On Tue, Jan 8, 2013 at 9:28 AM, Peter Teoh <[email protected]> wrote:
> This article gave a very indepth coverage of the keyboard processing in > linux: > > http://www.phrack.com/issues.html?issue=59&id=14&mode=txt > > > http://www.gadgetweb.de/programming/39-how-to-building-your-own-kernel-space-keylogger.html > > Not sure about your architecture, but for my Lenovo laptop, when I do a > "cat /dev/input/by-path/platform-i8042-serio-0-event-kbd" and redirect to a > file, every single key input I entered is captured into the the file. > > Therefore, looking into the kernel source, we can infer the files > drivers/input/serio/i8042.c are responsible for the keyboard processing. > Of course, this file is compiled into the kernel, not as a kernel module. > So if u want to make any changes, instead of recompile the kernel and > rebooting, one way to do dynamically is called "inline hooking" - look > elsewhere for this method. It is explained in the following article: > > http://www.phrack.com/issues.html?issue=59&id=14&mode=txt > > but note the difference between the Phrack's interception and intercepting > the API inside the i8042.c: when you do a > "cat /dev/input/by-path/platform-i8042-serio-0-event-kbd" the keyboard > entry is always captured - irregardless of whichever windows/terminal you > are in. But the Phrack's method is cleaner - it is intercepting at the > tty (eg drivers/tty/n_tty.c:receive_buf() inside the kernel source) level - > so if you switch over to another window, the input got switch away - it is > thus targetted to only that TTY. > > And btw, USB keyboard's processing path is altogether different > again....another > > http://www.lrr.in.tum.de/Par/arch/usb/download/usbdoc/usbdoc-1.32.pdf > > and perhaps u can read here many good writeups: > > http://stackoverflow.com/search?q=usb+keyboard+kernel > > > On Fri1, Dec 14, 2012 at 3:46 PM, manty kuma <[email protected]> wrote: > >> Hi,11 >> >> >> I have written a small module that toggles the capslock LED. To >> demonstrate it i want to replace the Existing keyboard module with mine. I >> tried lsmod|grep "key" without any success. also checked /proc/modules. I >> couldnot find any clue regarding the name of the module i need to >> uninstall. So, How can i remove the existing keyboard module and insert >> mine? >> >> Regards, >> Manty >> >> >> >> _______________________________________________ >> Kernelnewbies mailing list >> [email protected] >> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies >> >> > > > -- > Regards, > Peter Teoh > > _______________________________________________ > Kernelnewbies mailing list > [email protected] > http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies > > Hi Manty You can share the interrupt from keyboard , in the code above you just need to change the number 10 for the number of your keyboard interrupt. You can find that number in cat /proc/interrupts CPU0 0: 178 XT-PIC-XT timer 1: 1301 XT-PIC-XT i8042 >>>> this is the old keyboard interrupt 2: 0 XT-PIC-XT cascade 5: 16528 XT-PIC-XT ahci, Intel 82801AA-ICH 8: 0 XT-PIC-XT rtc0 9: 2191 XT-PIC-XT acpi, vboxguest 10: 488 XT-PIC-XT eth0 11: 25 XT-PIC-XT ohci_hcd:usb1 12: 697 XT-PIC-XT i8042 14: 3186 XT-PIC-XT ata_piix 15: 0 XT-PIC-XT ata_piix #include <linux/kernel.h> #include <linux/module.h> #include <linux/interrupt.h> #include <linux/init.h> struct tasklet_struct task; unsigned long counter; irq_handler_t irq_handler (int irq, void *dev_id, struct pt_regs *regs) { counter++; printk ("Top Half ISR is being hit counter = %d !! \n",(int)counter); task.data = counter; tasklet_schedule(&task); return (irq_handler_t) IRQ_HANDLED; } void bottom_half(unsigned long data) { printk("Executing bottom half.. data = %d\n",(int)data+10); } static int init_intkey () { printk("Hi there !!!!\n"); tasklet_init(&task,&bottom_half,(unsigned long)&counter); request_irq (10,(irq_handler_t)irq_handler, IRQF_SHARED, "MyIrqHangingOfAtaDev", (void*)(irq_handler)); return 0; } static void exit_intkey(void) { free_irq(10,(void*)(irq_handler)); tasklet_kill(&task); printk("Sayonara\n"); } module_init(init_intkey); module_exit(exit_intkey); MODULE_LICENSE("GPL"); Hope it helps Regards
_______________________________________________ Kernelnewbies mailing list [email protected] http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
