Linux内核Hook系统调用(5)

return orig_open(pathname,flag,mode);
 }
}
int init_module(void)
{
        __asm__ volatile ("sidt %0": "=m" (idt48));
        struct descriptor_idt *pIdt80 = (struct descriptor_idt *)(idt48.base + 8*0x80);
        base_system_call = (pIdt80->offset_high<<16 | pIdt80->offset_low);
        printk(KERN_ALERT "system_call address at 0x%x\n",base_system_call);
 SYS_CALL_TABLE_ADDR=get_sys_call_table();
 sys_call_table=(void **)SYS_CALL_TABLE_ADDR;
 orig_open=sys_call_table[__NR_open];
 sys_call_table[__NR_open]=hacked_open;
        return 0;
}
void cleanup_module()
{
 sys_call_table[__NR_open]=orig_open;
}