| kprobe_example.c (e82a82c19f4272ea5437cc76e5711b98e2ee6223) | kprobe_example.c (e708c1488bca54b901c4c3e73462ab2decdb8209) |
|---|---|
| 1/* 2 * NOTE: This example is works on x86 and powerpc. 3 * Here's a sample kernel module showing the use of kprobes to dump a 4 * stack trace and selected registers when _do_fork() is called. 5 * 6 * For more information on theory of operation of kprobes, see 7 * Documentation/kprobes.txt 8 * --- 13 unchanged lines hidden (view full) --- 22static struct kprobe kp = { 23 .symbol_name = symbol, 24}; 25 26/* kprobe pre_handler: called just before the probed instruction is executed */ 27static int handler_pre(struct kprobe *p, struct pt_regs *regs) 28{ 29#ifdef CONFIG_X86 | 1/* 2 * NOTE: This example is works on x86 and powerpc. 3 * Here's a sample kernel module showing the use of kprobes to dump a 4 * stack trace and selected registers when _do_fork() is called. 5 * 6 * For more information on theory of operation of kprobes, see 7 * Documentation/kprobes.txt 8 * --- 13 unchanged lines hidden (view full) --- 22static struct kprobe kp = { 23 .symbol_name = symbol, 24}; 25 26/* kprobe pre_handler: called just before the probed instruction is executed */ 27static int handler_pre(struct kprobe *p, struct pt_regs *regs) 28{ 29#ifdef CONFIG_X86 |
| 30 printk(KERN_INFO "<%s> pre_handler: p->addr = 0x%p, ip = %lx," 31 " flags = 0x%lx\n", | 30 pr_info("<%s> pre_handler: p->addr = 0x%p, ip = %lx, flags = 0x%lx\n", |
| 32 p->symbol_name, p->addr, regs->ip, regs->flags); 33#endif 34#ifdef CONFIG_PPC | 31 p->symbol_name, p->addr, regs->ip, regs->flags); 32#endif 33#ifdef CONFIG_PPC |
| 35 printk(KERN_INFO "<%s> pre_handler: p->addr = 0x%p, nip = 0x%lx," 36 " msr = 0x%lx\n", | 34 pr_info("<%s> pre_handler: p->addr = 0x%p, nip = 0x%lx, msr = 0x%lx\n", |
| 37 p->symbol_name, p->addr, regs->nip, regs->msr); 38#endif 39#ifdef CONFIG_MIPS | 35 p->symbol_name, p->addr, regs->nip, regs->msr); 36#endif 37#ifdef CONFIG_MIPS |
| 40 printk(KERN_INFO "<%s> pre_handler: p->addr = 0x%p, epc = 0x%lx," 41 " status = 0x%lx\n", | 38 pr_info("<%s> pre_handler: p->addr = 0x%p, epc = 0x%lx, status = 0x%lx\n", |
| 42 p->symbol_name, p->addr, regs->cp0_epc, regs->cp0_status); 43#endif 44#ifdef CONFIG_TILEGX | 39 p->symbol_name, p->addr, regs->cp0_epc, regs->cp0_status); 40#endif 41#ifdef CONFIG_TILEGX |
| 45 printk(KERN_INFO "<%s> pre_handler: p->addr = 0x%p, pc = 0x%lx," 46 " ex1 = 0x%lx\n", | 42 pr_info("<%s> pre_handler: p->addr = 0x%p, pc = 0x%lx, ex1 = 0x%lx\n", |
| 47 p->symbol_name, p->addr, regs->pc, regs->ex1); 48#endif | 43 p->symbol_name, p->addr, regs->pc, regs->ex1); 44#endif |
| 45#ifdef CONFIG_ARM64 46 pr_info("<%s> pre_handler: p->addr = 0x%p, pc = 0x%lx," 47 " pstate = 0x%lx\n", 48 p->symbol_name, p->addr, (long)regs->pc, (long)regs->pstate); 49#endif |
|
| 49 50 /* A dump_stack() here will give a stack backtrace */ 51 return 0; 52} 53 54/* kprobe post_handler: called after the probed instruction is executed */ 55static void handler_post(struct kprobe *p, struct pt_regs *regs, 56 unsigned long flags) 57{ 58#ifdef CONFIG_X86 | 50 51 /* A dump_stack() here will give a stack backtrace */ 52 return 0; 53} 54 55/* kprobe post_handler: called after the probed instruction is executed */ 56static void handler_post(struct kprobe *p, struct pt_regs *regs, 57 unsigned long flags) 58{ 59#ifdef CONFIG_X86 |
