Newer
Older
/*
Copyright 2018-2019, Barcelona Supercomputing Center (BSC), Spain
Copyright 2015-2019, Johannes Gutenberg Universitaet Mainz, Germany
This software was partially supported by the
EC H2020 funded project NEXTGenIO (Project ID: 671951, www.nextgenio.eu).
This software was partially supported by the
ADA-FS project under the SPPEXA project funded by the DFG.
SPDX-License-Identifier: MIT
*/
#include "client/intercept.hpp"
#include "client/preload.hpp"
#include "client/hooks.hpp"
#ifndef NDEBUG
#include "client/syscall_names.hpp"
#endif
#include <libsyscall_intercept_hook_point.h>
#include <syscall.h>
#include <errno.h>
#define NOT_HOOKED 1
#define HOOKED 0
#if 0
static void
log_write(const char *fmt, ...)
{
int log_fd = 2;
if (log_fd < 0)
return;
char buf[0x1000];
int len;
va_list ap;
va_start(ap, fmt);
len = vsnprintf(buf, sizeof(buf) - 1, fmt, ap);
va_end(ap);
if (len < 1)
return;
buf[len++] = '\n';
syscall_no_intercept(SYS_write, log_fd, buf, len);
}
#endif
static __thread bool reentrance_guard_flag;
/*
* hook_internal -- interception hook for internal syscalls
*
* This hook is basically used to keep track of file descriptors created
* internally by the library itself. This is important because some
* applications (e.g. ssh) may attempt to close all open file descriptors
* which would leave the library internals in an inconsistent state.
* We forward syscalls to the kernel but we keep track of any syscalls that may
* create or destroy a file descriptor so that we can mark them as 'internal'.
*/
static inline int
hook_internal(long syscall_number,
long arg0, long arg1, long arg2,
long arg3, long arg4, long arg5,
long *result)
{
switch (syscall_number) {
case SYS_open:
*result = syscall_no_intercept(syscall_number,
reinterpret_cast<char*>(arg0),
static_cast<int>(arg1),
static_cast<mode_t>(arg2));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_creat:
*result = syscall_no_intercept(syscall_number,
reinterpret_cast<const char*>(arg0),
O_WRONLY | O_CREAT | O_TRUNC,
static_cast<mode_t>(arg1));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_openat:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0),
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
static_cast<int>(arg2),
static_cast<mode_t>(arg3));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
// epoll_create and epoll_create1 have the same prototype
case SYS_epoll_create:
case SYS_epoll_create1:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_dup:
*result = syscall_no_intercept(syscall_number,
static_cast<unsigned int>(arg0));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_dup2:
*result = syscall_no_intercept(syscall_number,
static_cast<unsigned int>(arg0),
static_cast<unsigned int>(arg1));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_dup3:
*result = syscall_no_intercept(syscall_number,
static_cast<unsigned int>(arg0),
static_cast<unsigned int>(arg1),
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_inotify_init:
*result = syscall_no_intercept(syscall_number);
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_inotify_init1:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
case SYS_perf_event_open:
*result = syscall_no_intercept(syscall_number,
reinterpret_cast<struct perf_event_attr*>(arg0),
static_cast<pid_t>(arg1),
static_cast<int>(arg2),
static_cast<int>(arg3),
static_cast<unsigned long>(arg4));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_signalfd:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0),
reinterpret_cast<const sigset_t*>(arg1));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_signalfd4:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0),
reinterpret_cast<const sigset_t*>(arg1),
static_cast<int>(arg2));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_timerfd_create:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0),
static_cast<int>(arg1));
if(*result != -1) {
CTX->register_internal_fd(*result);
}
break;
case SYS_close:
*result = syscall_no_intercept(syscall_number,
static_cast<int>(arg0));
CTX->unregister_internal_fd(*result);
break;
default:
/*
* Ignore any other syscalls
* i.e.: pass them on to the kernel
* as would normally happen.
*/
#ifndef NDEBUG
CTX->log()->trace("Syscall [{}, {}] Passthrough",
syscall_names[syscall_number], syscall_number);
#endif
return NOT_HOOKED;
}
#ifndef NDEBUG
CTX->log()->trace("Syscall [{}, {}] Intercepted",
syscall_names[syscall_number], syscall_number);
#endif
#if 0
log_write("Internal syscall [%s, %d] = %d", syscall_names[syscall_number]);//, syscall_number, *result);
#endif
return HOOKED;
}
/*
* hook -- interception hook for application syscalls
*
* This hook is used to implement any application filesystem-related syscalls.
