Implement the main module infrastructure for kstackwatch, providing
a proc-based configuration interface and basic module lifecycle
management.
This patch introduces:
1. Module initialization and cleanup with proper resource management
2. Configuration parsing for the flexible watch specification format:
"function+ip_offset[+depth] [local_var_offset:local_var_len]"
3. Proc interface (/proc/kstackwatch) for runtime configuration
4. Support for both watch types through unified configuration syntax
The configuration parser handles:
- Function name and instruction pointer offset (mandatory)
- Optional recursion depth filtering
- Optional local variable specification (offset:length)
- Automatic detection of watch type based on presence of stack parameters
Signed-off-by: Jinchao Wang <wangjinchao...@gmail.com>
---
mm/kstackwatch/kernel.c | 205 +++++++++++++++++++++++++++++++++++
mm/kstackwatch/kstackwatch.h | 39 +++++++
2 files changed, 244 insertions(+)
diff --git a/mm/kstackwatch/kernel.c b/mm/kstackwatch/kernel.c
index e69de29bb2d1..726cf3f25888 100644
--- a/mm/kstackwatch/kernel.c
+++ b/mm/kstackwatch/kernel.c
@@ -0,0 +1,205 @@
+// SPDX-License-Identifier: GPL-2.0
+#include <linux/kern_levels.h>
+#include <linux/kstrtox.h>
+#include <linux/module.h>
+#include <linux/kernel.h>
+#include <linux/proc_fs.h>
+#include <linux/uaccess.h>
+#include <linux/string.h>
+#include <linux/utsname.h>
+#include <linux/seq_file.h>
+
+#include "kstackwatch.h"
+
+MODULE_AUTHOR("Jinchao Wang");
+MODULE_DESCRIPTION("Kernel Stack Watch");
+MODULE_LICENSE("GPL");
+
+struct ksw_config *ksw_config;
+bool watching_active;
+
+/* Module parameters */
+bool panic_on_catch;
+module_param(panic_on_catch, bool, 0644);
+MODULE_PARM_DESC(panic_on_catch,
+ "Trigger a kernel panic immediately on corruption catch");
+
+static int start_watching(void)
+{
+ if (strlen(ksw_config->function) == 0) {
+ pr_err("KSW: No target function specified\n");
+ return -EINVAL;
+ }
+
+ watching_active = true;
+
+ pr_info("KSW: start watching %s\n", ksw_config->config_str);
+ return 0;
+}
+
+static void stop_watching(void)
+{
+ watching_active = false;
+
+ pr_info("KSW: stop watching %s\n", ksw_config->config_str);
+}
+
+/* Parse watch configuration:
+ * function+ip_offset[+depth] [local_var_offset:local_var_len]
+ */
+static int parse_config(char *buf, struct ksw_config *config)
+{
+ char *func_part, *stack_part = NULL;
+ char *token;
+
+ /* Initialize with default values */
+ memset(config, 0, sizeof(*config));
+ config->type = WATCH_CANARY;
+
+ /* strim() removes leading/trailing whitespace */
+ func_part = strim(buf);
+ strscpy(config->config_str, func_part, MAX_CONFIG_STR_LEN);
+
+ stack_part = strchr(func_part, ' ');
+ if (stack_part) {
+ *stack_part = '\0'; // Terminate the function part
+ stack_part = strim(stack_part + 1);
+ }
+
+ /* 1. Parse the function part: function+ip_offset[+depth] */
+ token = strsep(&func_part, "+");
+ if (!token)
+ return -EINVAL;
+
+ strscpy(config->function, token, MAX_FUNC_NAME_LEN - 1);
+
+ token = strsep(&func_part, "+");
+ if (!token || kstrtou16(token, 0, &config->ip_offset)) {
+ pr_err("KSW: Failed to parse instruction offset\n");
+ return -EINVAL;
+ }
+
+ token = strsep(&func_part, "+");
+ if (token && kstrtou16(token, 0, &config->depth)) {
+ pr_err("KSW: Failed to parse depth\n");
+ return -EINVAL;
+ }
+ if (!stack_part || !(*stack_part))
+ return 0;
+
+ /* 2. Parse the optional stack part: offset:len */
+ config->type = WATCH_LOCAL_VAR;
+ token = strsep(&stack_part, ":");
+ if (!token || kstrtou16(token, 0, &config->local_var_offset)) {
