Displaying 20 results from an estimated 8000 matches similar to: "DTrace as a security tool / http://systrace.org"
2007 Aug 09
9
Is DTrace Vulnerable?
There is a Slashdot discussion today titled "Cambridge Researcher Breaks
OpenBSD Systrace". Slashdot anonymous member has a comment "Even Sun''s
Dtrace might be vulnerable." I don''t think it is. Comments?
Exploiting Concurrency Vulnerabilities in System Call Wrappers
http://www.watson.org/~robert/2007woot/2007usenixwoot-exploitingconcurrency.pdf
Abstract
2009 May 29
4
can Dtrace be used for the error injection?
Hi,
is it somehow possible to use Dtrace for error injection in a kernel module?
Something like changing:
- function return value
- value of a register
If not, can it be implemented?
I can do that via kmdb, but I need Dtrace for the time synchronization
- chill() action.
I can not combine Dtrace & kmdb:
dtrace: failed to initialize dtrace: DTrace cannot be used when kernel
debugger
2003 Jul 25
3
systrace for FreeBSD 5.1
I'm porting the most recent version of Neil Provos' systrace to FreeBSD 5.1.
I'm sending him the diffs to integrate into his distribution. I'd also like
to submit them to someone with FreeBSD for consideration, and hopefully
inclusion as a port or whatever you prefer.
Who could I send them to, or what would you prefer me to do with regard to
FreeBSD?
Thanks,
Rich Murphey
2008 Feb 26
11
Is there way to trace memory in the dtrace ?
N_conreq:entry {
self->x=1;
calledaddr=(struct xaddrf *)arg3;
callingaddr=(struct xaddrf *)arg4;
trace(calledaddr->link_id);
tracemem(calledaddr->DTE_MAC.lsap_add, 80);
trace(callingaddr->link_id);
tracemem(callingaddr->DTE_MAC.lsap_add, 80);
}
0 -> N_conreq 255
2005 Jul 28
3
speculative tracing on nevada builds ?
Hi,
Has something related to speculative tracing changed between s10 FCS
and the more recent nevada builds ?
I was trying the specopen.d script from the Dtrace guide on a
nevada machine and it failed with :
dtrace: failed to enable ''./spec.d'': DIF program content is invalid
To try and narrow things down a bit I wrote the following short
script. This works fine on s10, but
2006 Jun 03
1
man pages for each providers ?
Hey,
Do you guys think that is a good idea to have a manual page for each provider with a complete description of what probes are offered ? Found some already under 7D category:
dtrace dtrace (7d) - DTrace dynamic tracing facility
fasttrap fasttrap (7d) - DTrace user instruction tracing provider
fbt fbt (7d) - DTrace function boundary tracing provider
2005 Oct 31
11
Aggregation elements
Howdy,
Is there a method to get the number of elements in an aggregation? Are the
results stored in an aggregation guaranteed to be in any type of order?
Thanks for any insight,
- Ryan
--
UNIX Administrator
http://daemons.net/~matty
2005 Oct 11
7
dtrace: failed to initialize dtrace: DTrace device not available on system
I have a number of systems running solaris10 and i see the package and binary for dtrace installed however whenever we try to run anything we get this error
dtrace: failed to initialize dtrace: DTrace device not available on system
the only system in which i dont have this error is the development server that has the full solaris 10 install while others are minimized, do i need additional
2007 Feb 15
2
profile provider: is it me doing stupid things?
Just showing someone how great DTrace is and then we spot something I do not understand.
Of course it can be a major misunderstanding of myself. Would appreciate another (expert) look upon this.
The goal we try to achieve is trying to get insight if there is a bursty nature in the time slot when system calls are done. Following DTrace snippet is tried:
dtrace -q -p 3173 -n
2006 Jun 03
8
dtrace causing sigtrap?
Just to let people know what my big picture is, I''m trying to write a script
that will let me run a program, and name a progeny of that program
that I want to debug. My script should find the first occurrence
of that progeny, and run it until it finishes initializing the
runtime linker, but stop it before it runs any shared library startup
routines. (Failing that, I''d be okay
2017 Jun 14
4
LLD support for mach-o aliases (weak or otherwise)
> On Jun 14, 2017, at 2:47 PM, Michael Clark via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>
>>
>> On 15 Jun 2017, at 6:50 AM, Louis Gerbarg <lgerbarg at apple.com <mailto:lgerbarg at apple.com>> wrote:
>>
>>>
>>> On Jun 6, 2017, at 4:08 PM, Michael Clark via llvm-dev <llvm-dev at lists.llvm.org <mailto:llvm-dev at
2006 Jul 10
5
Definition of "anchored" and "unanchored" probes
Referring to the DTrace manual:
"Module If this probe corresponds to a specific program location,
the name of the module in which the probe is located. This name is
either the name of a kernel module or the name of a user library.
Function If this probe corresponds to a specific program location,
the name of the program function in which the probe is located."
and then ...
2007 Nov 27
4
DTrace unconference?
All,
With Jon Haslam''s exciting news about the DTrace doc wiki (if you haven''t
seen it yet, make your way to http://wikis.sun.com/display/DTrace), and with
some of the discussion with the Apple folks, I''m wondering if the time
isn''t right for something of a DTrace summit, perhaps as an unconference.
The idea here would not be a DTrace user group (though that
2006 Jul 07
2
Probe ID changes
OK, I''ve been fritzing around with something I noticed last night,
thinking that I understood what was going on, but now it''s getting
confusing again.
A system that has been running for a couple of months had a hole in the
probe ID list near the end in the middle of the fbt probes. And then a
couple of syscall probes were stuck in the hole. It looked like this:
...
40311
2017 Jun 14
1
LLD support for mach-o aliases (weak or otherwise)
> On Jun 6, 2017, at 4:08 PM, Michael Clark via llvm-dev <llvm-dev at lists.llvm.org> wrote:
>
> Hi Folks,
>
> I’m working on a port of musl libc to macos (arch triple is “x86_64-xnu-musl”) to solve some irreconcilable issues I’m having with libSystem.dylib. I don’t want to use glibc for various reasons, mainly because I want to static link. I have static PIE + ASLR working
2008 Jan 18
33
LatencyTop
I see Intel has released a new tool. Oh, it requires some patches to
the kernel to record
latency times. Good thing people don''t mind patching their kernels, eh?
So who can write the equivalent latencytop.d the fastest? ;-)
http://www.latencytop.org/
--
cburgess at qnx.com
2006 Apr 21
8
listing available provider names
Is there a trick to listing available providers? I can''t find it.
2005 Sep 15
10
Can I use printa() for printing multiple agg regations?
Hi Bryan,
> Does that sit well with everyone?
Seems fine to me.
Just revisiting one of Dragan''s points, though (sorry if I missed the
answer) - is there a reason for making this global (via a #pragma) rather
than, say, simply providing two functions which print in the different
orders? e.g. printa() for sort by sample, printak() for sort by key.
My reason for wanting to do both in
2005 Dec 22
9
truncating aggregation output only
Hello dtrace-discuss,
Sometimes I want to run a script for some time and every n second
output N top entries. trunc() isn''t suitable here as it also removed
keys/values. I want it ''coz over time if I use sum() entries which
are normally truncated can actually get to top over a time.
Maybe printa() extension, something like: printa(@b[10]) - to output
top 10?
--
2008 Jan 11
25
DTrace in Perl: What probes should we have?
As of patch 32953 dtrace support is in bleadperl (5.11.0). The probes
are based on Alan Burlinson''s original blog post on the subject:
http://blogs.sun.com/alanbur/date/20050909
By guarding the probes with PERL_SUB_*_ENABLED the performance hit is
unmeasurable.
All the necessary bits already existed in the wild. I just assembled
them and made the necessary changes to