You can subscribe to this list here.
2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(47) |
Sep
(274) |
Oct
(119) |
Nov
(55) |
Dec
(107) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2002 |
Jan
(36) |
Feb
(90) |
Mar
(24) |
Apr
(4) |
May
(74) |
Jun
(190) |
Jul
(250) |
Aug
(134) |
Sep
(317) |
Oct
(4) |
Nov
(74) |
Dec
(76) |
2003 |
Jan
(156) |
Feb
(88) |
Mar
|
Apr
|
May
|
Jun
(3) |
Jul
(1) |
Aug
(23) |
Sep
(12) |
Oct
(38) |
Nov
(38) |
Dec
|
2004 |
Jan
(82) |
Feb
(431) |
Mar
(49) |
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Muli Ben-Y. <mu...@us...> - 2004-04-17 13:22:20
|
Update of /cvsroot/syscalltrack/syscalltrack/module In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27228/module Modified Files: .cvsignore Log Message: Patch from Baruch Even <ba...@ev...> * sctrace/main.cpp: handling EINTR error code around blocking code (read and waitpid), closing file handles that are only used to synchronize the parent and son processes, Remove rules from SCT in various error situations. Index: .cvsignore =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/.cvsignore,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- .cvsignore 19 Feb 2004 16:52:39 -0000 1.4 +++ .cvsignore 17 Apr 2004 13:22:11 -0000 1.5 @@ -4,3 +4,4 @@ sct_unload syscall_hijack_autogen.c syscall_tracker_autogen.c +.autogen |
From: Muli Ben-Y. <mu...@us...> - 2004-04-17 13:22:20
|
Update of /cvsroot/syscalltrack/syscalltrack/sctrace In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27228/sctrace Modified Files: main.cpp Log Message: Patch from Baruch Even <ba...@ev...> * sctrace/main.cpp: handling EINTR error code around blocking code (read and waitpid), closing file handles that are only used to synchronize the parent and son processes, Remove rules from SCT in various error situations. Index: main.cpp =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/sctrace/main.cpp,v retrieving revision 1.19 retrieving revision 1.20 diff -u -d -r1.19 -r1.20 --- main.cpp 22 Feb 2004 13:43:13 -0000 1.19 +++ main.cpp 17 Apr 2004 13:22:11 -0000 1.20 @@ -2,7 +2,7 @@ /* user space utilities for logging or modifying any system call */ /* invocation. */ /* */ -/* Copyright (C) 2000-2003 Muli Ben-Yehuda, mu...@mu... */ +/* Copyright (C) 2000-2004 Muli Ben-Yehuda, mu...@mu... */ /* License: GNU General Public License */ /* @@ -245,15 +245,19 @@ static void exec_son(int readfd, char* exec, char** argv) { char dummy; - /* wait on the pipe for papa to tell us to go on */ - int rc = read(readfd, &dummy, sizeof(char)); - if (rc != sizeof(char)) { - if (rc < 0) + /* wait on the pipe for papa to tell us to go on */ + int rc; + while ((rc = read(readfd, &dummy, sizeof(char))) != sizeof(char)) + { + if (rc == -1 && errno == EINTR) + continue; + else if (rc == -1) perror("read"); else fprintf(stderr, "got EOF from the pipe?!\n"); exit(EXIT_FAILURE); } + close(readfd); logger::log(logger::LOG_LEVEL_DEBUG, "executing...\n"); execv(exec, argv); @@ -268,19 +272,24 @@ bool follow_forks, id_list& ids) { load_rules(ctrl, son, follow_forks, ids); - + // Let the son get on with its work, we now know that all syscalls to its + // pid will be caught. int rc = write(writefd, "go!", sizeof("go!")); if (rc < 0) { perror("write"); + remove_rules(ctrl, ids); exit(EXIT_FAILURE); } + close(writefd); + int status; - while ((rc = waitpid(son, &status, 0)) != -1) { + while ((rc = waitpid(son, &status, 0)) != -1 || errno == EINTR) { if (WIFEXITED(status) || WIFSIGNALED(status)) break; } if (rc == -1) { perror("waitpid"); + remove_rules(ctrl, ids); exit (EXIT_FAILURE); } remove_rules(ctrl, ids); @@ -370,18 +379,20 @@ load_rules(ctrl, pid, follow_forks, ids); - while (1) { - if (!(rc = kill(pid, 0))) { - sleep(1); - continue; - } - break; + /* This is somewhat racy..., a cleaner solution would be to use + * syscalltrack to track whatever syscall is done when the program exits + * finally (assuming there is such a thing) and then disconnect when this + * syscall is done. + */ + while ((rc = kill(pid, 0)) == 0) { + sleep(1); } assert(rc == -1); if (errno != ESRCH) { logger::log(logger::LOG_LEVEL_ERROR, "uh oh, sctrace_pid: kill " "returned with error %s\n", strerror(errno)); + remove_rules(ctrl, ids); exit(EXIT_FAILURE); } remove_rules(ctrl, ids); @@ -460,7 +471,11 @@ if (pid) sctrace_pid(sct_ctrl, pid, follow_forks, ids); - else + else { sctrace_executable(sct_ctrl, argv[cmd_index], follow_forks, argv + cmd_index, argc - cmd_index, ids); + } + + sct_ctrl_cleanup(sct_ctrl); + return 0; } |
From: Muli Ben-Y. <mu...@us...> - 2004-04-17 13:22:20
|
Update of /cvsroot/syscalltrack/syscalltrack In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv27228 Modified Files: .cvsignore ChangeLog Log Message: Patch from Baruch Even <ba...@ev...> * sctrace/main.cpp: handling EINTR error code around blocking code (read and waitpid), closing file handles that are only used to synchronize the parent and son processes, Remove rules from SCT in various error situations. Index: .cvsignore =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/.cvsignore,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- .cvsignore 22 Feb 2004 13:42:41 -0000 1.6 +++ .cvsignore 17 Apr 2004 13:22:02 -0000 1.7 @@ -15,3 +15,4 @@ .deps notes DESIGN +aclocal.m4 Index: ChangeLog =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/ChangeLog,v retrieving revision 1.514 retrieving revision 1.515 diff -u -d -r1.514 -r1.515 --- ChangeLog 11 Mar 2004 13:47:09 -0000 1.514 +++ ChangeLog 17 Apr 2004 13:22:02 -0000 1.515 @@ -1,3 +1,12 @@ +2004-04-17 16:16:17 Muli Ben-Yehuda <mu...@mu...> + + Patch from Baruch Even <ba...@ev...> + + * sctrace/main.cpp: handling EINTR error code around blocking code + (read and waitpid), closing file handles that are only used to + synchronize the parent and son processes, Remove rules from SCT in + various error situations. + 2004-03-11 Amir S. <am...@bo...> * module/rules/freebsd5/log_dev.c: (init_log_dev_file): |
