Re: OOPS: how to hook system_call_table in redhat es5.1 on x86_64platform

From: Arjan van de Ven
Date: Sun Mar 02 2008 - 15:04:53 EST

Next message: Roger Heflin: "Re: HPL Benchmark performance degradation of kernel 2.6.24.3 vs 2.6.23.14"
Previous message: Andrew Morton: "Re: [BUG] soft lockup detected with ipcs"
In reply to: Gang He: "OOPS: how to hook system_call_table in redhat es5.1 on x86_64 platform"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 2 Mar 2008 09:40:14 +0800
"Gang He" <hegang.linux@xxxxxxxxx> wrote:

> Hi,
>
> as you know, Linux kernel (>2.6.18) set some pages read-only, we can
> not hook system_call_table directly like before, the new source code
> on i386 is
>

Hi,

2 items:
1) lkml is not a tutorial list for how to write rootkits
2) you forgot to point to your full source code; hooking the system call table
is the wrong thing to do, but by not mentioning your (GPL) source code you
don't give us the option to give you suggestions on how to achieve what you
want.

I would suggest you come back to this mailing list with more context on what you
are trying to achieve including a pointer to the source code.

--
If you want to reach me at my work email, use arjan@xxxxxxxxxxxxxxx
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Roger Heflin: "Re: HPL Benchmark performance degradation of kernel 2.6.24.3 vs 2.6.23.14"
Previous message: Andrew Morton: "Re: [BUG] soft lockup detected with ipcs"
In reply to: Gang He: "OOPS: how to hook system_call_table in redhat es5.1 on x86_64 platform"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]