Re: Link time manipulation of kernel symbols like read/write

From: Leonidas .
Date: Sun May 09 2010 - 11:19:47 EST

Next message: Roel Kluin: "Keep index within boundaries in kvmppc_44x_emul_tlbwe()"
Previous message: Phil Reynolds: "Marvell eSATA - 88SE6121 on Asus M3A79-T Deluxe - not in AHCI"
In reply to: Arjan van de Ven: "Re: Link time manipulation of kernel symbols like read/write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
> lkml is not rootkit-help-for-free ;-)

I promise that I am not going to write a root kit :-). But you gave me
a good start, I will
have to check some of the root kits in order to see how things happen there.

Actually, I want to see similarities between user space way of
linking/loading compared to
kernel space. Have not been able to figure out completely yet at
conceptual level. I have
gone through module.c file and insmod utility.

Any pointers to earlier such attempts would be helpful.

-Leo.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Roel Kluin: "Keep index within boundaries in kvmppc_44x_emul_tlbwe()"
Previous message: Phil Reynolds: "Marvell eSATA - 88SE6121 on Asus M3A79-T Deluxe - not in AHCI"
In reply to: Arjan van de Ven: "Re: Link time manipulation of kernel symbols like read/write"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]