In the flow of control in linux kernel, found that control moves to IDT which has the location of interrupts(ex: 0x80 system call). And then control moves to the appropriate System call. Also read that IDT is initialized at boot time only.
I would like to know more about the IDT information from a real kernel, like its location. Also like to know, w开发者_运维技巧thether at any other time its being modified?
Please help.
Writing a rooktit, are we ?
Anyways, you can use the LIDT/SIDT x86 instructions to directly find and manipulate the IDT. You can also find some information about IDT hooking on some good phrack articles about exactly this subject.
In Linux, the declarations for IRQ-handling functions can be found in include/linux/interrupt.h. Generic handling code can be found in kernel/irq/, and platform specific code under the arch/ directories - take a look at eg, arch/x86/kernel/irq.c and the other irq*.c files in that directory.
You should read the comments in the kernel/irc/*.c files to understand locking rules and mechanisms regarding IRQs in Linux. Note that other OSes can and will have different locking rules. Good luck!
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论