【发布时间】:2022-08-24 15:43:30
【问题描述】:
我尝试使用 ftrace 来挂钩 arm64 内核中的内核函数,但失败了。我的代码的一些重要部分如下:
static void notrace ftrace_hook_handler(size_t ip, size_t parent_ip, struct ftrace_ops *ops, struct ftrace_regs *fregs)
{
pr_info(\"ftrace hooking\");
return;
}
int my_ftrace_hook {
struct ftrace_ops fops;
fops.func = ftrace_hook_handler;
fops.flags = FTRACE_OPS_FL_SAVE_REGS_IF_SUPPORTED;
pr_info(\"symbol: %s, addr: %px\\n\", \"security_path_unlink\", addr_security_path_unlink);
err = ftrace_set_filter_ip(&fops, addr_security_path_unlink, 0, 0);
if (err)
{
pr_err(\"ftrace_set_filter_ip() failed: %d\\n\", err);
return err;
}
}
但出现错误:
# dmesg
[ 945.791221] ftrace_module: loading out-of-tree module taints kernel.
[ 945.791464] ftrace_module: module verification failed: signature and/or required key missing - tainting kernel
[ 945.820649] [ftrace_module] symbol: security_path_unlink, addr: ffffa13fc4fafd10
[ 945.820663] [my_ftrace_hook] ftrace_set_filter_ip() failed: -22
系统信息为:
# uname -a
Linux ubuntu2204 5.15.0-43-generic #46-Ubuntu SMP Wed Jul 13 06:42:04 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux
# cat /etc/os-release
PRETTY_NAME=\"Ubuntu 22.04 LTS\"
NAME=\"Ubuntu\"
VERSION_ID=\"22.04\"
VERSION=\"22.04 (Jammy Jellyfish)\"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL=\"https://www.ubuntu.com/\"
SUPPORT_URL=\"https://help.ubuntu.com/\"
BUG_REPORT_URL=\"https://bugs.launchpad.net/ubuntu/\"
PRIVACY_POLICY_URL=\"https://www.ubuntu.com/legal/terms-and-policies/privacy-policy\"
UBUNTU_CODENAME=jammy
我怎样才能解决这个问题?有没有开源项目可以参考? 任何帮助将不胜感激。
标签: linux-kernel arm64 ftrace