Hi David, Thanks for your help. I can intercept the time function now. But the kernel crashed when I tried to de-install the module. I declared the old_time as: static unsigned long old_time; and in init_module: old_time = sys_call_table[__NR_gettimeofday - 1024]; .... and then in cleanup_module: sys_call_table[__NR_gettimeofday - 1024] = old_time. Why can't it work? And I tried to declare the old_time as a function pointer and restore the syscall entry like: sys_call_table[__NR_gettimeofday - 1024] = ((struct fptr *)&old_time)->ip; it can't work too. Regards, JinShan On Thu, 27 Jan 2005 18:10:36 -0800, David Mosberger <davidm@napali.hpl.hp.com> wrote: > >>>>> On Fri, 28 Jan 2005 10:04:33 +0800, JinShan Xiong <jinshan.xiong@gmail.com> said: > > JinShan> Hi David, I don't know how to use the stub code, I have > JinShan> tried to copy it to overload sys_gettimeofday(), like this, > > JinShan> memcpy(sys_call_table[__NR_gettimeofday - 1024], > JinShan> new_time_stub, 32), > > JinShan> it crashed the kenrel also. > > JinShan> Please help me! > > sys_call_table[__NR_gettimeofday - 1024] would have to be set to the > entry-point of new_time_stub. If you declare new_time_stub as a > function, you'd have to do this like so: > > extern void new_time_stub (whatever...); > struct fptr { void *ip, void *gp }; > > sys_call_table[__NR_gettimeofday - 1024] = > ((struct fptr *) &new_time_stub)->ip; > > --david > > - To unsubscribe from this list: send the line "unsubscribe linux-ia64" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.htmlReceived on Thu Jan 27 23:06:02 2005
This archive was generated by hypermail 2.1.8 : 2005-08-02 09:20:35 EST