From: Zhenwen Xu <helight.xu@gmail.com>
To: Jonathan Nell <crtrn13@gmail.com>
Cc: linux-c-programming@vger.kernel.org
Subject: Re: Changing syscall table
Date: Thu, 3 Sep 2009 08:26:50 +0800 [thread overview]
Message-ID: <20090903002650.GA4512@helight> (raw)
In-Reply-To: <48e952f40909011057m70103121vf94978c8a8925734@mail.gmail.com>
On Tue, Sep 01, 2009 at 08:57:58PM +0300, Jonathan Nell wrote:
> I'm trying to wrap the
> SG_IO ioctl call (i.e. trap it in the kernel) and have that dump the
> data from (struct sg_io_hdr).dxferp.
> Having issues with doing the kernel trap in the newer kernel versions
> though (trying on 2.6.30). The syscall table is now read-only but for
> some reason my set_memory_rw() call is failing... Any ideas how to do
> this properly?
>
> Here are the relevant bits of code:
try read this:
http://zhwen.org/xlog/2009/03/%e6%88%aa%e8%8e%b7linux%e7%b3%bb%e7%bb%9f%e8%b0%83%e7%94%a8.htm
here is the demo.
http://zhwen.org/coding/cat_syscall.c
>
> unsigned long **find_sys_call_table(void)
> {
> unsigned long **sctable;
> unsigned long ptr;
>
> sctable = NULL;
> for (ptr = (unsigned long)&unlock_kernel;
> ptr < (unsigned long)&loops_per_jiffy;
> ptr += sizeof(void *))
> {
> unsigned long *p;
> p = (unsigned long *)ptr;
> if (p[__NR_close] == (unsigned long) sys_close)
> {
> sctable = (unsigned long **)p;
> return &sctable[0];
> }
> }
> return NULL;
> }
>
> static int __init scsisniff_init_module(void)
> {
> if ( (sys_call_table = find_sys_call_table()) ) {
> real_ioctl = (int(*)(unsigned int fd, unsigned int cmd,
> unsigned long arg))sys_call_table[__NR_ioctl];
>
> if ( set_memory_rw( (unsigned
> long)sys_call_table[__NR_ioctl], 1 ) )
> printk( "set_memory_rw: succeeded\n" );
> else {
> printk( "set_memory_rw: failed!\n" );
> return -1;
> }
>
> sys_call_table[__NR_ioctl] = (unsigned long)my_ioctl;
> }
> else {
> return -1;
> }
> return 0;
> }
>
> This gives me a lovely OOPS:
>
> [ 71.143742] WARNING: at arch/x86/mm/pageattr.c:833
> change_page_attr_set_clr+0x1a0/0x400()
> [ 71.143745] Modules linked in: scsi_sniff(+) i915 binfmt_misc drm
> i2c_algo_bit bridge stp bnep lp snd_hda_codec_analog snd_hda_intel
> snd_hda_codec snd_hwdep snd_pcm_oss snd_mixer_oss snd_pcm
> snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event
> snd_seq snd_timer snd_seq_device video snd psmouse tpm_infineon tpm
> ppdev soundcore serio_raw pcspkr intel_agp tpm_bios output heci(C)
> iTCO_wdt iTCO_vendor_support parport_pc parport snd_page_alloc floppy
> usbhid usb_storage e1000e
> [ 71.143768] Pid: 3378, comm: insmod Tainted: G C
> 2.6.30.4custom-1.0 #6
> [ 71.143769] Call Trace:
> [ 71.143773] [<ffffffff802da6d5>] ? __vunmap+0xc5/0x110
> [ 71.143775] [<ffffffff80235200>] ? change_page_attr_set_clr+0x1a0/0x400
> [ 71.143778] [<ffffffff8024edf8>] warn_slowpath_common+0x78/0xd0
> [ 71.143780] [<ffffffff8024ee5f>] warn_slowpath_null+0xf/0x20
> [ 71.143783] [<ffffffff80235200>] change_page_attr_set_clr+0x1a0/0x400
> [ 71.143785] [<ffffffffa0274050>] ? my_ioctl+0x0/0x120 [scsi_sniff]
> [ 71.143789] [<ffffffff802a6dcd>] ? marker_update_probe_range+0x1dd/0x2d0
> [ 71.143791] [<ffffffffa0277000>] ? scsisniff_init_module+0x0/0xf4
> [scsi_sniff]
> [ 71.143793] [<ffffffff80235b9a>] set_memory_rw+0x2a/0x30
> [ 71.143796] [<ffffffff802ff000>] ? sys_fcntl+0x180/0x420
> [ 71.143798] [<ffffffffa02770bb>] scsisniff_init_module+0xbb/0xf4
> [scsi_sniff]
> [ 71.143801] [<ffffffff8020a04c>] do_one_initcall+0x3c/0x180
> [ 71.143804] [<ffffffff8026b7f3>] ? __blocking_notifier_call_chain+0x63/0x80
> [ 71.143807] [<ffffffff8027dc0d>] sys_init_module+0xad/0x200
> [ 71.143810] [<ffffffff80210fc2>] system_call_fastpath+0x16/0x1b
> [ 71.143812] ---[ end trace 5b3efe312296b587 ]---
> [ 71.143958] set_memory_rw: failed!
> --
> To unsubscribe from this list: send the line "unsubscribe linux-c-programming" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
--------------------------------
http://zhwen.org - Open and Free
next prev parent reply other threads:[~2009-09-03 0:26 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-01 17:57 Changing syscall table Jonathan Nell
2009-09-03 0:26 ` Zhenwen Xu [this message]
2009-09-03 6:40 ` Nicholas Mc Guire
-- strict thread matches above, loose matches on Subject: below --
2009-09-04 0:31 Zhenwen Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090903002650.GA4512@helight \
--to=helight.xu@gmail.com \
--cc=crtrn13@gmail.com \
--cc=linux-c-programming@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.