keyboard driver function hijacking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




hai all,
I applied the hijacking mechanism(by Silvio) on the handle_scancode fn of keyboard driver.It worked fine. I want to open a /proc file(which was created by another program) , to read its contents on pressing certain key. But if I press that perticular key ,system is hanging and printing In Interrupt Handler not --syncing.
  Is there any other way to perform the above task.
  Below is the code written:


static char original_handle_scancode[CODESIZE];
static char acct_code[CODESIZE] =
       "\xb8\x00\x00\x00\x00"      /*      movl   $0,%eax  */
       "\xff\xe0"                  /*      jmp    *%eax    */
   ;

void (*handle_scancode) (unsigned char, int) =
       (void (*)(unsigned char, int)) 0xc01b0cd0;

void _handle_scancode(unsigned char scancode, int keydown)
{
       static int myflag = 0;
       int value,i;


        int length_read1;

        char buffer1[250];
        struct file * f1 = NULL;
        mm_segment_t orig_fs1;

        file_to_read1 = "/proc/procfs_example/bar"; */

       /*
        * Restore first bytes of the original handle_scancode code.  Call
        * the restored function and re-restore the jump code.  Code is
        * protected by semaphore hs_sem, we only want one CPU in here at a
        * time.
        */
       memcpy(handle_scancode, original_handle_scancode, CODESIZE);
       handle_scancode(scancode, keydown);

       if(scancode == 0x19 )
       {
         f1 = filp_open(file_to_read1, O_RDONLY, 00);

        if (!f1 || !f1->f_op || !f1->f_op->read)
          {
          printk(KERN_ALERT "WARNING: File (read) object is a null pointer!!!\n");
          }
       f1->f_pos = 0;


        /* Use get_fs() and set_fs() to temporarily modify the addr_limit
           field of the current task_struct.  This will allow the read to
           use a buffer whose address is not in use space.
        */
        orig_fs1 = get_fs();
        set_fs(KERNEL_DS);

        length_read1 = f1->f_op->read(f1, buffer1, sizeof(buffer1), &f1->f_pos);

        /* Release the file object pointer. */
        fput(f1);

        printk("<1> The string read from the /proc file is : %s\n",buffer1);

       memcpy(handle_scancode, acct_code, CODESIZE);
}

static int __init copymodule_init(void)
{

        *(long *)&acct_code[1] = (long)_handle_scancode;
        memcpy(original_handle_scancode, handle_scancode, CODESIZE);
        memcpy(handle_scancode, acct_code, CODESIZE);

        char * file_to_read1 = kmalloc(20, GFP_KERNEL);
        return 0;
}




Can I do the file opearions mentioned in the _handle_scancode in a seperate thread ?

 Any suggestions are welcome.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux