LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-16-2011, 01:37 PM   #1
Kon
LQ Newbie
 
Registered: Aug 2011
Posts: 1

Rep: Reputation: Disabled
Question Freeze in arch/x86/lib/memcpy_64.S [UML from kernel 2.6.39.1]


Hi everyone,

I am a Linux noob and have only recently started playing around with it.

I am trying to "hijack" some syscalls by modifying their function pointers in the syscall table to redirect access to my own functions where I preprocess the arguments before calling the original functions with possibly modified arguments. I am doing this by loading an LKM in a user-mode linux running off kernel version 2.6.39.1 runnning in x86_64 mode. To get to the heart of the problem, I'll give an example of what happens for 2 syscalls - open and lstat.

All versions of sys_lstat accept two userland pointers - file-name and a struct where stat information is to be stored. What my function does is it checks the file-name and for some match, passes a different file-name (which is a kernel pointer) to the original sys_lstat version. A simplified version of the code is (ignore syntactic mistakes, if any):

Code:
asmlinkage long my_sys_lstat(const char __user *userland_filename, 
                                  struct __old_kernel_stat __user *statbuf) 
{ 
    int err;  
    struct path path; 
    bool modify_fs = false; 
    char* filename_param_to_orig = userland_filename; 
    mm_segment_t old_fs; 
 
    err = user_path_at(AT_FDCWD, userland_filename, 0, &path); 
    if (err)    return err; 
 
    if (file_match(path)) {    //compare inodes 
        // Modify DS before calling the original function with a kernel pointer 
        // as a param 
        modify_fs = true; 
        old_fs =  = get_fs(); 
        set_fs(KERNEL_DS); 
        filename_param_to_orig = my_mod_filename; 
    } 
 
    err = orig_sys_lstat(filename_param_to_orig, statbuf); // doesn't return if file matches 
    if (modify_fs) 
        set_fs(old_fs); 
    return err; 
}
On a file match, it all goes fine until control reaches memcpy called from copy_to_user method (eventually called from sys_lstat), where the kernel tries to copy into the userland struct from its own struct which is filled with (hopefully) the right info. In memcpy (arch/x86/lib/memcpy_64.S) the kernel completely freezes. If gdb is to be trusted, this freeze happens on line 70 in the instruction:

Code:
movq 0*8(%rsi), %r8
Unfortunately I am not very well versed with x86 architecture either, and I have not been able to figure why this freeze happens.

A similar implementation for sys_open is working for me (passing a kernel pointer to the original function after changing the data segment). I have also tried this in UML on an i386 system (courtesy virtualbox), and the result is the same (although the memcpy file is likely different).

Could anybody point out what's going wrong here or at least point me in a direction where I could look for it myself? Any help is much appreciated. Thanks a lot!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
on x86 arch, startup_32 is jumped from where? Richard.Yang Linux - Kernel 6 08-17-2011 08:18 PM
[SOLVED] arch - x86 or x86_64? Gerard Lally Linux - Kernel 2 04-29-2010 07:00 PM
Error when compiling kernel at arch/x86/boot/compressed/misc.c ronzo Linux - Kernel 0 03-29-2009 11:04 AM
x86 1/06 cd boot to install freeze brent1a Solaris / OpenSolaris 7 01-22-2006 02:02 PM
Cross compiled kernel-2.6.13 for x86-64 arch stops booting under Slackware-10.1 Basel Slackware 4 09-09-2005 12:57 PM


All times are GMT -5. The time now is 02:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration