Commit | Line | Data |
---|---|---|
804defea AM |
1 | /* |
2 | * NOTE: This example is works on x86 and powerpc. | |
3 | * Here's a sample kernel module showing the use of kprobes to dump a | |
4 | * stack trace and selected registers when do_fork() is called. | |
5 | * | |
6 | * For more information on theory of operation of kprobes, see | |
7 | * Documentation/kprobes.txt | |
8 | * | |
9 | * You will see the trace data in /var/log/messages and on the console | |
10 | * whenever do_fork() is invoked to create a new process. | |
11 | */ | |
12 | ||
13 | #include <linux/kernel.h> | |
14 | #include <linux/module.h> | |
15 | #include <linux/kprobes.h> | |
16 | ||
17 | /* For each probe you need to allocate a kprobe structure */ | |
18 | static struct kprobe kp = { | |
19 | .symbol_name = "do_fork", | |
20 | }; | |
21 | ||
22 | /* kprobe pre_handler: called just before the probed instruction is executed */ | |
23 | static int handler_pre(struct kprobe *p, struct pt_regs *regs) | |
24 | { | |
25 | #ifdef CONFIG_X86 | |
26 | printk(KERN_INFO "pre_handler: p->addr = 0x%p, ip = %lx," | |
27 | " flags = 0x%lx\n", | |
28 | p->addr, regs->ip, regs->flags); | |
29 | #endif | |
30 | #ifdef CONFIG_PPC | |
31 | printk(KERN_INFO "pre_handler: p->addr = 0x%p, nip = 0x%lx," | |
32 | " msr = 0x%lx\n", | |
33 | p->addr, regs->nip, regs->msr); | |
34 | #endif | |
35 | ||
36 | /* A dump_stack() here will give a stack backtrace */ | |
37 | return 0; | |
38 | } | |
39 | ||
40 | /* kprobe post_handler: called after the probed instruction is executed */ | |
41 | static void handler_post(struct kprobe *p, struct pt_regs *regs, | |
42 | unsigned long flags) | |
43 | { | |
44 | #ifdef CONFIG_X86 | |
45 | printk(KERN_INFO "post_handler: p->addr = 0x%p, flags = 0x%lx\n", | |
46 | p->addr, regs->flags); | |
47 | #endif | |
48 | #ifdef CONFIG_PPC | |
49 | printk(KERN_INFO "post_handler: p->addr = 0x%p, msr = 0x%lx\n", | |
50 | p->addr, regs->msr); | |
51 | #endif | |
52 | } | |
53 | ||
54 | /* | |
55 | * fault_handler: this is called if an exception is generated for any | |
56 | * instruction within the pre- or post-handler, or when Kprobes | |
57 | * single-steps the probed instruction. | |
58 | */ | |
59 | static int handler_fault(struct kprobe *p, struct pt_regs *regs, int trapnr) | |
60 | { | |
61 | printk(KERN_INFO "fault_handler: p->addr = 0x%p, trap #%dn", | |
62 | p->addr, trapnr); | |
63 | /* Return 0 because we don't handle the fault. */ | |
64 | return 0; | |
65 | } | |
66 | ||
67 | static int __init kprobe_init(void) | |
68 | { | |
69 | int ret; | |
70 | kp.pre_handler = handler_pre; | |
71 | kp.post_handler = handler_post; | |
72 | kp.fault_handler = handler_fault; | |
73 | ||
74 | ret = register_kprobe(&kp); | |
75 | if (ret < 0) { | |
76 | printk(KERN_INFO "register_kprobe failed, returned %d\n", ret); | |
77 | return ret; | |
78 | } | |
79 | printk(KERN_INFO "Planted kprobe at %p\n", kp.addr); | |
80 | return 0; | |
81 | } | |
82 | ||
83 | static void __exit kprobe_exit(void) | |
84 | { | |
85 | unregister_kprobe(&kp); | |
86 | printk(KERN_INFO "kprobe at %p unregistered\n", kp.addr); | |
87 | } | |
88 | ||
89 | module_init(kprobe_init) | |
90 | module_exit(kprobe_exit) | |
91 | MODULE_LICENSE("GPL"); |