linD026
9289bfe59c
Fix the warnings raised by Sparse ( #92 )
...
Sparse[1] is a semantic parser, capable of finding out the potential
problems of Linux kernel code. This patch fixed the warnings.
[1] https://www.kernel.org/doc/html/latest/dev-tools/sparse.html
2021-09-04 17:53:29 +08:00
linD026
d27203ef46
Enforce consistent style for directory "other" ( #89 )
2021-09-02 16:26:29 +08:00
linD026
eef2bc4395
Enforce Linux kernel coding style ( #88 )
...
The only exception is to indent with four spaces rather than tabs
for sticking to compact layout of source listing.
Close #87
2021-09-02 15:15:07 +08:00
linD026
cccc98ab2c
Fix disallowed cr0 write protection and close_fd ( #80 )
...
Since the commit 8dbec27a242cd3e2816eeb98d3237b9f57cf6232 [1]
(kernel version v5.3+ [2]) the sensitive CR0 bits in x86 is pinned,
we need to use the inline asm [3][4] to bypass it.
commit 8dbec27a242cd3e2816eeb98d3237b9f57cf6232 :
> With sensitive CR4 bits pinned now, it's possible that the WP bit for
> CR0 might become a target as well.
>
> Following the same reasoning for the CR4 pinning, pin CR0's WP
> bit. Contrary to the cpu feature dependend CR4 pinning this can be done
> with a constant value.
Also, getting "sys_call_table" [8] from the symbol lookup by using the address
of "close_fd" does not work for v5.11+ [5][6]. The reason is the entry of
"sys_call_table[__NR_close]" is not the address of "close_fd", actually
it is "__x64_sys_close" in x86.
Two solutions were proposed: using "kallsyms_lookup_name" [7] or just specifying
the address into the module. The symbol "kallsyms_lookup_name" is unexported
since v5.7; the address of "sys_call_table" can be found in
"/boot/System.map" or "/proc/kallsyms".
Since v5.7, the manual symbol lookup is not guaranteed to work
because of control-flow integrity (or control-flow enforcement [9][10]) is added
[11] for x86, but it is disabled since v5.11 [12][13]. To make sure manual symbol
lookup work, it only uses up to v5.4.
Reference:
[1] 8dbec27a24
[2] https://outflux.net/blog/archives/2019/11/14/security-things-in-linux-v5-3/
[3] https://patchwork.kernel.org/project/linux-kbuild/patch/20200903203053.3411268-3-samitolvanen@google.com/
[4] https://stackoverflow.com/questions/58512430/how-to-write-to-protected-pages-in-the-linux-kernel
[5] https://lore.kernel.org/bpf/20201120231441.29911-21-ebiederm@xmission.com/
[6] https://lore.kernel.org/bpf/87blj83ysq.fsf@x220.int.ebiederm.org/
[7] 0bd476e6c6
[8] 8f27766a88
[9] https://lore.kernel.org/lkml/20200204171425.28073-1-yu-cheng.yu@intel.com/
[10] https://lore.kernel.org/linux-doc/20201110162211.9207-1-yu-cheng.yu@intel.com/T/
[11] 5790921bc1
[12] 20bf2b3787
[13] https://lore.kernel.org/bpf/20210128123842.c9e33949e62f504b84bfadf5@gmail.com/
2021-08-31 11:07:01 +08:00
Jim Huang
d3bde7daed
print_string: Validate tty before accessing its operations
...
Close #81
2021-08-30 01:41:57 +08:00
linD026
06b75942cc
Fix incorrect major number registration in chardev ( #77 )
...
chardev2.c demonstrates the ioctl operation with static major
number MAJOR_NUM, but there also exists "Major," the dynamic
one, which results in registration and deregistration on different
device. Once the module remove, it cannot insert again:
$ sudo insmod chardev2.ko
$ sudo rmmod chardev2
$ cat /proc/devices
Character devices:
...
100 char_dev
$ sudo insmod chardev2.ko
insmod: ERROR: could not insert module chardev2.ko: Device or resource busy
This patch removed the use of dynamic major number.
2021-08-26 03:16:17 +08:00
Tucker Polomik
a183cc72f0
Fix: errno assignment should be comparison.
2021-08-24 11:16:25 -04:00
fennecJ
870b26fa2d
Update several example code for newer kernel
...
Known issues with current example code:
If you using newer kernel(e.g linux 5.11.x) to compile the example code,
you may meet following error:
1. syscall.c:83:50: error: ‘ksys_close’ undeclared;
2. cryptosk.c:17:24: error: field ‘sg’ has incomplete type
3. cryptosk.c:143:9: error: implicit declaration of function
‘get_random_bytes’
4. error: macro "DECLARE_TASKLET" passed 3 arguments, but takes just 2
Solutions/workaround:
1. In syscall.c, replace #include <linux/syscalls.h> with
#include <linux/fdtable.h> and replace ksys_close with close_fd
if the kernel version >= 5.11. [1][2]
2. Add #include <linux/scatterlist.h> into cryptosk.c
3. Add #include <linux/random.h> into cryptosk.c
4. In bottomhalf.c and example_tasklet.c, replace DECLARE_TASKLET
with DECLARE_TASKLET_OLD and dispose third argument(0L). [3]
[1] - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1572bfdf21d4d50e51941498ffe0b56c2289f783
[2] - https://www.mail-archive.com/meta-arago@arago-project.org//msg11939.html
[3] - https://patchwork.kernel.org/project/kernel-hardening/patch/20200716030847.1564131-3-keescook@chromium.org/
2021-08-23 21:30:43 +08:00
gagachang
9827e32e4d
Update some file path to kernel v5.x+ in example/kbleds.c
...
