This patch shows the basic idea of usage of early kprobes. By adding kernel cmdline options such as 'ekprobe=__alloc_pages_nodemask' or 'ekprobe=0xc00f3c2c', early kprobes are installed. When the probed instructions get hit, a message is printed.
Signed-off-by: Wang Nan <wangn...@huawei.com> --- kernel/kprobes.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index 9c3ea9b..73f9b7f 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -2611,8 +2611,79 @@ convert_early_kprobes(void) hlist_for_each_entry_safe(p, tmp, &early_kprobe_hlist, hlist) convert_early_kprobe(p); }; + +static int early_kprobe_pre_handler(struct kprobe *p, struct pt_regs *regs) +{ + const char *sym = NULL; + char *modname, namebuf[KSYM_NAME_LEN]; + unsigned long offset = 0; + + sym = kallsyms_lookup((unsigned long)p->addr, NULL, + &offset, &modname, namebuf); + if (sym) + pr_info("Hit early kprobe at %s+0x%lx%s%s\n", + sym, offset, + (modname ? " " : ""), + (modname ? modname : "")); + else + pr_info("Hit early kprobe at %p\n", p->addr); + return 0; +} + +DEFINE_EKPROBE_ALLOC_OPS(struct kprobe, early_kprobe_setup, static); +static int __init early_kprobe_setup(char *p) +{ + unsigned long long addr; + struct kprobe *kp; + int len = strlen(p); + int err; + + if (len <= 0) { + pr_err("early kprobe: wrong param: %s\n", p); + return 0; + } + + if ((p[0] == '0') && (p[1] == 'x')) { + err = kstrtoull(p, 16, &addr); + if (err) { + pr_err("early kprobe: wrong address: %p\n", p); + return 0; + } + } else { + addr = kallsyms_lookup_name(p); + if (!addr) { + pr_err("early kprobe: wrong symbol: %s\n", p); + return 0; + } + } + + if ((addr < (unsigned long)_text) || + (addr >= (unsigned long)_etext)) + pr_err("early kprobe: address of %p out of range\n", p); + + kp = ek_alloc_early_kprobe_setup(); + if (kp == NULL) { + pr_err("early kprobe: no enough early kprobe slot\n"); + return 0; + } + kp->addr = (void *)(unsigned long)(addr); + kp->pre_handler = early_kprobe_pre_handler; + err = register_kprobe(kp); + if (err) { + pr_err("early kprobe: register early kprobe %s failed\n", p); + ek_free_early_kprobe_setup(kp); + } + return 0; +} #else static int register_early_kprobe(struct kprobe *p) { return -ENOSYS; } static int ek_free_early_kprobe(struct early_kprobe_slot *slot) { return 0; } static void convert_early_kprobes(void) {}; + +static int __init early_kprobe_setup(char *p) +{ + return 0; +} #endif + +early_param("ekprobe", early_kprobe_setup); -- 1.8.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/