|Feb 19, 2013, 03:42 AM||#1|
Kext: Replace kernel functions
I've 'fixed' a bug in a XNU function. Now I'm looking for a way to apply this fix with a kernel module/kext. I can't be bothered to compile after every Apple update a new kernel with my fix. So I want to write a kext which replaces the old function with my function. I've done this for many times on Solaris and Linux but I'm a newbie in the XNU world.
I guess all what I need is a way (example code that works would be helpful!) to access the kernel symbol address table. With the address of the old function I should be able to patch a Jump into the function that points to my new function. Very evil, I know.
Does somebody did something like this? Please let me know, if you have any idea.
|Feb 20, 2013, 12:57 AM||#3|
Does somebody has an idea?
|Feb 21, 2013, 01:03 AM||#4|
After lots of googling, I've found one paper which has some interesting approaches: http://defcon.org/images/defcon-17/d...ing_on_osx.pdf
It's mainly written for patching syscalls but that's ok. It should also work for functions.
Anyway, any other information regarding this topic would be nice.
|kernel, kext, xnu|
|Thread Tools||Search this Thread|
|thread||Thread Starter||Forum||Replies||Last Post|
|Will Apple replace the OS X kernel with Linux?||aaronvan||OS X||30||Nov 26, 2013 09:11 AM|
|Passing a string(in user mode) to kernel kext(kext have a dynamic buffer)||mehdies||Mac Programming||0||Apr 28, 2013 01:22 AM|
|Please compile this kext.||rabidz7||Mac Programming||7||Apr 18, 2013 07:13 PM|
|get focused window in desktop by kernel modules(kext)||mehdies||Mac Programming||1||Dec 18, 2012 11:29 PM|
|Recovery partition kernel panic - how to replace||xraydoc||OS X 10.8 Mountain Lion||1||Aug 27, 2012 09:41 PM|
All times are GMT -5. The time now is 05:42 AM.