2

I am using android-kernel 2.6.29. I am trying to hook open system call on android-kernel. I followed the link http://syprog.blogspot.com.au/2011/10/hijack-linux-system-calls-part-iii.html to hook on ubuntu 12.04LTS and was successful but when i cross-compile my module for android then i get gives following error

error: implicit lookup_address function

can anyone help ? why i am getting this error ? is there any alternative of lookup_address ?

Ramiz Raja
  • 300
  • 6
  • 17
  • Can you include the source? Methinks the function is for x86 only! (Look at this cross-reference [here](http://lxr.free-electrons.com/ident?a=arm&i=lookup_address) ) – t0mm13b Jan 01 '13 at 21:32

1 Answers1

0

Judging by the Linux Cross-reference with the appropriate criteria for ARM architecture, referring to the first referenced kernel version 2.6.32 (there's no 2.6.29 Unfortunately)

The cross-references will yield hits mostly referring to the x86 architecture despite the criteria being set. To quote:

lookup_address

Defined as a function in:
arch/x86/mm/pageattr.c, line 295
arch/sh/kernel/io_trapped.c, line 162
Defined as a function prototype in:
arch/x86/include/asm/pgtable_types.h, line 330
Referenced (in 11 files total) in:
arch/x86/include/asm/pgtable_types.h, line 330
arch/x86/mm/kmemcheck/pte.c, line 12
arch/x86/mm/kmemcheck/kmemcheck.c:
line 269
line 295
arch/x86/mm/pageattr-test.c:
line 60
line 150
line 183
line 203
line 215
arch/x86/mm/mmio-mod.c, line 96
arch/x86/mm/fault.c, line 577
arch/x86/mm/kmmio.c, line 136
arch/x86/mm/pageattr.c:
line 200
line 238
line 295
line 326
line 371
line 487
line 606
line 1288
arch/x86/xen/mmu.c:
line 335
line 347
line 362
arch/x86/xen/enlighten.c:
line 281
line 364
arch/sh/kernel/io_trapped.c:
line 162
line 228
line 251

Looking at the actual source function found within x86/mm/pageattr.c here, just to show what the function looks like:

295 pte_t *lookup_address(unsigned long address, unsigned int *level)
296 {
297         pgd_t *pgd = pgd_offset_k(address);
298         pud_t *pud;
299         pmd_t *pmd;
300 
301         *level = PG_LEVEL_NONE;
302 
303         if (pgd_none(*pgd))
304                 return NULL;
305 
306         pud = pud_offset(pgd, address);
307         if (pud_none(*pud))
308                 return NULL;
309 
310         *level = PG_LEVEL_1G;
311         if (pud_large(*pud) || !pud_present(*pud))
312                 return (pte_t *)pud;
313 
314         pmd = pmd_offset(pud, address);
315         if (pmd_none(*pmd))
316                 return NULL;
317 
318         *level = PG_LEVEL_2M;
319         if (pmd_large(*pmd) || !pmd_present(*pmd))
320                 return (pte_t *)pmd;
321 
322         *level = PG_LEVEL_4K;
323 
324         return pte_offset_kernel(pmd, address);
325 }
326 EXPORT_SYMBOL_GPL(lookup_address);
t0mm13b
  • 34,087
  • 8
  • 78
  • 110
  • is there any alternative for this ? i have tried method on this link [link](http://dev-console.blogspot.com/2010/01/hooking-syscall-in-linux-2624-kernel.html) but there is no change_page_attr function. again error..:(.. – Ramiz Raja Jan 01 '13 at 22:03
  • @RamizRaja the function you referring to is **specific to x86 platform** – t0mm13b Jan 01 '13 at 22:09
  • 1
    I understand but i am just asking you suggestion of implementation or function like lookup_address or change_page_attr. If you don't have any suggestion then ok np..:).. – Ramiz Raja Jan 01 '13 at 22:14
  • Sorry OP :( have no suggestion for this! Best to try leverage google-fu to see what you can find :) – t0mm13b Jan 01 '13 at 22:17
  • Surely, with some understanding of the MMU functionality on ARM, it wouldn't require rocket science to produce a matching function. I think most of the ARM structure for MMU work is similar to x86, so names such as pgd and pmd should match (I think either PUD or PMD is not present in ARM, but the general structure is the same - I'm pretty sure there aren't any 1G pages in 32-bit ARM either) – Mats Petersson Jan 01 '13 at 23:26
  • Why the downvote!? The OP did not make concerted effort and I merely tried to show him that the code the OP was referring to was x86 code related, and could not find an alternative targetting the ARM.... – t0mm13b Jan 14 '13 at 02:24