This series of patches allows kprobes to probe module's __init and
__exit functions. This means, you can probe driver initialization
and terminating.

Currently, kprobes can't probe __init function because these functions
are freed after module initialization. And it also can't probe module
__exit functions because kprobe increments reference count of target
module and user can't unload it. this means __exit functions never be
called unless removing probes from the module.

To solve both cases, this series of patches introduces GONE flag and
sets it when the target code is freed(for this purpose, kprobes hooks
MODULE_STATE_* events). This also removes refcount incrementing for
allowing user to unload target module. Users can check which probes
are GONE by debugfs interface. For taking timing of freeing module's
..init text, these also include a patch which adds module's notifier of

This series of patches can be applied after applying below patches on


Thank you,

Documentation/kprobes.txt | 5
arch/arm/kernel/kprobes.c | 2
arch/ia64/kernel/kprobes.c | 8 -
arch/powerpc/kernel/kprobes.c | 7 -
arch/s390/kernel/kprobes.c | 7 -
arch/x86/kernel/kprobes.c | 7 -
include/linux/kprobes.h | 15 +-
include/linux/module.h | 12 +
kernel/kprobes.c | 260 ++++++++++++++++++++++++++----------------
kernel/module.c | 27 +---
10 files changed, 220 insertions(+), 130 deletions(-)

Masami Hiramatsu

Software Engineer
Hitachi Computer Products (America) Inc.
Software Solutions Division

e-mail: mhiramat@redhat.com

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/