Commit-ID: dcce32d952eddcd427f648ebd04339cfbf305e23 Gitweb: https://git.kernel.org/tip/dcce32d952eddcd427f648ebd04339cfbf305e23 Author: Masami Hiramatsu <mhiramat@xxxxxxxxxx> AuthorDate: Wed, 20 Jun 2018 01:16:46 +0900 Committer: Ingo Molnar <mingo@xxxxxxxxxx> CommitDate: Thu, 21 Jun 2018 12:33:20 +0200 Documentation/kprobes: Add how to change the execution path Add a section that explaining how to change the execution path with kprobes and warnings for some arch. Signed-off-by: Masami Hiramatsu <mhiramat@xxxxxxxxxx> Acked-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx> Cc: Ananth N Mavinakayanahalli <ananth@xxxxxxxxxxxxxxxxxx> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Cc: Jonathan Corbet <corbet@xxxxxxx> Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx> Cc: Steven Rostedt <rostedt@xxxxxxxxxxx> Cc: linux-arch@xxxxxxxxxxxxxxx Cc: linux-doc@xxxxxxxxxxxxxxx Link: https://lore.kernel.org/lkml/152942500680.15209.12374262914863044775.stgit@devbox Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx> --- Documentation/kprobes.txt | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/Documentation/kprobes.txt b/Documentation/kprobes.txt index cbb545910634..13d8efdb9718 100644 --- a/Documentation/kprobes.txt +++ b/Documentation/kprobes.txt @@ -80,6 +80,26 @@ After the instruction is single-stepped, Kprobes executes the "post_handler," if any, that is associated with the kprobe. Execution then continues with the instruction following the probepoint. +Changing Execution Path +----------------------- + +Since the kprobes can probe into a running kernel code, it can change +the register set, including instruction pointer. This operation +requires maximum attention, such as keeping the stack frame, recovering +execution path etc. Since it is operated on running kernel and need deep +knowladge of the archtecture and concurrent computing, you can easily +shot your foot. + +If you change the instruction pointer (and set up other related +registers) in pre_handler, you must return !0 so that the kprobes +stops single stepping and just returns to given address. +This also means post_handler should not be called anymore. + +Note that this operation may be harder on some architectures which +use TOC (Table of Contents) for function call, since you have to +setup new TOC for your function in your module, and recover old +one after back from it. + Return Probes ------------- -- To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
|