Esempio n. 1
0
int kmemchecker_probes_init(void)
{
	int ret;

	my_kmalloc_kretprobe.kp.symbol_name = func_name;
	ret = register_kretprobe(&my_kmalloc_kretprobe);
	if (ret < 0) {
		printk(KERN_INFO "kretprobe failed, returned %d\n",
			ret);
		return -1;
	}

	printk(KERN_INFO "Planted return probe at %s: %p\n",
			my_kmalloc_kretprobe.kp.symbol_name, 
			my_kmalloc_kretprobe.kp.addr);
	ret = register_jprobe(&my_kfree_jprobe);
	if (ret < 0) {
		unregister_kretprobe(&my_kmalloc_kretprobe);
		return -1;
	}
	printk(KERN_INFO "hook kfree\n");

	my_kmem_cache_alloc_kretprobe.kp.symbol_name = "__slab_alloc";
	ret = register_kretprobe(&my_kmem_cache_alloc_kretprobe);
	if (ret < 0) {
		unregister_kretprobe(&my_kmalloc_kretprobe);
		unregister_jprobe(&my_kfree_jprobe);
		return -1;
	}
	printk(KERN_INFO "hook __slab_alloc\n");
	return 0;
}
Esempio n. 2
0
void process_notify_remove(void)
{
	unregister_kretprobe(&compat_exec_kretprobe);
	unregister_kretprobe(&exec_kretprobe);
	unregister_kretprobe(&fork_kretprobe);
	unregister_kprobe(&exit_kprobe);
}
Esempio n. 3
0
void kmemchecker_probes_exit(void)
{
	unregister_kretprobe(&my_kmalloc_kretprobe);
	printk(KERN_INFO "kretprobe at %p unregistered\n",
			my_kmalloc_kretprobe.kp.addr);
	unregister_jprobe(&my_kfree_jprobe);
	unregister_kretprobe(&my_kmem_cache_alloc_kretprobe);
}
Esempio n. 4
0
void process_notify_remove(void)
{
#ifdef CONFIG_COMPAT
	unregister_kretprobe(&compat_exec_kretprobe);
#endif
	unregister_kretprobe(&exec_kretprobe);
	unregister_kretprobe(&fork_kretprobe);
	unregister_kprobe(&exit_kprobe);
}
Esempio n. 5
0
void cleanup_module(void)
{
    unregister_kprobe(&kp1);
    unregister_kretprobe(&kp1_ret);
    if (is_kp2) {
        unregister_kprobe(&kp2);
        unregister_kretprobe(&kp2_ret);
    }
    printk("kprobe unregistered\n");
}
Esempio n. 6
0
static void __exit jprobe_exit(void)
{
	
	unregister_jprobe(&my_jprobe);
	printk(KERN_INFO "jprobe at %p unregistered\n", my_jprobe.kp.addr);
	
	unregister_kretprobe(&my_kretprobe);
	printk(KERN_INFO "kretprobe at %p unregistered\n", my_kretprobe.kp.addr);
	
	unregister_kretprobe(&my_socket_kretprobe);
	printk(KERN_INFO "kretprobe at %p unregistered\n", my_socket_kretprobe.kp.addr);
}
Esempio n. 7
0
static void
stapkp_unregister_probe(struct stap_dwarf_probe *sdp)
{
   struct stap_dwarf_kprobe *sdk = sdp->kprobe;

   if (!sdp->registered_p)
      return;

   if (sdp->return_p) {
      unregister_kretprobe (&sdk->u.krp);
      dbug_stapkp("-kretprobe %p\n", sdk->u.krp.kp.addr);
   } else {
      unregister_kprobe (&sdk->u.kp);
      dbug_stapkp("-kprobe %p\n", sdk->u.kp.addr);
   }

#if defined(__ia64__)
   unregister_kprobe (&sdk->dummy);
   dbug_stapkp("-kprobe %p\n", sdk->dummy.addr);
#endif

   sdp->registered_p = 0;

   stapkp_add_missed(sdp);

