Linux 内核 2.6.18 中的 sys_call_table

发布于 2024-08-08 08:12:11 字数 266 浏览 5 评论 0原文

我正在尝试将 sys exit 调用设置为变量，

extern void *sys_call_table[];
real_sys_exit = sys_call_table[__NR_exit]

但是，当我尝试执行时，控制台会给出错误

error: ‘__NR_exit’ undeclared (first use in this function)

任何提示将不胜感激:)谢谢

原文

I am trying to set the sys exit call to a variable by

extern void *sys_call_table[];
real_sys_exit = sys_call_table[__NR_exit]

however, when I try to make, the console gives me the error

error: ‘__NR_exit’ undeclared (first use in this function)

Any tips would be appreciated :) Thank you

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

む无字情书 2024-08-15 08:12:11

由于您使用的是内核 2.6.x ，因此不再导出 sys_call_table 。
如果您想避免编译错误，请尝试使用此包含

#include<linux/unistd.h>

，但它不会起作用。因此，“使用”sys_call_table 的解决方法是使用以下命令在 SystemXXXX.map（位于 /boot）中查找 sys_call_table 的地址：

grep sys_call System.map-2.6.X -i

这将给出地址，然后此代码应该允许您修改该表：

unsigned long *sys_call_table; 
sys_call_table = (unsigned long *) simple_strtoul("0xc0318500",NULL,16); 


original_mkdir = sys_call_table[__NR_mkdir];
sys_call_table[__NR_mkdir] = mkdir_modificado;

希望它适合你，我刚刚在内核 2.6.24 下测试过它，所以应该适用于 2.6.18

也检查这里，它是一个非常好的
http://commons.oreilly.com/wiki/index.php/Network_Security_Tools /Modifying_and_Hacking_Security_Tools/Fun_with_Linux_Kernel_Modules

Since you are in kernel 2.6.x , sys_call_table isnt exported any more.
If you want to avoid the compilation error try this include

#include<linux/unistd.h>

however, It will not work. So the work around to "play" with the sys_call_table is to find the address of sys_call_table in SystemXXXX.map (located at /boot) with this command:

grep sys_call System.map-2.6.X -i

this will give the addres, then this code should allow you to modify the table:

unsigned long *sys_call_table; 
sys_call_table = (unsigned long *) simple_strtoul("0xc0318500",NULL,16); 


original_mkdir = sys_call_table[__NR_mkdir];
sys_call_table[__NR_mkdir] = mkdir_modificado;

Hope it works for you, I have just tested it under kernel 2.6.24, so should work for 2.6.18

also check here, Its a very good
http://commons.oreilly.com/wiki/index.php/Network_Security_Tools/Modifying_and_Hacking_Security_Tools/Fun_with_Linux_Kernel_Modules

回复收藏 0 原文

淡写薰衣草的香 2024-08-15 08:12:11

如果您尚未包含文件 syscall.h，则应在引用 __NR_exit 之前执行此操作。例如，

#include <syscall.h>
#include <stdio.h>

int main()
{
    printf("%d\n", __NR_exit);
    return 0;
}

它返回：

$ cc t.c
$ ./a.out 
60

一些其他观察结果：

如果您已经包含该文件，则未定义 __NR_exit 的常见原因是由于条件编译而忽略了定义（ #ifdef 或 #ifndef 在某处工作）或者因为它在其他地方通过 #undef 被删除。
如果您正在为内核空间编写代码，则需要使用一组完全不同的标头。 LXR (http://lxr.linux.no/linux) 可搜索、可浏览的内核源代码存档是一个有用的资源。

If you haven't included the file syscall.h, you should do that ahead of the reference to __NR_exit. For example,

#include <syscall.h>
#include <stdio.h>

int main()
{
    printf("%d\n", __NR_exit);
    return 0;
}

which returns:

$ cc t.c
$ ./a.out 
60

Some other observations:

If you've already included the file, the usual reasons __NR_exit wouldn't be defined are that the definition was being ignored due to conditional compilation (#ifdef or #ifndef at work somewhere) or because it's being removed elsewhere through a #undef.
If you're writing the code for kernel space, you have a completely different set of headers to use. LXR (http://lxr.linux.no/linux) searchable, browsable archive of the kernel source is a helpful resource.

回复收藏 0 原文

~没有更多了~