diff options
-rw-r--r-- | drivers/misc/Makefile | 3 | ||||
-rw-r--r-- | drivers/misc/lkdtm.c | 342 | ||||
-rw-r--r-- | lib/Kconfig.debug | 14 |
3 files changed, 358 insertions, 1 deletions
diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile index 19c2b85..c1bf1fb 100644 --- a/drivers/misc/Makefile +++ b/drivers/misc/Makefile @@ -3,5 +3,6 @@ # obj- := misc.o # Dummy rule to force built-in.o to be made -obj-$(CONFIG_IBM_ASM) += ibmasm/ +obj-$(CONFIG_IBM_ASM) += ibmasm/ obj-$(CONFIG_HDPU_FEATURES) += hdpuftrs/ +obj-$(CONFIG_LKDTM) += lkdtm.o diff --git a/drivers/misc/lkdtm.c b/drivers/misc/lkdtm.c new file mode 100644 index 0000000..e689ee9 --- /dev/null +++ b/drivers/misc/lkdtm.c @@ -0,0 +1,342 @@ +/* + * Kprobe module for testing crash dumps + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * Copyright (C) IBM Corporation, 2006 + * + * Author: Ankita Garg <ankita@in.ibm.com> + * + * This module induces system failures at predefined crashpoints to + * evaluate the reliability of crash dumps obtained using different dumping + * solutions. + * + * It is adapted from the Linux Kernel Dump Test Tool by + * Fernando Luis Vazquez Cao <http://lkdtt.sourceforge.net> + * + * Usage : insmod lkdtm.ko [recur_count={>0}] cpoint_name=<> cpoint_type=<> + * [cpoint_count={>0}] + * + * recur_count : Recursion level for the stack overflow test. Default is 10. + * + * cpoint_name : Crash point where the kernel is to be crashed. It can be + * one of INT_HARDWARE_ENTRY, INT_HW_IRQ_EN, INT_TASKLET_ENTRY, + * FS_DEVRW, MEM_SWAPOUT, TIMERADD, SCSI_DISPATCH_CMD, + * IDE_CORE_CP + * + * cpoint_type : Indicates the action to be taken on hitting the crash point. + * It can be one of PANIC, BUG, EXCEPTION, LOOP, OVERFLOW + * + * cpoint_count : Indicates the number of times the crash point is to be hit + * to trigger an action. The default is 10. + */ + +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/kprobes.h> +#include <linux/kallsyms.h> +#include <linux/init.h> +#include <linux/irq.h> +#include <linux/interrupt.h> +#include <scsi/scsi_cmnd.h> + +#ifdef CONFIG_IDE +#include <linux/ide.h> +#endif + +#define NUM_CPOINTS 8 +#define NUM_CPOINT_TYPES 5 +#define DEFAULT_COUNT 10 +#define REC_NUM_DEFAULT 10 + +enum cname { + INVALID, + INT_HARDWARE_ENTRY, + INT_HW_IRQ_EN, + INT_TASKLET_ENTRY, + FS_DEVRW, + MEM_SWAPOUT, + TIMERADD, + SCSI_DISPATCH_CMD, + IDE_CORE_CP +}; + +enum ctype { + NONE, + PANIC, + BUG, + EXCEPTION, + LOOP, + OVERFLOW +}; + +static char* cp_name[] = { + "INT_HARDWARE_ENTRY", + "INT_HW_IRQ_EN", + "INT_TASKLET_ENTRY", + "FS_DEVRW", + "MEM_SWAPOUT", + "TIMERADD", + "SCSI_DISPATCH_CMD", + "IDE_CORE_CP" +}; + +static char* cp_type[] = { + "PANIC", + "BUG", + "EXCEPTION", + "LOOP", + "OVERFLOW" +}; + +static struct jprobe lkdtm; + +static int lkdtm_parse_commandline(void); +static void lkdtm_handler(void); + +static char* cpoint_name = INVALID; +static char* cpoint_type = NONE; +static int cpoint_count = DEFAULT_COUNT; +static int recur_count = REC_NUM_DEFAULT; + +static enum cname cpoint = INVALID; +static enum ctype cptype = NONE; +static int count = DEFAULT_COUNT; + +module_param(recur_count, int, 0644); +MODULE_PARM_DESC(recur_count, "Recurcion level for the stack overflow test,\ + default is 10"); +module_param(cpoint_name, charp, 0644); +MODULE_PARM_DESC(cpoint_name, "Crash Point, where kernel is to be crashed"); +module_param(cpoint_type, charp, 06444); +MODULE_PARM_DESC(cpoint_type, "Crash Point Type, action to be taken on\ + hitting the crash point"); +module_param(cpoint_count, int, 06444); +MODULE_PARM_DESC(cpoint_count, "Crash Point Count, number of times the \ + crash point is to be hit to trigger action"); + +unsigned int jp_do_irq(unsigned int irq, struct pt_regs *regs) +{ + lkdtm_handler(); + jprobe_return(); + return 0; +} + +irqreturn_t jp_handle_irq_event(unsigned int irq, struct pt_regs *regs, + struct irqaction *action) +{ + lkdtm_handler(); + jprobe_return(); + return 0; +} + +void jp_tasklet_action(struct softirq_action *a) +{ + lkdtm_handler(); + jprobe_return(); +} + +void jp_ll_rw_block(int rw, int nr, struct buffer_head *bhs[]) +{ + lkdtm_handler(); + jprobe_return(); +} + +struct scan_control; + +unsigned long jp_shrink_page_list(struct list_head *page_list, + struct scan_control *sc) +{ + lkdtm_handler(); + jprobe_return(); + return 0; +} + +int jp_hrtimer_start(struct hrtimer *timer, ktime_t tim, + const enum hrtimer_mode mode) +{ + lkdtm_handler(); + jprobe_return(); + return 0; +} + +int jp_scsi_dispatch_cmd(struct scsi_cmnd *cmd) +{ + lkdtm_handler(); + jprobe_return(); + return 0; +} + +#ifdef CONFIG_IDE +int jp_generic_ide_ioctl(ide_drive_t *drive, struct file *file, + struct block_device *bdev, unsigned int cmd, + unsigned long arg) +{ + lkdtm_handler(); + jprobe_return(); + return 0; +} +#endif + +static int lkdtm_parse_commandline(void) +{ + int i; + + if (cpoint_name == INVALID || cpoint_type == NONE || + cpoint_count < 1 || recur_count < 1) + return -EINVAL; + + for (i = 0; i < NUM_CPOINTS; ++i) { + if (!strcmp(cpoint_name, cp_name[i])) { + cpoint = i + 1; + break; + } + } + + for (i = 0; i < NUM_CPOINT_TYPES; ++i) { + if (!strcmp(cpoint_type, cp_type[i])) { + cptype = i + 1; + break; + } + } + + if (cpoint == INVALID || cptype == NONE) + return -EINVAL; + + count = cpoint_count; + + return 0; +} + +static int recursive_loop(int a) +{ + char buf[1024]; + + memset(buf,0xFF,1024); + recur_count--; + if (!recur_count) + return 0; + else + return recursive_loop(a); +} + +void lkdtm_handler(void) +{ + printk(KERN_INFO "lkdtm : Crash point %s of type %s hit\n", + cpoint_name, cpoint_type); + --count; + + if (count == 0) { + switch (cptype) { + case NONE: + break; + case PANIC: + printk(KERN_INFO "lkdtm : PANIC\n"); + panic("dumptest"); + break; + case BUG: + printk(KERN_INFO "lkdtm : BUG\n"); + BUG(); + break; + case EXCEPTION: + printk(KERN_INFO "lkdtm : EXCEPTION\n"); + *((int *) 0) = 0; + break; + case LOOP: + printk(KERN_INFO "lkdtm : LOOP\n"); + for (;;); + break; + case OVERFLOW: + printk(KERN_INFO "lkdtm : OVERFLOW\n"); + (void) recursive_loop(0); + break; + default: + break; + } + count = cpoint_count; + } +} + +int lkdtm_module_init(void) +{ + int ret; + + if (lkdtm_parse_commandline() == -EINVAL) { + printk(KERN_INFO "lkdtm : Invalid command\n"); + return -EINVAL; + } + + switch (cpoint) { + case INT_HARDWARE_ENTRY: + lkdtm.kp.symbol_name = "__do_IRQ"; + lkdtm.entry = (kprobe_opcode_t*) jp_do_irq; + break; + case INT_HW_IRQ_EN: + lkdtm.kp.symbol_name = "handle_IRQ_event"; + lkdtm.entry = (kprobe_opcode_t*) jp_handle_irq_event; + break; + case INT_TASKLET_ENTRY: + lkdtm.kp.symbol_name = "tasklet_action"; + lkdtm.entry = (kprobe_opcode_t*) jp_tasklet_action; + break; + case FS_DEVRW: + lkdtm.kp.symbol_name = "ll_rw_block"; + lkdtm.entry = (kprobe_opcode_t*) jp_ll_rw_block; + break; + case MEM_SWAPOUT: + lkdtm.kp.symbol_name = "shrink_page_list"; + lkdtm.entry = (kprobe_opcode_t*) jp_shrink_page_list; + break; + case TIMERADD: + lkdtm.kp.symbol_name = "hrtimer_start"; + lkdtm.entry = (kprobe_opcode_t*) jp_hrtimer_start; + break; + case SCSI_DISPATCH_CMD: + lkdtm.kp.symbol_name = "scsi_dispatch_cmd"; + lkdtm.entry = (kprobe_opcode_t*) jp_scsi_dispatch_cmd; + break; + case IDE_CORE_CP: +#ifdef CONFIG_IDE + lkdtm.kp.symbol_name = "generic_ide_ioctl"; + lkdtm.entry = (kprobe_opcode_t*) jp_generic_ide_ioctl; +#else + printk(KERN_INFO "lkdtm : Crash point not available\n"); +#endif + break; + default: + printk(KERN_INFO "lkdtm : Invalid Crash Point\n"); + break; + } + + if ((ret = register_jprobe(&lkdtm)) < 0) { + printk(KERN_INFO "lkdtm : Couldn't register jprobe\n"); + return ret; + } + + printk(KERN_INFO "lkdtm : Crash point %s of type %s registered\n", + cpoint_name, cpoint_type); + return 0; +} + +void lkdtm_module_exit(void) +{ + unregister_jprobe(&lkdtm); + printk(KERN_INFO "lkdtm : Crash point unregistered\n"); +} + +module_init(lkdtm_module_init); +module_exit(lkdtm_module_exit); + +MODULE_LICENSE("GPL"); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index f9ae75c..756a908 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -384,3 +384,17 @@ config RCU_TORTURE_TEST at boot time (you probably don't). Say M if you want the RCU torture tests to build as a module. Say N if you are unsure. + +config LKDTM + tristate "Linux Kernel Dump Test Tool Module" + depends on KPROBES + default n + help + This module enables testing of the different dumping mechanisms by + inducing system failures at predefined crash points. + If you don't need it: say N + Choose M here to compile this code as a module. The module will be + called lkdtm. + + Documentation on how to use the module can be found in + drivers/misc/lkdtm.c |