Check out my first novel, midnight's simulacra!
Kprobes: Difference between revisions
From dankwiki
(Created page with "Kprobes use the breakpoint mechanism to dynamically instrument Linux kernel code. Two types exist: <i>kprobes</i> can be attached to all but a few blacklisted instruction rang...") |
|||
| Line 2: | Line 2: | ||
==Kernel configuration== | ==Kernel configuration== | ||
<pre>CONFIG_KPROBES=y | |||
CONFIG_HAVE_KPROBES=y | |||
CONFIG_KPROBE_EVENTS=y</pre> | |||
==Further reading== | ==Further reading== | ||
* LWN's [https://lwn.net/Articles/132196/ Introduction to Kprobes], 2005-04-18 | * LWN's [https://lwn.net/Articles/132196/ Introduction to Kprobes], 2005-04-18 | ||
Revision as of 04:49, 6 October 2019
Kprobes use the breakpoint mechanism to dynamically instrument Linux kernel code. Two types exist: kprobes can be attached to all but a few blacklisted instruction ranges in a running kernel, while kretprobes are attached to a function and run when it returns. This instrumentation is typically packaged as a kernel module or eBPF.
Kernel configuration
CONFIG_KPROBES=y CONFIG_HAVE_KPROBES=y CONFIG_KPROBE_EVENTS=y
Further reading
- LWN's Introduction to Kprobes, 2005-04-18
