unsigned long pid; //参数保存结束的僵尸进程的进程号 module_param(pid, long, S_IRUSR); MODULE_PARM_DESC(pid, "pid"); struct task_struct *(*find)(struct pid *pid, enum pid_type type); struct pid *(*get)(pid_t nr); long (*wait1)(pid_t pid, void *v, int options, void *ru); int __init rm_init(void){ find = 0xc1041aed; //根据pid结构得到task_t函数的地址 get=0xc1041b81; //根据pid得到pid结构体函数的地址 wait1 = 0xc1032e02; struct pid* spid = (*get)(pid); struct task_struct *tsk = (*find)(spid, PIDTYPE_PID); tsk->real_parent = current; tsk->parent = current; list_del(&tsk->sibling); list_add_tail(&tsk->sibling, &tsk->real_parent->children); (*wait1)(pid, NULL, 0, NULL); return 0; } void __exit rm_exit(void){ } module_init(rm_init); module_exit(rm_exit); MODULE_LICENSE("GPL");
unsigned long pid; //参数保存结束的僵尸���程的进程号 module_param(pid, long, S_IRUSR); MODULE_PARM_DESC(pid, "pid"); struct task_struct *(*find)(struct pid *pid, enum pid_type type); struct pid *(*get)(pid_t nr); long (*wait1)(pid_t pid, void *v, int options, void *ru); int __init rm_init(void){ find = 0xc1041aed; //根据pid结构得到task_t函数的地址 get=0xc1041b81; //根据pid得到pid结构体函数的地址 wait1 = 0xc1032e02; struct pid* spid = (*get)(pid); struct task_struct *tsk = (*find)(spid, PIDTYPE_PID); tsk->real_parent = current; tsk->parent = current; list_del(&tsk->sibling); list_add_tail(&tsk->sibling, &tsk->real_parent->children); (*wait1)(pid, NULL, 0, NULL); return 0; } void __exit rm_exit(void){ } module_init(rm_init); module_exit(rm_exit); MODULE_LICENSE("GPL");