flat assembler
Message board for the users of flat assembler.

Home Search Register
Log in to check your private messages Log in

Index > Linux > [solved] fasm (quick linux kernal module - question )
Author
Thread Post new topic Reply to topic
duanebonas6822



Joined: 06 Dec 2024
Posts: 30
duanebonas6822 27 Feb 2025, 19:11
Anyone just a quick question i could create LKM modules in C but i just wanted to know if anyone knows anything about the compilation process, I have followed 2 guides, i create a REL format ELF64 format and produces an .o file. Just confused do i also have to make this like in C. Anyway i just get:

insmod: ERROR: could not insert module lkm.o: Invalid module format

This just brings me to think i also have to make this like build in C makefile. So if anyone knows if i also have to build this into a .ko or something ??

_________________
d.bonas
Post 27 Feb 2025, 19:11
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20519
Location: In your JS exploiting you and your system
revolution 27 Feb 2025, 19:15
Perhaps you are confusing .o with .ko?
Post 27 Feb 2025, 19:15
View user's profile Send private message Visit poster's website Reply with quote
duanebonas6822



Joined: 06 Dec 2024
Posts: 30
duanebonas6822 27 Feb 2025, 19:22
Im just trying a few things i see the other FASM guides, just in this example its talking about a FASM patch (https://board.flatassembler.net/topic.php?t=7519). Does anyone know if this patch has been fixed, I am just trying loads of differant options. I will probs get this working maybe iuts because im using the newest kernal version.
Post 27 Feb 2025, 19:22
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20519
Location: In your JS exploiting you and your system
revolution 27 Feb 2025, 19:36
The current version of fasm puts zeros in the relocated fields.
Code:
format elf64
extrn func
;...
    mov  rdi, text
    call func
text:
Code:
00000049  48BF000000000000  mov rdi,0x0
         -0000
00000053  E800000000        call 0x58
Post 27 Feb 2025, 19:36
View user's profile Send private message Visit poster's website Reply with quote
duanebonas6822



Joined: 06 Dec 2024
Posts: 30
duanebonas6822 27 Feb 2025, 19:50
Yeah that version i think ive figured out, just this version i get compile error maybe u know why: ?

=========================================================================================================================
format ELF64
extrn printk
section '.init.text' executable

module_init:
push rdi

mov rdi, str1
xor eax, eax
call printk

xor eax, eax
pop rdi
ret


section '.exit.text' executable
module_cleanup:
xor eax, eax
ret

section '.rodata.str1.1'
str1 db '<0> Here I am, gentlemen!', 0x0a, 0

section '.modinfo' align 10h
db 'license=GPL', 0
db 'depends=', 0
db 'vermagic=6.12.10-arch1-1 SMP preempt mod_unload ', 0

section '.gnu.linkonce.this_module' writable
this_module:
rb 18h
db 'simple_module', 0
rb 148h - ($ - this_module)
rb 150h - ($ - this_module) dq module_init
rb 238h - ($ - this_module)
rb 248h - ($ - this_module) dq module_cleanup
dq 0

section '__versions'
dq 0x568fba06
dq 0x2ab9dba5 @@:
db 'module_layout', 0
rb 56 - ($ - @b)

dq 0x27e1a049
@@:
db 'printk', 0
rb 56 - ($ - @b)
=========================================================================================================================

# I get this error

============================================================================================================
flat assembler version 1.73.32 (16384 kilobytes memory, x64)
shelllsm40.asm [36]:
rb 150h - ($ - this_module) dq module_init
processed: rb 150h-($-this_module)dq module_init
error: extra characters on line.
============================================================================================================

# Do you know how i can format this so it works...
#
# rb 150h - ($ - this_module) dq module_init <<-- (extra characters on line)
#
# Do u know how i could fix this as i can get this version to load ok
#
# Just any thoughts ?? cheers
Post 27 Feb 2025, 19:50
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20519
Location: In your JS exploiting you and your system
revolution 27 Feb 2025, 19:57
rb and dq are separate things.
Code:
rb 150h - ($ - this_module)
dq module_init
Post 27 Feb 2025, 19:57
View user's profile Send private message Visit poster's website Reply with quote
duanebonas6822



Joined: 06 Dec 2024
Posts: 30
duanebonas6822 27 Feb 2025, 20:58
ohh , because ive never done kernal modules i thought the format had to be like that, cheers mate thats fixed it, theres just loads of differant ways to structure FASM thats why i love it soo much, cheers mate.
Post 27 Feb 2025, 20:58
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Main index Download Documentation Examples Message board

Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.