Botnets and their avoidance methods

Article Title: botnets and how to avoid them. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

1. Use a new portal

Must contain

Module_init (your_init_func );

Module_exit (your_exit_func );

Old Version: int init_module (void );

Void cleanup_module (voi );

2.4 can be used in both cases. For example, you do not need to display any header files for the entry function.

2. GPL

MODULE_LICENSE ("Dual BSD/GPL ");

Old Version: MODULE_LICENSE ("GPL ");

3. Module Parameters

Must explicitly include

Module_param (name, type, perm );

Module_param_named (name, value, type, perm );

Parameter Definition

Module_param_string (name, string, len, perm );

Module_param_array (name, type, num, perm );

Old Version: MODULE_Parm (variable, type );

MODULE_Parm_DESC (variable, type );

4. Module alias

MODULE_ALIAS ("alias-name ");

This is newly added. In the old version, you need to configure in/etc/modules. conf, which can be implemented in the code now.

5. Module count

Int try_module_get (& module );

Module_put ();

Earlier versions: MOD_INC_USE_COUNT and MOD_DEC_USE_COUNT

6. Export symbols

Only the displayed exported symbols can be used by other modules. By default, no symbols are exported, and EXPORT_NO_SYMBOLS is not required.

Boss: All symbols are exported by default, unless EXPORT_NO_SYMBOLS is used

7. kernel version check

When you need to include multiple files, you do not need to define _ NO_VERSION __

Old Version: when multiple files are included, _ NO_VERSION __must be defined in other files except the main file to prevent duplicate versions.

8. device number

Kdev_t is abolished and unavailable. The new dev_t is extended to 32-bit, 12-bit master device number, and 20-bit device number.

Unsigned int iminor (struct inode * inode );

Unsigned int imajor (struct inode * inode );

Old Version: eight-digit master device number, eight-digit master device number

Int MAJOR (kdev_t dev );

Int MINOR (kdev_t dev );

9. Memory Allocation header file change

All memory allocation functions are included in the header file, but the original memory does not exist.

Old Version: the memory allocation function is included in the header file.

10. initial trial of struct

Gcc starts to use the initialization form of the ansi c struct:

Static struct some_structure = {

. Field1 = value,

. Field2 = value,

...

};

Old Version: non-standard preliminary trial form

Static struct some_structure = {

Field1: value,

Field2: value,

...

};

11. User Mode helper

Int call_usermodehelper (char * path, char ** argv, char ** envp,

Int wait );

Add wait Parameters

12. request_module ()

Request_module ("foo-device-% d", number );

Old Version:

Char module_name [32];

Printf (module_name, "foo-device-% d", number );

Request_module (module_name );

13. Change of character devices caused by dev_t

1. Take the Primary and Secondary device numbers

Unsigned iminor (struct inode * inode );

Unsigned imajor (struct inode * inode );

2. The old register_chrdev () usage remains unchanged and backward compatible, but cannot access devices with a device number greater than 256.

3. The new interface is

A) device range of registered characters

Int register_chrdev_region (dev_t from, unsigned count, char * name );

B) dynamically apply for the master device number

Int alloc_chrdev_region (dev_t * dev, unsigned baseminor, unsigned count, char * name );

Look down at these two functions. ^_^! How can we associate with the file_operations structure? Don't worry!

C) Include, connect using struct cdev and file_operations

Struct cdev * cdev_alloc (void );

Void cdev_init (struct cdev * cdev, struct file_operations * fops );

Int cdev_add (struct cdev * cdev, dev_t dev, unsigned count );

(Apply for the cdev structure, connect to the fops, and add the devices to the system! So complicated !)

D) void cdev_del (struct cdev * cdev );

It can be run only when the cdev_add operation is successful.

E) Auxiliary Functions

Kobject_put (& cdev-> kobj );

Struct kobject * cdev_get (struct cdev * cdev );

Void cdev_put (struct cdev * cdev );

This change is related to the newly added/sys/dev.

[1] [2] [3] [4] Next page