• R/O
  • SSH
  • HTTPS

akari: 提交


Commit MetaInfo

修訂683 (tree)
時間2022-05-12 14:23:24
作者kumaneko

Log Message

(empty log message)

Change Summary

差異

--- branches/kportreserve/probe.c (revision 682)
+++ branches/kportreserve/probe.c (revision 683)
@@ -583,6 +583,46 @@
583583 return NULL;
584584 }
585585
586+#elif defined(RHEL_MAJOR) && RHEL_MAJOR == 8 && defined(RHEL_MINOR) && RHEL_MINOR >= 6
587+
588+/**
589+ * probe_security_hook_heads - Find address of "struct security_hook_heads security_hook_heads".
590+ *
591+ * Returns pointer to "struct security_hook_heads" on success, NULL otherwise.
592+ */
593+struct security_hook_heads * __init probe_security_hook_heads(void)
594+{
595+ const unsigned int offset = offsetof(struct security_hook_heads,
596+ bprm_committed_creds);
597+ void *cp;
598+ struct security_hook_heads *shh;
599+ struct security_hook_list *entry;
600+ void *cap = probe_find_symbol(" cap_bprm_repopulate_creds\n");
601+
602+ /* Get location of cap_bprm_repopulate_creds(). */
603+ cap = check_function_address(cap, "cap_bprm_repopulate_creds");
604+ if (!cap)
605+ return NULL;
606+ /* Guess "struct security_hook_heads security_hook_heads;". */
607+ cp = probe_find_variable(probe_security_bprm_committed_creds,
608+ ((unsigned long)
609+ &probe_dummy_security_hook_heads) + offset,
610+ " security_bprm_committed_creds\n");
611+ if (!cp) {
612+ printk(KERN_ERR
613+ "Can't resolve security_bprm_committed_creds().\n");
614+ return NULL;
615+ }
616+ /* This should be "struct security_hook_heads security_hook_heads;". */
617+ shh = ((void *) (*(unsigned long *) cp)) - offset;
618+ hlist_for_each_entry(entry, &shh->bprm_repopulate_creds, list)
619+ if (entry->hook.bprm_repopulate_creds == cap)
620+ return shh;
621+ printk(KERN_ERR "Guessed security_hook_heads is 0x%lx\n",
622+ (unsigned long) shh);
623+ return NULL;
624+}
625+
586626 #elif defined(LSM_HOOK_INIT)
587627
588628 /**
--- branches/tasktracker/probe.c (revision 682)
+++ branches/tasktracker/probe.c (revision 683)
@@ -583,6 +583,46 @@
583583 return NULL;
584584 }
585585
586+#elif defined(RHEL_MAJOR) && RHEL_MAJOR == 8 && defined(RHEL_MINOR) && RHEL_MINOR >= 6
587+
588+/**
589+ * probe_security_hook_heads - Find address of "struct security_hook_heads security_hook_heads".
590+ *
591+ * Returns pointer to "struct security_hook_heads" on success, NULL otherwise.
592+ */
593+struct security_hook_heads * __init probe_security_hook_heads(void)
594+{
595+ const unsigned int offset = offsetof(struct security_hook_heads,
596+ bprm_committed_creds);
597+ void *cp;
598+ struct security_hook_heads *shh;
599+ struct security_hook_list *entry;
600+ void *cap = probe_find_symbol(" cap_bprm_repopulate_creds\n");
601+
602+ /* Get location of cap_bprm_repopulate_creds(). */
603+ cap = check_function_address(cap, "cap_bprm_repopulate_creds");
604+ if (!cap)
605+ return NULL;
606+ /* Guess "struct security_hook_heads security_hook_heads;". */
607+ cp = probe_find_variable(probe_security_bprm_committed_creds,
608+ ((unsigned long)
609+ &probe_dummy_security_hook_heads) + offset,
610+ " security_bprm_committed_creds\n");
611+ if (!cp) {
612+ printk(KERN_ERR
613+ "Can't resolve security_bprm_committed_creds().\n");
614+ return NULL;
615+ }
616+ /* This should be "struct security_hook_heads security_hook_heads;". */
617+ shh = ((void *) (*(unsigned long *) cp)) - offset;
618+ hlist_for_each_entry(entry, &shh->bprm_repopulate_creds, list)
619+ if (entry->hook.bprm_repopulate_creds == cap)
620+ return shh;
621+ printk(KERN_ERR "Guessed security_hook_heads is 0x%lx\n",
622+ (unsigned long) shh);
623+ return NULL;
624+}
625+
586626 #elif defined(LSM_HOOK_INIT)
587627
588628 /**
--- trunk/akari/permission.c (revision 682)
+++ trunk/akari/permission.c (revision 683)
@@ -431,6 +431,29 @@
431431
432432 /***** SECTION4: Standalone functions section *****/
433433
434+#if defined(RHEL_MAJOR) && RHEL_MAJOR == 8 && defined(RHEL_MINOR) && RHEL_MINOR >= 6
435+
436+/**
437+ * prepare_binprm - Read the first BINPRM_BUF_SIZE bytes.
438+ *
439+ * @bprm: Pointer to "struct linux_binprm".
440+ *
441+ * This is not the same with prepare_binprm() in fs/exec.c due to not exported
442+ * bprm_fill_uid()/security_bprm_repopulate_creds(). I guess that RHBZ#1993665
443+ * decided to accept a not-yet-upstreamed "exec: Control flow simplifications"
444+ * feature. But since this path is used by execute_handler, I assume that
445+ * suid/sgid is not set on programs called via this path.
446+ */
447+static int prepare_binprm(struct linux_binprm *bprm)
448+{
449+ loff_t pos = 0;
450+
451+ memset(bprm->buf, 0, BINPRM_BUF_SIZE);
452+ return kernel_read(bprm->file, bprm->buf, BINPRM_BUF_SIZE, &pos);
453+}
454+
455+#endif
456+
434457 #if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 8, 0)
435458
436459 /**
--- trunk/akari/probe.c (revision 682)
+++ trunk/akari/probe.c (revision 683)
@@ -583,6 +583,46 @@
583583 return NULL;
584584 }
585585
586+#elif defined(RHEL_MAJOR) && RHEL_MAJOR == 8 && defined(RHEL_MINOR) && RHEL_MINOR >= 6
587+
588+/**
589+ * probe_security_hook_heads - Find address of "struct security_hook_heads security_hook_heads".
590+ *
591+ * Returns pointer to "struct security_hook_heads" on success, NULL otherwise.
592+ */
593+struct security_hook_heads * __init probe_security_hook_heads(void)
594+{
595+ const unsigned int offset = offsetof(struct security_hook_heads,
596+ bprm_committed_creds);
597+ void *cp;
598+ struct security_hook_heads *shh;
599+ struct security_hook_list *entry;
600+ void *cap = probe_find_symbol(" cap_bprm_repopulate_creds\n");
601+
602+ /* Get location of cap_bprm_repopulate_creds(). */
603+ cap = check_function_address(cap, "cap_bprm_repopulate_creds");
604+ if (!cap)
605+ return NULL;
606+ /* Guess "struct security_hook_heads security_hook_heads;". */
607+ cp = probe_find_variable(probe_security_bprm_committed_creds,
608+ ((unsigned long)
609+ &probe_dummy_security_hook_heads) + offset,
610+ " security_bprm_committed_creds\n");
611+ if (!cp) {
612+ printk(KERN_ERR
613+ "Can't resolve security_bprm_committed_creds().\n");
614+ return NULL;
615+ }
616+ /* This should be "struct security_hook_heads security_hook_heads;". */
617+ shh = ((void *) (*(unsigned long *) cp)) - offset;
618+ hlist_for_each_entry(entry, &shh->bprm_repopulate_creds, list)
619+ if (entry->hook.bprm_repopulate_creds == cap)
620+ return shh;
621+ printk(KERN_ERR "Guessed security_hook_heads is 0x%lx\n",
622+ (unsigned long) shh);
623+ return NULL;
624+}
625+
586626 #elif defined(LSM_HOOK_INIT)
587627
588628 /**
Show on old repository browser