4,441
社区成员
发帖
与我相关
我的任务
分享截获系统调用编译出错,求助!!
Linux内核2.4.20-8
程序如下:
#define MODULE
#define __KERNEL__
#include "linux/module.h"
#include "linux/kernel.h"
#include "linux/proc_fs.h"
#include "asm/unistd.h"
MODULE_LICENSE("GPL");
unsigned long errno;
static inline _syscall3(int,write,int,fd,const char *,buf,off_t,count);
static inline _syscall3(int,read,int,fd,char*,buf,off_t,count);
static inline _syscall3(off_t,lseek,int,fd,off_t,offset,int,count);
static inline _syscall3(int,open,const char *,file,int,flag,int,mode);
static inline _syscall1(int,close,int,fd);
struct{
unsigned short limit;
unsigned int base;
}__attribute__((packed))idtr;
struct{
unsigned short off1;
unsigned short sel;
unsigned char none,flags;
unsigned short off2;
}__attribute__((packed))idt;
int kmem;
void readkmem(void *m,unsigned off,int sz)
{
unsigned long old_fs_value=get_fs();
set_fs(get_ds());
if(lseek(kmem,off,0)!=off){
printk("kmem lseek error in read\n");return;
}
if(read(kmem,m,sz)!=sz){
printk("kmem read error!\n");return;
}
set_fs(old_fs_value);
}
#define CALLOFF 100
unsigned getscTable()
{
unsigned sct;
unsigned sys_call_off;
char sc_asm[CALLOFF],*p;
asm("sidt%0":"=m"(idtr));
unsigned long old_fs_value=get_fs();
const char *filename="/dev/kmem";
set_fs(get_ds());
kmem=open(filename,O_RDONLY,0640);
if(kmem<0)
{
printk("open error!");
}
set_fs(old_fs_value);
readkmem(&idt,idtr.base+8*0x80,sizeof(idt));
sys_call_off=(idt.off2<<16)|idt.off1;
readkmem(sc_asm,sys_call_off,CALLOFF);
p=(char*)memmem(sc_asm,CALLOFF,"\xff\x14\x85",3);
sct=*(unsigned*)(p+3);
close(kmem);
return sct;
}
static unsigned SYS_CALL_TABLE_ADDR;
void **sys_call_table;
static int count=1;
int (*old_write)(int,char *,int);
int new_write(int fd,char *buffer,int count)
{
printk("<0>This is the write system call!\n");
return (*old_write)(fd,buffer,count);
}
int init_module()
{
SYS_CALL_TABLE_ADDR=getscTable();
sys_call_table=(void **)SYS_CALL_TABLE_ADDR;
printk("<0>Ready to run in kernel mod!\n");
old_write=sys_call_table[__NR_write];
sys_call_table[__NR_write]=new_write;
printk("<0>Running---\n");
return 0;
}
int cleanup_module()
{
printk("<0>It shut down in kernel---\n");
sys_call_table[__NR_write]=old_write;
return 0;
}
编译结果:
[root@localhost root]# gcc -c test.c -I/usr/src/linux-2.4.20-8/include
/tmp/cc47riwm.s: Assembler messages:
/tmp/cc47riwm.s:84: Error: no such instruction: `sidtidtr'
为什么出现这种错误?向高手求助!多谢多谢。
程序如下:
#define MODULE
#define __KERNEL__
#include "linux/module.h"
#include "linux/kernel.h"
#include "linux/proc_fs.h"
#include "asm/unistd.h"
MODULE_LICENSE("GPL");
unsigned long errno;
static inline _syscall3(int,write,int,fd,const char *,buf,off_t,count);
static inline _syscall3(int,read,int,fd,char*,buf,off_t,count);
static inline _syscall3(off_t,lseek,int,fd,off_t,offset,int,count);
static inline _syscall3(int,open,const char *,file,int,flag,int,mode);
static inline _syscall1(int,close,int,fd);
struct{
unsigned short limit;
unsigned int base;
}__attribute__((packed))idtr;
struct{
unsigned short off1;
unsigned short sel;
unsigned char none,flags;
unsigned short off2;
}__attribute__((packed))idt;
int kmem;
void readkmem(void *m,unsigned off,int sz)
{
unsigned long old_fs_value=get_fs();
set_fs(get_ds());
if(lseek(kmem,off,0)!=off){
printk("kmem lseek error in read\n");return;
}
if(read(kmem,m,sz)!=sz){
printk("kmem read error!\n");return;
}
set_fs(old_fs_value);
}
#define CALLOFF 100
unsigned getscTable()
{
unsigned sct;
unsigned sys_call_off;
char sc_asm[CALLOFF],*p;
asm("sidt%0":"=m"(idtr));
unsigned long old_fs_value=get_fs();
const char *filename="/dev/kmem";
set_fs(get_ds());
kmem=open(filename,O_RDONLY,0640);
if(kmem<0)
{
printk("open error!");
}
set_fs(old_fs_value);
readkmem(&idt,idtr.base+8*0x80,sizeof(idt));
sys_call_off=(idt.off2<<16)|idt.off1;
readkmem(sc_asm,sys_call_off,CALLOFF);
p=(char*)memmem(sc_asm,CALLOFF,"\xff\x14\x85",3);
sct=*(unsigned*)(p+3);
close(kmem);
return sct;
}
static unsigned SYS_CALL_TABLE_ADDR;
void **sys_call_table;
static int count=1;
int (*old_write)(int,char *,int);
int new_write(int fd,char *buffer,int count)
{
printk("<0>This is the write system call!\n");
return (*old_write)(fd,buffer,count);
}
int init_module()
{
SYS_CALL_TABLE_ADDR=getscTable();
sys_call_table=(void **)SYS_CALL_TABLE_ADDR;
printk("<0>Ready to run in kernel mod!\n");
old_write=sys_call_table[__NR_write];
sys_call_table[__NR_write]=new_write;
printk("<0>Running---\n");
return 0;
}
int cleanup_module()
{
printk("<0>It shut down in kernel---\n");
sys_call_table[__NR_write]=old_write;
return 0;
}
编译结果:
[root@localhost root]# gcc -c test.c -I/usr/src/linux-2.4.20-8/include
/tmp/cc47riwm.s: Assembler messages:
/tmp/cc47riwm.s:84: Error: no such instruction: `sidtidtr'
为什么出现这种错误?向高手求助!多谢多谢。
...全文
请发表友善的回复…
发表回复
TimeFlying 2005-06-17
- 打赏
- 举报
的确是这的问题,困扰了很久。哈哈,多谢多谢!
newbiestar 2005-06-17
- 打赏
- 举报
多加上一个空格先……
那个asm("sidt%0":"=m"(idtr));修改为
asm("sidt %0":"=m"(idtr));
那个asm("sidt%0":"=m"(idtr));修改为
asm("sidt %0":"=m"(idtr));
