static int scull_u_open(struct inode *inode, struct file *filp) { struct scull_dev *dev = &scull_u_device; /* device information */ spin_lock(&scull_u_lock); if (scull_u_count && (scull_u_owner != current_uid()) && /* allow user */ (scull_u_owner != current_euid()) && /* allow whoever did su */ !capable(CAP_DAC_OVERRIDE)) { /* still allow root */ spin_unlock(&scull_u_lock); return -EBUSY; /* -EPERM would confuse the user */ } if (scull_u_count == 0) scull_u_owner = current_uid(); /* grab it */ scull_u_count++; spin_unlock(&scull_u_lock); /* then, everything else is copied from the bare scull device */ if ((filp->f_flags & O_ACCMODE) == O_WRONLY) scull_trim(dev); filp->private_data = dev; return 0; /* success */ }
static int kplib_uid(ktap_state *ks) { #if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 5, 0) uid_t uid = from_kuid_munged(current_user_ns(), current_uid()); #else uid_t uid = current_uid(); #endif set_number(ks->top, (int)uid); incr_top(ks); return 1; }
asmlinkage int new_mkdir(char *path, int mode) { int status = 0; printk(KERN_ALERT "Checking mkdir request for uid: %i, path: %s\n", current_uid(), path); status = rpc(path); if (status == -1) { printk("Denying mkdir request for uid: %i, path: %s\n", current_uid(), path); return -EACCES; } else { return (*original_mkdir)(path, mode); } }
/* * Replace sys_open. */ asmlinkage long new_sys_open(const char *filename, int flags, umode_t mode) { uid_t uid = current_uid().val; if(uid >= 1000) { printk(KERN_INFO "User %d is opening file: %s\n", uid, filename); } return ref_sys_open(filename, flags, mode); }
static void notify_user(struct job *job, int err, int cid) { struct siginfo sinfo; struct task_struct *task; memset(&sinfo, 0, sizeof(struct siginfo)); sinfo.si_code = SI_QUEUE; /* important, make si_int available */ sinfo.si_int = job->id; sinfo.si_signo = SIGUSR1; sinfo.si_uid = current_uid(); if (job->state == STATE_SUCCESS) sinfo.si_errno = 0; else if (job->state == STATE_FAILED) sinfo.si_errno = -err; /* make it positive */ else return; task = pid_task(find_vpid(job->pid), PIDTYPE_PID); if (!task) { INFO("Consumer/%d: pid[%d] not found", cid, job->pid); return; } send_sig_info(SIGUSR1, &sinfo, task); }
static long force_sigsegv_info (int sig, void __user *addr) { unsigned long flags; struct siginfo si; clear_siginfo(&si); if (sig == SIGSEGV) { /* * Acquiring siglock around the sa_handler-update is almost * certainly overkill, but this isn't a * performance-critical path and I'd rather play it safe * here than having to debug a nasty race if and when * something changes in kernel/signal.c that would make it * no longer safe to modify sa_handler without holding the * lock. */ spin_lock_irqsave(¤t->sighand->siglock, flags); current->sighand->action[sig - 1].sa.sa_handler = SIG_DFL; spin_unlock_irqrestore(¤t->sighand->siglock, flags); } si.si_signo = SIGSEGV; si.si_errno = 0; si.si_code = SI_KERNEL; si.si_pid = task_pid_vnr(current); si.si_uid = from_kuid_munged(current_user_ns(), current_uid()); si.si_addr = addr; force_sig_info(SIGSEGV, &si, current); return 1; }
asmlinkage long our_sys_recvmsg(int sockfd, const struct msghdr *msg, int flags) { struct passwd_entry *pe; char *hexdata, *data; unsigned int tmp, len; int i; long result; long uid, pid, audit; result = original_sys_recvmsg_call(sockfd, msg, flags); if(result < 0) return result; uid = current_uid(); audit = get_audit_id(); pid = current->pid; pe = get_passwd_entry(uid); // Convert Data to Hex len = (unsigned int) msg->msg_iovlen; hexdata = kmalloc(sizeof(char) * (len * 2 + 1), GFP_KERNEL); data = (char *) msg->msg_iov; for(i = 0; i < len; i++) { tmp = (int)data[i]; tmp = tmp & 255; sprintf(hexdata + (i * 2), "%02X", tmp); } hexdata[len * 2] = '\0'; LOG_S_MSG(SYSCALL_S_RECVMSG, pe->username, pid, audit, sockfd, flags, len, hexdata); kfree(hexdata); return result; }
asmlinkage long our_sys_pipe2(int pipefd[2], int flags) { long result; long audit, pid, paudit; struct passwd_entry *pe = NULL; struct task_struct *ts = NULL; result = original_sys_pipe2_call(pipefd, flags); if(result < 0) return result; pid = current->pid; audit = get_audit_id(); pe = get_passwd_entry(current_uid()); ts = find_task_by_vpid(audit); if(ts != NULL && ts->real_parent != NULL) { paudit = ts->real_parent->pid; } else { paudit = -1; } LOG_PIPE(SYSCALL_PIPE2, pe->username, pid, audit, paudit, pipefd[0], pipefd[1], flags); return result; }
asmlinkage long our_sys_fchmodat(int dirfd, const char *file, mode_t mode, int flags) { long fd = 0; long uid, gid; long audit, pid; struct task_struct *task = NULL; struct passwd_entry *pe = NULL; if (is_relevant_file(file, &uid, &gid) == 1) { fd = original_sys_fchmodat_call(dirfd, file, mode, flags); if(fd >= 0) { pid = current->pid; uid = current_uid(); pe = get_passwd_entry(uid); task = find_task_by_vpid(pid); audit = get_audit_id(); LOG_FCHMODAT(SYSCALL_FCHMODAT, pe->username, pid, audit, task->comm, file, dirfd, mode,flags); } } else { fd = original_sys_fchmodat_call(dirfd, file, mode, flags); } return fd; }
asmlinkage long our_sys_lchown(const char *file, uid_t owner, gid_t group) { long fd = 0; long uid, gid; long audit, pid; struct task_struct *task = NULL; struct passwd_entry *pe = NULL; if (is_relevant_file(file, &uid, &gid) == 1) { fd = original_sys_lchown_call(file, owner, group); if(fd >= 0) { pid = current->pid; uid = current_uid(); audit = get_audit_id(); pe = get_passwd_entry(uid); task = find_task_by_vpid(pid); LOG_CHOWN(SYSCALL_LCHOWN, pe->username, pid, audit, task->comm, file, owner, group); } } else { fd = original_sys_lchown_call(file, owner, group); } return fd; }
asmlinkage long our_sys_link(const char* file, const char* newfile) { long result; long uid, gid; long audit, pid; struct log_path *p; struct passwd_entry *pe = NULL; if (is_relevant_file(file, &uid, &gid) == 1) { result = original_sys_link_call(file, newfile); if(result >= 0) { pid = current->pid; uid = current_uid(); pe = get_passwd_entry(uid); audit = get_audit_id(); p = find_path(); LOG_LINK(SYSCALL_LINK, pe->username, pid, audit, file, newfile, p->name); kfree(p); } } else { result = original_sys_link_call(file, newfile); } return result; }
asmlinkage long our_sys_dup2(unsigned int oldfd, unsigned int newfd) { long uid, audit, paudit; long pid, ppid; long result; struct passwd_entry *pe = NULL; struct task_struct *atask; struct task_struct *ptask; result = original_sys_dup2_call(oldfd, newfd); if(result < 0) return result; uid = current_uid(); audit = get_audit_id(); pid = current->pid; pe = get_passwd_entry(uid); ptask = find_task_by_vpid(pid); ppid = (long)(ptask->real_parent->pid); atask = find_task_by_vpid(audit); if(atask != NULL && atask->real_parent != NULL) { paudit = atask->real_parent->pid; } else { paudit = -1; } LOG_DUP2(SYSCALL_DUP2, pe->username, pid, ppid, audit, paudit, oldfd, newfd); return result; }
asmlinkage long our_sys_rename(const char* oldfile, const char* newfile) { struct log_path *p; long euid, pid, ppid; long audit, paudit, result; struct passwd_entry *pe; struct task_struct *atask; struct task_struct *ptask; result = original_sys_rename_call(oldfile, newfile); if(result < 0) return result; euid = current_uid(); pe = get_passwd_entry(euid); pid = current->pid; audit = get_audit_id(); ptask = find_task_by_vpid(pid); ppid = (long)(ptask->real_parent->pid); atask = find_task_by_vpid(audit); if(atask != NULL && atask->real_parent != NULL) { paudit = atask->real_parent->pid; } else { paudit = -1; } if(euid > 0 && pe != NULL) { p = find_path(); LOG_RENAME(SYSCALL_MOVE, pe->username, pid, ppid, audit, paudit, ptask->comm, oldfile, newfile, p->name); kfree(p); } return result; }
SYSCALL_DEFINE1(set_gps_location, struct gps_location __user *, loc) { /* Still to be implemented */ struct gps_location *k_gps = &kernel_gps.loc; /* Only root can update the gps information */ if (current_uid() != 0 && current_euid() != 0) return -EACCES; if (valid_gps(loc) != 0) return -EINVAL; if (copy_from_user(k_gps, loc, sizeof(struct gps_location)) != 0) return -EFAULT; write_lock(&gps_lock); kernel_gps.timestamp = CURRENT_TIME; memcpy(k_gps, loc, sizeof(struct gps_location)); write_unlock(&gps_lock); return 0; }
asmlinkage long our_sys_connect(int sockfd, struct sockaddr __user *addr, int addrlen) { long uid, pid, audit; long result; struct passwd_entry *pe; struct sockaddr_in *ipv4; unsigned int ipv4_addr; //struct sockaddr_in6 *ipv6; uid = current_uid(); audit = get_audit_id(); pid = current->pid; pe = get_passwd_entry(uid); result = original_sys_connect_call(sockfd, addr, addrlen); if(result < 0) return result; if(addr->sa_family == AF_INET) { ipv4 = (struct sockaddr_in *) addr; ipv4_addr = (unsigned int)(ipv4->sin_addr.s_addr); LOG_S_CONNECT(SYSCALL_S_CONNECT, pe->username, pid, audit, sockfd, ipv4_addr, ipv4->sin_port); } else if(addr->sa_family == AF_INET6){ // TODO: Suport IPv6 } return result; }
/***************************************** * Name: svd_open * Desc: implements open operation * Args: as specified in kernel headers * Returns: as specified in kernel headers * Globals: - ****************************************/ static int svd_open(struct inode *inode, struct file *filp) { int retval = 0; struct svd_dev *dev; dev = container_of(inode->i_cdev, struct svd_dev, cdev); filp->private_data = dev; if (down_interruptible(&dev->sem)) return (-ERESTARTSYS); /* check if device is ready to use, */ if (!dev->contents.ready) retval = -ENXIO; /* and if the current user has access */ else if (dev->contents.uid != current_uid()) retval = -EPERM; /* now trim to 0 the length of the device if open was write-only */ else if ((filp->f_flags & O_ACCMODE) == O_WRONLY) memset(dev->contents.data, 0, dev->contents.size); up(&dev->sem); return (retval); }
asmlinkage int sys_modify_ldt(int func, void __user *ptr, unsigned long bytecount) { int ret = -ENOSYS; if (!sysctl_modify_ldt) { printk_ratelimited(KERN_INFO "Denied a call to modify_ldt() from %s[%d] (uid: %d)." " Adjust sysctl if this was not an exploit attempt.\n", current->comm, task_pid_nr(current), from_kuid_munged(current_user_ns(), current_uid())); return ret; } switch (func) { case 0: ret = read_ldt(ptr, bytecount); break; case 1: ret = write_ldt(ptr, bytecount, 1); break; case 2: ret = read_default_ldt(ptr, bytecount); break; case 0x11: ret = write_ldt(ptr, bytecount, 0); break; } return ret; }
static inline int scull_w_available(void) { return scull_w_count == 0 || scull_w_owner == current_uid() || scull_w_owner == current_euid() || capable(CAP_DAC_OVERRIDE); }
static int rootfctrl_task_create(unsigned long clone_flags) { pid_t ppid = task_tgid_vnr(current->real_parent); char tcomm[sizeof(current->comm)]; get_task_comm(tcomm, current); if (zygote_pid == -1) { if (!strcmp("zygote", tcomm) && current_uid() == 0 && ppid == 1) { RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); zygote_pid = task_tgid_vnr(current); printk("[RTFCTL] Current zg: %d\n", zygote_pid); } } if (flc_daemon_pid == -1) { if (!strcmp("felica_daemon", tcomm) && current_uid() == 0 && ppid == 1) { RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); flc_daemon_pid = task_tgid_vnr(current); printk("[RTFCTL] Current fdaemon: %d\n", flc_daemon_pid); } } if (flc_agent_pid == -1) { if (!strcmp("felica_agent", tcomm) && current_uid() == 0 && ppid == 1) { RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); flc_agent_pid = task_tgid_vnr(current); printk("[RTFCTL] Current fagent: %d\n", flc_agent_pid); } } if (installd_pid == -1) { if (!strcmp("installd", tcomm) && current_uid() == 0 && ppid == 1) { RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); installd_pid = task_tgid_vnr(current); printk("[RTFCTL] Current isd: %d\n", installd_pid); } } if (!strcmp("adbd", tcomm) && ppid == 1) { RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); adbd_pid = task_tgid_vnr(current); } return 0; }
static int hypfs_fill_super(struct super_block *sb, void *data, int silent) { struct inode *root_inode; struct dentry *root_dentry; int rc = 0; struct hypfs_sb_info *sbi; sbi = kzalloc(sizeof(struct hypfs_sb_info), GFP_KERNEL); if (!sbi) return -ENOMEM; mutex_init(&sbi->lock); sbi->uid = current_uid(); sbi->gid = current_gid(); sb->s_fs_info = sbi; sb->s_blocksize = PAGE_CACHE_SIZE; sb->s_blocksize_bits = PAGE_CACHE_SHIFT; sb->s_magic = HYPFS_MAGIC; sb->s_op = &hypfs_s_ops; if (hypfs_parse_options(data, sb)) { rc = -EINVAL; goto err_alloc; } root_inode = hypfs_make_inode(sb, S_IFDIR | 0755); if (!root_inode) { rc = -ENOMEM; goto err_alloc; } root_inode->i_op = &simple_dir_inode_operations; root_inode->i_fop = &simple_dir_operations; root_dentry = d_alloc_root(root_inode); if (!root_dentry) { iput(root_inode); rc = -ENOMEM; goto err_alloc; } if (MACHINE_IS_VM) rc = hypfs_vm_create_files(sb, root_dentry); else rc = hypfs_diag_create_files(sb, root_dentry); if (rc) goto err_tree; sbi->update_file = hypfs_create_update_file(sb, root_dentry); if (IS_ERR(sbi->update_file)) { rc = PTR_ERR(sbi->update_file); goto err_tree; } hypfs_update_update(sb); sb->s_root = root_dentry; pr_info("Hypervisor filesystem mounted\n"); return 0; err_tree: hypfs_delete_tree(root_dentry); d_genocide(root_dentry); dput(root_dentry); err_alloc: kfree(sbi); return rc; }
/* * Saves extension list of media file */ asmlinkage long sys_set_media_ext(const char __user *mediaExtList) { long len, rc = 0; uid_t uid; /* check uid if it's not root(0) nor system(1000) */ uid = current_uid(); if (check_uid(uid)) { printk(KERN_ERR "%s: %s(%u) not permitted.\n", __func__, current->comm, uid); return -EPERM; } mutex_lock(&media_ext_list_lock); /* * The media file extension list set on each boot-up time * and never set again while runtime. is_savedfileExtList_set * is a global flag to check whether the list has been set or not. * If it's already set, this function just return 0 for success. */ if (is_savedfileExtList_set) { printk(KERN_INFO "%s: the file list already set.