Re: Intercepting a system call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Grzegorz,
   To my knowledge if we try write to a read only area ,the kernel gives an OOPS.As I stated in the question,the module does not give me any errors.I have disabled page protections before writing to sys_call_table. I believe that is enough to make the sys_call_table RW. What do you think?


On Fri, Jan 25, 2013 at 6:58 PM, Paul Davies C <pauldaviesc@xxxxxxxxx> wrote:
Hi,
  [1] is the module I wrote for intercepting the system call fork(). I have taken the conventional way of hooking the system call. Firstly I found out the address of the sys_call_table from the System.map. Then I used it in the module to substitute for the original fork() with my own version of fork.My version does nothing more than printing a message and returning the original fork(). It didn't  gave any errors when loaded to kernel using the insmod.  However it seems that the module had no affect on the sys_call_table[] since the fork() is working perfectly after the insertion of module and it does not show me the message it was supposed to print. Can someone figure out the problem? I am using 3.2.0-4-686 version of kernel.
[1]  http://pastebin.com/aWN3jdQU

--
Regards,
Paul Davies C
vivafoss.blogspot.com



--
Regards,
Paul Davies C
vivafoss.blogspot.com
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@xxxxxxxxxxxxxxxxx
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux