OK, So I am programming this for a HW assignment but could either use some help or insight. I know I've read everywhere that you shouldnt open files in modules but its our assignment...
Anyway my module code is here:
http://pastebin.com/LU8hWraL
and my user level code is here:
http://pastebin.com/RC0Zk1kQ
Ok, my issue is that sometimes it works, other times it doesnt... most of the time when it doesnt work, it catches in a loop on the kernel and I dont understand what is causing the issue and how I can resolve it. Any help on this situation would be incredibly appreciated, I just am getting frustrated having to constantly shut down and restart my VM.
Even if someone tells me how to find the error when my VM loops like that...?
First, you might want to use kernel_read() and don't do these things yourself.
There might be two issues here
you give &filpRead->f_pos as parameter to read and write, which is for kernel internal use.
when you encrypt or decrypt the data, you might not get the same amount of bytes you read. So writing the same amount of data as you read could be a problem too.
Take both with a grain of salt, since it's quite some time ago, since I've looked at kernel programming.
Related
I've been working on an app that sends keystrokes to mimic user actions. For this, I want to record my keystrokes. I looked around on the internet on how to go about such a task, and I found a program called Key Catcher. Because I'm worried of getting a malicious keylogger on my device I'm reading the source code first, and I found this line:
return, dllcall("psapi.dll\EmptyWorkingSet", "UInt", -1)
I didn't know what this command was and a google search gave internet forums warning not to use EmptWorkingSet yourself, but also examples of specific programs using this without problems. Could anyone explain how this should be used? or if this will give problems? or could someone give a better alternative?
PS: this command is used everytime a process finishes if that helps
The "EmptyWorkingSet" operation removes as many of the application's pages as possible from memory. It is often used mistakenly by people who think that having lots of free RAM is good.
It generally won't do very much harm. The pages can be loaded back into RAM fairly quickly if needed. But the only good it does is make the amount of free memory pages go up, which is actually slightly harmful.
It's basically neither here nor there. It's very bad to call it from a process that's performance critical because it will slow the process down. It's possibly useful to call it from a process that has accumulated a lot of cruft in RAM that doesn't need to be there. But the OS will already remove that stuff from RAM itself.
A little background, I'm a CMPE Student currently in an Operating Systems class. I have some basic knowledge of C coding but am more comfortable with C++ (taken about 3 semesters of that). Other than that, never had any other formal training in coding. Also, I've got a basic understanding of the linux environment.
I am working on a project that requires me and my team to code a linux kernel module that can do the following:
echoes data passed from user-level processes by printing the data received to the kernel log
is able to pass data from one user process to another.
must be possible to use the kernel module as an inter-process communication abstraction. module should provide for situations where a sender posts data to it but no receiver is waiting.module must cover the situation where a receiver asks for data but there is no data available.
module must cover the situation where a receiver asks for data but there is no data available.
must be a limit in the buffer capacity in your module.
Now I don't know how difficult this seems to those with a background in programming, but this seems like an impossibly complicated task for someone in my position.
Here's what I've done so far:
Coded, Compiled, Inserted, and Removed the basic "hello world" linux kernel module successfully
Read through about the first 4 or 5 chapters of The Linux Kernel Module Programming Guide
Read through a few stackoverflow posts, none of which seem to be able to direct me to where I need to go.
So finally here's my question: Can someone please point me in the direction that I need to go with this? I don't even know where to being to find commands to use for reading in user-level process data and I need somewhere to start me off. TLPD was great for insight on the topic but isn't helping me get to the point where I will have a workable project to turn in. In the past, I would learn off of reading source code and reverse engineering, is there anywhere I can find something like that? Any and all help is appreciated.
-Will
I've found that the Linux Kernel Module Programming Guide is a pretty good resource. From the sounds of it, something like a character device might work best for your purposes, but I'm not sure if you have other constraints.
Another direction I might consider (though this could be a bad path) is to look at examples in the Linux kernel for a kernel module that has similar functionality. I don't have a good example offhand, but perhaps look through /drivers/char/.
What you describe is pretty much the same as a pipe.
Read chapter three of Linux Device Drivers.
(But don't just copy the scull pipe example …)
I was wondering if there is any way of compiling a program (my own program, or an open source program), with which I can follow the flow of that program when I execute it. Ideally, I would like to output the specific methods which the program goes through when it executes. Each time it calls a specific method, I would like to output that it has done so, which I would like to save to a file for later analysis.
For example, I am trying to better understand the flow within KVM (an open source hypervisor) but there are obviously many lines of code, and would be impossible for me to know where the code goes unless I dedicated possibly weeks to finding out.
The code I am looking at is written mostly in C, but also uses other languages. Any ideas please?
KVM is a subsystem of Linux kernel, so you should use ftrace (http://lwn.net/Articles/322666/) for tracing kernel-space code.
This is not a homework problem, though it is a work problem. Where months ago, I would have just written up a specification and the boss would have contracted it out, money's tight. So I'm trying to do this myself.
I'm a weak C coder, and I'm lucky if gcc spits out something that will run without segfaulting, or sometimes anything at all. Still, I manage. Libftdi is built, I've carefuly perused both its example executables/code, and the documentation. But I'm still lost.
Does anyone know of a software project that makes use of its MPSEE mode, that's hooked into an SPI device? Is anyone here slick enough to provide an example? I could really use the help. I don't need this handed to me on a silver platter, but I'm having trouble even getting started. If I could even figure out how to initialize it and send a byte to the chip on the other side of the FTDI ic, I think I might manage to muddle my way through it.
Any help appreciated.
Flashrom can use FT2232 SPI mode: http://flashrom.org/Downloads
My friend said he thinks i may have made a mistake in my programme and wanted to see if i really did. He asked me to send him the binary opposed to the source. As i am new to this i am paranoid that he is doing someting to it? What can you do with the binary that would mean you wouldnt want the source?
thank
Black-box testing. Having the source may skew your view on how the program may be behaving.
Not much, at least not much by staring at it. But you can run it with a debugger attached, so you can set breakpoints, inspect memory areas, investigate crashes ...
However, the soure code remains the primary tool for debugging. The binary by itself is a bit useless for serious debugging (not for testing, you can greatly test software without having access to its source).
I guess if he wants to recompile your code on his machine he may want to be able to check that the binary he gets is the same as the one you get to eliminate compile options or library differences.
Now when I debug, I frequently want to see the assembly - maybe this is what he meant?
He can run it, test it, report any bugs he finds. Not much else, but that itself may be useful; people are notoriously bad at testing their own code, because they tend to believe that it is robust, and don't want to break it. An independent tester will see breaking it as a challenge. Their performance is based on the number of bugs they find; whereas your performance is based on how difficult you make that for them.
Perhaps he wanted to debug. Also, depending on how the compiler is invoked (for instance with -g for gcc) the binary might contain source code information still.