From: Amir S. <am...@us...> - 2004-03-11 14:13:55
|
Update of /cvsroot/syscalltrack/syscalltrack In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25953 Modified Files: ChangeLog Log Message: * module/rules/freebsd5/log_dev.c: (init_log_dev_file): Use clone_setup() function rather than rely on lazy initialization. Index: ChangeLog =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/ChangeLog,v retrieving revision 1.513 retrieving revision 1.514 diff -u -d -r1.513 -r1.514 --- ChangeLog 4 Mar 2004 08:38:41 -0000 1.513 +++ ChangeLog 11 Mar 2004 13:47:09 -0000 1.514 @@ -1,3 +1,8 @@ +2004-03-11 Amir S. <am...@bo...> + + * module/rules/freebsd5/log_dev.c: (init_log_dev_file): + Use clone_setup() function rather than rely on lazy initialization. + 2004-03-04 Amir S. <am...@bo...> * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): |
From: Amir S. <am...@us...> - 2004-03-11 14:13:55
|
Update of /cvsroot/syscalltrack/syscalltrack/module/rules/freebsd5 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25953/module/rules/freebsd5 Modified Files: log_dev.c Log Message: * module/rules/freebsd5/log_dev.c: (init_log_dev_file): Use clone_setup() function rather than rely on lazy initialization. Index: log_dev.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/rules/freebsd5/log_dev.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- log_dev.c 25 Feb 2004 09:38:06 -0000 1.6 +++ log_dev.c 11 Mar 2004 13:47:10 -0000 1.7 @@ -122,7 +122,9 @@ ldev = *pdev = &log_dev; -#if (__FreeBSD_version <= 502102) +#if (__FreeBSD_version > 502102) + clone_setup(&logclones); +#else basedev = NOUDEV; #endif |
From: Amir S. <am...@us...> - 2004-03-04 08:59:55
|
Update of /cvsroot/syscalltrack/syscalltrack In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17417 Modified Files: ChangeLog Log Message: * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): check, and set owner, only if tracker_top_table[0].de isn't null, because even if register_sysctl_table() it doesn't procfs registeration worked. * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise Index: ChangeLog =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/ChangeLog,v retrieving revision 1.512 retrieving revision 1.513 diff -u -d -r1.512 -r1.513 --- ChangeLog 3 Mar 2004 20:40:22 -0000 1.512 +++ ChangeLog 4 Mar 2004 08:38:41 -0000 1.513 @@ -1,3 +1,12 @@ +2004-03-04 Amir S. <am...@bo...> + + * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): + check, and set owner, only if tracker_top_table[0].de isn't null, + because even if register_sysctl_table() it doesn't procfs + registeration worked. + * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): + likewise + 2004-03-03 Amir S. <am...@bo...> Make procfs sysctls (/proc/sys/*) safe when module tries to unload, |
From: Amir S. <am...@us...> - 2004-03-04 08:59:55
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17417/module/hijack/linux Modified Files: hijack_sysctl.c Log Message: * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): check, and set owner, only if tracker_top_table[0].de isn't null, because even if register_sysctl_table() it doesn't procfs registeration worked. * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise Index: hijack_sysctl.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/hijack_sysctl.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- hijack_sysctl.c 3 Mar 2004 20:40:23 -0000 1.6 +++ hijack_sysctl.c 4 Mar 2004 08:38:50 -0000 1.7 @@ -64,10 +64,13 @@ #if defined(KERNEL_24) || defined(KERNEL_26) if (hijack_sysctl_header) { - hijack_top_table[0].de->owner = THIS_MODULE; + if (hijack_top_table[0].de) + hijack_top_table[0].de->owner = THIS_MODULE; #ifdef SCT_MODULE_DEBUG - hijack_table[0].de->owner = THIS_MODULE; - hijack_table[1].de->owner = THIS_MODULE; + if (hijack_table[0].de) + hijack_table[0].de->owner = THIS_MODULE; + if (hijack_table[1].de) + hijack_table[1].de->owner = THIS_MODULE; #endif } #endif |
From: Amir S. <am...@us...> - 2004-03-04 08:59:53
|
Update of /cvsroot/syscalltrack/syscalltrack/module/rules/linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17417/module/rules/linux Modified Files: tracker_sysctl.c Log Message: * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): check, and set owner, only if tracker_top_table[0].de isn't null, because even if register_sysctl_table() it doesn't procfs registeration worked. * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise Index: tracker_sysctl.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/rules/linux/tracker_sysctl.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- tracker_sysctl.c 3 Mar 2004 20:40:23 -0000 1.7 +++ tracker_sysctl.c 4 Mar 2004 08:38:50 -0000 1.8 @@ -108,9 +108,11 @@ #if defined(KERNEL_24) || defined(KERNEL_26) if (tracker_sysctl_header) { - tracker_top_table[0].de->owner = THIS_MODULE; + if (tracker_top_table[0].de) + tracker_top_table[0].de->owner = THIS_MODULE; #ifdef SCT_MODULE_DEBUG - tracker_table[0].de->owner = THIS_MODULE; + if (tracker_table[0].de) + tracker_table[0].de->owner = THIS_MODULE; #endif } #endif |
From: Amir S. <am...@us...> - 2004-03-03 21:01:06
|
Update of /cvsroot/syscalltrack/syscalltrack In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14270 Modified Files: ChangeLog Log Message: Make procfs sysctls (/proc/sys/*) safe when module tries to unload, under Linux 2.4 and 2.6 * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): remove mod use count handling from here. * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): set the proc fs owner variable * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise, and move 'debug' at the beginning of the table Index: ChangeLog =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/ChangeLog,v retrieving revision 1.511 retrieving revision 1.512 diff -u -d -r1.511 -r1.512 --- ChangeLog 1 Mar 2004 12:53:19 -0000 1.511 +++ ChangeLog 3 Mar 2004 20:40:22 -0000 1.512 @@ -1,3 +1,15 @@ +2004-03-03 Amir S. <am...@bo...> + + Make procfs sysctls (/proc/sys/*) safe when module tries to unload, + under Linux 2.4 and 2.6 + + * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): + remove mod use count handling from here. + * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): + set the proc fs owner variable + * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): + likewise, and move 'debug' at the beginning of the table + 2004-03-01 Amir S. <am...@bo...> Make sct_inc_use_count() return 1 if use count increase worked. |
