diff options
Diffstat (limited to 'watch_module.h')
| -rw-r--r-- | watch_module.h | 68 |
1 files changed, 55 insertions, 13 deletions
diff --git a/watch_module.h b/watch_module.h index d4f48c5..41a49ff 100644 --- a/watch_module.h +++ b/watch_module.h @@ -1,6 +1,9 @@ #include <linux/hrtimer.h> #include <linux/kprobes.h> #include <linux/ktime.h> +#include <linux/list.h> +#include <linux/slab.h> /* for kmalloc */ +#include <linux/string.h> #include <asm/uaccess.h> #include <linux/cdev.h> @@ -11,44 +14,85 @@ #include <linux/sched/signal.h> #include <linux/stacktrace.h> /* for stack_trace_print */ +#define MAX_TIMER_NUM (2048) // max timer number +#define TIMER_MAX_WATCH_NUM (32) // A timer max watch number at once time +#define MAX_NAME_LEN (15) // max name length typedef struct { pid_t task_id; // current process id + char name[MAX_NAME_LEN + 1]; // name void *ptr; // virtual address - int length_byte; // byte + int length_byte; // byte long long threshold; // threshold value unsigned char unsigned_flag; // unsigned flag (true: unsigned, false: signed) unsigned char greater_flag; // reverse flag (true: >, false: <) - unsigned long time_ns; // timer interval (ns) + unsigned long time_ns; // timer interval (ns) } watch_arg; typedef struct { + char name[MAX_NAME_LEN + 2]; // name, last char automatically add '\0' void *kptr; // kernel address + offset - int length_byte; // byte + int length_byte; // byte long long threshold; // threshold value unsigned char unsigned_flag; // unsigned flag (true: unsigned, false: signed) unsigned char greater_flag; // reverse flag (true: >, false: <) } kernel_watch_arg; -kernel_watch_arg k_watch_arg; -EXPORT_SYMBOL(k_watch_arg); // export k_watch_arg +typedef struct +{ + unsigned long long time_ns; // hrTimer time interval (ns) + struct hrtimer hr_timer; // hrTimer + ktime_t kt; // hrTimer time + unsigned sentinel; // sentinel + kernel_watch_arg k_watch_args[TIMER_MAX_WATCH_NUM]; // all watched kernel_watch_arg +} kernel_watch_timer; + +#define TIMER_FILLED(timer) ((timer)->sentinel >= TIMER_MAX_WATCH_NUM) +#define TIMER_EMPTY(timer) (!((timer)->time_ns | (timer)->sentinel)) + +#define TIMER_START(timer) (hrtimer_start(&timer->hr_timer, timer->kt, HRTIMER_MODE_REL)) +#define TIMER_CANCEL(timer) (hrtimer_cancel(&timer->hr_timer)) + +kernel_watch_timer kernel_wtimer_list[MAX_TIMER_NUM] = {0}; // all kernel_watch_timer +int kernel_wtimer_num = 0; // current kernel_watch_timer number + +EXPORT_SYMBOL(kernel_wtimer_list); // export kernel_watch_timer_list +EXPORT_SYMBOL(kernel_wtimer_num); // export kernel_watch_timer_num + +// Helper function +unsigned char w_arg2k_w_arg(void *ptr, watch_arg warg, kernel_watch_arg *k_watch_arg); + +// for timer +kernel_watch_timer *get_timer(unsigned long long time_ns); +unsigned char timer_add_watch(kernel_watch_timer *timer, kernel_watch_arg k_watch_arg); // for memory access -static struct page *page = NULL; -static void *kaddr = NULL; +typedef struct +{ + struct page *page; + void *kaddr; + struct list_head entry; +} watch_local_memory; + +static LIST_HEAD(watch_local_memory_list); + +void free_page_list(void); + +// static struct page *page = NULL; +// static void *kaddr = NULL; void *access_user_space_ptr(pid_t pid, unsigned long kaddr); // for timer #define US2NS (1000) // Interval in microseconds -static struct hrtimer hr_timer; -static ktime_t kt; +// static struct hrtimer hr_timer; +// static ktime_t kt; // hrTimer enum hrtimer_restart hrtimer_hander(struct hrtimer *timer); -int start_hrTimer(unsigned long timeout); -void cancel_hrTimer(void); +// int start_hrTimer(unsigned long timeout); +void cancel_all_hrTimer(void); unsigned char read_and_compare(kernel_watch_arg *k_arg); @@ -95,8 +139,6 @@ static void print_all_task_stack(void) unsigned long backtrace[BACKTRACE_DEPTH]; // save stack unsigned int nr_bt; // stack depth unsigned long long current_time; // last time - printk("-------------------------------------\n"); - printk("-------------watch monitor-----------\n"); current_time = ktime_get_real(); printk("Timestamp (ns): %lld\n", current_time); printk("Recent Load: %lu.%02lu, %lu.%02lu, %lu.%02lu\n", // recent load |