Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/milabs/kmod_hooking
Kernel function hooking using exception tables
https://github.com/milabs/kmod_hooking
Last synced: 2 months ago
JSON representation
Kernel function hooking using exception tables
- Host: GitHub
- URL: https://github.com/milabs/kmod_hooking
- Owner: milabs
- License: gpl-2.0
- Created: 2013-12-17T10:58:10.000Z (about 11 years ago)
- Default Branch: master
- Last Pushed: 2018-06-15T12:07:40.000Z (over 6 years ago)
- Last Synced: 2023-03-23T08:27:57.333Z (almost 2 years ago)
- Language: C
- Size: 73.2 KB
- Stars: 25
- Watchers: 6
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## About
This module provides mechanism that allows to hook kernel functions using exception tables.
## Usage
Given the kernel function `X` which has prototype `typeof(X)` let's see how to hook it:
1. Use `DECLARE_KHOOK(X)` macro to declare the hook
2. Write hook's body using `khook_X` function name and `typeof(X)` as a prototype
3. Use `KHOOK_ORIGIN(X, args)` macro as a wrapper around the `X` function call
4. Protect hook's body with `KHOOK_USAGE_INC(X)` and `KHOOK_USAGE_DEC(X)`
## Example
```
#include // inode_permission() prototype lives here
DECLARE_KHOOK(inode_permission);
int khook_inode_permission(struct inode * inode, int mode)
{
int result;
KHOOK_USAGE_INC(inode_permission);
debug("%s(%pK,%08x) [%s]\n", __func__, inode, mode, current->comm);
result = KHOOK_ORIGIN(inode_permission, inode, mode);
debug("%s(%pK,%08x) [%s] = %d\n", __func__, inode, mode, current->comm, result);
KHOOK_USAGE_DEC(inode_permission);
return result;
}
```
## Credits
Written by Ilya V. Matveychikov , distributed under GPL