Re: [PATCH/RFC] samples/: move kprobes sources to samples
Hi Ananth. > o Removed samples/Kbuild so the build goes on fine You could have added the obj-y assignment to Kbuild for the same effect. Kbuild is the first filename searched by kbuild, next is Makefile. Sam - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Tue, Sep 25, 2007 at 09:57:11AM +0100, Christoph Hellwig wrote:
> On Tue, Sep 25, 2007 at 02:13:33PM +0530, Ananth N Mavinakayanahalli wrote:
> > +++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
> > @@ -0,0 +1,69 @@
> > +/*jprobe-example.c */
>
> I don't think we should have this type of comment in any of the files.
>
> > +#include
> > +#include
> > +#include
> > +#include
>
> I don't think you'll need uio,h here.
Fixed. Actually, we don't need the fs.h either... I've audited and
cleaned up the other examples also.
> > + * Jumper probe for do_fork.
> > + * Mirror principle enables access to arguments of the probed routine
> > + * from the probe handler.
> > + */
> > +static const char *probed_func = "do_fork";
> > +
>
> > + /* Always end with a call to jprobe_return(). */
> > + jprobe_return();
> > +
> > + /*NOTREACHED*/
> > + return 0;
>
> I'd rather write this as:
>
> /* Always end with a call to jprobe_return(). */
> jprobe_return();
> return 0;
> }
Fixed
> Also a a note not to these example but general kprobes code I've
> bee wondering whether jprobe_return() should just include the return.
> Yes, macros including a return are ugly, but in this case jprobe_return
> actually handles the return anyway through deep magic.
Right; but the issue here is that in jprobe_return() we don't know what
the jprobed function would return. Also, we've left this the way it
is just so the compiler is happy. (And jprobe_return() is a function
with each arch doing its own magic :-))
> > +static struct jprobe my_jprobe = {
> > + .entry = jdo_fork
> > +};
> > +
> > +static int __init jprobe_init(void)
> > +{
> > + int ret;
> > + my_jprobe.kp.symbol_name = (char *)probed_func;
>
> Shouldn't this be simply done in the static initialization, ala:
>
> static struct jprobe my_jprobe = {
> .entry = jdo_fork,
> .kp = {
> .symbol_name= "do_fork",
> },
> };
>
> (same for the other examples)
Agreed. Fixed.
> > +static int handler_pre(struct kprobe *p, struct pt_regs *regs)
> > +{
> > +#ifdef CONFIG_X86_32
> > + printk("pre_handler: p->addr = 0x%p, eip = %lx, eflags = 0x%lx\n",
> > + p->addr, regs->eip, regs->eflags);
> > +#endif
> > +#ifdef CONFIG_X86_64
> > + printk("pre_handler: p->addr = 0x%p, rip = %lx, eflags = 0x%lx\n",
> > + p->addr, regs->rip, regs->eflags);
> > +#endif
> > +#ifdef CONFIG_PPC
> > + printk("pre_handler: p->addr = 0x%p, nip = 0x%lx, msr = 0x%lx\n",
> > + p->addr, regs->nip, regs->msr);
> > +#endif
>
> Now this is really ugly. We should really have macros for the interesting
> registers (instruction pointer, frame pointer, stack pointer) in kdebug.h.
> systemtap runtime already has them for supported architectures, any care
> to port them over?
>
> (note that this is not an objection to the patch as-is, but rather a
> suggestion for later improvement of the whole thing)
Agreed
> Thanks a lot for moving this in the right place!
Updated patch...
Thanks Randy for kicking this off. I've updated kprobe_example.c to work
on powerpc also. In addition I have:
o Removed samples/Kbuild so the build goes on fine
o Modified examples slightly to display output better (cosmetic)
o Changed the kretprobe_example.c to probe do_fork and log the new pid
o Fixed code per roel's nitpicks
o Renamed kretprobe-example.c to kretprobe_example.c for consistancy
o Made changes suggested by Christoph
o Cleaned up unneeded #includes
Signed-off-by: Randy Dunlap <[EMAIL PROTECTED]>
Signed-off-by: Ananth N Mavinakayanahalli <[EMAIL PROTECTED]>
---
Documentation/kprobes.txt | 214
samples/Kbuild |2
samples/Kconfig |5
samples/Makefile|3
samples/kprobes/Makefile|5
samples/kprobes/jprobe_example.c| 64 ++
samples/kprobes/kprobe_example.c| 89 ++
samples/kprobes/kretprobe_example.c | 59 +
8 files changed, 230 insertions(+), 211 deletions(-)
Index: linux-2.6.23-rc7/samples/kprobes/Makefile
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/Makefile
@@ -0,0 +1,5 @@
+# builds the kprobes example kernel modules;
+# then to use one (as root): insmod
+
+obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
+ kretprobe_example.o
Index: linux-2.6.23-rc7/samples/Kconfig
===
--- linux-2.6.23-rc7.orig/samples/Kconfig
+++ linux-2.6.23-rc7/samples/Kconfig
@@ -7,5 +7,10 @@ menuconfig SAMPLES
if SAMPLES
+config SAMPLE_KPROBES
+ tristate "Build kprobes examples -- loadable modules only"
+ depends on KPROBES && m
+ help
+ This builds several kprobes example modules.
endif # SAMPLES
Index:
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Tue, Sep 25, 2007 at 02:13:33PM +0530, Ananth N Mavinakayanahalli wrote:
> +++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
> @@ -0,0 +1,69 @@
> +/*jprobe-example.c */
I don't think we should have this type of comment in any of the files.
> +#include
> +#include
> +#include
> +#include
I don't think you'll need uio,h here.
> + * Jumper probe for do_fork.
> + * Mirror principle enables access to arguments of the probed routine
> + * from the probe handler.
> + */
> +static const char *probed_func = "do_fork";
> +
> + /* Always end with a call to jprobe_return(). */
> + jprobe_return();
> +
> + /*NOTREACHED*/
> + return 0;
I'd rather write this as:
/* Always end with a call to jprobe_return(). */
jprobe_return();
return 0;
}
Also a a note not to these example but general kprobes code I've
bee wondering whether jprobe_return() should just include the return.
Yes, macros including a return are ugly, but in this case jprobe_return
actually handles the return anyway through deep magic.
