The code is ok if the the running kernel (to which you are loading this function) has sys_call_table exported. If this is not exported, this module can not be loaded by insmod, as it will give an unresolved symbol error. Tell one thing, are you able to load this module to kernel, also tell the kernel version you are using. It would be better if you print something in init_module() and cleanup_module() functions also. If it is loaded properly, then these messages will be printed. These will either be shown on console or will be put in some log file as per the cofiguration of syslog (check the syslog.conf). It's always better to mention the priority of the printk message, which you have not mentioned. Without mentioning a priority, it will take the default priority, which is defined in printk.c Cheers !! Gaurav -----Original Message----- From: Prasad [mailto:prasad@xxxxxxxxxxxx] Sent: Friday, October 08, 2004 10:10 AM To: Dhiman, Gaurav Subject: RE: How to intercept sys_exit()... On Thu, 7 Oct 2004, Dhiman, Gaurav wrote: > There was a good discussion last week about getting the pointer to > sys_call_table ...... just see that in archive. > In short, there are three methods > - Export deliberatly the required system call ("sys_" related function) > or the sys_call_table in Kernel sources and then compile the kernel > again. > - Get the address of sys_call_table or specific system call function > from System.map and pass it to your module at load time. > - Get the address of sys_call_table dynamically in kernel module with > the help of IDT help. > Cheers !! > Gaurav Hi there !, I'm sorry for not beging precise enough while defining problem, My problem is, I've intercepted the sys_exit syscall by changing the concern function ptr in sys_call_table with my function address but still my function is not getting called or the printk has got some thing wrong...and I'm not able to track the problem... I'm attaching my source with this may be that'll better tell the problem...I got that code from some site ! -- regards -Prasad -- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/