| 59 printk(KERN_INFO "<%s> post_handler: p->addr = 0x%p, flags = 0x%lx\n", | 60 pr_info("<%s> post_handler: p->addr = 0x%p, flags = 0x%lx\n", |
| 60 p->symbol_name, p->addr, regs->flags); 61#endif 62#ifdef CONFIG_PPC | 61 p->symbol_name, p->addr, regs->flags); 62#endif 63#ifdef CONFIG_PPC |
| 63 printk(KERN_INFO "<%s> post_handler: p->addr = 0x%p, msr = 0x%lx\n", | 64 pr_info("<%s> post_handler: p->addr = 0x%p, msr = 0x%lx\n", |
| 64 p->symbol_name, p->addr, regs->msr); 65#endif 66#ifdef CONFIG_MIPS | 65 p->symbol_name, p->addr, regs->msr); 66#endif 67#ifdef CONFIG_MIPS |
| 67 printk(KERN_INFO "<%s> post_handler: p->addr = 0x%p, status = 0x%lx\n", | 68 pr_info("<%s> post_handler: p->addr = 0x%p, status = 0x%lx\n", |
| 68 p->symbol_name, p->addr, regs->cp0_status); 69#endif 70#ifdef CONFIG_TILEGX | 69 p->symbol_name, p->addr, regs->cp0_status); 70#endif 71#ifdef CONFIG_TILEGX |
| 71 printk(KERN_INFO "<%s> post_handler: p->addr = 0x%p, ex1 = 0x%lx\n", | 72 pr_info("<%s> post_handler: p->addr = 0x%p, ex1 = 0x%lx\n", |
| 72 p->symbol_name, p->addr, regs->ex1); 73#endif | 73 p->symbol_name, p->addr, regs->ex1); 74#endif |
| 75#ifdef CONFIG_ARM64 76 pr_info("<%s> post_handler: p->addr = 0x%p, pstate = 0x%lx\n", 77 p->symbol_name, p->addr, (long)regs->pstate); 78#endif |
|
| 74} 75 76/* 77 * fault_handler: this is called if an exception is generated for any 78 * instruction within the pre- or post-handler, or when Kprobes 79 * single-steps the probed instruction. 80 */ 81static int handler_fault(struct kprobe *p, struct pt_regs *regs, int trapnr) 82{ | 79} 80 81/* 82 * fault_handler: this is called if an exception is generated for any 83 * instruction within the pre- or post-handler, or when Kprobes 84 * single-steps the probed instruction. 85 */ 86static int handler_fault(struct kprobe *p, struct pt_regs *regs, int trapnr) 87{ |
| 83 printk(KERN_INFO "fault_handler: p->addr = 0x%p, trap #%dn", 84 p->addr, trapnr); | 88 pr_info("fault_handler: p->addr = 0x%p, trap #%dn", p->addr, trapnr); |
| 85 /* Return 0 because we don't handle the fault. */ 86 return 0; 87} 88 89static int __init kprobe_init(void) 90{ 91 int ret; 92 kp.pre_handler = handler_pre; 93 kp.post_handler = handler_post; 94 kp.fault_handler = handler_fault; 95 96 ret = register_kprobe(&kp); 97 if (ret < 0) { | 89 /* Return 0 because we don't handle the fault. */ 90 return 0; 91} 92 93static int __init kprobe_init(void) 94{ 95 int ret; 96 kp.pre_handler = handler_pre; 97 kp.post_handler = handler_post; 98 kp.fault_handler = handler_fault; 99 100 ret = register_kprobe(&kp); 101 if (ret < 0) { |
| 98 printk(KERN_INFO "register_kprobe failed, returned %d\n", ret); | 102 pr_err("register_kprobe failed, returned %d\n", ret); |
| 99 return ret; 100 } | 103 return ret; 104 } |
| 101 printk(KERN_INFO "Planted kprobe at %p\n", kp.addr); | 105 pr_info("Planted kprobe at %p\n", kp.addr); |
| 102 return 0; 103} 104 105static void __exit kprobe_exit(void) 106{ 107 unregister_kprobe(&kp); | 106 return 0; 107} 108 109static void __exit kprobe_exit(void) 110{ 111 unregister_kprobe(&kp); |
| 108 printk(KERN_INFO "kprobe at %p unregistered\n", kp.addr); | 112 pr_info("kprobe at %p unregistered\n", kp.addr); |
| 109} 110 111module_init(kprobe_init) 112module_exit(kprobe_exit) 113MODULE_LICENSE("GPL"); | 113} 114 115module_init(kprobe_init) 116module_exit(kprobe_exit) 117MODULE_LICENSE("GPL"); |