Using dynamic kernel events
Although dynamic tracing is a very useful feature, custom kernel modules is not a user-friendly interface. Fortunately, the Linux kernel has been extended with the support of kprobe events, which allow us to set kprobes probes using a debugfs interface.
Getting ready
To make use of this feature, we need to configure our kernel with the CONFIG_KPROBE_EVENT configuration variable.
How to do it...
The debugfs interface adds probes via the /sys/kernel/debug/tracing/kprobe_events file. For example, to add a kprobe called example_probe to the do_sys_open function, you can execute the following command:
# echo 'p:example_probe do_sys_open dfd=%r0 filename=%r1 flags=%r2 mode=%r3' > /sys/kernel/debug/tracing/kprobe_events
The probe ...
Get Linux: Embedded Development now with the O’Reilly learning platform.
O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.
