I'm new in kernel development. I'm trying to see if I can make a call to a function from the __init section. But after building the module, when I use insmod XXX.ko to insert my module, my system does not respond. I have to restart my machine. I follow the solution and approach from this question but did not help.
Here is my source code for the __init section, __exit section and the test_readfunction that I'm trying to call:
unsigned long test_read(const struct pt_regs *regs){
printk(KERN_INFO "Inside test_read");
unsigned int fd = regs->di;
char *buf = (char*) regs->si
unsigned long r=1;
char *kbuf=(char*)kmalloc(256,GFP_KERNEL);
printk(KERN_INFO "File descriptor\n");
printk(KERN_CONT "%lu",fd);
printk(KERN_INFO "User Buffer\n");
printk(KERN_CONT "%p",buf);
return r;
}
static int __init kit_start(void)
{
sys_call_table = kallsyms_lookup_name("sys_call_table");
printk(KERN_INFO "System call address ");
printk(KERN_CONT "%p",sys_call_table);
original_read = (void *)sys_call_table[__NR_read];
printk(KERN_INFO "Original read address ");
printk(KERN_CONT "%p",original_read);
register uint64_t cr0;
cr0 = getcr0();
rw_enable();
sys_call_table[__NR_read]=test_read;
rw_disable( cr0 );
return 0;
}
void __exit kit_exit(void)
{
printk(KERN_INFO "Exiting");
register uint64_t cr0;
cr0 = getcr0();
rw_enable();
sys_call_table[ __NR_read ] = original_read;
rw_disable( cr0 );
}
Full source code is available here. Any idea what did I do wrong. I'm Using x86-64 with 5.3.0-42-generic kernel
Update Post:
Instead of using rw_enable() and rw_disable( cr0 ), if i use
write_cr0 (read_cr0 () & (~ 0x10000));
sys_call_table[__NR_read]=test_read;
write_cr0 (read_cr0 () | 0x10000);
Upon using the insmod to insert the module, terminal shows "Killed" and dmesg shows an error when try to execute sys_call_table[__NR_read]=test_read;
BUG: unable to handle page fault for address: ffffffff820002a0
#PF: supervisor write access in kernel mode
#PF: error_code(0x0003) - permissions violation
source code here