Diese Website existiert nur weil wir Werbung mit AdSense ausliefern.
Bitte den AdBlocker daher auf dieser Website ausschalten! Danke.

Linux SysCallTable Testing

Alles rund um die Systemverwaltung, die Administration und Konfiguration Eures Linuxsystems

Moderator: Moderatoren

Antworten
lowleveldeep
Newbie
Newbie
Beiträge: 1
Registriert: 8. Jan 2010, 00:14

Linux SysCallTable Testing

Beitrag von lowleveldeep »

I hope it is no problem that I write in English ?

Hello,
alexander@osiris:~$ uname -a
Linux osiris 2.6.31-14-generic #48-Ubuntu SMP Fri Oct 16 14:04:26 UTC 2009 i686 GNU/Linux
I tried to change the sys_call_address to another location in memory.
The result was an OOPS!


sys_call_address is of course not exported, so I found it using:
grep sys_call_table /boot/System.map-2.6.31-14-generic
c0577150 R sys_call_table

My kernel prog looks like:

Code: Alles auswählen

#include <linux/string.h> 
#include <linux/smp_lock.h>
#include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/file.h>
#include <linux/fs.h>
#include <linux/sched.h>
#include <linux/syscalls.h>
#include <linux/time.h>
#include <asm/unistd.h>
#include <linux/version.h>
#include <linux/errno.h>
#include <linux/dcache.h>
#include <linux/mm.h>
#include <asm/uaccess.h>
#include <asm/string.h>
#define __KERNEL_SYSCALLS__
#include <linux/dirent.h>
#include <linux/fcntl.h>
 
MODULE_LICENSE("GPL");
MODULE_AUTHOR("bli bla blu");



void** sys_call_table = (void**)0xc0577150; 
int (*orig_mkdir)(const char *path); 


int hacked_mkdir(const char *path) 
{ 
	return 0; 
} 

static int __init readlog_init(void) 
{ 
	printk("\n addr: " "%p", sys_call_table);

	orig_mkdir = sys_call_table[__NR_mkdir]; 
	sys_call_table[__NR_mkdir] = hacked_mkdir; 

	printk("\n I am still here \n");

	return 0; 
} 

static void __exit readlog_exit(void)
{ 
	sys_call_table[__NR_mkdir] = orig_mkdir; 
}



module_init(readlog_init);
module_exit(readlog_exit);
alexander@osiris:~/Desktop/Vorträge/kernel-exp/test$ sudo insmod test.ko
Killed
The result is something like:
dmesg

[67385.389666]
[67385.389669] addr: c0577150
[67385.389693] BUG: unable to handle kernel paging request at c05771ec
[67385.389701] IP: [<e078302c>] readlog_init+0x2c/0x46 [test]
[67385.389714] *pde = 1e22f063 *pte = 00577161
[67385.389723] Oops: 0003 [#3] SMP
[67385.389731] last sysfs file: /sys/devices/LNXSYSTM:00/device:00/PNP0C0A:00/power_supply/BAT0/voltage_now
[67385.389739] Modules linked in: test(+) test9(P+) test(+) arc4 lib80211_crypt_wep cbc aes_i586 aes_generic ecb binfmt_misc ppdev vboxnetflt vboxnetadp vboxdrv snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event dm_crypt snd_seq snd_timer pcmcia snd_seq_device iptable_filter tifm_sd joydev ipw2200 yenta_socket tifm_7xx1 ip_tables snd psmouse libipw rsrc_nonstatic x_tables lib80211 soundcore serio_raw pcmcia_core tifm_core lp nvidia(P) sony_laptop snd_page_alloc parport ohci1394 ieee1394 e100 mii video output intel_agp agpgart
[67385.389851]
[67385.389859] Pid: 7944, comm: insmod Tainted: P D (2.6.31-14-generic #48-Ubuntu) VGN-FS115M
[67385.389867] EIP: 0060:[<e078302c>] EFLAGS: 00210296 CPU: 0
[67385.389875] EIP is at readlog_init+0x2c/0x46 [test]
[67385.389881] EAX: c0577150 EBX: fffffffc ECX: ffffffcc EDX: c01f29a0
[67385.389888] ESI: e0780340 EDI: 00000000 EBP: c3335f5c ESP: c3335f54
[67385.389894] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[67385.389902] Process insmod (pid: 7944, ti=c3334000 task=de188000 task.ti=c3334000)
[67385.389907] Stack:
[67385.389911] e0780044 c0577150 c3335f88 c010112c e0780340 c0750a50 fffffffc e0780340
[67385.389926] <0> 00347ff4 e0783000 fffffffc e0780340 00347ff4 c3335fac c0173751 c5110738
[67385.389942] <0> de188000 c5110700 00000004 09c57018 09c57018 00004000 c3334000 c010336c
[67385.389960] Call Trace:
[67385.389972] [<c010112c>] ? do_one_initcall+0x2c/0x190
[67385.389982] [<e0783000>] ? readlog_init+0x0/0x46 [test]
[67385.389994] [<c0173751>] ? sys_init_module+0xb1/0x1f0
[67385.390003] [<c010336c>] ? syscall_call+0x7/0xb
[67385.390008] Code: 89 e5 83 ec 08 a1 28 03 78 e0 c7 04 24 44 00 78 e0 89 44 24 04 e8 e9 b3 de df a1 28 03 78 e0 8b 90 9c 00 00 00 89 15 9c 04 78 e0 <c7> 80 9c 00 00 00 00 00 78 e0 c7 04 24 4f 00 78 e0 e8 c2 b3 de
[67385.390096] EIP: [<e078302c>] readlog_init+0x2c/0x46 [test] SS:ESP 0068:c3335f54
[67385.390108] CR2: 00000000c05771ec
[67385.390116] ---[ end trace 4c2f5142834c75aa ]---
Anybody any ideas? ;)
Thx for your help! :)
Antworten