profile_event 替换为 kprobe

1 files changed, 26 insertions, 1 deletions

diff --git a/SOURCE/module/kernel/exit.c b/SOURCE/module/kernel/exit.c
index 02c4538..05219c2 100755
--- a/SOURCE/module/kernel/exit.c
+++ b/SOURCE/module/kernel/exit.c
@@ -30,6 +30,7 @@
 #include <linux/syscalls.h>
 #include <linux/vmalloc.h>
 #include <linux/profile.h>
+#include <linux/gfp.h>
 #if KERNEL_VERSION(4, 15, 0) <= LINUX_VERSION_CODE
 #include <linux/sched/mm.h>
 #endif
@@ -150,6 +151,7 @@ static int hook_sched_process_exit(struct task_struct *p)
 	return 0;
 }
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0)
 static int
 task_exit_notify(struct notifier_block *self, unsigned long val, void *data)
 {
@@ -159,10 +161,24 @@ task_exit_notify(struct notifier_block *self, unsigned long val, void *data)
 
 	return 0;
 }
+#else
+void task_exit_notify(struct kprobe *p, struct pt_regs *regs, unsigned long flags)
+{
+	atomic64_inc_return(&diag_nr_running);
+	hook_sched_process_exit(current);
+	atomic64_dec_return(&diag_nr_running);
+}
+#endif
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0)
 static struct notifier_block task_exit_nb = {
 	.notifier_call	= task_exit_notify,
 };
+#else
+static struct kprobe kp_exit = {
+    .symbol_name    = "do_exit",
+};
+#endif
 
 static int __activate_exit_monitor(void)
 {
@@ -172,8 +188,13 @@ static int __activate_exit_monitor(void)
 	if (ret)
 		goto out_variant_buffer;
 	exec_monitor_alloced = 1;
-
+//
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0)
 	profile_event_register(PROFILE_TASK_EXIT, &task_exit_nb);
+#else
+	kp_exit->post_handler = task_exit_notify;
+	register_kprobe(&kp_exit);
+#endif
 	exit_monitor_event_id++;
 	return 1;
 out_variant_buffer:
@@ -190,7 +211,11 @@ int activate_exit_monitor(void)
 
 static void __deactivate_exit_monitor(void)
 {
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 17, 0)
 	profile_event_unregister(PROFILE_TASK_EXIT, &task_exit_nb);
+#else
+	unregister_kprobe(&kp_exit);
+#endif
 
 	synchronize_sched();
 	msleep(10);