Patching Code Bytes
Now, equipped with the functions from the previous section, let's patch some kernel virtual memory. I'll start with a very basic example. Listing 5-1 is a system call module that acts like an over-caffeinated "Hello, world!" function.
#include <sys/types.h> #include <sys/param.h> #include <sys/proc.h> #include <sys/module.h> #include <sys/sysent.h> #include <sys/kernel.h> #include <sys/systm.h> /* The system call function. */ static int hello(struct thread *td, void *syscall_args) { int i; ❶for (i = 0; i < 10; i++) printf("FreeBSD Rocks!\n"); return(0); } /* The sysent for the new system call. */ static struct sysent hello_sysent = { 0, /* number of arguments */ hello /* implementing function */ }; /* The offset in sysent[] ...
Get Designing BSD Rootkits now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.