On Wed, Jul 14, 2010 at 00:35, Kiran P <kiran.kiranp@xxxxxxxxx> wrote: > Hi, > > I need to trace some kernel driver functions. But kernel is not > compiled with kprobes and I am not allowed to recompile the kernel. Not even single tracing facility is turned on? Oh boy...ok let me think....too bad it's not inside virtual machine or let's say User Mode Linux. How about this....sounds crazy maybe...you mark the page that contains the target code(s) as non executable? That way, it will trigger fault... but then the problem shifts....you need to modify the fault handler... Or maybe you can mimic the way kprobe work...AFAIK it's : put INT 3 code in the function's prolog...install break point handler...copy the original somewhere else. Code is executed, init 03H kicks in, handler is called....you then know it is called...the return to original code. Mind you, take care about stack frame condition. Maybe this method is too risky or too fancy...so it's up to you to try it or not. -- regards, Mulyadi Santosa Freelance Linux trainer and consultant blog: the-hydra.blogspot.com training: mulyaditraining.blogspot.com -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
