X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=procprotect.c;h=a56c6b2e07b8981f18a057d2ca5718cf9cb7c40d;hb=67bda64d19e94d2acc0e86d379da39811312ef2b;hp=1d914015e0d4de5a8cd91a3e7f4047c8f37c656f;hpb=3fade9a394c2d4a55abb11ba76bf2ef75744caab;p=procprotect.git

diff --git a/procprotect.c b/procprotect.c
index 1d91401..a56c6b2 100644
--- a/procprotect.c
+++ b/procprotect.c
@@ -28,17 +28,19 @@
 #include <linux/kallsyms.h>
 #include <linux/nsproxy.h>
 
+#include <linux/magic.h>
+#include <linux/slab.h>
+#include <linux/module.h>	/* Specifically, a module */
+#include <linux/kernel.h>	/* We're doing kernel work */
+#include <linux/proc_fs.h>	/* Necessary because we use the proc fs */
+
 #define VERSION_STR "0.0.1"
 
 #ifndef CONFIG_X86_64
 #error "This code does not support your architecture"
 #endif
 
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,8,0)
 static char *aclpath = "procprotect";
-#else
-static char *aclpath __devinitdata = "procprotect";
-#endif
 
 static struct qstr aclqpath;
 
@@ -62,21 +64,15 @@ struct acl_entry {
     struct hlist_node hlist;
 };
 
-#define HASH_SIZE (1<<16)
+#define HASH_SIZE (1<<10)
 
 struct hlist_head procprotect_hash[HASH_SIZE];
 
 struct proc_dir_entry *proc_entry;
 
 static int run_acl(unsigned long ino) {
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-    struct hlist_node *n;
-#endif
     struct acl_entry *entry;
-    hlist_for_each_entry_rcu(entry, 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-			     n, 
-#endif
+    hlist_for_each_entry_rcu_notrace(entry, 
 			     &procprotect_hash[ino & (HASH_SIZE-1)],
 			     hlist) {
         if (entry->ino==ino) {
@@ -95,14 +91,13 @@ static int lookup_fast_entry(struct kretprobe_instance *ri, struct pt_regs *regs
     int ret = -1;
     struct procprotect_ctx *ctx;
     struct nameidata *nd = (struct nameidata *) regs->di;
-    struct qstr *q = (struct qstr *) regs->si;
     struct dentry *parent = nd->path.dentry;
     struct inode *pinode = parent->d_inode;
 
     if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
             && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {	
         ctx = (struct procprotect_ctx *) ri->data;
-        ctx->inode = regs->cx;
+        ctx->inode = regs->dx;
         ctx->flags = nd->flags;
         ret = 0;
     }
@@ -136,19 +131,16 @@ static int lookup_slow_entry(struct kretprobe_instance *ri, struct pt_regs *regs
     int ret = -1;
     struct procprotect_ctx *ctx;
     struct nameidata *nd = (struct nameidata *) regs->di;
-    struct qstr *q = (struct qstr *) regs->si;
-    struct path *p = (struct path *) regs->dx;
+    struct path *p = (struct path *) regs->si;
 
     struct dentry *parent = nd->path.dentry;
     struct inode *pinode = parent->d_inode;
 
-    
-
     if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
             && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {	
         
         ctx = (struct procprotect_ctx *) ri->data;
-        ctx->q = q;
+        ctx->q = &nd->last;
         ctx->flags = nd->flags;
         ctx->path = p;
         ret = 0;
@@ -258,18 +250,12 @@ static void __exit procprotect_exit(void)
 {
     unregister_kretprobe(&fast_probe);
     unregister_kretprobe(&slow_probe);
-	unregister_jprobe(&dolast_probe);
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-    struct hlist_node *n;
-#endif
+    unregister_jprobe(&dolast_probe);    
     struct acl_entry *entry;
     int i;
 
     for (i=0;i<HASH_SIZE;i++) {
         hlist_for_each_entry_rcu(entry, 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0)
-				 n, 
-#endif
 				 &procprotect_hash[i],
 				 hlist) {
             kfree(entry);
@@ -302,6 +288,11 @@ int procfile_write(struct file *file, const char *buffer, unsigned long count, v
     return count;
 }
 
+static const struct file_operations procprotect_fops = {
+    .owner = THIS_MODULE,
+    .write = procfile_write
+};
+                          
 static int __init procprotect_init(void)
 {
     int ret;
@@ -314,6 +305,8 @@ static int __init procprotect_init(void)
         INIT_HLIST_HEAD(&procprotect_hash[i]);
     }
 
+    add_entry("/proc/sysrq-trigger");
+
     aclqpath.name = aclpath;
     aclqpath.len = strnlen(aclpath, PATH_MAX);
 
@@ -331,6 +324,7 @@ static int __init procprotect_init(void)
     }
     fast_probe.kp.addr = 
         (kprobe_opcode_t *) kallsyms_lookup_name("lookup_fast");
+
     if (!fast_probe.kp.addr) {
         printk("Couldn't find %s to plant kretprobe\n", "lookup_fast");
         return -1;
@@ -338,6 +332,7 @@ static int __init procprotect_init(void)
 
     slow_probe.kp.addr = 
         (kprobe_opcode_t *) kallsyms_lookup_name("lookup_slow");
+
     if (!slow_probe.kp.addr) {
         printk("Couldn't find %s to plant kretprobe\n", "lookup_slow");
         return -1;
@@ -360,8 +355,7 @@ static int __init procprotect_init(void)
     printk("Planted kretprobe at %p, handler addr %p\n",
             slow_probe.kp.addr, slow_probe.handler);
 
-    proc_entry = create_proc_entry("procprotect", 0644, NULL);
-    proc_entry->write_proc = procfile_write;
+    proc_entry = proc_create("procprotect", 0644, NULL, &procprotect_fops);
 
     return ret;
 }