Fatal编程技术网
  • linux/
  • Linux call_usermodehelper API无法加载进程

Linux call_usermodehelper API无法加载进程

linux kernel

Linux call_usermodehelper API无法加载进程,linux,kernel,Linux,Kernel,我在linux内核模块中使用*call\u usermodehelper*API时遇到问题。我在内核jprobes模块中使用这个API来捕获*start_thread*函数。如果我提供*UMH\u WAIT\u EXEC*作为WAIT参数,那么这个API工作得很好,但是当*UMH\u WAIT\u PROC*作为参数传递时,它无法加载进程 具体来说,以下代码工作正常 #include <linux/kernel.h> #include <linux/module.h> #

我在linux内核模块中使用*call\u usermodehelper*API时遇到问题。我在内核jprobes模块中使用这个API来捕获*start_thread*函数。如果我提供*UMH\u WAIT\u EXEC*作为WAIT参数,那么这个API工作得很好,但是当*UMH\u WAIT\u PROC*作为参数传递时,它无法加载进程

具体来说,以下代码工作正常

#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/sched.h>
#include <linux/kprobes.h>
#include <linux/kallsyms.h>
#include <linux/ptrace.h>
#include <linux/kmod.h>
#include <linux/syscalls.h>
#include <linux/delay.h>

static struct jprobe start_thread_jprobe;

static asmlinkage int kp_start_thread(struct pt_regs* regs, 
                        unsigned long new_ip,unsigned long new_sp){

    int retval;

    char * envp[] = { NULL };
    char* argv[]={"/bin/ls",NULL};

    //Only modifying this for a process named test1
    if(strcmp(current->comm,"test1")==0){

    retval=call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);

    if(retval<0){
            printk("Failed in starting! %d\n",retval);
    }
    else {
        printk("Succeded in starting %d\n",retval);
    }
}


jprobe_return();
/*NOTREACHED*/
return (0);
}

int init_module(void)
{
int ret;
start_thread_jprobe.entry = (kprobe_opcode_t *)kp_start_thread;
start_thread_jprobe.kp.addr = (kprobe_opcode_t *)
kallsyms_lookup_name("start_thread");

if (!start_thread_jprobe.kp.addr) {
printk("unable to lookup symbol\n");
return (-1);
}

if ((ret = register_jprobe(&start_thread_jprobe)) <0) {
printk("register_jprobe failed, returned %d\n", ret);
return (-1);
}
return (0);
}
上述调用无法使用此API加载ls。它给出了一个错误号-14(默认值)

一个简单的测试如下:

测试1.c

#include <stdio.h>
   int main(){
          printf("This is test1\n");
          return 0;
   }
测试:

#include <stdio.h>
   int main(){
          printf("This is test1\n");
          return 0;
   }

obj-m := kp-start-thread.o
KDIR := /lib/modules/$(shell uname -r)/build
PWD := $(shell pwd)
default:
        $(MAKE) -C $(KDIR) SUBDIRS=$(PWD) modules
clean:
        rm -f *.mod.c *.ko *.o

gcc test1.c -o test1 
   make 
   sudo insmod ./kp-start-thread.ko
   ./test1  
   dmesg ---> Will demonstrate success message with EXEC and failure with WAIT.