From: Amir S. <am...@us...> - 2004-03-03 21:01:05
|
Update of /cvsroot/syscalltrack/syscalltrack/module/rules/linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14270/module/rules/linux Modified Files: tracker_sysctl.c Log Message: Make procfs sysctls (/proc/sys/*) safe when module tries to unload, under Linux 2.4 and 2.6 * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): remove mod use count handling from here. * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): set the proc fs owner variable * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise, and move 'debug' at the beginning of the table Index: tracker_sysctl.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/rules/linux/tracker_sysctl.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- tracker_sysctl.c 23 Feb 2004 23:37:10 -0000 1.6 +++ tracker_sysctl.c 3 Mar 2004 20:40:23 -0000 1.7 @@ -14,6 +14,7 @@ #include <linux/errno.h> #include <linux/types.h> #include <linux/fs.h> +#include <linux/proc_fs.h> #include <linux/sysctl.h> #include <asm/semaphore.h> #include <asm/uaccess.h> @@ -68,6 +69,10 @@ static ctl_table tracker_table[] = { +#ifdef SCT_MODULE_DEBUG + {CTL_TRACKER_DEBUG, "debug", &debug_level, sizeof(unsigned long), + 0600, NULL, &proc_doulongvec_minmax}, +#endif {CTL_TRACKER_CMD_ADD_RULE, NULL, NULL, 1024, 0600, NULL, NULL, &linux_sctrules_sysctl_from_user}, {CTL_TRACKER_CMD_DEL_RULE, NULL, NULL, 1024, @@ -86,10 +91,6 @@ 0600, NULL, NULL, &linux_sctrules_sysctl_to_user}, {CTL_TRACKER_CMD_GET_ALL_RULE_COUNT, NULL, NULL, 1024, 0600, NULL, NULL, &linux_sctrules_sysctl_to_user}, -#ifdef SCT_MODULE_DEBUG - {CTL_TRACKER_DEBUG, "debug", &debug_level, sizeof(unsigned long), - 0600, NULL, &proc_doulongvec_minmax}, -#endif {0} }; @@ -104,6 +105,16 @@ { tracker_sysctl_header = register_sysctl_table(tracker_top_table, 0); +#if defined(KERNEL_24) || defined(KERNEL_26) + if (tracker_sysctl_header) + { + tracker_top_table[0].de->owner = THIS_MODULE; +#ifdef SCT_MODULE_DEBUG + tracker_table[0].de->owner = THIS_MODULE; +#endif + } +#endif + return (tracker_sysctl_header != NULL); } |
From: Amir S. <am...@us...> - 2004-03-03 21:01:04
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/common In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14270/module/hijack/common Modified Files: syscalls_list.c Log Message: Make procfs sysctls (/proc/sys/*) safe when module tries to unload, under Linux 2.4 and 2.6 * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): remove mod use count handling from here. * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): set the proc fs owner variable * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise, and move 'debug' at the beginning of the table Index: syscalls_list.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/common/syscalls_list.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- syscalls_list.c 1 Mar 2004 12:53:20 -0000 1.7 +++ syscalls_list.c 3 Mar 2004 20:40:23 -0000 1.8 @@ -36,13 +36,6 @@ len = lenp ? *lenp : 0; - /* protect us from premature unloading */ - if (sct_inc_use_count() == 0) { - PPRINT(KERN_NOTICE "syscalls_list: couldn't lock" - "my self.\n"); - return -ENOENT; - } - for (i = 0; i < MAXSYSCALL && rc == 0 && (!lenp || len); ++i) { hdata = &hijack_data[i]; @@ -86,8 +79,6 @@ if (rc == 0 && lenp) *lenp -= len; - sct_dec_use_count(); - return rc; } |
From: Amir S. <am...@us...> - 2004-03-03 21:01:03
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14270/module/hijack/linux Modified Files: hijack_sysctl.c Log Message: Make procfs sysctls (/proc/sys/*) safe when module tries to unload, under Linux 2.4 and 2.6 * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): remove mod use count handling from here. * module/hijack/linux/hijack_sysctl.c: (scthijack_sysctl_init): set the proc fs owner variable * module/rules/linux/tracker_sysctl.c: (sctrules_sysctl_init): likewise, and move 'debug' at the beginning of the table Index: hijack_sysctl.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/hijack_sysctl.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- hijack_sysctl.c 27 Feb 2004 09:52:38 -0000 1.5 +++ hijack_sysctl.c 3 Mar 2004 20:40:23 -0000 1.6 @@ -12,6 +12,7 @@ #include <linux/kernel.h> #include <linux/types.h> #include <linux/fs.h> /* for struct file */ +#include <linux/proc_fs.h> #include <linux/sysctl.h> #include "common/module_interface.h" @@ -60,6 +61,17 @@ { hijack_sysctl_header = register_sysctl_table(hijack_top_table, 0); +#if defined(KERNEL_24) || defined(KERNEL_26) + if (hijack_sysctl_header) + { + hijack_top_table[0].de->owner = THIS_MODULE; +#ifdef SCT_MODULE_DEBUG + hijack_table[0].de->owner = THIS_MODULE; + hijack_table[1].de->owner = THIS_MODULE; +#endif + } +#endif + return (hijack_sysctl_header != NULL); } |
From: Amir S. <am...@us...> - 2004-03-01 13:18:02
|
Update of /cvsroot/syscalltrack/syscalltrack/module/include/arch-linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29443 Modified Files: linux26.h Log Message: forgot to switch to (int) now that sct_inc_use_count() return value. Index: linux26.h =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/include/arch-linux/linux26.h,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- linux26.h 1 Mar 2004 12:53:21 -0000 1.7 +++ linux26.h 1 Mar 2004 12:59:10 -0000 1.8 @@ -22,7 +22,7 @@ /* nothing */ } -static inline void sct_inc_use_count(void) { +static inline int sct_inc_use_count(void) { return try_module_get(THIS_MODULE); } |
From: Amir S. <am...@us...> - 2004-03-01 13:12:20
|
Update of /cvsroot/syscalltrack/syscalltrack In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28270 Modified Files: ChangeLog Log Message: Make sct_inc_use_count() return 1 if use count increase worked. * module/hijack/common/syscall_hijack_common.c: (hijack_syscall), (init_syscall_hijack): obey sct_inc_use_count() return value, and show up message if it failed. * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): likewise * module/rules/common/update_rules_common.c: (tracker_add_rule): likewise * module/include/arch-bsd/usecount.h: return 1 always * module/include/arch-linux/linux22.h: likewise * module/include/arch-linux/linux24.h: likewise * module/include/arch-linux/linux26.h: return try_module_get() value Index: ChangeLog =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/ChangeLog,v retrieving revision 1.510 retrieving revision 1.511 diff -u -d -r1.510 -r1.511 --- ChangeLog 1 Mar 2004 12:20:17 -0000 1.510 +++ ChangeLog 1 Mar 2004 12:53:19 -0000 1.511 @@ -1,5 +1,21 @@ 2004-03-01 Amir S. <am...@bo...> + Make sct_inc_use_count() return 1 if use count increase worked. + + * module/hijack/common/syscall_hijack_common.c: (hijack_syscall), + (init_syscall_hijack): obey sct_inc_use_count() return value, + and show up message if it failed. + * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): + likewise + * module/rules/common/update_rules_common.c: (tracker_add_rule): + likewise + * module/include/arch-bsd/usecount.h: return 1 always + * module/include/arch-linux/linux22.h: likewise + * module/include/arch-linux/linux24.h: likewise + * module/include/arch-linux/linux26.h: return try_module_get() value + +2004-03-01 Amir S. <am...@bo...> + Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. |
From: Amir S. <am...@us...> - 2004-03-01 13:12:20
|
Update of /cvsroot/syscalltrack/syscalltrack/module/rules/common In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28270/module/rules/common Modified Files: update_rules_common.c Log Message: Make sct_inc_use_count() return 1 if use count increase worked. * module/hijack/common/syscall_hijack_common.c: (hijack_syscall), (init_syscall_hijack): obey sct_inc_use_count() return value, and show up message if it failed. * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): likewise * module/rules/common/update_rules_common.c: (tracker_add_rule): likewise * module/include/arch-bsd/usecount.h: return 1 always * module/include/arch-linux/linux22.h: likewise * module/include/arch-linux/linux24.h: likewise * module/include/arch-linux/linux26.h: return try_module_get() value Index: update_rules_common.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/rules/common/update_rules_common.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- update_rules_common.c 23 Feb 2004 15:25:09 -0000 1.6 +++ update_rules_common.c 1 Mar 2004 12:53:21 -0000 1.7 @@ -163,6 +163,13 @@ goto err_add_rule_no_rule_list; } + if (sct_inc_use_count() == 0) { + PPRINT(KERN_NOTICE "tracker_add_rule: %d: couldn't lock" + "my self.\n", syscall_id); + retval = -ENOENT; + goto err_add_rule_use_count; + } + rc = sct_add_tracking_rule(p_rules, rule_id, f, a); if (rc < 0) { PPRINT(KERN_NOTICE "add tracking_rule returned '%d'\n", rc); @@ -170,8 +177,6 @@ goto err_add_rule_add_rule; } - sct_inc_use_count(); - if (!syscall_is_hijacked(syscall_id)) { PPRINT(KERN_WARNING "after adding the rule (returned %d), " "syscall_is_hijacked() == %d, before %d, after %d, " @@ -218,6 +223,9 @@ err_add_rule_hijack: err_add_rule_add_rule: + if (retval < 0) + sct_dec_use_count(); + err_add_rule_use_count: err_add_rule_no_rule_list: sct_unlock(&tracker_lock); err_add_rule_lock: |
From: Amir S. <am...@us...> - 2004-03-01 13:12:13
|
Update of /cvsroot/syscalltrack/syscalltrack/module/include/arch-bsd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28270/module/include/arch-bsd Modified Files: usecount.h Log Message: Make sct_inc_use_count() return 1 if use count increase worked. * module/hijack/common/syscall_hijack_common.c: (hijack_syscall), (init_syscall_hijack): obey sct_inc_use_count() return value, and show up message if it failed. * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): likewise * module/rules/common/update_rules_common.c: (tracker_add_rule): likewise * module/include/arch-bsd/usecount.h: return 1 always * module/include/arch-linux/linux22.h: likewise * module/include/arch-linux/linux24.h: likewise * module/include/arch-linux/linux26.h: return try_module_get() value Index: usecount.h =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/include/arch-bsd/usecount.h,v retrieving revision 1.3 retrieving revision 1.4 diff -u -d -r1.3 -r1.4 --- usecount.h 1 Mar 2004 11:15:14 -0000 1.3 +++ usecount.h 1 Mar 2004 12:53:20 -0000 1.4 @@ -18,17 +18,18 @@ static inline void sct_init_use_count(void) { - sct_atomic_set(&mod_use_count, 0); + sct_atomic_set(&mod_use_count, 0); } -static inline void sct_inc_use_count(void) +static inline int sct_inc_use_count(void) { - sct_atomic_inc(&mod_use_count); + sct_atomic_inc(&mod_use_count); + return 1; } static inline void sct_dec_use_count(void) { - sct_atomic_dec(&mod_use_count); + sct_atomic_dec(&mod_use_count); } static inline int sct_lock_module(void *data) { |
From: Amir S. <am...@us...> - 2004-03-01 13:12:13
|
