securityfs directory creation test

Author: suztomo

home_hack/home_hack.c

@@ -210,196 +210,6 @@ DECLARE_FUNC(chdir, char*path)
 
 */
 
-#include <linux/sockios.h>
-#include <linux/if.h>
-
-asmlinkage long sys_ioctl_wrapper(unsigned int fd, unsigned int cmd,
-                                unsigned long arg)
-{
-  long ret;
-  struct ifreq ifr;
-  int i;
-  if (current->hp_node <= 0) {
-    return original_sys_ioctl(fd, cmd, arg);
-  }
-
-  ret = original_sys_ioctl(fd, cmd, arg);
-  /*
-  if (cmd == SIOCGIFCONF) {
-
-    if (copy_from_user(&ifr, (struct ifconf __user *)arg, sizeof(ifr))) {
-      return -EFAULT;
-    }
-  }
-  */
-  if (cmd == SIOCGIFADDR) {
-
-    if (copy_from_user(&ifr, (struct ifreq __user *)arg, sizeof(ifr))) {
-      return -EFAULT;
-    }
-    printk("***ioctl for fd: %d cmd SIOCGIFADDR\n", fd);
-
-    printk("*** ifr.ifr_ifrn.ifrn_name : %s\n",
-           ifr.ifr_ifrn.ifrn_name);
-
-    //    printk("*** %s\n", inet_ntoa(((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr));
-    printk("***Addr ");
-    for (i=0; i<14; ++i) {
-      printk("%02x.", (ifr.ifr_ifru.ifru_addr.sa_data[i]) & 0xff);
-    }
-    printk("\n");
-    ifr.ifr_ifru.ifru_addr.sa_data[5] = (char)(current->hp_node & 0xff);
-    printk("new 5th : %02x.\n", (ifr.ifr_ifru.ifru_addr.sa_data[5]));
-
-    if (copy_to_user((struct ifreq __user *)arg, &ifr, sizeof(ifr))) {
-      return -EFAULT;
-    }
-
-  } else {
-    //    printk("***ioctl for fd: %d cmd %d\n", fd, cmd);
-  }
-
-  return ret;
-}
-
-
-
-asmlinkage long sys_unlink_wrapper(char *path)
-{
-  long ret;
-  char *new_path;
-
-  if (current->hp_node <= 0) {
-    return original_sys_unlink(path);
-  }
-
-  new_path = replace_path_if_necessary(path);
-  if (new_path == NULL) {
-    return original_sys_unlink(path);
-  }
-  printk("*** unlinking file %s by %d on %ld %s: \n", path, current->pid,
-         current->hp_node, current->comm);
-
-
-  ret = original_sys_unlink(new_path);
-  printk("*** ret: %ld\n", ret);
-  restore_path(path);
-  return ret;
-}
-
-
-asmlinkage int sys_chdir_wrapper(/* const */ char *path)
-{
-  int ret;
-  char *new_path;
-
-  if (current->hp_node <= 0) {
-    /*
-      When the current process is not our target
-    */
-    return original_sys_chdir(path);
-  }
-  new_path = replace_path_if_necessary(path);
-  if (new_path == NULL) {
-    return original_sys_chdir(path);
-  }
-  /* 
-   * Call the original sys_open - otherwise, we lose
-   * the ability to open files 
-   */
-  ret = original_sys_chdir(new_path);
-  restore_path(path);
-  return ret;
-}
-
-
-
-asmlinkage int sys_open_wrapper(/* const */ char *path, int flags, int mode)
-{
-  int ret;
-  char *new_path;
-  if (current->hp_node <= 0) {
-    return original_sys_open(path, flags, mode);
-  }
-  /*
-  printk("*** Opened file by %d on %d %s: %s\n", current->pid,
-         current->hp_node, current->comm, path);
-  */
-  new_path = replace_path_if_necessary(path);
-  if (new_path == NULL) {
-    return original_sys_open(path, flags, mode);
-  }
-  /* 
-   * Call the original sys_open - otherwise, we lose
-   * the ability to open files 
-   */
-  ret = original_sys_open(new_path, flags, mode);
-  restore_path(path);
-  return ret;
-}
-
-asmlinkage long sys_lstat64_wrapper(char *path, struct stat64 *buf)
-{
-  long ret;
-  char *new_path;
-  if (current->hp_node <= 0) {
-    return original_sys_lstat64(path, buf);
-  }
-
-  printk("*** Lstat64ed file %s by %d on %ld %s: \n", path, current->pid,
-         current->hp_node, current->comm);
-
-  new_path = replace_path_if_necessary(path);
-  if (new_path == NULL) {
-    return original_sys_lstat64(path, buf);
-  }
-  ret = original_sys_lstat64(new_path, buf);
-  printk("*** replaced: %s\n", new_path);
-  printk("*** return val: %ld\n", ret);
-  restore_path(path);
-  return ret;
-}
-
-asmlinkage long sys_stat_wrapper(char *path, struct __old_kernel_stat *buf)
-{
-  long ret;
-  char *new_path;
-  if (current->hp_node <= 0) {
-    return original_sys_stat(path, buf);
-  }
-
-  printk("*** Stated file %s by %d on %ld %s: \n", path, current->pid,
-         current->hp_node, current->comm);
-
-  new_path = replace_path_if_necessary(path);
-  if (new_path == NULL) {
-    return original_sys_stat(path, buf);
-  }
-  ret = original_sys_stat(new_path, buf);
-  restore_path(path);
-  return ret;
-}
-
-asmlinkage long sys_stat64_wrapper(char *path, struct stat64 *buf)
-{
-  long ret;
-  char *new_path;
-  if (current->hp_node <= 0) {
-    return original_sys_stat64(path, buf);
-  }
-
-  printk("*** Stat64ed file %s by %d on %ld %s: \n", path, current->pid,
-         current->hp_node, current->comm);
-
-  new_path = replace_path_if_necessary(path);
-  if (new_path == NULL) {
-    return original_sys_stat64(path, buf);
-  }
-  ret = original_sys_stat64(new_path, buf);
-  restore_path(path);
-  return ret;
-}
-
 /*
   Create functions that replaces sys_call_table entries.
  */

secfs/Makefile

@@ -0,0 +1,17 @@
+TARGET=secfs
+obj-m += $(TARGET).o
+
+all:
+	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
+
+clean:
+	make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean
+
+check-syntax:
+	LANG=C make -C /lib/modules/$(shell uname -r)/build M=/home/suzuki/kernel-study/$(TARGET) modules
+
+install:
+	sudo insmod $(TARGET).ko
+
+uninstall:
+	sudo rmmod $(TARGET)

secfs/secfs.c

@@ -0,0 +1,41 @@
+/*
+ * Security file system.
+ *
+ */
+
+
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/proc_fs.h>
+#include <linux/security.h>
+#include <linux/seq_file.h>
+#include <asm/uaccess.h>
+
+
+#define DIR_NAME "hp"
+
+MODULE_AUTHOR("SUZUKI Tomohiro");
+MODULE_LICENSE("GPL");
+
+struct dentry * hp_dir_entry;
+
+int init_module(void)
+{
+  hp_dir_entry = securityfs_create_dir(DIR_NAME, NULL);
+  if (!hp_dir_entry) {
+    printk(KERN_ALERT "failed securityfs_create_dir.\n");
+  }
+  if ((int)hp_dir_entry == -ENODEV) {
+    printk(KERN_ALERT "securityfs is not enabled in this machine.\n");
+    hp_dir_entry = NULL;
+  }
+  return 0;
+}
+
+void cleanup_module(void)
+{
+  if (hp_dir_entry) {
+    securityfs_remove(hp_dir_entry);
+  }
+}
+