Show module

这是madsys写的一个检查隐藏模块的工具，由于原始代码在我使用的服务器上有些问题，所以做了一个小的修改。

/*
* written by madsys
* support of BIGMEM added by grip2
*/

#define MODULE
#define __KERNEL__

#include

#ifdef CONFIG_SMP
#define __SMP__
#endif

#ifdef CONFIG_MODVERSIONS
#define MODVERSIONS
#include
#endif

#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include

#define PKMAP_BASE (0xfe000000UL)

int valid_addr(unsigned long address)
{
unsigned long page;

if (!address)
return 0;

page = ((unsigned long *) 0xc0101000)[address >> 22];
if (page & 1) {
page &= PAGE_MASK;
address &= 0x003ff000;
page =
((unsigned long *) __va(page))[address >> PAGE_SHIFT];

if (page)
return 1;
}

return 0;
}

static size_t sstrlen(const char *s, int maxlen)
{
const char *p = s;
int len = 0;

while (1) {
if (*p++ == 0)
return len;
len++;
if (len > maxlen)
break;
}

return -1;
}


ssize_t showmodule_read(struct file * unused_file, char *buffer,
size_t len, loff_t * off)
{

struct module *p;

printk("address %32s\t size\n", "module");

for (p = (struct module *) VMALLOC_START;
p <= (struct module *) (VMALLOC_END - PAGE_SIZE);
p = (struct module *) ((unsigned long) p + PAGE_SIZE)) {

if (valid_addr((unsigned long) p)
&& valid_addr((unsigned long) p->name)) {

if (*p->name >= 0x21 && *p->name <= 0x7e
&& (p->size < 1 << 20) /* never seen module over 1M */
&& sstrlen(p->name, PAGE_SIZE) > 0)
printk("0x%p%32s \tsize: %u\t(0x%x)\n", p, p->name,
p->size, p->size);
}

}

return 0;
}

static struct file_operations showmodules_ops = {

read:showmodule_read,

};



int init_module(int x)
{

struct proc_dir_entry *entry;

printk("VMALLOC_START: %08x\n", VMALLOC_START);
printk("VMALLOC_END: %08x\n", VMALLOC_END);

entry = create_proc_entry("showmodules", S_IRUSR, &proc_root);
entry->proc_fops = &showmodules_ops;

return 0;
}

void cleanup_module()
{
remove_proc_entry("showmodules", &proc_root);
}

MODULE_LICENSE("GPL");
MODULE_AUTHOR("madsys madsysercist.iscas.ac.cn");