Update of /cvsroot/syscalltrack/syscalltrack/module/include/arch-linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28270/module/include/arch-linux Modified Files: linux22.h linux24.h linux26.h Log Message: Make sct_inc_use_count() return 1 if use count increase worked. * module/hijack/common/syscall_hijack_common.c: (hijack_syscall), (init_syscall_hijack): obey sct_inc_use_count() return value, and show up message if it failed. * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): likewise * module/rules/common/update_rules_common.c: (tracker_add_rule): likewise * module/include/arch-bsd/usecount.h: return 1 always * module/include/arch-linux/linux22.h: likewise * module/include/arch-linux/linux24.h: likewise * module/include/arch-linux/linux26.h: return try_module_get() value Index: linux22.h =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/include/arch-linux/linux22.h,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- linux22.h 1 Mar 2004 11:15:15 -0000 1.9 +++ linux22.h 1 Mar 2004 12:53:21 -0000 1.10 @@ -47,8 +47,9 @@ /* nothing */ } -static inline void sct_inc_use_count(void) { +static inline int sct_inc_use_count(void) { MOD_INC_USE_COUNT; + return 1; } static inline void sct_dec_use_count(void) { Index: linux24.h =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/include/arch-linux/linux24.h,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- linux24.h 1 Mar 2004 11:15:15 -0000 1.7 +++ linux24.h 1 Mar 2004 12:53:21 -0000 1.8 @@ -26,8 +26,9 @@ /* nothing */ } -static inline void sct_inc_use_count(void) { +static inline int sct_inc_use_count(void) { MOD_INC_USE_COUNT; + return 1; } static inline void sct_dec_use_count(void) { Index: linux26.h =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/include/arch-linux/linux26.h,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- linux26.h 1 Mar 2004 11:15:15 -0000 1.6 +++ linux26.h 1 Mar 2004 12:53:21 -0000 1.7 @@ -23,8 +23,7 @@ } static inline void sct_inc_use_count(void) { - /* XXX - is it safe to ignore the return value in here ? */ - (void)try_module_get(THIS_MODULE); + return try_module_get(THIS_MODULE); } static inline void sct_dec_use_count(void) { |
From: Amir S. <am...@us...> - 2004-03-01 13:12:13
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/common In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv28270/module/hijack/common Modified Files: syscall_hijack_common.c syscalls_list.c Log Message: Make sct_inc_use_count() return 1 if use count increase worked. * module/hijack/common/syscall_hijack_common.c: (hijack_syscall), (init_syscall_hijack): obey sct_inc_use_count() return value, and show up message if it failed. * module/hijack/common/syscalls_list.c: (scthijack_syscalls_list): likewise * module/rules/common/update_rules_common.c: (tracker_add_rule): likewise * module/include/arch-bsd/usecount.h: return 1 always * module/include/arch-linux/linux22.h: likewise * module/include/arch-linux/linux24.h: likewise * module/include/arch-linux/linux26.h: return try_module_get() value Index: syscall_hijack_common.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/common/syscall_hijack_common.c,v retrieving revision 1.13 retrieving revision 1.14 diff -u -d -r1.13 -r1.14 --- syscall_hijack_common.c 1 Mar 2004 12:04:32 -0000 1.13 +++ syscall_hijack_common.c 1 Mar 2004 12:53:20 -0000 1.14 @@ -109,7 +109,12 @@ /* we didn't DEC the use count of the module, and thus */ /* shouldn't INC it now. */ if (!defered_flag) { - sct_inc_use_count(); + if (sct_inc_use_count() == 0) { + PPRINT(KERN_NOTICE "hijack_syscall: %d: couldn't lock" + "my self.\n", syscall_id); + retval = -ENOENT; + goto hijack_syscall_release_lock; + } } /* put into the hijacking functions table the user */ @@ -247,8 +252,9 @@ scthijack_sysctl_init(); /* only allow unloading this module if the user explicitly said so */ - if (!allow_unloading) - sct_inc_use_count(); + if (!allow_unloading && sct_inc_use_count() == 0) + PPRINT(KERN_NOTICE "init_hijack: couldn't lock" + "my self.\n"); } void clean_syscall_hijack(void) Index: syscalls_list.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/common/syscalls_list.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- syscalls_list.c 1 Mar 2004 11:03:41 -0000 1.6 +++ syscalls_list.c 1 Mar 2004 12:53:20 -0000 1.7 @@ -37,7 +37,11 @@ len = lenp ? *lenp : 0; /* protect us from premature unloading */ - sct_inc_use_count(); + if (sct_inc_use_count() == 0) { + PPRINT(KERN_NOTICE "syscalls_list: couldn't lock" + "my self.\n"); + return -ENOENT; + } for (i = 0; i < MAXSYSCALL && rc == 0 && (!lenp || len); ++i) { |
From: Amir S. <am...@us...> - 2004-03-01 12:39:13
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/x86 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22897/module/hijack/linux/x86 Modified Files: special_arch_hijack.c Log Message: Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): * module/hijack/linux/special_hijack.c: (stub_syscall_exit), (stub_syscall_bdflush): * module/hijack/linux/um/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/linux/x86/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): Index: special_arch_hijack.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/x86/special_arch_hijack.c,v retrieving revision 1.9 retrieving revision 1.10 diff -u -d -r1.9 -r1.10 --- special_arch_hijack.c 1 Mar 2004 09:09:38 -0000 1.9 +++ special_arch_hijack.c 1 Mar 2004 12:20:17 -0000 1.10 @@ -52,17 +52,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_fork)hdata->before_tracker_func; orig_syscall_func = (stub_func_fork)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (*before_func)( &fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_fork)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)( &fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -70,14 +76,15 @@ ? (*orig_syscall_func)(regs) : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_fork)hdata->after_tracker_func; - sct_unlock(&hdata->lock); - - if (after_func) - (*after_func)(orig_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_fork)hdata->after_tracker_func; + sct_unlock(&hdata->lock); + + if (after_func) + (*after_func)(orig_syscall_retval); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); @@ -135,18 +142,24 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_execve)hdata->before_tracker_func; orig_syscall_func = (stub_func_execve)hdata->orig_syscall; sct_unlock(&hdata->lock); - scthijack_unlock_caller(); - retval = (before_func - ? (*before_func)((char*)regs.ebx, (char**)regs.ecx, - (char**)regs.edx, &fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_execve)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)((char*)regs.ebx, (char**)regs.ecx, + (char**)regs.edx, &fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -170,25 +183,26 @@ putname(filename); orig_syscall_retval = error; - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_execve)hdata->after_tracker_func; - sct_unlock(&hdata->lock); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_execve)hdata->after_tracker_func; + sct_unlock(&hdata->lock); - if (after_func) { + if (after_func) { #if 0 - /* we have a problem here. 'filename' was originally in the OLD process */ - /* address space, which the original execve syscall obliterated. */ - /* it is not found in the new process address space, so it must be */ - /* passed as a kernel space value which we save - but the tracking */ - /* code firmly expects a user space ptr. therefore, disable it for now. */ - (*after_func)(orig_syscall_retval, (char*)regs.ebx, - (char**)regs.ecx, (char**)regs.edx); + /* we have a problem here. 'filename' was originally in the OLD process */ + /* address space, which the original execve syscall obliterated. */ + /* it is not found in the new process address space, so it must be */ + /* passed as a kernel space value which we save - but the tracking */ + /* code firmly expects a user space ptr. therefore, disable it for now. */ + (*after_func)(orig_syscall_retval, (char*)regs.ebx, + (char**)regs.ecx, (char**)regs.edx); #endif - PPRINT(KERN_NOTICE "sorry, after hooks for execve for i386 " - "not implemented yet\n"); + PPRINT(KERN_NOTICE "sorry, after hooks for execve for i386 " + "not implemented yet\n"); + } + scthijack_unlock_caller(); } - scthijack_unlock_caller(); } sct_lock(&hdata->lock); @@ -245,17 +259,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_vfork)hdata->before_tracker_func; orig_syscall_func = (stub_func_vfork)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (*before_func)(&fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_vfork)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)(&fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -263,14 +283,15 @@ ? (*orig_syscall_func)(regs) : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_vfork)hdata->after_tracker_func; - sct_unlock(&hdata->lock); - - if (after_func) - (*after_func)(orig_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_vfork)hdata->after_tracker_func; + sct_unlock(&hdata->lock); + + if (after_func) + (*after_func)(orig_syscall_retval); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); |
From: Amir S. <am...@us...> - 2004-03-01 12:39:12
|
Update of /cvsroot/syscalltrack/syscalltrack In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22897 Modified Files: ChangeLog Log Message: Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): * module/hijack/linux/special_hijack.c: (stub_syscall_exit), (stub_syscall_bdflush): * module/hijack/linux/um/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/linux/x86/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): Index: ChangeLog =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/ChangeLog,v retrieving revision 1.509 retrieving revision 1.510 diff -u -d -r1.509 -r1.510 --- ChangeLog 1 Mar 2004 12:04:32 -0000 1.509 +++ ChangeLog 1 Mar 2004 12:20:17 -0000 1.510 @@ -1,5 +1,19 @@ 2004-03-01 Amir S. <am...@bo...> + Make special syscalls obey scthijack_lock_caller() return value, + same way the templates works. + + * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): + * module/hijack/linux/special_hijack.c: (stub_syscall_exit), + (stub_syscall_bdflush): + * module/hijack/linux/um/special_arch_hijack.c: + (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): + * module/hijack/linux/x86/special_arch_hijack.c: + (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): + * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): + +2004-03-01 Amir S. <am...@bo...> + * module/hijack/common/syscall_hijack_common.c: (scthijack_unlock_caller): when calling this function, caller should be locked already, so caller lock data must not be NULL. |
From: Amir S. <am...@us...> - 2004-03-01 12:39:12
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/linux In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22897/module/hijack/linux Modified Files: special_hijack.c Log Message: Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): * module/hijack/linux/special_hijack.c: (stub_syscall_exit), (stub_syscall_bdflush): * module/hijack/linux/um/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/linux/x86/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): Index: special_hijack.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/special_hijack.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- special_hijack.c 1 Mar 2004 09:09:37 -0000 1.5 +++ special_hijack.c 1 Mar 2004 12:20:17 -0000 1.6 @@ -41,16 +41,20 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_exit)hdata->before_tracker_func; orig_syscall_func = (stub_func_exit)hdata->orig_syscall; sct_unlock(&hdata->lock); - if (before_func) - (*before_func)(error_code, &fake_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_exit)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + if (before_func) + (*before_func)(error_code, &fake_syscall_retval); + scthijack_unlock_caller(); + } sct_lock(&hdata->lock); remove_pid_trace(pid_trace, hdata); @@ -113,17 +117,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_bdflush)hdata->before_tracker_func; orig_syscall_func = (stub_func_bdflush)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (*before_func)(func, data, &fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_bdflush)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)(func, data, &fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ /* only if (func > 0) so we know bdflush() returns. */ @@ -132,14 +142,15 @@ ? (*orig_syscall_func)(func, data) : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_bdflush)hdata->after_tracker_func; - sct_unlock(&hdata->lock); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_bdflush)hdata->after_tracker_func; + sct_unlock(&hdata->lock); - if (after_func) - (*after_func)(orig_syscall_retval, func, data); - scthijack_unlock_caller(); + if (after_func) + (*after_func)(orig_syscall_retval, func, data); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); |
