修复
This commit is contained in:
liankong
@@ -688,7 +688,7 @@ __maybe_unused int ksu_kprobe_init(void)
|
|||||||
|
|
||||||
#ifdef CONFIG_KPM
|
#ifdef CONFIG_KPM
|
||||||
kpm_cfi_bypass_init();
|
kpm_cfi_bypass_init();
|
||||||
kpm_stack_init();
|
// kpm_stack_init();
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return rc;
|
return rc;
|
||||||
@@ -700,7 +700,7 @@ __maybe_unused int ksu_kprobe_exit(void)
|
|||||||
unregister_kprobe(&renameat_kp);
|
unregister_kprobe(&renameat_kp);
|
||||||
#ifdef CONFIG_KPM
|
#ifdef CONFIG_KPM
|
||||||
kpm_cfi_bypass_exit();
|
kpm_cfi_bypass_exit();
|
||||||
kpm_stack_exit();
|
// kpm_stack_exit();
|
||||||
#endif
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1270,72 +1270,6 @@ bool kpm_is_allow_address(unsigned long addr)
|
|||||||
|
|
||||||
return allow;
|
return allow;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifndef CONFIG_ARCH_STACKWALK
|
|
||||||
struct stack_trace {
|
|
||||||
unsigned int nr_entries, max_entries;
|
|
||||||
unsigned long *entries;
|
|
||||||
unsigned int skip; /* input argument: How many entries to skip */
|
|
||||||
};
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static struct kprobe dump_stack_kp = {
|
|
||||||
.symbol_name = "dump_stack",
|
|
||||||
};
|
|
||||||
|
|
||||||
static int handler_dump_stack_pre(struct kprobe *p, struct pt_regs *regs)
|
|
||||||
{
|
|
||||||
struct stack_trace trace = {
|
|
||||||
.nr_entries = 0,
|
|
||||||
.max_entries = 32,
|
|
||||||
.entries = (unsigned long *)kmalloc(32*sizeof(unsigned long), GFP_ATOMIC),
|
|
||||||
};
|
|
||||||
int i;
|
|
||||||
|
|
||||||
/* 捕获当前调用栈 */
|
|
||||||
save_stack_trace(&trace);
|
|
||||||
|
|
||||||
/* 遍历栈地址并匹配 KPM 模块 */
|
|
||||||
printk(KERN_EMERG "KPM Stack Trace:\n");
|
|
||||||
for (i = 0; i < trace.nr_entries; i++) {
|
|
||||||
struct kpm_module *pos;
|
|
||||||
unsigned long addr = trace.entries[i];
|
|
||||||
|
|
||||||
list_for_each_entry(pos, &kpm_module_list, list) {
|
|
||||||
unsigned long start_address = (unsigned long) pos->start;
|
|
||||||
unsigned long end_address = start_address + pos->size;
|
|
||||||
|
|
||||||
/* 规则1:地址在KPM允许范围内 */
|
|
||||||
if (addr >= start_address && addr <= end_address) {
|
|
||||||
printk(KERN_EMERG "[KPM: <%px>] %s+%px\n",
|
|
||||||
(void *)addr, pos->info.name, addr - ((unsigned long)pos->start));
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
kfree(trace.entries);
|
|
||||||
return 0; // 继续执行原始 dump_stack
|
|
||||||
}
|
|
||||||
|
|
||||||
/* 模块初始化 */
|
|
||||||
int kpm_stack_init(void)
|
|
||||||
{
|
|
||||||
int ret;
|
|
||||||
if ((ret = register_kprobe(&dump_stack_kp)) < 0) {
|
|
||||||
printk(KERN_ERR "Failed to hook dump_stack: %d\n", ret);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
dump_stack_kp.pre_handler = handler_dump_stack_pre;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* 模块卸载 */
|
|
||||||
void kpm_stack_exit(void)
|
|
||||||
{
|
|
||||||
unregister_kprobe(&dump_stack_kp);
|
|
||||||
}
|
|
||||||
|
|
||||||
// ============================================================================================
|
// ============================================================================================
|
||||||
|
|
||||||
int sukisu_handle_kpm(unsigned long arg3, unsigned long arg4, unsigned long arg5)
|
int sukisu_handle_kpm(unsigned long arg3, unsigned long arg4, unsigned long arg5)
|
||||||
|
|||||||
Reference in New Issue
Block a user