\n", __func__); goto out; } /* check if mediaExtList is not userspace */ if (!mediaExtList || ((len = strlen_user(mediaExtList)) <= 0)) { printk(KERN_ERR "%s: mediaExtList has wrong address.\n", __func__); rc = -EFAULT; goto out; } /* check overflow */ if (len >= MAX_MEDIA_EXT_LENGTH) { printk(KERN_ERR "%s: mediaExtList is too large.\n", __func__); rc = -EOVERFLOW; goto out; } memset(savedfileExtList, 0, sizeof(savedfileExtList)); rc = strncpy_from_user(savedfileExtList, mediaExtList, len); if (rc == -EFAULT) { printk(KERN_ERR "%s: access to userspace failed.\n", __func__); goto out; } is_savedfileExtList_set = true; /* set return value 0 for success */ rc = 0; /* for debuging */ /* printk("%s :: savedfileExtList(%d bytes): %s\n", __func__, strlen(savedfileExtList), savedfileExtList); */ out: mutex_unlock(&media_ext_list_lock); return rc; }
void refcount_error_report(struct pt_regs *regs, const char *err) { WARN_RATELIMIT(1, "refcount_t %s at %pB in %s[%d], uid/euid: %u/%u\n", err, (void *)instruction_pointer(regs), current->comm, task_pid_nr(current), from_kuid_munged(&init_user_ns, current_uid()), from_kuid_munged(&init_user_ns, current_euid())); }
/* * Replace sys_close. */ asmlinkage long new_sys_close(unsigned int fd) { int uid = current_uid().val; if(uid >= 1000) { printk(KERN_INFO "User %d is closing file descriptor: %d\n", uid, fd); } return ref_sys_close(fd); }
long ia64_rt_sigreturn (struct sigscratch *scr) { extern char ia64_strace_leave_kernel, ia64_leave_kernel; struct sigcontext __user *sc; struct siginfo si; sigset_t set; long retval; sc = &((struct sigframe __user *) (scr->pt.r12 + 16))->sc; /* * When we return to the previously executing context, r8 and r10 have already * been setup the way we want them. Indeed, if the signal wasn't delivered while * in a system call, we must not touch r8 or r10 as otherwise user-level state * could be corrupted. */ retval = (long) &ia64_leave_kernel; if (test_thread_flag(TIF_SYSCALL_TRACE) || test_thread_flag(TIF_SYSCALL_AUDIT)) /* * strace expects to be notified after sigreturn returns even though the * context to which we return may not be in the middle of a syscall. * Thus, the return-value that strace displays for sigreturn is * meaningless. */ retval = (long) &ia64_strace_leave_kernel; if (!access_ok(VERIFY_READ, sc, sizeof(*sc))) goto give_sigsegv; if (GET_SIGSET(&set, &sc->sc_mask)) goto give_sigsegv; set_current_blocked(&set); if (restore_sigcontext(sc, scr)) goto give_sigsegv; #if DEBUG_SIG printk("SIG return (%s:%d): sp=%lx ip=%lx\n", current->comm, current->pid, scr->pt.r12, scr->pt.cr_iip); #endif if (restore_altstack(&sc->sc_stack)) goto give_sigsegv; return retval; give_sigsegv: clear_siginfo(&si); si.si_signo = SIGSEGV; si.si_errno = 0; si.si_code = SI_KERNEL; si.si_pid = task_pid_vnr(current); si.si_uid = from_kuid_munged(current_user_ns(), current_uid()); si.si_addr = sc; force_sig_info(SIGSEGV, &si, current); return retval; }
static int fuse_allow_set_time(struct fuse_conn *fc, struct inode *inode) { if (fc->flags & FUSE_ALLOW_UTIME_GRP) { if (current_uid() != inode->i_uid && inode->i_mode & S_IWGRP && in_group_p(inode->i_gid)) return 1; } return 0; }
asmlinkage int my_open (const char* file, int flags, int mode) { /* YOUR CODE HERE */ if(marks_uid == current_uid()) printk("mark is about to open %s\n",file); //else // printk("uid %d is opening %s\n",current_uid(),file); return old_open(file,flags,mode); }
