- 论坛徽章:
- 0
|
2可用积分
2.6.18内核,主要代码如下:
void *get_system_call(void);
void *get_sys_call_table(void *system_call);
asmlinkage int (*orig_mkdir)(const char __user *pathname,int mode);
asmlinkage int hack_mkdir(const char __user *pathname,int mode){
printk(KERN_ALERT "hack mkdir\n" ;
return 0;
}
unsigned long **sys_call_table;
struct idt_descriptor
{
unsigned short off_low;
unsigned short sel;
unsigned char none, flags;
unsigned short off_high;
};
int test_init(void)
{
void *s_call;
s_call = get_system_call();
sys_call_table = (unsigned long *)get_sys_call_table(s_call);
printk("sys_call_table: 0x%08x\n", (int)sys_call_table);
orig_mkdir = sys_call_table[__NR_mkdir];
sys_call_table[__NR_mkdir] = (unsigned long *)hack_mkdir;
return(0); /*NOTES!*/
}
void test_exit(void) {
sys_call_table[__NR_mkdir] = (unsigned long *)orig_mkdir;
}
void *get_system_call(void)
{
unsigned char idtr[6];
unsigned long base;
struct idt_descriptor desc;
asm ("sidt %0" : "=m" (idtr));
base = *((unsigned long *) &idtr[2]);
printk("\nidtr @ 0x%x\n",base);
memcpy(&desc, (void *) (base + (0x80* ), sizeof(desc));
return((void *) ((desc.off_high << 16) + desc.off_low));
}
void *get_sys_call_table(void *system_call)
{
unsigned char *p;
unsigned long s_c_t;
int count = 0;
int flag = 0;
p = (unsigned char *) system_call;
while (!((*p == 0xff) && (*(p+1) == 0x14) && (*(p+2) == 0x85)))
{
p++;
flag++;
if (count++ > 500)
{
count = -1;
break;
}
}
if (count != -1)
{
printk("\nflag = %d\n",flag);
p += 3;
s_c_t = *((unsigned long *) p);
}
else
s_c_t = 0;
return((void *) s_c_t);
}
module_init(test_init);
module_exit(test_exit);
错误是 加载模块时提示segmentation fault
日志:
idtr @ 0xc06e2000
flag = 64
BUG: unable to handle kernel paging request at virtual address c061857c
在线等啊,哪位老大help us
[ 本帖最后由 mzj1984cs 于 2008-5-15 17:37 编辑 ] |
|