我正在实现一个内核模块,在插入后编辑whoami命令,我用Makefile编译它,内容如下:
obj-m+=holamundo.o
obj-m+=acumulador.o
obj-m+=cliente.o
obj-m+=intercept.o
all:
make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
clean:
make -C /lib/modules/$(shell uname -r )/build M=$(PWD) clean
和我的模块代码:
#define MODULE
#define __KERNEL__
#include <linux/module.h>
#include <linux/kernel.h>
#include </usr/src/kernels/linux/arch/x86/include/asm/unistd.h>
#include <asm/unistd.h>
#include <linux/unistd.h>
#include <linux/syscalls.h>
#include <sys/syscall.h>
#include <asm/fcntl.h>
#include <asm/errno.h>
#include <linux/types.h>
#include <linux/dirent.h>
#include <linux/mman.h>
#include <linux/string.h>
#include <linux/fs.h>
extern void *sys_call_table[];
int (*orig_geteuid)(const char *path);
int hacked_geteuid(const char *path) {
return 78;
}
int init_module(void) {
orig_geteuid = sys_call_table[SYS_geteuid32];
sys_call_table[SYS_geteuid32] = hacked_geteuid;
return 0;
}
void cleanup_module(void) {
sys_call_table[SYS_geteuid32] = orig_geteuid;
}
我遇到的问题是当我执行make命令时出现错误:
/usr/src/kernels/intercept.c:9:25: fatal error: sys/syscall.h: No such file or directory
我在RedHat 7.3中使用linux内核4.12.10
从代码中删除#include <sys/syscall.h>后,出现以下错误:
/usr/src/kernels/intercept.c:27:31: error: ‘SYS_geteuid32’ undeclared (first use in this function)
orig_geteuid = sys_call_table[SYS_geteuid32];
^
/usr/src/kernels/intercept.c:27:31: note: each undeclared identifier is reported only once for each function it appears in
/usr/src/kernels/intercept.c: In function ‘cleanup_module’:
/usr/src/kernels/intercept.c:35:17: error: ‘SYS_geteuid32’ undeclared (first use in this function)
sys_call_table[SYS_geteuid32] = orig_geteuid;
有人知道我做错了吗?
答案 0 :(得分:0)
您要查找的常量是__NR_geteuid,它在asm/unistd.h中定义。