[1] | 1 | /* SAMHAIN file system integrity testing */
|
---|
| 2 | /* Copyright (C) 2001 Rainer Wichmann */
|
---|
| 3 | /* */
|
---|
| 4 | /* This program is free software; you can redistribute it */
|
---|
| 5 | /* and/or modify */
|
---|
| 6 | /* it under the terms of the GNU General Public License as */
|
---|
| 7 | /* published by */
|
---|
| 8 | /* the Free Software Foundation; either version 2 of the License, or */
|
---|
| 9 | /* (at your option) any later version. */
|
---|
| 10 | /* */
|
---|
| 11 | /* This program is distributed in the hope that it will be useful, */
|
---|
| 12 | /* but WITHOUT ANY WARRANTY; without even the implied warranty of */
|
---|
| 13 | /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
|
---|
| 14 | /* GNU General Public License for more details. */
|
---|
| 15 | /* */
|
---|
| 16 | /* You should have received a copy of the GNU General Public License */
|
---|
| 17 | /* along with this program; if not, write to the Free Software */
|
---|
| 18 | /* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
|
---|
| 19 |
|
---|
| 20 |
|
---|
| 21 | #include "config_xor.h"
|
---|
| 22 |
|
---|
| 23 | #define SH_SYSCALL_CODE
|
---|
| 24 |
|
---|
| 25 |
|
---|
| 26 | #include <stdio.h>
|
---|
| 27 | #include <stdlib.h>
|
---|
| 28 | #include <string.h>
|
---|
| 29 | #include <sys/types.h>
|
---|
| 30 | #include <sys/stat.h>
|
---|
| 31 | #include <fcntl.h>
|
---|
| 32 | #include <unistd.h>
|
---|
| 33 | #include <errno.h>
|
---|
| 34 | #include <limits.h>
|
---|
| 35 | #include <sys/wait.h>
|
---|
| 36 | #include <signal.h>
|
---|
[41] | 37 | #include <sys/mman.h>
|
---|
[1] | 38 |
|
---|
| 39 |
|
---|
| 40 | #ifdef SH_USE_KERN
|
---|
| 41 |
|
---|
| 42 | #undef FIL__
|
---|
| 43 | #define FIL__ _("sh_kern.c")
|
---|
| 44 |
|
---|
| 45 | #if defined (SH_WITH_CLIENT) || defined (SH_STANDALONE)
|
---|
| 46 |
|
---|
| 47 | #if TIME_WITH_SYS_TIME
|
---|
| 48 | #include <sys/time.h>
|
---|
| 49 | #include <time.h>
|
---|
| 50 | #else
|
---|
| 51 | #if HAVE_SYS_TIME_H
|
---|
| 52 | #include <sys/time.h>
|
---|
| 53 | #else
|
---|
| 54 | #include <time.h>
|
---|
| 55 | #endif
|
---|
| 56 | #endif
|
---|
| 57 |
|
---|
| 58 |
|
---|
| 59 | #include "samhain.h"
|
---|
| 60 | #include "sh_utils.h"
|
---|
| 61 | #include "sh_error.h"
|
---|
| 62 | #include "sh_modules.h"
|
---|
| 63 | #include "sh_kern.h"
|
---|
| 64 | #include "sh_ks_xor.h"
|
---|
| 65 |
|
---|
| 66 | #include "sh_unix.h"
|
---|
| 67 | #include "sh_hash.h"
|
---|
| 68 |
|
---|
| 69 |
|
---|
| 70 |
|
---|
| 71 | sh_rconf sh_kern_table[] = {
|
---|
| 72 | {
|
---|
| 73 | N_("severitykernel"),
|
---|
| 74 | sh_kern_set_severity
|
---|
| 75 | },
|
---|
| 76 | {
|
---|
| 77 | N_("kernelcheckactive"),
|
---|
| 78 | sh_kern_set_activate
|
---|
| 79 | },
|
---|
| 80 | {
|
---|
| 81 | N_("kernelcheckinterval"),
|
---|
| 82 | sh_kern_set_timer
|
---|
| 83 | },
|
---|
| 84 | {
|
---|
| 85 | N_("kernelcheckidt"),
|
---|
| 86 | sh_kern_set_idt
|
---|
| 87 | },
|
---|
| 88 | {
|
---|
| 89 | N_("kernelsystemcall"),
|
---|
| 90 | sh_kern_set_sc_addr
|
---|
| 91 | },
|
---|
| 92 | {
|
---|
| 93 | N_("kernelsyscalltable"),
|
---|
| 94 | sh_kern_set_sct_addr
|
---|
| 95 | },
|
---|
| 96 | {
|
---|
| 97 | N_("kernelprocrootlookup"),
|
---|
| 98 | sh_kern_set_proc_root_lookup
|
---|
| 99 | },
|
---|
| 100 | {
|
---|
| 101 | N_("kernelprocrootiops"),
|
---|
| 102 | sh_kern_set_proc_root_iops
|
---|
| 103 | },
|
---|
| 104 | {
|
---|
| 105 | N_("kernelprocroot"),
|
---|
| 106 | sh_kern_set_proc_root
|
---|
| 107 | },
|
---|
| 108 | {
|
---|
| 109 | NULL,
|
---|
| 110 | NULL
|
---|
| 111 | },
|
---|
| 112 | };
|
---|
| 113 |
|
---|
| 114 |
|
---|
| 115 | static time_t lastcheck;
|
---|
| 116 | static int ShKernActive = S_TRUE;
|
---|
| 117 | static int ShKernInterval = 300;
|
---|
| 118 | static int ShKernSeverity = SH_ERR_SEVERE;
|
---|
| 119 | static int ShKernDelay = 100; /* milliseconds */
|
---|
| 120 | static int ShKernIDT = S_TRUE;
|
---|
| 121 |
|
---|
| 122 | /* The address of system_call
|
---|
| 123 | */
|
---|
| 124 | #ifdef SH_SYS_CALL_ADDR
|
---|
| 125 | static unsigned long system_call_addr = SH_SYS_CALL_ADDR;
|
---|
| 126 | #else
|
---|
| 127 | static unsigned long system_call_addr = 0;
|
---|
| 128 | #endif
|
---|
| 129 |
|
---|
| 130 | /* The address of the sys_call_table
|
---|
| 131 | */
|
---|
| 132 | #ifdef SH_SYS_CALL_TABLE
|
---|
| 133 | static unsigned int kaddr = SH_SYS_CALL_TABLE;
|
---|
| 134 | #else
|
---|
| 135 | static unsigned int kaddr = 0;
|
---|
| 136 | #endif
|
---|
| 137 |
|
---|
| 138 | #ifdef PROC_ROOT_LOC
|
---|
| 139 | static unsigned long proc_root = PROC_ROOT_LOC;
|
---|
| 140 | #else
|
---|
| 141 | static unsigned long proc_root = 0;
|
---|
| 142 | #endif
|
---|
| 143 | #ifdef PROC_ROOT_IOPS_LOC
|
---|
| 144 | static unsigned long proc_root_iops = PROC_ROOT_IOPS_LOC;
|
---|
| 145 | #else
|
---|
| 146 | static unsigned long proc_root_iops = 0;
|
---|
| 147 | #endif
|
---|
| 148 | #ifdef PROC_ROOT_LOOKUP_LOC
|
---|
| 149 | static unsigned long proc_root_lookup = PROC_ROOT_LOOKUP_LOC;
|
---|
| 150 | #else
|
---|
| 151 | static unsigned long proc_root_lookup = 0;
|
---|
| 152 | #endif
|
---|
| 153 |
|
---|
[93] | 154 | /* This is the module 'reconfigure' function, which is a no-op.
|
---|
| 155 | */
|
---|
[1] | 156 | int sh_kern_null()
|
---|
| 157 | {
|
---|
| 158 | return 0;
|
---|
| 159 | }
|
---|
| 160 |
|
---|
[93] | 161 | #define SH_KERN_DBPUSH 0
|
---|
| 162 | #define SH_KERN_DBPOP 1
|
---|
[1] | 163 |
|
---|
| 164 | char * sh_kern_db_syscall (int num, char * prefix,
|
---|
[93] | 165 | void * in_name, unsigned long * addr,
|
---|
[1] | 166 | unsigned int * code1, unsigned int * code2,
|
---|
| 167 | int * size, int direction)
|
---|
| 168 | {
|
---|
[83] | 169 | char path[128];
|
---|
| 170 | char * p = NULL;
|
---|
| 171 | unsigned long x1 = 0, x2 = 0;
|
---|
| 172 | unsigned char * name = (unsigned char *) in_name;
|
---|
[1] | 173 |
|
---|
| 174 | sl_snprintf(path, 128, "K_%s_%04d", prefix, num);
|
---|
| 175 |
|
---|
[93] | 176 | if (direction == SH_KERN_DBPUSH)
|
---|
[1] | 177 | {
|
---|
| 178 | x1 = *code1;
|
---|
| 179 | x2 = *code2;
|
---|
| 180 |
|
---|
[93] | 181 | sh_hash_push2db (path, *addr, x1, x2,
|
---|
[1] | 182 | name, (name == NULL) ? 0 : (*size));
|
---|
| 183 | }
|
---|
| 184 | else
|
---|
| 185 | {
|
---|
[93] | 186 | p = sh_hash_db2pop (path, addr, &x1, &x2, size);
|
---|
[1] | 187 | *code1 = (unsigned int) x1;
|
---|
| 188 | *code2 = (unsigned int) x2;
|
---|
| 189 | }
|
---|
| 190 | return p;
|
---|
| 191 | }
|
---|
[93] | 192 |
|
---|
| 193 | static char * sh_kern_pathmsg (char * msg, size_t msg_len,
|
---|
| 194 | int num, char * prefix,
|
---|
| 195 | unsigned char * old, size_t old_len,
|
---|
| 196 | unsigned char * new, size_t new_len)
|
---|
| 197 | {
|
---|
| 198 | size_t k;
|
---|
| 199 | char tmp[128];
|
---|
| 200 | char *p;
|
---|
| 201 | char *linkpath_old;
|
---|
| 202 | char *linkpath_new;
|
---|
| 203 |
|
---|
| 204 | #ifdef SH_USE_XML
|
---|
| 205 | sl_snprintf(tmp, sizeof(tmp), _("path=\"K_%s_%04d\" "),
|
---|
| 206 | prefix, num);
|
---|
| 207 | #else
|
---|
| 208 | sl_snprintf(tmp, sizeof(tmp), _("path=<K_%s_%04d> "),
|
---|
| 209 | prefix, num);
|
---|
| 210 | #endif
|
---|
| 211 | sl_strlcpy(msg, tmp, msg_len);
|
---|
| 212 |
|
---|
| 213 | if (SL_TRUE == sl_ok_muls(old_len, 2) &&
|
---|
| 214 | SL_TRUE == sl_ok_adds(old_len * 2, 1))
|
---|
| 215 | linkpath_old = SH_ALLOC(old_len * 2 + 1);
|
---|
| 216 | else
|
---|
| 217 | return msg;
|
---|
| 218 |
|
---|
| 219 | if (SL_TRUE == sl_ok_muls(new_len, 2) &&
|
---|
| 220 | SL_TRUE == sl_ok_adds(new_len * 2, 1))
|
---|
| 221 | linkpath_new = SH_ALLOC(new_len * 2 + 1);
|
---|
| 222 | else
|
---|
| 223 | return msg;
|
---|
| 224 |
|
---|
| 225 | for (k = 0; k < old_len; ++k)
|
---|
| 226 | {
|
---|
| 227 | p = sh_util_charhex (old[k]);
|
---|
| 228 | linkpath_old[2*k] = p[0];
|
---|
| 229 | linkpath_old[2*k+1] = p[1];
|
---|
| 230 | linkpath_old[2*k+2] = '\0';
|
---|
| 231 | }
|
---|
| 232 |
|
---|
| 233 | for (k = 0; k < new_len; ++k)
|
---|
| 234 | {
|
---|
| 235 | p = sh_util_charhex (new[k]);
|
---|
| 236 | linkpath_new[2*k] = p[0];
|
---|
| 237 | linkpath_new[2*k+1] = p[1];
|
---|
| 238 | linkpath_new[2*k+2] = '\0';
|
---|
| 239 |
|
---|
| 240 | }
|
---|
| 241 | #ifdef SH_USE_XML
|
---|
| 242 | sl_strlcat(msg, _("link_old=\""), msg_len);
|
---|
| 243 | sl_strlcat(msg, linkpath_old, msg_len);
|
---|
| 244 | sl_strlcat(msg, _("\" link_new=\""), msg_len);
|
---|
| 245 | sl_strlcat(msg, linkpath_new, msg_len);
|
---|
| 246 | sl_strlcat(msg, _("\""), msg_len);
|
---|
| 247 | #else
|
---|
| 248 | sl_strlcat(msg, _("link_old=<"), msg_len);
|
---|
| 249 | sl_strlcat(msg, linkpath_old, msg_len);
|
---|
| 250 | sl_strlcat(msg, _(">, link_new=<"), msg_len);
|
---|
| 251 | sl_strlcat(msg, linkpath_new, msg_len);
|
---|
| 252 | sl_strlcat(msg, _(">"), msg_len);
|
---|
| 253 | #endif
|
---|
| 254 |
|
---|
| 255 | SH_FREE(linkpath_old);
|
---|
| 256 | SH_FREE(linkpath_new);
|
---|
| 257 |
|
---|
| 258 | return msg;
|
---|
| 259 | }
|
---|
[1] | 260 |
|
---|
| 261 | #ifdef HOST_IS_LINUX
|
---|
| 262 |
