modules "gsch and redirfs" causing frequent kernel panic --Trend Deep Security Agent(TrendMicro)

最新推荐文章于 2024-06-17 10:26:55 发布
最新推荐文章于 2024-06-17 10:26:55 发布
阅读量4k 收藏 1
点赞数
分类专栏: Linux
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/vic_qxz/article/details/99850654
版权

gsch和redirfs模块导致系统hang或者重启 。crash  、kernel panic

报错信息:

1、

Jun 19 09:44:34 7eb106 kernel: redirfs: loading out-of-tree module taints kernel.
Jun 19 09:44:34 7eb106 kernel: redirfs: module verification failed: signature and/or required key missing - tainting kernel
Jun 19 09:44:34 7eb106 kernel: Redirecting File System Framework Version 0.10 <www.redirfs.org> with TrendMicro Patch 9.6.2.8793
Jun 19 09:44:34 7eb106 kernel: register_chrdev() done: 242
Jun 19 09:44:34 7eb106 kernel: gsch: loading vfs-filter 9.6.2.8793: OK
Jun 19 09:44:34 7eb106 kernel: gsch_dev_open() doing
Jun 19 09:44:34 7eb106 kernel: gsch_dev_open() done: pid:4574(ds_am)
Jun 19 09:44:34 7eb106 kernel: cannot uninstall hooks if location of sys_call_table is unknown
Jun 19 09:44:34 7eb106 kernel: gsch_remove_hooks(&gsch_hooks, &orig_hooks) done: -22
Jun 19 09:44:35 7eb106 kernel: lookup sys_call_table yields ffffffffb6e03300
Jun 19 09:44:35 7eb106 kernel: lookup sys_execve yields ffffffffb6824340
Jun 19 09:44:35 7eb106 kernel: lookup do_execve yields ffffffffb68240d0
Jun 19 09:44:35 7eb106 kernel: lookup ia32_sys_call_table yields ffffffffb6e0a880
Jun 19 09:44:35 7eb106 kernel: running: awk '/[0-9a-f]+ [RTrt] compat_do_execve$/ { print "0x" $1 >"/proc/driver/gsch/syshook/addr_compat_do_execve" ; exit }' /boot/System.map-3.10.0-862.9.1.el7.x86_64 doing
Jun 19 09:44:35 7eb106 kernel: running: awk '/[0-9a-f]+ [RTrt] compat_do_execve$/ { print "0x" $1 >"/proc/driver/gsch/syshook/addr_compat_do_execve" ; exit }' /boot/System.map-3.10.0-862.9.1.el7.x86_64 done(0)
Jun 19 09:44:35 7eb106 kernel: lookup compat_do_execve yields 0
Jun 19 09:44:35 7eb106 kernel: lookup int_ret_from_sys_call yields ffffffffb6d20a35
Jun 19 09:44:35 7eb106 kernel: lookup getname yields ffffffffb682cea0
Jun 19 09:44:35 7eb106 kernel: lookup putname yields ffffffffb682cca0
Jun 19 09:44:35 7eb106 kernel: hooking open NR=2 ... ffffffffb681a430 -> ffffffffc0946ab0
Jun 19 09:44:35 7eb106 kernel: hooking close NR=3 ... ffffffffb681a490 -> ffffffffc09458c0
Jun 19 09:44:35 7eb106 kernel: hooking exit NR=60 ... ffffffffb66986b0 -> ffffffffc09449a0
Jun 19 09:44:35 7eb106 kernel: hooking getpgid NR=121 ... ffffffffb66ae1f0 -> ffffffffc0944940
Jun 19 09:44:35 7eb106 kernel: hooking unlink NR=87 ... ffffffffb682e570 -> ffffffffc0944fb0
Jun 19 09:44:35 7eb106 kernel: hooking unlinkat NR=263 ... ffffffffb682e530 -> ffffffffc0945250
Jun 19 09:44:35 7eb106 kernel: hooking write NR=1 ... ffffffffb681c240 -> ffffffffc0944cf0
Jun 19 09:44:35 7eb106 kernel: hooking pwrite64 NR=18 ... ffffffffb681c3f0 -> ffffffffc0944dd0
Jun 19 09:44:35 7eb106 kernel: hooking writev NR=20 ... ffffffffb681ca00 -> ffffffffc0944ec0
Jun 19 09:44:35 7eb106 kernel: hooking dup2 NR=33 ... ffffffffb683bb20 -> ffffffffc0945aa0
Jun 19 09:44:35 7eb106 kernel: hooking mount NR=165 ... ffffffffb6840890 -> ffffffffc0946d30
Jun 19 09:44:35 7eb106 kernel: hooking umount NR=166 ... ffffffffb683e8a0 -> ffffffffc0946200
Jun 19 09:44:35 7eb106 kernel: hooking exit_group NR=231 ... ffffffffb6698770 -> ffffffffc0944a20
Jun 19 09:44:35 7eb106 kernel: hooking stub NR=59 @ ffffffffb6d20cd0 ... ffffffffb6824340 (-5229016) -> ffffffffc0946920 (163732488)
Jun 19 09:44:35 7eb106 kernel: gsch_install_hooks(&gsch_hooks, &orig_hooks) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt: loaded
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/dev @ Unknown[1021994(devtmpfs)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/dev/shm @ Unknown[1021994(tmpfs)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/run @ Unknown[1021994(tmpfs)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/sys/fs/cgroup @ Unknown[1021994(tmpfs)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/sys/fs/pstore @ Unknown[6165676c(pstore)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/sys/kernel/config @ Unknown[62656570(configfs)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/ @ Unknown[58465342(xfs)]) done: 0
Jun 19 09:44:35 7eb106 kernel: gsch_flt_add_mnt(/dev/hugepages @ Unknown[958458f6(hugetlbfs)]) done: 0

 

2、

May 31 09:35:01 hostnametest1 kernel: Redirecting File System Framework Version 0.10 <www.redirfs.org> with TrendMicro Patch 9.6.2.8760
May 31 09:35:01 hostnametest1 kernel: register_chrdev() done: 252
May 31 09:35:01 hostnametest1 kernel: gsch: loading vfs-filter 9.6.2.8760: OK
May 31 09:35:01 hostnametest1 kernel: gsch_dev_open() doing
May 31 09:35:01 hostnametest1 kernel: gsch_dev_open() done: pid:5135(ds_am)
May 31 09:35:01 hostnametest1 kernel: cannot uninstall hooks if location of sys_call_table is unknown
May 31 09:35:01 hostnametest1 kernel: gsch_remove_hooks(&gsch_hooks, &orig_hooks) done: -22
May 31 09:35:01 hostnametest1 kernel: lookup sys_call_table yields ffffffff8028ff40
May 31 09:35:01 hostnametest1 kernel: lookup sys_execve yields ffffffff80054c99
May 31 09:35:01 hostnametest1 kernel: lookup do_execve yields ffffffff8003eadd
May 31 09:35:02 hostnametest1 kernel: lookup ia32_sys_call_table yields ffffffff80291280
May 31 09:35:02 hostnametest1 kernel: lookup compat_do_execve yields ffffffff800fead2
May 31 09:35:02 hostnametest1 kernel: lookup int_ret_from_sys_call yields ffffffff8005d298
May 31 09:35:02 hostnametest1 kernel: hooking open NR=2 ... ffffffff8003140a -> ffffffff886640e2
May 31 09:35:02 hostnametest1 kernel: hooking close NR=3 ... ffffffff8001e189 -> ffffffff886651a5
May 31 09:35:02 hostnametest1 kernel: hooking exit NR=60 ... ffffffff80094f6b -> ffffffff88663e3e
May 31 09:35:02 hostnametest1 kernel: hooking getpgid NR=121 ... ffffffff8009e48e -> ffffffff8866432e
May 31 09:35:02 hostnametest1 kernel: hooking unlink NR=87 ... ffffffff800eb3d2 -> ffffffff886643a9
May 31 09:35:02 hostnametest1 kernel: hooking unlinkat NR=263 ... ffffffff800eb4bd -> ffffffff886645d5
May 31 09:35:02 hostnametest1 kernel: hooking write NR=1 ... ffffffff80017416 -> ffffffff88665391
May 31 09:35:02 hostnametest1 kernel: hooking pwrite64 NR=18 ... ffffffff80043c10 -> ffffffff88665488
May 31 09:35:02 hostnametest1 kernel: hooking writev NR=20 ... ffffffff800e34cb -> ffffffff88665589
May 31 09:35:02 hostnametest1 kernel: hooking dup2 NR=33 ... ffffffff800470c1 -> ffffffff88664826
May 31 09:35:02 hostnametest1 kernel: hooking mount NR=165 ... ffffffff8004c055 -> ffffffff88664a05
May 31 09:35:02 hostnametest1 kernel: hooking umount NR=166 ... ffffffff800f0bc1 -> ffffffff88664fdc
May 31 09:35:02 hostnametest1 kernel: hooking exit_group NR=231 ... ffffffff8004c8ff -> ffffffff88663eb6
May 31 09:35:02 hostnametest1 kernel: hooking stub NR=59 @ ffffffff8005d46c ... ffffffff80054c99 (-34874) -> ffffffff886641cf (140537084)
May 31 09:35:02 hostnametest1 kernel: gsch_install_hooks(&gsch_hooks, &orig_hooks) done: 0
May 31 09:35:02 hostnametest1 kernel: gsch_flt: loaded
May 31 09:35:02 hostnametest1 kernel: load_proc_mounts() failed: vfs_read() = -22
May 31 09:35:03 hostnametest1 xinetd[5298]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
May 31 09:35:03 hostnametest1 xinetd[5298]: Started working: 1 available service