> +static struct jprobe my_jprobe = {
> + .entry = jdo_fork
> +};
> +
> +static int __init jprobe_init(void)
> +{
> + int ret;
> + my_jprobe.kp.symbol_name = (char *)probed_func;
Shouldn't this be simply done in the static initialization, ala:
static struct jprobe my_jprobe = {
.entry = jdo_fork,
.kp = {
.symbol_name= "do_fork",
},
};
(same for the other examples)
> +static int handler_pre(struct kprobe *p, struct pt_regs *regs)
> +{
> +#ifdef CONFIG_X86_32
> + printk("pre_handler: p->addr = 0x%p, eip = %lx, eflags = 0x%lx\n",
> + p->addr, regs->eip, regs->eflags);
> +#endif
> +#ifdef CONFIG_X86_64
> + printk("pre_handler: p->addr = 0x%p, rip = %lx, eflags = 0x%lx\n",
> + p->addr, regs->rip, regs->eflags);
> +#endif
> +#ifdef CONFIG_PPC
> + printk("pre_handler: p->addr = 0x%p, nip = 0x%lx, msr = 0x%lx\n",
> + p->addr, regs->nip, regs->msr);
> +#endif
Now this is really ugly. We should really have macros for the interesting
registers (instruction pointer, frame pointer, stack pointer) in kdebug.h.
systemtap runtime already has them for supported architectures, any care
to port them over?
(note that this is not an objection to the patch as-is, but rather a
suggestion for later improvement of the whole thing)
Thanks a lot for moving this in the right place!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Mon, Sep 24, 2007 at 02:58:28PM -0700, Randy Dunlap wrote:
>
> This is RFC patch 2/2.
> Patch 1/2 introduces the samples/ infrastructure:
> http://lkml.org/lkml/2007/9/24/397
>
>
> ---
>
> From: Randy Dunlap <[EMAIL PROTECTED]>
>
> Move kprobes source files from Documentation/kprobes.txt to
> samples/kprobes/ and add them to the build system.
>
> Fix sparse warnings in all 3 kprobes samples source files.
>
> Although kprobe-example.c is x86-specific, make it build on any
> platform by surrounding some code in ifdef/endif blocks.
>
> Signed-off-by: Randy Dunlap <[EMAIL PROTECTED]>
Thanks Randy for kicking this off. I've updated kprobe_example.c to work
on powerpc also. In addition I have:
o Removed samples/Kbuild so the build goes on fine
o Modified examples slightly to display output better (cosmetic)
o Changed the kretprobe_example.c to probe do_fork and log the new pid
o Fixed code per roel's nitpicks
o Renamed kretprobe-example.c to kretprobe_example.c for consistancy
Signed-off-by: Randy Dunlap <[EMAIL PROTECTED]>
Signed-off-by: Ananth N Mavinakayanahalli <[EMAIL PROTECTED]>
---
samples/Kbuild |2
Documentation/kprobes.txt | 206
samples/Kconfig |5
samples/Makefile|3
samples/kprobes/Makefile|5
samples/kprobes/jprobe_example.c| 69
samples/kprobes/kprobe_example.c| 92
samples/kprobes/kretprobe_example.c | 61 ++
8 files changed, 240 insertions(+), 203 deletions(-)
Index: linux-2.6.23-rc7/samples/kprobes/Makefile
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/Makefile
@@ -0,0 +1,5 @@
+# builds the kprobes example kernel modules;
+# then to use one (as root): insmod
+
+obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
+ kretprobe_example.o
Index: linux-2.6.23-rc7/samples/Kconfig
===
--- linux-2.6.23-rc7.orig/samples/Kconfig
+++ linux-2.6.23-rc7/samples/Kconfig
@@ -7,5 +7,10 @@ menuconfig SAMPLES
if SAMPLES
+config SAMPLE_KPROBES
+ tristate "Build kprobes examples -- loadable modules only"
+ depends on KPROBES && m
+ help
+ This builds several kprobes example modules.
endif # SAMPLES
Index: linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
@@ -0,0 +1,69 @@
+/*jprobe-example.c */
+/*
+ * Here's a sample kernel module showing the use of jprobes to dump
+ * the arguments of do_fork().
+ *
+ * Build and insert the kernel module as done in the kprobe example.
+ * You will see the trace data in /var/log/messages and on the
+ * console whenever do_fork() is invoked to create a new process.
+ * (Some messages may be suppressed if syslogd is configured to
+ * eliminate duplicate messages.)
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+
+/*
+ * Jumper probe for do_fork.
+ * Mirror principle enables access to arguments of the probed routine
+ * from the probe handler.
+ */
+static const char *probed_func = "do_fork";
+
+/* Proxy routine having the same arguments as actual do_fork() routine */
+static long jdo_fork(unsigned long clone_flags, unsigned long stack_start,
+ struct pt_regs *regs, unsigned long stack_size,
+ int __user * parent_tidptr, int __user * child_tidptr)
+{
+ printk("jprobe: clone_flags = 0x%lx, stack_size = 0x%lx, regs = 0x%p\n",
+ clone_flags, stack_size, regs);
+
+ /* Always end with a call to jprobe_return(). */
+ jprobe_return();
+
+ /*NOTREACHED*/
+ return 0;
+}
+
+static struct jprobe my_jprobe = {
+ .entry = jdo_fork
+};
+
+static int __init jprobe_init(void)
+{
+ int ret;
+ my_jprobe.kp.symbol_name = (char *)probed_func;
+
+ ret = register_jprobe(_jprobe);
+ if (ret < 0) {
+ printk("register_jprobe failed, returned %d\n", ret);
+ return -1;
+ }
+ printk("Planted jprobe at %p, handler addr %p\n",
+ my_jprobe.kp.addr, my_jprobe.entry);
+ return 0;
+}
+
+static void __exit jprobe_exit(void)
+{
+ unregister_jprobe(_jprobe);
+ printk("jprobe on %s unregistered\n", probed_func);
+}
+
+module_init(jprobe_init)
+module_exit(jprobe_exit)
+MODULE_LICENSE("GPL");
Index: linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
@@ -0,0 +1,92 @@
+/*kprobe_example.c*/
+/*
+ * NOTE: This example is works on x86 and powerpc.
+ * Here's a sample kernel module showing the use of kprobes to dump a
+ * stack trace and selected registers when
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Mon, Sep 24, 2007 at 02:58:28PM -0700, Randy Dunlap wrote:
This is RFC patch 2/2.