|
---|
[93] | 263 | /*
|
---|
| 264 | * Interrupt Descriptor Table
|
---|
| 265 | */
|
---|
| 266 |
|
---|
| 267 | #include <asm/segment.h>
|
---|
| 268 |
|
---|
| 269 | #define SH_MAXIDT 256
|
---|
| 270 |
|
---|
| 271 | static unsigned char sh_idt_table[SH_MAXIDT * 8];
|
---|
| 272 |
|
---|
| 273 | static char * sh_strseg(unsigned short segment)
|
---|
[1] | 274 | {
|
---|
[93] | 275 | switch (segment) {
|
---|
| 276 | case __KERNEL_CS:
|
---|
| 277 | return _("KERNEL_CS");
|
---|
| 278 | case __KERNEL_DS:
|
---|
| 279 | return _("KERNEL_DS");
|
---|
| 280 | case __USER_CS:
|
---|
| 281 | return _("USER_CS");
|
---|
| 282 | case __USER_DS:
|
---|
| 283 | return _("USER_DS");
|
---|
| 284 | default:
|
---|
| 285 | return _("unknown");
|
---|
| 286 | }
|
---|
| 287 | }
|
---|
| 288 |
|
---|
| 289 |
|
---|
| 290 | static int sh_kern_data_init ()
|
---|
| 291 | {
|
---|
[1] | 292 | unsigned long store0 = 0;
|
---|
| 293 | unsigned int store1 = 0, store2 = 0;
|
---|
| 294 | int datasize, i, j;
|
---|
| 295 | char * databuf;
|
---|
| 296 |
|
---|
| 297 | /* system_call code
|
---|
| 298 | */
|
---|
| 299 | databuf = sh_kern_db_syscall (0, _("system_call"),
|
---|
| 300 | NULL, &store0, &store1, &store2,
|
---|
[93] | 301 | &datasize, SH_KERN_DBPOP);
|
---|
[1] | 302 | if (datasize == sizeof(system_call_code))
|
---|
| 303 | {
|
---|
| 304 | memcpy (system_call_code, databuf, sizeof(system_call_code));
|
---|
| 305 | SH_FREE(databuf);
|
---|
| 306 | }
|
---|
| 307 | else
|
---|
| 308 | {
|
---|
| 309 | sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN,
|
---|
| 310 | _("system_call_code not found in database"),
|
---|
| 311 | _("sh_kern_data_init"));
|
---|
| 312 | return -1;
|
---|
| 313 | }
|
---|
| 314 |
|
---|
| 315 | /* syscall address and code
|
---|
| 316 | */
|
---|
| 317 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 318 | {
|
---|
| 319 | databuf = sh_kern_db_syscall (i, _("syscall"),
|
---|
| 320 | NULL, &store0, &store1, &store2,
|
---|
[93] | 321 | &datasize, SH_KERN_DBPOP);
|
---|
[1] | 322 | sh_syscalls[i].addr = store0;
|
---|
| 323 | if (store0 == 0) {
|
---|
| 324 | sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, i, MSG_E_SUBGEN,
|
---|
| 325 | _("syscall address not found in database"),
|
---|
| 326 | _("sh_kern_data_init"));
|
---|
| 327 | return -1;
|
---|
| 328 | }
|
---|
[93] | 329 |
|
---|
[1] | 330 | sh_syscalls[i].code[0] = (unsigned int) store1;
|
---|
| 331 | sh_syscalls[i].code[1] = (unsigned int) store2;
|
---|
| 332 | if ((store1 == 0) || (store2 == 0)) {
|
---|
| 333 | sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, i, MSG_E_SUBGEN,
|
---|
| 334 | _("syscall code not found in database"),
|
---|
| 335 | _("sh_kern_data_init"));
|
---|
| 336 | }
|
---|
[93] | 337 |
|
---|
[1] | 338 | if (databuf != NULL) {
|
---|
| 339 | SH_FREE(databuf);
|
---|
| 340 | }
|
---|
| 341 |
|
---|
| 342 | }
|
---|
| 343 |
|
---|
| 344 | if (ShKernIDT == S_TRUE)
|
---|
| 345 | {
|
---|
| 346 | for (j = 0; j < SH_MAXIDT; ++j)
|
---|
| 347 | {
|
---|
| 348 | databuf = sh_kern_db_syscall (j, _("idt_table"),
|
---|
| 349 | NULL,
|
---|
| 350 | &store0, &store1, &store2,
|
---|
[93] | 351 | &datasize, SH_KERN_DBPOP);
|
---|
[1] | 352 | if (datasize == 8) {
|
---|
| 353 | memcpy(&idt_table[j*8], databuf, 8);
|
---|
| 354 | SH_FREE(databuf);
|
---|
| 355 | } else {
|
---|
| 356 | sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, j, MSG_E_SUBGEN,
|
---|
| 357 | _("idt table not found in database"),
|
---|
| 358 | _("sh_kern_data_init"));
|
---|
| 359 | return -1;
|
---|
| 360 | }
|
---|
| 361 | }
|
---|
| 362 | }
|
---|
| 363 |
|
---|
| 364 | return 0;
|
---|
| 365 | }
|
---|
| 366 |
|
---|
[83] | 367 |
|
---|
| 368 | /*
|
---|
| 369 | * Defined in include/linux/fs.h
|
---|
| 370 | */
|
---|
| 371 |
|
---|
| 372 | /* Here. we are only interested in 'lookup'. I.e. the struct
|
---|
| 373 | * must be <= the real one, and 'lookup' must be at the
|
---|
| 374 | * correct position.
|
---|
| 375 | */
|
---|
[1] | 376 | struct inode_operations {
|
---|
| 377 | int (*create) (int *,int *,int);
|
---|
| 378 | int * (*lookup) (int *,int *);
|
---|
| 379 | int (*link) (int *,int *,int *);
|
---|
| 380 | int (*unlink) (int *,int *);
|
---|
| 381 | int (*symlink) (int *,int *,const char *);
|
---|
| 382 | int (*mkdir) (int *,int *,int);
|
---|
| 383 | int (*rmdir) (int *,int *);
|
---|
| 384 | int (*mknod) (int *,int *,int,int);
|
---|
| 385 | int (*rename) (int *, int *,
|
---|
| 386 | int *, int *);
|
---|
[22] | 387 | /* flawfinder: ignore */
|
---|
[1] | 388 | int (*readlink) (int *, char *,int);
|
---|
| 389 | int (*follow_link) (int *, int *);
|
---|
| 390 | void (*truncate) (int *);
|
---|
| 391 | int (*permission) (int *, int);
|
---|
| 392 | int (*revalidate) (int *);
|
---|
| 393 | /*
|
---|
| 394 | int (*setattr) (int *, int *);
|
---|
| 395 | int (*getattr) (int *, int *);
|
---|
| 396 | int (*setxattr) (int *, const char *, void *, size_t, int);
|
---|
| 397 | ssize_t (*getxattr) (int *, const char *, void *, size_t);
|
---|
| 398 | ssize_t (*listxattr) (int *, char *, size_t);
|
---|
| 399 | int (*removexattr) (int *, const char *);
|
---|
| 400 | */
|
---|
| 401 | };
|
---|
| 402 |
|
---|
[83] | 403 | /*
|
---|
| 404 | * this one is just for dummy purposes
|
---|
[51] | 405 | */
|
---|
[1] | 406 | struct file_operations {
|
---|
| 407 | int (*create) (int *,int *,int);
|
---|
| 408 | };
|
---|
| 409 |
|
---|
[83] | 410 | /* Defined in include/linux/proc_fs.h
|
---|
| 411 | * Here we are interested in the 'proc_iops' member.
|
---|
| 412 | */
|
---|
[1] | 413 | struct proc_dir_entry {
|
---|
| 414 | unsigned short low_ino;
|
---|
| 415 | unsigned short namelen;
|
---|
| 416 | const char * name;
|
---|
| 417 | mode_t mode;
|
---|
| 418 | nlink_t nlink;
|
---|
| 419 | uid_t uid;
|
---|
| 420 | gid_t gid;
|
---|
[51] | 421 | #if defined TWO_SIX_SEVENTEEN_PLUS
|
---|
| 422 | /* size is loff_t in 2.6.17+ kernels */
|
---|
| 423 | unsigned long dummy;
|
---|
| 424 | #endif
|
---|
| 425 | unsigned long size;
|
---|
[1] | 426 | struct inode_operations * proc_iops;
|
---|
| 427 | struct file_operations * proc_fops;
|
---|
| 428 | /*
|
---|
| 429 | get_info_t *get_info;
|
---|
| 430 | struct module *owner;
|
---|
| 431 | struct proc_dir_entry *next, *parent, *subdir;
|
---|
| 432 | void *data;
|
---|
| 433 | read_proc_t *read_proc;
|
---|
| 434 | write_proc_t *write_proc;
|
---|
| 435 | atomic_t count;
|
---|
| 436 | int deleted;
|
---|
| 437 | */
|
---|
| 438 | };
|
---|
| 439 |
|
---|
[93] | 440 |
|
---|
[41] | 441 | static int sh_kern_kmem_read (int fd, unsigned long addr,
|
---|
| 442 | unsigned char * buf, int len)
|
---|
| 443 | {
|
---|
| 444 | if (lseek(fd, addr, SEEK_SET) == (off_t) (-1))
|
---|
| 445 | {
|
---|
| 446 | return -1;
|
---|
| 447 | }
|
---|
| 448 | if (read(fd, buf, len) < 0)
|
---|
| 449 | {
|
---|
| 450 | return -1;
|
---|
| 451 | }
|
---|
| 452 | return 0;
|
---|
| 453 | }
|
---|
| 454 |
|
---|
| 455 | static int sh_kern_read_data (int fd, unsigned long addr,
|
---|
| 456 | unsigned char * buf, size_t len)
|
---|
| 457 | {
|
---|
| 458 | size_t moff, roff;
|
---|
| 459 | size_t sz;
|
---|
| 460 | char * kmap;
|
---|
| 461 |
|
---|
| 462 | /* first, try read()
|
---|
| 463 | */
|
---|
| 464 | if (0 == sh_kern_kmem_read (fd, addr, buf, len))
|
---|
| 465 | return 0;
|
---|
| 466 |
|
---|
| 467 | /* next, try mmap()
|
---|
| 468 | */
|
---|
| 469 | sz = getpagesize(); /* unistd.h */
|
---|
| 470 |
|
---|
| 471 | moff = ((size_t)(addr/sz)) * sz; /* lower page boundary */
|
---|
| 472 | roff = addr - moff; /* off relative to lower address of mmapped area */
|
---|
| 473 |
|
---|
| 474 | kmap = mmap(0, len+sz, PROT_READ, MAP_PRIVATE, fd, moff);/* sys/mman.h */
|
---|
| 475 |
|
---|
| 476 | if (kmap == MAP_FAILED)
|
---|
| 477 | {
|
---|
| 478 | return -1;
|
---|
| 479 | }
|
---|
| 480 | memcpy (buf, &kmap[roff], len);
|
---|
| 481 | return munmap(kmap, len+sz);
|
---|
| 482 | }
|
---|
| 483 |
|
---|
[93] | 484 |
|
---|
| 485 | static int check_init (int * init_retval)
|
---|
[1] | 486 | {
|
---|
| 487 | static int is_init = 0;
|
---|
| 488 |
|
---|
[93] | 489 | SL_ENTER(_("check_init"));
|
---|
[1] | 490 |
|
---|
| 491 | if (is_init == 0)
|
---|
| 492 | {
|
---|
| 493 | if (sh.flag.checkSum != SH_CHECK_INIT && sh.flag.update != S_TRUE)
|
---|
| 494 | {
|
---|
| 495 | if (0 == sh_kern_data_init()) {
|
---|
| 496 | is_init = 1;
|
---|
| 497 | } else {
|
---|
[93] | 498 | sh_error_handle (ShKernSeverity, FIL__, __LINE__, 1,
|
---|
[1] | 499 | MSG_E_SUBGEN,
|
---|
[93] | 500 | _("could not initialize kernel check - switching off"),
|
---|
| 501 | _("check_init") );
|
---|
[1] | 502 | ShKernActive = S_FALSE;
|
---|
[93] | 503 | *init_retval = is_init;
|
---|
| 504 | SL_RETURN( (-1), _("check_init"));
|
---|
[1] | 505 | }
|
---|
| 506 | }
|
---|
| 507 | else if ((sh.flag.checkSum == SH_CHECK_INIT ||
|
---|
| 508 | sh.flag.checkSum == SH_CHECK_CHECK) &&
|
---|
| 509 | (sh.flag.update == S_TRUE))
|
---|
| 510 | {
|
---|
| 511 | if (0 == sh_kern_data_init()) {
|
---|
| 512 | is_init = 1;
|
---|
| 513 | } else {
|
---|
[93] | 514 | sh_error_handle (SH_ERR_WARN, FIL__, __LINE__, 0,