May 31 10:04:39 hostnametest1 ntpdate[5311]: step time server 10.138.92.77 offset 1775.127678 sec
May 31 10:04:39 hostnametest1 ntpd[5313]: ntpd 4.2.2p1@1.1570-o Mon May 30 15:43:16 UTC 2011 (1)
May 31 10:04:39 hostnametest1 ntpd[5314]: precision = 1.000 usec
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface wildcard, 0.0.0.0#123 Disabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface wildcard, ::#123 Disabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface lo, ::1#123 Enabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface eth3, fe80::2a80:23ff:fea2:438b#123 Enabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface bond0, fe80::2a80:23ff:fea2:4388#123 Enabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface lo, 127.0.0.1#123 Enabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface eth3, 172.24.178.114#123 Enabled
May 31 10:04:39 hostnametest1 ntpd[5314]: Listening on interface bond0, 10.138.26.48#123 Enabled
May 31 10:04:39 hostnametest1 ntpd[5314]: kernel time sync status 0040
May 31 10:04:39 hostnametest1 ntpd[5314]: frequency initialized 16.302 PPM from /var/lib/ntp/drift
May 31 10:04:39 hostnametest1 gpm[5335]: *** info [startup.c(95)]: 
May 31 10:04:39 hostnametest1 gpm[5335]: Started gpm successfully. Entered daemon mode.
May 31 10:04:41 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53840323,1,0) - interrupted & wait(1000)
May 31 10:04:41 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53840323,1,0) - interrupted & wait: done
May 31 10:04:42 hostnametest1 kernel: [5398(rotatelogs)]: gsch_scan(19825259,1,0) - interrupted & wait(1000)
May 31 10:04:42 hostnametest1 kernel: [5398(rotatelogs)]: gsch_scan(19825259,1,0) - interrupted & wait: done
May 31 10:04:42 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53840319,1,0) - interrupted & wait(1000)
May 31 10:04:42 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53840319,1,0) - interrupted & wait: done
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903844,1,0) - interrupted & wait(1000)
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903844,1,0) - interrupted & wait: done
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903840,1,0) - interrupted & wait(1000)
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903840,1,0) - interrupted & wait: done
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903847,1,0) - interrupted & wait(1000)
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903847,1,0) - interrupted & wait: done
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903848,1,0) - interrupted & wait(1000)
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53903848,1,0) - interrupted & wait: done
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53840324,1,0) - interrupted & wait(1000)
May 31 10:04:43 hostnametest1 kernel: [5100(PatrolAgent)]: gsch_scan(53840324,1,0) - interrupted & wait: done
May 31 10:04:48 hostnametest1 avahi-daemon[5749]: Found user 'avahi' (UID 70) and group 'avahi' (GID 70).

 

