kernel module function arguments

hi guys!

I am experimenting a kernel module:
here is it's tiny code:


/// KERNEL MODULE CODE START

#define MY_SYSCALL_NO 0

extern void* sys_call_table[];

asmlinkage int (*orig_syscall)(struct pt_regs);

asmlinkage long my_syscall(struct pt_regs regs){
// regs.eax regs.ebx regs.ecx
return 0;
}
static int dummy_init(void){
orig_syscall=sys_call_table[MY_SYSCALL_NO];
sys_call_table[MY_SYSCALL_NO] = my_syscall;
return 0;
}
static void dummy_exit(void){
sys_call_table[MY_SYSCALL_NO]=orig_syscall;
}
module_init(dummy_init);
module_exit(dummy_exit);
/// KERNEL MODULE CODE END

It's purporse is to intecept system call with number ZERO - call
function my_syscall instead actually :)
But if in userspace I use the following code, which is supposed to be
intercepted in my kernel module(please
don't ask me about the bellow code, because I am not really aware of
what it is doing) :


// USERSPACE CODE START
__attribute__((regparm(0))) int msyscall(int sno, long *args)
{
int ret;

__asm__ __volatile__ ( " push %%ebp" : :);
__asm__ __volatile__ ( " push %0" : : "g" (sno));
__asm__ __volatile__ ( " push %0" : : "g" (args[0]));
__asm__ __volatile__ ( " push %0" : : "g" (args[1]));
__asm__ __volatile__ ( " push %0" : : "g" (args[2]));
__asm__ __volatile__ ( " push %0" : : "g" (args[3]));
__asm__ __volatile__ ( " push %0" : : "g" (args[4]));
__asm__ __volatile__ ( " push %0" : : "g" (args[5]));
__asm__ __volatile__ ( " pop %%ebp; pop %%edi; pop %%esi; pop %%edx;
\
pop %%ecx; pop %%ebx; pop %%eax; int $0x80; \
pop %%ebp" : : );
__asm__ __volatile__ ( " movl %%eax, %0" : "=g" (ret):);

return ret;
}

int vsyscall(int sno, int n, ...)
{
va_list va;
long args[6];
int i;

va_start(va, n);
for(i=0; i<n; i++)
args[i]=va_arg(va, long);
va_end(va);
return msyscall(sno, args);
}

int main(int argc, char** argv)
{
vsyscall(MY_SYSCALL_NO, 3, 4, 5, 90);
return 0;
}
// USERSPACE CODE END
As a result my kernel module intercept vsyscall call (calling
my_syscall), and it's
(my_syscall's argument ) regs.eax is 0 --- showing that system call
with number 0 was intercepted.
BUT HERE IS THE PROBLEM: the other registers (regs.ebx,regs.ecx)
aren't they supposed to be equal to
3,4,5, 90 -- because un client space I pushed them on the stack ?
OK -- if not, how then I can find out arguments passed to
my_systemcall ?
Please help .

.

Relevant Pages

  • kernel vm question
    ... static int test_modevent ... is the full kernel module source and a dmesg of the hardware in question. ... CPU: IntelXeonCPU 2.66GHz ... pci0: <PCI bus> on pcib0 ...
    (freebsd-hackers)
  • some /proc understandings
    ... struct proc_dir_entry *myfile_file; ... off, int count, int *eof, void *data) ... from another kernel module?? ... send the line "unsubscribe linux-kernel" in ...
    (Linux-Kernel)
  • Re: memory leak (definition?)
    ... malloc *requires* a correct declaration in scope because it does not return an int, which is what the compiler will assume. ... On some systems ints and pointers are returned in different registers and in others int is smaller than a pointer, so it is not just a theoretical possibility for it to go wrong without the declaration, but a very real situation on modern hardware. ... I am using a 3rd party kernel module that I really do not trust, and it exhibits strange behavior when I use their free functions. ... Rather than trying to figure out the proper usage of their library ...
    (comp.lang.c)
  • kernel module programming
    ... I'm trying to write a kernel module to basically just print out data ... structures of various syscall messages, but now it seems that I am ... I'm trying to do a proper scan of the getdirentries syscall ... static int hide_file_check ...
    (comp.unix.bsd.freebsd.misc)
  • kernel module programming
    ... I'm trying to write a kernel module to basically just print out data ... structures of various syscall messages, but now it seems that I am ... I'm trying to do a proper scan of the getdirentries syscall ... static int hide_file_check ...
    (comp.unix.programmer)