Patch 1/2 introduces the samples/ infrastructure:
http://lkml.org/lkml/2007/9/24/397
---
From: Randy Dunlap [EMAIL PROTECTED]
Move kprobes source files from Documentation/kprobes.txt to
samples/kprobes/ and add them to the build system.
Fix sparse warnings in all 3 kprobes samples source files.
Although kprobe-example.c is x86-specific, make it build on any
platform by surrounding some code in ifdef/endif blocks.
Signed-off-by: Randy Dunlap [EMAIL PROTECTED]
Thanks Randy for kicking this off. I've updated kprobe_example.c to work
on powerpc also. In addition I have:
o Removed samples/Kbuild so the build goes on fine
o Modified examples slightly to display output better (cosmetic)
o Changed the kretprobe_example.c to probe do_fork and log the new pid
o Fixed code per roel's nitpicks
o Renamed kretprobe-example.c to kretprobe_example.c for consistancy
Signed-off-by: Randy Dunlap [EMAIL PROTECTED]
Signed-off-by: Ananth N Mavinakayanahalli [EMAIL PROTECTED]
---
samples/Kbuild |2
Documentation/kprobes.txt | 206
samples/Kconfig |5
samples/Makefile|3
samples/kprobes/Makefile|5
samples/kprobes/jprobe_example.c| 69
samples/kprobes/kprobe_example.c| 92
samples/kprobes/kretprobe_example.c | 61 ++
8 files changed, 240 insertions(+), 203 deletions(-)
Index: linux-2.6.23-rc7/samples/kprobes/Makefile
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/Makefile
@@ -0,0 +1,5 @@
+# builds the kprobes example kernel modules;
+# then to use one (as root): insmod module_name.ko
+
+obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
+ kretprobe_example.o
Index: linux-2.6.23-rc7/samples/Kconfig
===
--- linux-2.6.23-rc7.orig/samples/Kconfig
+++ linux-2.6.23-rc7/samples/Kconfig
@@ -7,5 +7,10 @@ menuconfig SAMPLES
if SAMPLES
+config SAMPLE_KPROBES
+ tristate Build kprobes examples -- loadable modules only
+ depends on KPROBES m
+ help
+ This builds several kprobes example modules.
endif # SAMPLES
Index: linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
@@ -0,0 +1,69 @@
+/*jprobe-example.c */
+/*
+ * Here's a sample kernel module showing the use of jprobes to dump
+ * the arguments of do_fork().
+ *
+ * Build and insert the kernel module as done in the kprobe example.
+ * You will see the trace data in /var/log/messages and on the
+ * console whenever do_fork() is invoked to create a new process.
+ * (Some messages may be suppressed if syslogd is configured to
+ * eliminate duplicate messages.)
+ */
+
+#include linux/kernel.h
+#include linux/module.h
+#include linux/fs.h
+#include linux/uio.h
+#include linux/kprobes.h
+#include linux/ptrace.h
+
+/*
+ * Jumper probe for do_fork.
+ * Mirror principle enables access to arguments of the probed routine
+ * from the probe handler.
+ */
+static const char *probed_func = do_fork;
+
+/* Proxy routine having the same arguments as actual do_fork() routine */
+static long jdo_fork(unsigned long clone_flags, unsigned long stack_start,
+ struct pt_regs *regs, unsigned long stack_size,
+ int __user * parent_tidptr, int __user * child_tidptr)
+{
+ printk(jprobe: clone_flags = 0x%lx, stack_size = 0x%lx, regs = 0x%p\n,
+ clone_flags, stack_size, regs);
+
+ /* Always end with a call to jprobe_return(). */
+ jprobe_return();
+
+ /*NOTREACHED*/
+ return 0;
+}
+
+static struct jprobe my_jprobe = {
+ .entry = jdo_fork
+};
+
+static int __init jprobe_init(void)
+{
+ int ret;
+ my_jprobe.kp.symbol_name = (char *)probed_func;
+
+ ret = register_jprobe(my_jprobe);
+ if (ret 0) {
+ printk(register_jprobe failed, returned %d\n, ret);
+ return -1;
+ }
+ printk(Planted jprobe at %p, handler addr %p\n,
+ my_jprobe.kp.addr, my_jprobe.entry);
+ return 0;
+}
+
+static void __exit jprobe_exit(void)
+{
+ unregister_jprobe(my_jprobe);
+ printk(jprobe on %s unregistered\n, probed_func);
+}
+
+module_init(jprobe_init)
+module_exit(jprobe_exit)
+MODULE_LICENSE(GPL);
Index: linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
@@ -0,0 +1,92 @@
+/*kprobe_example.c*/
+/*
+ * NOTE: This example is works on x86 and powerpc.
+ * Here's a sample kernel module showing the use of kprobes to
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Tue, Sep 25, 2007 at 02:13:33PM +0530, Ananth N Mavinakayanahalli wrote:
+++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
@@ -0,0 +1,69 @@
+/*jprobe-example.c */
I don't think we should have this type of comment in any of the files.
+#include linux/kernel.h
+#include linux/module.h
+#include linux/fs.h
+#include linux/uio.h
I don't think you'll need uio,h here.
+ * Jumper probe for do_fork.
+ * Mirror principle enables access to arguments of the probed routine
+ * from the probe handler.
+ */
+static const char *probed_func = do_fork;
+
+ /* Always end with a call to jprobe_return(). */
+ jprobe_return();
+
+ /*NOTREACHED*/
+ return 0;
I'd rather write this as:
/* Always end with a call to jprobe_return(). */
jprobe_return();
return 0;
}
Also a a note not to these example but general kprobes code I've
bee wondering whether jprobe_return() should just include the return.
Yes, macros including a return are ugly, but in this case jprobe_return
actually handles the return anyway through deep magic.