+ pr_err("KSW: Failed to parse stack variable offset\n");
+ return -EINVAL;
+ }
+
+ if (!stack_part || kstrtou16(stack_part, 0, &config->local_var_len)) {
+ pr_err("KSW: Failed to parse stack variable length\n");
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
+/* Proc interface for configuration */
+static ssize_t kstackwatch_proc_write(struct file *file,
+ const char __user *buffer, size_t count,
+ loff_t *pos)
+{
+ char input[256];
+ int ret;
+
+ if (count == 0 || count >= sizeof(input))
+ return -EINVAL;
+
+ if (copy_from_user(input, buffer, count))
+ return -EFAULT;
+
+ input[count] = '\0';
+ strim(input);
+
+ /* Stop current watching */
+ if (watching_active)
+ stop_watching();
+
+ ret = parse_config(input, ksw_config);
+ if (ret)
+ return ret;
+
+ /* Start watching */
+ ret = start_watching();
+ if (ret < 0) {
+ pr_err("KSW: Failed to start watching with %d\n", ret);
+ return ret;
+ }
+
+ return count;
+}
+
+static int kstackwatch_proc_show(struct seq_file *m, void *v)
+{
+ struct ksw_config *config = ksw_config;
+
+ if (watching_active) {
+ seq_printf(m, "KSW: watch config %s\n", config->config_str);
+ } else {
+ seq_puts(m, "Not watching\n");
+ seq_puts(m, "\nUsage:\n");
+ seq_puts(
+ m,
+ " echo 'function+ip_offset[+depth]
[local_var_offset:local_var_len]' > /proc/kstackwatch\n");
+ seq_puts(m, " if ignore the stack part, watch the canary");
+ }
+
+ return 0;
+}
+
+static int kstackwatch_proc_open(struct inode *inode, struct file *file)
+{
+ return single_open(file, kstackwatch_proc_show, NULL);
+}
+
+static const struct proc_ops kstackwatch_proc_ops = {
+ .proc_open = kstackwatch_proc_open,
+ .proc_read = seq_read,
+ .proc_write = kstackwatch_proc_write,
+ .proc_lseek = seq_lseek,
+ .proc_release = single_release,
+};
+
+static int __init kstackwatch_init(void)
+{
+ ksw_config = kmalloc(sizeof(*ksw_config), GFP_KERNEL);
+ if (!ksw_config)
+ return -ENOMEM;
+
+ /* Create proc interface */
+ if (!proc_create("kstackwatch", 0644, NULL, &kstackwatch_proc_ops)) {
+ pr_err("KSW: create proc kstackwatch fail");
+ return -ENOMEM;
+ }
+
+ pr_info("KSW: Module loaded\n");
+ pr_info("KSW: Usage:\n");
+ pr_info("KSW: echo 'function+ip_offset[+depth]
[local_var_offset:local_var_len]' > /proc/kstackwatch\n");
+
+ return 0;
+}
+
+static void __exit kstackwatch_exit(void)
+{
+ /* Cleanup active watching */
+ if (watching_active)
+ stop_watching();
+
+ /* Remove proc interface */
+ remove_proc_entry("kstackwatch", NULL);
+ kfree(ksw_config);
+
+ pr_info("KSW: Module unloaded\n");
+}
+
+module_init(kstackwatch_init);
+module_exit(kstackwatch_exit);
diff --git a/mm/kstackwatch/kstackwatch.h b/mm/kstackwatch/kstackwatch.h
index e69de29bb2d1..f58af36e64a7 100644
--- a/mm/kstackwatch/kstackwatch.h
+++ b/mm/kstackwatch/kstackwatch.h
@@ -0,0 +1,39 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef _KSTACKWATCH_H
+#define _KSTACKWATCH_H
+
+#include <linux/types.h>
+
+#define MAX_FUNC_NAME_LEN 64
+#define MAX_CONFIG_STR_LEN 128
+
+/* Watch target types */
+enum watch_type {
+ WATCH_CANARY = 0, /* canary placed by compiler */
+ WATCH_LOCAL_VAR, /* local var defined by code */
+};
+
+struct ksw_config {
+ /* function part */
+ char function[MAX_FUNC_NAME_LEN];
+ u16 ip_offset;
+ u16 depth;
+
+ /* stack part, useless for canary watch */
+ /* offset from rsp at function+ip_offset */
+ u16 local_var_offset;
+
+ /*
+ * local var size (1,2,4,8 bytes)
+ * it will be the watching len
+ */
+ u16 local_var_len;
+
+ /* easy for understand*/
+ enum watch_type type;
+
+ /* save to show */
+ char config_str[MAX_CONFIG_STR_LEN];
+};
+
+#endif /* _KSTACKWATCH_H */
--
2.43.0
