修复
This commit is contained in:
liankong
@@ -688,7 +688,7 @@ __maybe_unused int ksu_kprobe_init(void)
|
||||
|
||||
#ifdef CONFIG_KPM
|
||||
kpm_cfi_bypass_init();
|
||||
kpm_stack_init();
|
||||
// kpm_stack_init();
|
||||
#endif
|
||||
|
||||
return rc;
|
||||
@@ -700,7 +700,7 @@ __maybe_unused int ksu_kprobe_exit(void)
|
||||
unregister_kprobe(&renameat_kp);
|
||||
#ifdef CONFIG_KPM
|
||||
kpm_cfi_bypass_exit();
|
||||
kpm_stack_exit();
|
||||
// kpm_stack_exit();
|
||||
#endif
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -1270,72 +1270,6 @@ bool kpm_is_allow_address(unsigned long addr)
|
||||
|
||||
return allow;
|
||||
}
|
||||
|
||||
#ifndef CONFIG_ARCH_STACKWALK
|
||||
struct stack_trace {
|
||||
unsigned int nr_entries, max_entries;
|
||||
unsigned long *entries;
|
||||
unsigned int skip; /* input argument: How many entries to skip */
|
||||
};
|
||||
#endif
|
||||
|
||||
static struct kprobe dump_stack_kp = {
|
||||
.symbol_name = "dump_stack",
|
||||
};
|
||||
|
||||
static int handler_dump_stack_pre(struct kprobe *p, struct pt_regs *regs)
|
||||
{
|
||||
struct stack_trace trace = {
|
||||
.nr_entries = 0,
|
||||
.max_entries = 32,
|
||||
.entries = (unsigned long *)kmalloc(32*sizeof(unsigned long), GFP_ATOMIC),
|
||||
};
|
||||
int i;
|
||||
|
||||
/* 捕获当前调用栈 */
|
||||
save_stack_trace(&trace);
|
||||
|
||||
/* 遍历栈地址并匹配 KPM 模块 */
|
||||
printk(KERN_EMERG "KPM Stack Trace:\n");
|
||||
for (i = 0; i < trace.nr_entries; i++) {
|
||||
struct kpm_module *pos;
|
||||
unsigned long addr = trace.entries[i];
|
||||
|
||||
list_for_each_entry(pos, &kpm_module_list, list) {
|
||||
unsigned long start_address = (unsigned long) pos->start;
|
||||
unsigned long end_address = start_address + pos->size;
|
||||
|
||||
/* 规则1:地址在KPM允许范围内 */
|
||||
if (addr >= start_address && addr <= end_address) {
|
||||
printk(KERN_EMERG "[KPM: <%px>] %s+%px\n",
|
||||
(void *)addr, pos->info.name, addr - ((unsigned long)pos->start));
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
kfree(trace.entries);
|
||||
return 0; // 继续执行原始 dump_stack
|
||||
}
|
||||
|
||||
/* 模块初始化 */
|
||||
int kpm_stack_init(void)
|
||||
{
|
||||
int ret;
|
||||
if ((ret = register_kprobe(&dump_stack_kp)) < 0) {
|
||||
printk(KERN_ERR "Failed to hook dump_stack: %d\n", ret);
|
||||
return ret;
|
||||
}
|
||||
dump_stack_kp.pre_handler = handler_dump_stack_pre;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* 模块卸载 */
|
||||
void kpm_stack_exit(void)
|
||||
{
|
||||
unregister_kprobe(&dump_stack_kp);
|
||||
}
|
||||
|
||||
// ============================================================================================
|
||||
|
||||
int sukisu_handle_kpm(unsigned long arg3, unsigned long arg4, unsigned long arg5)
|
||||
|
||||
Reference in New Issue
Block a user