*/
static inline
int hook(long syscall_number,
long arg0, long arg1, long arg2,
long arg3, long arg4, long arg5,
long *result)
{
switch (syscall_number) {
case SYS_open:
*result = hook_openat(AT_FDCWD,
reinterpret_cast<char*>(arg0),
static_cast<int>(arg1),
case SYS_creat:
*result = hook_openat(AT_FDCWD,
reinterpret_cast<const char*>(arg0),
O_WRONLY | O_CREAT | O_TRUNC,
static_cast<mode_t>(arg1));
break;
case SYS_openat:
*result = hook_openat(static_cast<int>(arg0),
reinterpret_cast<const char*>(arg1),
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
static_cast<mode_t>(arg3));
break;
case SYS_close:
*result = hook_close(static_cast<int>(arg0));
break;
case SYS_stat:
*result = hook_stat(reinterpret_cast<char*>(arg0),
reinterpret_cast<struct stat*>(arg1));
break;
case SYS_lstat:
*result = hook_lstat(reinterpret_cast<char*>(arg0),
reinterpret_cast<struct stat*>(arg1));
break;
case SYS_fstat:
*result = hook_fstat(static_cast<int>(arg0),
reinterpret_cast<struct stat*>(arg1));
break;
case SYS_newfstatat:
*result = hook_fstatat(static_cast<int>(arg0),
reinterpret_cast<const char*>(arg1),
reinterpret_cast<struct stat *>(arg2),
static_cast<int>(arg3));
break;
case SYS_read:
*result = hook_read(static_cast<unsigned int>(arg0),
reinterpret_cast<void*>(arg1),
static_cast<size_t>(arg2));
break;
case SYS_pread64:
*result = hook_pread(static_cast<unsigned int>(arg0),
reinterpret_cast<char *>(arg1),
static_cast<size_t>(arg2),
static_cast<loff_t>(arg3));
break;
case SYS_pwrite64:
*result = hook_pwrite(static_cast<unsigned int>(arg0),
reinterpret_cast<const char *>(arg1),
static_cast<size_t>(arg2),
static_cast<loff_t>(arg3));
break;
case SYS_write:
*result = hook_write(static_cast<unsigned int>(arg0),
reinterpret_cast<const char *>(arg1),
static_cast<size_t>(arg2));
break;
case SYS_writev:
*result = hook_writev(static_cast<unsigned long>(arg0),
reinterpret_cast<const struct iovec *>(arg1),
static_cast<unsigned long>(arg2));
break;
case SYS_pwritev:
*result = hook_pwritev(static_cast<unsigned long>(arg0),
reinterpret_cast<const struct iovec *>(arg1),
static_cast<unsigned long>(arg2),
static_cast<unsigned long>(arg3),
static_cast<unsigned long>(arg4));
break;
case SYS_unlink:
*result = hook_unlinkat(AT_FDCWD,
reinterpret_cast<const char *>(arg0),
0);
break;
case SYS_unlinkat:
*result = hook_unlinkat(static_cast<int>(arg0),
reinterpret_cast<const char*>(arg1),
static_cast<int>(arg2));
break;
case SYS_rmdir:
*result = hook_unlinkat(AT_FDCWD,
reinterpret_cast<const char *>(arg0),
AT_REMOVEDIR);
break;
case SYS_symlink:
*result = hook_symlinkat(reinterpret_cast<const char *>(arg0),
AT_FDCWD,
reinterpret_cast<const char *>(arg1));
break;
case SYS_symlinkat:
*result = hook_symlinkat(reinterpret_cast<const char *>(arg0),
static_cast<int>(arg1),
reinterpret_cast<const char *>(arg2));
break;
case SYS_access:
*result = hook_access(reinterpret_cast<const char*>(arg0),
static_cast<int>(arg1));
break;
case SYS_faccessat:
*result = hook_faccessat(static_cast<int>(arg0),
reinterpret_cast<const char*>(arg1),
static_cast<int>(arg2));
break;
case SYS_lseek:
*result = hook_lseek(static_cast<unsigned int>(arg0),
static_cast<off_t>(arg1),
static_cast<unsigned int>(arg2));
break;
case SYS_truncate:
*result = hook_truncate(reinterpret_cast<const char*>(arg0),
static_cast<long>(arg1));
break;
case SYS_ftruncate:
*result = hook_ftruncate(static_cast<unsigned int>(arg0),
static_cast<unsigned long>(arg1));
break;
case SYS_dup:
*result = hook_dup(static_cast<unsigned int>(arg0));
break;
case SYS_dup2:
*result = hook_dup2(static_cast<unsigned int>(arg0),
static_cast<unsigned int>(arg1));
break;
case SYS_dup3:
*result = hook_dup3(static_cast<unsigned int>(arg0),
static_cast<unsigned int>(arg1),
static_cast<int>(arg2));
break;
case SYS_getdents:
*result = hook_getdents(static_cast<unsigned int>(arg0),
reinterpret_cast<struct linux_dirent *>(arg1),
static_cast<unsigned int>(arg2));
break;
case SYS_getdents64:
*result = hook_getdents64(static_cast<unsigned int>(arg0),
reinterpret_cast<struct linux_dirent64 *>(arg1),
static_cast<unsigned int>(arg2));
break;
case SYS_mkdirat:
*result = hook_mkdirat(static_cast<unsigned int>(arg0),
