From owner-freebsd-questions@FreeBSD.ORG Mon Jan 19 04:17:11 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9F95D96 for ; Mon, 19 Jan 2015 04:17:11 +0000 (UTC) Received: from mail-pa0-x229.google.com (mail-pa0-x229.google.com [IPv6:2607:f8b0:400e:c03::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 73D5DCA9 for ; Mon, 19 Jan 2015 04:17:11 +0000 (UTC) Received: by mail-pa0-f41.google.com with SMTP id rd3so36182264pab.0 for ; Sun, 18 Jan 2015 20:17:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=cTVx5oGvTD0JMRqvIOzWnC3iHmQ5AXBbiB1kN/sY+WQ=; b=cTOip3vdinMHxts5RiMOm2r20JMD++04+n/0aVFE1+GwyEVYKyP7stizz0SQVA/ByC yIzvJh5Zcg1+ZhC8LaqrsGvkzBwe/1kFUYnng2VHMLPcufJt8qV989ZjSgWwkza5itRq nPrlDejyCLVyK7QoHcTzDQ4KwgOMpWqf1+HxQz2kaX3XCa3J9lN87eF8N8ULmHJcsWOC ZeLCkl1bCzy0sBLjEoO6v92Oudr+sU1+pSPGRWpQ9DwfQBp5Fm2IBcrO06cF3dbjB1DL IDTAmspOE1uYH3xTtEyzXhK2MwvnhG9k04HGimmwo4OvfeVuNKyXtB7fD+dcnIw280wP 1/YQ== MIME-Version: 1.0 X-Received: by 10.66.253.197 with SMTP id ac5mr14407918pad.152.1421641030908; Sun, 18 Jan 2015 20:17:10 -0800 (PST) Received: by 10.70.99.171 with HTTP; Sun, 18 Jan 2015 20:17:10 -0800 (PST) Date: Mon, 19 Jan 2015 06:17:10 +0200 Message-ID: Subject: modfind() returns -1 From: "Ivan \"Rambius\" Ivanov" To: "mail.list freebsd-questions" Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jan 2015 04:17:11 -0000 Hello, I am trying to implement a simple system call module, but after I install it and try to find its offset with modfind, I somehow get -1. The code implementing the syscal resides in sc_example_no_args.c: #include #include #include #include #include #include #include #include static int sc_example_no_args(struct thread *td, void *syscall_args) { printf("%s\n", "Hello, world!"); return 0; } static struct sysent sc_example_sysent_no_args = { 0, sc_example_no_args }; static int offset = NO_SYSCALL; static int load(struct module *module, int cmd, void *arg) { int error = 0; switch(cmd) { case MOD_LOAD: uprintf("System call loaded at offset %d.\n", offset); break; case MOD_UNLOAD: uprintf("System call unloaded at offset %d.\n", offset); break; default: error = EOPNOTSUPP; break; } return error; } SYSCALL_MODULE(sc_example_no_args, &offset, &sc_example_sysent_no_args, load, NULL); The Make file that compiles it is KMOD=sc_example_no_args SRCS=sc_example_no_args.c .include The ouput of make is $ make Warning: Object directory not changed from original /home/rambius/drafts/fbsdrootkits/ch01/sc_example_no_arg cc -O2 -pipe -fno-strict-aliasing -Werror -D_KERNEL -DKLD_MODULE -nostdinc -I. -I@ -I@/contrib/altq -fno-common -mno-aes -mno-avx -mno-mmx -mno-sse -msoft-float -ffreestanding -fstack-protector -std=iso9899:1999 -Qunused-arguments -fstack-protector -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -Wmissing-include-dirs -fdiagnostics-show-option -Wno-error-tautological-compare -Wno-error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -c sc_example_no_args.c ld -d -warn-common -r -d -o sc_example_no_args.kld sc_example_no_args.o :> export_syms awk -f /sys/conf/kmod_syms.awk sc_example_no_args.kld export_syms | xargs -J% objcopy % sc_example_no_args.kld ld -Bshareable -d -warn-common -o sc_example_no_args.ko sc_example_no_args.kld objcopy --strip-debug sc_example_no_args.ko I now have the module compiled in sc_example_no_args.ko and I can kldload it: $ sudo kldload ./sc_example_no_args.ko System call loaded at offset 210. $ kldstat Id Refs Address Size Name 1 6 0xc0400000 13a35fc kernel 2 1 0xc900a000 5000 ums.ko 3 1 0xca38f000 2000 sc_example_no_args.ko So far, so good. Here is the code that tries to invoke that system call: $ cat interface.c #include #include #include #include #include #include int main(int argc, char *argv[]) { int syscall_num; struct module_stat stat; int mod_id; stat.version = sizeof(stat); mod_id = modfind("sc_example_no_args"); printf("%d\n", mod_id); if (mod_id == -1) { perror("Error finding module"); exit(2); } modstat(210, &stat); syscall_num = stat.data.intval; return syscall(syscall_num, argv[1]); } I compile interface.c with: $ cc -Wall interface.c -o interface When I run it I see that it cannot find the module: $ cc -Wall interface.c -o interface $ ./interface -1 Error finding module: No such file or directory $ echo $? 2 I would be very helpful for any help or hints. I am able to do the syscall through perl $ perl -e 'syscall(210);' $ dmesg | tail -n 1 Hello, world! Thank you in advance! Regards Rambius -- Tangra Mega Rock: http://www.radiotangra.com