The invention discloses a Linux
operating system file read-write transparent
encryption and decryption method, comprising the following steps: 1, finding the address of a sys_close function; 2, starting from the starting address of the memory, reading the data in the memory and matching; and if the content is the address of the
system call sys_close, determining that the matching is successful, and carrying out the next step; If not, determining that the matching fails, and reading the data in the next memory and performing matching; 3, after the matching is successful, calling the open, read,write,
mmap and msync functions on the hook
system to encrypt and decrypt the data; 4, achieving the function of file
encryption protection. The method has the advantages of simple process and wide platform compatibility, and is not only suitable for Mips processors, but also suitable for Arm processors. The search method is simple; the code is simple and understandable.