| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.00.0905111030160.14976@gandalf.stny.rr.com> Date: Mon, 11 May 2009 10:35:31 -0400 (EDT) From: Steven Rostedt <rostedt@...dmis.org> To: Masami Hiramatsu <mhiramat@...hat.com> cc: Ingo Molnar <mingo@...e.hu>, lkml <linux-kernel@...r.kernel.org>, systemtap <systemtap@...rces.redhat.com>, kvm <kvm@...r.kernel.org>, Ananth N Mavinakayanahalli <ananth@...ibm.com>, Frederic Weisbecker <fweisbec@...il.com> Subject: Re: [PATCH -tip v5 7/7] tracing: add arguments support on kprobe-based event tracer On Fri, 8 May 2009, Masami Hiramatsu wrote: > Support following probe arguments and add fetch functions on kprobe-based > event tracer. > > %REG : Fetch register REG > sN : Fetch Nth entry of stack (N >= 0) > @ADDR : Fetch memory at ADDR (ADDR should be in kernel) > @SYM[+|-offs] : Fetch memory at SYM +|- offs (SYM should be a data symbol) > aN : Fetch function argument. (N >= 0) > rv : Fetch return value. > ra : Fetch return address. > +|-offs(FETCHARG) : fetch memory at FETCHARG +|- offs address. > > Signed-off-by: Masami Hiramatsu <mhiramat@...hat.com> > Cc: Steven Rostedt <rostedt@...dmis.org> > Cc: Ananth N Mavinakayanahalli <ananth@...ibm.com> > Cc: Ingo Molnar <mingo@...e.hu> > Cc: Frederic Weisbecker <fweisbec@...il.com> > --- > > Documentation/trace/ftrace.txt | 47 +++- > kernel/trace/trace_kprobe.c | 431 ++++++++++++++++++++++++++++++++++++++-- > 2 files changed, 441 insertions(+), 37 deletions(-) > > diff --git a/Documentation/trace/ftrace.txt b/Documentation/trace/ftrace.txt > index 2b8ead6..ce91398 100644 > --- a/Documentation/trace/ftrace.txt The Documentation/trace/ftrace.txt file is getting too big. Could you make a separate "Documentation/trace/kprobes.txt file, and split out the kprobe bits. Thanks, -- Steve > +++ b/Documentation/trace/ftrace.txt > @@ -1329,17 +1329,34 @@ current_tracer, instead of that, just set probe points via > /debug/tracing/kprobe_events. > > Synopsis of kprobe_events: > - p SYMBOL[+offs|-offs]|MEMADDR : set a probe > - r SYMBOL[+0] : set a return probe > + p SYMBOL[+offs|-offs]|MEMADDR [FETCHARGS] : set a probe > + r SYMBOL[+0] [FETCHARGS] : set a return probe > + > + FETCHARGS: > + %REG : Fetch register REG > + sN : Fetch Nth entry of stack (N >= 0) > + @ADDR : Fetch memory at ADDR (ADDR should be in kernel) > + @SYM[+|-offs] : Fetch memory at SYM +|- offs (SYM should be a data symbol) > + aN : Fetch function argument. (N >= 0)(*) > + rv : Fetch return value.(**) > + ra : Fetch return address.(**) > + +|-offs(FETCHARG) : fetch memory at FETCHARG +|- offs address.(***) > + > + (*) aN may not correct on asmlinkaged functions and at the middle of > + function body. > + (**) only for return probe. > + (***) this is useful for fetching a field of data structures. > > E.g. > - echo p sys_open > /debug/tracing/kprobe_events > + echo p do_sys_open a0 a1 a2 a3 > /debug/tracing/kprobe_events > > - This sets a kprobe on the top of sys_open() function. > + This sets a kprobe on the top of do_sys_open() function with recording > +1st to 4th arguments. > > - echo r sys_open >> /debug/tracing/kprobe_events > + echo r do_sys_open rv ra >> /debug/tracing/kprobe_events > > - This sets a kretprobe on the return point of sys_open() function. > + This sets a kretprobe on the return point of do_sys_open() function with > +recording return value and return address. > > echo > /debug/tracing/kprobe_events > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists