免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 1600 | 回复: 1
打印 上一主题 下一主题

[内核模块] netlink通信的问题 [复制链接]

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2014-12-29 17:21 |只看该作者 |倒序浏览
写了一个netlink的内核与用户空间通信的模块,编译没有问题,但是加载模块时出现了一些错误,内核模块部分的代码如下:
  1. #include <linux/kernel.h>
  2. #include <linux/module.h>
  3. #include <linux/skbuff.h>
  4. #include <linux/init.h>
  5. #include <linux/ip.h>
  6. #include <linux/types.h>
  7. #include <linux/sched.h>
  8. #include <net/sock.h>
  9. #include <net/netlink.h>
  10. #include <linux/kthread.h>

  11. #define MAX_MSGSIZE 4096

  12. MODULE_LICENSE("GPL");
  13. MODULE_AUTHOR("Koorey King");

  14. struct sock *nl_sk = NULL;
  15. static struct task_struct *mythread = NULL;

  16. void sendnlmsg(char *message)
  17. {
  18.     struct sk_buff *skb;
  19.     struct nlmsghdr *nlh;
  20.     //int len = NLMSG_SPACE(MAX_MSGSIZE);
  21.     int slen = 0;

  22.     if(!message || !nl_sk){
  23.         return;
  24.     }

  25.     skb = nlmsg_new(MAX_MSGSIZE, GFP_KERNEL);
  26.     if(!skb){
  27.         printk(KERN_ERR "my_net_link: alloc_skb Error./n");
  28.         return;
  29.     }

  30.     slen = strlen(message)+1;

  31.     nlh = nlmsg_put(skb, 0, 0, 0, MAX_MSGSIZE, 0);

  32.     NETLINK_CB(skb).portid = 0;
  33.     NETLINK_CB(skb).dst_group = 5;

  34.     message[slen] = '\0';
  35.     memcpy(NLMSG_DATA(nlh), message, slen+1);

  36.     netlink_broadcast(nl_sk, skb, 0,5, GFP_KERNEL);
  37.     printk("send OK!\n");
  38.     return;
  39. }

  40. static void recnldata (struct sock *sk, char *mydata)
  41. {
  42.     struct sk_buff *skb;
  43.     struct nlmsghdr *nlh = NULL;

  44.     while((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL)
  45.     {
  46.           nlh = (struct nlmsghdr *)skb->data;
  47.           mydata = (char*)NLMSG_DATA(nlh);
  48.           printk("%s: received netlink message payload: %s \n", __FUNCTION__, mydata);
  49.           kfree_skb(skb);
  50.     }
  51.     printk("recvied finished!\n");
  52. }

  53. static int sending_thread(void *data)
  54. {
  55.      int i = 10;
  56.      struct completion cmpl;
  57.      while(i--){
  58.             init_completion(&cmpl);
  59.             wait_for_completion_timeout(&cmpl, 1 * HZ);
  60.             sendnlmsg("I am from kernel!");
  61.      }
  62.      printk("sending thread exited!");
  63.      return 0;
  64. }

  65. static int __init myinit_module(void)
  66. {
  67.     //struct netlink_kernel_cfg netlink_kerncfg = {
  68.           // .input = recnldata,
  69.     //};
  70.     printk("my netlink in\n");
  71.     nl_sk = netlink_kernel_create(&init_net,NETLINK_TEST,NULL);

  72.     if(!nl_sk){
  73.         printk(KERN_ERR "my_net_link: create netlink socket error.\n");
  74.         return 1;
  75.     }

  76.     printk("my netlink: create netlink socket ok.\n");
  77.     mythread = kthread_run(sending_thread,NULL,"thread_sender");
  78.     return 0;
  79. }

  80. static void __exit mycleanup_module(void)
  81. {
  82.     if(nl_sk != NULL){
  83.         sock_release(nl_sk->sk_socket);
  84. }
  85. printk("my netlink out!\n");
  86. }