   // PR16861: kprobes may have left some things in the k[ret]probe struct.
   // Let's reset it to be sure it's safe for re-use.
   memset(sdk, 0, sizeof(struct stap_dwarf_kprobe));
}
Esempio n. 8
0
static void mvmhyper_exit(void)
{
	printk("mvmhyper exit.\n");
	for(i=0;i<hypernum;++i)
		unregister_kprobe(&kphyper[i]);
	unregister_kretprobe(&rphyper);
}
Esempio n. 9
0
int unprobe_sched_process_exec_compat( void )
{
    int rc = 0;
    if (_rp_sched_process_exec_compat.kp.addr) unregister_kretprobe(&_rp_sched_process_exec_compat);
    _rp_sched_process_exec_compat.kp.addr = NULL;
    if (_rp_sched_process_exec_compat.nmissed) INFO("Missed probing %d instances of '%s'", _rp_sched_process_exec_compat.nmissed, VTSS_SYMBOL_PROC_COMPAT_EXEC);
    return rc;
}
Esempio n. 10
0
/* Unregister a trace_probe and probe_event: call with locking probe_lock */
static void unregister_trace_probe(struct trace_probe *tp)
{
	if (probe_is_return(tp))
		unregister_kretprobe(&tp->rp);
	else
		unregister_kprobe(&tp->rp.kp);
	list_del(&tp->list);
	unregister_probe_event(tp);
}
Esempio n. 11
0
static void __exit kretprobe_exit(void)
{
	unregister_kretprobe(&my_kretprobe);
	printk(KERN_INFO "kretprobe at %p unregistered\n",
			my_kretprobe.kp.addr);

	/* nmissed > 0 suggests that maxactive was set too low. */
	printk(KERN_INFO "Missed probing %d instances of %s\n",
		my_kretprobe.nmissed, my_kretprobe.kp.symbol_name);
}
Esempio n. 12
0
static void __exit kretprobe_exit(void)
{
	unregister_kretprobe(&my_kretprobe);
	printk(KERN_INFO "kretprobe at %p unregistered\n",
			my_kretprobe.kp.addr);

	
	printk(KERN_INFO "Missed probing %d instances of %s\n",
		my_kretprobe.nmissed, my_kretprobe.kp.symbol_name);
}
Esempio n. 13
0
static void __exit kretprobe_exit(void)
{
	int i = 0;

	for (i = 0; i < multi_addr_num; i++)
	{
		unregister_kretprobe(&kretprobe[i]);
		printk(KERN_INFO "kretprobe at %p unregistered\n",
				kretprobe[i].kp.addr);
	}
}
Esempio n. 14
0
int process_notify_init(void)
{
	int err;

	if ((err = register_kprobe(&exit_kprobe))) {
		printk(KERN_ERR "%s: exit register_kprobe() failed with error %d\n",
				THIS_MODULE->name, err);
		goto exit_failed;
	}
	if ((err = register_kretprobe(&fork_kretprobe))) {
		printk(KERN_ERR "%s: fork register_kretprobe() failed with error %d\n",
				THIS_MODULE->name, err);
		goto fork_failed;
	}
	if ((err = register_kretprobe(&exec_kretprobe))) {
		printk(KERN_ERR "%s: exec register_kretprobe() failed with error %d\n",
				THIS_MODULE->name, err);
		goto exec_failed;
	}
#ifdef CONFIG_COMPAT
	if ((err = register_kretprobe(&compat_exec_kretprobe))) {
		printk(KERN_ERR "%s: compat_exec register_kretprobe() failed with error %d\n",
				THIS_MODULE->name, err);
		if (err != -EINVAL)
			goto compat_exec_failed;
	}
#endif
	return 0;

#ifdef CONFIG_COMPAT
compat_exec_failed:
	unregister_kretprobe(&exec_kretprobe);
#endif
exec_failed:
	unregister_kretprobe(&fork_kretprobe);
fork_failed:
	unregister_kprobe(&exit_kprobe);
exit_failed:
	return err;
}
Esempio n. 15
0
static void
stapkp_unregister_probe(struct stap_kprobe_probe *skp)
{
    struct stap_kprobe *sk = skp->kprobe;

    if (!skp->registered_p)
        return;

    if (skp->return_p) {
        unregister_kretprobe (&sk->u.krp);
        if (skp->symbol_name)
            dbug_stapkp("-kretprobe %s:%d\n", sk->u.krp.kp.symbol_name,
                        sk->u.krp.kp.offset);
        else
            dbug_stapkp("-kretprobe %p\n", sk->u.krp.kp.addr);
    } else {
        unregister_kprobe (&sk->u.kp);
        if (skp->symbol_name)
            dbug_stapkp("-kprobe %s:%u\n", sk->u.kp.symbol_name,
                        sk->u.kp.offset);
        else
            dbug_stapkp("-kprobe %p\n", sk->u.kp.addr);
    }

