This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[RFC][Patch 0/2]kprobe: kprobe-booster against 2.6.14-mm1 for i386
- From: Masami Hiramatsu <hiramatu at sdl dot hitachi dot co dot jp>
- To: systemtap at sources dot redhat dot com
- Cc: Yumiko Sugita <sugita at sdl dot hitachi dot co dot jp>, Satoshi Oshima <soshima at redhat dot com>, Hideo Aoki <haoki at redhat dot com>
- Date: Fri, 25 Nov 2005 22:12:59 +0900
- Subject: [RFC][Patch 0/2]kprobe: kprobe-booster against 2.6.14-mm1 for i386
Hi,
I publish a couple of patches of kprobe-booster in next mails.
With kprobe-booster patch, kprobes execute a copied
instruction directly and (if need) jump back to original code.
This direct execution is executed when the kprobe don’t have
both post_handler and break_handler, and the copied instruction
can be executed directly.
What kinds of instructions can be executed directly or not?
- Call instructions are NG. We should correct the return
address pushed into top of stack.
- Indirect instructions except for absolute indirect-jumps
are NG. Those instructions changes EIP randomly. We should
check EIP and correct it.
- Instructions that change EIP beyond the range of the
instruction buffer are NG.
- Instructions that change EIP to tail 5 bytes of the
instruction buffer (it is the size of a jump instruction).
We must write a jump instruction which backs to original
kernel code in the instruction buffer.
- Break point instruction is NG. We should not touch EIP and
pass to other handlers.
- Absolute direct/indirect jumps are OK.
- Other instructions are OK. But those instructions need a
jump back code.
Kprobe-booster checks instructions at resume_execution()
function. If it can be executed directly, it sets “boostable”
flag.
In kprobe_handler(), kprobe checks the “boostable” flag.
If the flag is set, it resets current kprobe and executes
instruction buffer directly instead of single stepping.
Best Regards,
--
Masami HIRAMATSU
2nd Research Dept.
Hitachi, Ltd., Systems Development Laboratory
E-mail: hiramatu@sdl.hitachi.co.jp