写本篇博客的意思仍然是想要获得指定进程的所有打开文件路径,但是与之前的方式并不相同,
1、获得指定进程的task_struct
2.获得内存描述符mm_struct获得线性区,根据线性区的vm_file确定该线性区指向的是文件内存
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/stat.h>
#include <linux/fs.h>
#include<linux/sched.h>
#include<linux/dcache.h>
#include<linux/fdtable.h>
#include<linux/string.h>
#include <linux/fcntl.h>//for O_RDONLY
#include <linux/uaccess.h>//for get_fs
#include <linux/limits.h>//for PATH_MAX
#include <linux/mm.h>
#include <linux/slab.h>
MODULE_LICENSE("GPL");
extern char *d_path(const struct path *, char *, int);
static int hello_init(void)
{
printk(KERN_ALERT "My Kernel Begin\n");
if(NULL==current)
{
printk(KERN_ALERT "get current failed \n");
return 0;
}
printk(KERN_ALERT "get current successfully \n");
struct task_struct *task;
struct list_head *list;
int count=0;
for(list=(&(current->tasks))->next; list!=¤t->tasks; list=list->next, count++)
{
count++;
task=list_entry(list, struct task_struct, tasks);
if(strcasecmp(task->comm,"gedit")==0)
{
task_lock(task);
char * tpath = NULL;
char* ret_ptr=NULL;
tpath=(char*)kmalloc(512,0);
memset(tpath,0,512);
if(tpath==NULL)
return 0;
struct vm_area_struct * vma = NULL;
struct path base_path;
printk(KERN_ALERT "%d : Thread name: %s, pid=%d", count, task->comm, task->pid);
if(task->mm&&task->mm->mmap)
{
vma=task->mm->mmap;
while(vma)
{
if((vma->vm_file))
{
base_path=vma->vm_file->f_path;
ret_ptr = d_path(&base_path, tpath, 512);
printk(KERN_ALERT "the file Name is :%s\n",ret_ptr);
memset(tpath,0,512);
}
vma=vma->vm_next;
}
task_unlock(task);
kfree(tpath);
}
else
{
task_unlock(task);
kfree(tpath);
return 0;
}
}
}
return 0;
}
static void hello_exit(void)
{
printk(KERN_ALERT "Goodbye,Cruel world\n");
}
module_init(hello_init);
module_exit(hello_exit);
Makefile与上一篇一致
总结:
笔者使用的环境是Ubuntu 想要gedit进程打开的文件,可是发现通过这两种方式,均未能获得gedit打开的*.c文件,至今迷茫中。路过大神请指教....
894
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
