lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 4 Aug 2006 16:57:11 +0100
From:	Christoph Hellwig <hch@...radead.org>
To:	David Smith <dsmith@...hat.com>
Cc:	linux-kernel@...r.kernel.org, rusty@...tcorp.com.au,
	prasanna@...ibm.com, ananth@...ibm.com,
	anil.s.keshavamurthy@...el.com, davem@...emloft.net
Subject: Re: [PATCH] module interface improvement for kprobes

> {
> 	/* grab the module, making sure it won't get unloaded until
> 	 * we're done */
> 	const char *mod_name = "joydev";
> 	if (module_get_byname(mod_name, &mod) != 0)
> 		return 1;
> 
> 	/* Specify the address/offset where you want to insert
> 	 * probe.  If this were a real kprobe module, we'd "relocate"
> 	 * our probe address based on the load address of the module
> 	 * we're interested in. */
> 	kp.addr = (kprobe_opcode_t *) mod->module_core + 0;
> 
> 	/* All set to register with Kprobes */
>         register_kprobe(&kp);
> 	return 0;
> }

This interface is horrible.  You actual patch looks good to me, but it
I can't see why you would need it.  kallsyms_lookup_name deals with modules
transparently and you shouldn't put a probe at a relative offset into a
module but only at a symbol you could find with kallsys.

That beeing said we should probably change the kprobes interface to
automatically do the kallsysms name lookup for the caller.  It would simplify
the kprobes interface and allow us to get rid of the kallsyms_lookup_name
export that doesn't have a valid use except for kprobes.  With
that change the example kprobe would look like:

static struct kprobe kp = {
	.pre_handler	= handler_pre,
	.post_handler	= handler_post,
	.fault_handler	= handler_fault,
	.symbol_name	= "do_fork",
};

static int __init probe_example_init(void)
{
	return register_kprobe(&kp);
}

(and btw, init_module is gone, so both your example and the one in
Documentation/kprobes.txt can't compile anymore - care to send a patch
to update the latter?)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