3、

Feb  4 07:46:38 hostnametest2 kernel: Redirecting File System Framework Version 0.10 <www.redirfs.org> with TrendMicro Patch 9.6.2.8760
Feb  4 07:46:38 hostnametest2 kernel: register_chrdev() done: 252
Feb  4 07:46:38 hostnametest2 kernel: gsch: loading vfs-filter 9.6.2.8760: OK
Feb  4 07:46:38 hostnametest2 kernel: gsch_dev_open() doing
Feb  4 07:46:38 hostnametest2 kernel: gsch_dev_open() done: pid:5133(ds_am)
Feb  4 07:46:38 hostnametest2 kernel: cannot uninstall hooks if location of sys_call_table is unknown
Feb  4 07:46:38 hostnametest2 kernel: gsch_remove_hooks(&gsch_hooks, &orig_hooks) done: -22
Feb  4 07:46:38 hostnametest2 kernel: lookup sys_call_table yields ffffffff8028ff40
Feb  4 07:46:38 hostnametest2 kernel: lookup sys_execve yields ffffffff80054c99
Feb  4 07:46:38 hostnametest2 kernel: lookup do_execve yields ffffffff8003eadd
Feb  4 07:46:38 hostnametest2 kernel: lookup ia32_sys_call_table yields ffffffff80291280
Feb  4 07:46:38 hostnametest2 kernel: lookup compat_do_execve yields ffffffff800fead2
Feb  4 07:46:38 hostnametest2 kernel: lookup int_ret_from_sys_call yields ffffffff8005d298
Feb  4 07:46:38 hostnametest2 kernel: hooking open NR=2 ... ffffffff8003140a -> ffffffff886660e2
Feb  4 07:46:38 hostnametest2 kernel: hooking close NR=3 ... ffffffff8001e189 -> ffffffff886671a5
Feb  4 07:46:38 hostnametest2 kernel: hooking exit NR=60 ... ffffffff80094f6b -> ffffffff88665e3e
Feb  4 07:46:38 hostnametest2 kernel: hooking getpgid NR=121 ... ffffffff8009e48e -> ffffffff8866632e
Feb  4 07:46:38 hostnametest2 kernel: hooking unlink NR=87 ... ffffffff800eb3d2 -> ffffffff886663a9
Feb  4 07:46:38 hostnametest2 kernel: hooking unlinkat NR=263 ... ffffffff800eb4bd -> ffffffff886665d5
Feb  4 07:46:38 hostnametest2 kernel: hooking write NR=1 ... ffffffff80017416 -> ffffffff88667391
Feb  4 07:46:38 hostnametest2 kernel: hooking pwrite64 NR=18 ... ffffffff80043c10 -> ffffffff88667488
Feb  4 07:46:38 hostnametest2 kernel: hooking writev NR=20 ... ffffffff800e34cb -> ffffffff88667589
Feb  4 07:46:38 hostnametest2 kernel: hooking dup2 NR=33 ... ffffffff800470c1 -> ffffffff88666826
Feb  4 07:46:38 hostnametest2 kernel: hooking mount NR=165 ... ffffffff8004c055 -> ffffffff88666a05
Feb  4 07:46:38 hostnametest2 kernel: hooking umount NR=166 ... ffffffff800f0bc1 -> ffffffff88666fdc
Feb  4 07:46:38 hostnametest2 kernel: hooking exit_group NR=231 ... ffffffff8004c8ff -> ffffffff88665eb6
Feb  4 07:46:38 hostnametest2 kernel: hooking stub NR=59 @ ffffffff8005d46c ... ffffffff80054c99 (-34874) -> ffffffff886661cf (140545276)
Feb  4 07:46:38 hostnametest2 kernel: gsch_install_hooks(&gsch_hooks, &orig_hooks) done: 0
Feb  4 07:46:38 hostnametest2 kernel: gsch_flt: loaded
Feb  4 07:46:38 hostnametest2 kernel: load_proc_mounts() failed: vfs_read() = -22
Feb  4 07:46:40 hostnametest2 xinetd[5296]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
Feb  4 07:46:40 hostnametest2 xinetd[5296]: Started working: 1 available service
Feb  4 08:12:27 hostnametest2 ntpdate[5309]: step time server 10.135.8.100 offset 1546.741556 sec
Feb  4 08:12:27 hostnametest2 ntpd[5311]: ntpd 4.2.2p1@1.1570-o Mon May 30 15:43:16 UTC 2011 (1)
Feb  4 08:12:27 hostnametest2 ntpd[5312]: precision = 1.000 usec
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface wildcard, 0.0.0.0#123 Disabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface wildcard, ::#123 Disabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface lo, ::1#123 Enabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface eth3, fe80::2a80:23ff:fea2:438b#123 Enabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface bond0, fe80::2a80:23ff:fea2:4388#123 Enabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface lo, 127.0.0.1#123 Enabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface eth3, 172.24.178.114#123 Enabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: Listening on interface bond0, 10.138.26.48#123 Enabled
Feb  4 08:12:27 hostnametest2 ntpd[5312]: kernel time sync status 0040
Feb  4 08:12:27 hostnametest2 ntpd[5312]: frequency initialized 13.965 PPM from /var/lib/ntp/drift
Feb  4 08:12:27 hostnametest2 gpm[5333]: *** info [startup.c(95)]: 
Feb  4 08:12:27 hostnametest2 gpm[5333]: Started gpm successfully. Entered daemon mode.
Feb  4 08:12:29 hostnametest2 kernel: [5394(rotatelogs)]: gsch_scan(19825259,1,0) - interrupted & wait(1000)
Feb  4 08:12:29 hostnametest2 kernel: [5394(rotatelogs)]: gsch_scan(19825259,1,0) - interrupted & wait: done
Feb  4 08:12:37 hostnametest2 avahi-daemon[5562]: Found user 'avahi' (UID 70) and group 'avahi' (GID 70).
Feb  4 08:12:37 hostnametest2 avahi-daemon[5562]: Successfully dropped root privileges.
Feb  4 08:12:37 hostnametest2 avahi-daemon[5562]: avahi-daemon 0.6.16 starting up.
Feb  4 08:12:37 hostnametest2 avahi-daemon[5562]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Feb  4 08:12:37 hostnametest2 avahi-daemon[5562]: Successfully called chroot().
Feb  4 08:12:37 hostnametest2 avahi-daemon[5562]: Successfully dropped remaining capabilities.

 

 

redhat官方文档:

https://access.redhat.com/solutions/1376133

https://access.redhat.com/solutions/3227401

https://access.redhat.com/solutions/1443703

一篇网友的文章

https://unix.stackexchange.com/questions/292894/i-would-like-to-unload-kernel-modules-that-show-as-busy

victoruu
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
SLUB: Unable to allocate memory on node -1
chuxiong5717的博客
06-24 1817
kernel: redirfs: loading out-of-tree module taints kernel. kernel: redirfs: module verification failed: signature and/or required key missing - tai...
Gramschmidt 矩阵:矩阵 a 将被转换为具有正交向量的矩阵。-matlab开发
05-30
示例 g = gsch(a) a := 是一个矩阵gramch(a) 创建 Gramschmidt 矩阵。 列是单位向量。 它使用两个子程序 proj.m 和 projv.m。 它们生成投影矩阵和投影向量分别
gschredirfs模块导致系统hang或者重启 。
砚墨
03-31 853
Gluster配置信息被删除,但数据仍保留的话,可以通过创建新卷,正确迁移数据,可以恢复gluster卷和数据。一些命令只需要在Gluster集群中任意一个节点执行一次即可,比如“gluster volume create”,而例如“gluster peerstatus ”命令可以在每个节点独立多次执行。如果发现由Gluster引起的问题,可以提交Bug和patch,并可以社区和邮件列表中讨论,以帮助改善Gluster系统。复制卷会自动进行数据同步和修复,这个在同步访问数据时触发,也可以手动触发。
如何激活 Trend Micro Deep Security Agent
weixin_34370347的博客
10-20 520
Deep Security 即服务包括反恶意软件保护、防火墙、入侵防御系统和完整性监视。Trend Micro Deep Security Agent (DSA) 可以配合 Deep Security Manager 工作,也可以使用 Trend Micro Deep Security 即服务。前一种方式由于配置和维护成本较高,我们推荐使用 Trend Micro Deep Security 即服...
趋势Deep Security(Trend Micro Deep Security)安装
最新发布
weixin_45945976的博客
06-17 243
Trend Micro Deep Security是一个提供深度包检查、入侵防御、恶意软件保护以及其他多层安全措施的综合性安全解决方案。由趋势科技(Trend Micro)开发,这个解决方案旨在为物理、虚拟、云环境中的服务器和应用提供保护。
趋势安全软件卸载:如何不需要密码或忘记密码卸载Trend Micro OfficeScan Agent
ChuaWi98的博客
07-11 7049
不需要密码或忘记密码如何卸载趋势安全软件Trend Micro OfficeScan Agent
趋势科技 redirfs模块的一个小问题
weixin_34292402的博客
06-11 880
最近看的一个问题,消息队列可以创建,但是不能获取属性,也不能发消息,返回错误为:EBADF Bad file descriptor 经过打点,确认走入了这个流程: SYSCALL_DEFINE3(mq_getsetattr, mqd_t, mqdes, const struct mq_attr __user *, u_mqstat, struct mq_...
文件防火墙redirfs
inquisiter
07-12 852
概述 文件防火墙可以用来过滤文件操作,包括不限于open read write close等操作,相对于lsm syshook inline hook劫持形成的防火墙稳定性和能力都更为强大,虽然目前驱动好像卸载存在一定问题,但对于文件的操作具有强大的过滤能力。 核心原理 既然要过滤文件行为,肯定少不了函数劫持。redirfs 采用对于 vfs 和真实文件系统之间嵌入驱动redirfs的方式。简单讲struct inode 、struct dentry、struct file都属于vfs层面的概念,都具有各中
KENWOOD 车台电路图tk-768gsch.zip
01-06
本文将围绕"KENWOOD 车台电路图tk-768gsch.zip"中的"TK-768G.tif"文件,深入解析TK-768的电路原理,并提供一些常见的维修技巧。 首先,电路图是理解设备工作原理的关键。TK-768G.tif文件包含了建伍TK-768的详细电路...