+static struct jprobe my_jprobe = {
+ .entry = jdo_fork
+};
+
+static int __init jprobe_init(void)
+{
+ int ret;
+ my_jprobe.kp.symbol_name = (char *)probed_func;
Shouldn't this be simply done in the static initialization, ala:
static struct jprobe my_jprobe = {
.entry = jdo_fork,
.kp = {
.symbol_name= do_fork,
},
};
(same for the other examples)
+static int handler_pre(struct kprobe *p, struct pt_regs *regs)
+{
+#ifdef CONFIG_X86_32
+ printk(pre_handler: p-addr = 0x%p, eip = %lx, eflags = 0x%lx\n,
+ p-addr, regs-eip, regs-eflags);
+#endif
+#ifdef CONFIG_X86_64
+ printk(pre_handler: p-addr = 0x%p, rip = %lx, eflags = 0x%lx\n,
+ p-addr, regs-rip, regs-eflags);
+#endif
+#ifdef CONFIG_PPC
+ printk(pre_handler: p-addr = 0x%p, nip = 0x%lx, msr = 0x%lx\n,
+ p-addr, regs-nip, regs-msr);
+#endif
Now this is really ugly. We should really have macros for the interesting
registers (instruction pointer, frame pointer, stack pointer) in kdebug.h.
systemtap runtime already has them for supported architectures, any care
to port them over?
(note that this is not an objection to the patch as-is, but rather a
suggestion for later improvement of the whole thing)
Thanks a lot for moving this in the right place!
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Tue, Sep 25, 2007 at 09:57:11AM +0100, Christoph Hellwig wrote:
On Tue, Sep 25, 2007 at 02:13:33PM +0530, Ananth N Mavinakayanahalli wrote:
+++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
@@ -0,0 +1,69 @@
+/*jprobe-example.c */
I don't think we should have this type of comment in any of the files.
+#include linux/kernel.h
+#include linux/module.h
+#include linux/fs.h
+#include linux/uio.h
I don't think you'll need uio,h here.
Fixed. Actually, we don't need the fs.h either... I've audited and
cleaned up the other examples also.
+ * Jumper probe for do_fork.
+ * Mirror principle enables access to arguments of the probed routine
+ * from the probe handler.
+ */
+static const char *probed_func = do_fork;
+
+ /* Always end with a call to jprobe_return(). */
+ jprobe_return();
+
+ /*NOTREACHED*/
+ return 0;
I'd rather write this as:
/* Always end with a call to jprobe_return(). */
jprobe_return();
return 0;
}
Fixed
Also a a note not to these example but general kprobes code I've
bee wondering whether jprobe_return() should just include the return.
Yes, macros including a return are ugly, but in this case jprobe_return
actually handles the return anyway through deep magic.
Right; but the issue here is that in jprobe_return() we don't know what
the jprobed function would return. Also, we've left this the way it
is just so the compiler is happy. (And jprobe_return() is a function
with each arch doing its own magic :-))
+static struct jprobe my_jprobe = {
+ .entry = jdo_fork
+};
+
+static int __init jprobe_init(void)
+{
+ int ret;
+ my_jprobe.kp.symbol_name = (char *)probed_func;
Shouldn't this be simply done in the static initialization, ala:
static struct jprobe my_jprobe = {
.entry = jdo_fork,
.kp = {
.symbol_name= do_fork,
},
};
(same for the other examples)
Agreed. Fixed.
+static int handler_pre(struct kprobe *p, struct pt_regs *regs)
+{
+#ifdef CONFIG_X86_32
+ printk(pre_handler: p-addr = 0x%p, eip = %lx, eflags = 0x%lx\n,
+ p-addr, regs-eip, regs-eflags);
+#endif
+#ifdef CONFIG_X86_64
+ printk(pre_handler: p-addr = 0x%p, rip = %lx, eflags = 0x%lx\n,
+ p-addr, regs-rip, regs-eflags);
+#endif
+#ifdef CONFIG_PPC
+ printk(pre_handler: p-addr = 0x%p, nip = 0x%lx, msr = 0x%lx\n,
+ p-addr, regs-nip, regs-msr);
+#endif
Now this is really ugly. We should really have macros for the interesting
registers (instruction pointer, frame pointer, stack pointer) in kdebug.h.
systemtap runtime already has them for supported architectures, any care
to port them over?
(note that this is not an objection to the patch as-is, but rather a
suggestion for later improvement of the whole thing)
Agreed
Thanks a lot for moving this in the right place!
Updated patch...
Thanks Randy for kicking this off. I've updated kprobe_example.c to work
on powerpc also. In addition I have:
o Removed samples/Kbuild so the build goes on fine
o Modified examples slightly to display output better (cosmetic)
o Changed the kretprobe_example.c to probe do_fork and log the new pid
o Fixed code per roel's nitpicks
o Renamed kretprobe-example.c to kretprobe_example.c for consistancy
o Made changes suggested by Christoph
o Cleaned up unneeded #includes
Signed-off-by: Randy Dunlap [EMAIL PROTECTED]
Signed-off-by: Ananth N Mavinakayanahalli [EMAIL PROTECTED]
---
Documentation/kprobes.txt | 214
samples/Kbuild |2
samples/Kconfig |5
samples/Makefile|3
samples/kprobes/Makefile|5
samples/kprobes/jprobe_example.c| 64 ++
samples/kprobes/kprobe_example.c| 89 ++
samples/kprobes/kretprobe_example.c | 59 +
8 files changed, 230 insertions(+), 211 deletions(-)
Index: linux-2.6.23-rc7/samples/kprobes/Makefile
===
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/Makefile
@@ -0,0 +1,5 @@
+# builds the kprobes example kernel modules;
+# then to use one (as root): insmod module_name.ko
+
+obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
+ kretprobe_example.o
Index: linux-2.6.23-rc7/samples/Kconfig
===
--- linux-2.6.23-rc7.orig/samples/Kconfig
+++ linux-2.6.23-rc7/samples/Kconfig
@@ -7,5 +7,10 @@ menuconfig SAMPLES
if SAMPLES
+config SAMPLE_KPROBES
+ tristate Build kprobes examples -- loadable modules only
+ depends on KPROBES m
+ help
+ This builds several kprobes example modules.