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
static_cast<mode_t>(arg2));
break;
case SYS_mkdir:
*result = hook_mkdirat(AT_FDCWD,
reinterpret_cast<const char *>(arg0),
static_cast<mode_t>(arg1));
break;
case SYS_chmod:
*result = hook_fchmodat(AT_FDCWD,
reinterpret_cast<char*>(arg0),
static_cast<mode_t>(arg1));
break;
case SYS_fchmod:
*result = hook_fchmod(static_cast<unsigned int>(arg0),
static_cast<mode_t>(arg1));
break;
case SYS_fchmodat:
*result = hook_fchmodat(static_cast<unsigned int>(arg0),
reinterpret_cast<char*>(arg1),
static_cast<mode_t>(arg2));
break;
case SYS_chdir:
*result = hook_chdir(reinterpret_cast<const char *>(arg0));
break;
case SYS_fchdir:
*result = hook_fchdir(static_cast<unsigned int>(arg0));
break;
case SYS_getcwd:
*result = hook_getcwd(reinterpret_cast<char *>(arg0),
static_cast<unsigned long>(arg1));
break;
case SYS_readlink:
*result = hook_readlinkat(AT_FDCWD,
reinterpret_cast<const char *>(arg0),
reinterpret_cast<char *>(arg1),
static_cast<int>(arg2));
break;
case SYS_readlinkat:
*result = hook_readlinkat(static_cast<int>(arg0),
reinterpret_cast<const char *>(arg1),
reinterpret_cast<char *>(arg2),
static_cast<int>(arg3));
break;
case SYS_fcntl:
*result = hook_fcntl(static_cast<unsigned int>(arg0),
static_cast<unsigned int>(arg1),
static_cast<unsigned long>(arg2));
break;
case SYS_rename:
*result = hook_renameat(AT_FDCWD,
reinterpret_cast<const char *>(arg0),
AT_FDCWD,
reinterpret_cast<const char *>(arg1),
0);
break;
case SYS_renameat:
*result = hook_renameat(static_cast<int>(arg0),
reinterpret_cast<const char *>(arg1),
static_cast<int>(arg2),
reinterpret_cast<const char *>(arg3),
0);
break;
case SYS_renameat2:
*result = hook_renameat(static_cast<int>(arg0),
reinterpret_cast<const char *>(arg1),
static_cast<int>(arg2),
reinterpret_cast<const char *>(arg3),
static_cast<unsigned int>(arg4));
break;
case SYS_fstatfs:
*result = hook_fstatfs(static_cast<unsigned int>(arg0),
reinterpret_cast<struct statfs *>(arg1));
break;
case SYS_statfs:
*result = hook_statfs(reinterpret_cast<const char *>(arg0),
reinterpret_cast<struct statfs *>(arg1));
break;
default:
/*
* Ignore any other syscalls
* i.e.: pass them on to the kernel
* as would normally happen.
*/
#ifndef NDEBUG
CTX->log()->trace("Syscall [{}, {}] Passthrough", syscall_names[syscall_number], syscall_number);
#endif
return NOT_HOOKED;
}
#ifndef NDEBUG
CTX->log()->trace("Syscall [{}, {}] Intercepted", syscall_names[syscall_number], syscall_number);
#endif
return HOOKED;
}
/*
* hook_guard_wrapper -- a wrapper which can notice reentrance.
*
* The reentrance_guard_flag flag allows the library to distinguish the hooking
* of its own syscalls. E.g. while handling an open() syscall,
* libgkfs_intercept might call fopen(), which in turn uses an open()
* syscall internally. This internally used open() syscall is once again
* forwarded to libgkfs_intercept, but using this flag we can notice this
* case of reentering itself.
*
* XXX This approach still contains a very significant bug, as libgkfs_intercept
* being called inside a signal handler might easily forward a mock fd to the
* kernel.
*/
int
hook_guard_wrapper(long syscall_number,
long arg0, long arg1, long arg2,
long arg3, long arg4, long arg5,
long *syscall_return_value)
{
assert(CTX->interception_enabled());
#if 0
log_write("syscall %s called from %s",
syscall_names[syscall_number],
reentrance_guard_flag ? "gkfs" : "client");
#endif
if (reentrance_guard_flag) {
int oerrno = errno;
is_hooked = hook_internal(syscall_number,
arg0, arg1, arg2, arg3, arg4, arg5,
syscall_return_value);
errno = oerrno;
return is_hooked;
}
reentrance_guard_flag = true;
int oerrno = errno;
is_hooked = hook(syscall_number,
arg0, arg1, arg2, arg3, arg4, arg5,
syscall_return_value);
errno = oerrno;
return is_hooked;
}
void start_interception() {
assert(CTX->interception_enabled());
#ifndef NDEBUG
CTX->log()->debug("Activating interception of syscalls");
#endif
// Set up the callback function pointer
intercept_hook_point = hook_guard_wrapper;
}
void stop_interception() {
assert(CTX->interception_enabled());
// Reset callback function pointer
intercept_hook_point = nullptr;
}