diff -ur strace-4.5.8/configure.ac strace-4.5.8X/configure.ac --- strace-4.5.8/configure.ac 2004-10-19 22:10:45.000000000 -0400 +++ strace-4.5.8X/configure.ac 2004-11-10 07:19:38.000000000 -0500 @@ -1,6 +1,6 @@ dnl Process this file with autoconf to create configure. Use autoreconf. AC_PREREQ(2.57) -AC_INIT([strace],[4.5.8]) +AC_INIT([strace],[4.5.8X]) AC_CONFIG_SRCDIR([strace.c]) AM_CONFIG_HEADER([config.h]) AM_INIT_AUTOMAKE([foreign check-news dist-bzip2]) @@ -192,6 +192,10 @@ AC_CHECK_LIB(nsl, main) fi +dnl See if Security-Enhanced Linux library is available. +AC_CHECK_HEADERS([selinux/selinux.h]) +AC_CHECK_LIB([selinux], [is_selinux_enabled]) + AC_CHECK_FUNCS(sigaction strerror strsignal pread sys_siglist _sys_siglist getdents mctl prctl sendmsg inet_ntop if_indextoname) AC_CHECK_HEADERS([sys/reg.h sys/filio.h sys/acl.h sys/asynch.h sys/door.h stropts.h sys/conf.h sys/stream.h sys/tihdr.h sys/tiuser.h sys/sysconfig.h ioctls.h sys/ioctl.h sys/ptrace.h termio.h linux/ptrace.h asm/reg.h sys/uio.h sys/aio.h poll.h sys/poll.h sys/vfs.h asm/sysmips.h linux/utsname.h sys/nscsys.h mqueue.h sys/epoll.h], [], []) AC_CHECK_HEADERS([linux/icmp.h linux/in6.h linux/netlink.h linux/if_packet.h], diff -ur strace-4.5.8/defs.h strace-4.5.8X/defs.h --- strace-4.5.8/defs.h 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/defs.h 2004-11-17 20:55:05.000000000 -0500 @@ -600,3 +600,45 @@ #endif extern int not_failing_only; + +/* Addition to support SELinux */ + +#if defined HAVE_SELINUX_SELINUX_H && defined HAVE_LIBSELINUX +#include +#define SELINUX +extern void selinux_printcon P(()); +extern void selinux_printpid P((long)); +extern void selinux_printprevcon P(()); +extern void selinux_printexeccon P(()); +extern void selinux_printfscreatecon P(()); +extern void selinux_printpath P((const char *)); +extern void selinux_printlpath P((const char *)); +extern void selinux_printdesc P((long, long)); +extern int selinux_enabled; +#endif + +/* Inlined printers */ + +inline static void +printdesc(long pid, long fd) +{ + tprintf("%ld", fd); +#if defined SELINUX + selinux_printdesc(pid, fd); +#endif +} + +inline static void +printpid(long pid) +{ + tprintf("%ld", pid); +#if defined SELINUX + selinux_printpid(pid); +#endif +} + +inline static void +printargsep() +{ + tprintf(", "); +} diff -ur strace-4.5.8/depcomp strace-4.5.8X/depcomp --- strace-4.5.8/depcomp 2004-08-31 04:19:37.000000000 -0400 +++ strace-4.5.8X/depcomp 2004-08-26 11:55:54.000000000 -0400 @@ -1,9 +1,7 @@ #! /bin/sh -# depcomp - compile a program generating dependencies as side-effects - -scriptversion=2003-11-08.23 -# Copyright (C) 1999, 2000, 2003 Free Software Foundation, Inc. +# depcomp - compile a program generating dependencies as side-effects +# Copyright 1999, 2000, 2003 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -27,36 +25,6 @@ # Originally written by Alexandre Oliva . -case $1 in - '') - echo "$0: No command. Try \`$0 --help' for more information." 1>&2 - exit 1; - ;; - -h | --h*) - cat <<\EOF -Usage: depcomp [--help] [--version] PROGRAM [ARGS] - -Run PROGRAMS ARGS to compile a file, generating dependencies -as side-effects. - -Environment variables: - depmode Dependency tracking mode. - source Source file read by `PROGRAMS ARGS'. - object Object file output by `PROGRAMS ARGS'. - depfile Dependency file to output. - tmpdepfile Temporary file to use when outputing dependencies. - libtool Whether libtool is used (yes/no). - -Report bugs to . -EOF - exit 0 - ;; - -v | --v*) - echo "depcomp $scriptversion" - exit 0 - ;; -esac - if test -z "$depmode" || test -z "$source" || test -z "$object"; then echo "depcomp: Variables source, object and depmode must be set" 1>&2 exit 1 @@ -509,12 +477,3 @@ esac exit 0 - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff -ur strace-4.5.8/desc.c strace-4.5.8X/desc.c --- strace-4.5.8/desc.