Hi guys, I'm new to kernelnewbies and this is my first question in the list.
I'm working on system call interception (for open() system call) and I got one problem: I have two kernel modules (mod1 and mod2) and both of them are trying to intercept open() syscall. I've loaded mod1 first and then mod2. The mod1 intercepted open() by: original_open1 = sys_call_table[__NR_open]; sys_call_table[__NR_open] = mod1_open; Here original_open1 would be sys_open. After this, mod2 intercepted open() by: original_open2 = sys_call_table[__NR_open]; sys_call_table[__NR_open] = mod2_open; Here, original_open2 would be mod1_open() since mod1 was loaded first. Now, the problem is: Suppose I unload mod1 first and open() system call gets executed, then mod2_open() would get called, which ultimately calls mod1_open(). Since mod1 is already unloaded, calling mod1_open() caused panic (since the function pointer is no longer a valid memory region). I need some mechanism to avoid this problem. Basically, I want a solution which facilitates loading/unloading the modules (which intercept same syscall) in any random order without causing any panic. Is there some kind of facility such that while unloading the module (`mod2` here), the module will broadcast the message to all other modules that it's being unloaded and instead of refering to `original_open2()` the other modules should use `original_open1()`. Your help would really be appreciated. Thanks, Ajinkya.
_______________________________________________ Kernelnewbies mailing list [email protected] https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
