CODEWITHSUNDEEP
linuxx86interrupt
daehee
daehee

Reputation: 5367

x86 Linux IDT hooking

I am hooking an IDT entry of my x86 linux kernel. more specifically, I hooked the 0x80'th IDT entry which is system call interrupt handler.

everything goes fine if I set up my hooking handler function as below

void my_handler(){
    asm("leave\n");  // clean up stack
    asm("push $0xc0504020\n"); push original handler's address
    asm("ret\n");
}

however, if I add up something like printk(), current->pid...

void my_handler(){
    printk("pid : %d\n", current->pid);
    asm("leave\n");  // clean up stack
    asm("push $0xc0504020\n"); push original handler's address
    asm("ret\n");
}

everything freezes. I think this is because I didnt set fs or gs segment register properly... but I don't know how to set it properly. can someone give me advice?

thank you in advance.

Upvotes: 2

Views: 1002

Answers (1)

Martin Rosenau
Martin Rosenau

Reputation: 18521

It's not only FS and GS.

You should write the entire routine in assembler, not in C!

You must take care that all registers are stored and restored before entering the original system call vector. Otherwise "printk" will modify (destroy !) EAX...

For the correct values of DS, ES, FS and GS you should look at the source code of Linux. As far as I know it is not FS and GS that make a problem but the value of DS and ES must be adapted!

Upvotes: 1

Related Questions