tools/mountsnoop: Support fsopen(2), fsmount(2), fsconfig(2), move_mo…

[Rtoax]

…unt(2)

Since kernel 5.1, fsopen,fsmount,fsconfig,move_mount syscalls were introduced (see links [1][2][3][4]). Then the mountsnoop tracking mount system call is not enough. This submission adds support for the above syscalls.

A tracking example:

    $ sudo ./mountsnoop.py
    COMM             PID     TID     MNT_NS      CALL
    fsmount          12373   12373   4026531841  fsopen("ext4", 0x0) = 5
    fsmount          12373   12373   4026531841  fsconfig(5, FSCONFIG_SET_FLAG, "rw", "", 0) = 0
    fsmount          12373   12373   4026531841  fsconfig(5, FSCONFIG_SET_STRING, "source", "/dev/loop0", 0) = 0
    fsmount          12373   12373   4026531841  fsconfig(5, FSCONFIG_CMD_CREATE, "", "", 0) = 0
    fsmount          12373   12373   4026531841  fsmount(5, 0x0, MOUNT_ATTR_RDONLY) = 6
    fsmount          12373   12373   4026531841  move_mount(6, "", AT_FDCWD, "./tmp-dir/", MOVE_MOUNT_F_EMPTY_PATH) = 0
    fsmount          12373   12373   4026531841  umount("./tmp-dir/", 0x0) = 0

In the above test, the C program is more complicated, so I will not show it here, but a test example is given in the link [5].

[1] kernel commit 24dcb3d90a1f ("vfs: syscall: Add fsopen() to prepare for superblock creation") v5.1-rc1-5-g24dcb3d90a1f [2] kernel commit ecdab150fddb ("vfs: syscall: Add fsconfig() for configuring and managing a context") v5.1-rc1-7-gecdab150fddb [3] kernel commit 93766fbd2696 ("vfs: syscall: Add fsmount() to create a mount for a superblock") v5.1-rc1-8-g93766fbd2696 [4] kernel commit 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around") v5.1-rc1-2-g2db154b3ea8e [5] https://github.com/torvalds/linux/blob/master/samples/vfs/test-fsmount.c

[Rtoax]

Rebase to master