1 /* 2 * operations to ktrace system call (op & 0x3) 3 */ 4 #define KTROP_SET 0 /* set traces */ 5 #define KTROP_CLEAR 1 /* clear traces */ 6 #define KTROP_CLEARFILE 2 /* stop all tracing to file */ 7 8 #define KTROP_INHERITFLAG 4 /* pass to children flag */ 9 10 /* 11 * ktrace record header 12 */ 13 struct ktr_header { 14 short ktr_type; /* trace record type */ 15 short ktr_len; /* length of buf */ 16 pid_t ktr_pid; /* process id */ 17 char ktr_comm[MAXCOMLEN+1]; /* command name */ 18 struct timeval ktr_time; /* timestamp */ 19 caddr_t ktr_buf; 20 }; 21 22 /* 23 * Test for kernel trace point 24 */ 25 #define KTRPOINT(p, type) ((p)->p_traceflag & (1<<(type))) 26 /* 27 * ktrace record types 28 */ 29 30 /* 31 * KTR_SYSCALL - system call record 32 */ 33 #define KTR_SYSCALL 0x1 34 struct ktr_syscall { 35 short ktr_code; /* syscall number */ 36 short ktr_narg; /* number of arguments */ 37 /* 38 * followed by ktr_narg ints 39 */ 40 }; 41 42 /* 43 * KTR_SYSRET - return from system call record 44 */ 45 #define KTR_SYSRET 0x2 46 struct ktr_sysret { 47 short ktr_code; 48 short ktr_eosys; 49 int ktr_error; 50 int ktr_retval; 51 }; 52 53 /* 54 * KTR_NAMEI - namei record 55 */ 56 #define KTR_NAMEI 0x3 57 /* record contains pathname */ 58 59 /* 60 * kernel trace facilities 61 */ 62 #define KTRFAC_SYSCALL (1<<KTR_SYSCALL) 63 #define KTRFAC_SYSRET (1<<KTR_SYSRET) 64 #define KTRFAC_NAMEI (1<<KTR_NAMEI) 65