + char *name = buf;
> + char *args = strchr(buf, ':');
Missing empty line after declarations.
> + if (!args) {
> + args = NULL;
Why setting args to NULL if it is 0 already?
> + } else {
> + *(args++) = '\0';
> }
>
> - struct number_set tmp_set[SUPPORTED_PERSONALITIES];
> - memset(tmp_set, 0, sizeof(tmp_set));
> - qualify_syscall_tokens(name, tmp_set, description);
> -
> - free(buf);
> + struct filter_action *action = find_or_add_action("inject");
> + struct filter *filter = create_filter(action, "syscall");
> + parse_filter(filter, name);
> + set_qualify_mode(action);
>
> - /*
> - * Initialize inject_vec accourding to tmp_set.
> - * Merge tmp_set into inject_set.
> - */
> - unsigned int p;
> - for (p = 0; p < SUPPORTED_PERSONALITIES; ++p) {
> - if (!tmp_set[p].nslots && !tmp_set[p].not) {
> - continue;
> - }
> -
> - if (!inject_vec[p]) {
> - inject_vec[p] = xcalloc(nsyscall_vec[p],
> - sizeof(*inject_vec[p]));
> - }
> -
> - unsigned int i;
> - for (i = 0; i < nsyscall_vec[p]; ++i) {
> - if (is_number_in_set(i, &tmp_set[p])) {
> - add_number_to_set(i, &inject_set[p]);
> - inject_vec[p][i] = opts;
> - }
> - }
> -
> - free(tmp_set[p].vec);
> + parse_inject_common_args(args, opts, ":", fault_tokens_only);
> + if (!opts->init) {
> + error_msg_and_die("invalid %s '%s'", description, args);
> }
Curly braces may be omitted here.
> + free(buf);
> + set_filter_action_priv_data(action, opts);
> }
>
> static void
> -qualify_fault(const char *const str)
> +parse_fault(const char *const str)
> {
> - qualify_inject_common(str, true, "fault argument");
> + parse_inject_common(str, true, "fault argument");
> }
>
> static void
> -qualify_inject(const char *const str)
> +parse_inject(const char *const str)
> {
> - qualify_inject_common(str, false, "inject argument");
> + parse_inject_common(str, false, "inject argument");
> }
>
> static const struct qual_options {
> const char *name;
> void (*qualify)(const char *);
> } qual_options[] = {
> - { "trace", qualify_trace },
> - { "t", qualify_trace },
> - { "abbrev", qualify_abbrev },
> - { "a", qualify_abbrev },
> - { "verbose", qualify_verbose },
> - { "v", qualify_verbose },
> - { "raw", qualify_raw },
> - { "x", qualify_raw },
> + { "trace", parse_trace },
> + { "t", parse_trace },
> + { "abbrev", parse_abbrev },
> + { "a", parse_abbrev },
> + { "verbose", parse_verbose },
> + { "v", parse_verbose },
> + { "raw", parse_raw },
> + { "x", parse_raw },
> { "signal", qualify_signals },
> { "signals", qualify_signals },
> { "s", qualify_signals },
> - { "read", qualify_read },
> - { "reads", qualify_read },
> - { "r", qualify_read },
> - { "write", qualify_write },
> - { "writes", qualify_write },
> - { "w", qualify_write },
> - { "fault", qualify_fault },
> - { "inject", qualify_inject },
> + { "read", parse_read },
> + { "reads", parse_read },
> + { "r", parse_read },
> + { "write", parse_write },
> + { "writes", parse_write },
> + { "w", parse_write },
> + { "fault", parse_fault },
> + { "inject", parse_inject },
> };
>
> void
> -qualify(const char *str)
> +parse_qualify_filter(const char *str)
> {