endif # SAMPLES
Index: linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
===
---
Re: [PATCH/RFC] samples/: move kprobes sources to samples
Hi Ananth. o Removed samples/Kbuild so the build goes on fine You could have added the obj-y assignment to Kbuild for the same effect. Kbuild is the first filename searched by kbuild, next is Makefile. Sam - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
* Randy Dunlap ([EMAIL PROTECTED]) wrote: > Mathieu Desnoyers wrote: > >* Randy Dunlap ([EMAIL PROTECTED]) wrote: > >>This is RFC patch 2/2. > >>Patch 1/2 introduces the samples/ infrastructure: > >> http://lkml.org/lkml/2007/9/24/397 > >> > > > >Hi Randy, > > > >I got this when building my markers (which looks alike your kprobes): > > > >ld: samples/built-in.o: No such file: No such file or directory > >make: *** [.tmp_vmlinux1] Error 1 > > > >And the Makefile from samples does not seem to be executed. And why is > >there a Kbuild file in your first patch ? > > samples/Kbuild should be renamed to samples/Makefile. > Sorry about that. > > I made the kprobes files build only as modules. > You are probably attempting to build markers built-in, not as > modules? That needs some makefile foo, I think. Sam?? > > Ok, fixed.. Was due either to Kbuild being there (?!?) and/or the fact that I used += markers instead of += markers/. Mathieu -- Mathieu Desnoyers Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68 - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Tue, 25 Sep 2007 00:24:00 +0200 roel wrote: > I could only point to three nitpicks Yes, hopefully the kprobes people will chime in here sometime and merge those as well, or just ack them and I can change the code. Thanks. --- ~Randy Phaedrus says that Quality is about caring. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
Mathieu Desnoyers wrote: * Randy Dunlap ([EMAIL PROTECTED]) wrote: This is RFC patch 2/2. Patch 1/2 introduces the samples/ infrastructure: http://lkml.org/lkml/2007/9/24/397 Hi Randy, I got this when building my markers (which looks alike your kprobes): ld: samples/built-in.o: No such file: No such file or directory make: *** [.tmp_vmlinux1] Error 1 And the Makefile from samples does not seem to be executed. And why is there a Kbuild file in your first patch ? samples/Kbuild should be renamed to samples/Makefile. Sorry about that. I made the kprobes files build only as modules. You are probably attempting to build markers built-in, not as modules? That needs some makefile foo, I think. Sam?? -- ~Randy Phaedrus says that Quality is about caring. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
I could only point to three nitpicks
Randy Dunlap wrote:
> This is RFC patch 2/2.
> Patch 1/2 introduces the samples/ infrastructure:
> http://lkml.org/lkml/2007/9/24/397
>
>
> ---
>
> From: Randy Dunlap <[EMAIL PROTECTED]>
>
> Move kprobes source files from Documentation/kprobes.txt to
> samples/kprobes/ and add them to the build system.
>
> Fix sparse warnings in all 3 kprobes samples source files.
>
> Although kprobe-example.c is x86-specific, make it build on any
> platform by surrounding some code in ifdef/endif blocks.
>
> Signed-off-by: Randy Dunlap <[EMAIL PROTECTED]>
> ---
> Documentation/kprobes.txt | 214
>
> samples/Kconfig |5
> samples/Makefile|3
> samples/kprobes/Makefile|5
> samples/kprobes/jprobe_example.c| 65 ++
> samples/kprobes/kprobe_example.c| 79 +
> samples/kprobes/kretprobe-example.c | 60 ++
> 7 files changed, 222 insertions(+), 209 deletions(-)
>
> --- /dev/null
> +++ linux-2.6.23-rc7/samples/kprobes/Makefile
> @@ -0,0 +1,5 @@
> +# builds the kprobes example kernel modules;
> +# then to use one (as root): insmod
> +
> +obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
> + kretprobe-example.o
> --- linux-2.6.23-rc7.orig/samples/Kconfig
> +++ linux-2.6.23-rc7/samples/Kconfig
> @@ -7,5 +7,10 @@ menuconfig SAMPLES
>
> if SAMPLES
>
> +config SAMPLE_KPROBES
> + tristate "Build kprobes examples -- loadable modules only"
> + depends on KPROBES && m
> + help
> + This builds several kprobes example modules.
>
> endif # SAMPLES
> --- /dev/null
> +++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
> @@ -0,0 +1,65 @@
> +/*jprobe-example.c */
> +/*
> + * Here's a sample kernel module showing the use of jprobes to dump
> + * the arguments of do_fork().
> + *
> + * Build and insert the kernel module as done in the kprobe example.
> + * You will see the trace data in /var/log/messages and on the
> + * console whenever do_fork() is invoked to create a new process.
> + * (Some messages may be suppressed if syslogd is configured to
> + * eliminate duplicate messages.)
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +/*
> + * Jumper probe for do_fork.
> + * Mirror principle enables access to arguments of the probed routine
> + * from the probe handler.
> + */
> +
> +/* Proxy routine having the same arguments as actual do_fork() routine */
> +static long jdo_fork(unsigned long clone_flags, unsigned long stack_start,
> + struct pt_regs *regs, unsigned long stack_size,
> + int __user * parent_tidptr, int __user * child_tidptr)
> +{
> + printk("jprobe: clone_flags=0x%lx, stack_size=0x%lx, regs=0x%p\n",
> +clone_flags, stack_size, regs);
> + /* Always end with a call to jprobe_return(). */
> + jprobe_return();
> + /*NOTREACHED*/
> + return 0;
> +}
> +
> +static struct jprobe my_jprobe = {
> + .entry = jdo_fork
> +};
> +
> +static int __init jprobe_init(void)
> +{
> + int ret;
> + my_jprobe.kp.symbol_name = "do_fork";
> +
> + if ((ret = register_jprobe(_jprobe)) <0) {
or do:
ret = register_jprobe(_jprobe);
if (ret < 0) {
> + printk("register_jprobe failed, returned %d\n", ret);
> + return -1;
> + }
> + printk("Planted jprobe at %p, handler addr %p\n",
> +my_jprobe.kp.addr, my_jprobe.entry);
> + return 0;
> +}
> +
> +static void __exit jprobe_exit(void)
> +{
> + unregister_jprobe(_jprobe);
> + printk("jprobe unregistered\n");
> +}
> +
> +module_init(jprobe_init)
> +module_exit(jprobe_exit)
> +MODULE_LICENSE("GPL");
> --- /dev/null
> +++ linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
> @@ -0,0 +1,79 @@
> +/*kprobe_example.c*/
> +/*
> + * NOTE: This example is x86-specific.
> + * Here's a sample kernel module showing the use of kprobes to dump a
> + * stack trace and selected i386 registers when do_fork() is called.
> + *
> + * You will see the trace data in /var/log/messages and on the console
> + * whenever do_fork() is invoked to create a new process.
