Hi Frank...
> bash-> do_fork-> bash(available the environment for ls) -> execve ->
> ls
>
> #strace -aef ls
> execve("/bin/ls", ["ls"], [/* 22 vars */]) = 0
>
> I set the Return Probes with do_execve as trigger
>
> Dec 31 22:39:11 fedorasys kernel: fc_pid = 3151 fc_command = rmmod
> parent_pid = 3040 parent_command = bash Dec 31 22:39:11 fedorasys
> kernel:
Ahh...:) Maybe something during do_fork() hasn't set the
task_struct->comm properly according the new ELF binary loaded.
But anyway, as you know, putting kprobe's hook on do_execve only catch
new binary invocation, is it really what you want? Previously I thought
you wanted to catch general fork scenario...CMIIW
Maybe what you need is putting the probe into multiple place e.g
sys_fork and sys_execve and so on.
> Now i search a way to export the data into the user pace. over the
> standard syslog it goes account of system performance.
> My module runs under 2.6.15-rc7 in older kernel versions my module
> freeze the system
Try relayfs? Anyway, you said "freeze", during which event?
regards
Mulyadi
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
