Re: [LI] Hiding LKM's -- Beta-test

[Arun Sharma <adsharma@xxxxxxxxxxxxxxx>]

On Tue, Jan 18, 2000 at 10:41:52AM +0530, Vimal Mathew wrote:
> On Mon, Jan 17, 2000 at 01:25:47PM -0800, Arun Sharma wrote:
> > >     register struct module *mp asm("%ebx");
> > 
> > This method is too x86 specific. You may be able to do this in a
> > arch independent way. Read the system call calling conventions in
> > glibc sources.
> 
>	Unfortunately, I dont have the glibc sources. And, I am not too
>	sure why the module address should end up in my EBX { the kernel
>	calls my init_module byan "if (mod->init && mod->init() != 0)"
>	}. Could you please explain the arch. independant method?

Here's a comment from glibc sources:

/* Linux takes system call arguments in registers:

        syscall number  %eax         call-clobbered
        arg 1           %ebx         call-saved
        arg 2           %ecx         call-clobbered
        arg 3           %edx         call-clobbered
        arg 4           %esi         call-saved
        arg 5           %edi         call-saved

   The stack layout upon entering the function is:

        20(%esp)        Arg# 5
        16(%esp)        Arg# 4
        12(%esp)        Arg# 3
         8(%esp)        Arg# 2
         4(%esp)        Arg# 1
          (%esp)        Return address

<snip>

*/

In other words, you just want to grab the first argument to the system
call.

	-Arun

--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.