Function report |
Source Code:arch\x86\kernel\kprobes\core.c |
Create Date:2022-07-28 08:38:47 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:Called after single-stepping. p->addr is the address of the* instruction whose first byte has been replaced by the "int 3"* instruction. To avoid the SMP problems that can occur when we* temporarily put back the original opcode to single-step, we
Proto:static void resume_execution(struct kprobe *p, struct pt_regs *regs, struct kprobe_ctlblk *kcb)
Type:void
Parameter:
| Type | Parameter | Name |
|---|---|---|
| struct kprobe * | p | |
| struct pt_regs * | regs | |
| struct kprobe_ctlblk * | kcb |
| 914 | tos = stack_addr(regs) |
| 922 | flags &= ~X86_EFLAGS_TF |
| 924 | Case insn == 0x9c |
| 928 | Case insn == 0xc2 |
| 929 | Case insn == 0xc3 |
| 930 | Case insn == 0xca |
| 931 | Case insn == 0xcb |
| 932 | Case insn == 0xcf |
| 933 | Case insn == 0xea |
| 936 | Go to no_change |
| 937 | Case insn == 0xe8 |
| 941 | Case insn == 0x9a |
| 945 | Case insn == 0xff |
| 946 | If (insn[1] & 0x30) == 0x10 Then |
| 963 | Default |
| 964 | Break |
| 969 | no_change : |
| 970 | restore_btf() |
| Name | Describe |
|---|---|
| kprobe_debug_handler | Interrupts are disabled on entry as trap1 is an interrupt gate and they* remain disabled throughout this function. |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |