struct hlist_node hlist;
};
+/*
+ Added by Guilherme Sperb Machado <gsm@machados.org>
+ According to recent changes in the kernel, the nameidata struct
+ became opaque. So, let's declare it in our implementation.
+ Source: https://github.com/torvalds/linux/commit/1f55a6ec940fb45e3edaa52b6e9fc40cf8e18dcb
+ */
+struct nameidata {
+ struct path path;
+ struct qstr last;
+ struct path root;
+ struct inode *inode; /* path.dentry.d_inode */
+ unsigned int flags;
+ unsigned seq;
+ int last_type;
+ unsigned depth;
+ char *saved_names[MAX_NESTED_LINKS + 1];
+};
+
#define HASH_SIZE (1<<10)
struct hlist_head procprotect_hash[HASH_SIZE];
static int run_acl(unsigned long ino) {
struct acl_entry *entry;
- hlist_for_each_entry_rcu_notrace(entry,
+ hlist_for_each_entry_rcu_notrace(entry,
&procprotect_hash[ino & (HASH_SIZE-1)],
hlist) {
if (entry->ino==ino) {
struct nameidata *nd = (struct nameidata *) regs->di;
struct dentry *parent;
struct inode *pinode;
-
+
if (!nd) return ret;
parent = nd->path.dentry;
if (!pinode || !pinode->i_sb || !current || !current->nsproxy) return ret;
if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
- && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
+ && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
ctx = (struct procprotect_ctx *) ri->data;
ctx->inode = (struct inode **)regs->dx;
ctx->flags = nd->flags;
pinode= parent->d_inode;
if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC
- && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
-
+ && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
+
ctx = (struct procprotect_ctx *) ri->data;
ctx->q = &nd->last;
ctx->flags = nd->flags;
struct inode *pinode = parent->d_inode;
/*struct qstr *q = &nd->last;*/
-
+
if (pinode->i_sb->s_magic == PROC_SUPER_MAGIC && current->nsproxy->mnt_ns!=init_task.nsproxy->mnt_ns) {
/*if (!strncmp(q->name,"sysrq-trigger",13)) {
printk(KERN_CRIT "do_last sysrqtrigger: %d",op->open_flag);
static int init_probes(void) {
int ret;
- dolast_probe.kp.addr =
+ dolast_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("do_last");
if (!dolast_probe.kp.addr) {
printk("register_jprobe failed, returned %u\n", ret);
return -1;
}
- fast_probe.kp.addr =
+ fast_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("lookup_fast");
if (!fast_probe.kp.addr) {
return -1;
}
- slow_probe.kp.addr =
+ slow_probe.kp.addr =
(kprobe_opcode_t *) kallsyms_lookup_name("lookup_slow");
if (!slow_probe.kp.addr) {
struct path path;
if (kern_path(pathname, 0, &path)) {
printk(KERN_CRIT "Path lookup failed for %s",pathname);
- }
+ }
else {
unsigned int ino = path.dentry->d_inode->i_ino;
struct acl_entry *entry;
unregister_kretprobe(&fast_probe);
unregister_kretprobe(&slow_probe);
- unregister_jprobe(&dolast_probe);
+ unregister_jprobe(&dolast_probe);
for (i=0;i<HASH_SIZE;i++) {
- hlist_for_each_entry_rcu(entry,
+ hlist_for_each_entry_rcu(entry,
&procprotect_hash[i],
hlist) {
kfree(entry);
-ssize_t procfile_write(struct file *file, const char *buffer, size_t count, loff_t *data) {
+ssize_t procfile_write(struct file *file, const char *buffer, size_t count, loff_t *data) {
char *pathname;
pathname = (char *) kmalloc(count, GFP_KERNEL);
else
pathname[count]='\0';
- add_entry(pathname);
-
+ add_entry(pathname);
+
if (!once_only) {
once_only=1;
if (init_probes()==-1)
.owner = THIS_MODULE,
.write = procfile_write
};
-
+
static int __init procprotect_init(void)
{