1. drivers/char/vt_ioctl.c -> drivers/tty/vt/vt_ioctl.c
2. drivers/char/keyboard.c -> drivers/tty/vt/keyboard.c
2021-08-21 14:51:37 +08:00
Cyril Brulebois
d85944d107
Mention pr_info() rather than KERN_INFO
...
The latter might have been used along with printk() in an earlier
version, but pr_info() is getting used consistently so adjust the
#include comments accordingly.
For the avoidance of doubt, pr_info() actually comes from printk.h,
which gets #include'd by kernel.h.
2021-08-16 21:53:22 +02:00
Jim Huang
b497b6a34e
Remove never implemented MODULE_SUPPORTED_DEVICE
...
MODULE_SUPPORTED_DEVICE is remove from upstream since March 17, 2021.
See linux.git commit 6417f03
Reported by Niklas Lantau <niklaslantau@gmail.com>
Close #61
2021-08-16 20:19:35 +08:00
Benno Bielmeier
8ba0b0085d
Fix typo: concurent -> concurrent
2021-08-12 07:43:38 +00:00
ChinYikMing
ad4ac48eec
Fix init message
2021-08-10 00:48:19 +08:00
Jim Huang
8c12c8dce1
Make program style consistent again
2021-08-08 01:50:42 +08:00
Hsin-Hsiang Peng
8f32341bee
Fix alignment problem in code block ( #45 )
...
In rendered HTML, the line number should be right aligned, and
code should be left aligned accordingly.
In addition, this patch added the basic build instructions, so that
someone can generated the PDF and HTML files.
Close #44
2021-08-08 01:29:50 +08:00
Jim Huang
10c7a9433a
Apply editorial changes
...
This patch makes source listing shorter and more compact, that helps
when browsing.
2021-08-08 01:24:59 +08:00
Jim Huang
d43259c553
Drop the deprecated init_module() and cleanup_module()
2021-08-08 00:29:24 +08:00
Jim Huang
a26d93037e
Enforce consistent style
...
Execute "make indent" before submitting patches.
2021-08-07 23:33:37 +08:00
Jim Huang
1ac7bacfb8
Shorten chardev
2021-08-07 18:29:39 +08:00
Jim Huang
40e83aa14b
Tidy section: The Device Model
2021-08-07 10:59:15 +08:00
Jim Huang
f8adcdb3c1
procfs4: Shorten and indent
2021-08-07 10:54:19 +08:00
Jim Huang
466e8a00fd
cat_nonblock: Use canonical name scheme and fix unintended assignment
2021-08-05 14:28:12 +08:00
RinHizakura
5940dd9faa
Revise hello-5 and its output ( #38 )
...
For the example module hello_5, the book showed the incorrect output
in corresponding with its execution results.
In addition, this patch changes from myintArray[2] = {-1, -1} to
myintArray[2] = {420, 420}, which help the readers distinguish from
the kernel messages.
2021-08-04 23:42:10 +08:00
demonsome
50e9d9176f
chardev: Revise comment on device node ( #23 )
...
The device file create in this example is "chardev".
So input command "sudo cat /dev/chardev" will get a valid message
"I already told you %d times Hello world!"
2021-07-31 23:03:16 +08:00
linD026
c7a7a667cf
Avoid strlen by assigning explicit length of string for proc_read ( #18 )
...
Since the address of buffer is userspace address, it may trigger an unexpected fault on strlen(buffer).
On Ubuntu 20.04.2 LTS ( 5.8.0-63-generic ), using strlen(buffer) will result in the following:
[ 2168.010930] /proc/buffer1k created
[ 2177.014347] BUG: unable to handle page fault for address: 00007fbbc2a17000
[ 2177.014355] #PF: supervisor read access in kernel mode
[ 2177.014358] #PF: error_code(0x0000) - not-present page
[ 2177.014361] PGD 80000003c61d0067 P4D 80000003c61d0067 PUD 3ee6c5067 PMD 40e1ff067 PTE 0
[ 2177.014369] Oops: 0000 [#1 ] SMP PTI
[ 2177.014376] CPU: 7 PID: 4750 Comm: cat Tainted: P W OE 5.8.0-63-generic #71~20.04.1-Ubuntu
[ 2177.014387] RIP: 0010:procfile_read+0xb/0x20 [procfs2]
[ 2177.014393] Code: Unable to access opcode bytes at RIP 0xffffffffc1253fe1.
[ 2177.014396] RSP: 0018:ffffbc84412cbe78 EFLAGS: 00010286
[ 2177.014400] RAX: ffffffffc1254000 RBX: 0000000000020000 RCX: ffffbc84412cbef0
[ 2177.014403] RDX: 0000000000020000 RSI: 00007fbbc2a17000 RDI: ffffa057d2708f00
[ 2177.014406] RBP: ffffbc84412cbe80 R08: 0000000000000001 R09: 0000000000000000
[ 2177.014409] R10: 0000000000000000 R11: 0000000000000000 R12: ffffa0581de8ccc0
[ 2177.014411] R13: ffffa057d2708f00 R14: ffffbc84412cbef0 R15: 00007fbbc2a17000
[ 2177.014415] FS: 00007fbbc3bfa580(0000) GS:ffffa0582dbc0000(0000) knlGS:0000000000000000
[ 2177.014418] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2177.014421] CR2: ffffffffc1253fe1 CR3: 00000003c611c004 CR4: 00000000003606e0
[ 2177.014424] Call Trace:
[ 2177.014435] proc_reg_read+0x66/0x90
[ 2177.014441] vfs_read+0xaa/0x190
[ 2177.014446] ksys_read+0x67/0xe0
[ 2177.014451] __x64_sys_read+0x1a/0x20
[ 2177.014458] do_syscall_64+0x49/0xc0
[ 2177.014464] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 2177.014467] RIP: 0033:0x7fbbc3b18142
[ 2177.014472] Code: c0 e9 c2 fe ff ff 50 48 8d 3d 3a ca 0a 00 e8 f5 19 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24
[ 2177.014476] RSP: 002b:00007ffcf2d20d78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2177.014479] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007fbbc3b18142
[ 2177.014482] RDX: 0000000000020000 RSI: 00007fbbc2a17000 RDI: 0000000000000003
[ 2177.014485] RBP: 00007fbbc2a17000 R08: 00007fbbc2a16010 R09: 0000000000000000
[ 2177.014487] R10: 0000000000000022 R11: 0000000000000246 R12: 0000560f8ff081f0
[ 2177.014490] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000
[ 2177.014635] CR2: 00007fbbc2a17000
[ 2177.014639] ---[ end trace b71ff05c1b0a10f6 ]---
[ 2177.184174] RIP: 0010:procfile_read+0xb/0x20 [procfs2]
[ 2177.184176] Code: Unable to access opcode bytes at RIP 0xffffffffc1253fe1.
[ 2177.184177] RSP: 0018:ffffbc84412cbe78 EFLAGS: 00010286
[ 2177.184178] RAX: ffffffffc1254000 RBX: 0000000000020000 RCX: ffffbc84412cbef0
[ 2177.184179] RDX: 0000000000020000 RSI: 00007fbbc2a17000 RDI: ffffa057d2708f00
[ 2177.184180] RBP: ffffbc84412cbe80 R08: 0000000000000001 R09: 0000000000000000
[ 2177.184180] R10: 0000000000000000 R11: 0000000000000000 R12: ffffa0581de8ccc0
[ 2177.184181] R13: ffffa057d2708f00 R14: ffffbc84412cbef0 R15: 00007fbbc2a17000
[ 2177.184182] FS: 00007fbbc3bfa580(0000) GS:ffffa0582dbc0000(0000) knlGS:0000000000000000
[ 2177.184182] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2177.184183] CR2: ffffffffc1253fe1 CR3: 00000003c611c004 CR4: 00000000003606e0
2021-07-29 16:10:52 +08:00
25077667
00f7e7018f
Fix trivial tweak for missing comma
2021-07-26 03:08:27 +08:00
Jim Huang
faf3aa7c22
Make each source file more consistent
...
It is vital to denote the file name and summary for each source,
otherwise readers could not figure out the corresponding files.
2021-07-22 11:25:32 +08:00
Jim Huang
1c93f2f5ef
Shorten sample code
2021-07-22 10:55:14 +08:00
Jim Huang
52dfb6744d
Use American English words
2021-07-22 10:54:24 +08:00
Jim Huang
2e30e181f8
Drop duplicated copyright notice
2021-07-22 10:53:45 +08:00
Jim Huang
b76e5d378e
Reduce header inclusion
2021-07-22 10:31:24 +08:00
Jim Huang
08e7b6efc3
Emphasize on 5.x kernel
2021-07-22 08:31:47 +08:00
Jim Huang
675c002b15
Remove linux-2.6 specific checks
2021-07-22 07:33:27 +08:00
Jim Huang
760bbe70cb
Drop duplicated module author information
2021-07-22 07:29:07 +08:00
Jim Huang
64f791f274
Improve the compatibility with kernel version < 5.6
2021-07-22 07:17:31 +08:00
Jim Huang
50b8dfe6c2
Enforce the customized style for example code
...
Instead of using tab for indention, the style defaults to 4 spaces for
the sake of compact layout.
2021-07-22 06:58:13 +08:00
Jim Huang
2246e20809
Add LaTeX script and sample code
2021-07-22 06:35:24 +08:00