Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awilliam
GitHub Repository: awilliam/linux-vfio
 Path: blob/master/samples/kprobes/kprobe_example.c
10818 views
1
/*

2
 * NOTE: This example is works on x86 and powerpc.

3
 * Here's a sample kernel module showing the use of kprobes to dump a

4
 * stack trace and selected registers when do_fork() is called.

5
 *

6
 * For more information on theory of operation of kprobes, see

7
 * Documentation/kprobes.txt

8
 *

9
 * You will see the trace data in /var/log/messages and on the console

10
 * whenever do_fork() is invoked to create a new process.

11
 */

12


13
#include <linux/kernel.h>

14
#include <linux/module.h>

15
#include <linux/kprobes.h>

16


17
/* For each probe you need to allocate a kprobe structure */

18
static struct kprobe kp = {

19
	.symbol_name	= "do_fork",

20
};

21


22
/* kprobe pre_handler: called just before the probed instruction is executed */

23
static int handler_pre(struct kprobe *p, struct pt_regs *regs)

24
{

25
#ifdef CONFIG_X86

26
	printk(KERN_INFO "pre_handler: p->addr = 0x%p, ip = %lx,"

27
			" flags = 0x%lx\n",

28
		p->addr, regs->ip, regs->flags);

29
#endif

30
#ifdef CONFIG_PPC

31
	printk(KERN_INFO "pre_handler: p->addr = 0x%p, nip = 0x%lx,"

32
			" msr = 0x%lx\n",

33
		p->addr, regs->nip, regs->msr);

34
#endif

35
#ifdef CONFIG_MIPS

36
	printk(KERN_INFO "pre_handler: p->addr = 0x%p, epc = 0x%lx,"

37
			" status = 0x%lx\n",

38
		p->addr, regs->cp0_epc, regs->cp0_status);

39
#endif

40


41
	/* A dump_stack() here will give a stack backtrace */

42
	return 0;

43
}

44


45
/* kprobe post_handler: called after the probed instruction is executed */

46
static void handler_post(struct kprobe *p, struct pt_regs *regs,

47
				unsigned long flags)

48
{

49
#ifdef CONFIG_X86

50
	printk(KERN_INFO "post_handler: p->addr = 0x%p, flags = 0x%lx\n",

51
		p->addr, regs->flags);

52
#endif

53
#ifdef CONFIG_PPC

54
	printk(KERN_INFO "post_handler: p->addr = 0x%p, msr = 0x%lx\n",

55
		p->addr, regs->msr);

56
#endif

57
#ifdef CONFIG_MIPS

58
	printk(KERN_INFO "post_handler: p->addr = 0x%p, status = 0x%lx\n",

59
		p->addr, regs->cp0_status);

60
#endif

61
}

62


63
/*

64
 * fault_handler: this is called if an exception is generated for any

65
 * instruction within the pre- or post-handler, or when Kprobes

66
 * single-steps the probed instruction.

67
 */

68
static int handler_fault(struct kprobe *p, struct pt_regs *regs, int trapnr)

69
{

70
	printk(KERN_INFO "fault_handler: p->addr = 0x%p, trap #%dn",

71
		p->addr, trapnr);

72
	/* Return 0 because we don't handle the fault. */

73
	return 0;

74
}

75


76
static int __init kprobe_init(void)

77
{

78
	int ret;

79
	kp.pre_handler = handler_pre;

80
	kp.post_handler = handler_post;

81
	kp.fault_handler = handler_fault;

82


83
	ret = register_kprobe(&kp);

84
	if (ret < 0) {

85
		printk(KERN_INFO "register_kprobe failed, returned %d\n", ret);

86
		return ret;

87
	}

88
	printk(KERN_INFO "Planted kprobe at %p\n", kp.addr);

89
	return 0;

90
}

91


92
static void __exit kprobe_exit(void)

93
{

94
	unregister_kprobe(&kp);

95
	printk(KERN_INFO "kprobe at %p unregistered\n", kp.addr);

96
}

97


98
module_init(kprobe_init)

99
module_exit(kprobe_exit)

100
MODULE_LICENSE("GPL");

101


102