* Intercept System call using Kernel module is 2.6 kernel
[not found] <C26C730943E01145B4F89E37FE0A022002BBC7A2@itdsrvmail02.utep.edu>
@ 2006-06-06 16:25 ` Meswani, Mitesh
2006-06-06 17:48 ` Arnd Bergmann
0 siblings, 1 reply; 4+ messages in thread
From: Meswani, Mitesh @ 2006-06-06 16:25 UTC (permalink / raw)
To: linuxppc-dev
[-- Attachment #1: Type: text/plain, Size: 2792 bytes --]
Hello
I am attempting to run some user code with kernel space permission. I am using the ppc64 kernel version 2.6.16-rc4-3-ppc64 for IBM Power5 processors.
In this kernel module I am trying to implement a function that can be called from user space.
I have found through various posts that using unused system calls and replacing them temporarily can acheive this objective.
This is what I am doing, but its not working, please bear with the slightly long code that follows:
1) since the 2.6 kernel does not export sys_call_table, I grep it from the boot image
2) Next I write the kernel module as :
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/sched.h>
#include <linux/syscalls.h>
unsigned long **sctable;
void *org_func; /***** Copy of the original calls address ********/
asmlinkage int mitesh_func(void)
{
printk(KERN_ALERT "Executing mitesh_func...\n");
return 2;
}
int init_module(void)
{
unsigned long ptr;
unsigned long *p;
ptr = 0x23203404; /*** some hard coded addresses from grepping for sys_call_table *****/
p = (unsigned long *)ptr;
sctable = (unsigned long **)p;
printk("The address of the system call table is: 0x%x\n",&sctable[0]);
printk("The address of syscall #137 is: 0x%x\n",sctable[137]);
org_func = (void *) (sctable[137]); /**** Store the original sys call ****/
printk("Original func address 0x%x stored \n",org_func);
sctable[137] = (void *) mitesh_func; /**** replace with mitesh_func ****/
printk("The new sys call address is 0x%x and stored as : 0x%x\n",mitesh_func, sctable[137]);
return 0;
}
void cleanup_module(void)
{
sctable[137] = (void *) org_func;
printk("Upon module unload the sctable #137 address is :0x%x\n",sctable[137]);
printk("Module is unloaded!\n");
}
3) My user app looks like this:
#include <stdio.h>
#include <errno.h>
#include <asm-ppc64/unistd.h>
#define __NR_mitesh_func 137
_syscall0(int, mitesh_func);
void main()
{
int x=0;
x=mitesh_func();
printf("mitesh_func returned %d\n",x);
}
4) I verify from the system logs that when I insmod the kernel module I get all the print statements. I verified from the logs that the address of the sys_call_table is correctly passed and from /proc/kallsysms I can see that my function mitesh_func has been defined and has the address as indicated in the logs.
The problem is that when I execute my user app I expect to see two things:
a) I should see a message in the log "Executing mitesh_func..." and
b) A return value of 2
However I get an error value -1 returned.
Any help and ideas are highly appreciated.
Thank you in advance,
Mitesh
[-- Attachment #2: Type: text/html, Size: 5523 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Intercept System call using Kernel module is 2.6 kernel
@ 2006-06-06 17:02 Jeff.Fellin
0 siblings, 0 replies; 4+ messages in thread
From: Jeff.Fellin @ 2006-06-06 17:02 UTC (permalink / raw)
To: mmeswani; +Cc: linuxppc-dev, linuxppc-dev-bounces+jeff.fellin=rflelect.com
"Meswani, Mitesh" <mmeswani@utep•edu>
Sent by: To: <linuxppc-dev@ozlabs•org>
linuxppc-dev-bounces+jeff.fellin=rflelect.com cc:
@ozlabs.org Subject: Intercept System call using Kernel module is
2.6 kernel
06/06/2006 12:25
>Hello
>I am attempting to run some user code with kernel space permission. I am
using the ppc64 kernel version >2.6.16-rc4-3-ppc64 for IBM Power5
processors.