  87. module_init(myinit_module);
  88. module_exit(mycleanup_module);
复制代码
加载模块后dmesg信息如下:
[ 5927.075021] my netlink in
[ 5927.075031] my netlink: create netlink socket ok.
[ 5928.073283] BUG: unable to handle kernel paging request at f87740c4
[ 5928.073288] IP: [<f8773076>] sendnlmsg+0x76/0x110 [kernelspace]
[ 5928.073292] *pdpt = 0000000001a45001 *pde = 0000000036a74067 *pte = 800000007dc00161
[ 5928.073295] Oops: 0003 [#6] SMP
[ 5928.073297] Modules linked in: kernelspace(OF) coretemp crc32_pclmul(F) aesni_intel(F) aes_i586(F) xts(F) lrw(F) gf128mul(F) ablk_helper(F) cryptd(F) vmw_balloon(F) snd_ens1371 snd_ac97_codec microcode(F) ac97_bus gameport(F) psmouse(F) serio_raw(F) snd_pcm(F) snd_page_alloc(F) snd_seq_midi(F) snd_seq_midi_event(F) snd_rawmidi(F) snd_seq(F) snd_seq_device(F) snd_timer(F) ppdev(F) snd(F) bnep rfcomm btusb soundcore(F) vmwgfx bluetooth ttm drm binfmt_misc(F) vmw_vmci parport_pc(F) mac_hid i2c_piix4 shpchp lp(F) parport(F) hid_generic usbhid hid vmw_pvscsi(F) ahci(F) libahci(F) pcnet32(F) mii(F) floppy(F) vmxnet3(F) mptspi(F) mptscsih(F) mptbase(F) [last unloaded: kernelspace]
[ 5928.073322] CPU: 1 PID: 8406 Comm: thread_sender Tainted: GF     D    O 3.11.0-12-generic #19-Ubuntu
[ 5928.073324] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 07/31/2013
[ 5928.073325] task: f1330ce0 ti: f441a000 task.ti: f441a000
[ 5928.073327] EIP: 0060:[<f8773076>] EFLAGS: 00010282 CPU: 1
[ 5928.073328] EIP is at sendnlmsg+0x76/0x110 [kernelspace]
[ 5928.073329] EAX: ef9d2010 EBX: f1df9840 ECX: 00000012 EDX: f87740b2
[ 5928.073330] ESI: f87740b2 EDI: 00000011 EBP: f441bf4c ESP: f441bf30
[ 5928.073332]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 5928.073333] CR0: 80050033 CR2: f87740c4 CR3: 32106000 CR4: 001407f0
[ 5928.073338] Stack:
[ 5928.073338]  00000000 00001000 00000000 00000012 0000000a 00000000 f8773110 f441bf6c
[ 5928.073342]  f8773158 c1079b58 00000000 00000202 f441bf60 f441bf60 f472ddb0 f441bfac
[ 5928.073345]  c1070164 00000000 f441bf78 00000000 00000000 c1070000 f441bf88 f441bf88
[ 5928.073349] Call Trace:
[ 5928.073351]  [<f8773110>] ? sendnlmsg+0x110/0x110 [kernelspace]
[ 5928.073353]  [<f8773158>] sending_thread+0x48/0x61 [kernelspace]
[ 5928.073358]  [<c1079b58>] ? complete+0x48/0x50
[ 5928.073360]  [<c1070164>] kthread+0x94/0xa0
[ 5928.073362]  [<c1070000>] ? __kthread_parkme+0x60/0x70
[ 5928.073369]  [<c1632c37>] ret_from_kernel_thread+0x1b/0x28
[ 5928.073370]  [<c10700d0>] ? kthread_create_on_node+0xc0/0xc0
[ 5928.073372] Code: 51 a1 b8 c8 8b 53 54 85 d2 89 c7 8d 40 01 89 45 f0 b8 10 00 00 00 74 55 8b 4d f0 89 f2 c7 43 24 00 00 00 00 c7 43 28 05 00 00 00 <c6> 44 3e 01 00 83 c1 01 e8 0d 9d b8 c8 a1 80 51 77 f8 31 c9 89
[ 5928.073392] EIP: [<f8773076>] sendnlmsg+0x76/0x110 [kernelspace] SS:ESP 0068:f441bf30
[ 5928.073395] CR2: 00000000f87740c4
[ 5928.073396] ---[ end trace 5903863cf1e9ba73 ]---
希望大家帮我看下是哪里的错误,感激不尽

论坛徽章:
15
射手座
日期:2014-02-26 13:45:082015年迎新春徽章
日期:2015-03-04 09:54:452015年辞旧岁徽章
日期:2015-03-03 16:54:15羊年新春福章
日期:2015-02-26 08:47:552015年亚洲杯之卡塔尔
日期:2015-02-03 08:33:45射手座
日期:2014-12-31 08:36:51水瓶座
日期:2014-06-04 08:33:52天蝎座
日期:2014-05-14 14:30:41天秤座
日期:2014-04-21 08:37:08处女座
日期:2014-04-18 16:57:05戌狗
日期:2014-04-04 12:21:33技术图书徽章
日期:2014-03-25 09:00:29
2 [报告]
发表于 2014-12-30 10:24 |只看该作者
没有反汇编,不能确认,大概看了下代码,如下代码应该有问题:
message[slen] = '\0';
这里的message应该是通过入参传入的字符串常量,该常量应该是存放在代码段中的,应该只有只读和执行权限,没有write权限,你这里直接赋值显然有问题。
另外,这里的数组也越界了:slen = strlen(message)+1;
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP