When I execute insmod for the kernel module object file of the
following C code, the entire system hangs. The module replaces the
reference to original chroot system call with a new one in the
sys_call_table. The syscall_table address is correct as per
System.map(which returns 2 values for sys_call_table, surprisingly). I
am on a VM running CentOS 6.6 with kernel version 2.6.32-504.
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/errno.h>
#include <linux/types.h>
#include <linux/unistd.h>
#include <asm/cacheflush.h>
#include <asm/page.h>
#include <asm/current.h>
#include <linux/sched.h>
#include <linux/kallsyms.h>
unsigned long *syscall_table = (unsigned long *)0xffffffff81600560;
asmlinkage int (*original_chroot)(const char __user *);
asmlinkage int new_chroot(const char __user *filename){
printk(KERN_ALERT "CHROOT HIJACKED");
return (*original_chroot)(filename);
}
static int init(void) {
printk(KERN_ALERT "\nHIJACK INIT\n");
original_chroot = (void *)syscall_table[__NR_chroot];
syscall_table[__NR_chroot] = new_chroot;
return 0;
}
static void exit(void) {
syscall_table[__NR_chroot] = original_chroot;
printk(KERN_ALERT "MODULE EXIT\n");
}
module_init(init);
module_exit(exit);
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@xxxxxxxxxxxxxxxxx
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
