Using dynamic kernel events

Although dynamic tracing is a very useful feature, custom kernel modules is not a user-friendly interface. Fortunately, the Linux kernel has been extended with the support of kprobe events, which allow us to set kprobes probes using a debugfs interface.

Getting ready

To make use of this feature, we need to configure our kernel with the CONFIG_KPROBE_EVENT configuration variable.

How to do it...

The debugfs interface adds probes via the /sys/kernel/debug/tracing/kprobe_events file. For example, to add a kprobe called example_probe to the do_sys_open function, you can execute the following command:

# echo 'p:example_probe do_sys_open dfd=%r0 filename=%r1 flags=%r2 mode=%r3' > /sys/kernel/debug/tracing/kprobe_events

The probe ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required

Linux: Embedded Development by Chris Simmonds, Alex González, Alexandru Vaduva

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Using dynamic kernel events

Getting ready

How to do it...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Using dynamic kernel events

Getting ready

How to do it...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.