lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 4 Jul 2011 15:27:39 +0800
From:	Yong Zhang <yong.zhang0@...il.com>
To:	linux-kernel <linux-kernel@...r.kernel.org>
Cc:	ananth@...ibm.com
Subject: [PATCH] SAMPLES: kprobe_example: make it more easy to use

From: Yong Zhang <yong.zhang0@...il.com>
Subject: [PATCH] SAMPLES: kprobe_example: make it more easy to use

Add parameter 'func' and 'offset' to it, thus make it more easy
to kprobe certain offset/function.

Also print the next PC in post_handler(), thus we can ealily
tell if there is something is wrong when kprobe fails. This
is inspirited by a bug which explores an issue on POWERPC-32
when intruction is emulated: https://lkml.org/lkml/2011/6/24/53

Signed-off-by: Yong Zhang <yong.zhang0@...il.com>
---

Attach it too since webmail may mangle it.

 samples/kprobes/kprobe_example.c |   31 ++++++++++++++++++++++---------
 1 files changed, 22 insertions(+), 9 deletions(-)

diff --git a/samples/kprobes/kprobe_example.c b/samples/kprobes/kprobe_example.c
index ebf5e0c..bbae5f4 100644
--- a/samples/kprobes/kprobe_example.c
+++ b/samples/kprobes/kprobe_example.c
@@ -13,11 +13,18 @@
 #include <linux/kernel.h>
 #include <linux/module.h>
 #include <linux/kprobes.h>
+#include <linux/limits.h>
+
+static char func_name[NAME_MAX] = "do_fork";
+module_param_string(func, func_name, NAME_MAX, S_IRUGO);
+MODULE_PARM_DESC(func, "Function to kprobe");
+
+static unsigned int offset;
+module_param(offset, uint, S_IRUGO);
+MODULE_PARM_DESC(offset, "Function offset to kprobe");

 /* For each probe you need to allocate a kprobe structure */
-static struct kprobe kp = {
-	.symbol_name	= "do_fork",
-};
+static struct kprobe kp;

 /* kprobe pre_handler: called just before the probed instruction is executed */
 static int handler_pre(struct kprobe *p, struct pt_regs *regs)
@@ -47,16 +54,20 @@ static void handler_post(struct kprobe *p, struct
pt_regs *regs,
 				unsigned long flags)
 {
 #ifdef CONFIG_X86
-	printk(KERN_INFO "post_handler: p->addr = 0x%p, flags = 0x%lx\n",
-		p->addr, regs->flags);
+	printk(KERN_INFO "post_handler: p->addr = 0x%p, ip = %lx,"
+			" flags = 0x%lx\n",
+		p->addr, regs->ip, regs->flags);
 #endif
 #ifdef CONFIG_PPC
-	printk(KERN_INFO "post_handler: p->addr = 0x%p, msr = 0x%lx\n",
-		p->addr, regs->msr);
+	printk(KERN_INFO "post_handler: p->addr = 0x%p, nip = 0x%lx,"
+			" msr = 0x%lx\n",
+		p->addr, regs->nip, regs->msr);
+	dump_stack();
 #endif
 #ifdef CONFIG_MIPS
-	printk(KERN_INFO "post_handler: p->addr = 0x%p, status = 0x%lx\n",
-		p->addr, regs->cp0_status);
+	printk(KERN_INFO "post_handler: p->addr = 0x%p, epc = 0x%lx,"
+			" status = 0x%lx\n",
+		p->addr, regs->cp0_epc, regs->cp0_status);
 #endif
 }

@@ -76,6 +87,8 @@ static int handler_fault(struct kprobe *p, struct
pt_regs *regs, int trapnr)
 static int __init kprobe_init(void)
 {
 	int ret;
+	kp.symbol_name = func_name;
+	kp.offset = offset;
 	kp.pre_handler = handler_pre;
 	kp.post_handler = handler_post;
 	kp.fault_handler = handler_fault;
-- 
1.7.4.1

View attachment "0001-SAMPLES-kprobe_example-make-it-more-easy-to-use.patch" of type "text/x-patch" (2828 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