|
---|
[1] | 515 | MSG_E_SUBGEN,
|
---|
[93] | 516 | _("no or incomplete data in baseline database for kernel check"),
|
---|
| 517 | _("check_init") );
|
---|
[1] | 518 | }
|
---|
| 519 | }
|
---|
| 520 | }
|
---|
[93] | 521 | *init_retval = is_init;
|
---|
| 522 | SL_RETURN( (0), _("check_init"));
|
---|
| 523 | }
|
---|
[1] | 524 |
|
---|
[93] | 525 | #define SH_KERN_SIZ 512
|
---|
| 526 | #define SH_KERN_SCC 256
|
---|
| 527 |
|
---|
| 528 | static void run_child(int kd, int mpipe[2])
|
---|
| 529 | {
|
---|
| 530 | int j;
|
---|
| 531 |
|
---|
| 532 | unsigned long kmem_call_table[SH_KERN_SIZ];
|
---|
| 533 | unsigned int kmem_code_table[SH_KERN_SIZ][2];
|
---|
| 534 |
|
---|
| 535 | unsigned char buf[6];
|
---|
| 536 | unsigned short idt_size;
|
---|
| 537 | unsigned long idt_addr;
|
---|
| 538 |
|
---|
| 539 | unsigned char new_system_call_code[SH_KERN_SCC];
|
---|
| 540 |
|
---|
| 541 | struct inode_operations proc_root_inode;
|
---|
| 542 | struct proc_dir_entry proc_root_dir;
|
---|
| 543 |
|
---|
| 544 | int status = close(mpipe[0]);
|
---|
| 545 |
|
---|
| 546 | setpgid(0, 0);
|
---|
| 547 |
|
---|
| 548 | /* Seek to the system call table (at kaddr) and read it into
|
---|
| 549 | * the kmem_call_table array
|
---|
[1] | 550 | */
|
---|
[93] | 551 | if(status == 0)
|
---|
| 552 | {
|
---|
| 553 | retry_msleep (0, ShKernDelay); /* milliseconds */
|
---|
| 554 |
|
---|
| 555 | if (sh_kern_read_data (kd, kaddr,
|
---|
| 556 | (unsigned char *) &kmem_call_table,
|
---|
| 557 | sizeof(kmem_call_table)))
|
---|
| 558 | {
|
---|
| 559 | status = -2;
|
---|
| 560 | }
|
---|
| 561 | }
|
---|
[1] | 562 |
|
---|
[93] | 563 | /*
|
---|
| 564 | * Seek to the system call address (at sh_syscalls[j].addr) and
|
---|
| 565 | * read first 8 bytes into the array kmem_code_table[j][] (2 * unsigned int)
|
---|
| 566 | */
|
---|
| 567 | if(status == 0)
|
---|
[1] | 568 | {
|
---|
[93] | 569 | memset(kmem_code_table, 0, sizeof(kmem_code_table));
|
---|
| 570 | for (j = 0; j < SH_MAXCALLS; ++j)
|
---|
| 571 | {
|
---|
| 572 | if (sh_syscalls[j].addr == 0UL) {
|
---|
| 573 | sh_syscalls[j].addr = kmem_call_table[j];
|
---|
| 574 | }
|
---|
| 575 |
|
---|
| 576 | if (sh_syscalls[j].name == NULL ||
|
---|
| 577 | sh_syscalls[j].addr == 0UL)
|
---|
| 578 | break;
|
---|
| 579 |
|
---|
| 580 | if ((sh.flag.checkSum == SH_CHECK_INIT ||
|
---|
| 581 | sh.flag.checkSum == SH_CHECK_CHECK) &&
|
---|
| 582 | (sh.flag.update == S_TRUE))
|
---|
| 583 | {
|
---|
| 584 | sh_kern_read_data (kd, kmem_call_table[j],
|
---|
| 585 | (unsigned char *) &(kmem_code_table[j][0]),
|
---|
| 586 | 2 * sizeof(unsigned int));
|
---|
| 587 | }
|
---|
| 588 | else
|
---|
| 589 | {
|
---|
| 590 | sh_kern_read_data (kd, sh_syscalls[j].addr,
|
---|
| 591 | (unsigned char *) &(kmem_code_table[j][0]),
|
---|
| 592 | 2 * sizeof(unsigned int));
|
---|
| 593 | }
|
---|
| 594 | }
|
---|
[1] | 595 | }
|
---|
[93] | 596 |
|
---|
| 597 | if(status == 0)
|
---|
| 598 | {
|
---|
| 599 | /*
|
---|
| 600 | * Get the address and size of Interrupt Descriptor Table,
|
---|
| 601 | * and read the content into the global array sh_idt_table[]
|
---|
| 602 | */
|
---|
| 603 | __asm__ volatile ("sidt %0": "=m" (buf));
|
---|
| 604 | idt_size = *((unsigned short *) &buf[0]);
|
---|
| 605 | idt_addr = *((unsigned long *) &buf[2]);
|
---|
| 606 | idt_size = (idt_size + 1)/8;
|
---|
| 607 |
|
---|
| 608 | if (idt_size > SH_MAXIDT)
|
---|
| 609 | idt_size = SH_MAXIDT;
|
---|
| 610 |
|
---|
| 611 | memset(sh_idt_table, '\0', SH_MAXIDT*8);
|
---|
| 612 | sh_kern_read_data (kd, idt_addr,
|
---|
| 613 | (unsigned char *) sh_idt_table, idt_size*8);
|
---|
| 614 | }
|
---|
| 615 |
|
---|
| 616 | /*
|
---|
| 617 | * Seek to the system_call address (at system_call_addr) and
|
---|
| 618 | * read first 256 bytes into new_system_call_code[]
|
---|
| 619 | *
|
---|
| 620 | * system_call_addr is defined in the include file.
|
---|
| 621 | */
|
---|
| 622 | if(status == 0)
|
---|
| 623 | {
|
---|
| 624 | sh_kern_read_data (kd, system_call_addr,
|
---|
| 625 | (unsigned char *) new_system_call_code, SH_KERN_SCC);
|
---|
| 626 | }
|
---|
[1] | 627 |
|
---|
[93] | 628 | /*
|
---|
| 629 | * Seek to proc_root and read the structure.
|
---|
| 630 | * Seek to proc_root_inode_operations and get the structure.
|
---|
| 631 | */
|
---|
| 632 | if(status == 0)
|
---|
| 633 | {
|
---|
| 634 | sh_kern_read_data (kd, proc_root,
|
---|
| 635 | (unsigned char *) &proc_root_dir,
|
---|
| 636 | sizeof(proc_root_dir));
|
---|
| 637 | sh_kern_read_data (kd, proc_root_iops,
|
---|
| 638 | (unsigned char *) &proc_root_inode,
|
---|
| 639 | sizeof(proc_root_inode));
|
---|
| 640 | }
|
---|
[1] | 641 |
|
---|
[93] | 642 | /*
|
---|
| 643 | * Write out data to the pipe
|
---|
| 644 | */
|
---|
| 645 | if(status == 0)
|
---|
[1] | 646 | {
|
---|
[93] | 647 | status = write(mpipe[1], &kmem_call_table, sizeof(kmem_call_table));
|
---|
| 648 |
|
---|
| 649 | if(status > 0)
|
---|
| 650 | status = write(mpipe[1], &kmem_code_table, sizeof(kmem_code_table));
|
---|
| 651 |
|
---|
| 652 | if(status > 0)
|
---|
| 653 | status = write(mpipe[1], &sh_idt_table, sizeof(sh_idt_table));
|
---|
| 654 |
|
---|
| 655 | if(status > 0)
|
---|
| 656 | status = write(mpipe[1], new_system_call_code, SH_KERN_SCC);
|
---|
| 657 |
|
---|
| 658 | if(status > 0)
|
---|
| 659 | status = write(mpipe[1], &proc_root_dir, sizeof(proc_root_dir));
|
---|
| 660 |
|
---|
| 661 | if(status > 0)
|
---|
| 662 | status = write(mpipe[1], &proc_root_inode, sizeof(proc_root_inode));
|
---|
[1] | 663 | }
|
---|
[93] | 664 | _exit( (status >= 0) ? 0 : status);
|
---|
| 665 | }
|
---|
[1] | 666 |
|
---|
| 667 |
|
---|
[93] | 668 | struct sh_kernel_info {
|
---|
| 669 | unsigned long kmem_call_table[SH_KERN_SIZ];
|
---|
| 670 | unsigned int kmem_code_table[SH_KERN_SIZ][2];
|
---|
| 671 |
|
---|
| 672 | unsigned char new_system_call_code[SH_KERN_SCC];
|
---|
| 673 |
|
---|
| 674 | struct inode_operations proc_root_inode;
|
---|
| 675 | struct proc_dir_entry proc_root_dir;
|
---|
| 676 | };
|
---|
| 677 |
|
---|
| 678 | static int read_from_child(pid_t mpid, int * mpipe,
|
---|
| 679 | struct sh_kernel_info * kinfo)
|
---|
| 680 | {
|
---|
| 681 | int res;
|
---|
| 682 | int status;
|
---|
| 683 | long size;
|
---|
| 684 |
|
---|
| 685 | /* Close reading side of pipe, and wait some milliseconds
|
---|
| 686 | */
|
---|
| 687 | close (mpipe[1]);
|
---|
| 688 | retry_msleep (0, ShKernDelay); /* milliseconds */
|
---|
| 689 |
|
---|
| 690 | size = SH_KERN_SIZ * sizeof(unsigned long);
|
---|
| 691 |
|
---|
| 692 | if (size != read(mpipe[0], &(kinfo->kmem_call_table), size))
|
---|
| 693 | status = -4;
|
---|
| 694 | else
|
---|
| 695 | status = 0;
|
---|
| 696 |
|
---|
| 697 | if(status == 0)
|
---|
[1] | 698 | {
|
---|
[93] | 699 | size = sizeof(unsigned int) * 2 * SH_KERN_SIZ;
|
---|
[1] | 700 |
|
---|
[93] | 701 | if (size != read(mpipe[0], &(kinfo->kmem_code_table), size))
|
---|
| 702 | status = -5;
|
---|
| 703 | else
|
---|
| 704 | status = 0;
|
---|
| 705 | }
|
---|
| 706 |
|
---|
| 707 | if(status == 0)
|
---|
| 708 | {
|
---|
| 709 | memset(sh_idt_table, '\0', SH_MAXIDT*8);
|
---|
| 710 | if (sizeof(sh_idt_table) !=
|
---|
| 711 | read(mpipe[0], &sh_idt_table, sizeof(sh_idt_table)))
|
---|
| 712 | status = -5;
|
---|
| 713 | else
|
---|
| 714 | status = 0;
|
---|
| 715 | }
|
---|
| 716 |
|
---|
| 717 | if(status == 0)
|
---|
| 718 | {
|
---|
| 719 | size = SH_KERN_SCC;
|
---|
| 720 |
|
---|
| 721 | if (size != read(mpipe[0], &(kinfo->new_system_call_code), size))
|
---|
| 722 | status = -6;
|
---|
| 723 | else
|
---|
| 724 | status = 0;
|
---|
| 725 | }
|
---|
| 726 |
|
---|
| 727 | if(status == 0)
|
---|
| 728 | {
|
---|
| 729 | size = sizeof (struct proc_dir_entry);
|
---|
| 730 |
|
---|
| 731 | if (size != read(mpipe[0], &(kinfo->proc_root_dir), size))
|
---|
| 732 | status = -7;
|
---|
| 733 | else
|
---|
| 734 | status = 0;
|
---|
| 735 | }
|
---|
| 736 |
|
---|
| 737 | if(status == 0)
|
---|
| 738 | {
|
---|
| 739 | size = sizeof (struct inode_operations);
|
---|
| 740 |
|
---|
| 741 | if (size != read(mpipe[0], &(kinfo->proc_root_inode), size))
|
---|
| 742 | status = -8;
|
---|
| 743 | else
|
---|
| 744 | status = 0;
|
---|
| 745 | }
|
---|
| 746 |
|
---|
| 747 | if (status < 0)
|
---|
| 748 | res = waitpid(mpid, NULL, WNOHANG|WUNTRACED);
|
---|
| 749 | else
|
---|
| 750 | {
|
---|
| 751 | res = waitpid(mpid, &status, WNOHANG|WUNTRACED);
|
---|
| 752 | if (res == 0 && 0 != WIFEXITED(status))
|
---|
| 753 | status = WEXITSTATUS(status);
|
---|
| 754 | }
|
---|
| 755 | close (mpipe[0]);
|
---|
| 756 | if (res <= 0)
|
---|
| 757 | {
|
---|
| 758 | aud_kill(FIL__, __LINE__, mpid, 9);
|
---|
| 759 | waitpid(mpid, NULL, 0);
|
---|
| 760 | }
|
---|
| 761 | return status;
|
---|
| 762 | }
|
---|
| 763 |
|
---|
| 764 |
|
---|
| 765 | static void check_idt_table(int is_init)
|
---|
| 766 | {
|
---|
| 767 | int i, j;
|
---|
| 768 |
|
---|
| 769 | unsigned short idt_offset_lo, idt_offset_hi, idt_selector;
|
---|
| 770 | unsigned char idt_reserved, idt_flag;
|
---|
| 771 | unsigned short sh_idt_offset_lo, sh_idt_offset_hi, sh_idt_selector;