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +/*For each probe you need to allocate a kprobe structure*/
> +static struct kprobe kp;
> +
> +/*kprobe pre_handler: called just before the probed instruction is executed*/
> +static int handler_pre(struct kprobe *p, struct pt_regs *regs)
> +{
> +#ifdef CONFIG_X86_32
> + printk("pre_handler: p->addr=0x%p, eip=%lx, eflags=0x%lx\n",
> + p->addr, regs->eip, regs->eflags);
> +#endif
> +#ifdef CONFIG_X86_64
> + printk("pre_handler: p->addr=0x%p, rip=%lx, eflags=0x%lx\n",
> + p->addr, regs->rip, regs->eflags);
> +#endif
> + dump_stack();
> + return 0;
> +}
> +
> +/*kprobe post_handler: called after the probed instruction is
Re: [PATCH/RFC] samples/: move kprobes sources to samples
* Randy Dunlap ([EMAIL PROTECTED]) wrote:
>
> This is RFC patch 2/2.
> Patch 1/2 introduces the samples/ infrastructure:
> http://lkml.org/lkml/2007/9/24/397
>
Hi Randy,
I got this when building my markers (which looks alike your kprobes):
ld: samples/built-in.o: No such file: No such file or directory
make: *** [.tmp_vmlinux1] Error 1
And the Makefile from samples does not seem to be executed. And why is
there a Kbuild file in your first patch ?
Mathieu
>
> ---
>
> From: Randy Dunlap <[EMAIL PROTECTED]>
>
> Move kprobes source files from Documentation/kprobes.txt to
> samples/kprobes/ and add them to the build system.
>
> Fix sparse warnings in all 3 kprobes samples source files.
>
> Although kprobe-example.c is x86-specific, make it build on any
> platform by surrounding some code in ifdef/endif blocks.
>
> Signed-off-by: Randy Dunlap <[EMAIL PROTECTED]>
> ---
> Documentation/kprobes.txt | 214
>
> samples/Kconfig |5
> samples/Makefile|3
> samples/kprobes/Makefile|5
> samples/kprobes/jprobe_example.c| 65 ++
> samples/kprobes/kprobe_example.c| 79 +
> samples/kprobes/kretprobe-example.c | 60 ++
> 7 files changed, 222 insertions(+), 209 deletions(-)
>
> --- /dev/null
> +++ linux-2.6.23-rc7/samples/kprobes/Makefile
> @@ -0,0 +1,5 @@
> +# builds the kprobes example kernel modules;
> +# then to use one (as root): insmod
> +
> +obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
> + kretprobe-example.o
> --- linux-2.6.23-rc7.orig/samples/Kconfig
> +++ linux-2.6.23-rc7/samples/Kconfig
> @@ -7,5 +7,10 @@ menuconfig SAMPLES
>
> if SAMPLES
>
> +config SAMPLE_KPROBES
> + tristate "Build kprobes examples -- loadable modules only"
> + depends on KPROBES && m
> + help
> + This builds several kprobes example modules.
>
> endif # SAMPLES
> --- /dev/null
> +++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
> @@ -0,0 +1,65 @@
> +/*jprobe-example.c */
> +/*
> + * Here's a sample kernel module showing the use of jprobes to dump
> + * the arguments of do_fork().
> + *
> + * Build and insert the kernel module as done in the kprobe example.
> + * You will see the trace data in /var/log/messages and on the
> + * console whenever do_fork() is invoked to create a new process.
> + * (Some messages may be suppressed if syslogd is configured to
> + * eliminate duplicate messages.)
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +/*
> + * Jumper probe for do_fork.
> + * Mirror principle enables access to arguments of the probed routine
> + * from the probe handler.
> + */
> +
> +/* Proxy routine having the same arguments as actual do_fork() routine */
> +static long jdo_fork(unsigned long clone_flags, unsigned long stack_start,
> + struct pt_regs *regs, unsigned long stack_size,
> + int __user * parent_tidptr, int __user * child_tidptr)
> +{
> + printk("jprobe: clone_flags=0x%lx, stack_size=0x%lx, regs=0x%p\n",
> +clone_flags, stack_size, regs);
> + /* Always end with a call to jprobe_return(). */
> + jprobe_return();
> + /*NOTREACHED*/
> + return 0;
> +}
> +
> +static struct jprobe my_jprobe = {
> + .entry = jdo_fork
> +};
> +
> +static int __init jprobe_init(void)
> +{
> + int ret;
> + my_jprobe.kp.symbol_name = "do_fork";
> +
> + if ((ret = register_jprobe(_jprobe)) <0) {
> + printk("register_jprobe failed, returned %d\n", ret);
> + return -1;
> + }
> + printk("Planted jprobe at %p, handler addr %p\n",
> +my_jprobe.kp.addr, my_jprobe.entry);
> + return 0;
> +}
> +
> +static void __exit jprobe_exit(void)
> +{
> + unregister_jprobe(_jprobe);
> + printk("jprobe unregistered\n");
> +}
> +
> +module_init(jprobe_init)
> +module_exit(jprobe_exit)
> +MODULE_LICENSE("GPL");
> --- /dev/null
> +++ linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
> @@ -0,0 +1,79 @@
> +/*kprobe_example.c*/
> +/*
> + * NOTE: This example is x86-specific.
> + * Here's a sample kernel module showing the use of kprobes to dump a
> + * stack trace and selected i386 registers when do_fork() is called.
> + *
> + * You will see the trace data in /var/log/messages and on the console
> + * whenever do_fork() is invoked to create a new process.
> + */
> +
> +#include
> +#include
> +#include
> +#include
> +#include
> +
> +/*For each probe you need to allocate a kprobe structure*/
> +static struct kprobe kp;
> +
> +/*kprobe pre_handler: called just before the probed instruction is executed*/
> +static int handler_pre(struct kprobe *p, struct pt_regs *regs)
> +{
> +#ifdef CONFIG_X86_32
> + printk("pre_handler: p->addr=0x%p, eip=%lx, eflags=0x%lx\n",
> + p->addr, regs->eip, regs->eflags);
> +#endif
> +#ifdef CONFIG_X86_64
> +
Re: [PATCH/RFC] samples/: move kprobes sources to samples
* Randy Dunlap ([EMAIL PROTECTED]) wrote:
This is RFC patch 2/2.
Patch 1/2 introduces the samples/ infrastructure:
http://lkml.org/lkml/2007/9/24/397
Hi Randy,
I got this when building my markers (which looks alike your kprobes):
ld: samples/built-in.o: No such file: No such file or directory
make: *** [.tmp_vmlinux1] Error 1
And the Makefile from samples does not seem to be executed. And why is
there a Kbuild file in your first patch ?
