Vulnerability Development mailing list archives
Re: Replacing Kernel Functions via a LKM
From: Denis.Ducamp () HSC FR (Denis Ducamp)
Date: Tue, 2 May 2000 02:53:13 +0200
On Thu, Apr 27, 2000 at 05:15:27PM -0700, Granquist, Lamont wrote:
Is there a way to intercept calls to a given function in the kernel via a LKM? Specifically I'd like to intercept proc_root_lookup() in in fs/proc/root.c and replace it with my own procedure. (motivation for doing so is left as an excersize to the reader)
That has been described for Linux 2.0 systems : http://thc.pimmel.com/files/thc/LKM_HACKING.html written by pragmatic / THC, version 1.0 released 03/1999 Some of those programs have been ported to 2.2 . Then some have been "ported" to FreeBSD : http://thc.pimmel.com/files/thc/bsdkern.html written by pragmatic / THC, version 1.0 released 06/1999 And then to Solaris : http://thc.pimmel.com/files/thc/slkm-1.0.html Author: Plasmoid <plasmoid () pimmel com> / THC Version 1.0 (c) 1999 Very good jobs, must read. Denis Ducamp. -- Denis.Ducamp () hsc fr -- Hervé Schauer Consultants -- http://www.hsc.fr/
Current thread:
- Re: Replacing Kernel Functions via a LKM Denis Ducamp (May 01)