Linux kernel 内核模块中的Netfilter导致我的系统崩溃
我已经编写了这个内核模块,每次加载它时,它都会使整个系统崩溃(甚至我的键盘指示灯也开始闪烁) 以下是我正在做的代码:Linux kernel 内核模块中的Netfilter导致我的系统崩溃,linux-kernel,kernel-module,netfilter,Linux Kernel,Kernel Module,Netfilter,我已经编写了这个内核模块,每次加载它时,它都会使整个系统崩溃(甚至我的键盘指示灯也开始闪烁) 以下是我正在做的代码: /* Coder: Adel *. ****** Creation Date: April/5th/2012 Last Modification Date: April/6th/2012 Purpose: A module to test capturing traffic and just letting it go after knowing
/*
Coder: Adel *. ******
Creation Date: April/5th/2012
Last Modification Date: April/6th/2012
Purpose: A module to test capturing traffic and just letting it go after knowing if it's an ICMP traffic or not
Notes: This modules has always been crashing the kernel I am running it on(it shouldn't), my kernel is 2.6.32-33 (Note by Adel)
*/
#include <linux/module.h> /* Needed by all modules */
#include <linux/kernel.h> /* Needed for KERN_INFO */
#include <linux/init.h> /* Needed for the macros */
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4.h>
#include <linux/skbuff.h> /* For the sk_buff struct, which is the struct that contains EVERYTHING in a network packet */
#include <linux/ip.h> /* For IP header */
#include <linux/icmp.h> /* For ICMP Header */
#include <linux/in.h> /* For the IPPROTO_ICMP enum */
/* This is the structure we shall use to register our function */
static struct nf_hook_ops nfho;
/* This is the hook function itself */
unsigned int hook_func(unsigned int hooknum,
struct sk_buff **skb,
const struct net_device *in,
const struct net_device *out,
int (*okfn)(struct sk_buff *))
{
struct sk_buff *sb = *skb;
struct iphdr* iph;
struct icmphdr *icmph;
iph = ip_hdr(sb);
if(sb == NULL)
return NF_ACCEPT;
if(iph != NULL){
printk(KERN_DEBUG"IP header is not null\n");
if(iph->protocol == IPPROTO_ICMP){
icmph = icmp_hdr(sb);
if(icmph != NULL){
printk(KERN_DEBUG"ICMP header is not null\n");
return NF_ACCEPT;
}/* If ICMP not null */
return NF_ACCEPT;
}/* if IPPROTO_ICMP */
return NF_ACCEPT;
}
return NF_DROP;/* The packet is NULL */
}
static int __init hello_start(void)
{
printk(KERN_INFO "Loading Test module...\n");
printk(KERN_ALERT "Hello world\n");
/* Fill in our hook structure */
nfho.hook = hook_func; /* Handler function */
nfho.hooknum = NF_INET_POST_ROUTING; /* POST_ROUTING Traffic before it hits the wire */
nfho.pf = PF_INET;
nfho.priority = NF_IP_PRI_FIRST; /* Make our function first */
nf_register_hook(&nfho);
return 0;
}
static void __exit hello_end(void)
{
nf_unregister_hook(&nfho);
printk(KERN_ALERT "Goodbye Mr.\n");
}
module_init(hello_start);
module_exit(hello_end);
/*
编码员:阿德尔*******
创建日期:2012年4月5日
最后修改日期:2012年4月6日
用途:一个模块,用于测试捕获流量,并在知道它是否为ICMP流量后释放流量
注意:这个模块一直在破坏我运行它的内核(不应该),我的内核是2.6.32-33(Adel的注释)
*/
#包括所有模块所需的/**/
#包含内核信息所需的/**/
#包含宏所需的/**/
#包括
#包括
#包含/*用于sk_buff结构,该结构包含网络数据包中的所有内容*/
#包含/*用于IP头*/
#包含/*用于ICMP标头*/
#包括/*用于IPPROTO_ICMP枚举*/
/*这是我们用来注册函数的结构*/
静态结构nf_hook_ops nfho;
/*这就是钩子函数本身*/
unsigned int hook_func(unsigned int hooknum,
结构sk_buff**skb,
const struct net_device*in,
const结构网络设备*out,
int(*okfn)(结构sk_buff*))
{
结构sk_buff*sb=*skb;
结构iphdr*iph;
结构icmphdr*icmph;
iph=ip_hdr(sb);
如果(sb==NULL)
返回NF_接受;
如果(iph!=NULL){
printk(KERN_DEBUG“IP头不为空\n”);
如果(iph->协议==IPPROTO\U ICMP){
icmph=icmp_hdr(sb);
如果(icmph!=NULL){
printk(KERN_DEBUG“ICMP头不为空\n”);
返回NF_接受;
}/*如果ICMP不为空*/
返回NF_接受;
}/*if IPPROTO_ICMP*/
返回NF_接受;
}
返回NF_DROP;/*数据包为空*/
}
静态int\uuu init hello\u启动(无效)
{
printk(KERN_INFO“加载测试模块…\n”);
printk(KERN_警报“Hello world\n”);
/*填充我们的钩子结构*/
nfho.hook=hook_func;/*处理函数*/
nfho.hooknum=NF_INET_POST_ROUTING;/*POST_ROUTING流量在到达线路之前*/
nfho.pf=pf_INET;
nfho.priority=NF_IP_PRI_FIRST;/*将我们的功能放在第一位*/
nf_寄存器_挂钩(&nfho);
返回0;
}
静态无效\u退出你好\u结束(无效)
{
nf_取消注册_挂钩(&nfho);
printk(KERN_ALERT“再见先生”);
}
模块初始化(hello\u启动);
模块退出(hello\u结束);
这里可能有什么错误 注意,我在Ubuntu 10.04 LTS和内核2.6.32-33上运行这段代码
这是内核日志文件的一部分,我在崩溃发生时可以看到它
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350142] Modules linked in: myModule(P) hid_a4tech binfmt_misc rfcomm ppdev sco bridge stp bnep l2cap joydev fbcon tileblit font bitblit softcursor vga16fb vgastate snd_hda_codec_realtek pcmcia snd_hda_intel snd_hda_codec snd_hwdep snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi arc4 snd_rawmidi snd_seq_midi_event snd_seq radeon iwlagn snd_timer iwlcore ttm drm_kms_helper snd_seq_device tifm_7xx1 yenta_socket mac80211 led_class psmouse uvcvideo sony_laptop btusb bluetooth tifm_core rsrc_nonstatic videodev v4l1_compat v4l2_compat_ioctl32 snd video output pcmcia_core serio_raw cfg80211 intel_agp drm i2c_algo_bit soundcore snd_page_alloc lp parport usbhid hid ohci1394 ieee1394 r8169 mii [last unloaded: myModule]
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350193] Pid: 1545, comm: clock-applet Tainted: P M D 2.6.32-33-generic #70-Ubuntu VGN-CR31Z_R
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350196] RIP: 0010:[<ffffffffa045a00c>] [<ffffffffa045a00c>] hook_func+0xc/0x38 [myModule]
