[dtrace-discuss] userland data
Gonzalo Siero
Gonzalo.Siero at Sun.COM
Mon Jan 22 02:55:01 PST 2007
Ashok Nair wrote:
> Hi,
>
> Have a question about one of the example I came across:
>
> syscall::open*:entry
> {
> self->path = arg0;
> }
>
> syscall::open*:return
> /self->path != NULL && (int)arg0 == -1 && errno == EACCES/
> {
> printf("UID %d perm denied to open %s\n", uid, copyinstr(self->path));
> self->path =0;
> }
>
> the reasoning for using copyinstr is to copy userland data to kernel space, but the data is referenced in the predicate without using copyinstr (or is that check for some pointer to the data)?
>
arg0 is a poiter to a char (string): const char *path. What you're doing
in predicate is asking if that pointer is NULL which is ok but if you
want to acces data poited to by that arg you need to copy it to
kerneland since dtrace runs in kernel.
> How to generally know if some piece of data lies in userland or not? Is the understanding that data for pointers to all system calls lies in userland space?
>
Yes. You can access arguments but if the function you're tracing is from
a process (even syscalls) and you want to use the contents an argument
which is a pointer you must copy it to kernel with copyin/copyinstr.
Cheers,
Gonzalo.
> Thanks
> Ashok
>
>
> This message posted from opensolaris.org
> _______________________________________________
> dtrace-discuss mailing list
> dtrace-discuss at opensolaris.org
More information about the dtrace-discuss
mailing list