当前位置: 技术问答>linux和unix
高手进,利用VFS截获系统调用
来源: 互联网 发布时间:2017-03-28
本文导语: 利用VFS截获系统调用的源代码如下: #include #include #include #include #include #include MODULE_AUTHOR("petsatan@sohu.com"); MODULE_DESCRIPTION("By utilizing the VFS filesystem, this module can capture system calls."); MODULE_LICENSE("GPL"); char...
利用VFS截获系统调用的源代码如下:
#include
#include
#include
#include
#include
#include
MODULE_AUTHOR("petsatan@sohu.com");
MODULE_DESCRIPTION("By utilizing the VFS filesystem, this module can capture system calls.");
MODULE_LICENSE("GPL");
char *root_fs="/";
typedef int (*readdir_t)(struct file *,void *,filldir_t);
readdir_t orig_root_readdir=NULL;
int myreaddir(struct file *fp,void *buf,filldir_t filldir)
{
int r;
printk("You got me partner!n");
r=orig_root_readdir(fp,buf,filldir);
return r;
}
int patch_vfs(const char *p,readdir_t *orig_readdir,readdir_t new_readdir)
{
struct file *filep;
filep=filp_open(p,O_RDONLY,0);
if(IS_ERR(filep))
return -1;
if(orig_readdir)
*orig_readdir=filep->f_op->readdir;
filep->f_op->readdir=new_readdir;
filp_close(filep,0);
return 0;
}
int unpatch_vfs(const char *p,readdir_t orig_readdir)
{
struct file *filep;
filep=filp_open(p,O_RDONLY,0);
if(IS_ERR(filep))
return -1;
filep->f_op->readdir=orig_readdir;
filp_close(filep,0);
return 0;
}
static int patch_init(void)
{
patch_vfs(root_fs,&orig_root_readdir,myreaddir);
printk("VFS is patched!n");
return 0;
}
static void patch_cleanup(void)
{
unpatch_vfs(root_fs,orig_root_readdir);
printk("VFS is unpatched!n");
}
module_init(patch_init);
module_exit(patch_cleanup);
在make编译时出现以下错误:
error: assignment of read-only location ‘*filep->f_op’
在网上查了很多,也没找到问题的解决办法,求高手予以指教,谢谢了
#include
#include
#include
#include
#include
#include
MODULE_AUTHOR("petsatan@sohu.com");
MODULE_DESCRIPTION("By utilizing the VFS filesystem, this module can capture system calls.");
MODULE_LICENSE("GPL");
char *root_fs="/";
typedef int (*readdir_t)(struct file *,void *,filldir_t);
readdir_t orig_root_readdir=NULL;
int myreaddir(struct file *fp,void *buf,filldir_t filldir)
{
int r;
printk("You got me partner!n");
r=orig_root_readdir(fp,buf,filldir);
return r;
}
int patch_vfs(const char *p,readdir_t *orig_readdir,readdir_t new_readdir)
{
struct file *filep;
filep=filp_open(p,O_RDONLY,0);
if(IS_ERR(filep))
return -1;
if(orig_readdir)
*orig_readdir=filep->f_op->readdir;
filep->f_op->readdir=new_readdir;
filp_close(filep,0);
return 0;
}
int unpatch_vfs(const char *p,readdir_t orig_readdir)
{
struct file *filep;
filep=filp_open(p,O_RDONLY,0);
if(IS_ERR(filep))
return -1;
filep->f_op->readdir=orig_readdir;
filp_close(filep,0);
return 0;
}
static int patch_init(void)
{
patch_vfs(root_fs,&orig_root_readdir,myreaddir);
printk("VFS is patched!n");
return 0;
}
static void patch_cleanup(void)
{
unpatch_vfs(root_fs,orig_root_readdir);
printk("VFS is unpatched!n");
}
module_init(patch_init);
module_exit(patch_cleanup);
在make编译时出现以下错误:
error: assignment of read-only location ‘*filep->f_op’
在网上查了很多,也没找到问题的解决办法,求高手予以指教,谢谢了
|
filep->f_op是const类型的,所以你修改const指针所指的内容编绎会报错
可以尝试这样:
struct file_operations *fp = filep->f_op;
fp->readdir=new_readdir;
可以尝试这样:
struct file_operations *fp = filep->f_op;
fp->readdir=new_readdir;
您可能感兴趣的文章:
本站(WWW.)旨在分享和传播互联网科技相关的资讯和技术,将尽最大努力为读者提供更好的信息聚合和浏览方式。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。
本站(WWW.)站内文章除注明原创外,均为转载、整理或搜集自网络。欢迎任何形式的转载,转载请注明出处。