- 论坛徽章:
- 0
|
环境Redhat9.0 kernel2.4.20-8 VM虚拟机
源码如下:
#include <linux/sched.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/fs.h>
#include <linux/file.h>
char *aim = "/mnt/usb/a"; ---------->这里一定a要是一个文件,是不是缺乏通用性
MODULE_AUTHOR("petsatan@sohu" ;
MODULE_DESCRIPTION("Get the kernel function address ";
MODULE_LICENSE("GPL";
typedef ssize_t (*read_t)(struct file *, char *, size_t, loff_t *);
read_t orig_aim_read = NULL;
ssize_t encry_read(struct file *fp , char *buf , size_t count , loff_t *ppos)
{
ssize_t encryfile;
printk("<0> Congratulation! \n";
encryfile = orig_aim_read(fp ,buf ,count ,ppos);
return encryfile;
}
int switch_read(const char *p , read_t *orig_read , read_t new_read)
{
struct file *filep;
filep = filp_open(p , O_RDONLY , 0);
if(IS_ERR(filep))
return -1;
if(orig_read)
*orig_read = filep->f_op->read;
printk("read operation address:------- %p ------\n", filep->f_op->read);
filep->f_op->read = new_read;
filp_close(filep,0);
return 0;
}
int unswitch_read(const char *p, read_t orig_read)
{
struct file *filep;
filep = filp_open(p , O_RDONLY , 0);
if(IS_ERR(filep))
return -1;
filep->f_op->read = orig_read;
filp_close(filep,0);
return 0;
}
static int encryfile_init(void)
{
switch_read(aim , &orig_aim_read , encry_read);
printk(" <1>read() has switch!\n";
return 0;
}
static void encryfile_cleanup(void)
{
unswitch_read(aim, orig_aim_read);
printk("<2>read() has unswitch! \n";
}
module_init(encryfile_init);
module_exit(encryfile_cleanup);
输出如下:
Dec 4 21:19:36 localhost kernel: --------cc95fc68--------
Dec 4 21:19:36 localhost kernel: read() has switch!
Dec 4 21:19:47 localhost kernel: Congratulation!
我在硬盘中执行任何命令都正常,当我到/mnt/usb/目录下执行vi abc时显示 段错误 并输出如下:
Dec 4 21:19:47 localhost kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000000
Dec 4 21:19:47 localhost kernel: printing eip:
Dec 4 21:19:47 localhost kernel: 00000000
Dec 4 21:19:47 localhost kernel: *pde = 00000000
Dec 4 21:19:47 localhost kernel: Oops: 0000
Dec 4 21:19:47 localhost kernel: u nls_cp936 nls_cp437 vfat fat usb-storage parport_pc lp parport nfsd lockd sunrpc autofs ide-cd cdrom vmhgfs vmxnet keybdev mousedev hid input usb-uhci usbco
Dec 4 21:19:47 localhost kernel: CPU: 0
Dec 4 21:19:47 localhost kernel: EIP: 0060:[<00000000>] Tainted: PF
Dec 4 21:19:47 localhost kernel: EFLAGS: 00010286
Dec 4 21:19:47 localhost kernel:
Dec 4 21:19:47 localhost kernel: EIP is at [unresolved] (2.4.20-
Dec 4 21:19:47 localhost kernel: eax: 00000000 ebx: 00000000 ecx: c0370124
edx: 00000046
Dec 4 21:19:47 localhost kernel: esi: c6b77700 edi: ffffffea ebp: c3839f90
esp: c3839f74
Dec 4 21:19:47 localhost kernel: ds: 0068 es: 0068 ss: 0068
Dec 4 21:19:47 localhost kernel: Process vim (pid: 2172, stackpage=c3839000)
Dec 4 21:19:47 localhost kernel: Stack: cc955089 c6b77700 082b48d0 00002000 c6b77720 c2a8c780 c2a8c7a0 00002000
Dec 4 21:19:47 localhost kernel: c0146d53 c6b77700 082b48d0 00002000 c6b77720 c3838000 00000006 c3838000
Dec 4 21:19:47 localhost kernel: 00000000 00000000 bfffed88 c0109537 00000003 082b48d0 00002000 00000000
Dec 4 21:19:47 localhost kernel: Call Trace: [<cc955089>] encry_read 0x29 (0xc3839f74))
Dec 4 21:19:47 localhost kernel: [<c0146d53>] sys_read [kernel] 0xa3 (0xc3839f94))
Dec 4 21:19:47 localhost kernel: [<c0109537>] system_call [kernel] 0x33 (0xc3839fc0))
Dec 4 21:19:47 localhost kernel:
Dec 4 21:19:47 localhost kernel:
Dec 4 21:19:47 localhost kernel: Code: Bad EIP value.
并且在/mnt/usb/目录下vi任何文件操作都报这个错,rmmod模块成功 但是fat 和vfat 无法rmmod掉 并且umount /mnt/usb/也说忙。
我把以上代码修改后在ext3系统上截获read 输出都正常的啊。
我知道是指针指向了NULL 和堆栈问题。
我想知道具体的原因 和 修复的办法
非常谢谢!!!!
[ 本帖最后由 petsatan 于 2007-12-5 09:32 编辑 ] |
|
免费注册
发表于 2007-12-04 21:53