diff --git a/README.md b/README.md index d2da249..f8559eb 100644 --- a/README.md +++ b/README.md @@ -3,11 +3,27 @@ The process of [kernel modules compilation](https://www.kernel.org/doc/html/v5.6 > But what to do if, for the variety of reasons, for the kernel you are interest in, headers are unavailable? -This article focuses on Android, but most of information and techniques discussed here can be easily applied to generic Linux kernel as well. +The code in this repo focuses on Android, but most of the information and techniques discussed here can be easily applied to the generic Linux kernel as well. # ELF symbols stealing -The main idea, is to use Android NDK to compile generic Linux kernel module. And embed it with ELF symbols collected from some existing kernel module (see `/vendor/lib/modules/*.ko`). In such a way, that the loader would be able to recognise and resolve all necessary dependencies and definitions. +The main idea, is to use Android NDK to compile generic Linux kernel module. And embed it with ELF symbols collected from some existing kernel module (see `/vendor/lib/modules/*.ko`). In such a way, that the LKM loader would be able to recognise and resolve all necessary dependencies and definitions. + +## PLT section + +This part is pretty straight forward, we simply have to define a few ELF symbols, that Android LKM is expecting to find within *normal* module. We are going to really on [compiler keyword](https://gcc.gnu.org/onlinedocs/gcc-4.1.2/gcc/Variable-Attributes.html) `__attribute__` for this. + +```c +// insmod error: module PLT section(s) missing +__attribute__((section(".plt"))) +char plt = 0; + +__attribute__((section(".init.plt"))) +char initplt = 0; + +__attribute__((section(".text.ftrace_trampoline"))) +char textftrace_trampoline = 0; // TODO: probably an overkill +``` ## .modinfo @@ -73,7 +89,6 @@ readelf -a $KMODULE -W 0000000000000310 000006ee00000101 R_AARCH64_ABS64 0000000000000000 cleanup_module + 0 ``` - ## \_\_versions In its essence is a byte-array for declaring external dependencies required by the module: diff --git a/bmod.c b/bmod.c index 0e3428c..286799a 100644 --- a/bmod.c +++ b/bmod.c @@ -11,7 +11,7 @@ __attribute__((section(".init.plt"))) char initplt = 0; __attribute__((section(".text.ftrace_trampoline"))) -char textftrace_trampoline = 0; // TODO: probably irrelevant +char textftrace_trampoline = 0; // TODO: probably an overkill /************************/