on windows,these jobs can done using pssetcreateprocessnotifyroutine , pssetloadimagenotifyroutine.but want realize on linux.can give advice or ideas?thanks in advance!
for catch module's loading event need use register_module_notifier() function. struct notifier_block argument should initialized before call:
int notifier_callback(struct notifier_block *nb, unsigned long action, void *data) { struct module* m = data; // module state changed. switch(action) { case module_state_coming: // module loaded break; case module_state_living: // module's init function has been executed break; case module_state_going: // module's exit function has been executed break; } return 0; } struct notifier_block n = { .notifier_call = ¬ifier_callback, .priority = <any integer value, e.g. 0> }; ... int my_module_init(void) { ... register_module_notifier(&n); } void my_module_exit(void) { unregister_module_notifier(&n); ... } i don't know way monitoring process's state.
Comments
Post a Comment