X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=procprotect.c;h=1c3e8035e01f840e61fe6e1e74742835b3e6ed6e;hb=45362125880411ebb94253979d98df1b04a3e02c;hp=dc2d4e43e8ef3565ff3fb37a1e1fc88bb0efa817;hpb=c4d10fa8ab1fd1a2fc9db070c139f07f836b2e83;p=procprotect.git

diff --git a/procprotect.c b/procprotect.c
index dc2d4e4..1c3e803 100644
--- a/procprotect.c
+++ b/procprotect.c
@@ -28,17 +28,19 @@
 #include <linux/kallsyms.h>
 #include <linux/nsproxy.h>
 
+#include <linux/magic.h>
+#include <linux/slab.h>
+#include <linux/module.h>	/* Specifically, a module */
+#include <linux/kernel.h>	/* We're doing kernel work */
+#include <linux/proc_fs.h>	/* Necessary because we use the proc fs */
+
 #define VERSION_STR "0.0.1"
 
 #ifndef CONFIG_X86_64
 #error "This code does not support your architecture"
 #endif
 
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,8,0)
 static char *aclpath = "procprotect";
-#else
-static char *aclpath __devinitdata = "procprotect";
-#endif
 
 static struct qstr aclqpath;
 
@@ -62,21 +64,15 @@ struct acl_entry {
     struct hlist_node hlist;
 };
 
-#define HASH_SIZE (1<<16)
+#define HASH_SIZE (1<<10)
 
 struct hlist_head procprotect_hash[HASH_SIZE];
 
 struct proc_dir_entry *proc_entry;
 
 static int run_acl(unsigned long ino) {
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-    struct hlist_node *n;
-#endif
     struct acl_entry *entry;
-    hlist_for_each_entry_rcu(entry, 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-			     n, 
-#endif
+    hlist_for_each_entry_rcu_notrace(entry, 
 			     &procprotect_hash[ino & (HASH_SIZE-1)],
 			     hlist) {
         if (entry->ino==ino) {
@@ -95,8 +91,16 @@ static int lookup_fast_entry(struct kretprobe_instance *ri, struct pt_regs *regs
     int ret = -1;
     struct procprotect_ctx *ctx;
     struct nameidata *nd = (struct nameidata *) regs->di;
-    struct dentry *parent = nd->path.dentry;
-    struct inode *pinode = parent->d_inode;
+    struct dentry *parent;
+    struct inode *pinode;
+	
+	if (!nd) return ret;
+	parent = nd->path.dentry;
+
+	if (!parent) return ret;
+	pinode = parent->d_inode;
+
+	if (!pinode || !pinode->i_sb || !current || !current->nsproxy) return ret;
 
     if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
             && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {	
@@ -136,11 +140,13 @@ static int lookup_slow_entry(struct kretprobe_instance *ri, struct pt_regs *regs
     struct procprotect_ctx *ctx;
     struct nameidata *nd = (struct nameidata *) regs->di;
     struct path *p = (struct path *) regs->si;
+    struct dentry *parent;
+	struct inode *pinode;
 
-    struct dentry *parent = nd->path.dentry;
-    struct inode *pinode = parent->d_inode;
-
-    
+	if (!nd) return;
+	parent = nd->path.dentry;
+    if (!parent) return;
+	pinode= parent->d_inode;
 
     if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
             && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {	
@@ -225,6 +231,55 @@ static struct kretprobe slow_probe = {
     .data_size = sizeof(struct procprotect_ctx)
 };
 
+int once_only = 0;
+
+static int init_probes(void) {
+	int ret;
+	dolast_probe.kp.addr = 
+		(kprobe_opcode_t *) kallsyms_lookup_name("do_last");
+
+	if (!dolast_probe.kp.addr) {
+		printk("Couldn't find %s to plant kretprobe\n", "do_last");
+		return -1;
+	}
+
+	if ((ret = register_jprobe(&dolast_probe)) <0) {
+		printk("register_jprobe failed, returned %u\n", ret);
+		return -1;
+	}
+	fast_probe.kp.addr = 
+		(kprobe_opcode_t *) kallsyms_lookup_name("lookup_fast");
+
+	if (!fast_probe.kp.addr) {
+		printk("Couldn't find %s to plant kretprobe\n", "lookup_fast");
+		return -1;
+	}
+
+	slow_probe.kp.addr = 
+		(kprobe_opcode_t *) kallsyms_lookup_name("lookup_slow");
+
+	if (!slow_probe.kp.addr) {
+		printk("Couldn't find %s to plant kretprobe\n", "lookup_slow");
+		return -1;
+	}
+
+	if ((ret = register_kretprobe(&fast_probe)) <0) {
+		printk("register_kretprobe failed, returned %d\n", ret);
+		return -1;
+	}
+
+	printk("Planted kretprobe at %p, handler addr %p\n",
+			fast_probe.kp.addr, fast_probe.handler);
+
+	if ((ret = register_kretprobe(&slow_probe)) <0) {
+		printk("register_kretprobe failed, returned %d\n", ret);
+		return -1;
+	}
+	printk("Planted kretprobe at %p, handler addr %p\n",
+			slow_probe.kp.addr, slow_probe.handler);
+	return 0;
+}
+
 static void add_entry(char *pathname) {
     struct path path;
     if (kern_path(pathname, 0, &path)) {
@@ -249,6 +304,7 @@ static void add_entry(char *pathname) {
             }
         }
     }
+
 }
 
 
@@ -256,18 +312,12 @@ static void __exit procprotect_exit(void)
 {
     unregister_kretprobe(&fast_probe);
     unregister_kretprobe(&slow_probe);
-	unregister_jprobe(&dolast_probe);
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-    struct hlist_node *n;
-#endif
+    unregister_jprobe(&dolast_probe);    
     struct acl_entry *entry;
     int i;
 
     for (i=0;i<HASH_SIZE;i++) {
         hlist_for_each_entry_rcu(entry, 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-				 n, 
-#endif
 				 &procprotect_hash[i],
 				 hlist) {
             kfree(entry);
@@ -296,10 +346,22 @@ int procfile_write(struct file *file, const char *buffer, unsigned long count, v
         pathname[count]='\0';
 
     add_entry(pathname);	
+		
+	if (!once_only) {
+		once_only=1;
+		if (init_probes()==-1)
+			printk(KERN_CRIT "Could not install procprotect probes. Reload module to retry.");
+	}
     printk(KERN_CRIT "Length of buffer=%d",strlen(pathname));
     return count;
 }
 
+static const struct file_operations procprotect_fops = {
+    .owner = THIS_MODULE,
+    .write = procfile_write
+};
+                          
+
 static int __init procprotect_init(void)
 {
     int ret;
@@ -315,51 +377,7 @@ static int __init procprotect_init(void)
     aclqpath.name = aclpath;
     aclqpath.len = strnlen(aclpath, PATH_MAX);
 
-    dolast_probe.kp.addr = 
-        (kprobe_opcode_t *) kallsyms_lookup_name("do_last");
-
-    if (!dolast_probe.kp.addr) {
-        printk("Couldn't find %s to plant kretprobe\n", "do_last");
-        return -1;
-    }
-
-    if ((ret = register_jprobe(&dolast_probe)) <0) {
-                  printk("register_jprobe failed, returned %u\n", ret);
-                  return -1;
-    }
-    fast_probe.kp.addr = 
-        (kprobe_opcode_t *) kallsyms_lookup_name("lookup_fast");
-    if (!fast_probe.kp.addr) {
-        printk("Couldn't find %s to plant kretprobe\n", "lookup_fast");
-        return -1;
-    }
-
-    slow_probe.kp.addr = 
-        (kprobe_opcode_t *) kallsyms_lookup_name("lookup_slow");
-    if (!slow_probe.kp.addr) {
-        printk("Couldn't find %s to plant kretprobe\n", "lookup_slow");
-        return -1;
-    }
-
-    
-
-    if ((ret = register_kretprobe(&fast_probe)) <0) {
-        printk("register_kretprobe failed, returned %d\n", ret);
-        return -1;
-    }
-
-    printk("Planted kretprobe at %p, handler addr %p\n",
-            fast_probe.kp.addr, fast_probe.handler);
-
-    if ((ret = register_kretprobe(&slow_probe)) <0) {
-        printk("register_kretprobe failed, returned %d\n", ret);
-        return -1;
-    }
-    printk("Planted kretprobe at %p, handler addr %p\n",
-            slow_probe.kp.addr, slow_probe.handler);
-
-    proc_entry = create_proc_entry("procprotect", 0644, NULL);
-    proc_entry->write_proc = procfile_write;
+    proc_entry = proc_create("procprotect", 0644, NULL, &procprotect_fops);
 
     return ret;
 }