#if defined(__ia64__)
    unregister_kprobe (&sk->dummy);
    dbug_stapkp("-kprobe %p\n", sk->dummy.addr);
#endif

    skp->registered_p = 0;

    stapkp_add_missed(skp);

#if LINUX_VERSION_CODE < KERNEL_VERSION(3,11,0)
    if (skp->symbol_name != NULL) {
        if (skp->return_p) {
            if (sk->u.krp.kp.symbol_name != NULL)
                kfree(sk->u.krp.kp.symbol_name);
        }
        else {
            if (sk->u.kp.symbol_name != NULL)
                kfree(sk->u.kp.symbol_name);
        }
    }
#endif

    // PR16861: kprobes may have left some things in the k[ret]probe struct.
    // Let's reset it to be sure it's safe for re-use.
    memset(sk, 0, sizeof(struct stap_kprobe));
}
Esempio n. 16
0
int __init probe_init(struct hook *hooks, struct rhook *rhooks)
{
	int err;
	struct hook *p;
	struct rhook *q;

	p = hooks;
	while (p->funcname) {
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
		p->jp.kp.symbol_name = p->funcname;
#else
		p->jp.kp.addr = (void*)kallsyms_lookup_name(p->funcname);
		BUG_ON(!p->jp.kp.addr);
#endif
		p++;
	}
	q = rhooks;
	while (q->funcname) {
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19)
		q->rp.kp.symbol_name = q->funcname;
#else
		q->rp.kp.addr = (void*)kallsyms_lookup_name(q->funcname);
		BUG_ON(!q->rp.kp.addr);
#endif
		q++;
	}

	err = 0;
	p = hooks;
	while (p->funcname && !err) {
		err = register_jprobe(&p->jp);
		p++;
	}
	if (!err) {
		q = rhooks;
		while (q->funcname && !err) {
			err = register_kretprobe(&q->rp);
			q++;
		}
		if (!err)
			return 0;
		while (--q != rhooks)
			unregister_kretprobe(&q->rp);
	}

	while (--p != hooks)
		unregister_jprobe(&p->jp);
	return err;
}
Esempio n. 17
0
void __exit probe_exit(struct hook *hooks, struct rhook *rhooks)
{
	struct hook *p;
	struct rhook *q;

	p = hooks;
	while (p->funcname) {
		unregister_jprobe(&p->jp);
		p++;
	}
	q = rhooks;
	while (q->funcname) {
		unregister_kretprobe(&q->rp);
		q++;
	}
}
Esempio n. 18
0
/*
    Helper cleanup resources routine.
    Release resources in the reverse order we acquired them
*/
void ReleaseResources(bool bFreeTsk, bool bRetDoFork)
{
    ReleaseProcFile();

    if(bFreeTsk) {
        unregister_jprobe(&jprobe_free_task);
        trace(DETAIL_LEVEL, "unregister_jprobe(0x%p)\n", &jprobe_free_task);
    }
    if(bRetDoFork) {
        unregister_kretprobe(&kret_do_fork);
        trace(DETAIL_LEVEL, "unregister_kretprobe(0x%p)\n", &kret_do_fork);
    }

    if(s_pLog) {
        kfree(s_pLog);
    }
}
Esempio n. 19
0
static void __exit instrument_exit(void)
{
    //unregister all probes ...
    unregister_kretprobe(kretprobes);
	printk(KERN_INFO "kretprobe at %p unregistered\n", kretprobes->kp.addr);
/*
    unregister_kretprobe(kretprobes+1);
	printk(KERN_INFO "kretprobe at %p unregistered\n", (kretprobes+1)->kp.addr);
    
	unregister_kretprobe(kretprobes+2);
	printk(KERN_INFO "kretprobe at %p unregistered\n", (kretprobes+2)->kp.addr);
*/    
	if(kretprobes)
        kfree(kretprobes);
    if(jprobes)
        kfree(jprobes);
}
Esempio n. 20
0
static int test_kretprobe(void)
{
	int ret;

	ret = register_kretprobe(&rp);
	if (ret < 0) {
		printk(KERN_ERR "Kprobe smoke test failed: "
				"register_kretprobe returned %d\n", ret);
		return ret;
	}

	ret = target(rand1);
	unregister_kretprobe(&rp);
	if (krph_val != rand1) {
		printk(KERN_ERR "Kprobe smoke test failed: "
				"kretprobe handler not called\n");
		handler_errors++;
	}

	return 0;
}