linux/samples/hw_breakpoint/data_breakpoint.c
<<
>>
Prefs 
   1/*
   2 * data_breakpoint.c - Sample HW Breakpoint file to watch kernel data address
   3 *
   4 * This program is free software; you can redistribute it and/or modify
   5 * it under the terms of the GNU General Public License as published by
   6 * the Free Software Foundation; either version 2 of the License, or
   7 * (at your option) any later version.
   8 *
   9 * This program is distributed in the hope that it will be useful,
  10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 * GNU General Public License for more details.
  13 *
  14 * You should have received a copy of the GNU General Public License
  15 * along with this program; if not, write to the Free Software
  16 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  17 *
  18 * usage: insmod data_breakpoint.ko ksym=<ksym_name>
  19 *
  20 * This file is a kernel module that places a breakpoint over ksym_name kernel
  21 * variable using Hardware Breakpoint register. The corresponding handler which
  22 * prints a backtrace is invoked everytime a write operation is performed on
  23 * that variable.
  24 *
  25 * Copyright (C) IBM Corporation, 2009
  26 *
  27 * Author: K.Prasad <prasad@linux.vnet.ibm.com>
  28 */
  29#include <linux/module.h>       /* Needed by all modules */
  30#include <linux/kernel.h>       /* Needed for KERN_INFO */
  31#include <linux/init.h>         /* Needed for the macros */
  32#include <linux/kallsyms.h>
  33
  34#include <linux/perf_event.h>
  35#include <linux/hw_breakpoint.h>
  36
  37struct perf_event * __percpu *sample_hbp;
  38
  39static char ksym_name[KSYM_NAME_LEN] = "pid_max";
  40module_param_string(ksym, ksym_name, KSYM_NAME_LEN, S_IRUGO);
  41MODULE_PARM_DESC(ksym, "Kernel symbol to monitor; this module will report any"
  42                        " write operations on the kernel symbol");
  43
  44static void sample_hbp_handler(struct perf_event *bp, int nmi,
  45                               struct perf_sample_data *data,
  46                               struct pt_regs *regs)
  47{
  48        printk(KERN_INFO "%s value is changed\n", ksym_name);
  49        dump_stack();
  50        printk(KERN_INFO "Dump stack from sample_hbp_handler\n");
  51}
  52
  53static int __init hw_break_module_init(void)
  54{
  55        int ret;
  56        struct perf_event_attr attr;
  57
  58        hw_breakpoint_init(&attr);
  59        attr.bp_addr = kallsyms_lookup_name(ksym_name);
  60        attr.bp_len = HW_BREAKPOINT_LEN_4;
  61        attr.bp_type = HW_BREAKPOINT_W | HW_BREAKPOINT_R;
  62
  63        sample_hbp = register_wide_hw_breakpoint(&attr, sample_hbp_handler);
  64        if (IS_ERR((void __force *)sample_hbp)) {
  65                ret = PTR_ERR((void __force *)sample_hbp);
  66                goto fail;
  67        }
  68
  69        printk(KERN_INFO "HW Breakpoint for %s write installed\n", ksym_name);
  70
  71        return 0;
  72
  73fail:
  74        printk(KERN_INFO "Breakpoint registration failed\n");
  75
  76        return ret;
  77}
  78
  79static void __exit hw_break_module_exit(void)
  80{
  81        unregister_wide_hw_breakpoint(sample_hbp);
  82        printk(KERN_INFO "HW Breakpoint for %s write uninstalled\n", ksym_name);
  83}
  84
  85module_init(hw_break_module_init);
  86module_exit(hw_break_module_exit);
  87
  88MODULE_LICENSE("GPL");
  89MODULE_AUTHOR("K.Prasad");
  90MODULE_DESCRIPTION("ksym breakpoint");
  91
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.