Understanding Software Dynamics

Chapter 15 KUtrace: Linux Kernel Patches

The KUtrace software to capture and timestamp every transition between user-mode and kernel-mode execution is built from a set of Linux kernel patches, a runtime loadable kernel module, a user-mode control library, and various postprocessing programs. In this chapter, we look at the overall tracing design and the kernel patches. In the next chapter, we will look at the companion loadable module code that the patches call. The implementation mechanism is all isolated in this module; just the hooks are in patched kernel files.

The tracing code fills an in-memory reserved kernel buffer organized as multiple fixed-size blocks, each containing multiple individual trace entries. The entire buffer is allocated ...

Get Understanding Software Dynamics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Understanding Software Dynamics by Richard L. Sites

Chapter 15

KUtrace: Linux Kernel Patches

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly