Skip to content
/ linux-kernel-hook Public
forked from jha/linux-kernel-hook

A small kernel module that can hook arbitrary syscalls on x86_64

License

MIT license
0 stars 20 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

neuracr/linux-kernel-hook

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
arm
arm
 
 
x86_64
x86_64
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
load.sh
load.sh
 
 

Repository files navigation

Linux Kernel Hook

This is a fork from https://github.com/jha/linux-kernel-hook . I added an arm32 version of the module, as a personal curiosity.
There is one directory per architecture (x86_64 and arm32). At first I put macros everywhere to us the same sources for both arch but I finally find it more readable with a folder for each arch (even though it could be factorized).

Usage

cd <arch>
make
cd ..
./load.sh

The example hook for mkdir prints the argument of the created folder in the kernel logs.

To unload the module: rmmod lkh

About

A small kernel module that can hook arbitrary syscalls on x86_64

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 92.2%
  • Shell 4.5%
  • Makefile 3.3%