分类: LINUX
2014-12-01 16:33:32
原文地址:在内核中通过/proc/kallsyms获得符号的地址 作者:CUDev
| #include #include #include //#include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define DRV_DEBUG unsigned long read_kallsyms(char *symbol_name); int init_module(void) { read_kallsyms("sys_read"); read_kallsyms("dum_check_wait_queue"); read_kallsyms("cdrom_open"); return -1; } void cleanup_module(void) { } MODULE_LICENSE("GPL"); #define MAX_BUF_LEN 100 int kgetline(struct file *file, char *buf) { int i = 0; char c = 0; int nbytes = 0; char temp[MAX_BUF_LEN] = {0}; for(i=0; i nbytes = file->f_op->read(file, &c, 1,&file->f_pos); if(nbytes==0) break; temp[i] = c; buf[i] = c; } //printk("Line(%d): %s", i, temp); return i; } #define PROC_HOME "/proc/kallsyms" unsigned long read_kallsyms(char *symbol_name) { mm_segment_t old_fs; ssize_t bytes; struct file *file = NULL; char *p; int i = 0; unsigned long addr = 0; char line[MAX_BUF_LEN] = {0}; char new_symbol_name[MAX_BUF_LEN] = "T "; strcat(new_symbol_name, symbol_name); printk("new_symbol_name: %s\n", new_symbol_name); int len = strlen(new_symbol_name); file = filp_open(PROC_HOME,O_RDONLY,0); if (!file) return -1; if (!file->f_op->read) return -1; old_fs = get_fs(); set_fs(get_ds()); for(;;) { bytes = kgetline(file,line); if(bytes==0) break; if (( p = strstr(line, new_symbol_name)) != NULL) { /* NOTES: ' ' & '\t' c0123456 T sys_read e0654321 T cdrom_open [cdrom] */ if( (*(p+len) != '\n') && (*(p+len) != '\t') ) continue; printk("line:%s\n", line); for(i=0; i if(line[i] == ' ') break; } line[i] = '\0'; addr = simple_strtoul(line,NULL,16); #ifdef DRV_DEBUG printk("addr(%s): %x\n", symbol_name, addr); #endif break; } memset(line, 0, MAX_BUF_LEN); } filp_close(file,NULL); set_fs(old_fs); return addr; } |
