Skip to content

figuremout/mycall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.clang-format
.clang-format
 
 
.clangd
.clangd
 
 
Makefile
Makefile
 
 
mycall.h
mycall.h
 
 
mycall.patch
mycall.patch
 
 
mymod.c
mymod.c
 
 
myps.c
myps.c
 
 
readme.md
readme.md
 
 

Repository files navigation

AIM

Add a syscall to read process info into buffer.

In order to add a self-defined syscall, here is two ways:

  • Insert a module.
  • Patch the kernel.

CAUTION: NO SAFETY GUARANTEED

Test it in a Virtual Machine.

|- mycall.h	# Macros and Struct Definition
|- mycall.patch	# Patch for the kernel
|- mymod.c	# Module Implementation
|- myps.c	# My version of ps/pstree commands for testing my syscall

Insert a module

Tested on ubuntu 20.04 amd64 (5.15.0-105-generic).

  1. Make sure headers installed
  2. Compile
$ make

# or with clangd
$ bear -- make
  1. Insert module
$ sudo insmod mymod.ko MYCALL_NUM=335
  1. Test with my ps/pstree command.
$ ./ps
$ ./pstree

Patch the kernel

Tested with kernel linux-5.15.157.

  1. Patch (with syscall number 335 in the patch file)
$ cd /usr/src/linux/
$ sudo patch -p1 < mycall.patch
  1. Build the kernel
$ sudo make -j$(nproc)
  1. Install the kernel and reboot
$ sudo make modules_install install
$ reboot
  1. Test with my ps/pstree command.
$ ./ps -n 335
$ ./pstree -n 335

About

Implement the `ps` command using a self-written Linux syscall

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages