2019-05-19 13:08:20 +01:00
// SPDX-License-Identifier: GPL-2.0-only
2008-03-04 14:28:38 -08:00
/*
* Here ' s a sample kernel module showing the use of kprobes to dump a
2020-08-19 12:46:52 +02:00
* stack trace and selected registers when kernel_clone ( ) is called .
2008-03-04 14:28:38 -08:00
*
* For more information on theory of operation of kprobes , see
2020-09-09 16:10:37 +02:00
* Documentation / trace / kprobes . rst
2008-03-04 14:28:38 -08:00
*
* You will see the trace data in / var / log / messages and on the console
2020-08-19 12:46:52 +02:00
* whenever kernel_clone ( ) is invoked to create a new process .
2008-03-04 14:28:38 -08:00
*/
2021-05-17 10:21:23 +08:00
# define pr_fmt(fmt) "%s: " fmt, __func__
2008-03-04 14:28:38 -08:00
# include <linux/kernel.h>
# include <linux/module.h>
# include <linux/kprobes.h>
2022-06-08 09:23:22 +08:00
static char symbol [ KSYM_NAME_LEN ] = " kernel_clone " ;
module_param_string ( symbol , symbol , KSYM_NAME_LEN , 0644 ) ;
2016-05-20 17:04:33 -07:00
2008-03-04 14:28:38 -08:00
/* For each probe you need to allocate a kprobe structure */
static struct kprobe kp = {
2016-05-20 17:04:33 -07:00
. symbol_name = symbol ,
2008-03-04 14:28:38 -08:00
} ;
/* kprobe pre_handler: called just before the probed instruction is executed */
2020-03-26 23:50:11 +09:00
static int __kprobes handler_pre ( struct kprobe * p , struct pt_regs * regs )
2008-03-04 14:28:38 -08:00
{
# ifdef CONFIG_X86
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, ip = %lx, flags = 0x%lx \n " ,
2016-05-20 17:04:36 -07:00
p - > symbol_name , p - > addr , regs - > ip , regs - > flags ) ;
2008-03-04 14:28:38 -08:00
# endif
# ifdef CONFIG_PPC
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, nip = 0x%lx, msr = 0x%lx \n " ,
2016-05-20 17:04:36 -07:00
p - > symbol_name , p - > addr , regs - > nip , regs - > msr ) ;
2008-03-04 14:28:38 -08:00
# endif
2010-08-03 11:22:21 -07:00
# ifdef CONFIG_MIPS
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, epc = 0x%lx, status = 0x%lx \n " ,
2016-05-20 17:04:36 -07:00
p - > symbol_name , p - > addr , regs - > cp0_epc , regs - > cp0_status ) ;
2010-08-03 11:22:21 -07:00
# endif
2016-07-08 12:35:54 -04:00
# ifdef CONFIG_ARM64
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, pc = 0x%lx, pstate = 0x%lx \n " ,
2016-07-08 12:35:54 -04:00
p - > symbol_name , p - > addr , ( long ) regs - > pc , ( long ) regs - > pstate ) ;
# endif
2021-01-12 16:40:54 +01:00
# ifdef CONFIG_ARM
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, pc = 0x%lx, cpsr = 0x%lx \n " ,
2021-01-12 16:40:54 +01:00
p - > symbol_name , p - > addr , ( long ) regs - > ARM_pc , ( long ) regs - > ARM_cpsr ) ;
# endif
2021-03-30 02:04:16 +08:00
# ifdef CONFIG_RISCV
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, pc = 0x%lx, status = 0x%lx \n " ,
2021-03-30 02:04:16 +08:00
p - > symbol_name , p - > addr , regs - > epc , regs - > status ) ;
# endif
2017-09-14 14:11:15 +02:00
# ifdef CONFIG_S390
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr, 0x%p, ip = 0x%lx, flags = 0x%lx \n " ,
2017-09-14 14:11:15 +02:00
p - > symbol_name , p - > addr , regs - > psw . addr , regs - > flags ) ;
# endif
2008-03-04 14:28:38 -08:00
/* A dump_stack() here will give a stack backtrace */
return 0 ;
}
/* kprobe post_handler: called after the probed instruction is executed */
2020-03-26 23:50:11 +09:00
static void __kprobes handler_post ( struct kprobe * p , struct pt_regs * regs ,
2008-03-04 14:28:38 -08:00
unsigned long flags )
{
# ifdef CONFIG_X86
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, flags = 0x%lx \n " ,
2016-05-20 17:04:36 -07:00
p - > symbol_name , p - > addr , regs - > flags ) ;
2008-03-04 14:28:38 -08:00
# endif
# ifdef CONFIG_PPC
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, msr = 0x%lx \n " ,
2016-05-20 17:04:36 -07:00
p - > symbol_name , p - > addr , regs - > msr ) ;
2008-03-04 14:28:38 -08:00
# endif
2010-08-03 11:22:21 -07:00
# ifdef CONFIG_MIPS
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, status = 0x%lx \n " ,
2016-05-20 17:04:36 -07:00
p - > symbol_name , p - > addr , regs - > cp0_status ) ;
2010-08-03 11:22:21 -07:00
# endif
2016-07-08 12:35:54 -04:00
# ifdef CONFIG_ARM64
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, pstate = 0x%lx \n " ,
2016-07-08 12:35:54 -04:00
p - > symbol_name , p - > addr , ( long ) regs - > pstate ) ;
# endif
2021-01-12 16:40:54 +01:00
# ifdef CONFIG_ARM
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, cpsr = 0x%lx \n " ,
2021-01-12 16:40:54 +01:00
p - > symbol_name , p - > addr , ( long ) regs - > ARM_cpsr ) ;
# endif
2021-03-30 02:04:16 +08:00
# ifdef CONFIG_RISCV
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr = 0x%p, status = 0x%lx \n " ,
2021-03-30 02:04:16 +08:00
p - > symbol_name , p - > addr , regs - > status ) ;
# endif
2017-09-14 14:11:15 +02:00
# ifdef CONFIG_S390
2021-05-17 10:21:23 +08:00
pr_info ( " <%s> p->addr, 0x%p, flags = 0x%lx \n " ,
2017-09-14 14:11:15 +02:00
p - > symbol_name , p - > addr , regs - > flags ) ;
# endif
2008-03-04 14:28:38 -08:00
}
static int __init kprobe_init ( void )
{
int ret ;
kp . pre_handler = handler_pre ;
kp . post_handler = handler_post ;
ret = register_kprobe ( & kp ) ;
if ( ret < 0 ) {
2016-08-03 13:46:03 -07:00
pr_err ( " register_kprobe failed, returned %d \n " , ret ) ;
2008-03-04 14:28:38 -08:00
return ret ;
}
2016-08-03 13:46:03 -07:00
pr_info ( " Planted kprobe at %p \n " , kp . addr ) ;
2008-03-04 14:28:38 -08:00
return 0 ;
}
static void __exit kprobe_exit ( void )
{
unregister_kprobe ( & kp ) ;
2016-08-03 13:46:03 -07:00
pr_info ( " kprobe at %p unregistered \n " , kp . addr ) ;
2008-03-04 14:28:38 -08:00
}
module_init ( kprobe_init )
module_exit ( kprobe_exit )
MODULE_LICENSE ( " GPL " ) ;