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350200] RSP: 0018:ffff88012ab87a88 EFLAGS: 00010246
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350202] RAX: ffffffffa045a360 RBX: ffff88012ab87b10 RCX: ffff88012c5c0000
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350203] RDX: 0000000000000000 RSI: ffff880138c4bee8 RDI: 0000000000000003
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350205] RBP: ffff88012ab87a88 R08: ffffffff81491b20 R09: ffff88012ab87b10
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350207] R10: 0000000000000000 R11: 0000000000000003 R12: 0000000080000000
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350209] R13: ffffffff81831070 R14: ffff880138c4bee8 R15: 0000000000000003
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350212] FS: 00007f81d59b5800(0000) GS:ffff880028300000(0000) knlGS:0000000000000000
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350216] CR2: 00000000000000c0 CR3: 000000012c25f000 CR4: 00000000000006e0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350218] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350220] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350222] Process clock-applet (pid: 1545, threadinfo ffff88012ab86000, task ffff88012c4a0000)
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350226] ffff88012ab87ad8 ffffffff81486f1c ffff88012c5c0000 0000000000000000
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350229] <0> ffff88012ab87ac8 ffffffff81491b20 0000000000000003 ffff880138c4bee8
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350233] <0> 0000000000000000 ffff88012c5c0000 ffff88012ab87b48 ffffffff81486fd4
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350243] [<ffffffff81486f1c>] nf_iterate+0x6c/0xb0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350247] [<ffffffff81491b20>] ? dst_output+0x0/0x20
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350250] [<ffffffff81486fd4>] nf_hook_slow+0x74/0x100
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350253] [<ffffffff81491b20>] ? dst_output+0x0/0x20
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350256] [<ffffffff81493c3f>] __ip_local_out+0x9f/0xb0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350258] [<ffffffff81493c66>] ip_local_out+0x16/0x30
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350261] [<ffffffff814944a0>] ip_queue_xmit+0x190/0x410
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350266] [<ffffffff8105ccc2>] ? default_wake_function+0x12/0x20
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350269] [<ffffffff8105ccb0>] ? default_wake_function+0x0/0x20
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350271] [<ffffffff8105cb2b>] ? try_to_wake_up+0x2fb/0x480
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350276] [<ffffffff815418fe>] ? _spin_lock+0xe/0x20
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350280] [<ffffffff814a8fb1>] tcp_transmit_skb+0x3f1/0x790
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350283] [<ffffffff814ab8a3>] tcp_write_xmit+0x1d3/0x4b0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350286] [<ffffffff814abd10>] __tcp_push_pending_frames+0x30/0xa0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350289] [<ffffffff814abdf2>] tcp_send_fin+0x72/0x1d0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350292] [<ffffffff8149d276>] tcp_close+0x2e6/0x460
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350295] [<ffffffff814bf517>] inet_release+0x47/0x70
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350301] [<ffffffff8144ee29>] sock_release+0x29/0x90
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350304] [<ffffffff8144eea7>] sock_close+0x17/0x30
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350310] [<ffffffff81145b15>] __fput+0xf5/0x210
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350313] [<ffffffff81145c55>] fput+0x25/0x30
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350316] [<ffffffff81141d7d>] filp_close+0x5d/0x90
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350320] [<ffffffff810685ef>] put_files_struct+0x7f/0xf0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350323] [<ffffffff810686b4>] exit_files+0x54/0x70
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350326] [<ffffffff8106ac1b>] do_exit+0x15b/0x390
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350329] [<ffffffff8106aea5>] do_group_exit+0x55/0xd0
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350332] [<ffffffff8106af37>] sys_exit_group+0x17/0x20
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350336] [<ffffffff810121b2>] system_call_fastpath+0x16/0x1b
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350356] RSP <ffff88012ab87a88>
Apr 5 23:21:27 DHS-CYB1022 kernel: [ 2754.350360] ---[ end trace ee59092f1ae9cbf0 ]---
Apr 5 23:21:37 DHS-CYB1022 kernel: Kernel logging (proc) stopped.
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350142]链接到的模块:myModule(P)hid 4技术binfmt misc rfcomm ppdev sco bridge stp bnep l2cap joydev fbcon tileblit font bitblit软光标vga16fb vgastate snd hda编解码器realtek pcmcia snd hda intel snd hda编解码器snd hwdep snd pcm oss snd混频器oss snd pcm snd SEQUE snd SEQUE snd snd SEQUE snd SEQUE snd SEQUE snd SEQUOTE LCO SEQUOTE ASS arc4 snd SEQUOTE snd SEQUOTE WID IMDID IMDID timer ITER ITER ITER IND事件drm_kms_helper snd_seq_device tifm_7xx1 yenta_socket mac80211 led_class psmouse uvcvideo sony_膝上型电脑btusb蓝牙tifm_core rsrc_nonstatic videodev v4l1_compat v4l2_compat_ioctl32 snd视频输出pcmcia_core serio_raw cfg80211; intel_agp drm i2c_算法位soundcore snd_页面alloc lp parport usbhid hid ohci1394 ieee1394 r8169 mii[上次卸载:myModule]
4月5日23:21:27 DHS-CYB1022内核:[2754.350193]Pid:1545,通信:时钟小程序被污染:P M D 2.6.32-33-generic#70 Ubuntu VGN-CR31Z#R
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350196]RIP:0010:[]钩子函数+0xc/0x38[myModule]
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350200]RSP:0018:ffff88012ab87a88 EFLAGS:00010246
4月5日23:21:27 DHS-CYB1022内核:[2754.350202]RAX:FFFFFFFFFFA045A360 RBX:ffff88012ab87b10 RCX:ffff88012c5c0000
4月5日23:21:27 DHS-CYB1022内核:[2754.350203]RDX:0000000000000000 RSI:ffff880138c4bee8 RDI:0000000000000000000003
4月5日23:21:27 DHS-CYB1022内核:[2754.350205]RBP:ffff88012ab87a88 R08:ffffffff81491b20 R09:ffff88012ab87b10
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350207]R10:0000000000000000 R11:0000000000000003 R12:00000000 80000000
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350209]R13:ffffffff81831070 R14:FFFF880138C48 R15:0000000000000003
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350212]FS:00007f81d59b5800(0000)GS:ffff880028300000(0000)KNLG:0000000000000000000000
4月5日23:21:27 DHS-CYB1022内核:[2754.350214]CS:0010 DS:0000 ES:0000 CR0:00000000 80050033
4月5日23:21:27 DHS-CYB1022内核:[2754.350216]CR2:00000000000000 C0 CR3:0000000 12C25F000 CR4:0000000000000000000 6E0
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350218]DR0:0000000000000000 DR1:0000000000000000 DR2:0000000000000000000000
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350220]DR3:0000000000000000 DR6:00000000 FFFF0FF0 DR7:00000000000000000000 400
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350222]进程时钟小程序(pid:1545,threadinfo ffff88012ab86000,task ffff88012c4a0000)
4月5日23:21:27 DHS-CYB1022内核:[2754.350226]ffff88012ab87ad8 ffffffff81486f1c FF88012C5C0000 0000000000000000
4月5日23:21:27 DHS-CYB1022内核:[2754.350229]ffff88012ab87ac8 ffffffff81491b20 0000000000000003 FFFFFF880138C48
4月5日23:21:27 DHS-CYB1022内核:[2754.350233]0000000000000000 ffff88012c5c0000 ffff88012ab87b48 ffffffff81486fd4
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350243][]nf_迭代+0x6c/0xb0
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350247][]?dst_输出+0x0/0x20
Apr 5 23:21:27 DHS-CYB1022内核:[2754.350250][]nf_hook_slow+0x74/0x100
4月5日23:2