{"id":4415,"date":"2014-03-24T19:31:43","date_gmt":"2014-03-24T11:31:43","guid":{"rendered":"http:\/\/edsionte.com\/techblog\/?p=4415"},"modified":"2014-03-27T11:01:21","modified_gmt":"2014-03-27T03:01:21","slug":"%e9%80%9a%e8%bf%87call_usermodehelper%e5%9c%a8%e5%86%85%e6%a0%b8%e6%80%81%e6%89%a7%e8%a1%8c%e7%94%a8%e6%88%b7%e7%a8%8b%e5%ba%8f","status":"publish","type":"post","link":"http:\/\/edsionte.com\/techblog\/archives\/4415","title":{"rendered":"\u901a\u8fc7call_usermodehelper()\u5728\u5185\u6838\u6001\u6267\u884c\u7528\u6237\u7a0b\u5e8f"},"content":{"rendered":"<h3>\u80cc\u666f<\/h3>\n<p>\u5982\u4f55\u5728Linux\u5185\u6838\u4e2d\u6267\u884c\u67d0\u4e9b\u7528\u6237\u6001\u7a0b\u5e8f\u6216\u7cfb\u7edf\u547d\u4ee4\uff1f\u5728\u7528\u6237\u6001\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7execve()\u5b9e\u73b0\uff1b\u5728\u5185\u6838\u6001\uff0c\u5219\u53ef\u4ee5\u901a\u8fc7call_usermodehelpere()\u5b9e\u73b0\u8be5\u529f\u80fd\u3002\u5982\u679c\u60a8\u67e5\u9605\u4e86call_usermodehelper()\u5185\u6838\u51fd\u6570\u7684\u6e90\u7801\u5b9e\u73b0\uff0c\u5c31\u53ef\u4ee5\u53d1\u73b0\u8be5\u51fd\u6570\u6700\u7ec8\u4f1a\u6267\u884cdo_execve()\u3002\u800cexecve\u7cfb\u7edf\u8c03\u7528\u5728\u7ecf\u5386\u5185\u6838\u7684\u7cfb\u7edf\u8c03\u7528\u6d41\u7a0b\u540e\uff0c\u4e5f\u4f1a\u6700\u7ec8\u8c03\u7528do_execve()\u3002<\/p>\n<h3>\u4f7f\u7528\u4e3e\u4f8b<\/h3>\n<p><strong>1.\u65e0\u8f93\u51fa\u7684\u53ef\u6267\u884c\u6587\u4ef6\u6d4b\u8bd5<\/strong><\/p>\n<p>\u52a0\u8f7d\u51fd\u6570demo\u5982\u4e0b\u6240\u793a\uff1a<\/p>\n<pre class=\"brush: cpp; title: ; notranslate\" title=\"\">\r\nstatic int __init call_usermodehelper_init(void)\r\n{\r\n\tint ret = -1;\r\n\tchar path&#x5B;] = &quot;\/bin\/mkdir&quot;;\r\n\tchar *argv&#x5B;] = {path, &quot;-p&quot;, &quot;\/home\/tester\/new\/new_dir&quot;, NULL};\r\n\r\n\tprintk(&quot;call_usermodehelper module is starting..!\\n&quot;);\r\n\tret = call_usermodehelper(path, argv, envp, UMH_WAIT_PROC);\r\n\tprintk(&quot;ret=%d\\n&quot;, ret);\r\n\treturn 0;\r\n}\r\n<\/pre>\n<p>\u5378\u8f7d\u51fd\u6570demo\u5982\u4e0b\u6240\u793a\uff1a<\/p>\n<pre class=\"brush: cpp; title: ; notranslate\" title=\"\">\r\nstatic void __exit call_usermodehelper_exit(void)\r\n{\r\n\tint ret = -1;\r\n\tchar path&#x5B;] = &quot;\/bin\/rm&quot;;\r\n\tchar *argv&#x5B;] = {path, &quot;-r&quot;, &quot;\/home\/tester\/new&quot;, NULL};\r\n\tchar *envp&#x5B;] = {NULL};\r\n\r\n\tprintk(&quot;call_usermodehelper module is starting..!\\n&quot;);\r\n\tret = call_usermodehelper(path, argv, envp, UMH_WAIT_PROC);\r\n\tprintk(&quot;ret=%d\\n&quot;, ret);\r\n}\r\n<\/pre>\n<p><strong> 2.\u6709\u8f93\u51fa\u7684\u53ef\u6267\u884c\u6587\u4ef6\u6d4b\u8bd5<\/strong><\/p>\n<p>\u5982\u679c\u8be5\u53ef\u6267\u884c\u6587\u4ef6\u6709\u8f93\u51fa\uff0c\u5219\u53ef\u4ee5\u5229\u7528\u8f93\u51fa\u91cd\u5b9a\u5411\uff0c\u4e0d\u8fc7\u6b64\u65f6\u7684\u53ef\u6267\u884c\u6587\u4ef6\u5e94\u8be5\u662f\/bin\/bash\uff0c\u800c\u5b9e\u9645\u7684\u53ef\u6267\u884c\u6587\u4ef6\u5219\u79f0\u4e3abash\u7684\u53c2\u6570\u3002\u6bd4\u5982\u5982\u679c\u60f3\u5728\u5185\u6838\u6267\u884cls -la\u547d\u4ee4\uff0c\u5e76\u4e14\u5c06\u5176\u8f93\u51fa\u91cd\u5b9a\u5411\u5230ls_output\u4e2d\uff0c\u5219\u5728\u4e0a\u8ff0\u7684argv[]={&#8220;\/bin\/bash&#8221;, &#8220;-c&#8221;, &#8220;ls&#8221;, &#8220;-la&#8221;, &#8220;&gt;&#8221;, &#8220;\/home\/tester\/ls_output&#8221;, NULL};<\/p>\n<p>\u672c\u6587\u867d\u7136\u8bf4\u660e\u7684\u662f\u5728\u5185\u6838\u6001\u5982\u4f55\u8c03\u7528\u7528\u6237\u6001\u7a0b\u5e8f\uff0c\u4e0d\u8fc7\u53ef\u4ee5\u5c06\u8fd9\u79cd\u65b9\u6cd5\u62bd\u8c61\u4e00\u4e0b\uff0c\u770b\u4f5c\u662f\u5185\u6838\u6001\u4e3b\u52a8\u5411\u7528\u6237\u6001\u53d1\u8d77\u901a\u4fe1\u7684\u4e00\u79cd\u65b9\u5f0f\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u80cc\u666f \u5982\u4f55\u5728Linux\u5185\u6838\u4e2d\u6267\u884c\u67d0\u4e9b\u7528\u6237\u6001\u7a0b\u5e8f\u6216\u7cfb\u7edf\u547d\u4ee4\uff1f\u5728\u7528\u6237\u6001\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7execve()\u5b9e\u73b0\uff1b\u5728\u5185\u6838\u6001\uff0c [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[278],"tags":[227,355,383],"class_list":["post-4415","post","type-post","status-publish","format-standard","hentry","category-linux","tag-227","tag-355","tag-383"],"views":15834,"_links":{"self":[{"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/posts\/4415","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/comments?post=4415"}],"version-history":[{"count":6,"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/posts\/4415\/revisions"}],"predecessor-version":[{"id":4422,"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/posts\/4415\/revisions\/4422"}],"wp:attachment":[{"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/media?parent=4415"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/categories?post=4415"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/edsionte.com\/techblog\/wp-json\/wp\/v2\/tags?post=4415"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}