RE: [Fault-injection-developer] LKML threads about kprobes

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

maybe a little more explanation. 
In FITH, the PTE of watched memory address will be marked as 'absent'. When
driver accesses the memory, a page fault exception will be triggered. Our
FITH will catch the exception to do our stuffs. This needs a metaphor, the
interrupt vector table (IDT) entry of page fault exception should be an
'interrupt gate', not a 'trap gate', because driver may access watched
memory in interrupt handler which cause exception re-entry.

The problem is:
        1. normal 2.4.x kernel do not have this metaphor, kernel sets page
fault execption as 'trap gate'
    2. 2.4.x+dprobes do have this metaphor, dprobes changes
do_int3/do_debug/do_pagefault exception as 'interrupt gate'
    3. 2.5.x+kprobes do not have this metaphor. kprobes only changes
do_int3/do_debug exception as 'interrupt gate'. let do_pagefault be :-(

IMHO, we must patch kernel based on 2.5.x+kprobes to following the metaphor.
-----Original Message-----
From: Zhuang, Louis [mailto:lou...@in...]
Sent: Friday, November 08, 2002 9:31 AM
To: Lynch, Rusty; 'fau...@so...'
Subject: RE: [Fault-injection-developer] LKML threads about kprobes

Yes, It is not enough. FITH needs capture pagefault exception in
interrept-disabled condition, just as kprobes for do_int3/do_debug. 
-----Original Message-----
From: Lynch, Rusty 
Sent: Friday, November 08, 2002 9:02 AM
To: Zhuang, Louis; Lynch, Rusty; 'fau...@so...'
Subject: RE: [Fault-injection-developer] LKML threads about kprobes

Ok, now I'm confused.  With kprobes you can register to have a handler
called before a specific address is executed.  Why is that not enough?

    -rusty
-----Original Message-----
From: Zhuang, Louis 
Sent: Thursday, November 07, 2002 4:48 PM
To: Lynch, Rusty; 'fau...@so...'
Subject: RE: [Fault-injection-developer] LKML threads about kprobes

Hi, Rusty
    We did work based on kprobes. After we investigated kprobes, we found
kprobes had removed GKHI support. So we need to find another way to get
additional control in exception handling... This is a problem we need to
solve in 2.5.x
-----Original Message-----
From: Lynch, Rusty 
Sent: Friday, November 08, 2002 1:30 AM
To: Zhuang, Louis; 'fau...@so...'
Subject: RE: [Fault-injection-developer] LKML threads about kprobes

It looks to me like kprobes will make it in the kernel.  Why don't we work
under that assumption for now.

    -rusty
-----Original Message-----
From: Zhuang, Louis [mailto:lou...@in...]
Sent: Thursday, November 07, 2002 12:27 AM
To: 'fau...@so...'
Subject: RE: [Fault-injection-developer] LKML threads about kprobes

Humm... kprobes in 2.5.x removed GKHI(General Kernel Hook Interface)
mechanism, which FITH needed. But all kprobes patch in 2.5.x is useful for
FITH, such as do_int3/do_debug interrupt gate. We need a mederate patch to
hook these exception for FITH. But I wonder if this can be accepted by LKML.
Any comments
    -Louis