linux用户空间地址,Linux用户空间获取系统调用表地址

一、代码及实现

(一)用户空间源代码

#include

#include

#include

#include

#include

#include

#include

#include

#include

#define CALLOFF 100 //读取100字节

struct {

unsigned short limit;

unsigned int base;

} __attribute__ ((packed)) idtr;  //这个结构示意

IDTR寄存器，这个寄存器中保存中断描述符表 的地址

struct {

unsigned short off1;

unsigned short sel;

unsigned char none,flags;

unsigned short off2;

} __attribute__ ((packed)) idt;  //中断描述符表中的内容：中断门描述符

unsigned int old_readkmem (int fd, void * buf,size_t off,unsigned int size) //用read方式读取kmem中必须

长度内容

{

if (lseek64(fd, (unsigned long long)off,SEEK_SET)!=off)

{

perror("fd lseek error");

return 0;

}

if (read(fd, buf,size)!=size)

{

perror("fd read error");

return 0;

}

}

unsigned long readkmem (int fd, void * buf, size_t off, unsigned int size)//用mmap方式从kmem中读取必须

长度内容

{

size_t  moff, roff;

size_t   sz = getpagesize();

char * kmap;