Diamorphine ported to ARM64

m0nad / Diamorphine

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Other

1.82k stars 431 forks source link

Diamorphine ported to ARM64 #21

Closed awerv closed 4 years ago

awerv commented 4 years ago

Syscalls adjusted to get params from ARM64 registers if the kernel version is greater then 4.16 Write protection related functions written for ARM64, the method is borrowed from the boot sequence

Tested the build on: 5.4.0-48 x86_64 5.1.0-00022 ARM64

The syscall part migh work on 32 bit ARM as well; regarding the mem protection, I have no information.

m0nad commented 4 years ago

Thank you for your contribution!

Just tested on Raspbian kernel 5.4.51-v8+ on aarch64 architecture and everything worked as expected!

I will merge your PR :)