lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 06 Feb 2007 15:25:35 +0530
From:	Srinivasa Ds <srinivasa@...ibm.com>
To:	linux-kernel@...r.kernel.org, akpm@...l.org, torvalds@...l.org,
	jkenisto@...ibm.com, anil.s.keshavamurthy@...el.com,
	prasanna@...ibm.com, ananth@...ibm.com
Subject: [RFC] [PATCH] To list all active probes in the system

Hi folks

        I have developed a patch, that lists all active probes in the
system. I have done this through /proc interface. Currently list is
available under /proc/kprobes/list. Any suggestions for better place and
name??

	My patch scans through kprobe_table[],lists out all the probes, in an
order it finds them. It also takes care of aggregate handlers. Type of
the probe is recognised by the kind of pre_handler it has. I have
assigned letter for each probe, like "k" for kprobes, "j" for jprobes,
"r" for kretprobes. Along with type of the probe,it also lists the
address of the instruction,its symbolic name(function name + offset) and
the module name.


Output of /proc/kprobes/list  looks like this
======================
[root@...31 a]# cat /proc/kprobes/list
c0000000000c0720  r  .sys_write+0x0
c0000000000c0720  k  .sys_write+0x0
c00000000004c550  k  .do_fork+0x0
c00000000004c550  k  .do_fork+0x0
c00000000004c550  j  .do_fork+0x0
c0000000000bfed4  r  .vfs_read+0x0
c0000000000bddb4  r  .sys_open+0x0
c0000000000c0694  r  .sys_read+0x0
c0000000000c0694  k  .sys_read+0x0
c00000000004c554  k  .do_fork+0x4
d0000000000781b0  k  .autofs4_dentry_release+0x0  autofs4
c0000000000275d0  k  kretprobe_trampoline+0x0
c0000000000bfd18  k  .vfs_write+0x0
====================================

Please let me know your comments on this.

Signed-off-by: Srinivasa DS <srinivasa@...ibm.com>


View attachment "kp.diff" of type "text/x-patch" (4931 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