On Sun, May 31, 2009 at 06:47:55PM +0100, Robert Milkowski wrote: > Hello Jonathan, > > Saturday, May 30, 2009, 12:11:58 AM, you wrote: > > JA> On Sat, May 30, 2009 at 12:04:50AM +0200, Pavel Filipensky wrote: > >> Hi, > >> > >> is it somehow possible to use Dtrace for error injection in a kernel > >> module? > >> > >> Something like changing: > >> - function return value > >> - value of a register > >> > >> If not, can it be implemented? > > JA> No; it violates the basic safety constraints of dtrace(1M). > > I don't know... it allows to change some things like n structure in > user space which is filled in in kernel by syscall, but then doesn't > allow to change an return code. What I'm trying to say is that it > already allows to shoot yourself in foot or fix rather help you (like > changing uname output being a classic example now) but doesn't allow > you to do so with other cases...
But none of those should let you crash the system, since arguments from the user are checked for validity before the kernel uses them. You can destroy user process state, but not kernel state. If you can change kernel argument values in arbitrary ways, there's no way to guarantee the correctness of the result. We have talked about DTRACE_PROBE() calls which return a result, which would allow targetted error injection. But any such call will require kernel modification to work; you're not ever going to be able to have kmem_alloc(nnn, KM_SLEEP) return NULL. > I think it would be very useful if it wuld allow to assign values to > argN (args[N}). For syscall and pid provider probes, that's possible. For kernel-level probes, I'd say never. Cheers, - jonathan _______________________________________________ dtrace-discuss mailing list dtrace-discuss@opensolaris.org
