Re: The disappearing sys_call_table export.

Jerry Cooperstein (coop@axian.com)
Tue, 6 May 2003 10:01:23 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Thunder Anklin: "[OOPS] tmscsim broken on 2.0.40-rc6 as well"
Previous message: Trond Myklebust: "Re: [NFS] processes stuck in D state"

It's much simpler than that: Do either

nm vmlinux | grep sys_call_table

or

grep sys_call_table System.map

extract the address, use the header file to get the syscall number and
the offset.

Of course this all breaks the GPL, but you can get any non-exported
symbol address that way.

======================================================================
Jerry Cooperstein, Senior Consultant, <coop@axian.com>
Axian, Inc., Software Consulting and Training
4800 SW Griffith Dr., Ste. 202, Beaverton, OR 97005 USA
http://www.axian.com/
======================================================================

On Tue, May 06, 2003 at 11:45:41AM +0300, Yoav Weiss wrote:
> > But how? When some global will not be exported, it would not be listed
> > in /proc/ksyms.
>
> So what ?
> You just find the right address (in this case by getting the addresses of
> exported syscalls and finding a list in memory, containing them in the
> right order), and cast it to be the syscall table. If you want it to work
> with a binary-only driver, you can even insmod a small module that does
> that and adds the result to the symbol table for other modules to use.
>
> We've been doing that for years on closed-source systems like AIX. The
> above is just one way to locate a struct in memory. A faster way is to
> find some exported structs which are known to point to the unexported
> symbol from some offset, extract the symbol's address, and "re-export" it.
>
> In fact, in linux which is opensource, you can probably write a script
> that extracts any unexported symbol from the source code, find a path to
> it from some exported symbol, and automagically create a module that
> re-exports this symbol for your legacy driver to use.
>
> If you write the script, don't forget to GPL it :)
>
> Yoav Weiss
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Thunder Anklin: "[OOPS] tmscsim broken on 2.0.40-rc6 as well"
Previous message: Trond Myklebust: "Re: [NFS] processes stuck in D state"