<div dir="ltr"><span style="font-family:arial,sans-serif;font-size:13px">Hi Grzegorz,</span><div style="font-family:arial,sans-serif;font-size:13px"> To my knowledge if we try write to a read only area ,the kernel gives an OOPS.As I stated in the question,the module does not give me any errors.I have disabled page protections before writing to sys_call_table. I believe that is enough to make the sys_call_table RW. What do you think?</div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Jan 25, 2013 at 6:58 PM, Paul Davies C <span dir="ltr"><<a href="mailto:pauldaviesc@gmail.com" target="_blank">pauldaviesc@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<div> [1] is the module I wrote for intercepting the system call fork(). I have taken the conventional way of hooking the system call. Firstly I found out the address of the sys_call_table from the System.map. Then I used it in the module to substitute for the original fork() with my own version of fork.My version does nothing more than printing a message and returning the original fork(). It didn't gave any errors when loaded to kernel using the insmod. However it seems that the module had no affect on the sys_call_table[] since the fork() is working perfectly after the insertion of module and it does not show me the message it was supposed to print. Can someone figure out the problem? I am using 3.2.0-4-686 version of kernel.</div>
<div>[1] <a href="http://pastebin.com/aWN3jdQU" target="_blank">http://pastebin.com/aWN3jdQU</a><span class="HOEnZb"><font color="#888888"><br clear="all"><div><br></div>-- <br><div><font face="'arial narrow', sans-serif" color="#C0C0C0"><b>Regards,</b></font></div>
<div>
<font face="'arial narrow', sans-serif" color="#C0C0C0"><b>Paul Davies C</b></font></div>
<a href="http://vivafoss.blogspot.com" target="_blank">vivafoss.blogspot.com</a>
</font></span></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div><font face="'arial narrow', sans-serif" color="#C0C0C0"><b>Regards,</b></font></div><div><font face="'arial narrow', sans-serif" color="#C0C0C0"><b>Paul Davies C</b></font></div>
<a href="http://vivafoss.blogspot.com" target="_blank">vivafoss.blogspot.com</a>
</div>