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/desc.c 2004-11-17 20:55:05.000000000 -0500 @@ -270,7 +270,8 @@ extern const struct xlat openmodes[]; if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); printxval(fcntlcmds, tcp->u_arg[1], "F_???"); switch (tcp->u_arg[1]) { case F_SETFD: @@ -353,7 +354,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); if (!printflags(flockcmds, tcp->u_arg[1])) tprintf("LOCK_???"); } @@ -366,7 +368,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } return 0; } @@ -376,7 +378,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } return 0; } @@ -386,7 +388,9 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %ld", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + printdesc(tcp->pid, tcp->u_arg[1]); } return 0; } diff -ur strace-4.5.8/file.c strace-4.5.8X/file.c --- strace-4.5.8/file.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/file.c 2004-11-17 20:55:05.000000000 -0500 @@ -412,7 +412,8 @@ int _whence; if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); offset = tcp->u_arg[1]; _whence = tcp->u_arg[2]; if (_whence == SEEK_SET) @@ -436,12 +437,14 @@ * rather than one 64-bit argument for which LONG_LONG works * appropriate for the native byte order. */ - if (tcp->u_arg[4] == SEEK_SET) - tprintf("%ld, %llu, ", tcp->u_arg[0], + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + if (tcp->u_arg[4] == SEEK_SET) + tprintf("%llu, ", (((long long int) tcp->u_arg[1]) << 32 | (unsigned long long) (unsigned) tcp->u_arg[2])); else - tprintf("%ld, %lld, ", tcp->u_arg[0], + tprintf("%lld, ", (((long long int) tcp->u_arg[1]) << 32 | (unsigned long long) (unsigned) tcp->u_arg[2])); } @@ -461,7 +464,9 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %lld, %ld", tcp->u_arg[0], + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + tprintf("%lld, %ld", # if defined IA64 || defined X86_64 || defined ALPHA (long long int) tcp->u_arg[1], tcp->u_arg[2] # else @@ -480,12 +485,14 @@ { if (entering(tcp)) { long long offset; + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); ALIGN64 (tcp, 1); /* FreeBSD aligns off_t args */ offset = LONG_LONG(tcp->u_arg [1], tcp->u_arg[2]); if (tcp->u_arg[3] == SEEK_SET) - tprintf("%ld, %llu, ", tcp->u_arg[0], offset); + tprintf("%llu, ", offset); else - tprintf("%ld, %lld, ", tcp->u_arg[0], offset); + tprintf("%lld, ", offset); printxval(whence, tcp->u_arg[3], "SEEK_???"); } return RVAL_LUDECIMAL; @@ -525,7 +532,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %lu", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", %lu", tcp->u_arg[1]); } return 0; } @@ -538,7 +546,8 @@ { if (entering(tcp)) { ALIGN64 (tcp, 1); - tprintf("%ld, %llu", tcp->u_arg[0], + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", %llu", LONG_LONG(tcp->u_arg[1] ,tcp->u_arg[2])); } return 0; @@ -783,7 +792,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); if (tcp->u_arg[1]) printflags(fileflags, tcp->u_arg[1]); else @@ -1118,9 +1128,10 @@ sys_fstat(tcp) struct tcb *tcp; { - if (entering(tcp)) - tprintf("%ld, ", tcp->u_arg[0]); - else { + if (entering(tcp)) { + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + } else { printstat(tcp, tcp->u_arg[1]); } return 0; @@ -1132,9 +1143,10 @@ struct tcb *tcp; { #ifdef HAVE_STAT64 - if (entering(tcp)) - tprintf("%ld, ", tcp->u_arg[0]); - else { + if (entering(tcp)) { + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + } else { printstat64(tcp, tcp->u_arg[1]); } return 0; @@ -1148,9 +1160,10 @@ sys_oldfstat(tcp) struct tcb *tcp; { - if (entering(tcp)) - tprintf("%ld, ", tcp->u_arg[0]); - else { + if (entering(tcp)) { + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + } else { printoldstat(tcp, tcp->u_arg[1]); } return 0; @@ -1230,9 +1243,11 @@ sys_fxstat(tcp) struct tcb *tcp; { - if (entering(tcp)) - tprintf("%ld, %ld, ", tcp->u_arg[0], tcp->u_arg[1]); - else { + if (entering(tcp)) { + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + tprintf("%ld, ", tcp->u_arg[1]); + } else { #ifdef _STAT64_VER if (tcp->u_arg[0] == _STAT64_VER) printstat64 (tcp, tcp->u_arg[2]); @@ -1344,7 +1359,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printxval(aclcmds, tcp->u_arg[1], "???ACL???"); tprintf(", %ld", tcp->u_arg[2]); /* @@ -1521,7 +1537,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); } else { printstatfs(tcp, tcp->u_arg[1]); } @@ -1593,7 +1610,9 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu, %lu, ", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + tprintf("%lu, ", tcp->u_arg[1]); } else { if (tcp->u_arg[1] == sizeof (struct statfs64)) printstatfs64(tcp, tcp->u_arg[2]); @@ -1720,7 +1739,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } return 0; } @@ -1740,7 +1759,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } return 0; } @@ -1848,7 +1867,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %#lo", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", %#lo", tcp->u_arg[1]); } return 0; } @@ -1948,7 +1968,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } return 0; } @@ -1981,7 +2001,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else { if (syserror(tcp) || tcp->u_rval == 0 || !verbose(tcp)) tprintf("%#lx", tcp->u_arg[1]); @@ -2020,7 +2041,8 @@ char *buf; if (entering(tcp)) { - tprintf("%lu, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); return 0; } if (syserror(tcp) || !verbose(tcp)) { @@ -2389,7 +2411,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], -1); print_xattr_val(tcp, 0, tcp->u_arg[2], tcp->u_arg[3], tcp->u_arg[3]); tprintf(", "); @@ -2418,7 +2441,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], -1); } else { print_xattr_val(tcp, syserror(tcp), tcp->u_arg[2], tcp->u_arg[3], @@ -2445,7 +2469,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } else { /* XXX Print value in format */ tprintf(", %p, %lu", (void *) tcp->u_arg[1], tcp->u_arg[2]); @@ -2470,7 +2494,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], -1); } return 0; diff -ur strace-4.5.8/io.c strace-4.5.8X/io.c --- strace-4.5.8/io.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/io.c 2004-11-17 20:55:05.000000000 -0500 @@ -51,7 +51,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); } else { if (syserror(tcp)) tprintf("%#lx", tcp->u_arg[1]); @@ -67,7 +68,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); tprintf(", %lu", tcp->u_arg[2]); } @@ -117,7 +119,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); } else { if (syserror(tcp)) { tprintf("%#lx, %lu", @@ -135,7 +138,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); tprint_iov(tcp, tcp->u_arg[2], tcp->u_arg[1]); tprintf(", %lu", tcp->u_arg[2]); } @@ -150,7 +154,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); } else { if (syserror(tcp)) tprintf("%#lx", tcp->u_arg[1]); @@ -172,7 +177,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", "); printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); #if UNIXWARE /* off_t is signed int */ @@ -195,7 +201,10 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %ld, %llu, %lu", tcp->u_arg[0], tcp->u_arg[1], + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + printdesc(tcp->pid, tcp->u_arg[1]); + tprintf(", %llu, %lu", LONG_LONG(tcp->u_arg[2], tcp->u_arg[3]), tcp->u_arg[4]); } else { @@ -246,7 +255,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else { if (syserror(tcp)) tprintf("%#lx", tcp->u_arg[1]); @@ -264,7 +274,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); ALIGN64 (tcp, PREAD_OFFSET_ARG); /* PowerPC alignment restriction */ tprintf(", %lu, %llu", tcp->u_arg[2], @@ -280,7 +291,10 @@ if (entering(tcp)) { off_t offset; - tprintf("%ld, %ld, ", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + printdesc(tcp->pid, tcp->u_arg[1]); + printargsep(); if (!tcp->u_arg[2]) tprintf("NULL"); else if (umove(tcp, tcp->u_arg[2], &offset) < 0) @@ -299,7 +313,10 @@ if (entering(tcp)) { loff_t offset; - tprintf("%ld, %ld, ", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); + printdesc(tcp->pid, tcp->u_arg[1]); + printargsep(); if (!tcp->u_arg[2]) tprintf("NULL"); else if (umove(tcp, tcp->u_arg[2], &offset) < 0) @@ -319,7 +336,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else { ALIGN64 (tcp, 3); if (syserror(tcp)) @@ -338,7 +356,8 @@ { if (entering(tcp)) { ALIGN64 (tcp, 3); - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); tprintf(", %lu, %#llx", tcp->u_arg[2], LONG_LONG(tcp->u_arg[3], tcp->u_arg[4])); diff -ur strace-4.5.8/mem.c strace-4.5.8X/mem.c --- strace-4.5.8/mem.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/mem.c 2004-11-17 20:55:05.000000000 -0500 @@ -209,9 +209,10 @@ printflags(mmap_flags, u_arg[3]); #endif /* fd (is always int, not long) */ - tprintf(", %d, ", (int)u_arg[4]); + printargsep(); + printdesc(tcp->pid, u_arg[4]); /* offset */ - tprintf("%#lx", u_arg[5]); + tprintf(", %#lx", u_arg[5]); } return RVAL_HEX; } @@ -310,7 +311,8 @@ printflags(mmap_flags, u_arg[3]); #endif /* fd */ - tprintf(", %ld, ", u_arg[4]); + printdesc(tcp->pid, u_arg[4]); + printargsep(); /* offset */ tprintf("%#llx", LONG_LONG(u_arg[5], u_arg[6])); } diff -ur strace-4.5.8/net.c strace-4.5.8X/net.c --- strace-4.5.8/net.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/net.c 2004-11-17 20:55:05.000000000 -0500 @@ -1221,7 +1221,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printsock(tcp, tcp->u_arg[1], tcp->u_arg[2]); tprintf(", %lu", tcp->u_arg[2]); } @@ -1240,7 +1241,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %lu", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", %lu", tcp->u_arg[1]); } return 0; } @@ -1250,7 +1252,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else if (!tcp->u_arg[2]) tprintf("%#lx, NULL", tcp->u_arg[1]); else { @@ -1270,7 +1273,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); tprintf(", %lu, ", tcp->u_arg[2]); /* flags */ @@ -1285,7 +1289,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]); tprintf(", %lu, ", tcp->u_arg[2]); /* flags */ @@ -1307,7 +1312,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printmsghdr(tcp, tcp->u_arg[1]); /* flags */ tprintf(", "); @@ -1324,7 +1330,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else { if (syserror(tcp)) tprintf("%#lx", tcp->u_arg[1]); @@ -1345,7 +1352,8 @@ int fromlen; if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else { if (syserror(tcp)) { tprintf("%#lx, %lu, %lu, %#lx, %#lx", @@ -1391,7 +1399,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); } else { if (syserror(tcp) || !verbose(tcp)) tprintf("%#lx", tcp->u_arg[1]); @@ -1412,7 +1421,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %ld", tcp->u_arg[0], tcp->u_arg[1]); + printdesc(tcp->pid, tcp->u_arg[0]); + tprintf(", %ld", tcp->u_arg[1]); switch (tcp->u_arg[1]) { case 0: tprintf("%s", " /* receive */"); @@ -1457,8 +1467,13 @@ } if (umoven(tcp, tcp->u_arg[0], sizeof fds, (char *) fds) < 0) tprintf("[...]"); - else - tprintf("[%u, %u]", fds[0], fds[1]); + else { + tprintf("["); + printdesc(tcp->pid, fds[0]); + printargsep(); + printdesc(tcp->pid, fds[1]); + tprintf("]"); + } } #elif defined(SPARC) || defined(SPARC64) || defined(SH) || defined(SVR4) || defined(FREEBSD) || defined(IA64) if (exiting(tcp)) @@ -1519,7 +1534,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printxval(socketlayers, tcp->u_arg[1], "SOL_???"); tprintf (", "); switch (tcp->u_arg[1]) { @@ -1762,7 +1778,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printsockopt (tcp, tcp->u_arg[1], tcp->u_arg[2], tcp->u_arg[3], tcp->u_arg[4]); tprintf(", %lu", tcp->u_arg[4]); diff -ur strace-4.5.8/process.c strace-4.5.8X/process.c --- strace-4.5.8/process.c 2004-11-17 20:55:05.000000000 -0500 +++ strace-4.5.8X/process.c 2004-11-17 20:55:05.000000000 -0500 @@ -1394,7 +1394,7 @@ { if (entering(tcp)) { #ifndef SVR4 - tprintf("%lu", tcp->u_arg[0]); + printpid(tcp->u_arg[0]); #endif /* !SVR4 */ } return 0; @@ -1405,7 +1405,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu", tcp->u_arg[0]); + printpid(tcp->u_arg[0]); } return 0; } @@ -1422,7 +1422,7 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); } return 0; } @@ -1432,7 +1432,9 