Bug 2426 - detect and report writes to kernel variables and structures
Summary: detect and report writes to kernel variables and structures
Status: RESOLVED FIXED
Alias: None
Product: systemtap
Classification: Unclassified
Component: translator (show other bugs)
Version: unspecified
: P3 enhancement
Target Milestone: ---
Assignee: Unassigned
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-03-06 21:49 UTC by Martin Hunt
Modified: 2007-05-08 18:49 UTC (History)
0 users

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Hunt 2006-03-06 21:49:49 UTC 
People will try to use systemtap for hot-patching and other uses for which it is
not intended. 

We should consider tainting the kernel, or at least writing entries to the
system log when programs that modify system variables or structures run.
Comment 1 Frank Ch. Eigler 2006-03-06 22:02:24 UTC 
The translator could emit a call to "printk(...); add_taint(...);" during module
initialization for any probe script that includes $target variable writes.  I
don't see an existing TAINT flag that would be a perfect match, the closest
being TAINT_FORCED_MODULE.
Comment 2 Frank Ch. Eigler 2007-05-08 19:49:13 UTC 
We printk during module initialization for all systemtap scripts.