我使用的是 android-kernel 2.6.29。我正在尝试 Hook android-kernel 上的开放系统调用。我点击了链接 http://syprog.blogspot.com.au/2011/10/hijack-linux-system-calls-part-iii.html Hook ubuntu 12.04LTS 并成功但是当我为 android 交叉编译我的模块时我得到以下错误
错误:隐式 lookup_address 函数
有人可以帮忙吗?为什么我收到这个错误?有 lookup_address 的替代方案吗?
最佳答案
根据 Linux Cross-reference 判断具有适用于 ARM 体系结构的标准,引用第一个引用的内核版本 2.6.32(不幸的是没有 2.6.29)
尽管设置了标准,但交叉引用将产生主要针对 x86 架构的命中。引用:
lookup_address
Defined as a function in:
arch/x86/mm/pageattr.c, line 295
arch/sh/kernel/io_trapped.c, line 162
Defined as a function prototype in:
arch/x86/include/asm/pgtable_types.h, line 330
Referenced (in 11 files total) in:
arch/x86/include/asm/pgtable_types.h, line 330
arch/x86/mm/kmemcheck/pte.c, line 12
arch/x86/mm/kmemcheck/kmemcheck.c:
line 269
line 295
arch/x86/mm/pageattr-test.c:
line 60
line 150
line 183
line 203
line 215
arch/x86/mm/mmio-mod.c, line 96
arch/x86/mm/fault.c, line 577
arch/x86/mm/kmmio.c, line 136
arch/x86/mm/pageattr.c:
line 200
line 238
line 295
line 326
line 371
line 487
line 606
line 1288
arch/x86/xen/mmu.c:
line 335
line 347
line 362
arch/x86/xen/enlighten.c:
line 281
line 364
arch/sh/kernel/io_trapped.c:
line 162
line 228
line 251
查看在 x86/mm/pageattr.c 中找到的实际源函数 here , 只是为了展示函数的样子:
295 pte_t *lookup_address(unsigned long address, unsigned int *level)
296 {
297 pgd_t *pgd = pgd_offset_k(address);
298 pud_t *pud;
299 pmd_t *pmd;
300
301 *level = PG_LEVEL_NONE;
302
303 if (pgd_none(*pgd))
304 return NULL;
305
306 pud = pud_offset(pgd, address);
307 if (pud_none(*pud))
308 return NULL;
309
310 *level = PG_LEVEL_1G;
311 if (pud_large(*pud) || !pud_present(*pud))
312 return (pte_t *)pud;
313
314 pmd = pmd_offset(pud, address);
315 if (pmd_none(*pmd))
316 return NULL;
317
318 *level = PG_LEVEL_2M;
319 if (pmd_large(*pmd) || !pmd_present(*pmd))
320 return (pte_t *)pmd;
321
322 *level = PG_LEVEL_4K;
323
324 return pte_offset_kernel(pmd, address);
325 }
326 EXPORT_SYMBOL_GPL(lookup_address);
关于android系统调用 Hook ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/14114343/