Re: [PATCH] kprobes: add kprobe_is_function_probed()

From: Josh Poimboeuf
Date: Tue Oct 21 2014 - 13:08:42 EST


On Tue, Oct 21, 2014 at 05:48:30PM +0200, Jiri Kosina wrote:
> Add a function that allows external users (such as live patching
> mechanisms) to check whether a given function (identified by symbol name)
> has a kprobe installed in it.

Functions aren't uniquely identifiable by name. Perhaps it should be
something like kprobe_is_addr_range_probed()?

Should we refuse to patch a function which has a kprobe installed inside
it? Is there a race-free way to do that?

>
> Signed-off-by: Jiri Kosina <jkosina@xxxxxxx>
> ---
> include/linux/kprobes.h | 5 +++++
> kernel/kprobes.c | 28 ++++++++++++++++++++++++++++
> 2 files changed, 33 insertions(+)
>
> diff --git a/include/linux/kprobes.h b/include/linux/kprobes.h
> index f7296e5..f760555 100644
> --- a/include/linux/kprobes.h
> +++ b/include/linux/kprobes.h
> @@ -384,6 +384,7 @@ int disable_kprobe(struct kprobe *kp);
> int enable_kprobe(struct kprobe *kp);
>
> void dump_kprobe(struct kprobe *kp);
> +bool kprobe_is_function_probed(const char *name);
>
> #else /* !CONFIG_KPROBES: */
>
> @@ -459,6 +460,10 @@ static inline int enable_kprobe(struct kprobe *kp)
> {
> return -ENOSYS;
> }
> +static inline bool kprobe_is_function_probed(const char *name)
> +{
> + return false;
> +}
> #endif /* CONFIG_KPROBES */
> static inline int disable_kretprobe(struct kretprobe *rp)
> {
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index 3995f54..27e8ddb 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -2036,6 +2036,34 @@ void dump_kprobe(struct kprobe *kp)
> NOKPROBE_SYMBOL(dump_kprobe);
>
> /*
> + * Check whether a given symbol is a probed function
> + */
> +bool kprobe_is_function_probed(const char *name)
> +{
> + struct hlist_head *head;
> + struct kprobe *p, *kp;
> + const char *sym = NULL;
> + unsigned long offset = 0;
> + unsigned int i;
> + char *modname, namebuf[KSYM_NAME_LEN];
> +
> + preempt_disable();
> + for (i = 0; i < KPROBE_TABLE_SIZE; i++) {
> + head = &kprobe_table[i];
> + hlist_for_each_entry_rcu(p, head, hlist) {
> + sym = kallsyms_lookup((unsigned long)p->addr,
> + NULL, &offset, &modname,
> + namebuf);
> + if (!strcmp(sym, name))
> + return true;
> + }
> + }
> + preempt_enable();
> + return false;
> +}
> +EXPORT_SYMBOL_GPL(kprobe_is_function_probed);
> +
> +/*
> * Lookup and populate the kprobe_blacklist.
> *
> * Unlike the kretprobe blacklist, we'll need to determine
> --
> 1.9.2
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/