From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10137 invoked by alias); 19 Oct 2006 09:04:18 -0000 Received: (qmail 10130 invoked by uid 22791); 19 Oct 2006 09:04:17 -0000 X-Spam-Status: No, hits=0.2 required=5.0 tests=AWL,BAYES_00,TW_DJ,UNPARSEABLE_RELAY X-Spam-Check-By: sourceware.org Received: from mail4.hitachi.co.jp (HELO mail4.hitachi.co.jp) (133.145.228.5) by sourceware.org (qpsmtpd/0.31) with ESMTP; Thu, 19 Oct 2006 09:04:11 +0000 Received: from mlsv2.hitachi.co.jp (unknown [133.145.228.16]) by mail4.hitachi.co.jp (Postfix) with ESMTP id 9551D33CD8 for ; Thu, 19 Oct 2006 18:04:08 +0900 (JST) Received: from MFILTER-S4.hitachi.co.jp by mlsv2.hitachi.co.jp (8.12.10/8.12.10) id k9J947e3031309; Thu, 19 Oct 2006 18:04:07 +0900 Received: from vshuts5.hitachi.co.jp (unverified) by MFILTER-S4.hitachi.co.jp (Content Technologies SMTPRS 4.3.17) with SMTP id ; Thu, 19 Oct 2006 18:04:06 +0900 Received: from hsdlgw92.sdl.hitachi.co.jp ([133.144.7.20]) by vshuts5.hitachi.co.jp with SMTP id M2006101918040618530 ; Thu, 19 Oct 2006 18:04:06 +0900 Received: from vgate2.sdl.hitachi.co.jp by hsdlgw92.sdl.hitachi.co.jp (8.9.3/3.7W06061314) id SAA21049; Thu, 19 Oct 2006 18:04:04 +0900 Received: from maila.sdl.hitachi.co.jp ([133.144.14.196]) by vgate2.sdl.hitachi.co.jp (SAVSMTP 3.1.1.32) with SMTP id M2006101918040404271 ; Thu, 19 Oct 2006 18:04:04 +0900 Received: from [127.0.0.1] ([10.232.9.172]) by maila.sdl.hitachi.co.jp (8.13.1/3.7W04031011) with ESMTP id k9J944Rb006596; Thu, 19 Oct 2006 18:04:05 +0900 Message-ID: <45373F70.4020507@hitachi.com> Date: Thu, 19 Oct 2006 09:04:00 -0000 From: Masami Hiramatsu Organization: Systems Development Lab., Hitachi, Ltd., Japan User-Agent: Thunderbird 1.5.0.7 (Windows/20060909) MIME-Version: 1.0 To: "Keshavamurthy, Anil S" , Ananth N Mavinakayanahalli , Prasanna S Panchamukhi , Ingo Molnar , SystemTAP Cc: Masami Hiramatsu , Satoshi Oshima , Hideo Aoki , Yumiko Sugita Subject: [RFC][djprobe] djprobe examples References: <45338593.6090207@hitachi.com> In-Reply-To: <45338593.6090207@hitachi.com> Content-Type: multipart/mixed; boundary="------------050009030506070607070701" X-Virus-Checked: Checked by ClamAV on sourceware.org Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm Precedence: bulk List-Subscribe: List-Post: List-Help: , Sender: systemtap-owner@sourceware.org X-SW-Source: 2006-q4/txt/msg00182.txt.bz2 This is a multi-part message in MIME format. --------------050009030506070607070701 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-length: 2182 Hi, Here are an example module of djprobe and a simple helper script. NOTE: Currently, this helper script can ONLY measure the *LENGTH* of the instruction-block which will be overwritten by a jump code. It can *NOT* check whether this instruction-block can be executed out of line and no branch jumps into the target area. However, now we're developing more useful helper tool which can check it. Here is the example of usage; 1) Analyze the kernel code by using the helper script. $ ./disym.sh sys_symlink sys_symlink 0xc017bbe0 /lib/modules/2.6.19-rc1-mm1/build/vmlinux: file format elf32-i386 Disassembly of section .text: c017bbe0 : c017bbe0: 83 ec 0c sub $0xc,%esp c017bbe3: 8b 44 24 14 mov 0x14(%esp),%eax Please be sure that the above-disassembled instructions are relocatable. Parameter: addr=0xc017bbe0 size=7 2) If the instructions can be executed out of line (ex. load/store, compare, add/sub, etc.) and no branch jumps into it (you can dump whole of the function by using disym.sh with '-a' option), Install the example module with the above parameters. $ sudo /sbin/insmod ./djprobe_ex.ko addr=0xc017bbe0 size=7 3) and test it. $ ln -s hoge huga $ dmesg | tail -n 4 probe install at c017bbe0, size 7 Stopping tasks: =======================================| Restarting tasks... done probe call:c017bbe0, caller:c01030c5 $ rm huga $ ln -s hoge huga $ dmesg | tail -n 5 probe install at c017bbe0, size 7 Stopping tasks: =======================================| Restarting tasks... done probe call:c017bbe0, caller:c01030c5 probe call:c017bbe0, caller:c01030c5 4) Finally, remove the module. $ sudo /sbin/rmmod djprobe_ex.ko $ dmesg | tail -n 8 probe install at c017bbe0, size 7 Stopping tasks: =======================================| Restarting tasks... done probe call:c017bbe0, caller:c01030c5 probe call:c017bbe0, caller:c01030c5 probe uninstall at c017bbe0 Stopping tasks: =======================================| Restarting tasks... done Thanks, -- Masami HIRAMATSU Linux Technology Center Hitachi, Ltd., Systems Development Laboratory E-mail: masami.hiramatsu.pt@hitachi.com --------------050009030506070607070701 Content-Type: text/plain; name="disym.sh" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="disym.sh" Content-length: 1743 #!/bin/sh # Copyright (C) HITACHI, Ltd. 2005 # Created by M.Hiramatsu [ $# -gt 3 -o $# -lt 1 ] && echo "usage: disym.sh [-a] [kernel-version]" && exit 0 DISALL=0 if [ $1 = "-a" ] ;then DISALL=1 shift 1 fi SYM=$1 KVER=$2 [ -z "$KVER" ] && KVER=`uname -r` function cntarg () { return $# } SYSMAP=/lib/modules/$KVER/build/System.map [ -f $SYSMAP ] || SYSMAP=/boot/System.map-`uname -r` [ -f $SYSMAP ] || SYSMAP=/proc/kallsyms VMLINUX=/lib/modules/$KVER/build/vmlinux [ -f $VMLINUX ] || VMLINUX=/boot/vmlinux-`uname -r` [ -f $VMLINUX ] || VMLINUX=/usr/lib/debug/lib/modules/$KVER/vmlinux setaddrs () { XADDR=$1 XEADDR=$2 } echo $SYM case $SYM in 0x*) XADDR=$SYM SADDR=`printf "%d" $SYM` EADDR=`expr $SADDR + 5` ;; *) if [ $DISALL -eq 1 ] ;then setaddrs `sort $SYSMAP | grep -A1 " $SYM"$ | cut -f 1 -d\ ` if [ -z "$XADDR" ] ; then echo "Error : $SYM was not found in "$SYSMAP exit 0; fi XADDR=0x$XADDR XEADDR=0x$XEADDR SADDR=`printf "%d" $XADDR` EADDR=`printf "%d" $XEADDR` else XADDR=0x`grep " $SYM"$ $SYSMAP | cut -f 1 -d\ ` if [ "$XADDR" = "0x" ] ; then echo "Error : $SYM was not found in "$SYSMAP exit 0; fi SADDR=`printf "%d" $XADDR` EADDR=`expr $SADDR + 5` fi ;; esac echo $XADDR objdump -w --start-address=$SADDR --stop-address=$EADDR -j ".text" -d $VMLINUX echo LLINE=`objdump -w --start-address=$SADDR --stop-address=$EADDR -j ".text" -d $VMLINUX | tail -n 1 | sed s/" "/\:/g` EXADDR=`echo $LLINE | cut -f 1 -d:` cntarg `echo $LLINE | cut -f 3 -d:` DIFF=$? EADDR=`printf "%d" 0x$EXADDR` SIZE=`expr $EADDR - $SADDR + $DIFF` echo "Please be sure that the above-disassembled instructions are relocatable." echo "Parameter: addr=$XADDR size=$SIZE" --------------050009030506070607070701 Content-Type: text/plain; name="djprobe_ex.c" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="djprobe_ex.c" Content-length: 2174 /* djprobe_ex.c -- Direct Jump Probe Example Copyright (c) 2005,2006 Hitachi,Ltd., Created by Masami Hiramatsu This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #include #include #include #include #include static long addr=0; module_param(addr, long, 0444); static long size=0; module_param(size, long, 0444); static long show_arg=0; module_param(show_arg, long, 0444); #define CALLER(regs) (((unsigned long *)®s->esp)[0]) #define ARG(n,regs) (((unsigned long *)®s->esp)[n]) /*arg1: ARG(1,stadr)*/ static void probe_func(struct djprobe *djp, struct pt_regs *regs) { int i; printk("probe call:%p, caller:%lx", (void*)djp->inst->kp.addr, CALLER(regs)); for (i = 1; i <= show_arg; i++) { printk(" arg[%d]:%lx", i, ARG(i, regs)); } printk("\n"); } static struct djprobe djp = {0}; static int install_probe(void) { if (addr == 0 || size < 5 || size > 16 ) { return -1; } printk("probe install at %p, size %ld\n", (void*)addr, size); djp.handler = probe_func; djprobe_param_address(&djp.param) = (void *)addr; djprobe_param_length(&djp.param) = size; if (register_djprobe(&djp) != 0) return -1; return 0; } static void uninstall_probe(void) { unregister_djprobe(&djp); printk("probe uninstall at %p\n", (void*)addr); } module_init(install_probe); module_exit(uninstall_probe); MODULE_AUTHOR("M.Hiramatsu "); MODULE_LICENSE("GPL"); --------------050009030506070607070701--