3rd-party/LKMPG
1
0
Fork 0
mirror of https://github.com/bashrc/LKMPG.git synced 2018-06-11 03:06:54 +02:00
Code Issues Releases Wiki Activity

reversed syscall for the 4.14 kernel

Browse Source
This commit is contained in:
cisc7310x
2018-02-09 19:07:53 -05:00
parent a71f239a8f
commit f49974968c
1 changed files with 11 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
4.14.8/examples/syscall.c
View File

@@ -25,7 +25,7 @@
#include <linux/sched.h> #include <linux/sched.h>
#include <linux/uaccess.h> #include <linux/uaccess.h>
sys_call_ptr_t *sys_call_table_ptr; unsigned long **sys_call_table;
unsigned long original_cr0; unsigned long original_cr0;
/* /*
@@ -87,18 +87,15 @@ asmlinkage int our_sys_open(const char *filename, int flags, int mode)
return original_call(filename, flags, mode); return original_call(filename, flags, mode);
} }
static sys_call_ptr_t *aquire_sys_call_table(void) static unsigned long **aquire_sys_call_table(void)
{ {
unsigned long int offset = PAGE_OFFSET; unsigned long int offset = PAGE_OFFSET;
/* unsigned long **sct; */ unsigned long **sct;
sys_call_ptr_t *sct;
while (offset < ULLONG_MAX) { while (offset < ULLONG_MAX) {
/* sct = (unsigned long **)offset; */ sct = (unsigned long **)offset;
sct = (sys_call_ptr_t *)offset;
/* if (sct[__NR_close] == (unsigned long *) sys_close) */ if (sct[__NR_close] == (unsigned long *) sys_close)
if (sct[__NR_close] == (sys_call_ptr_t) sys_close)
return sct; return sct;
offset += sizeof(void *); offset += sizeof(void *);
@@ -109,7 +106,7 @@ static sys_call_ptr_t *aquire_sys_call_table(void)
static int __init syscall_start(void) static int __init syscall_start(void)
{ {
if(!(sys_call_table_ptr = aquire_sys_call_table())) if(!(sys_call_table = aquire_sys_call_table()))
return -1; return -1;
original_cr0 = read_cr0(); original_cr0 = read_cr0();
@@ -117,10 +114,10 @@ static int __init syscall_start(void)
write_cr0(original_cr0 & ~0x00010000); write_cr0(original_cr0 & ~0x00010000);
/* keep track of the original open function */ /* keep track of the original open function */
original_call = (void*)sys_call_table_ptr[__NR_open]; original_call = (void*)sys_call_table[__NR_open];
/* use our open function instead */ /* use our open function instead */
sys_call_table_ptr[__NR_open] = (sys_call_ptr_t)our_sys_open; sys_call_table[__NR_open] = (unsigned long *)our_sys_open;
write_cr0(original_cr0); write_cr0(original_cr0);
@@ -131,14 +128,14 @@ static int __init syscall_start(void)
static void __exit syscall_end(void) static void __exit syscall_end(void)
{ {
if(!sys_call_table_ptr) { if(!sys_call_table) {
return; return;
} }
/* /*
* Return the system call back to normal * Return the system call back to normal
*/ */
if (sys_call_table_ptr[__NR_open] != (sys_call_ptr_t) our_sys_open) { if (sys_call_table[__NR_open] != (unsigned long *)our_sys_open) {
pr_alert("Somebody else also played with the "); pr_alert("Somebody else also played with the ");
pr_alert("open system call\n"); pr_alert("open system call\n");
pr_alert("The system may be left in "); pr_alert("The system may be left in ");
@@ -146,7 +143,7 @@ static void __exit syscall_end(void)
} }
write_cr0(original_cr0 & ~0x00010000); write_cr0(original_cr0 & ~0x00010000);
sys_call_table_ptr[__NR_open] = (sys_call_ptr_t)original_call; sys_call_table[__NR_open] = (unsigned long *)original_call;
write_cr0(original_cr0); write_cr0(original_cr0);
msleep(2000); msleep(2000);