git://git.onelab.eu
/
procprotect.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Remove possibility of being traced in a trace handler
[procprotect.git]
/
procprotect.c
diff --git
a/procprotect.c
b/procprotect.c
index
2672ef8
..
a56c6b2
100644
(file)
--- a/
procprotect.c
+++ b/
procprotect.c
@@
-28,6
+28,12
@@
#include <linux/kallsyms.h>
#include <linux/nsproxy.h>
#include <linux/kallsyms.h>
#include <linux/nsproxy.h>
+#include <linux/magic.h>
+#include <linux/slab.h>
+#include <linux/module.h> /* Specifically, a module */
+#include <linux/kernel.h> /* We're doing kernel work */
+#include <linux/proc_fs.h> /* Necessary because we use the proc fs */
+
#define VERSION_STR "0.0.1"
#ifndef CONFIG_X86_64
#define VERSION_STR "0.0.1"
#ifndef CONFIG_X86_64
@@
-58,7
+64,7
@@
struct acl_entry {
struct hlist_node hlist;
};
struct hlist_node hlist;
};
-#define HASH_SIZE (1<<1
6
)
+#define HASH_SIZE (1<<1
0
)
struct hlist_head procprotect_hash[HASH_SIZE];
struct hlist_head procprotect_hash[HASH_SIZE];
@@
-66,7
+72,7
@@
struct proc_dir_entry *proc_entry;
static int run_acl(unsigned long ino) {
struct acl_entry *entry;
static int run_acl(unsigned long ino) {
struct acl_entry *entry;
- hlist_for_each_entry_rcu(entry,
+ hlist_for_each_entry_rcu
_notrace
(entry,
&procprotect_hash[ino & (HASH_SIZE-1)],
hlist) {
if (entry->ino==ino) {
&procprotect_hash[ino & (HASH_SIZE-1)],
hlist) {
if (entry->ino==ino) {
@@
-130,8
+136,6
@@
static int lookup_slow_entry(struct kretprobe_instance *ri, struct pt_regs *regs
struct dentry *parent = nd->path.dentry;
struct inode *pinode = parent->d_inode;
struct dentry *parent = nd->path.dentry;
struct inode *pinode = parent->d_inode;
-
-
if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
&& current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
&& current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
@@
-246,7
+250,7
@@
static void __exit procprotect_exit(void)
{
unregister_kretprobe(&fast_probe);
unregister_kretprobe(&slow_probe);
{
unregister_kretprobe(&fast_probe);
unregister_kretprobe(&slow_probe);
- unregister_jprobe(&dolast_probe);
+ unregister_jprobe(&dolast_probe);
struct acl_entry *entry;
int i;
struct acl_entry *entry;
int i;
@@
-284,6
+288,11
@@
int procfile_write(struct file *file, const char *buffer, unsigned long count, v
return count;
}
return count;
}
+static const struct file_operations procprotect_fops = {
+ .owner = THIS_MODULE,
+ .write = procfile_write
+};
+
static int __init procprotect_init(void)
{
int ret;
static int __init procprotect_init(void)
{
int ret;
@@
-296,6
+305,8
@@
static int __init procprotect_init(void)
INIT_HLIST_HEAD(&procprotect_hash[i]);
}
INIT_HLIST_HEAD(&procprotect_hash[i]);
}
+ add_entry("/proc/sysrq-trigger");
+
aclqpath.name = aclpath;
aclqpath.len = strnlen(aclpath, PATH_MAX);
aclqpath.name = aclpath;
aclqpath.len = strnlen(aclpath, PATH_MAX);
@@
-313,6
+324,7
@@
static int __init procprotect_init(void)
}
fast_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("lookup_fast");
}
fast_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("lookup_fast");
+
if (!fast_probe.kp.addr) {
printk("Couldn't find %s to plant kretprobe\n", "lookup_fast");
return -1;
if (!fast_probe.kp.addr) {
printk("Couldn't find %s to plant kretprobe\n", "lookup_fast");
return -1;
@@
-320,6
+332,7
@@
static int __init procprotect_init(void)
slow_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("lookup_slow");
slow_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("lookup_slow");
+
if (!slow_probe.kp.addr) {
printk("Couldn't find %s to plant kretprobe\n", "lookup_slow");
return -1;
if (!slow_probe.kp.addr) {
printk("Couldn't find %s to plant kretprobe\n", "lookup_slow");
return -1;
@@
-342,8
+355,7
@@
static int __init procprotect_init(void)
printk("Planted kretprobe at %p, handler addr %p\n",
slow_probe.kp.addr, slow_probe.handler);
printk("Planted kretprobe at %p, handler addr %p\n",
slow_probe.kp.addr, slow_probe.handler);
- proc_entry = create_proc_entry("procprotect", 0644, NULL);
- proc_entry->write_proc = procfile_write;
+ proc_entry = proc_create("procprotect", 0644, NULL, &procprotect_fops);
return ret;
}
return ret;
}