> const struct qual_options *opt = qual_options;
> unsigned int i;
> @@ -342,18 +322,3 @@ qualify(const char *str)
>
> opt->qualify(str);
> }
> -
> -unsigned int
> -qual_flags(const unsigned int scno)
> -{
> - return (is_number_in_set(scno, &trace_set[current_personality])
> - ? QUAL_TRACE : 0)
> - | (is_number_in_set(scno, &abbrev_set[current_personality])
> - ? QUAL_ABBREV : 0)
> - | (is_number_in_set(scno, &verbose_set[current_personality])
> - ? QUAL_VERBOSE : 0)
> - | (is_number_in_set(scno, &raw_set[current_personality])
> - ? QUAL_RAW : 0)
> - | (is_number_in_set(scno, &inject_set[current_personality])
> - ? QUAL_INJECT : 0);
> -}
> diff --git a/strace.c b/strace.c
> index 955a1c9..6ad367a 100644
> --- a/strace.c
> +++ b/strace.c
> @@ -827,10 +827,11 @@ droptcb(struct tcb *tcp)
> {
> if (tcp->pid == 0)
> return;
> -
> int p;
> for (p = 0; p < SUPPORTED_PERSONALITIES; ++p)
> - free(tcp->inject_vec[p]);
> + if (tcp->inject_vec[p])
> + free(tcp->inject_vec[p]);
> +
>
> free_tcb_priv_data(tcp);
>
> @@ -1636,13 +1637,13 @@ init(int argc, char *argv[])
> shared_log = stderr;
> set_sortby(DEFAULT_SORTBY);
> set_personality(DEFAULT_PERSONALITY);
> - qualify("trace=all");
> - qualify("abbrev=all");
> - qualify("verbose=all");
> + parse_qualify_filter("trace=all");
> + parse_qualify_filter("abbrev=all");
> + parse_qualify_filter("verbose=all");
> #if DEFAULT_QUAL_FLAGS != (QUAL_TRACE | QUAL_ABBREV | QUAL_VERBOSE)
> # error Bug in DEFAULT_QUAL_FLAGS
> #endif
> - qualify("signal=all");
> + parse_qualify_filter("signal=all");
> while ((c = getopt(argc, argv,
> "+b:cCdfFhiqrtTvVwxyz"
> #ifdef USE_LIBUNWIND
> @@ -1709,7 +1710,7 @@ init(int argc, char *argv[])
> show_fd_path++;
> break;
> case 'v':
> - qualify("abbrev=none");
> + parse_qualify_filter("abbrev=none");
> break;
> case 'V':
> print_version();
> @@ -1724,7 +1725,7 @@ init(int argc, char *argv[])
> error_opt_arg(c, optarg);
> break;
> case 'e':
> - qualify(optarg);
> + parse_qualify_filter(optarg);
> break;
> case 'o':
> outfname = xstrdup(optarg);
> @@ -1772,6 +1773,7 @@ init(int argc, char *argv[])
> break;
> }
> }
> + filtering_parsing_finish();
>
> argv += optind;
> argc -= optind;
> @@ -2470,6 +2472,8 @@ trace_syscall(struct tcb *tcp, unsigned int *sig)
> case 0:
> return 0;
> case 1:
> + if (!tcp->qual_flg)
> + filter_syscall(tcp);
> res = syscall_entering_trace(tcp, sig);
> }
> syscall_entering_finish(tcp, res);
> diff --git a/syscall.c b/syscall.c
> index 02626c7..07157f1 100644
> --- a/syscall.c
> +++ b/syscall.c
> @@ -382,7 +382,6 @@ decode_socket_subcall(struct tcb *tcp)
> return;
>
> tcp->scno = scno;
> - tcp->qual_flg = qual_flags(scno);
> tcp->s_ent = &sysent[scno];
>
> unsigned int i;
> @@ -422,7 +421,6 @@ decode_ipc_subcall(struct tcb *tcp)
> }
>
> tcp->scno = SYS_ipc_subcall + call;
> - tcp->qual_flg = qual_flags(tcp->scno);
> tcp->s_ent = &sysent[tcp->scno];
>
> const unsigned int n = tcp->s_ent->nargs;
> @@ -439,7 +437,6 @@ decode_mips_subcall(struct tcb *tcp)
> if (!scno_is_valid(tcp->u_arg[0]))
> return;
> tcp->scno = tcp->u_arg[0];
> - tcp->qual_flg = qual_flags(tcp->scno);
