zoukankan      html  css  js  c++  java
  • Kernel Modules and System Calls

    Kernel Modules and System Calls

    Creating a "Syscalls" module
    by John Brodie
    
    Creating a module for your system calls allows you to make quick changes
    to your syscalls, without the need to rebuild any of the kernel, and without
    the need to install/reboot your new kernel version.  
    
    However, adding new syscalls via a module is not something supported by the
    kernel although you can intercept and override existing syscalls
    (http://www.linuxjournal.com/article/4378, not personally tested).
    
    Enter function pointers...
    
    1. Create your "wrapper" syscall:
     - Use a new file (or not):
    #include <linux/linkage.h>
    #include <linux/kernel.h>
    #include <linux/module.h>
    
    long (*STUB_mygetpid)(void) = NULL;
    EXPORT_SYMBOL(STUB_mygetpid);
    
    asmlinkage long sys_mygetpid(void)
    {
        if(STUB_mygetpid)
            return STUB_mygetpid();
        else
            return -ENOSYS;
    }
    The above code creates a null function pointer, exports it for later use, and
    adds a syscall that will call the function pointer if it has been set.
    
    2. Create your module:
    #include <linux/module.h>    /* Needed by all modules */
    #include <linux/kernel.h>    /* Needed for KERN_INFO */
    #include <linux/init.h>        /* Needed for the macros */
    #include <linux/sched.h>
    #include <linux/linkage.h>
    
    extern long (*STUB_mygetpid)(void); // Get our function pointer
    long mygetpid(void);
    
    static int __init init_custom_syscalls(void)
    {
        printk(KERN_INFO "Syscalls module loaded...\n");
        STUB_mygetpid=&(mygetpid); // Point to our new syscall on load.
        return 0;
    }
    static void __exit cleanup_custom_syscalls(void)
    {
        STUB_mygetpid=NULL; // Clean up after ourselves.
        printk(KERN_INFO "Syscalls module unloaded...\n");
    }
    
    long mygetpid(void)
    {
        printk(KERN_INFO "mygetpid called.\n");
        return current->tgid;
    }
    
    /* Declare init/exit functions for module. */
    module_init(init_custom_syscalls);
    module_exit(cleanup_custom_syscalls);
    The above creates a module that gets our function pointer, and points it to
    our newly created pseudo-syscall function on init.
    
    3. Create Makefile for your new files:
    obj-m += syscalls.o
    obj-y += export_syscalls.o
    all:
        make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
    
    clean:
        make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean

    4. Add your wrapper syscall to syscall_table.S, unistd.h, and syscall.h, the same as you would for a normal syscall. 5. Recompile your kernel with `make`, installing it as normal. From now on, you only need to touch/recompile your module. 6. As root, use `insmod syscalls.ko` to load your module, and `rmmod syscalls` to remove it. You can tail dmesg to check that it has loaded.

    From:https://www.cs.drexel.edu/~jjohnson/2012-13/fall/cs543/project/kmod.htm
    ——————
    无论在哪里做什么,只要坚持服务、创新、创造价值,其他的东西自然都会来的。
  • 相关阅读:
    Java 9 揭秘(9. 打破模块封装)
    Java 9 揭秘(8. JDK 9重大改变)
    好书分享 ——《深度工作》
    Java 9 揭秘(7. 创建自定义运行时映像)
    Java 9 揭秘(6. 封装模块)
    如何更好地管理你的精力,时间和专注力实现最佳表现
    这是您一直期待的所有iOS 11功能的屏幕截图
    我为什么不敢也不想写自己的经验和想法?
    无聊? 现在你知道为什么了!
    Java 9 揭秘(5. 实现服务)
  • 原文地址:https://www.cnblogs.com/pied/p/2870187.html
Copyright © 2011-2022 走看看