-
Notifications
You must be signed in to change notification settings - Fork 13
Expand file tree
/
Copy pathsyscall_hook.h
More file actions
45 lines (40 loc) · 991 Bytes
/
syscall_hook.h
File metadata and controls
45 lines (40 loc) · 991 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
/*
* syscall_hook.h
* Brandon Azad
*
* A system call hook allowing arbitrary kernel functions to be called with up to 5 arguments.
*/
#ifndef PHYSMEM__SYSCALL_HOOK_H_
#define PHYSMEM__SYSCALL_HOOK_H_
#include <stdint.h>
/*
* syscall_hook_install
*
* Description:
* Install a system call hook that allows us to call any function in the kernel with up to 5
* arguments. The syscall hook should be uninstalled as soon as it is no longer needed.
*
* Dependencies:
* kernel_init
* physmem_init
* probe_kernel_slide
*/
void syscall_hook_install(void);
/*
* syscall_hook_remove
*
* Description:
* Remove the system call hook. It is safe to call this function even when the syscall hook is
* not installed.
*/
void syscall_hook_remove(void);
/*
* kernel_call
*
* Description:
* Call the given kernel function with up to 5 arguments.
*/
uint64_t kernel_call(uint64_t func,
uint64_t arg1, uint64_t arg2, uint64_t arg3,
uint64_t arg4, uint64_t arg5);
#endif