|
---|
| 772 | unsigned char sh_idt_reserved, sh_idt_flag;
|
---|
| 773 | int dpl;
|
---|
| 774 | unsigned long idt_iaddr;
|
---|
| 775 | int sh_dpl;
|
---|
| 776 | unsigned long sh_idt_iaddr;
|
---|
| 777 | char idt_type, sh_idt_type;
|
---|
| 778 |
|
---|
| 779 | unsigned long store0;
|
---|
| 780 | unsigned int store1, store2;
|
---|
| 781 | int datasize;
|
---|
| 782 | char msg[2*SH_BUFSIZE];
|
---|
| 783 |
|
---|
| 784 | if (ShKernIDT == S_TRUE)
|
---|
| 785 | {
|
---|
| 786 | if (sh.flag.checkSum == SH_CHECK_INIT || sh.flag.update == S_TRUE)
|
---|
[1] | 787 | {
|
---|
[93] | 788 | datasize = 8;
|
---|
| 789 | for (j = 0; j < SH_MAXIDT; ++j)
|
---|
[1] | 790 | {
|
---|
[93] | 791 | sh_kern_db_syscall (j, _("idt_table"),
|
---|
| 792 | &sh_idt_table[j*8],
|
---|
| 793 | &store0, &store1, &store2,
|
---|
| 794 | &datasize, SH_KERN_DBPUSH);
|
---|
[1] | 795 | }
|
---|
[93] | 796 | }
|
---|
[1] | 797 |
|
---|
[93] | 798 | if ((sh.flag.checkSum != SH_CHECK_INIT) ||
|
---|
| 799 | (sh.flag.update == S_TRUE && is_init == 1))
|
---|
| 800 | {
|
---|
| 801 | /* Check the Interrupt Descriptor Table
|
---|
| 802 | *
|
---|
| 803 | * Stored(old) is idt_table[]
|
---|
[1] | 804 | */
|
---|
[93] | 805 | for (j = 0; j < SH_MAXIDT; ++j)
|
---|
[1] | 806 | {
|
---|
[93] | 807 | i = j * 8;
|
---|
| 808 |
|
---|
| 809 | sh_idt_offset_lo = *((unsigned short *) &sh_idt_table[i]);
|
---|
| 810 | sh_idt_selector = *((unsigned short *) &sh_idt_table[i+2]);
|
---|
| 811 | sh_idt_reserved = (unsigned char) sh_idt_table[i+4];
|
---|
| 812 | sh_idt_flag = (unsigned char) sh_idt_table[i+5];
|
---|
| 813 | sh_idt_offset_hi = *((unsigned short *) &sh_idt_table[i+6]);
|
---|
| 814 | sh_idt_iaddr = (unsigned long)(sh_idt_offset_hi << 16)
|
---|
| 815 | + sh_idt_offset_lo;
|
---|
| 816 |
|
---|
| 817 | if (sh_idt_iaddr == 0)
|
---|
[1] | 818 | {
|
---|
[93] | 819 | sh_idt_table[i+2] = '\0';
|
---|
| 820 | sh_idt_table[i+3] = '\0';
|
---|
| 821 | sh_idt_table[i+5] = '\0';
|
---|
[1] | 822 |
|
---|
[93] | 823 | idt_offset_lo = *((unsigned short *) &idt_table[i]);
|
---|
| 824 | idt_offset_hi = *((unsigned short *) &idt_table[i+6]);
|
---|
| 825 | idt_iaddr = (unsigned long)(idt_offset_hi << 16)
|
---|
| 826 | + idt_offset_lo;
|
---|
| 827 | if (idt_iaddr == 0)
|
---|
[1] | 828 | {
|
---|
[93] | 829 | idt_table[i+2] = '\0';
|
---|
| 830 | idt_table[i+3] = '\0';
|
---|
| 831 | idt_table[i+5] = '\0';
|
---|
[1] | 832 | }
|
---|
[93] | 833 |
|
---|
| 834 | }
|
---|
| 835 |
|
---|
| 836 | if (memcmp(&sh_idt_table[i], &idt_table[i], 8) != 0)
|
---|
| 837 | {
|
---|
| 838 |
|
---|
| 839 | idt_offset_lo = *((unsigned short *) &idt_table[i]);
|
---|
| 840 | idt_selector = *((unsigned short *) &idt_table[i+2]);
|
---|
| 841 | idt_reserved = (unsigned char) idt_table[i+4];
|
---|
| 842 | idt_flag = (unsigned char) idt_table[i+5];
|
---|
| 843 | idt_offset_hi = *((unsigned short *) &idt_table[i+6]);
|
---|
| 844 | idt_iaddr = (unsigned long)(idt_offset_hi << 16)
|
---|
| 845 | + idt_offset_lo;
|
---|
| 846 |
|
---|
| 847 | if (idt_iaddr != 0)
|
---|
[1] | 848 | {
|
---|
[93] | 849 | if (idt_flag & 64) { dpl = 3; }
|
---|
| 850 | else { dpl = 0; }
|
---|
| 851 | if (idt_flag & 1) {
|
---|
| 852 | if (dpl == 3) idt_type = 'S';
|
---|
| 853 | else idt_type = 'T'; }
|
---|
| 854 | else { idt_type = 'I'; }
|
---|
[1] | 855 | }
|
---|
[93] | 856 | else { dpl = -1; idt_type = 'U'; }
|
---|
| 857 |
|
---|
| 858 | if (sh_idt_iaddr != 0)
|
---|
| 859 | {
|
---|
| 860 | if (sh_idt_flag & 64) { sh_dpl = 3; }
|
---|
| 861 | else { sh_dpl = 0; }
|
---|
| 862 | if (sh_idt_flag & 1) {
|
---|
| 863 | if (sh_dpl == 3) sh_idt_type = 'S';
|
---|
| 864 | else sh_idt_type = 'T'; }
|
---|
| 865 | else { sh_idt_type = 'I'; }
|
---|
| 866 | }
|
---|
| 867 | else { sh_dpl = -1; sh_idt_type = 'U'; }
|
---|
| 868 |
|
---|
| 869 | sh_kern_pathmsg (msg, SH_BUFSIZE,
|
---|
| 870 | j, _("idt_table"),
|
---|
| 871 | &idt_table[i], 8,
|
---|
| 872 | &sh_idt_table[i], 8);
|
---|
| 873 |
|
---|
| 874 | sh_error_handle (ShKernSeverity, FIL__, __LINE__,
|
---|
| 875 | 0, MSG_KERN_IDT,
|
---|
| 876 | j,
|
---|
| 877 | sh_idt_iaddr, sh_strseg(sh_idt_selector),
|
---|
| 878 | (int) sh_dpl, sh_idt_type,
|
---|
| 879 | idt_iaddr, sh_strseg(idt_selector),
|
---|
| 880 | (int) dpl, idt_type, msg);
|
---|
| 881 |
|
---|
| 882 | memcpy(&idt_table[i], &sh_idt_table[i], 8);
|
---|
[1] | 883 | }
|
---|
| 884 | }
|
---|
[93] | 885 | }
|
---|
| 886 | }
|
---|
| 887 | }
|
---|
[1] | 888 |
|
---|
| 889 |
|
---|
[93] | 890 | #define SYS_BUS_PCI _("/sys/bus/pci/devices")
|
---|
| 891 | #include <dirent.h>
|
---|
[1] | 892 |
|
---|
[93] | 893 | static void check_rom (char * pcipath, char * name)
|
---|
| 894 | {
|
---|
| 895 | file_type theFile;
|
---|
| 896 | char fileHash[2*(KEY_LEN + 1)];
|
---|
| 897 | int status;
|
---|
| 898 | char * tmp;
|
---|
| 899 | extern unsigned long sh_files_maskof (int class);
|
---|
[1] | 900 |
|
---|
[93] | 901 | (void) sl_strlcpy (theFile.fullpath, pcipath, PATH_MAX);
|
---|
| 902 | theFile.check_mask = sh_files_maskof(SH_LEVEL_READONLY);
|
---|
| 903 | theFile.reported = S_FALSE;
|
---|
| 904 | theFile.attr_string = NULL;
|
---|
| 905 |
|
---|
| 906 | status = sh_unix_getinfo (ShDFLevel[SH_ERR_T_RO],
|
---|
| 907 | name, &theFile, fileHash, 0);
|
---|
[1] | 908 |
|
---|
[93] | 909 | if (status != 0)
|
---|
| 910 | {
|
---|
| 911 | tmp = sh_util_safe_name(pcipath);
|
---|
| 912 | sh_error_handle (ShKernSeverity, FIL__, __LINE__,
|
---|
| 913 | 0, MSG_E_SUBGPATH,
|
---|
| 914 | _("Could not check PCI ROM"),
|
---|
| 915 | _("check_rom"),
|
---|
| 916 | tmp);
|
---|
| 917 | SH_FREE(tmp);
|
---|
| 918 | return;
|
---|
| 919 | }
|
---|
[1] | 920 |
|
---|
[93] | 921 | if ( sh.flag.checkSum == SH_CHECK_INIT )
|
---|
| 922 | {
|
---|
| 923 | sh_hash_pushdata (&theFile, fileHash);
|
---|
| 924 | }
|
---|
| 925 | else if (sh.flag.checkSum == SH_CHECK_CHECK )
|
---|
| 926 | {
|
---|
| 927 | sh_hash_compdata (SH_LEVEL_READONLY, &theFile, fileHash, NULL, -1);
|
---|
| 928 | }
|
---|
[1] | 929 |
|
---|
[93] | 930 | return;
|
---|
| 931 | }
|
---|
[1] | 932 |
|
---|
[93] | 933 | static void check_pci_rom (char * pcipath, char * name)
|
---|
| 934 | {
|
---|
| 935 | struct stat buf;
|
---|
| 936 | int fd;
|
---|
[1] | 937 |
|
---|
[93] | 938 | if (0 == stat(pcipath, &buf))
|
---|
| 939 | {
|
---|
| 940 | /* Need to write "1" to the file to enable the ROM. Afterwards,
|
---|
| 941 | * write "0" to disable it.
|
---|
| 942 | */
|
---|
| 943 | fd = open ( pcipath, O_RDWR );
|
---|
| 944 | write( fd, "1", 1 );
|
---|
| 945 | close ( fd );
|
---|
[1] | 946 |
|
---|
[93] | 947 | check_rom(pcipath, name);
|
---|
[1] | 948 |
|
---|
[93] | 949 | fd = open ( pcipath, O_RDWR );
|
---|
| 950 | write( fd, "0", 1 );
|
---|
| 951 | close ( fd );
|
---|
[1] | 952 | }
|
---|
[93] | 953 | return;
|
---|
| 954 | }
|
---|
[1] | 955 |
|
---|
[93] | 956 | static void check_pci()
|
---|
| 957 | {
|
---|
| 958 | char pci_dir[256];
|
---|
| 959 | char * pcipath;
|
---|
| 960 | DIR * df;
|
---|
| 961 | struct dirent * entry;
|
---|
| 962 |
|
---|
| 963 | sl_strlcpy(pci_dir, SYS_BUS_PCI, sizeof(pci_dir));
|
---|
| 964 |
|
---|
| 965 | df = opendir(pci_dir);
|
---|
| 966 | if (df)
|
---|
[1] | 967 | {
|
---|
[93] | 968 | while (NULL != (entry = readdir(df)))
|
---|
| 969 | {
|
---|
| 970 | if (0 == strcmp(entry->d_name, ".") &&
|
---|
| 971 | 0 == strcmp(entry->d_name, ".."))
|
---|
| 972 | continue;
|
---|
| 973 |
|
---|
| 974 | pcipath = sh_util_strconcat(pci_dir, "/",
|
---|
| 975 | entry->d_name, "/rom", NULL);
|
---|
| 976 | check_pci_rom(pcipath, entry->d_name);
|
---|
| 977 | SH_FREE(pcipath);
|
---|
| 978 | }
|
---|
| 979 | closedir(df);
|
---|
[1] | 980 | }
|
---|
[93] | 981 | }
|
---|
[1] | 982 |
|
---|
[93] | 983 | /* -- Check the proc_root inode.
|
---|
| 984 | *
|
---|
| 985 | * This will detect adore-ng.
|
---|
| 986 | */
|
---|
| 987 | static void check_proc_root (struct sh_kernel_info * kinfo)
|
---|
| 988 | {
|
---|
| 989 | struct inode_operations proc_root_inode;
|
---|
| 990 | struct proc_dir_entry proc_root_dir;
|
---|
| 991 |
|
---|
| 992 | memcpy (&proc_root_inode, &(kinfo->proc_root_inode), sizeof(struct inode_operations));
|
---|
| 993 | memcpy (&proc_root_dir, &(kinfo->proc_root_dir), sizeof(struct proc_dir_entry));
|
---|
| 994 |
|
---|
[1] | 995 | if ( (unsigned int) *proc_root_inode.lookup != proc_root_lookup)
|
---|
| 996 | {
|
---|
| 997 | sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_KERN_PROC,
|
---|
| 998 | _("proc_root_inode_operations.lookup != proc_root_lookup"));
|
---|
| 999 | }
|
---|
[83] | 1000 | else if ( (((unsigned int) * &proc_root_dir.proc_iops) != proc_root_iops)
|
---|
| 1001 | && (proc_root_dir.size != proc_root_iops)
|
---|
| 1002 | && (((unsigned int) * &proc_root_dir.proc_fops) != proc_root_iops)
|
---|
| 1003 | )
|
---|
[1] | 1004 | {
|
---|
| 1005 | sh_error_handle ((-1), FIL__, __LINE__, 0, MSG_KERN_PROC,
|
---|
| 1006 | _("proc_root.proc_iops != proc_root_inode_operations"));
|
---|
| 1007 | }
|
---|
[93] | 1008 | return;
|
---|
| 1009 | }
|
---|
[1] | 1010 |
|
---|
[93] | 1011 | /* -- Check the system_call syscall gate.
|
---|
| 1012 | *
|
---|
| 1013 | * Stored(old) is system_call_code[]
|
---|
| 1014 | */
|
---|
| 1015 | static void check_syscall_gate(int is_init, struct sh_kernel_info * kinfo)
|
---|
| 1016 | {
|
---|
| 1017 | int i, j;
|
---|
| 1018 | unsigned long store0;
|
---|
| 1019 | unsigned int store1, store2;
|
---|
| 1020 | int datasize;
|
---|
| 1021 | int max_system_call = (SYS_CALL_LOC < 128) ? 128 : SYS_CALL_LOC;
|
---|
| 1022 | char msg[2*SH_BUFSIZE];
|
---|
| 1023 |
|
---|
[3] | 1024 | if (sh.flag.checkSum == SH_CHECK_INIT || sh.flag.update == S_TRUE)
|
---|
[1] | 1025 | {
|
---|
| 1026 | store0 = 0; store1 = 0; store2 = 0;
|
---|
[93] | 1027 | datasize = SH_KERN_SCC;
|
---|
[1] | 1028 | sh_kern_db_syscall (0, _("system_call"),
|
---|
[93] | 1029 | &(kinfo->new_system_call_code), &store0, &store1, &store2,
|
---|
| 1030 | &datasize, SH_KERN_DBPUSH);
|
---|
[1] | 1031 | }
|
---|
| 1032 |
|
---|
| 1033 | if ((sh.flag.checkSum != SH_CHECK_INIT) ||
|
---|
| 1034 | (sh.flag.update == S_TRUE && is_init == 1))
|
---|
| 1035 | {
|
---|
| 1036 | for (i = 0; i < (max_system_call + 4); ++i)
|
---|
| 1037 | {
|
---|
[93] | 1038 | if (system_call_code[i] != kinfo->new_system_call_code[i])
|
---|
[1] | 1039 | {
|
---|
| 1040 |
|
---|
[93] | 1041 | sh_kern_pathmsg (msg, sizeof(msg),
|
---|
| 1042 | 0, _("system_call"),
|
---|
| 1043 | system_call_code, SH_KERN_SCC,
|
---|
| 1044 | kinfo->new_system_call_code, SH_KERN_SCC);
|
---|
[1] | 1045 |
|
---|
| 1046 | sh_error_handle (ShKernSeverity, FIL__, __LINE__,
|
---|
[93] | 1047 | 0, MSG_KERN_GATE,
|
---|
| 1048 | kinfo->new_system_call_code[i], 0,
|
---|
[1] | 1049 | system_call_code[i], 0,
|
---|
| 1050 | 0, _("system_call (interrupt handler)"),
|
---|
| 1051 | msg);
|
---|
| 1052 |
|
---|
| 1053 | for (j = 0; j < (max_system_call + 4); ++j)
|
---|
[93] | 1054 | system_call_code[j] = kinfo->new_system_call_code[j];
|
---|
[1] | 1055 | break;
|
---|
| 1056 | }
|
---|
| 1057 | }
|
---|
| 1058 | }
|
---|
[93] | 1059 | return;
|
---|
| 1060 | }
|
---|
| 1061 |
|
---|
| 1062 | static void check_system_calls (int is_init, struct sh_kernel_info * kinfo)
|
---|
| 1063 | {
|
---|
| 1064 | int i;
|
---|
| 1065 |
|
---|
| 1066 | #ifdef SH_USE_LKM
|
---|
| 1067 | static int check_getdents = 0;
|
---|
| 1068 | /* #ifdef __NR_getdents64 */
|
---|
| 1069 | static int check_getdents64 = 0;
|
---|
| 1070 | /* #endif */
|
---|
| 1071 | static int copy_if_next = -1;
|
---|
| 1072 | static int copy_if_next_64 = -1;
|
---|
| 1073 | #endif
|
---|
| 1074 |
|
---|
| 1075 | unsigned long store0;
|
---|
| 1076 | unsigned int store1, store2;
|
---|
| 1077 | int mod_syscall_addr = 0;
|
---|
| 1078 | int mod_syscall_code = 0;
|
---|
| 1079 | UINT64 size_old = 0, size_new = 0;
|
---|
| 1080 | UINT64 mtime_old = 0, mtime_new = 0;
|
---|
| 1081 | UINT64 ctime_old = 0, ctime_new = 0;
|
---|
| 1082 | char tmp[128];
|
---|
| 1083 | char msg[2*SH_BUFSIZE];
|
---|
| 1084 | char timstr_o[32];
|
---|
| 1085 | char timstr_n[32];
|
---|
| 1086 |
|
---|
[3] | 1087 | if (sh.flag.checkSum == SH_CHECK_INIT || sh.flag.update == S_TRUE)
|
---|
[1] | 1088 | {
|
---|
| 1089 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 1090 | {
|
---|
[93] | 1091 | store0 = kinfo->kmem_call_table[i];
|
---|
| 1092 | store1 = kinfo->kmem_code_table[i][0]; store2 = kinfo->kmem_code_table[i][1];
|
---|
[1] | 1093 | sh_kern_db_syscall (i, _("syscall"),
|
---|
| 1094 | NULL, &store0, &store1, &store2,
|
---|
[93] | 1095 | 0, SH_KERN_DBPUSH);
|
---|
[1] | 1096 | }
|
---|
| 1097 | }
|
---|
| 1098 |
|
---|
| 1099 | if ((sh.flag.checkSum != SH_CHECK_INIT) ||
|
---|
| 1100 | (sh.flag.update == S_TRUE && is_init == 1))
|
---|
| 1101 | {
|
---|
| 1102 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 1103 | {
|
---|
| 1104 | if (sh_syscalls[i].name == NULL /* || sh_syscalls[i].addr == 0UL */)
|
---|
| 1105 | break;
|
---|
| 1106 |
|
---|
| 1107 | #ifdef SH_USE_LKM
|
---|
[93] | 1108 | if (sh_syscalls[i].addr != kinfo->kmem_call_table[i])
|
---|
[1] | 1109 | {
|
---|
| 1110 | if (check_getdents == 0 &&
|
---|
| 1111 | 0 == strcmp(_(sh_syscalls[i].name), _("sys_getdents")))
|
---|
| 1112 | {
|
---|
| 1113 | check_getdents = 1;
|
---|
| 1114 | sh_error_handle (SH_ERR_WARN, FIL__, __LINE__,
|
---|
[93] | 1115 | 0, MSG_E_SUBGEN,
|
---|
[1] | 1116 | _("Modified kernel syscall (expected)."),
|
---|
| 1117 | _(sh_syscalls[i].name) );
|
---|
| 1118 | copy_if_next = i;
|
---|
[93] | 1119 | sh_syscalls[i].addr = kinfo->kmem_call_table[i];
|
---|
[1] | 1120 | continue;
|
---|
| 1121 | }
|
---|
| 1122 | /* #ifdef __NR_getdents64 */
|
---|
| 1123 | else if (check_getdents64 == 0 &&
|
---|
| 1124 | 0 == strcmp(_(sh_syscalls[i].name),
|
---|
| 1125 | _("sys_getdents64")))
|
---|
| 1126 | {
|
---|
| 1127 | check_getdents64 = 1;
|
---|
| 1128 | sh_error_handle (SH_ERR_WARN, FIL__, __LINE__,
|
---|
[93] | 1129 | 0, MSG_E_SUBGEN,
|
---|
[1] | 1130 | _("Modified kernel syscall (expected)."),
|
---|
| 1131 | _(sh_syscalls[i].name) );
|
---|
| 1132 | copy_if_next_64 = i;
|
---|
[93] | 1133 | sh_syscalls[i].addr = kinfo->kmem_call_table[i];
|
---|
[1] | 1134 | continue;
|
---|
| 1135 | }
|
---|
| 1136 | /* #endif */
|
---|
| 1137 | else
|
---|
| 1138 | {
|
---|
| 1139 | size_old = sh_syscalls[i].addr;
|
---|
[93] | 1140 | size_new = kinfo->kmem_call_table[i];
|
---|
[1] | 1141 | mod_syscall_addr = 1;
|
---|
| 1142 | }
|
---|
[93] | 1143 | sh_syscalls[i].addr = kinfo->kmem_call_table[i];
|
---|
[1] | 1144 | }
|
---|
| 1145 | #else
|
---|
[93] | 1146 | if (sh_syscalls[i].addr != kinfo->kmem_call_table[i])
|
---|
[1] | 1147 | {
|
---|
| 1148 | size_old = sh_syscalls[i].addr;
|
---|
[93] | 1149 | size_new = kinfo->kmem_call_table[i];
|
---|
[1] | 1150 | mod_syscall_addr = 1;
|
---|
[93] | 1151 | sh_syscalls[i].addr = kinfo->kmem_call_table[i];
|
---|
[1] | 1152 | }
|
---|
| 1153 | #endif
|
---|
| 1154 |
|
---|
| 1155 |
|
---|
[93] | 1156 | /* -- Check the code at syscall address
|
---|
[1] | 1157 | *
|
---|
| 1158 | * Stored(old) is sh_syscalls[]
|
---|
| 1159 | */
|
---|
| 1160 | if ( (mod_syscall_addr == 0) &&
|
---|
[93] | 1161 | ((sh_syscalls[i].code[0] != kinfo->kmem_code_table[i][0]) ||
|
---|
| 1162 | (sh_syscalls[i].code[1] != kinfo->kmem_code_table[i][1]))
|
---|
[1] | 1163 | )
|
---|
| 1164 | {
|
---|
| 1165 | mtime_old = sh_syscalls[i].code[0];
|
---|
[93] | 1166 | mtime_new = kinfo->kmem_code_table[i][0];
|
---|
[1] | 1167 | ctime_old = sh_syscalls[i].code[1];
|
---|
[93] | 1168 | ctime_new = kinfo->kmem_code_table[i][1];
|
---|
[1] | 1169 | mod_syscall_code = 1;
|
---|
| 1170 |
|
---|
| 1171 | #ifdef SH_USE_LKM
|
---|
| 1172 | if (i == copy_if_next)
|
---|
| 1173 | {
|
---|
| 1174 | mod_syscall_code = 0;
|
---|
| 1175 | copy_if_next = -1;
|
---|
| 1176 | }
|
---|
| 1177 | if (i == copy_if_next_64)
|
---|
| 1178 | {
|
---|
| 1179 | mod_syscall_code = 0;
|
---|
| 1180 | copy_if_next_64 = -1;
|
---|
| 1181 | }
|
---|
| 1182 | #endif
|
---|
| 1183 |
|
---|
[93] | 1184 | sh_syscalls[i].code[0] = kinfo->kmem_code_table[i][0];
|
---|
| 1185 | sh_syscalls[i].code[1] = kinfo->kmem_code_table[i][1];
|
---|
[1] | 1186 | }
|
---|
[93] | 1187 |
|
---|
| 1188 | /* Build the error message, if something has been
|
---|
[1] | 1189 | * detected.
|
---|
| 1190 | */
|
---|
| 1191 | if ((mod_syscall_addr != 0) || (mod_syscall_code != 0))
|
---|
| 1192 | {
|
---|
| 1193 | #ifdef SH_USE_XML
|
---|
| 1194 | sl_snprintf(tmp, 128, "path=\"K_%s_%04d\" ",
|
---|
| 1195 | _("syscall"), i);
|
---|
| 1196 | #else
|
---|
| 1197 | sl_snprintf(tmp, 128, "path=<K_%s_%04d>, ",
|
---|
| 1198 | _("syscall"), i);
|
---|
| 1199 | #endif
|
---|
| 1200 | sl_strlcpy(msg, tmp, SH_BUFSIZE);
|
---|
| 1201 |
|
---|
| 1202 | if (mod_syscall_addr != 0)
|
---|
| 1203 | {
|
---|
| 1204 | sl_snprintf(tmp, 128, sh_hash_size_format(),
|
---|
| 1205 | size_old, size_new);
|
---|
| 1206 | sl_strlcat(msg, tmp, SH_BUFSIZE);
|
---|
| 1207 | }
|
---|
| 1208 | if (mod_syscall_code != 0)
|
---|
| 1209 | {
|
---|
| 1210 | sl_strlcpy (timstr_o, sh_unix_gmttime (ctime_old), 32);
|
---|
| 1211 | sl_strlcpy (timstr_n, sh_unix_gmttime (ctime_new), 32);
|
---|
| 1212 | #ifdef SH_USE_XML
|
---|
| 1213 | sl_snprintf(tmp, 128,
|
---|
| 1214 | _("ctime_old=\"%s\" ctime_new=\"%s\" "),
|
---|
| 1215 | timstr_o, timstr_n);
|
---|
| 1216 | #else
|
---|
| 1217 | sl_snprintf(tmp, 128,
|
---|
| 1218 | _("ctime_old=<%s>, ctime_new=<%s>, "),
|
---|
| 1219 | timstr_o, timstr_n);
|
---|
| 1220 | #endif
|
---|
| 1221 | sl_strlcat(msg, tmp, SH_BUFSIZE);
|
---|
| 1222 | sl_strlcpy (timstr_o, sh_unix_gmttime (mtime_old), 32);
|
---|
| 1223 | sl_strlcpy (timstr_n, sh_unix_gmttime (mtime_new), 32);
|
---|
| 1224 | #ifdef SH_USE_XML
|
---|
| 1225 | sl_snprintf(tmp, 128,
|
---|
| 1226 | _("mtime_old=\"%s\" mtime_new=\"%s\" "),
|
---|
| 1227 | timstr_o, timstr_n);
|
---|
| 1228 | #else
|
---|
| 1229 | sl_snprintf(tmp, 128,
|
---|
| 1230 | _("mtime_old=<%s>, mtime_new=<%s> "),
|
---|
| 1231 | timstr_o, timstr_n);
|
---|
| 1232 | #endif
|
---|
| 1233 | sl_strlcat(msg, tmp, SH_BUFSIZE);
|
---|
| 1234 | }
|
---|
| 1235 | sh_error_handle (ShKernSeverity, FIL__, __LINE__,
|
---|
[93] | 1236 | 0, MSG_KERN_SYSCALL,
|
---|
[1] | 1237 | i, _(sh_syscalls[i].name), msg);
|
---|
| 1238 | mod_syscall_addr = 0;
|
---|
| 1239 | mod_syscall_code = 0;
|
---|
| 1240 | }
|
---|
| 1241 | }
|
---|
| 1242 | }
|
---|
[93] | 1243 | return;
|
---|
| 1244 | }
|
---|
| 1245 |
|
---|
| 1246 | int sh_kern_check_internal ()
|
---|
| 1247 | {
|
---|
| 1248 | int kd;
|
---|
| 1249 | int is_init;
|
---|
| 1250 | pid_t mpid;
|
---|
| 1251 | int mpipe[2];
|
---|
| 1252 | int status = 0;
|
---|
[1] | 1253 |
|
---|
[93] | 1254 | struct sh_kernel_info kinfo;
|
---|
| 1255 |
|
---|
| 1256 |
|
---|
| 1257 | SL_ENTER(_("sh_kern_check_internal"));
|
---|
| 1258 |
|
---|
| 1259 | /* -- Check whether initialisation is required; if yes, initialize.