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu, %lu", tcp->u_arg[0], tcp->u_arg[1]); + printpid(tcp->u_arg[0]); + printargsep(); + printpid(tcp->u_arg[1]); } return 0; } @@ -1594,6 +1596,9 @@ printleader(tcp); tprintf("execve("); string_quote(program); +#if defined SELINUX + selinux_printpath(program); +#endif tprintf(", ["); for (i = 0; argv[i] != NULL; i++) { if (i != 0) @@ -1840,7 +1845,8 @@ int exited = 0; if (entering(tcp)) { - tprintf("%ld, ", tcp->u_arg[0]); + printpid(tcp->u_arg[0]); + tprintf(", "); } else { /* status */ if (!tcp->u_arg[1]) @@ -2922,7 +2928,9 @@ "PT_???" #endif ); - tprintf(", %lu, ", tcp->u_arg[1]); + printargsep(); + printpid(tcp->u_arg[1]); + tprintf(", "); addr = tcp->u_arg[2]; #ifndef FREEBSD if (tcp->u_arg[0] == PTRACE_PEEKUSER diff -ur strace-4.5.8/signal.c strace-4.5.8X/signal.c --- strace-4.5.8/signal.c 2004-11-17 20:55:05.000000000 -0500 +++ strace-4.5.8X/signal.c 2004-11-17 20:55:05.000000000 -0500 @@ -1697,7 +1697,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%ld, %s", tcp->u_arg[0], signame(tcp->u_arg[1])); + printpid(tcp->u_arg[0]); + tprintf(", %s", signame(tcp->u_arg[1])); } return 0; } diff -ur strace-4.5.8/strace.c strace-4.5.8X/strace.c --- strace-4.5.8/strace.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/strace.c 2004-11-17 20:55:05.000000000 -0500 @@ -160,6 +160,7 @@ -u username -- run command as username handling setuid and/or setgid\n\ -E var=val -- put var=val in the environment for command\n\ -E var -- remove var from the environment for command\n\ +-X -- print SELinux specific information when possible\n\ " /* this is broken, so don't document it -z -- print only succeeding syscalls\n\ */ @@ -176,6 +177,10 @@ #endif /* MIPS */ #endif /* SVR4 */ +#if defined SELINUX +int selinux_enabled= 0; +#endif + int main(argc, argv) int argc; @@ -206,7 +211,7 @@ set_sortby(DEFAULT_SORTBY); set_personality(DEFAULT_PERSONALITY); while ((c = getopt(argc, argv, - "+cdfFhiqrtTvVxza:e:o:O:p:s:S:u:E:")) != EOF) { + "+cdfFhiqrtTvVxXza:e:o:O:p:s:S:u:E:")) != EOF) { switch (c) { case 'c': cflag++; @@ -299,6 +304,14 @@ exit(1); } break; + case 'X': +#if defined SELINUX + selinux_enabled = is_selinux_enabled(); + break; +#else + fprintf(stderr, "SELinux support not available\n"); + exit(1); +#endif default: usage(stderr, 1); break; @@ -2398,6 +2411,9 @@ printtrailer(tcp) struct tcb *tcp; { +#if defined SELINUX + selinux_printpid(tcp->pid); +#endif tprintf("\n"); tcp_last = NULL; } diff -ur strace-4.5.8/system.c strace-4.5.8X/system.c --- strace-4.5.8/system.c 2004-11-17 20:55:05.000000000 -0500 +++ strace-4.5.8X/system.c 2004-11-17 20:55:05.000000000 -0500 @@ -598,7 +598,8 @@ struct tcb *tcp; { if (entering(tcp)) { - tprintf("%lu, ", tcp->u_arg[0]); + printdesc(tcp->pid, tcp->u_arg[0]); + printargsep(); printxval(pathconflimits, tcp->u_arg[1], "_PC_???"); } return 0; diff -ur strace-4.5.8/util.c strace-4.5.8X/util.c --- strace-4.5.8/util.c 2004-11-17 20:55:04.000000000 -0500 +++ strace-4.5.8X/util.c 2004-11-17 20:55:05.000000000 -0500 @@ -374,8 +374,12 @@ { if (umovestr(tcp, addr, MAXPATHLEN, path) < 0) tprintf("%#lx", addr); - else + else { string_quote(path); +#if defined SELINUX + selinux_printpath(path); +#endif + } return; } @@ -390,6 +394,9 @@ else { path[n] = '\0'; string_quote(path); +#if defined SELINUX + selinux_printpath(path); +#endif } } @@ -2040,3 +2047,80 @@ } #endif /* SUNOS4 */ + +/* Additions to support SELinux */ + +#if defined SELINUX + +static void +showcon(security_context_t *con, int rc) +{ + if (rc < 0) + tprintf(" <<\?\?\?