From: Wim B. <bo...@so...> - 2002-12-08 22:59:33
|
> > For example, if there is an unexported kernel function=20 > tcp_v4_rehash()=20 > > we want to use, we can grep in the System.map file and find the=20 > > following line: > > > > c0173e00 t __tcp_v4_rehash > > > > then we can use this function by directly calling the address=20 > > c0173e00. >=20 > That will work. Thanks. >=20 > I'll also have to figure a way of making it robust (eg if the=20 > System.map doesn't match the kernel) otherwise REALLY BAD=20 > things will happen. >=20 > If the kernel wasn't compiled with all those space saving=20 > options, I could actually check for a standard C function prologue. You could do much checking, Maybe you can look for getpid, and look if the return is on the expected offset, You can check this at compile time or even at module load time. On the other hand, i think this checking is not so important. - We like to have a skas-module if the host is running a kernel from the vendor, and so we can assume that System.map matches. - If someone has messed with the kernel, or booted another kernel, he should know what he ist doing, thats not different as with other modules like vmware. - If someone is running a modified kernel, he should use the generic skas path included in his kernel - Just make some Notes in big letters in the README and during make on the screen that System.map must match the current running kernel. ------------------------------------------------------------------- Wim Bonis ,+'^'+, Telefon:0631-31662-0 Internet Solution Service GmbH Technik:0631-31662-15 +,.,+ privat:06301-791868 email: bo...@so... 67655 Kaiserslautern Karl-Marx-Str. 13 --=3D=3D VIA-NETWoRKS KL = =3D=3D--=20 |