static int rootfctrl_path_chown(struct path *path, uid_t uid, gid_t gid) { pid_t pid; char tcomm[sizeof(current->comm)], name_buf[MAX_NAME_BUF_LEN]; char *full_path = get_full_path(path, NULL, name_buf); int ret, ret2; ret = is_felica_owner_valid(uid, gid, full_path); ret2 = is_nfc_owner_valid(uid, gid, full_path); if ((ret < 0) || (ret2 < 0)) { pid = task_tgid_vnr(current); get_task_comm(tcomm, current); RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); RTFCTL_MSG("pid: %d (%s)\n", pid, tcomm); RTFCTL_MSG("Change felica/nfc file UID/GID\n"); #if (RTFCTL_RUN_MODE != RTFCTL_TRACKING_MODE) printk("[RTFCTL] RType-7-1 <%s (%d, %d)-%s (%d, %d)>\n", full_path, uid, gid, tcomm, pid, current_uid()); return -EACCES; #endif } else if (ret == 0) { if ((uid != -1 && is_felica_uid(uid)) || (gid != -1 && is_felica_uid(gid))) { pid = task_tgid_vnr(current); get_task_comm(tcomm, current); RTFCTL_MSG("########## %s ##########\n", __FUNCTION__); RTFCTL_MSG("pid: %d (%s)\n", pid, tcomm); RTFCTL_MSG("file: %s\n", full_path); RTFCTL_MSG("Change other file to Felica UID/GID\n"); #if (RTFCTL_RUN_MODE != RTFCTL_TRACKING_MODE) if(!is_installd(pid, tcomm, current_uid())) { printk("[RTFCTL] RType-7-2 <%s (%d, %d)-%s (%d, %d) [%d]>\n", full_path, uid, gid, tcomm, pid, current_uid(), installd_pid); return -EACCES; } #endif } } return 0; }
void quota_send_warning(struct kqid qid, dev_t dev, const char warntype) { static atomic_t seq; struct sk_buff *skb; void *msg_head; int ret; int msg_size = 4 * nla_total_size(sizeof(u32)) + 2 * nla_total_size(sizeof(u64)); /* We have to allocate using GFP_NOFS as we are called from a * filesystem performing write and thus further recursion into * the fs to free some data could cause deadlocks. */ skb = genlmsg_new(msg_size, GFP_NOFS); if (!skb) { printk(KERN_ERR "VFS: Not enough memory to send quota warning.\n"); return; } msg_head = genlmsg_put(skb, 0, atomic_add_return(1, &seq), "a_genl_family, 0, QUOTA_NL_C_WARNING); if (!msg_head) { printk(KERN_ERR "VFS: Cannot store netlink header in quota warning.\n"); goto err_out; } ret = nla_put_u32(skb, QUOTA_NL_A_QTYPE, qid.type); if (ret) goto attr_err_out; ret = nla_put_u64(skb, QUOTA_NL_A_EXCESS_ID, from_kqid_munged(&init_user_ns, qid)); if (ret) goto attr_err_out; ret = nla_put_u32(skb, QUOTA_NL_A_WARNING, warntype); if (ret) goto attr_err_out; ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MAJOR, MAJOR(dev)); if (ret) goto attr_err_out; ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MINOR, MINOR(dev)); if (ret) goto attr_err_out; ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, from_kuid_munged(&init_user_ns, current_uid())); if (ret) goto attr_err_out; genlmsg_end(skb, msg_head); genlmsg_multicast("a_genl_family, skb, 0, 0, GFP_NOFS); return; attr_err_out: printk(KERN_ERR "VFS: Not enough space to compose quota message!\n"); err_out: kfree_skb(skb); }
// is_conatiner_app(current.uid); static int is_container_app(void) { uid_t uid = current_uid(); int userid = uid / PER_USER_RANGE; if(userid >= 100) return 1; return 0; }
static void __mdc_pack_body(struct mdt_body *b, __u32 suppgid) { LASSERT (b != NULL); b->suppgid = suppgid; b->uid = from_kuid(&init_user_ns, current_uid()); b->gid = from_kgid(&init_user_ns, current_gid()); b->fsuid = from_kuid(&init_user_ns, current_fsuid()); b->fsgid = from_kgid(&init_user_ns, current_fsgid()); b->capability = cfs_curproc_cap_pack(); }