Mathieu
---
From: Randy Dunlap [EMAIL PROTECTED]
Move kprobes source files from Documentation/kprobes.txt to
samples/kprobes/ and add them to the build system.
Fix sparse warnings in all 3 kprobes samples source files.
Although kprobe-example.c is x86-specific, make it build on any
platform by surrounding some code in ifdef/endif blocks.
Signed-off-by: Randy Dunlap [EMAIL PROTECTED]
---
Documentation/kprobes.txt | 214
samples/Kconfig |5
samples/Makefile|3
samples/kprobes/Makefile|5
samples/kprobes/jprobe_example.c| 65 ++
samples/kprobes/kprobe_example.c| 79 +
samples/kprobes/kretprobe-example.c | 60 ++
7 files changed, 222 insertions(+), 209 deletions(-)
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/Makefile
@@ -0,0 +1,5 @@
+# builds the kprobes example kernel modules;
+# then to use one (as root): insmod module_name.ko
+
+obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
+ kretprobe-example.o
--- linux-2.6.23-rc7.orig/samples/Kconfig
+++ linux-2.6.23-rc7/samples/Kconfig
@@ -7,5 +7,10 @@ menuconfig SAMPLES
if SAMPLES
+config SAMPLE_KPROBES
+ tristate Build kprobes examples -- loadable modules only
+ depends on KPROBES m
+ help
+ This builds several kprobes example modules.
endif # SAMPLES
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
@@ -0,0 +1,65 @@
+/*jprobe-example.c */
+/*
+ * Here's a sample kernel module showing the use of jprobes to dump
+ * the arguments of do_fork().
+ *
+ * Build and insert the kernel module as done in the kprobe example.
+ * You will see the trace data in /var/log/messages and on the
+ * console whenever do_fork() is invoked to create a new process.
+ * (Some messages may be suppressed if syslogd is configured to
+ * eliminate duplicate messages.)
+ */
+
+#include linux/kernel.h
+#include linux/module.h
+#include linux/fs.h
+#include linux/uio.h
+#include linux/kprobes.h
+#include linux/ptrace.h
+
+/*
+ * Jumper probe for do_fork.
+ * Mirror principle enables access to arguments of the probed routine
+ * from the probe handler.
+ */
+
+/* Proxy routine having the same arguments as actual do_fork() routine */
+static long jdo_fork(unsigned long clone_flags, unsigned long stack_start,
+ struct pt_regs *regs, unsigned long stack_size,
+ int __user * parent_tidptr, int __user * child_tidptr)
+{
+ printk(jprobe: clone_flags=0x%lx, stack_size=0x%lx, regs=0x%p\n,
+clone_flags, stack_size, regs);
+ /* Always end with a call to jprobe_return(). */
+ jprobe_return();
+ /*NOTREACHED*/
+ return 0;
+}
+
+static struct jprobe my_jprobe = {
+ .entry = jdo_fork
+};
+
+static int __init jprobe_init(void)
+{
+ int ret;
+ my_jprobe.kp.symbol_name = do_fork;
+
+ if ((ret = register_jprobe(my_jprobe)) 0) {
+ printk(register_jprobe failed, returned %d\n, ret);
+ return -1;
+ }
+ printk(Planted jprobe at %p, handler addr %p\n,
+my_jprobe.kp.addr, my_jprobe.entry);
+ return 0;
+}
+
+static void __exit jprobe_exit(void)
+{
+ unregister_jprobe(my_jprobe);
+ printk(jprobe unregistered\n);
+}
+
+module_init(jprobe_init)
+module_exit(jprobe_exit)
+MODULE_LICENSE(GPL);
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
@@ -0,0 +1,79 @@
+/*kprobe_example.c*/
+/*
+ * NOTE: This example is x86-specific.
+ * Here's a sample kernel module showing the use of kprobes to dump a
+ * stack trace and selected i386 registers when do_fork() is called.
+ *
+ * You will see the trace data in /var/log/messages and on the console
+ * whenever do_fork() is invoked to create a new process.
+ */
+
+#include linux/kernel.h
+#include linux/module.h
+#include linux/kprobes.h
+#include linux/sched.h
+#include linux/ptrace.h
+
+/*For each probe you need to allocate a kprobe structure*/
+static struct kprobe kp;
+
+/*kprobe pre_handler: called just before the probed instruction is executed*/
+static int handler_pre(struct kprobe *p, struct pt_regs *regs)
+{
+#ifdef CONFIG_X86_32
+ printk(pre_handler: p-addr=0x%p, eip=%lx, eflags=0x%lx\n,
+ p-addr, regs-eip, regs-eflags);
+#endif
+#ifdef CONFIG_X86_64
+ printk(pre_handler:
Re: [PATCH/RFC] samples/: move kprobes sources to samples
I could only point to three nitpicks
Randy Dunlap wrote:
This is RFC patch 2/2.
Patch 1/2 introduces the samples/ infrastructure:
http://lkml.org/lkml/2007/9/24/397
---
From: Randy Dunlap [EMAIL PROTECTED]
Move kprobes source files from Documentation/kprobes.txt to
samples/kprobes/ and add them to the build system.
Fix sparse warnings in all 3 kprobes samples source files.
Although kprobe-example.c is x86-specific, make it build on any
platform by surrounding some code in ifdef/endif blocks.
Signed-off-by: Randy Dunlap [EMAIL PROTECTED]
---
Documentation/kprobes.txt | 214
samples/Kconfig |5
samples/Makefile|3
samples/kprobes/Makefile|5
samples/kprobes/jprobe_example.c| 65 ++
samples/kprobes/kprobe_example.c| 79 +
samples/kprobes/kretprobe-example.c | 60 ++
7 files changed, 222 insertions(+), 209 deletions(-)
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/Makefile
@@ -0,0 +1,5 @@
+# builds the kprobes example kernel modules;
+# then to use one (as root): insmod module_name.ko
+
+obj-$(CONFIG_SAMPLE_KPROBES) += kprobe_example.o jprobe_example.o \
+ kretprobe-example.o
--- linux-2.6.23-rc7.orig/samples/Kconfig
+++ linux-2.6.23-rc7/samples/Kconfig
@@ -7,5 +7,10 @@ menuconfig SAMPLES
if SAMPLES
+config SAMPLE_KPROBES
+ tristate Build kprobes examples -- loadable modules only
+ depends on KPROBES m
+ help
+ This builds several kprobes example modules.
endif # SAMPLES
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/jprobe_example.c
@@ -0,0 +1,65 @@
+/*jprobe-example.c */
+/*
+ * Here's a sample kernel module showing the use of jprobes to dump
+ * the arguments of do_fork().
