Hello everyone,
This is my first message to the KernelNewbies mailing list, so please
correct me if I'm not asking my question the right way.
What I actually want to do is to somehow intercept an internal kernel
function. The only way that seemed possible from my research was the
"classic" function injection technique (similar to the ones mentioned in the
old Phrack 59 and 61) by finding the function's address (e.g. through
/proc/kallsyms), overriding the first instructions with a jmp to my own
function (and optionally calling the original function by the same or other
tricks). This method works just fine for sys_* system call functions without
any problem. But when I try the same method for a function like printk , the
kernel crashes while my overridden function gets called. I'm sure my
overridden function is called as I can use the original prink in it. I have
. I have also changed the function with a one without any instructions in
the body and still THE SAME thing happens!