|
---|
| 1260 | */
|
---|
| 1261 |
|
---|
| 1262 | if (0 != check_init(&is_init))
|
---|
[1] | 1263 | {
|
---|
[93] | 1264 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1265 | }
|
---|
| 1266 |
|
---|
| 1267 |
|
---|
| 1268 | /* -- Open /dev/kmem and fork subprocess to read from it.
|
---|
| 1269 | */
|
---|
| 1270 |
|
---|
| 1271 | if (kaddr == (unsigned int) -1) /* kaddr = address of the sys_call_table */
|
---|
| 1272 | {
|
---|
| 1273 | sh_error_handle (ShKernSeverity, FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1274 | _("no address for sys_call_table - switching off"),
|
---|
| 1275 | _("kern_check_internal") );
|
---|
| 1276 | ShKernActive = S_FALSE;
|
---|
| 1277 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1278 | }
|
---|
| 1279 |
|
---|
| 1280 | kd = aud_open(FIL__, __LINE__, SL_YESPRIV, _("/dev/kmem"), O_RDONLY, 0);
|
---|
| 1281 |
|
---|
| 1282 | if (kd < 0)
|
---|
| 1283 | {
|
---|
| 1284 | status = errno;
|
---|
| 1285 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1286 | _("error opening /dev/kmem"),
|
---|
| 1287 | _("kern_check_internal") );
|
---|
| 1288 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1289 | }
|
---|
| 1290 |
|
---|
| 1291 | status = aud_pipe(FIL__, __LINE__, mpipe);
|
---|
| 1292 |
|
---|
| 1293 | if (status == 0)
|
---|
| 1294 | {
|
---|
| 1295 | mpid = aud_fork(FIL__, __LINE__);
|
---|
| 1296 |
|
---|
| 1297 | switch (mpid)
|
---|
[1] | 1298 | {
|
---|
[93] | 1299 | case -1:
|
---|
| 1300 | status = -1;
|
---|
| 1301 | break;
|
---|
| 1302 | case 0:
|
---|
[1] | 1303 |
|
---|
[93] | 1304 | /* -- Child process reads /dev/kmem and writes to pipe
|
---|
[1] | 1305 | */
|
---|
[93] | 1306 | run_child(kd, mpipe);
|
---|
| 1307 | break;
|
---|
[1] | 1308 |
|
---|
[93] | 1309 | /* -- Parent process reads from child via pipe
|
---|
| 1310 | */
|
---|
| 1311 | default:
|
---|
| 1312 | close(kd);
|
---|
| 1313 | status = read_from_child(mpid, mpipe, &kinfo);
|
---|
| 1314 | break;
|
---|
| 1315 | }
|
---|
| 1316 | }
|
---|
[1] | 1317 |
|
---|
[93] | 1318 | if ( status < 0)
|
---|
| 1319 | {
|
---|
| 1320 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1321 | _("error reading from /dev/kmem"),
|
---|
| 1322 | _("kern_check_internal") );
|
---|
| 1323 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1324 | }
|
---|
[1] | 1325 |
|
---|
[93] | 1326 | /* -- Check the proc_root inode.
|
---|
| 1327 | *
|
---|
| 1328 | * This will detect adore-ng.
|
---|
| 1329 | */
|
---|
| 1330 | check_proc_root( &kinfo );
|
---|
[1] | 1331 |
|
---|
| 1332 |
|
---|
[93] | 1333 | /* -- Check the system_call syscall gate.
|
---|
| 1334 | *
|
---|
| 1335 | * Stored(old) is system_call_code[]
|
---|
| 1336 | */
|
---|
| 1337 | check_syscall_gate( is_init, &kinfo );
|
---|
[1] | 1338 |
|
---|
[93] | 1339 | /* -- Check the individual syscalls
|
---|
| 1340 | *
|
---|
| 1341 | * Stored(old) is sh_syscalls[] array.
|
---|
| 1342 | */
|
---|
| 1343 | check_system_calls ( is_init, &kinfo );
|
---|
| 1344 |
|
---|
| 1345 | /* -- Check the Interrupt Descriptor Table
|
---|
| 1346 | */
|
---|
| 1347 | check_idt_table(is_init);
|
---|
| 1348 |
|
---|
| 1349 | /* -- Check PCI ROM
|
---|
| 1350 | */
|
---|
| 1351 | check_pci();
|
---|
| 1352 |
|
---|
[1] | 1353 | SL_RETURN( (0), _("sh_kern_check_internal"));
|
---|
| 1354 | }
|
---|
| 1355 | /* ifdef HOST_IS_LINUX */
|
---|
| 1356 | #else
|
---|
| 1357 |
|
---|
[93] | 1358 | /********************************************************
|
---|
| 1359 | *
|
---|
| 1360 | * --- BSD ---
|
---|
| 1361 | *
|
---|
| 1362 | ********************************************************/
|
---|
| 1363 |
|
---|
[1] | 1364 | #include <err.h>
|
---|
| 1365 | #include <kvm.h>
|
---|
| 1366 | #include <nlist.h>
|
---|
| 1367 |
|
---|
| 1368 | /* not OpenBSD */
|
---|
| 1369 | #if defined(HOST_IS_FREEBSD)
|
---|
| 1370 | #include <sys/sysent.h>
|
---|
| 1371 | #endif
|
---|
| 1372 |
|
---|
| 1373 | #include <sys/syscall.h>
|
---|
| 1374 | #ifndef SYS_MAXSYSCALL
|
---|
| 1375 | #define SYS_MAXSYSCALL 512
|
---|
| 1376 | #endif
|
---|
| 1377 |
|
---|
| 1378 | #ifdef __OpenBSD__
|
---|
| 1379 | struct proc;
|
---|
| 1380 | struct sysent {
|
---|
| 1381 | short sy_narg;
|
---|
| 1382 | short sy_argsize;
|
---|
| 1383 | int (*sy_call)(struct proc *, void *, register_t *);
|
---|
| 1384 | };
|
---|
| 1385 | #endif
|
---|
| 1386 |
|
---|
| 1387 | int sh_kern_data_init ()
|
---|
| 1388 | {
|
---|
| 1389 | unsigned long store0 = 0;
|
---|
| 1390 | unsigned int store1 = 0, store2 = 0;
|
---|
| 1391 | int datasize, i;
|
---|
| 1392 | char * databuf = NULL;
|
---|
| 1393 |
|
---|
| 1394 | /* syscall address and code
|
---|
| 1395 | */
|
---|
| 1396 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 1397 | {
|
---|
| 1398 | databuf = sh_kern_db_syscall (i, _("syscall"),
|
---|
| 1399 | NULL, &store0, &store1, &store2,
|
---|
[93] | 1400 | &datasize, SH_KERN_DBPOP);
|
---|
[1] | 1401 | sh_syscalls[i].addr = store0;
|
---|
| 1402 | if (databuf != NULL) { SH_FREE(databuf); }
|
---|
| 1403 | if (store0 == 0) {
|
---|
| 1404 | sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN,
|
---|
| 1405 | _("syscall address not found in database"),
|
---|
| 1406 | _("sh_kern_data_init"));
|
---|
| 1407 | return -1;
|
---|
| 1408 | }
|
---|
| 1409 |
|
---|
| 1410 | sh_syscalls[i].code[0] = (unsigned int) store1;
|
---|
| 1411 | sh_syscalls[i].code[1] = (unsigned int) store2;
|
---|
| 1412 | if ((store1 == 0) || (store2 == 0)) {
|
---|
| 1413 | sh_error_handle(SH_ERR_ERR, FIL__, __LINE__, 0, MSG_E_SUBGEN,
|
---|
| 1414 | _("syscall code not found in database"),
|
---|
| 1415 | _("sh_kern_data_init"));
|
---|
| 1416 | return -1;
|
---|
| 1417 | }
|
---|
| 1418 |
|
---|
| 1419 | }
|
---|
| 1420 |
|
---|
| 1421 | return 0;
|
---|
| 1422 | }
|
---|
| 1423 |
|
---|
| 1424 | int sh_kern_check_internal ()
|
---|
| 1425 | {
|
---|
| 1426 | struct sysent sy;
|
---|
| 1427 | kvm_t * kd;
|
---|
| 1428 | int i;
|
---|
| 1429 | int status = -1;
|
---|
| 1430 | char errbuf[_POSIX2_LINE_MAX+1];
|
---|
| 1431 | struct nlist * sys_list;
|
---|
| 1432 | struct nlist list[2];
|
---|
| 1433 |
|
---|
| 1434 | unsigned long offset = 0L;
|
---|
| 1435 | unsigned int syscall_code[2]; /* 8 bytes */
|
---|
| 1436 | unsigned long syscall_addr;
|
---|
| 1437 |
|
---|
| 1438 | unsigned long store0 = 0;
|
---|
| 1439 | unsigned int store1 = 0, store2 = 0;
|
---|
| 1440 |
|
---|
| 1441 | UINT64 size_old = 0, size_new = 0;
|
---|
| 1442 | UINT64 mtime_old = 0, mtime_new = 0;
|
---|
| 1443 | UINT64 ctime_old = 0, ctime_new = 0;
|
---|
| 1444 | char tmp[128];
|
---|
| 1445 | char msg[2*SH_BUFSIZE];
|
---|
| 1446 | char timstr_o[32];
|
---|
| 1447 | char timstr_n[32];
|
---|
| 1448 |
|
---|
| 1449 | static int is_init = 0;
|
---|
| 1450 |
|
---|
| 1451 | SL_ENTER(_("sh_kern_check_internal"));
|
---|
| 1452 |
|
---|
| 1453 | if (is_init == 0)
|
---|
| 1454 | {
|
---|
| 1455 | if (sh.flag.checkSum != SH_CHECK_INIT && sh.flag.update != S_TRUE)
|
---|
| 1456 | {
|
---|
| 1457 | if (0 == sh_kern_data_init()) {
|
---|
| 1458 | is_init = 1;
|
---|
| 1459 | } else {
|
---|
| 1460 | sh_error_handle (ShKernSeverity, FIL__, __LINE__, status,
|
---|
| 1461 | MSG_E_SUBGEN,
|
---|
| 1462 | _("could not initialize - switching off"),
|
---|
| 1463 | _("kern_check_internal") );
|
---|
| 1464 | ShKernActive = S_FALSE;
|
---|
| 1465 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1466 | }
|
---|
| 1467 | }
|
---|
| 1468 | else if ((sh.flag.checkSum == SH_CHECK_INIT ||
|
---|
| 1469 | sh.flag.checkSum == SH_CHECK_CHECK) &&
|
---|
| 1470 | (sh.flag.update == S_TRUE))
|
---|
| 1471 | {
|
---|
| 1472 | if (0 == sh_kern_data_init()) {
|
---|
| 1473 | is_init = 1;
|
---|
| 1474 | } else {
|
---|
| 1475 | sh_error_handle (ShKernSeverity, FIL__, __LINE__, status,
|
---|
| 1476 | MSG_E_SUBGEN,
|
---|
| 1477 | _("no or incomplete data in baseline database"),
|
---|
| 1478 | _("kern_check_internal") );
|
---|
| 1479 | }
|
---|
| 1480 | }
|
---|
| 1481 | }
|
---|
| 1482 |
|
---|
| 1483 | /* defined, but not used
|
---|
| 1484 | */
|
---|
| 1485 | ShKernDelay = 0;
|
---|
| 1486 |
|
---|
| 1487 | list[0].n_name = "_sysent";
|
---|
| 1488 | list[1].n_name = NULL;
|
---|
| 1489 |
|
---|
| 1490 | kd = kvm_openfiles(NULL, NULL, NULL, O_RDONLY, errbuf);
|
---|
| 1491 | if (!kd)
|
---|
| 1492 | {
|
---|
| 1493 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1494 | errbuf,
|
---|
| 1495 | _("kvm_openfiles") );
|
---|
| 1496 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1497 | }
|
---|
| 1498 |
|
---|
| 1499 | i = kvm_nlist(kd, list);
|
---|
| 1500 | if (i == -1)
|
---|
| 1501 | {
|
---|
| 1502 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1503 | kvm_geterr(kd),
|
---|
| 1504 | _("kvm_nlist (_sysent)") );
|
---|
| 1505 | kvm_close(kd);
|
---|
| 1506 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1507 | }
|
---|
| 1508 |
|
---|
| 1509 | sys_list = SH_ALLOC((SYS_MAXSYSCALL+1) * sizeof(struct nlist));
|
---|
| 1510 |
|
---|
| 1511 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 1512 | sys_list[i].n_name = sh_syscalls[i].name;
|
---|
| 1513 | sys_list[SH_MAXCALLS].n_name = NULL;
|
---|
| 1514 |
|
---|
| 1515 | i = kvm_nlist(kd, sys_list);
|
---|
| 1516 | if (i == -1)
|
---|
| 1517 | {
|
---|
| 1518 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1519 | kvm_geterr(kd),
|
---|
| 1520 | _("kvm_nlist (syscalls)") );
|
---|
| 1521 | kvm_close(kd);
|
---|
| 1522 | SH_FREE(sys_list);
|
---|
| 1523 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1524 | }
|
---|
| 1525 | else if (i > 0)
|
---|
| 1526 | {
|
---|
| 1527 | sl_snprintf(tmp, 128,
|
---|
| 1528 | _("%d invalid syscalls"), i);
|
---|
| 1529 | /*
|
---|
| 1530 | for (i = 0; i < SH_MAXCALLS; ++i) {
|
---|
| 1531 | if (sys_list[i].n_type == 0 && sys_list[i].n_value == 0)
|
---|
| 1532 | fprintf(stderr, "invalid: [%3d] %s\n", i, sh_syscalls[i].name);
|
---|
| 1533 | }
|
---|
| 1534 | */
|
---|
| 1535 | sh_error_handle (SH_ERR_ALL, FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1536 | tmp,
|
---|
| 1537 | _("kvm_nlist (syscalls)") );
|
---|
| 1538 | }
|
---|
| 1539 |
|
---|
| 1540 | /* Check the individual syscalls
|
---|
| 1541 | *
|
---|
| 1542 | * Stored(old) is sh_syscalls[] array.
|
---|
| 1543 | */
|
---|
[3] | 1544 | if (sh.flag.checkSum == SH_CHECK_INIT || sh.flag.update == S_TRUE)
|
---|
[1] | 1545 | {
|
---|
| 1546 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 1547 | {
|
---|
| 1548 | if (sh_syscalls[i].name == NULL)
|
---|
| 1549 | {
|
---|
| 1550 | sl_snprintf(tmp, 128,
|
---|
| 1551 | _("too few entries in sh_syscalls[]: have %d, expect %d"),
|
---|
| 1552 | i, SH_MAXCALLS);
|
---|
| 1553 |
|
---|
| 1554 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1555 | tmp,
|
---|
| 1556 | _("sh_kern_check_internal") );
|
---|
| 1557 | break;
|
---|
| 1558 | }
|
---|
| 1559 |
|
---|
| 1560 | /* read address of syscall from sysent table
|
---|
| 1561 | */
|
---|
| 1562 | offset = list[0].n_value + (i*sizeof(struct sysent));
|
---|
| 1563 | if (kvm_read(kd, offset, &sy, sizeof(struct sysent)) < 0)
|
---|
| 1564 | {
|
---|
| 1565 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1566 | kvm_geterr(kd),
|
---|
| 1567 | _("kvm_read (syscall table)") );
|
---|
| 1568 | kvm_close(kd);
|
---|
| 1569 | SH_FREE(sys_list);
|
---|
| 1570 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1571 | }
|
---|
| 1572 | syscall_addr = (unsigned long) sy.sy_call;
|
---|
| 1573 | store0 = syscall_addr;
|
---|
| 1574 |
|
---|
| 1575 | /* read the syscall code
|
---|
| 1576 | */
|
---|
| 1577 | if(kvm_read(kd, (unsigned int) sy.sy_call, &(syscall_code[0]),
|
---|
| 1578 | 2 * sizeof(unsigned int)) < 0)
|
---|
| 1579 | {
|
---|
| 1580 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1581 | kvm_geterr(kd),
|
---|
| 1582 | _("kvm_read (syscall code)") );
|
---|
| 1583 | kvm_close(kd);
|
---|
| 1584 | SH_FREE(sys_list);
|
---|
| 1585 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1586 | }
|
---|
| 1587 | store1 = syscall_code[0]; store2 = syscall_code[1];
|
---|
| 1588 |
|
---|
| 1589 | sh_kern_db_syscall (i, _("syscall"),
|
---|
| 1590 | NULL, &store0, &store1, &store2,
|
---|
[93] | 1591 | 0, SH_KERN_DBPUSH);
|
---|
[1] | 1592 | }
|
---|
| 1593 | }
|
---|
| 1594 |
|
---|
| 1595 | if ((sh.flag.checkSum != SH_CHECK_INIT) ||
|
---|
| 1596 | (sh.flag.update == S_TRUE && is_init == 1))
|
---|
| 1597 | {
|
---|
| 1598 | for (i = 0; i < SH_MAXCALLS; ++i)
|
---|
| 1599 | {
|
---|
| 1600 | if (sh_syscalls[i].name == NULL)
|
---|
| 1601 | {
|
---|
| 1602 | sl_snprintf(tmp, 128,
|
---|
| 1603 | _("too few entries in sh_syscalls[]: have %d, expect %d"),
|
---|
| 1604 | i, SH_MAXCALLS);
|
---|
| 1605 |
|
---|
| 1606 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1607 | tmp,
|
---|
| 1608 | _("sh_kern_check_internal") );
|
---|
| 1609 | break;
|
---|
| 1610 | }
|
---|
| 1611 |
|
---|
| 1612 | /* read address of syscall from sysent table
|
---|
| 1613 | */
|
---|
| 1614 | offset = list[0].n_value + (i*sizeof(struct sysent));
|
---|
| 1615 | if (kvm_read(kd, offset, &sy, sizeof(struct sysent)) < 0)
|
---|
| 1616 | {
|
---|
| 1617 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1618 | kvm_geterr(kd),
|
---|
| 1619 | _("kvm_read (syscall table)") );
|
---|
| 1620 | kvm_close(kd);
|
---|
| 1621 | SH_FREE(sys_list);
|
---|
| 1622 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1623 | }
|
---|
| 1624 | syscall_addr = (unsigned long) sy.sy_call;
|
---|
| 1625 |
|
---|
| 1626 | if (sh_syscalls[i].addr != syscall_addr)
|
---|
| 1627 | {
|
---|
| 1628 | #ifdef SH_USE_XML
|
---|
| 1629 | sl_snprintf(tmp, 128, "path=\"K_%s_%04d\" ",
|
---|
| 1630 | _("syscall"), i);
|
---|
| 1631 | #else
|
---|
| 1632 | sl_snprintf(tmp, 128, "path=<K_%s_%04d>, ",
|
---|
| 1633 | _("syscall"), i);
|
---|
| 1634 | #endif
|
---|
| 1635 | sl_strlcpy(msg, tmp, SH_BUFSIZE);
|
---|
| 1636 |
|
---|
| 1637 | size_old = sh_syscalls[i].addr;
|
---|
| 1638 | size_new = syscall_addr;
|
---|
| 1639 | sl_snprintf(tmp, 128, sh_hash_size_format(),
|
---|
| 1640 | size_old, size_new);
|
---|
| 1641 | sl_strlcat(msg, tmp, SH_BUFSIZE);
|
---|
| 1642 |
|
---|
| 1643 | sh_error_handle (ShKernSeverity, FIL__, __LINE__,
|
---|
| 1644 | status, MSG_KERN_SYSCALL,
|
---|
| 1645 | i, _(sh_syscalls[i].name),
|
---|
| 1646 | msg);
|
---|
| 1647 | sh_syscalls[i].addr = syscall_addr;
|
---|
| 1648 | }
|
---|
| 1649 | else
|
---|
| 1650 | {
|
---|
| 1651 | /* read the syscall code
|
---|
| 1652 | */
|
---|
| 1653 | if(kvm_read(kd, (unsigned int) sy.sy_call, &(syscall_code[0]),
|
---|
| 1654 | 2 * sizeof(unsigned int)) < 0)
|
---|
| 1655 | {
|
---|
| 1656 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1657 | kvm_geterr(kd),
|
---|
| 1658 | _("kvm_read (syscall code)") );
|
---|
| 1659 | kvm_close(kd);
|
---|
| 1660 | SH_FREE(sys_list);
|
---|
| 1661 | SL_RETURN( (-1), _("sh_kern_check_internal"));
|
---|
| 1662 | }
|
---|
| 1663 |
|
---|
| 1664 | if (sh_syscalls[i].code[0] != syscall_code[0] ||
|
---|
| 1665 | sh_syscalls[i].code[1] != syscall_code[1])
|
---|
| 1666 | {
|
---|
| 1667 | mtime_old = sh_syscalls[i].code[0];
|
---|
| 1668 | mtime_new = syscall_code[0];
|
---|
| 1669 | ctime_old = sh_syscalls[i].code[1];
|
---|
| 1670 | ctime_new = syscall_code[1];
|
---|
| 1671 |
|
---|
| 1672 | #ifdef SH_USE_XML
|
---|
| 1673 | sl_snprintf(tmp, 128, "path=\"K_%s_%04d\" ",
|
---|
| 1674 | _("syscall"), i);
|
---|
| 1675 | #else
|
---|
| 1676 | sl_snprintf(tmp, 128, "path=<K_%s_%04d>, ",
|
---|
| 1677 | _("syscall"), i);
|
---|
| 1678 | #endif
|
---|
| 1679 | sl_strlcpy(msg, tmp, SH_BUFSIZE);
|
---|
| 1680 |
|
---|
| 1681 | sl_strlcpy (timstr_o, sh_unix_gmttime (ctime_old), 32);
|
---|
| 1682 | sl_strlcpy (timstr_n, sh_unix_gmttime (ctime_new), 32);
|
---|
| 1683 | #ifdef SH_USE_XML
|
---|
| 1684 | sl_snprintf(tmp, 128,
|
---|
| 1685 | _("ctime_old=\"%s\" ctime_new=\"%s\" "),
|
---|
| 1686 | timstr_o, timstr_n);
|
---|
| 1687 | #else
|
---|
| 1688 | sl_snprintf(tmp, 128,
|
---|
| 1689 | _("ctime_old=<%s>, ctime_new=<%s>, "),
|
---|
| 1690 | timstr_o, timstr_n);
|
---|
| 1691 | #endif
|
---|
| 1692 | sl_strlcat(msg, tmp, SH_BUFSIZE);
|
---|
| 1693 | sl_strlcpy (timstr_o, sh_unix_gmttime (mtime_old), 32);
|
---|
| 1694 | sl_strlcpy (timstr_n, sh_unix_gmttime (mtime_new), 32);
|
---|
| 1695 | #ifdef SH_USE_XML
|
---|
| 1696 | sl_snprintf(tmp, 128,
|
---|
| 1697 | _("mtime_old=\"%s\" mtime_new=\"%s\" "),
|
---|
| 1698 | timstr_o, timstr_n);
|
---|
| 1699 | #else
|
---|
| 1700 | sl_snprintf(tmp, 128,
|
---|
| 1701 | _("mtime_old=<%s>, mtime_new=<%s> "),
|
---|
| 1702 | timstr_o, timstr_n);
|
---|
| 1703 | #endif
|
---|
| 1704 | sl_strlcat(msg, tmp, SH_BUFSIZE);
|
---|
| 1705 |
|
---|
| 1706 | sh_error_handle (ShKernSeverity, FIL__, __LINE__,
|
---|
| 1707 | status, MSG_KERN_SYSCALL,
|
---|
| 1708 | i, _(sh_syscalls[i].name),
|
---|
| 1709 | msg);
|
---|
| 1710 | sh_syscalls[i].code[0] = syscall_code[0];
|
---|
| 1711 | sh_syscalls[i].code[1] = syscall_code[1];
|
---|
| 1712 | }
|
---|
| 1713 | }
|
---|
| 1714 | }
|
---|
| 1715 | }
|
---|
| 1716 | SH_FREE(sys_list);
|
---|
| 1717 | if(kvm_close(kd) < 0)
|
---|
| 1718 | {
|
---|
| 1719 | sh_error_handle ((-1), FIL__, __LINE__, status, MSG_E_SUBGEN,
|
---|
| 1720 | kvm_geterr(kd),
|
---|
| 1721 | _("kvm_close") );
|
---|
| 1722 | exit(EXIT_FAILURE);
|
---|
| 1723 | }
|
---|
| 1724 |
|
---|
| 1725 | SL_RETURN( (0), _("sh_kern_check_internal"));
|
---|
| 1726 | }
|
---|
| 1727 |
|
---|
| 1728 | #endif
|
---|
| 1729 |
|
---|
| 1730 | /*************
|
---|
| 1731 | *
|
---|
| 1732 | * module init
|
---|
| 1733 | *
|
---|
| 1734 | *************/
|
---|
| 1735 | #if defined(HOST_IS_LINUX)
|
---|
| 1736 | #include <sys/utsname.h>
|
---|
| 1737 | #endif
|
---|
| 1738 |
|
---|
| 1739 | static int AddressReconf = 0;
|
---|
| 1740 |
|
---|
| 1741 | int sh_kern_init ()
|
---|
| 1742 | {
|
---|
| 1743 | #if defined(HOST_IS_LINUX)
|
---|
| 1744 | struct utsname buf;
|
---|
| 1745 | char * str;
|
---|
| 1746 | #endif
|
---|
| 1747 |
|
---|
| 1748 | SL_ENTER(_("sh_kern_init"));
|
---|
| 1749 | if (ShKernActive == S_FALSE)
|
---|
| 1750 | SL_RETURN( (-1), _("sh_kern_init"));
|
---|
| 1751 |
|
---|
| 1752 | #if defined(HOST_IS_LINUX)
|
---|
| 1753 | uname(&buf);
|
---|
| 1754 |
|
---|