From: Amir S. <am...@us...> - 2004-03-01 12:39:12
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/um In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22897/module/hijack/linux/um Modified Files: special_arch_hijack.c Log Message: Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): * module/hijack/linux/special_hijack.c: (stub_syscall_exit), (stub_syscall_bdflush): * module/hijack/linux/um/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/linux/x86/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): Index: special_arch_hijack.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/linux/um/special_arch_hijack.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- special_arch_hijack.c 1 Mar 2004 09:09:37 -0000 1.8 +++ special_arch_hijack.c 1 Mar 2004 12:20:17 -0000 1.9 @@ -52,17 +52,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_fork)hdata->before_tracker_func; orig_syscall_func = (stub_func_fork)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (*before_func)( &fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_fork)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)( &fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -70,14 +76,15 @@ ? (*orig_syscall_func)() : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_fork)hdata->after_tracker_func; - sct_unlock(&hdata->lock); - - if (after_func) - (*after_func)(orig_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_fork)hdata->after_tracker_func; + sct_unlock(&hdata->lock); + + if (after_func) + (*after_func)(orig_syscall_retval); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); @@ -135,17 +142,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_execve)hdata->before_tracker_func; orig_syscall_func = (stub_func_execve)hdata->orig_syscall; sct_unlock(&hdata->lock); - scthijack_unlock_caller(); - retval = (before_func - ? (*before_func)(file, argv, env, &fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_execve)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)(file, argv, env, &fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -153,24 +166,25 @@ ? (*orig_syscall_func)(file, argv, env) : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_execve)hdata->after_tracker_func; - sct_unlock(&hdata->lock); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_execve)hdata->after_tracker_func; + sct_unlock(&hdata->lock); - if (after_func) { + if (after_func) { #if 0 - /* we have a problem here. 'filename' was originally in the OLD process */ - /* address space, which the original execve syscall obliterated. */ - /* it is not found in the new process address space, so it must be */ - /* passed as a kernel space value which we save - but the tracking */ - /* code firmly expects a user space ptr. therefore, disable it for now. */ - (*after_func)(orig_syscall_retval, file, argv, env); + /* we have a problem here. 'filename' was originally in the OLD process */ + /* address space, which the original execve syscall obliterated. */ + /* it is not found in the new process address space, so it must be */ + /* passed as a kernel space value which we save - but the tracking */ + /* code firmly expects a user space ptr. therefore, disable it for now. */ + (*after_func)(orig_syscall_retval, file, argv, env); #endif - PPRINT(KERN_NOTICE "sorry, after hooks for execve for uml " - "not implemented yet\n"); + PPRINT(KERN_NOTICE "sorry, after hooks for execve for uml " + "not implemented yet\n"); + } + scthijack_unlock_caller(); } - scthijack_unlock_caller(); } sct_lock(&hdata->lock); @@ -227,17 +241,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_vfork)hdata->before_tracker_func; orig_syscall_func = (stub_func_vfork)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (*before_func)(&fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_vfork)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)(&fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -245,14 +265,15 @@ ? (*orig_syscall_func)() : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_vfork)hdata->after_tracker_func; - sct_unlock(&hdata->lock); - - if (after_func) - (*after_func)(orig_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_vfork)hdata->after_tracker_func; + sct_unlock(&hdata->lock); + + if (after_func) + (*after_func)(orig_syscall_retval); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); |
From: Amir S. <am...@us...> - 2004-03-01 12:39:12
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/freebsd5 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22897/module/hijack/freebsd5 Modified Files: special_hijack.c Log Message: Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): * module/hijack/linux/special_hijack.c: (stub_syscall_exit), (stub_syscall_bdflush): * module/hijack/linux/um/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/linux/x86/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): Index: special_hijack.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/freebsd5/special_hijack.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- special_hijack.c 1 Mar 2004 09:09:37 -0000 1.5 +++ special_hijack.c 1 Mar 2004 12:20:17 -0000 1.6 @@ -34,16 +34,20 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (func_ptr_before)hdata->before_tracker_func; orig_syscall_func = (sy_call_t*)hdata->orig_syscall; sct_unlock(&hdata->lock); - if (before_func) - (before_func)(uap, &fake_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (func_ptr_before)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + if (before_func) + (before_func)(uap, &fake_syscall_retval); + scthijack_unlock_caller(); + } sct_lock(&hdata->lock); remove_pid_trace(pid_trace, hdata); |
