[LEDE-DEV,procd,05/17] utrace: Sort syscalls by number of invocations

Message ID 20170912111250.31576-8-sojkam1@fel.cvut.cz
State Accepted
Headers show
Series
  • [LEDE-DEV,procd,01/17] utrace: Fix environment initialization
Related show

Commit Message

Michal Sojka Sept. 12, 2017, 11:12 a.m.
seccomp and service jailing announce email [1] mentioned that "utrace
tool will sort the syscalls by the number of invocations". The code
did not do that until this commit.

[1] https://lists.openwrt.org/pipermail/openwrt-devel/2015-March/032197.html

Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
---
 trace/trace.c | 32 ++++++++++++++++++++++++++------
 1 file changed, 26 insertions(+), 6 deletions(-)

Patch

diff --git a/trace/trace.c b/trace/trace.c
index 65fe067..35bc548 100644
--- a/trace/trace.c
+++ b/trace/trace.c
@@ -77,6 +77,16 @@  static void set_syscall(const char *name, int val)
 		}
 }
 
+struct syscall {
+	int syscall;
+	int count;
+};
+
+static int cmp_count(const void *a, const void *b)
+{
+	return ((struct syscall*)b)->count - ((struct syscall*)a)->count;
+}
+
 static void print_syscalls(int policy, const char *json)
 {
 	void *c;
@@ -88,19 +98,29 @@  static void print_syscalls(int policy, const char *json)
 	set_syscall("exit_group", 1);
 	set_syscall("exit", 1);
 
+	struct syscall sorted[ARRAY_SIZE(syscall_names)];
+
+	for (i = 0; i < ARRAY_SIZE(syscall_names); i++) {
+		sorted[i].syscall = i;
+		sorted[i].count = syscall_count[i];
+	}
+
+	qsort(sorted, ARRAY_SIZE(syscall_names), sizeof(sorted[0]), cmp_count);
+
 	blob_buf_init(&b, 0);
 	c = blobmsg_open_array(&b, "whitelist");
 
 	for (i = 0; i < ARRAY_SIZE(syscall_names); i++) {
-		if (!syscall_count[i])
-			continue;
-		if (syscall_names[i]) {
+		int sc = sorted[i].syscall;
+		if (!sorted[i].count)
+			break;
+		if (syscall_names[sc]) {
 			if (debug)
 				printf("syscall %d (%s) was called %d times\n",
-					i, syscall_names[i], syscall_count[i]);
-			blobmsg_add_string(&b, NULL, syscall_names[i]);
+					sc, syscall_names[sc], sorted[i].count);
+			blobmsg_add_string(&b, NULL, syscall_names[sc]);
 		} else {
-			ERROR("no name found for syscall(%d)\n", i);
+			ERROR("no name found for syscall(%d)\n", sc);
 		}
 	}
 	blobmsg_close_array(&b, c);