| 1755 | if ((AddressReconf < 5) && (0 != strcmp(SH_KERNEL_VERSION, buf.release)))
|
---|
| 1756 | {
|
---|
| 1757 | str = SH_ALLOC(256);
|
---|
| 1758 | sl_snprintf(str, 256,
|
---|
| 1759 | "Compiled for kernel %s, but current kernel is %s, and kernel addresses have not been re-configured",
|
---|
| 1760 | SH_KERNEL_VERSION, buf.release);
|
---|
| 1761 | sh_error_handle (SH_ERR_ERR, FIL__, __LINE__, EINVAL, MSG_E_SUBGEN,
|
---|
| 1762 | str,
|
---|
| 1763 | _("kern_check") );
|
---|
| 1764 | SH_FREE(str);
|
---|
| 1765 | ShKernActive = S_FALSE;
|
---|
| 1766 | SL_RETURN( (-1), _("sh_kern_init"));
|
---|
| 1767 | }
|
---|
| 1768 | #endif
|
---|
| 1769 |
|
---|
| 1770 | lastcheck = time (NULL);
|
---|
| 1771 | if (sh.flag.checkSum != SH_CHECK_INIT)
|
---|
| 1772 | {
|
---|
| 1773 | sh_error_handle (SH_ERR_INFO, FIL__, __LINE__, 0, MSG_E_SUBGEN,
|
---|
| 1774 | _("Checking kernel syscalls"),
|
---|
| 1775 | _("kern_check") );
|
---|
| 1776 | }
|
---|
| 1777 | sh_kern_check_internal ();
|
---|
| 1778 | SL_RETURN( (0), _("sh_kern_init"));
|
---|
| 1779 | }
|
---|
| 1780 |
|
---|
| 1781 | /*************
|
---|
| 1782 | *
|
---|
| 1783 | * module cleanup
|
---|
| 1784 | *
|
---|
| 1785 | *************/
|
---|
| 1786 | int sh_kern_end ()
|
---|
| 1787 | {
|
---|
| 1788 | return (0);
|
---|
| 1789 | }
|
---|
| 1790 |
|
---|
| 1791 |
|
---|
| 1792 | /*************
|
---|
| 1793 | *
|
---|
| 1794 | * module timer
|
---|
| 1795 | *
|
---|
| 1796 | *************/
|
---|
| 1797 | int sh_kern_timer (time_t tcurrent)
|
---|
| 1798 | {
|
---|
| 1799 | if (ShKernActive == S_FALSE)
|
---|
| 1800 | return 0;
|
---|
| 1801 |
|
---|
| 1802 | if ((int) (tcurrent - lastcheck) >= ShKernInterval)
|
---|
| 1803 | {
|
---|
| 1804 | lastcheck = tcurrent;
|
---|
| 1805 | return (-1);
|
---|
| 1806 | }
|
---|
| 1807 | return 0;
|
---|
| 1808 | }
|
---|
| 1809 |
|
---|
| 1810 | /*************
|
---|
| 1811 | *
|
---|
| 1812 | * module check
|
---|
| 1813 | *
|
---|
| 1814 | *************/
|
---|
| 1815 | int sh_kern_check ()
|
---|
| 1816 | {
|
---|
| 1817 | sh_error_handle (SH_ERR_INFO, FIL__, __LINE__, EINVAL, MSG_E_SUBGEN,
|
---|
| 1818 | _("Checking kernel syscalls"),
|
---|
| 1819 | _("kern_check") );
|
---|
| 1820 | return (sh_kern_check_internal ());
|
---|
| 1821 | }
|
---|
| 1822 |
|
---|
| 1823 | /*************
|
---|
| 1824 | *
|
---|
| 1825 | * module setup
|
---|
| 1826 | *
|
---|
| 1827 | *************/
|
---|
| 1828 |
|
---|
[68] | 1829 | int sh_kern_set_severity (const char * c)
|
---|
[1] | 1830 | {
|
---|
| 1831 | char tmp[32];
|
---|
| 1832 | tmp[0] = '='; tmp[1] = '\0';
|
---|
| 1833 | sl_strlcat (tmp, c, 32);
|
---|
| 1834 | sh_error_set_level (tmp, &ShKernSeverity);
|
---|
| 1835 | return 0;
|
---|
| 1836 | }
|
---|
| 1837 |
|
---|
[68] | 1838 | int sh_kern_set_timer (const char * c)
|
---|
[1] | 1839 | {
|
---|
| 1840 | long val;
|
---|
| 1841 |
|
---|
| 1842 | SL_ENTER(_("sh_kern_set_timer"));
|
---|
| 1843 |
|
---|
| 1844 | val = strtol (c, (char **)NULL, 10);
|
---|
| 1845 | if (val <= 0)
|
---|
| 1846 | sh_error_handle ((-1), FIL__, __LINE__, EINVAL, MSG_EINVALS,
|
---|
| 1847 | _("kern timer"), c);
|
---|
| 1848 |
|
---|
| 1849 | val = (val <= 0 ? 60 : val);
|
---|
| 1850 |
|
---|
| 1851 | ShKernInterval = (time_t) val;
|
---|
| 1852 | SL_RETURN( 0, _("sh_kern_set_timer"));
|
---|
| 1853 | }
|
---|
| 1854 |
|
---|
[68] | 1855 | int sh_kern_set_activate (const char * c)
|
---|
[1] | 1856 | {
|
---|
| 1857 | int i;
|
---|
| 1858 | SL_ENTER(_("sh_kern_set_activate"));
|
---|
| 1859 | i = sh_util_flagval(c, &ShKernActive);
|
---|
| 1860 | SL_RETURN(i, _("sh_kern_set_activate"));
|
---|
| 1861 | }
|
---|
| 1862 |
|
---|
[68] | 1863 | int sh_kern_set_idt (const char * c)
|
---|
[1] | 1864 | {
|
---|
| 1865 | int i;
|
---|
| 1866 | SL_ENTER(_("sh_kern_set_idt"));
|
---|
| 1867 | i = sh_util_flagval(c, &ShKernIDT);
|
---|
| 1868 | SL_RETURN(i, _("sh_kern_set_idt"));
|
---|
| 1869 | }
|
---|
| 1870 |
|
---|
[68] | 1871 | int sh_kern_set_sc_addr (const char * c)
|
---|
[1] | 1872 | {
|
---|
| 1873 | char * endptr;
|
---|
| 1874 | unsigned long value;
|
---|
| 1875 |
|
---|
| 1876 | SL_ENTER(_("sh_kern_set_sc_addr"));
|
---|
| 1877 | errno = 0;
|
---|
| 1878 | value = strtoul(c, &endptr, 16);
|
---|
| 1879 | if ((ULONG_MAX == value) && (errno == ERANGE))
|
---|
| 1880 | {
|
---|
| 1881 | SL_RETURN((-1), _("sh_kern_set_sc_addr"));
|
---|
| 1882 | }
|
---|
| 1883 | if ((*c == '\0') || (*endptr != '\0'))
|
---|
| 1884 | {
|
---|
| 1885 | SL_RETURN((-1), _("sh_kern_set_sc_addr"));
|
---|
| 1886 | }
|
---|
| 1887 | system_call_addr = value;
|
---|
| 1888 | ++AddressReconf;
|
---|
| 1889 | SL_RETURN((0), _("sh_kern_set_sc_addr"));
|
---|
| 1890 | }
|
---|
| 1891 |
|
---|
[68] | 1892 | int sh_kern_set_sct_addr (const char * c)
|
---|
[1] | 1893 | {
|
---|
| 1894 | char * endptr;
|
---|
| 1895 | unsigned long value;
|
---|
| 1896 |
|
---|
| 1897 | SL_ENTER(_("sh_kern_set_sct_addr"));
|
---|
| 1898 | errno = 0;
|
---|
| 1899 | value = strtoul(c, &endptr, 16);
|
---|
| 1900 | if ((ULONG_MAX == value) && (errno == ERANGE))
|
---|
| 1901 | {
|
---|
| 1902 | SL_RETURN((-1), _("sh_kern_set_sct_addr"));
|
---|
| 1903 | }
|
---|
| 1904 | if ((*c == '\0') || (*endptr != '\0'))
|
---|
| 1905 | {
|
---|
| 1906 | SL_RETURN((-1), _("sh_kern_set_sct_addr"));
|
---|
| 1907 | }
|
---|
| 1908 | kaddr = (unsigned int) value;
|
---|
| 1909 | ++AddressReconf;
|
---|
| 1910 | SL_RETURN((0), _("sh_kern_set_sct_addr"));
|
---|
| 1911 | }
|
---|
| 1912 |
|
---|
[68] | 1913 | int sh_kern_set_proc_root (const char * c)
|
---|
[1] | 1914 | {
|
---|
| 1915 | char * endptr;
|
---|
| 1916 | unsigned long value;
|
---|
| 1917 |
|
---|
| 1918 | SL_ENTER(_("sh_kern_set_proc_root"));
|
---|
| 1919 | errno = 0;
|
---|
| 1920 | value = strtoul(c, &endptr, 16);
|
---|
| 1921 | if ((ULONG_MAX == value) && (errno == ERANGE))
|
---|
| 1922 | {
|
---|
| 1923 | SL_RETURN((-1), _("sh_kern_set_proc_root"));
|
---|
| 1924 | }
|
---|
| 1925 | if ((*c == '\0') || (*endptr != '\0'))
|
---|
| 1926 | {
|
---|
| 1927 | SL_RETURN((-1), _("sh_kern_set_proc_root"));
|
---|
| 1928 | }
|
---|
| 1929 |
|
---|
| 1930 | proc_root = value;
|
---|
| 1931 | ++AddressReconf;
|
---|
| 1932 | SL_RETURN((0), _("sh_kern_set_proc_root"));
|
---|
| 1933 | }
|
---|
| 1934 |
|
---|
[68] | 1935 | int sh_kern_set_proc_root_iops (const char * c)
|
---|
[1] | 1936 | {
|
---|
| 1937 | char * endptr;
|
---|
| 1938 | unsigned long value;
|
---|
| 1939 |
|
---|
| 1940 | SL_ENTER(_("sh_kern_set_proc_root_iops"));
|
---|
| 1941 | errno = 0;
|
---|
| 1942 | value = strtoul(c, &endptr, 16);
|
---|
| 1943 | if ((ULONG_MAX == value) && (errno == ERANGE))
|
---|
| 1944 | {
|
---|
| 1945 | SL_RETURN((-1), _("sh_kern_set_proc_root_iops"));
|
---|
| 1946 | }
|
---|
| 1947 | if ((*c == '\0') || (*endptr != '\0'))
|
---|
| 1948 | {
|
---|
| 1949 | SL_RETURN((-1), _("sh_kern_set_proc_root_iops"));
|
---|
| 1950 | }
|
---|
| 1951 |
|
---|
| 1952 | proc_root_iops = value;
|
---|
| 1953 | ++AddressReconf;
|
---|
| 1954 | SL_RETURN((0), _("sh_kern_set_proc_root_iops"));
|
---|
| 1955 | }
|
---|
| 1956 |
|
---|
[68] | 1957 | int sh_kern_set_proc_root_lookup (const char * c)
|
---|
[1] | 1958 | {
|
---|
| 1959 | char * endptr;
|
---|
| 1960 | unsigned long value;
|
---|
| 1961 |
|
---|
| 1962 | SL_ENTER(_("sh_kern_set_proc_root_lookup"));
|
---|
| 1963 | errno = 0;
|
---|
| 1964 | value = strtoul(c, &endptr, 16);
|
---|
| 1965 | if ((ULONG_MAX == value) && (errno == ERANGE))
|
---|
| 1966 | {
|
---|
| 1967 | SL_RETURN((-1), _("sh_kern_set_proc_root_lookup"));
|
---|
| 1968 | }
|
---|
| 1969 | if ((*c == '\0') || (*endptr != '\0'))
|
---|
| 1970 | {
|
---|
| 1971 | SL_RETURN((-1), _("sh_kern_set_proc_root_lookup"));
|
---|
| 1972 | }
|
---|
| 1973 | proc_root_lookup = value;
|
---|
| 1974 | ++AddressReconf;
|
---|
| 1975 | SL_RETURN((0), _("sh_kern_set_proc_root_lookup"));
|
---|
| 1976 | }
|
---|
| 1977 |
|
---|
| 1978 | #endif
|
---|
| 1979 |
|
---|
[68] | 1980 | /* #ifdef SH_USE_KERN */
|
---|
[1] | 1981 | #endif
|
---|