weishu
|
815f4d0428
|
kernel: hook newfstatat/faccessat syscall instead of unstable symbol
|
2024-03-20 15:15:26 +08:00 |
|
weishu
|
2a64784a33
|
kernel: hook syscall instead of unstable symbol
|
2024-03-20 14:21:19 +08:00 |
|
4qwerty7
|
f4d2b0feab
|
Distinguish different PT_REGS_PARM4 under x86 (#711)
1. `PT_REGS_CCALL_PARM4` 表示存放C调用约定的第4个参数的寄存器
2. `PT_REGS_SYSCALL_PARM4` 表示存放linux syscall调用约定的第4个参数的寄存器
3. 将原有 `PT_REGS_PARM4` 改为上述之一
4. 将原有 `ksu_handle_execveat_ksud` 和 `ksu_handle_execveat_sucompat` 可能被
kprobe 传递错误实参、且不使用的形参标记为 never_used 并传递 `NULL`
5. 为 `ksu_handle_execveat_ksud` 提供正确的 argv 参数用以在 x86 下也能正确识别 `init
second_stage`
---------
Co-authored-by: weishu <twsxtd@gmail.com>
|
2023-07-06 09:01:35 +08:00 |
|
Ylarod
|
2f970f7ab8
|
kernel: refact (#113)
* refact
* sort inlude
* update
* unregister execve kprobe
* update log
* don't unregister if not in kprobe
* opt for no kprobe
* opt for no kprobe
* stop debug
* don't forget to call ksu_uid_observer_exit
* rename core to core_hook
* direct call do_persistent_allow_list
* add prefix
* use getter, add warn
* add wrapper
* run clang-format
clang-format --style="{BasedOnStyle: InheritParentConfig, SortIncludes: true}" -i kernel/**/*.[ch]
* try fix wsa x64 build
|
2023-01-25 21:53:19 +08:00 |
|
Ylarod
|
423f4aaf1f
|
kernel: add missing header (#110)
|
2023-01-24 22:32:16 +08:00 |
|
chen2021-web
|
2359b16526
|
backport to 4.14 (#59)
|
2023-01-15 15:34:15 +08:00 |
|
weishu
|
a2ec618c49
|
kernel: fix typo for PT_PARAM_REG
|
2023-01-09 07:24:23 +07:00 |
|
weishu
|
36aff66835
|
kernel: add PT_REGS_PARAM6
|
2023-01-06 21:51:09 +07:00 |
|
weishu
|
b427c86ab3
|
misc: code format(use kernel code stype: https://www.kernel.org/doc/html/v6.1/process/coding-style.html
|
2022-12-27 18:21:10 +07:00 |
|
weishu
|
c6300ccf94
|
kernel: fix memory leaks and x86_64 args
|
2022-12-14 16:26:53 +07:00 |
|
weishu
|
0d8785ec78
|
kernel: support x86_64
|
2022-12-12 13:51:09 +07:00 |
|