Hi all,
In one of my projects, I am trying to do binary rewriting of Linux kernel on an x86-32 machine. To be more precise, I am actually targeting call instructions, and the goal is to re-write in-memory call instructions with the address of a different call site (trampoline).
The main problem that I am facing is related to indirect function calls. Most of the indirect call instructions in the kernel code are of 2 or 3 bytes, and modifying these call instructions with direct call instructions (5 bytes) seems impossible to me.
I was thinking of adding some "NOP" instructions after each indirect call in the kernel code so that I could replace an indirect call instruction with a direct one. To achieve that, instead of modifying the source code of the kernel and adding asm("nop"), I would like to do this at the compiler level.
Related to this, I have two questions:
1) what are the ways in which an indirect call instruction can be overwritten by a direct call instruction inside the memory?
2) Is it possible to modify gcc in such a way that it generates some "NOP" instructions after each indirect function calls?
I am completely new to this thing, and any help, ideas, and code pointers would be highly appreciated.
Thanks,
Abhinav
The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/
