register_kretprobe失败,返回值为-2

时间:2015-07-08 12:42:32

标签: linux-kernel kernel kernel-module kprobe

我写了一个kretprobe来挂钩fs / binfmt_elf.c文件中提到的randomize_stack_top()函数。在使用insmod加载LKM时,register_kretprobe()调用失败,返回值为-2。我如何进行调试/纠正以使我的模块启动?

#include <linux/kernel.h>
#include <linux/slab.h>
#include <linux/module.h>
#include <linux/kprobes.h>
#include <linux/binfmts.h>
#include <linux/elf.h>
#include <linux/types.h>
#include <linux/errno.h>
#include <asm/uaccess.h>
#include <asm/current.h>
#include <asm/param.h>

/* Global variables */
int randomize_stack_retval;

//  randomize_stack_top() kretprobe specific declarations 
static char stack_name[NAME_MAX] = "randomize_stack_top";

static int randomize_stack_top_entry_handler(struct kretprobe_instance *ri, struct pt_regs *regs)
{
    return 0;
}

static int randomize_stack_top_ret_handler(struct kretprobe_instance *ri, struct pt_regs *regs)
{
    randomize_stack_retval = regs_return_value(regs);   //store in global variable
    printk(KERN_INFO "%d\n",randomize_stack_retval);
    return 0;
}

//randomize_stack_top return probe
static struct kretprobe randomize_kretprobe = {
    .handler = randomize_stack_top_ret_handler,
    .entry_handler = randomize_stack_top_entry_handler,
    .maxactive = NR_CPUS,
};

/* Register kretprobe */
static int __init kretprobe_init(void)
{
    int ret;

    randomize_kretprobe.kp.symbol_name = stack_name;

    ret = register_kretprobe(&randomize_kretprobe);
    if (ret < 0) {
        printk(KERN_INFO "register_kretprobe failed, returned %d\n",
                ret);
        return -1;
    }
    printk(KERN_INFO "Planted return probe at %s: %p\n",
            randomize_kretprobe.kp.symbol_name, randomize_kretprobe.kp.addr);

    return 0;
}

/* Unregister kretprobe */
static void __exit kretprobe_exit(void)
{
    unregister_kretprobe(&randomize_kretprobe);
    printk(KERN_INFO "kretprobe at %p unregistered\n",
            randomize_kretprobe.kp.addr);

    //  nmissed > 0 suggests that maxactive was set too low. 
    printk(KERN_INFO "Missed probing %d instances of %s\n",
  randomize_kretprobe.nmissed, randomize_kretprobe.kp.symbol_name);

}

module_init(kretprobe_init);
module_exit(kretprobe_exit);
MODULE_LICENSE("GPL");

1 个答案:

答案 0 :(得分:1)

-2对应-ENOENT(您可以在include/uapi/asm-generic/errno-base.h中查看)。可能,这意味着kprobe无法找到具有给定名称的符号。

注意,randomize_stack_top是静态函数,实现时间很短,只使用一次。因此可以通过gcc进行内联。

相关问题
最新问题