亚信安全学习文档手册.pdf
10-20
10.判断信舱是否支持用户环境的Linux内核可以使用lsmod |grep gsch查看内核与支持列表对比。 11.进行ksp的主要目的是为了维护Linux内核。 12.关于有代理与无代理技术,以下描述错误的是数据中心的虚拟化主机业务...
数据汇交软件
01-17
先进入省测绘局网站(www.gsch.gov.com),在测绘成果一栏中下载”甘肃省测绘成果目录汇交系统”,解压下载后的压缩文件,双击Setup.exe文件,如图3-1所示: (图3-1) 注意:如果要安装系统的电脑上没有安装...
nfs文件系统rpm包
03-16
glibc-2.17-222.el7.x86_64 keyutils-1.5.8-3.el7.x86_64 libevent-2.0.21-4.el7.i686 libevent-2.0.21-4.el7.x86_64 libgssglue-0.4-2.el7.nux.x86_64 libtirpc-0.2.4-0.10.el7.x86_64 net-tools-2.0-0.22.20131004git.el7.x86_64 nfs-utils-1.3.0-0.54.el7.x86_64 nfs-utils-lib-1.1.5-13.el6.i686 rpcbind-0.2.0-44.el7.
PADs部分元件库.rar
04-12
3. **符号文件(Symbols)**:例如,.gsch文件,这些是元件的电气连接图,展示了元件的引脚布局和连接方式。 4. **分类目录文件(Library Index)**:例如,.idx文件,用于组织和索引元件库,方便用户查找特定元件。...
redirfs 的机制
zhangnn5的专栏
09-23 3682
http://www.redirfs.org/ 上面的链接是redirfs项目的主页...这个东西就是一个内核模块以及一些其他的用户空间工具组件.....   redirfs...名字上就能看出来..意思是重定向文件系统...  http://www.redirfs.or
linux内核态hook模块
faxiang1230的专栏
12-03 3732
linux内核支持动态加载module,今天不聊正常的module,只简单看一下实现Hook的module. hook通常翻译做劫持,不过这个翻译听起来让人不舒服,感觉有点恐怖,所以大家都是喊行话:hook. 上图是经典的堆栈式hook,也是splice典型的做法,在原有的流程中插入hook,更加典型的做法是栈在调用过程中从funcA->funcB变成了funcA->hook-&gt...
Connections are not allowed to own the service
09-17 2513
I built a root filesystem on arm. It should run dbus-daemon and avahi-daemon, but when I try to run avahi-daemon $ dbus-daemon --system $ avahi-daemon I get this message: Found user 'avahi' (UID...
linux驱动没活干_linux驱动 第一个驱动
weixin_31951365的博客
01-27 87
首先引用一篇文章 http://blog.csdn.net/zqixiao_09/article/details/508380431.我先写好一个驱动hello.c#include #includeMODULE_LICENSE("Dual BSD/GPL");/*加载模块时调用的函数*/static int hello_init(void){printk(KERN_ALERT"world\n");...
模块加载过程代码分析2
shujuliu818的专栏
10-31 1051
一、前言 对于现在编译的一些module要insmod在系统上时,可能会报各种各样的错误。这些错误仔细研读内核源码,都能找出原因。2.6 内核以前的insmod部分主要依赖于modutils源码包,在用户层基本将工作完成,加载过程参考前一篇文章。2.6 内核以后的做法是将大部分的原来用户级操作纳入内核中来处理,无论是逻辑上还是代码量上都比原来减少了许多,通过busybox中的insmod命令与内
linux hook方法整理
jinking01的专栏
09-06 1529
linux上使用hook的方法总结
eeschema-to-geda
06-16
gEDA 是一套开源的电路设计工具,支持多种电路设计文件格式,如:gsch2pcb、gschem、pcb等。通过使用 “eeschema-to-geda” 工具,可以将 KiCad 的电路设计文件转换为 gEDA 工具套件支持的格式,以便在 gEDA 工具套...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

victoruu

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值