diff --git a/examples/Makefile b/examples/Makefile index d25ff78..49c17ae 100644 --- a/examples/Makefile +++ b/examples/Makefile @@ -16,7 +16,7 @@ obj-m += print_string.o obj-m += kbleds.o obj-m += sched.o obj-m += chardev2.o -obj-m += syscall.o +obj-m += syscall_steal.o obj-m += intrpt.o obj-m += cryptosha256.o obj-m += cryptosk.o diff --git a/examples/syscall.c b/examples/syscall_steal.c similarity index 97% rename from examples/syscall.c rename to examples/syscall_steal.c index dd8f4a4..129a4bf 100644 --- a/examples/syscall.c +++ b/examples/syscall_steal.c @@ -1,5 +1,5 @@ /* - * syscall.c + * syscall_steal.c * * System call "stealing" sample. * @@ -206,7 +206,7 @@ static void disable_write_protection(void) __write_cr0(cr0); } -static int __init syscall_start(void) +static int __init syscall_steal_start(void) { if (!(sys_call_table = acquire_sys_call_table())) return -1; @@ -226,7 +226,7 @@ static int __init syscall_start(void) return 0; } -static void __exit syscall_end(void) +static void __exit syscall_steal_end(void) { if (!sys_call_table) return; @@ -246,7 +246,7 @@ static void __exit syscall_end(void) msleep(2000); } -module_init(syscall_start); -module_exit(syscall_end); +module_init(syscall_steal_start); +module_exit(syscall_steal_end); MODULE_LICENSE("GPL"); diff --git a/lkmpg.tex b/lkmpg.tex index 9675c4b..f16470c 100644 --- a/lkmpg.tex +++ b/lkmpg.tex @@ -1491,7 +1491,7 @@ $ sudo grep sys_call_table /proc/kallsyms ffffffff82000280 R x32_sys_call_table ffffffff820013a0 R sys_call_table ffffffff820023e0 R ia32_sys_call_table -$ sudo insmod syscall.ko sym=0xffffffff820013a0 +$ sudo insmod syscall_steal.ko sym=0xffffffff820013a0 \end{verbatim} Using the address from \verb|/boot/System.map|, be careful about \verb|KASLR| (Kernel Address Space Layout Randomization).