> tcp->s_ent = &sysent[tcp->scno];
> memmove(&tcp->u_arg[0], &tcp->u_arg[1],
> sizeof(tcp->u_arg) - sizeof(tcp->u_arg[0]));
> @@ -468,7 +465,7 @@ dumpio(struct tcb *tcp)
> if (fd < 0)
> return;
>
> - if (is_number_in_set(fd, &read_set)) {
> + if (dump_read(tcp)) {
> switch (tcp->s_ent->sen) {
> case SEN_read:
> case SEN_pread:
> @@ -491,7 +488,7 @@ dumpio(struct tcb *tcp)
> return;
> }
> }
> - if (is_number_in_set(fd, &write_set)) {
> + if (dump_write(tcp)) {
> switch (tcp->s_ent->sen) {
> case SEN_write:
> case SEN_pwrite:
> @@ -577,8 +574,6 @@ static void get_error(struct tcb *, const bool);
> static int arch_set_error(struct tcb *);
> static int arch_set_success(struct tcb *);
>
> -struct inject_opts *inject_vec[SUPPORTED_PERSONALITIES];
> -
> static struct inject_opts *
> tcb_inject_opts(struct tcb *tcp)
> {
> @@ -590,14 +585,6 @@ tcb_inject_opts(struct tcb *tcp)
> static long
> tamper_with_syscall_entering(struct tcb *tcp, unsigned int *signo)
> {
> - if (!tcp->inject_vec[current_personality]) {
> - tcp->inject_vec[current_personality] =
> - xcalloc(nsyscalls, sizeof(**inject_vec));
> - memcpy(tcp->inject_vec[current_personality],
> - inject_vec[current_personality],
> - nsyscalls * sizeof(**inject_vec));
> - }
> -
> struct inject_opts *opts = tcb_inject_opts(tcp);
>
> if (!opts || opts->first == 0)
> @@ -1258,7 +1245,8 @@ get_scno(struct tcb *tcp)
>
> if (scno_is_valid(tcp->scno)) {
> tcp->s_ent = &sysent[tcp->scno];
> - tcp->qual_flg = qual_flags(tcp->scno);
> + /* Clear qual_flg to differ valid syscall from printargs */
> + tcp->qual_flg = 0;
> } else {
> struct sysent_buf *s = xcalloc(1, sizeof(*s));
>
> diff --git a/tests/Makefile.am b/tests/Makefile.am
> index 579c78a..0fdafe1 100644
> --- a/tests/Makefile.am
> +++ b/tests/Makefile.am
> @@ -247,6 +247,7 @@ MISC_TESTS = \
> detach-sleeping.test \
> detach-stopped.test \
> filter-unavailable.test \
> + filtering_syscall-syntax.test \
> get_regs.test \
> interactive_block.test \
> ksysent.test \
> diff --git a/tests/filtering_syscall-syntax.test
> b/tests/filtering_syscall-syntax.test
> new file mode 100755
> index 0000000..8f4158f
> --- /dev/null
> +++ b/tests/filtering_syscall-syntax.test
> @@ -0,0 +1,105 @@
> +#!/bin/sh
> +#
> +# Check syscall set parsing syntax.
> +#
> +# Copyright (c) 2016-2017 Dmitry V. Levin <l...@altlinux.org>
> +# Copyright (c) 2017 Nikolay Marchuk <marchuk.nikola...@gmail.com>
> +# All rights reserved.
> +#
> +# Redistribution and use in source and binary forms, with or without
> +# modification, are permitted provided that the following conditions
> +# are met:
> +# 1. Redistributions of source code must retain the above copyright
> +# notice, this list of conditions and the following disclaimer.
> +# 2. Redistributions in binary form must reproduce the above copyright
> +# notice, this list of conditions and the following disclaimer in the
> +# documentation and/or other materials provided with the distribution.
> +# 3. The name of the author may not be used to endorse or promote products
> +# derived from this software without specific prior written permission.
