diff --git a/sys/dev/filemon/filemon_wrapper.c b/sys/dev/filemon/filemon_wrapper.c index 2c6f20ea6da4..f92dbe98b50e 100644 --- a/sys/dev/filemon/filemon_wrapper.c +++ b/sys/dev/filemon/filemon_wrapper.c @@ -315,6 +315,68 @@ filemon_wrapper_open(struct thread *td, struct open_args *uap) return (ret); } +static int +filemon_wrapper_openat(struct thread *td, struct openat_args *uap) +{ + int ret; + size_t done; + size_t len; + struct filemon *filemon; + + if ((ret = sys_openat(td, uap)) == 0) { + /* Grab a read lock on the filemon inuse list. */ + filemon_lock_read(); + + if ((filemon = filemon_pid_check(curproc)) != NULL) { + /* Lock the found filemon structure. */ + filemon_filemon_lock(filemon); + + copyinstr(uap->path, filemon->fname1, + sizeof(filemon->fname1), &done); + + filemon->fname2[0] = '\0'; + if (filemon->fname1[0] != '/' && uap->fd != AT_FDCWD) { + /* + * rats - we cannot do too much about this. + * the trace should show a dir we read + * recently.. output an A record as a clue + * until we can do better. + */ + len = snprintf(filemon->msgbufr, + sizeof(filemon->msgbufr), "A %d %s\n", + curproc->p_pid, filemon->fname1); + filemon_output(filemon, filemon->msgbufr, len); + } + if (uap->flag & O_RDWR) { + /* + * We'll get the W record below, but need + * to also output an R to distingish from + * O_WRONLY. + */ + len = snprintf(filemon->msgbufr, + sizeof(filemon->msgbufr), "R %d %s%s\n", + curproc->p_pid, filemon->fname2, filemon->fname1); + filemon_output(filemon, filemon->msgbufr, len); + } + + + len = snprintf(filemon->msgbufr, + sizeof(filemon->msgbufr), "%c %d %s%s\n", + (uap->flag & O_ACCMODE) ? 'W':'R', + curproc->p_pid, filemon->fname2, filemon->fname1); + filemon_output(filemon, filemon->msgbufr, len); + + /* Unlock the found filemon structure. */ + filemon_filemon_unlock(filemon); + } + + /* Release the read lock. */ + filemon_unlock_read(); + } + + return (ret); +} + static int filemon_wrapper_rename(struct thread *td, struct rename_args *uap) { @@ -669,6 +731,7 @@ filemon_wrapper_install(void) sv_table[SYS_execve].sy_call = (sy_call_t *) filemon_wrapper_execve; sv_table[SYS_fork].sy_call = (sy_call_t *) filemon_wrapper_fork; sv_table[SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open; + sv_table[SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat; sv_table[SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename; sv_table[SYS_stat].sy_call = (sy_call_t *) filemon_wrapper_stat; sv_table[SYS_unlink].sy_call = (sy_call_t *) filemon_wrapper_unlink; @@ -687,6 +750,7 @@ filemon_wrapper_install(void) sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_execve; sv_table[FREEBSD32_SYS_fork].sy_call = (sy_call_t *) filemon_wrapper_fork; sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *) filemon_wrapper_open; + sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *) filemon_wrapper_openat; sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *) filemon_wrapper_rename; sv_table[FREEBSD32_SYS_freebsd32_stat].sy_call = (sy_call_t *) filemon_wrapper_freebsd32_stat; sv_table[FREEBSD32_SYS_unlink].sy_call = (sy_call_t *) filemon_wrapper_unlink; @@ -713,6 +777,7 @@ filemon_wrapper_deinstall(void) sv_table[SYS_execve].sy_call = (sy_call_t *)sys_execve; sv_table[SYS_fork].sy_call = (sy_call_t *)sys_fork; sv_table[SYS_open].sy_call = (sy_call_t *)sys_open; + sv_table[SYS_openat].sy_call = (sy_call_t *)sys_openat; sv_table[SYS_rename].sy_call = (sy_call_t *)sys_rename; sv_table[SYS_stat].sy_call = (sy_call_t *)sys_stat; sv_table[SYS_unlink].sy_call = (sy_call_t *)sys_unlink; @@ -731,6 +796,7 @@ filemon_wrapper_deinstall(void) sv_table[FREEBSD32_SYS_freebsd32_execve].sy_call = (sy_call_t *)freebsd32_execve; sv_table[FREEBSD32_SYS_fork].sy_call = (sy_call_t *)sys_fork; sv_table[FREEBSD32_SYS_open].sy_call = (sy_call_t *)sys_open; + sv_table[FREEBSD32_SYS_openat].sy_call = (sy_call_t *)sys_openat; sv_table[FREEBSD32_SYS_rename].sy_call = (sy_call_t *)sys_rename; sv_table[FREEBSD32_SYS_freebsd32_stat].sy_call = (sy_call_t *)freebsd32_stat; sv_table[FREEBSD32_SYS_unlink].sy_call = (sy_call_t *)sys_unlink;