>>"); + else { + tprintf(" <<%s>>", *con); + freecon(*con); + } +} + +void selinux_printpid(long pid) +{ + if (selinux_enabled && pid >= 0) { + security_context_t con; + showcon(&con, getpidcon((pid_t)pid, &con)); + } +} + +void selinux_printprevcon() +{ + if (selinux_enabled) { + security_context_t con; + showcon(&con, getprevcon(&con)); + } +} + +void selinux_printexeccon() +{ + if (selinux_enabled) { + security_context_t con; + showcon(&con, getexeccon(&con)); + } +} + +void selinux_printfscreatecon() +{ + if (selinux_enabled) { + security_context_t con; + showcon(&con, getfscreatecon(&con)); + } +} + +void selinux_printpath(const char *path) +{ + if (selinux_enabled) { + security_context_t con; + showcon(&con, getfilecon(path, &con)); + } +} + +void selinux_printlpath(const char *path) +{ + if (selinux_enabled) { + security_context_t con; + showcon(&con, lgetfilecon(path, &con)); + } +} + +void selinux_printdesc(long pid, long desc) +{ +#if defined LINUX + if (selinux_enabled && desc >= 0) { + security_context_t con; + char path[MAXPATHLEN]; + sprintf(path, "/proc/%ld/fd/%ld", pid, desc); + showcon(&con, getfilecon(path, &con)); + } +#endif +} + +#endif --- strace-4.5.8/configure 2004-10-20 05:11:05.000000000 +0300 +++ strace-4.5.8X/configure 2004-11-18 21:24:43.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for strace 4.5.8. +# Generated by GNU Autoconf 2.59 for strace 4.5.8X. # # Copyright (C) 2003 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation @@ -267,8 +267,8 @@ # Identity of this package. PACKAGE_NAME='strace' PACKAGE_TARNAME='strace' -PACKAGE_VERSION='4.5.8' -PACKAGE_STRING='strace 4.5.8' +PACKAGE_VERSION='4.5.8X' +PACKAGE_STRING='strace 4.5.8X' PACKAGE_BUGREPORT='' ac_unique_file="strace.c" @@ -778,7 +778,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures strace 4.5.8 to adapt to many kinds of systems. +\`configure' configures strace 4.5.8X to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -844,7 +844,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of strace 4.5.8:";; + short | recursive ) echo "Configuration of strace 4.5.8X:";; esac cat <<\_ACEOF @@ -963,7 +963,7 @@ test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -strace configure 4.5.8 +strace configure 4.5.8X generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. @@ -977,7 +977,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by strace $as_me 4.5.8, which was +It was created by strace $as_me 4.5.8X, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -1615,7 +1615,7 @@ # Define the identity of the package. PACKAGE='strace' - VERSION='4.5.8' + VERSION='4.5.8X' cat >>confdefs.h <<_ACEOF @@ -6616,6 +6616,231 @@ fi +for ac_header in selinux/selinux.h +do +as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 +else + # Is the header compilable? +echo "$as_me:$LINENO: checking $ac_header usability" >&5 +echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +$ac_includes_default +#include <$ac_header> +_ACEOF +rm -f conftest.$ac_objext +if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + (eval $ac_compile) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest.$ac_objext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_header_compiler=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_header_compiler=no +fi +rm -f conftest.err conftest.$ac_objext conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 +echo "${ECHO_T}$ac_header_compiler" >&6 + +# Is the header present? +echo "$as_me:$LINENO: checking $ac_header presence" >&5 +echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include <$ac_header> +_ACEOF +if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 + (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } >/dev/null; then + if test -s conftest.err; then + ac_cpp_err=$ac_c_preproc_warn_flag + ac_cpp_err=$ac_cpp_err$ac_c_werror_flag + else + ac_cpp_err= + fi +else + ac_cpp_err=yes +fi +if test -z "$ac_cpp_err"; then + ac_header_preproc=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_header_preproc=no +fi +rm -f conftest.err conftest.