android系统调用挂钩 [英] android system call hooking

问题描述

我采用了android内核2.6.29。我试图勾上Android的内核开放式系统调用。我跟着链接的http：// syprog .blogspot.com.au / 2011/10 /劫持-Linux的系统调用部分-iii.html 钩在Ubuntu 12.04LTS和成功，但是当我交叉编译我的模块为Android然后我得到给出以下错误

I am using android-kernel 2.6.29. I am trying to hook open system call on android-kernel. I followed the link http://syprog.blogspot.com.au/2011/10/hijack-linux-system-calls-part-iii.html to hook on ubuntu 12.04LTS and was successful but when i cross-compile my module for android then i get gives following error

错误：隐lookup_address功能

error: implicit lookup_address function

谁能帮助？为什么我收到这个错误？有lookup_address的任何替代？

can anyone help ? why i am getting this error ? is there any alternative of lookup_address ?

推荐答案

在的 Linux的交叉引用与ARM架构的适当标准，指的是第一次引用内核版本2.6.32（的没有2.6.29 的不幸）

Judging by the Linux Cross-reference with the appropriate criteria for ARM architecture, referring to the first referenced kernel version 2.6.32 (there's no 2.6.29 Unfortunately)

的交叉引用将产生命中大多指的是x86架构，尽管被设置的条件。引用：

The cross-references will yield hits mostly referring to the x86 architecture despite the criteria being set. To quote:

lookup_address

Defined as a function in:
arch/x86/mm/pageattr.c, line 295
arch/sh/kernel/io_trapped.c, line 162
Defined as a function prototype in:
arch/x86/include/asm/pgtable_types.h, line 330
Referenced (in 11 files total) in:
arch/x86/include/asm/pgtable_types.h, line 330
arch/x86/mm/kmemcheck/pte.c, line 12
arch/x86/mm/kmemcheck/kmemcheck.c:
line 269
line 295
arch/x86/mm/pageattr-test.c:
line 60
line 150
line 183
line 203
line 215
arch/x86/mm/mmio-mod.c, line 96
arch/x86/mm/fault.c, line 577
arch/x86/mm/kmmio.c, line 136
arch/x86/mm/pageattr.c:
line 200
line 238
line 295
line 326
line 371
line 487
line 606
line 1288
arch/x86/xen/mmu.c:
line 335
line 347
line 362
arch/x86/xen/enlighten.c:
line 281
line 364
arch/sh/kernel/io_trapped.c:
line 162
line 228
line 251

看着 86 / MM / pageattr.c中发现的实际源功能的这里，只是为了显示功能是什么样子：

Looking at the actual source function found within x86/mm/pageattr.c here, just to show what the function looks like:

295 pte_t *lookup_address(unsigned long address, unsigned int *level)
296 {
297         pgd_t *pgd = pgd_offset_k(address);
298         pud_t *pud;
299         pmd_t *pmd;
300 
301         *level = PG_LEVEL_NONE;
302 
303         if (pgd_none(*pgd))
304                 return NULL;
305 
306         pud = pud_offset(pgd, address);
307         if (pud_none(*pud))
308                 return NULL;
309 
310         *level = PG_LEVEL_1G;
311         if (pud_large(*pud) || !pud_present(*pud))
312                 return (pte_t *)pud;
313 
314         pmd = pmd_offset(pud, address);
315         if (pmd_none(*pmd))
316                 return NULL;
317 
318         *level = PG_LEVEL_2M;
319         if (pmd_large(*pmd) || !pmd_present(*pmd))
320                 return (pte_t *)pmd;
321 
322         *level = PG_LEVEL_4K;
323 
324         return pte_offset_kernel(pmd, address);
325 }
326 EXPORT_SYMBOL_GPL(lookup_address);

这篇关于android系统调用挂钩的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！