This patch introduces a sample kernel module to demonstrate the use of Hardware Breakpoint feature. It places a breakpoint over the kernel variable 'pid_max' to monitor all write operations and emits a function-backtrace when done. Signed-off-by: K.Prasad --- samples/Kconfig | 6 ++ samples/Makefile | 4 + samples/hw_breakpoint/Makefile | 1 samples/hw_breakpoint/data_breakpoint.c | 79 ++++++++++++++++++++++++++++++++ 4 files changed, 89 insertions(+), 1 deletion(-) Index: linux-2.6-tip/samples/Kconfig =================================================================== --- linux-2.6-tip.orig/samples/Kconfig +++ linux-2.6-tip/samples/Kconfig @@ -39,5 +39,11 @@ config SAMPLE_KRETPROBES default m depends on SAMPLE_KPROBES && KRETPROBES +config SAMPLE_HW_BREAKPOINT + tristate "Build kernel hardware breakpoint examples -- loadable modules only" + depends on HAVE_HW_BREAKPOINT && m + help + This builds kernel hardware breakpoint example modules. + endif # SAMPLES Index: linux-2.6-tip/samples/Makefile =================================================================== --- linux-2.6-tip.orig/samples/Makefile +++ linux-2.6-tip/samples/Makefile @@ -1,3 +1,5 @@ # Makefile for Linux samples code -obj-$(CONFIG_SAMPLES) += markers/ kobject/ kprobes/ tracepoints/ +obj-$(CONFIG_SAMPLES) += markers/ kobject/ kprobes/ tracepoints/ \ + hw_breakpoint/ + Index: linux-2.6-tip/samples/hw_breakpoint/Makefile =================================================================== --- /dev/null +++ linux-2.6-tip/samples/hw_breakpoint/Makefile @@ -0,0 +1 @@ +obj-$(CONFIG_SAMPLE_HW_BREAKPOINT) += data_breakpoint.o Index: linux-2.6-tip/samples/hw_breakpoint/data_breakpoint.c =================================================================== --- /dev/null +++ linux-2.6-tip/samples/hw_breakpoint/data_breakpoint.c @@ -0,0 +1,79 @@ +/* + * data_breakpoint.c - Sample HW Breakpoint file to watch kernel data address + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * This file is a kernel module that places a breakpoint over 'pid_max' kernel + * variable using Hardware Breakpoint register. The corresponding handler which + * prints a backtrace is invoked everytime a write operation is performed on + * that variable. + * + * After inserting this module, invoke a write operation using + * 'echo > /proc/sys/kernel/pid_max' + * to find the function-call backtrace. + * + * Copyright (C) IBM Corporation, 2009 + */ +#include /* Needed by all modules */ +#include /* Needed for KERN_INFO */ +#include /* Needed for the macros */ + +#include + +struct hw_breakpoint pid_max_hbp; + +void pid_max_hbp_handler(struct hw_breakpoint *temp, struct pt_regs + *temp_regs) +{ + printk(KERN_INFO "pid_max value is changed\n"); + dump_stack(); + printk(KERN_INFO "Dump stack from pid_max_hbp_handler\n"); +} + +static int __init hw_break_module_init(void) +{ + int ret; + +#ifdef CONFIG_X86 + pid_max_hbp.info.name = "pid_max"; + pid_max_hbp.info.type = HW_BREAKPOINT_WRITE; + pid_max_hbp.info.len = HW_BREAKPOINT_LEN_4; + + pid_max_hbp.triggered = (void *)pid_max_hbp_handler; +#endif /* CONFIG_X86 */ + + ret = register_kernel_hw_breakpoint(&pid_max_hbp); + + if (ret < 0) { + printk(KERN_INFO "Breakpoint registration failed\n"); + return ret; + } else + printk(KERN_INFO "HW Breakpoint for pid_max write installed\n"); + + return 0; +} + +static void __exit hw_break_module_exit(void) +{ + unregister_kernel_hw_breakpoint(&pid_max_hbp); + printk(KERN_INFO "HW Breakpoint for pid_max write uninstalled\n"); +} + +module_init(hw_break_module_init); +module_exit(hw_break_module_exit); + +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("K.Prasad"); +MODULE_DESCRIPTION("pid_max breakpoint"); -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/