+ *
+ * Build and insert the kernel module as done in the kprobe example.
+ * You will see the trace data in /var/log/messages and on the
+ * console whenever do_fork() is invoked to create a new process.
+ * (Some messages may be suppressed if syslogd is configured to
+ * eliminate duplicate messages.)
+ */
+
+#include linux/kernel.h
+#include linux/module.h
+#include linux/fs.h
+#include linux/uio.h
+#include linux/kprobes.h
+#include linux/ptrace.h
+
+/*
+ * Jumper probe for do_fork.
+ * Mirror principle enables access to arguments of the probed routine
+ * from the probe handler.
+ */
+
+/* Proxy routine having the same arguments as actual do_fork() routine */
+static long jdo_fork(unsigned long clone_flags, unsigned long stack_start,
+ struct pt_regs *regs, unsigned long stack_size,
+ int __user * parent_tidptr, int __user * child_tidptr)
+{
+ printk(jprobe: clone_flags=0x%lx, stack_size=0x%lx, regs=0x%p\n,
+clone_flags, stack_size, regs);
+ /* Always end with a call to jprobe_return(). */
+ jprobe_return();
+ /*NOTREACHED*/
+ return 0;
+}
+
+static struct jprobe my_jprobe = {
+ .entry = jdo_fork
+};
+
+static int __init jprobe_init(void)
+{
+ int ret;
+ my_jprobe.kp.symbol_name = do_fork;
+
+ if ((ret = register_jprobe(my_jprobe)) 0) {
or do:
ret = register_jprobe(my_jprobe);
if (ret 0) {
+ printk(register_jprobe failed, returned %d\n, ret);
+ return -1;
+ }
+ printk(Planted jprobe at %p, handler addr %p\n,
+my_jprobe.kp.addr, my_jprobe.entry);
+ return 0;
+}
+
+static void __exit jprobe_exit(void)
+{
+ unregister_jprobe(my_jprobe);
+ printk(jprobe unregistered\n);
+}
+
+module_init(jprobe_init)
+module_exit(jprobe_exit)
+MODULE_LICENSE(GPL);
--- /dev/null
+++ linux-2.6.23-rc7/samples/kprobes/kprobe_example.c
@@ -0,0 +1,79 @@
+/*kprobe_example.c*/
+/*
+ * NOTE: This example is x86-specific.
+ * Here's a sample kernel module showing the use of kprobes to dump a
+ * stack trace and selected i386 registers when do_fork() is called.
+ *
+ * You will see the trace data in /var/log/messages and on the console
+ * whenever do_fork() is invoked to create a new process.
+ */
+
+#include linux/kernel.h
+#include linux/module.h
+#include linux/kprobes.h
+#include linux/sched.h
+#include linux/ptrace.h
+
+/*For each probe you need to allocate a kprobe structure*/
+static struct kprobe kp;
+
+/*kprobe pre_handler: called just before the probed instruction is executed*/
+static int handler_pre(struct kprobe *p, struct pt_regs *regs)
+{
+#ifdef CONFIG_X86_32
+ printk(pre_handler: p-addr=0x%p, eip=%lx, eflags=0x%lx\n,
+ p-addr, regs-eip, regs-eflags);
+#endif
+#ifdef CONFIG_X86_64
+ printk(pre_handler: p-addr=0x%p, rip=%lx, eflags=0x%lx\n,
+ p-addr, regs-rip, regs-eflags);
+#endif
+ dump_stack();
+ return 0;
+}
+
+/*kprobe post_handler: called after the probed instruction is executed*/
+static void
Re: [PATCH/RFC] samples/: move kprobes sources to samples
Mathieu Desnoyers wrote: * Randy Dunlap ([EMAIL PROTECTED]) wrote: This is RFC patch 2/2. Patch 1/2 introduces the samples/ infrastructure: http://lkml.org/lkml/2007/9/24/397 Hi Randy, I got this when building my markers (which looks alike your kprobes): ld: samples/built-in.o: No such file: No such file or directory make: *** [.tmp_vmlinux1] Error 1 And the Makefile from samples does not seem to be executed. And why is there a Kbuild file in your first patch ? samples/Kbuild should be renamed to samples/Makefile. Sorry about that. I made the kprobes files build only as modules. You are probably attempting to build markers built-in, not as modules? That needs some makefile foo, I think. Sam?? -- ~Randy Phaedrus says that Quality is about caring. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
On Tue, 25 Sep 2007 00:24:00 +0200 roel wrote: I could only point to three nitpicks Yes, hopefully the kprobes people will chime in here sometime and merge those as well, or just ack them and I can change the code. Thanks. --- ~Randy Phaedrus says that Quality is about caring. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH/RFC] samples/: move kprobes sources to samples
* Randy Dunlap ([EMAIL PROTECTED]) wrote: Mathieu Desnoyers wrote: * Randy Dunlap ([EMAIL PROTECTED]) wrote: This is RFC patch 2/2. Patch 1/2 introduces the samples/ infrastructure: http://lkml.org/lkml/2007/9/24/397 Hi Randy, I got this when building my markers (which looks alike your kprobes): ld: samples/built-in.o: No such file: No such file or directory make: *** [.tmp_vmlinux1] Error 1 And the Makefile from samples does not seem to be executed. And why is there a Kbuild file in your first patch ? samples/Kbuild should be renamed to samples/Makefile. Sorry about that. I made the kprobes files build only as modules. You are probably attempting to build markers built-in, not as modules? That needs some makefile foo, I think. Sam?? Ok, fixed.. Was due either to Kbuild being there (?!?) and/or the fact that I used += markers instead of += markers/. Mathieu -- Mathieu Desnoyers Computer Engineering Ph.D. Student, Ecole Polytechnique de Montreal OpenPGP key fingerprint: 8CD5 52C3 8E3C 4140 715F BA06 3F25 A8FE 3BAE 9A68 - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
