khook: custom lookup function support via khook_init argument

milabs · Mar 14, 2024 · d477187 · d477187
1 parent e6d2dac
commit d477187
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -21,7 +21,7 @@ Then, include KHOOK engine header like follows:
 #include <khook/engine.h>
 ~~~
 
-Use `khook_init()` and `khook_cleanup()` to initalize and de-initialize hooking engine.
+Use `khook_init(lookup)` and `khook_cleanup()` to initalize and de-initialize hooking engine.
 
 Use `khook_lookup_name(sym)` to resolve `sym` address.
 

diff --git a/khook/engine.c b/khook/engine.c
@@ -67,11 +67,13 @@ static int khook_sm_cleanup_hooks(void *arg)
 	return 0;
 }
 
-static void khook_resolve(void)
+static void khook_resolve(khook_lookup_t lookup)
 {
 	khook_t *p;
 	KHOOK_FOREACH_HOOK(p) {
-		p->target.addr = (void *)khook_lookup_name(p->target.name);
+		p->target.addr = lookup ? \
+			(void *)lookup(p->target.name) : \
+			(void *)khook_lookup_name(p->target.name);
 		if (!p->target.addr) pr_warn("khook: failed to lookup %s symbol\n", p->target.name);
 	}
 }
@@ -91,7 +93,7 @@ static void khook_release(void)
 
 ////////////////////////////////////////////////////////////////////////////////
 
-int khook_init(void)
+int khook_init(khook_lookup_t lookup)
 {
 	const size_t max_stub_size = 0x80; // NOTE: keep in sync with value in engine.h
 
@@ -103,7 +105,7 @@ int khook_init(void)
 		return -EINVAL;
 	}
 
-	khook_resolve();
+	khook_resolve(lookup);
 	stop_machine(khook_sm_init_hooks, NULL, 0);
 
 	return 0;

diff --git a/khook/engine.h b/khook/engine.h
@@ -52,7 +52,10 @@ typedef struct {
 #define KHOOK_ORIGIN(t, ...)						\
 	((typeof(t) *)KHOOK_##t.orig)(__VA_ARGS__)
 
-extern int khook_init(void);
+typedef unsigned long (*khook_lookup_t)(const char *);
+extern unsigned long khook_lookup_name(const char *);
+
+extern int khook_init(khook_lookup_t);
 extern void khook_cleanup(void);
+
 extern long khook_write_kernel(long (*)(void *), void *);
-extern unsigned long khook_lookup_name(const char *);
diff --git a/khook/internal.h b/khook/internal.h
@@ -7,6 +7,7 @@
 #include <linux/delay.h>
 #include <linux/version.h>
 #include <linux/sched.h>
+#include <linux/moduleparam.h>
 
 #ifdef CONFIG_KPROBES
 # include <linux/kprobes.h>

diff --git a/khook_demo/main.c b/khook_demo/main.c
@@ -71,7 +71,7 @@ static int khook_load_elf_binary(struct linux_binprm *bprm)
 
 int init_module(void)
 {
-	return khook_init();
+	return khook_init(NULL);
 }
 
 void cleanup_module(void)