From: Amir S. <am...@us...> - 2004-03-01 12:39:08
|
Update of /cvsroot/syscalltrack/syscalltrack/module/hijack/netbsd In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22897/module/hijack/netbsd Modified Files: special_hijack.c Log Message: Make special syscalls obey scthijack_lock_caller() return value, same way the templates works. * module/hijack/freebsd5/special_hijack.c: (stub_syscall_exit): * module/hijack/linux/special_hijack.c: (stub_syscall_exit), (stub_syscall_bdflush): * module/hijack/linux/um/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/linux/x86/special_arch_hijack.c: (stub_syscall_fork), (stub_syscall_execve), (stub_syscall_vfork): * module/hijack/netbsd/special_hijack.c: (stub_syscall_exit): Index: special_hijack.c =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/hijack/netbsd/special_hijack.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- special_hijack.c 1 Mar 2004 11:03:41 -0000 1.6 +++ special_hijack.c 1 Mar 2004 12:20:18 -0000 1.7 @@ -37,16 +37,20 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (func_ptr_before)hdata->before_tracker_func; orig_syscall_func = (sy_call_t*)hdata->orig_syscall; sct_unlock(&hdata->lock); - if (before_func) - (before_func)(uap, &fake_syscall_retval); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (func_ptr_before)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + if (before_func) + (before_func)(uap, &fake_syscall_retval); + scthijack_unlock_caller(); + } sct_lock(&hdata->lock); remove_pid_trace(pid_trace, hdata); |
From: Amir S. <am...@us...> - 2004-03-01 12:23:23
|
Update of /cvsroot/syscalltrack/syscalltrack/module/templates In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv20323/module/templates Modified Files: syscall_hijack_stub.tmpl.BSD syscall_hijack_stub.tmpl.Linux Log Message: * module/hijack/common/syscall_hijack_common.c: (scthijack_unlock_caller): when calling this function, caller should be locked already, so caller lock data must not be NULL. * module/templates/syscall_hijack_stub.tmpl.BSD: obey scthijack_lock_caller() return value. * module/templates/syscall_hijack_stub.tmpl.Linux: likewise Index: syscall_hijack_stub.tmpl.BSD =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/templates/syscall_hijack_stub.tmpl.BSD,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- syscall_hijack_stub.tmpl.BSD 1 Mar 2004 08:50:46 -0000 1.5 +++ syscall_hijack_stub.tmpl.BSD 1 Mar 2004 12:04:32 -0000 1.6 @@ -22,17 +22,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (func_ptr_before)hdata->before_tracker_func; orig_syscall_func = (sy_call_t*)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (before_func)(uap, &fake_syscall_retval) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (func_ptr_before)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (before_func)(uap, &fake_syscall_retval) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -40,14 +46,15 @@ ? (orig_syscall_func)(td, uap%%SYSCALL_EXTRA_ARGS%%) : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (func_ptr_after)hdata->after_tracker_func; - sct_unlock(&hdata->lock); - - if (after_func) - (after_func)(orig_syscall_retval, uap); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (func_ptr_after)hdata->after_tracker_func; + sct_unlock(&hdata->lock); + + if (after_func) + (after_func)(orig_syscall_retval, uap); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); Index: syscall_hijack_stub.tmpl.Linux =================================================================== RCS file: /cvsroot/syscalltrack/syscalltrack/module/templates/syscall_hijack_stub.tmpl.Linux,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- syscall_hijack_stub.tmpl.Linux 1 Mar 2004 08:50:47 -0000 1.12 +++ syscall_hijack_stub.tmpl.Linux 1 Mar 2004 12:04:32 -0000 1.13 @@ -31,17 +31,23 @@ pid_trace = setup_pid_trace(); - scthijack_lock_caller(); sct_lock(&hdata->lock); add_pid_trace(pid_trace, hdata); - before_func = (stub_before_func_%%SYSCALL_ID%%)hdata->before_tracker_func; orig_syscall_func = (stub_func_%%SYSCALL_ID%%)hdata->orig_syscall; sct_unlock(&hdata->lock); - retval = (before_func - ? (*before_func)(%%SYSCALL_PARAMS_NAMES%% %%BEFORE_RETVAL_VARIABLE%%) - : SCT_USE_ORIG_RETVAL); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + before_func = (stub_before_func_%%SYSCALL_ID%%)hdata->before_tracker_func; + sct_unlock(&hdata->lock); + + retval = (before_func + ? (*before_func)(%%SYSCALL_PARAMS_NAMES%% %%BEFORE_RETVAL_VARIABLE%%) + : SCT_USE_ORIG_RETVAL); + scthijack_unlock_caller(); + } else { + retval = SCT_USE_ORIG_RETVAL; + } /* invoke the original syscall, if the hijack function told us to. */ if (retval == SCT_USE_ORIG_RETVAL) { @@ -49,14 +55,15 @@ ? (*orig_syscall_func)(%%SYSCALL_PARAMS_NAMES%%) : -ENOSYS); - scthijack_lock_caller(); - sct_lock(&hdata->lock); - after_func = (stub_after_func_%%SYSCALL_ID%%)hdata->after_tracker_func; - sct_unlock(&hdata->lock); - - if (after_func) - (*after_func)(%%AFTER_RETVAL_SYS_RET%% %%SYSCALL_PARAMS_NAMES%%); - scthijack_unlock_caller(); + if (scthijack_lock_caller()) { + sct_lock(&hdata->lock); + after_func = (stub_after_func_%%SYSCALL_ID%%)hdata->after_tracker_func; + sct_unlock(&hdata->lock); + + if (after_func) + (*after_func)(%%AFTER_RETVAL_SYS_RET%% %%SYSCALL_PARAMS_NAMES%%); + scthijack_unlock_caller(); + } } sct_lock(&hdata->lock); |