From 7db0bbb70c7b4148eafa9d44b8b04c80e6b7e78e Mon Sep 17 00:00:00 2001
From: zcfsite <zhchf2010@126.com>
Date: Sat, 25 Nov 2023 17:58:26 +0800
Subject: [PATCH 4/4] fix register kpobe mutiple times

---
 kerneldriver/core/hook_unit/secDetector_hook_kprobe.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/kerneldriver/core/hook_unit/secDetector_hook_kprobe.c b/kerneldriver/core/hook_unit/secDetector_hook_kprobe.c
index fb6de05..5acce03 100644
--- a/kerneldriver/core/hook_unit/secDetector_hook_kprobe.c
+++ b/kerneldriver/core/hook_unit/secDetector_hook_kprobe.c
@@ -77,6 +77,8 @@ int insert_kprobe_hook(struct secDetector_workflow *workflow)
 int delete_kprobe_hook(struct secDetector_workflow *workflow)
 {
 	struct kprobe *kp = NULL;
+	const char *tmp_sym = NULL;
+	kprobe_pre_handler_t tmp_handler;
 
 	if (workflow == NULL)
 		return -1;
@@ -94,7 +96,14 @@ int delete_kprobe_hook(struct secDetector_workflow *workflow)
 		if (!kp)
 			return -1;
 
+		tmp_sym = kp->symbol_name;
+		tmp_handler = kp->pre_handler;
+
 		unregister_kprobe(kp);
+		//register mutiple times
+		memset(kp, 0, sizeof(struct kprobe));
+		kp->symbol_name = tmp_sym;
+		kp->pre_handler = tmp_handler;
 	}
 
 	return 0;
-- 
2.33.0