lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250123024224.d0h8d4HV@linutronix.de>
Date: Thu, 23 Jan 2025 03:42:24 +0100
From: Nam Cao <namcao@...utronix.de>
To: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Steven Rostedt <rostedt@...dmis.org>, naveen@...nel.org,
	anil.s.keshavamurthy@...el.com, davem@...emloft.net,
	linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org,
	john.ogness@...utronix.de
Subject: Re: kprobe on local function

On Thu, Jan 23, 2025 at 10:48:42AM +0900, Masami Hiramatsu wrote:
> On Wed, 22 Jan 2025 17:29:36 -0500
> Steven Rostedt <rostedt@...dmis.org> wrote:
> 
> > On Wed, 22 Jan 2025 08:59:39 +0100
> > Nam Cao <namcao@...utronix.de> wrote:
> > > I installed a kretprobe on the function "rt_mutex_slowunlock". Although the
> > > function is called, the probe is never hit.
> > > 
> > 
> > How did you install the kretprobe?

Sorry for being unclear. I install it from within the kernel:

	struct kretprobe mutex_event = {
		.kp.symbol_name = "rt_mutex_slowunlock",
		.entry_handler = entry_handler,
		.handler = return_handler,
	};

	register_kretprobe(&mutex_event);

...
> > Have you tried "perf probe" to install the probes? That uses dwarf info to
> > find all the functions.
> 
> Yes, I recommend you to use `perf probe` (under tools/perf) to put kretprobes
> on those copies. See tools/perf/Documentation/perf-probe.txt for details.

So a similar solution for in-kernel code is kallsyms_on_each_match_symbol().
But I expect register_kretprobe() to do that by itself; or at least report
a failure if caller specifies the symbol name, but multiple symbols of the
same name are found. Because at least to me, my code "looks correct and
should work" but it doesn't.

Thank you both for your replies,
Nam

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