blob: 0ba6c1db8de3ba7ece38f91265b10cc4d6604613 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/kprobes.h>
struct kp_data {
struct kprobe kp;
atomic_t use_count;
};
static int handler_pre(struct kprobe *p, struct pt_regs *regs);
#include "kprobe_defs.h"
/* kprobe pre_handler: called just before the probed instruction is executed */
static int handler_pre(struct kprobe *p, struct pt_regs *regs)
{
struct kp_data *k = container_of(p, struct kp_data, kp);
atomic_inc(&k->use_count);
return 0;
}
static int __init kprobe_init(void)
{
int ret;
int probes_registered = 0;
int i;
for (i = 0; i < ARRAY_SIZE(kp_data); i++) {
ret = register_kprobe(&kp_data[i].kp);
if (ret != 0)
atomic_set(&kp_data[i].use_count, -1);
else
probes_registered++;
}
if (probes_registered == 0) {
for (i = 0; i < ARRAY_SIZE(kp_data); i++) {
printk(KERN_INFO "-1 %s\n", kp_data[i].kp.symbol_name);
}
printk(KERN_INFO "kprobe_module unloaded\n");
return ret;
}
printk(KERN_INFO "Planted kprobes\n");
return 0;
}
static void __exit kprobe_exit(void)
{
int i;
for (i = 0; i < ARRAY_SIZE(kp_data); i++) {
if (atomic_read(&kp_data[i].use_count) != -1)
unregister_kprobe(&kp_data[i].kp);
}
printk(KERN_INFO "kprobes unregistered\n");
for (i = 0; i < ARRAY_SIZE(kp_data); i++) {
printk(KERN_INFO "%d %s\n", atomic_read(&kp_data[i].use_count),
kp_data[i].kp.symbol_name);
}
printk(KERN_INFO "kprobe_module unloaded\n");
}
module_init(kprobe_init)
module_exit(kprobe_exit)
MODULE_LICENSE("GPL");
|
