I 've upgraded my Red Hat up to 8.0 - kernel 2.4.18-14 ..
and I have noticed that sys_call_table isn't exported anymore!!!
For all this people who want's to play with linux kernel whitout
recompile every ... every .. every time or
anybody who wants to trace/debug/sniff ... some syscalls
I've a solution tested with RH 8.0 and I hope easily exportable
to other version.
You can include this function in a kernel module or create
an independent module that all his job will be
re EXPORT_SYMBOL(sys_call_table) to others modules.
....
#include <linux/syscall.h>
#include <asm/unistd.h>
static void **sys_call_table;
//nearly exported symbol in my kernel,
//i hope in others kernels too
//but in other way you can look at your kernel sources
extern void *system_utsname;
....
static int locate_sys_call_table(void) {
unsigned long *begin;
int i;
begin=(unsigned long *) &system_utsname;
for (i=0;i<1024;i++) {
if (*(begin+i)==(unsigned long) sys_socketcall) {
sys_call_table=(void *) (begin+i-__NR_socketcall);
//are you sure?
if (sys_call_table[__NR_exit]==(void *) sys_exit) {
printk("success: located sys_call_table: %X\n",(unsigned
int) sys_call_table);
return(1);
}
}
}
return(0);
}
int __init init_exportmodule (void)
{
if (!locate_sys_call_table()) {
// ... cry and return error
}
//......do something like export symbol
//.... or replace any syscall
}
____________________________
Toni Bassas
_______________________________________________________________
Yahoo! Messenger
Nueva versión: Webcam, voz, y mucho más ¡Gratis!
Descárgalo ya desde http://messenger.yahoo.es
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
