Re: [PATCH] Linux Kernel Markers

On Tue, Sep 19, 2006 at 09:41:30AM -0700, Martin Bligh wrote:
Andrew Morton wrote:
On Tue, 19 Sep 2006 09:04:43 -0700
Martin Bligh <mbligh@xxxxxxxxxx> wrote:


It seems like all we'd need to do
is "list all references to function, freeze kernel, update all
references, continue"


"overwrite first 5 bytes of old function with `jmp new_function'".

Yes, that's simple. but slower, as you have a double jump. Probably
a damned sight faster than int3 though.

M.

The advantage of using int3 over jmp to launch the instrumented
module is that int3 (or breakpoint in most architectures) is an
atomic operation to insert.

I am getting some more ideas...

1. Copy the original functions, instrument them and insert them as
a part of kernel module with different name prefix.
2. Insert breakpoint only on those routines at runtime.
3. When the breakpoint gets hit, change the instruction pointer to
the instrumented routine. No need to single step at all.

Adv:
Can be enabled/disabled dynamically by inserting/removing
breakpoints. No overhead of single stepping.
No restriction of running the handler in interrupt context.
You can have pre-compiled instrumented routines.
This mechanism can be used for pre-defined set of routines and for
arbiratory probe points, you can use kprobes/jprobes/systemtap.
No need to be super-user for predefined breakpoints.

Dis:
Maintainence of the code, since it can code base need to be
duplicated and instrumented.

The above idea is similar to runtime or dynamic patching, but here we
use int3(breakpoint) rather than jump instruction.

Please correct me if I am wrong.
Please let me know if need more information.

Thanks
Prasanna


--
Prasanna S.P.
Linux Technology Center
India Software Labs, IBM Bangalore
Email: prasanna@xxxxxxxxxx
Ph: 91-80-41776329
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • AlternativeBootProgramForThreadsV1 (Could scale better for large ammount of threads on few instructi
    ... Instruction L1 needs 12 threads to be spawned on it. ... The spawn programs create the necessary ammount of threads. ... they are released: jmp InstructionToExecute. ... spl SpawnL5 ...
    (rec.games.corewar)
  • Re: How to encode an unconditional jump in 64-bit mode?
    ... Is the 'JMP ' ... I don't see an explicit ... work as a 64-bit instruction, or explicitly stating doesn't work with REX. ... It seems incomplete, dangling, suspicious, lacking. ...
    (alt.lang.asm)
  • Re: Intel 8086 opcodes
    ... RASM a relocatable form for LINK86. ... The destination address, say for a call or jump, is not hard coded ... into the instruction itself, but the destination's relative offset is, ... start2: jmp end ...
    (comp.os.cpm)
  • Re: Intel 8086 opcodes
    ... I don't have an example, but different assemblers could and did produce different binary from the exact same source, but they would execute the exact same way. ... RASM a relocatable form for LINK86. ... into the instruction itself, but the destination's relative offset is, ... start2: jmp end ...
    (comp.os.cpm)
  • Re: [PATCH 0/4] jump label patches
    ... Masami Hiramatsu wrote: ... Those can entail a multi-phase modification like the int3 patching style, ... 2: jmp 7 ... A scheme like that requires that the instruction to be patched be 2-byte ...
    (Linux-Kernel)