> +#
> +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
> +# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
> +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
> +# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
> +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> +# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
> +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
> +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
> +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
> +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> +. "${srcdir=.}/init.sh"
> +
> +check_exit_status_and_stderr()
> +{
> + $STRACE "$@" 2> "$LOG" &&
> + dump_log_and_fail_with \
> + "strace $* failed to handle the error properly"
> + match_diff "$LOG" "$EXP" ||
> + dump_log_and_fail_with \
> + "strace $* failed to print expected diagnostics"
> +}
> +
> +check_exit_status_and_stderr_using_grep()
> +{
> + $STRACE "$@" 2> "$LOG" &&
> + dump_log_and_fail_with \
> + "strace $* failed to handle the error properly"
> + match_grep "$LOG" "$EXP" ||
> + dump_log_and_fail_with \
> + "strace $* failed to print expected diagnostics"
> +}
Since these two functions are used in more than one place now and look
fairly general, they can be moved to init.sh.
> +
> +strace_exp="${STRACE##* }"
> +
> +check_e()
> +{
> + local pattern="$1"; shift
> + cat > "$EXP" << __EOF__
> +$strace_exp: $pattern
> +__EOF__
> + check_exit_status_and_stderr "$@"
> +}
> +
> +check_e_using_grep()
> +{
> + local pattern="$1"; shift
> + cat > "$EXP" << __EOF__
> +$strace_exp: $pattern
> +__EOF__
> + check_exit_status_and_stderr_using_grep "$@"
> +}
> +
> +# invalid syscall
> +for arg in '' , ,, ,,, \! % \!, \
> + invalid_syscall_name \
> + -1 -2 -3 -4 -5\
> + 32767 \
> + 2147483647 \
> + 2147483648 \
> + 4294967295 \
> + 4294967296 \
> + /non_syscall \
> + %not_a_class \
> + ; do
> + check_e "invalid system call '$arg'" -e "$arg"
> +done
> +
> +# invalid syscall, multiple syscall
> +for arg in file,nonsense \
> + \!desc,nonsense \
> + chdir,nonsense \
> + \!chdir,nonsense \
> + 1,nonsense \
> + \!1,nonsense \
> + ; do
> + check_e "invalid system call 'nonsense'" -e "$arg"
> +done
> +
> +# special cases
> +check_e "invalid system call '!'" -e 1,\!
This check is new, it should probably be mentioned.
> +
> +check_e_using_grep 'regcomp: \+id: [[:alpha:]].+' -e trace='/+id'
> +check_e_using_grep 'regcomp: \*id: [[:alpha:]].+' -e trace='/*id'
> +check_e_using_grep 'regcomp: \{id: [[:alpha:]].+' -e trace='/{id'
> +check_e_using_grep 'regcomp: \(id: [[:alpha:]].+' -e trace='/(id'
> +check_e_using_grep 'regcomp: \[id: [[:alpha:]].+' -e trace='/[id'
> diff --git a/tests/options-syntax.test b/tests/options-syntax.test
> index 7cfc579..6d8d91c 100755
> --- a/tests/options-syntax.test
> +++ b/tests/options-syntax.test
> @@ -87,17 +87,6 @@ check_e "Invalid process id: 'a'" -p 1,a
> check_e "Syscall 'chdir' for -b isn't supported" -b chdir
> check_e "Syscall 'chdir' for -b isn't supported" -b execve -b chdir
>
> -check_e "invalid system call '-1'" -e-1
> -check_e "invalid system call '-2'" -e -2
> -check_e "invalid system call '-3'" -etrace=-3
> -check_e "invalid system call '-4'" -e trace=-4
> -check_e "invalid system call '-5'" -e trace=1,-5
Note that these checks also check for various -e syntax variants. I do
not see them in the new test.
> -check_e "invalid system call '/non_syscall'" -e trace=/non_syscall
> -check_e "invalid system call '2147483647'" -e 2147483647
> -check_e "invalid system call '2147483648'" -e 2147483648
> -check_e "invalid system call '4294967295'" -e 4294967295
> -check_e "invalid system call '4294967296'" -e 4294967296
> -
> check_e "invalid descriptor '-1'" -eread=-1
> check_e "invalid descriptor '-42'" -ewrite=-42
> check_e "invalid descriptor '2147483648'" -eread=2147483648
> @@ -109,12 +98,6 @@ check_e "invalid descriptor '!'" -ewrite='!'
