static int __init interceptor_start(void) {
/* Find the system call table */
if(!(sys_call_table = find_sys_call_table())) {
/* Well, that didn’t work.
Cancel the module loading step. */
return -1;
}
/* Store a copy of all the existing functions */
ref_sys_cs3013_syscall1 = (void *)sys_call_table[__NR_cs3013_syscall1];
ref_sys_open = (void *)sys_call_table[__NR_open];
ref_sys_read = (void *)sys_call_table[__NR_read];
ref_sys_close = (void *)sys_call_table[__NR_close];
/* Replace the existing system calls */
disable_page_protection();
sys_call_table[__NR_cs3013_syscall1] = (unsigned long *)new_sys_cs3013_syscall1;
sys_call_table[__NR_open] = (unsigned long *)new_sys_open;
sys_call_table[__NR_read] = (unsigned long *)new_sys_read;
sys_call_table[__NR_close] = (unsigned long *)new_sys_close;
enable_page_protection();
/* And indicate the load was successful */
printk(KERN_INFO "Loaded interceptor!\n");
return 0;
}
static int __init syscall_init(void)
{
int ret;
unsigned long addr;
unsigned long cr0;
syscall_table = (void **)find_sys_call_table();
if (!syscall_table) {
printk(KERN_DEBUG "Cannot find the system call address\n");
return -1;
}
cr0 = read_cr0();
write_cr0(cr0 & ~CR0_WP);
addr = (unsigned long)syscall_table;
ret = set_memory_rw(PAGE_ALIGN(addr) - PAGE_SIZE, 3);
if(ret) {
printk(KERN_DEBUG "Cannot set the memory to rw (%d) at addr %16lX\n", ret, PAGE_ALIGN(addr) - PAGE_SIZE);
} else {
printk(KERN_DEBUG "3 pages set to rw");
}
orig_sys_open = syscall_table[__NR_open];
syscall_table[__NR_open] = my_sys_open;
write_cr0(cr0);
return 0;
}
int rootkit_init(void){
if(!(sys_call_table = find_sys_call_table())){
return -1;
}
disable_page_protection();
original_sys_sysctl = (void *)sys_call_table[__NR_sysctl];
sys_call_table[__NR_sysctl] = (unsigned long *)fake_sys_sysctl;
enable_page_protection();
return 0;
}
static int __init interceptor_start(void) {
/* Find the system call table */
if(!(sys_call_table = find_sys_call_table())) {
return -1;
}
/* Store a copy of all the existing functions */
ref_sys_cs3013_syscall1 = (void *)sys_call_table[__NR_cs3013_syscall1];
/* Replace the existing system calls */
disable_page_protection();
sys_call_table[__NR_cs3013_syscall1] = (unsigned long *)new_sys_cs3013_syscall1; enable_page_protection();
/* And indicate the load was successful */
printk(KERN_INFO "Loaded interceptor!");
return 0;
}
static int hooker_init(void)
{
int ret;
pr_info("%s\n", __func__);
/* obtain sys_call_table addr. */
if ((ret = find_sys_call_table()) != 0)
return ret;
orig_syscall = sys_call_table[SYSCALL_NUM];
pr_info("[SYSCALL_HOOKER] orig_syscall = 0x%lx\n", orig_syscall);
/* modify the target entry */
make_page_rw((unsigned long)sys_call_table);
sys_call_table[SYSCALL_NUM] = (unsigned long)stub;
make_page_ro((unsigned long)sys_call_table);
return 0;
}
static int __init interceptor_start(void) {
/* Find the system call table */
if(!(sys_call_table = find_sys_call_table())) {
/* Well, that didn't work.
Cancel the module loading step. */
return -1;
}
/* Store a copy of all the existing functions */
ref_sys_cs3013_syscall1 = (void *)sys_call_table[__NR_cs3013_syscall1];
ref_sys_cs3013_syscall2 = (void *)sys_call_table[__NR_cs3013_syscall2];
ref_sys_cs3013_syscall3 = (void *)sys_call_table[__NR_cs3013_syscall3];
ref_sys_exit = (void *)sys_call_table[__NR_exit];
ref_sys_exit_group = (void *)sys_call_table[__NR_exit_group];
/* Replace the existing system calls */
disable_page_protection();
sys_call_table[__NR_cs3013_syscall1] = (unsigned long *)sys_SendMsg;
sys_call_table[__NR_cs3013_syscall2] = (unsigned long *)sys_RcvMsg;
sys_call_table[__NR_cs3013_syscall3] = (unsigned long *)sys_ManageMailbox;
sys_call_table[__NR_exit] = (unsigned long *)sys_mb_exit;
sys_call_table[__NR_exit_group] = (unsigned long *)sys_mb_exit_group;
enable_page_protection();
//mailCache and mbCache are global variables
//spin_lock_init(lock);
//static DEFINE_SPINLOCK(lock);
mailCache = kmem_cache_create("mail", sizeof(message), 0, 0, NULL);
mbCache = kmem_cache_create("mb", sizeof(mailbox), 0, 0, NULL);
msgCache = kmem_cache_create("msg", MAX_MSG_SIZE, 0, 0, NULL);
signalCache = kmem_cache_create("signal", sizeof(signal), 0, 0, NULL);
init_ht();
init_ht2();
//all = kmalloc(HASHTABLE_SIZE * sizeof(mailbox*), GFP_KERNEL);
/* And indicate the load was successful */
printk(KERN_INFO "Loaded interceptor!");
return 0;
} // static int __init interceptor_start(void)
static int __init interceptor_start(void) {
/* Find the system call table */
if(!(sys_call_table = find_sys_call_table())) {
/* Well, that didn't work.
Cancel the module loading step. */
return -1;
}
/* Store a copy of all the existing functions */
ref_sys_cs3013_syscall1 = (void *)sys_call_table[__NR_cs3013_syscall1];
ref_sys_cs3013_syscall2 = (void *)sys_call_table[__NR_cs3013_syscall2];
ref_sys_cs3013_syscall3 = (void *)sys_call_table[__NR_cs3013_syscall3];
ref_sys_exit = (void *)sys_call_table[__NR_exit];
ref_sys_exit_group = (void *)sys_call_table[__NR_exit_group];
/* Replace the existing system calls */
disable_page_protection();
sys_call_table[__NR_cs3013_syscall1] = (unsigned long *)SendMsg;
sys_call_table[__NR_cs3013_syscall2] = (unsigned long *)RcvMsg;
sys_call_table[__NR_cs3013_syscall3] = (unsigned long *)ManageMailbox;
sys_call_table[__NR_exit] = (unsigned long *)NewExit;
sys_call_table[__NR_exit_group] = (unsigned long *)NewExitGroup;
enable_page_protection();
/* And indicate the load was successful */
// Initializes the three slab caches, as well as the universal //spin lock that is used for creating mailboxes
mailboxCache = kmem_cache_create(maCache, sizeof(struct Mailbox), 0, 0, NULL);
messageCache = kmem_cache_create(meCache, sizeof(struct Message), 0, 0, NULL);
listCache = kmem_cache_create(lCache, sizeof(struct Mailbox), 0, 0, NULL);
contentCache = kmem_cache_create(cCache, 128, 0, 0, NULL);
spin_lock_init(&creationLock);
printk(KERN_INFO "Loaded interceptor!");
return 0;
} // static int __init interceptor_start(void)
