summaryrefslogtreecommitdiff
path: root/source/module/monitor_kallsyms.c
blob: 7111967b3ee4510d5024d86bd9f3452747f8cdc7 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

#include "monitor_kallsyms.h"

unsigned long (*diag_kallsyms_lookup_name)(const char *name);
struct kprobe kprobe_kallsyms_lookup_name = {.symbol_name =
                                                 "kallsyms_lookup_name"};

// orig_fun
unsigned int (*orig_stack_trace_save_tsk)(struct task_struct *task,
                                          unsigned long *store,
                                          unsigned int size,
                                          unsigned int skipnr);
void (*orig_show_stack)(struct task_struct *task, unsigned long *sp,
                        const char *loglvl);

struct sched_class *orig_idle_sched_class;
int (*orig_get_task_type)(struct sched_entity *se);
int (*orig_kernfs_name)(struct kernfs_node *kn, char *buf, size_t buflen);
int (*orig_access_remote_vm)(struct mm_struct *mm, unsigned long addr,
                             void *buf, int len, unsigned int gup_flags);
struct task_struct *(*orig_find_task_by_vpid)(pid_t nr);

void (*orig_open_softirq)(int nr, void (*action)(struct softirq_action *));
void (*orig_raise_softirq)(unsigned int nr);

/**
 * @brief diag_kallsyms_lookup_name init
 * 
 * @return int 
 */
static int fn_kallsyms_lookup_name_init(void) {
  register_kprobe(&kprobe_kallsyms_lookup_name);
  diag_kallsyms_lookup_name = (void *)kprobe_kallsyms_lookup_name.addr;
  unregister_kprobe(&kprobe_kallsyms_lookup_name);

  printk(KERN_INFO "diag_kallsyms_lookup_name is %p\n",
         diag_kallsyms_lookup_name);

  if (!diag_kallsyms_lookup_name) {
    return -EINVAL;
  }
  return 0;
}
/**
 * @brief get all orig_fun
 *
 * @return int 0 is success
 */
int init_orig_fun(void) {
  int ret = fn_kallsyms_lookup_name_init(); // init kallsyms_lookup_name

  if (ret) {
    printk(KERN_INFO "init kallsyms_lookup_name failed\n");
    return ret;
  }

  LOOKUP_SYMS(stack_trace_save_tsk); // stack_trace_save_tsk
  LOOKUP_SYMS(show_stack);           // show_stack
  LOOKUP_SYMS(idle_sched_class);     // idle_sched_class
  LOOKUP_SYMS(access_remote_vm);     // access_remote_vm

  LOOKUP_SYMS_NORET(
      get_task_type); // get_task_type | this fun is not available on 5.17.15
  LOOKUP_SYMS_NORET(kernfs_name); // kernfs_name
  LOOKUP_SYMS_NORET(find_task_by_vpid);
  LOOKUP_SYMS_NORET(open_softirq);
  LOOKUP_SYMS_NORET(raise_softirq);
  return 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 18:28:55 +0000