arm64 needs kallsums_lookup_name in _init() as well

m0nad / Diamorphine

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Other

1.79k stars 425 forks source link

arm64 needs kallsums_lookup_name in _init() as well #34

Open rafaeldtinoco opened 2 years ago

rafaeldtinoco commented 2 years ago

orelse compilation fails. Maybe get_syscall_table_bf() should set the symbol globally to be used in main or something similar.

m0nad commented 2 years ago

Hi Rafael, thanks for your report!

Could you tell me which environment (kernel, distribution, etc.) are you using?

rafaeldtinoco commented 2 years ago

Hey @m0nad! So, sorry I should have mentioned that. It is an ARM64 VPS in AWS with Ubuntu Jammy and latest kernel available (5.15 iirc). The kernels used by Ubuntu there are all versioned "-aws" and they differ in kconfig from the regular "-generic" kernels from Ubuntu distro (but not too much).

m0nad commented 2 years ago

Thanks, I'll try to reproduce the compilation error to fix it