> check_e "invalid descriptor '!'" -eread='0,!'
> check_e "invalid descriptor '!,'" -ewrite='!,'
>
> -check_e_using_grep 'regcomp: \+id: [[:alpha:]].+' -e trace='/+id'
> -check_e_using_grep 'regcomp: \*id: [[:alpha:]].+' -e trace='/*id'
> -check_e_using_grep 'regcomp: \{id: [[:alpha:]].+' -e trace='/{id'
> -check_e_using_grep 'regcomp: \(id: [[:alpha:]].+' -e trace='/(id'
> -check_e_using_grep 'regcomp: \[id: [[:alpha:]].+' -e trace='/[id'
> -
> check_h 'must have PROG [ARGS] or -p PID'
> check_h 'PROG [ARGS] must be specified with -D' -D -p $$
> check_h '-c and -C are mutually exclusive' -c -C true
> diff --git a/tests/qual_fault-syntax.test b/tests/qual_fault-syntax.test
> index 0cce539..384fcff 100755
> --- a/tests/qual_fault-syntax.test
> +++ b/tests/qual_fault-syntax.test
> @@ -40,16 +40,7 @@ fail_with()
> "strace -e fault=$* failed to handle an argument error properly"
> }
>
> -for arg in '' , ,, ,,, : :: ::: \! \!, \!: \
> - invalid_syscall_name \
> - invalid_syscall_name:when=3 \
> - -1 \!-1 \
> - -1:when=4 \
> - -2 \
> - -2:when=5 \
> - 32767 \!32767 \
> - 32767:when=6 \
I do not see these checks in the new test (as well as "'' , ,, ,,, : ::
::: \! \!, \!:").
> - chdir:42 \!chdir:42 \
> +for arg in chdir:42 \!chdir:42 \
> chdir:42:when=7 \
> chdir:invalid \
> chdir:invalid:when=8 \
> @@ -92,12 +83,6 @@ for arg in '' , ,, ,,, : :: ::: \! \!, \!: \
> chdir:when=65536:error=30 \
> chdir:when=1+65536 \
> chdir:when=1+65536:error=31 \
> - file,nonsense \
> - \!desc,nonsense \
> - chdir,nonsense \
> - \!chdir,nonsense \
> - 1,nonsense \
> - \!1,nonsense \
> chdir:retval=0 \
> chdir:signal=1 \
> chdir:error=1:error=2 \
> diff --git a/tests/qual_inject-syntax.test b/tests/qual_inject-syntax.test
> index a9e44d7..19d589d 100755
> --- a/tests/qual_inject-syntax.test
> +++ b/tests/qual_inject-syntax.test
> @@ -40,17 +40,7 @@ fail_with()
> "strace -e inject=$* failed to handle an argument error
> properly"
> }
>
> -for arg in '' , ,, ,,, : :: ::: \! \!, \!: \
> - invalid_syscall_name \
> - invalid_syscall_name:when=3 \
> - -1 \!-1 \
> - -1:when=4 \
> - -2 \
> - -2:when=5 \
> - 32767 \!32767 \
> - 32767:when=6 \
> - 42 \
Ditto here.
> - chdir \
> +for arg in chdir \
> chdir:42 \!chdir:42 \
> chdir:42:when=7 \
> chdir:invalid \
> @@ -94,12 +84,6 @@ for arg in '' , ,, ,,, : :: ::: \! \!, \!: \
> chdir:when=65536:error=30 \
> chdir:when=1+65536 \
> chdir:when=1+65536:error=31 \
> - file,nonsense \
> - \!desc,nonsense \
> - chdir,nonsense \
> - \!chdir,nonsense \
> - 1,nonsense \
> - \!1,nonsense \
> chdir:retval=-1 \
> chdir:signal=0 \
> chdir:signal=129 \
> --
> 2.1.4
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Strace-devel mailing list
Strace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/strace-devel