$ac_ext +echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 +echo "${ECHO_T}$ac_header_preproc" >&6 + +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in + yes:no: ) + { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 +echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} + ac_header_preproc=yes + ;; + no:yes:* ) + { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 +echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 +echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 +echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 +echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 +echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} + { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 +echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} + ( + cat <<\_ASBOX +## --------------------------------- ## +## Report this to the strace lists. ## +## --------------------------------- ## +_ASBOX + ) | + sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac +echo "$as_me:$LINENO: checking for $ac_header" >&5 +echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 +if eval "test \"\${$as_ac_Header+set}\" = set"; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + eval "$as_ac_Header=\$ac_header_preproc" +fi +echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 +echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 + +fi +if test `eval echo '${'$as_ac_Header'}'` = yes; then + cat >>confdefs.h <<_ACEOF +#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +echo "$as_me:$LINENO: checking for is_selinux_enabled in -lselinux" >&5 +echo $ECHO_N "checking for is_selinux_enabled in -lselinux... $ECHO_C" >&6 +if test "${ac_cv_lib_selinux_is_selinux_enabled+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lselinux $LIBS" +cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ + +/* Override any gcc2 internal prototype to avoid an error. */ +#ifdef __cplusplus +extern "C" +#endif +/* We use char because int might match the return type of a gcc2 + builtin and then its argument prototype would still apply. */ +char is_selinux_enabled (); +int +main () +{ +is_selinux_enabled (); + ; + return 0; +} +_ACEOF +rm -f conftest.$ac_objext conftest$ac_exeext +if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + (eval $ac_link) 2>conftest.er1 + ac_status=$? + grep -v '^ *+' conftest.er1 >conftest.err + rm -f conftest.er1 + cat conftest.err >&5 + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && + { ac_try='test -z "$ac_c_werror_flag" + || test ! -s conftest.err' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; } && + { ac_try='test -s conftest$ac_exeext' + { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 + (eval $ac_try) 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); }; }; then + ac_cv_lib_selinux_is_selinux_enabled=yes +else + echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +ac_cv_lib_selinux_is_selinux_enabled=no +fi +rm -f conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +echo "$as_me:$LINENO: result: $ac_cv_lib_selinux_is_selinux_enabled" >&5 +echo "${ECHO_T}$ac_cv_lib_selinux_is_selinux_enabled" >&6 +if test $ac_cv_lib_selinux_is_selinux_enabled = yes; then + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBSELINUX 1 +_ACEOF + + LIBS="-lselinux $LIBS" + +fi + + + @@ -8660,7 +8885,7 @@ } >&5 cat >&5 <<_CSEOF -This file was extended by strace $as_me 4.5.8, which was +This file was extended by strace $as_me 4.5.8X, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -8723,7 +8948,7 @@ cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -strace config.status 4.5.8 +strace config.status 4.5.8X configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" --- strace-4.5.8/config.h.in 2004-10-20 05:11:17.000000000 +0300 +++ strace-4.5.8-x/config.h.in 2004-11-20 22:23:17.863010856 +0200 @@ -56,6 +56,9 @@ /* Define to 1 if you have the `nsl' library (-lnsl). */ #undef HAVE_LIBNSL +/* Define to 1 if you have the `selinux' library (-lselinux). */ +#undef HAVE_LIBSELINUX + /* Define to 1 if you have the header file. */ #undef HAVE_LINUX_ICMP_H @@ -125,6 +128,9 @@ */ #undef HAVE_PR_SYSCALL +/* Define to 1 if you have the header file. */ +#undef HAVE_SELINUX_SELINUX_H + /* Define to 1 if you have the `sendmsg' function. */ #undef HAVE_SENDMSG