OOPS: how to hook system_call_table in redhat es5.1 on x86_64 platform

From: Gang He
Date: Sat Mar 01 2008 - 20:40:37 EST

Next message: Eric W. Biederman: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
Previous message: Eric Sandeen: "Re: Kernel oops / XFS filesystem corruption"
Next in thread: Arjan van de Ven: "Re: OOPS: how to hook system_call_table in redhat es5.1 on x86_64platform"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

as you know, Linux kernel (>2.6.18) set some pages read-only, we can
not hook system_call_table directly like before, the new source code
on i386 is

#ifdef CONFIG_DEBUG_RODATA
// fix kernel perms
change_page_attr(virt_to_page(syscall_table), 1, PAGE_KERNEL);
global_flush_tlb();
#endif

// hook syscall_table, change some system call to your function
syscall_table[__NR_open] = my_sys_open;

#ifdef CONFIG_DEBUG_RODATA
// fix kernel perms
change_page_attr(virt_to_page(syscall_table), 1, PAGE_KERNEL_RO);
global_flush_tlb();
#endif

but I use the source code above to redhat es5.1 on x86_64, this will
bring Linux crash, who can help me to hook system_call_table in
redhat es5.1 on x86_64 platform.

Thanks
Gang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric W. Biederman: "Re: [PATCH 0/2] Fix /proc/net in presence of net namespaces"
Previous message: Eric Sandeen: "Re: Kernel oops / XFS filesystem corruption"
Next in thread: Arjan van de Ven: "Re: OOPS: how to hook system_call_table in redhat es5.1 on x86_64platform"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]