milabs
commented
11 years ago Oops :)
Closed milabs closed 11 years ago
milabs
commented
11 years ago Oops :)
alexandernst
commented
11 years ago I got that same suggestion somewhere in SO :) I'll look at how to implement it (pros & cons), but I'd like to have the module itself bug-free and being able to hook a few (open, read, write and close?) syscalls so I can test everything.
milabs
commented
11 years ago @alexandernst It's not the problem. You can always rollback to the printk if needed.
alexandernst
commented
11 years ago Now that I fixed #8 I'll probably work on this one :)
milabs
commented
11 years ago See kernel's audit as a good example of this
alexandernst
commented
11 years ago I hope I can push some code this afternoon for this one :)
alexandernst
commented
11 years ago This can be closed as it got fixed in https://github.com/alexandernst/procmon/commit/2b96ac13f82183c68b70c612ccdc2e68617d560b
Anyways, there's still some room for code cleaning and backporting for compatibility with older kernels. Right now it will work on 3.6+ only.
NETLINK is the one efficient way to do the kernel-user communication while sending event information from the kernel. Don't use
dmesgfor that purposes as it slows system's performance at high load.