logo

mstrace

Small Linux strace(1) implementationgit clone https://anongit.hacktivis.me/git/mstrace.git/

mstrace.c (4114B)

    

  1. // SPDX-FileCopyrightText: 2024 Haelwenn (lanodan) Monnier <contact+mstrace@hacktivis.me>
  2. // SPDX-License-Identifier: MPL-2.0
  4. #define _DEFAULT_SOURCE
  6. #include "mstrace.h"
  8. #include <errno.h>
  9. #include <inttypes.h>     // PRIu64
  10. #include <linux/ptrace.h> // ptrace_syscall_info, __u64
  11. #include <stdbool.h>
  12. #include <stdio.h>       // fprintf
  13. #include <string.h>      // strerror
  14. #include <sys/ptrace.h>  // ptrace()
  15. #include <sys/syscall.h> // SYS_*
  16. #include <sys/wait.h>
  17. #include <unistd.h> // getpid, fork, execvp
  19. extern void print_syscall_entry(__u64 nr, __u64 args[6]);
  20. extern void print_syscall_exit(__u64 nr, __u64 args[6]);
  22. pid_t child = -1;
  23. FILE *out;
  25. static int
  26. wait_for_syscall(int *status)
  27. {
  28. 	while(1)
  29. 	{
  30. 		ptrace(PTRACE_SYSCALL, child, 0, 0);
  31. 		waitpid(child, status, 0);
  33. 		if(WIFSTOPPED(*status) && WSTOPSIG(*status) & 0x80) return 0;
  35. 		if(WIFEXITED(*status)) return 1;
  36. 	}
  37. }
  39. static void
  40. usage()
  41. {
  42. 	fputs("Usage: mstrace [-o output] <command> [args...]\n", stderr);
  43. }
  45. int
  46. main(int argc, char *argv[])
  47. {
  48. 	char *outname = NULL;
  49. 	out = stderr;
  51. 	for(int c = -1; (c = getopt(argc, argv, ":o:")) != -1;)
  52. 	{
  53. 		switch(c)
  54. 		{
  55. 		case 'o':
  56. 			if(outname)
  57. 			{
  58. 				fprintf(stderr, "mstrace: error: Multiple -o options unsupported\n");
  59. 				usage();
  60. 				return 1;
  61. 			}
  62. 			outname = optarg;
  63. 			break;
  64. 		case ':':
  65. 			fprintf(stderr, "mstrace: error: Missing operand for option: '-%c'\n", optopt);
  66. 			usage();
  67. 			return 1;
  68. 		case '?':
  69. 			fprintf(stderr, "mstrace: error: Unknown option '-%c'\n", optopt);
  70. 			usage();
  71. 			return 1;
  72. 		}
  73. 	}
  75. 	argc -= optind;
  76. 	argv += optind;
  78. 	if(argc < 1)
  79. 	{
  80. 		usage();
  81. 		return 1;
  82. 	}
  84. 	if(outname)
  85. 	{
  86. 		out = fopen(outname, "wb");
  87. 		if(!out)
  88. 		{
  89. 			fprintf(stderr, "mstrace: error: Failed opening file \"%s\": %s\n", outname, strerror(errno));
  90. 			return 1;
  91. 		}
  92. 	}
  94. 	child = fork();
  95. 	if(child < 0)
  96. 	{
  97. 		fprintf(stderr, "mstrace: error: Failed creating child process: %s\n", strerror(errno));
  98. 		return 1;
  99. 	}
  100. 	else if(child == 0)
  101. 	{
  102. 		errno = 0;
  103. 		int ret = ptrace(PTRACE_TRACEME);
  104. 		if(ret < 0 && errno != 0)
  105. 		{
  106. 			fprintf(stderr, "mstrace: error: Failed ptrace(PTRACE_TRACEME): %s\n", strerror(errno));
  107. 			return 1;
  108. 		}
  110. 		if(kill(getpid(), SIGSTOP) < 0)
  111. 		{
  112. 			fprintf(stderr, "mstrace: error: Failed stopping parent: %s\n", strerror(errno));
  113. 			return 1;
  114. 		}
  116. 		execvp(argv[0], argv);
  118. 		return 1;
  119. 	}
  121. 	struct
  122. 	{
  123. 		__u64 nr;
  124. 		__u64 args[6];
  125. 	} entry;
  127. 	entry.nr = 0;
  129. 	int status;
  130. 	waitpid(child, &status, 0);
  131. 	ptrace(PTRACE_SETOPTIONS, child, 0, PTRACE_O_TRACESYSGOOD);
  132. 	while(1)
  133. 	{
  134. 		if(wait_for_syscall(&status) != 0) break;
  136. 		struct ptrace_syscall_info syscall_info;
  137. 		long ret =
  138. 		    ptrace(PTRACE_GET_SYSCALL_INFO, child, sizeof(struct ptrace_syscall_info), &syscall_info);
  139. 		if(ret < 0)
  140. 		{
  141. 			fprintf(
  142. 			    stderr,
  143. 			    "mstrace: error: Failed getting syscall information via PTRACE_GET_SYSCALL_INFO: %s\n",
  144. 			    strerror(errno));
  145. 			continue;
  146. 		}
  148. 		switch(syscall_info.op)
  149. 		{
  150. 		case PTRACE_SYSCALL_INFO_ENTRY:
  151. 			entry.nr = syscall_info.entry.nr;
  152. 			for(int i = 0; i < 6; i++)
  153. 				entry.args[i] = syscall_info.entry.args[i];
  155. 			print_syscall_entry(entry.nr, entry.args);
  156. 			break;
  157. 		case PTRACE_SYSCALL_INFO_EXIT:
  158. 			if(entry.nr != SYS_execve) print_syscall_exit(entry.nr, entry.args);
  160. 			if(syscall_info.exit.is_error)
  161. 			{
  162. 				fprintf(out,
  163. 				        " = (errno: %" PRIi64 ") %s\n",
  164. 				        (int64_t)(-syscall_info.exit.rval),
  165. 				        strerror(-syscall_info.exit.rval));
  166. 			}
  167. 			else
  168. 			{
  169. 				fprintf(out, " = %" PRIi64 "\n", (int64_t)syscall_info.exit.rval);
  170. 			}
  171. 			entry.nr = 0;
  172. 			break;
  173. 		case PTRACE_SYSCALL_INFO_SECCOMP:
  174. 			print_syscall_exit(syscall_info.seccomp.nr, syscall_info.seccomp.args);
  176. 			// TODO: Check how strace manages this
  177. 			fprintf(out, " [seccomp_ret = %" PRIu32 "]", syscall_info.seccomp.ret_data);
  178. 			break;
  179. 		case PTRACE_SYSCALL_INFO_NONE:
  180. 			fprintf(out, "[syscall-info] none\n");
  181. 			break;
  182. 		}
  183. 	}
  185. 	if(entry.nr != 0) print_syscall_exit(entry.nr, entry.args);
  187. 	if(WIFEXITED(status))
  188. 	{
  189. 		fprintf(out, "+++ exited with %d +++\n", WEXITSTATUS(status));
  190. 		return WEXITSTATUS(status);
  191. 	}
  193. 	fflush(out);
  195. 	return 0;
  196. }