>In this kernel module I am trying to implement a function that can be
called from user space.
>
>I have found through various posts that using unused system calls and
replacing them temporarily can acheive this >objective.
>
>This is what I am doing, but its not working, please bear with the
slightly long code that follows:
>
>1) since the 2.6 kernel does not export sys_call_table, I grep it from the
boot image
First sign what you are doing is not a good idea. There are better methods
of this
1) device driver interface with read/write/ioctl interface
2) procfs files from a module/driver
3) sysfs files from a module/driver
SNIP
>
>The problem is that when I execute my user app I expect to see two things:
>a) I should see a message in the log "Executing mitesh_func..." and
> b) A return value of 2
>However I get an error value -1 returned.
An indication of thinking of system calls vs other methods is wrong!.
>Any help and ideas are highly appreciated.
Don't add your own or hijack system calls
Thank you in advance,
Mitesh
_______________________________________________
Linuxppc-dev mailing list
Linuxppc-dev@ozlabs•org
https://ozlabs.org/mailman/listinfo/linuxppc-dev
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: Intercept System call using Kernel module is 2.6 kernel
@ 2006-06-06 17:14 Jenkins, Clive
0 siblings, 0 replies; 4+ messages in thread
From: Jenkins, Clive @ 2006-06-06 17:14 UTC (permalink / raw)
To: Meswani, Mitesh, linuxppc-dev
> x=3Dmitesh_func();=20
> printf("mitesh_func returned %d\n",x);
The first thing would be to change your user-space program
to print the error number from errno after your "system call".
x=3Dmitesh_func();=20
printf("mitesh_func returned %d, errno=3D%d\n",x,errno);
Or you can use perror() -- look it up.
Clive
=20
4) I verify from the system logs that when I insmod the kernel module I
get all the print statements. I verified from the logs that the address
of the sys_call_table is correctly passed and from /proc/kallsysms I can
see that my function mitesh_func has been defined and has the address as
indicated in the logs.=20
The problem is that when I execute my user app I expect to see two
things:=20
a) I should see a message in the log "Executing mitesh_func..." and=20
b) A return value of 2=20
However I get an error value -1 returned.=20
Any help and ideas are highly appreciated. =20
Thank you in advance,=20
Mitesh=20
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Intercept System call using Kernel module is 2.6 kernel
2006-06-06 16:25 ` Intercept System call using Kernel module is 2.6 kernel Meswani, Mitesh
@ 2006-06-06 17:48 ` Arnd Bergmann
0 siblings, 0 replies; 4+ messages in thread
From: Arnd Bergmann @ 2006-06-06 17:48 UTC (permalink / raw)
To: linuxppc-dev; +Cc: Meswani, Mitesh
Am Tuesday 06 June 2006 18:25 schrieb Meswani, Mitesh:
> Any help and ideas are highly appreciated. =C2=A0
Tell your professor that the task you were given is=20
a) pointless, as you wouldn't use this kind of thing to
solve an actual problem other than bad OS design
homework.
b) not a correct approach regarding maintainability, since
you can't tell for an arbitrary kernel version if
the particular syscall you're abusing is now used for
something else.
As a replacement task, choose one or more of the following:
=2D implement a syscall by _recompiling_ the kernel and call
that from your user application.
=2D write a misc device driver that exposes a device to
do ioctl() on.
=2D create a file in each of sysfs, procfs and debugfs to
do your operation on, using read() and write().
=2D use a netlink socket for a two way communication with
a kernel module.
Arnd <><
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2006-06-06 17:51 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <C26C730943E01145B4F89E37FE0A022002BBC7A2@itdsrvmail02.utep.edu>
2006-06-06 16:25 ` Intercept System call using Kernel module is 2.6 kernel Meswani, Mitesh
2006-06-06 17:48 ` Arnd Bergmann
2006-06-06 17:02 Jeff.Fellin
-- strict thread matches above, loose matches on Subject: below --
2006-06-06 17:14 Jenkins, Clive
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox