403Webshell
Server IP : 103.119.228.120  /  Your IP : 3.145.50.71
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/local/ssl/local/ssl/lib/dracut/modules.d/99base/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/local/ssl/local/ssl/lib/dracut/modules.d/99base/memtrace-ko.sh
#!/bin/sh

# Try to find out kernel modules with large total memory allocation during loading.
# For large slab allocation, it will fall into buddy, also not trace "mm_page_free"
# considering large free is quite rare for module_init, thus saving tons of events
# to avoid trace data overwritten.
#
# Therefore, tracing "mm_page_alloc"alone should be enough for the purpose.

# "sys/kernel/tracing" has the priority if exists.
get_trace_base() {
    # trace access through debugfs would be obsolete if "/sys/kernel/tracing" is available.
    if [ -d "/sys/kernel/tracing" ]; then
        echo "/sys/kernel"
    else
        echo "/sys/kernel/debug"
    fi
}

# We want to enable these trace events.
get_want_events() {
    echo "module:module_put module:module_load kmem:mm_page_alloc"
}

get_event_filter() {
    echo "comm == systemd-udevd || comm == modprobe || comm == insmod"
}

is_trace_ready() {
    local trace_base want_events current_events

    trace_base=$(get_trace_base)
    ! [ -f "$trace_base/tracing/trace" ] && return 1

    [ "$(cat $trace_base/tracing/tracing_on)" -eq 0 ] && return 1

    # Also check if trace events were properly setup.
    want_events=$(get_want_events)
    current_events=$(echo $(cat $trace_base/tracing/set_event))
    [ "$current_events" != "$want_events" ] && return 1

    return 0
}

prepare_trace() {
    local trace_base

    trace_base=$(get_trace_base)
    # old debugfs interface case.
    if ! [ -d "$trace_base/tracing" ]; then
        mount none -t debugfs $trace_base
    # new tracefs interface case.
    elif ! [ -f "$trace_base/tracing/trace" ]; then
        mount none -t tracefs "$trace_base/tracing"
    fi

    if ! [ -f "$trace_base/tracing/trace" ]; then
        echo "WARN: Mount trace failed for kernel module memory analyzing."
        return 1
    fi

    # Active all the wanted trace events.
    echo "$(get_want_events)" > $trace_base/tracing/set_event

    # There are three kinds of known applications for module loading:
    # "systemd-udevd", "modprobe" and "insmod".
    # Set them as the global events filter.
    # NOTE: Some kernel may not support this format of filter, anyway
    #       the operation will fail and it doesn't matter.
    echo "$(get_event_filter)" > $trace_base/tracing/events/kmem/filter 2>&1
    echo "$(get_event_filter)" > $trace_base/tracing/events/module/filter 2>&1

    # Set the number of comm-pid if supported.
    if [ -f "$trace_base/tracing/saved_cmdlines_size" ]; then
        # Thanks to filters, 4096 is big enough(also well supported).
        echo 4096 > $trace_base/tracing/saved_cmdlines_size
    fi

    # Enable and clear trace data for the first time.
    echo 1 > $trace_base/tracing/tracing_on
    echo > $trace_base/tracing/trace
    echo "Prepare trace success."
    return 0
}

order_to_pages()
{
    local pages=1
    local order=$1

    while [ "$order" != 0 ]; do
        order=$((order-1))
        pages=$(($pages*2))
	done

    echo $pages
}

parse_trace_data() {
    local module_name tmp_eval pages

    cat "$(get_trace_base)/tracing/trace" | while read pid cpu flags ts function args
    do
        # Skip comment lines
        if [ "$pid" = "#" ]; then
            continue
        fi

        pid=${pid##*-}
        function=${function%:}
        if [ "$function" = "module_load" ]; then
            # One module is being loaded, save the task pid for tracking.
            # Remove the trailing after whitespace, there may be the module flags.
            module_name=${args%% *}
            # Mark current_module to track the task.
            eval current_module_$pid="$module_name"
            tmp_eval=$(eval echo '${module_loaded_'${module_name}'}')
            if [ -n "$tmp_eval" ]; then
                echo "WARN: \"$module_name\" was loaded multiple times!"
            fi
            eval unset module_loaded_$module_name
            eval nr_alloc_pages_$module_name=0
            continue
        fi

        module_name=$(eval echo '${current_module_'${pid}'}')
        if [ -z "$module_name" ]; then
            continue
        fi

        # Once we get here, the task is being tracked(is loading a module).
        if [ "$function" = "module_put" ]; then
            # Mark the module as loaded when the first module_put event happens after module_load.
            tmp_eval=$(eval echo '${nr_alloc_pages_'${module_name}'}')
            echo "$tmp_eval pages consumed by \"$module_name\""
            eval module_loaded_$module_name=1
            # Module loading finished, so untrack the task.
            eval unset current_module_$pid
            eval unset nr_alloc_pages_$module_name
            continue
        fi

        if [ "$function" = "mm_page_alloc" ]; then
            # Get order first, then convert to actual pages.
            pages=$(echo $args | sed -e 's/.*order=\([0-9]*\) .*/\1/')
            pages=$(order_to_pages "$pages")
            tmp_eval=$(eval echo '${nr_alloc_pages_'${module_name}'}')
            eval nr_alloc_pages_$module_name="$(($tmp_eval+$pages))"
        fi
    done
}

cleanup_trace() {
    local trace_base

    if is_trace_ready; then
        trace_base=$(get_trace_base)
        echo 0 > $trace_base/tracing/tracing_on
        echo > $trace_base/tracing/trace
        echo > $trace_base/tracing/set_event
        echo 0 > $trace_base/tracing/events/kmem/filter
        echo 0 > $trace_base/tracing/events/module/filter
    fi
}

show_usage() {
    echo "Find out kernel modules with large memory consumption during loading based on trace."
    echo "Usage:"
    echo "1) run it first to setup trace."
    echo "2) run again to parse the trace data if any."
    echo "3) run with \"--cleanup\" option to cleanup trace after use."
}

if [ "$1" = "--help" ]; then
    show_usage
    exit 0
fi

if [ "$1" = "--cleanup" ]; then
    cleanup_trace
    exit 0
fi

if is_trace_ready ; then
    echo "tracekomem - Rough memory consumption by loading kernel modules (larger value with better accuracy)"
    parse_trace_data
else
    prepare_trace
fi

exit $?

Youez - 2016 - github.com/yon3zu
LinuXploit