Open
Description
In the syscall chapter, syscall hooking is introduced, so I think it may be a good opportunity to go a step deeper to talk about Ftrace and hooking, and maybe kernel live patching.
I can provide some introductory text and sample code for syscall hooking if anyone is interested.
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Milestone
Relationships
Participants
Activity
[-]Any chance to inytoduce Ftrace in the syscall chapter (or elsewhere in this book)?[/-][+]Any chance to introduce Ftrace in the syscall chapter (or elsewhere in this book)?[/+][-]Any chance to introduce Ftrace in the syscall chapter (or elsewhere in this book)?[/-][+]Any chance to introduce Ftrace in the syscall chapter (or elsewhere) in this book?[/+]jserv commentedon Oct 24, 2022
@nickchen120235, I am writing another ebook about Linux CPU scheduler in which Ftrace was covered. I can send the draft for your reference. If you would like to contribute, please make a rough list.
nickchen120235 commentedon Oct 24, 2022
Sure I would like to write this portion of the book.
Since Ftrace will also be covered in the aforementioned book, in lkmpg only function-hooking-related stuff will be (roughly) introduced, i.e. more of an introduction to hooking using Ftrace rather than a deep-dive into it. It'll be a section after the
sys_call_tableexample (or just something like "Another technique we can utilize to control the flow of execution of a syscall is Ftrace. ").Currently I'm think of dividing the section into three parts:
sys_open(at)example rewritten using FtraceThe length of content won't be more than a section.
nickchen120235 commentedon Oct 26, 2022
The planned content is similar to this, of course the
kprobepart will be omitted and the rest will be revised.jserv commentedon Nov 20, 2022
It looks great. I like the sequence diagram for illustrating Ftace. Please send pull requests for introducing Ftrace in LKMPG.