kernel: add file read && write/remove hook demo

kernel/file/Makefile

@@ -0,0 +1,11 @@
+obj-m := read_demo.o
+ccflags-y := -std=gnu99 -Wno-declaration-after-statement -O3
+cwd := $(shell pwd)
+
+kdir := /lib/modules/$(shell uname -r)/build
+
+all:
+	make -C ${kdir} M=$(cwd) modules
+
+clean:
+	make -C ${kdir} M=$(cwd) clean

kernel/file/README.org

@@ -0,0 +1,84 @@
+# % Options Settings: https://orgmode.org/manual/Export-Settings.html
+#+OPTIONS: timestamp:nil ^:nil <:nil p:t prop:t tags:t tasks:t todo:t
+#+LATEX_CLASS: article
+#+LaTeX_CLASS_OPTIONS: [a4paper,12pt]
+#+LATEX_HEADER: \usepackage{booktabs}
+# % to include pdf/eps/png files
+#+LATEX_HEADER: \usepackage{indentfirst}
+#+LATEX_HEADER: \usepackage{graphicx}
+# % useful to add 'todo' markers
+#+LaTeX_HEADER: \usepackage{todonotes}
+# % hyperrefs
+#+LaTeX_HEADER: \usepackage{hyperref}
+# % ----------------- Code blocks ----------------
+# % Dependencies: pip install pygments
+# % nice source code formatting
+#+LaTeX_HEADER: \usepackage[utf8]{inputenc}
+#+LaTeX_HEADER: \usepackage{xcolor}
+#+LaTeX_HEADER: \definecolor{bg}{rgb}{0.98,0.98,0.98}
+#+LaTeX_HEADER: \usepackage{minted}
+#+LaTeX_HEADER: \setminted{
+#+LaTeX_HEADER:   mathescape,
+#+LaTeX_HEADER:   linenos,
+#+LaTeX_HEADER:   numbersep=5pt,
+#+LaTeX_HEADER:   frame=lines,
+#+LaTeX_HEADER:   framesep=2mm,
+#+LaTeX_HEADER:   autogobble,
+#+LaTeX_HEADER:   style=tango,
+#+LaTeX_HEADER:   bgcolor=bg
+#+LaTeX_HEADER: }
+# % ----------------- Code blocks ----------------
+# % change style of section headings
+#+LaTeX_HEADER: \usepackage{sectsty}
+#+LaTeX_HEADER: \allsectionsfont{\sffamily}
+# % only required for orgmode ticked TODO items, can remove
+#+LaTeX_HEADER: \usepackage{amssymb}
+# % only required for underlining text
+#+LaTeX_HEADER: \usepackage[normalem]{ulem}
+# % often use this in differential operators:
+#+LaTeX_HEADER: \renewcommand{\d}{\ensuremath{\mathrm{d}}}
+# % allow more reasonable text width for most documents than LaTeX default
+#+LaTeX_HEADER: \setlength{\textheight}{21cm}
+#+LaTeX_HEADER: \setlength{\textwidth}{16cm}
+# % reduce left and right margins accordingly
+#+LaTeX_HEADER: \setlength{\evensidemargin}{-0cm}
+#+LaTeX_HEADER: \setlength{\oddsidemargin}{-0cm}
+# % reduce top margin
+#+LaTeX_HEADER: \setlength{\topmargin}{0cm}
+# % Increase default line spacing a little if desired
+#+LaTeX_HEADER: %\renewcommand{\baselinestretch}{1.2}
+# % tailored float handling
+#+LaTeX_HEADER: %\renewcommand{\topfraction}{0.8}
+#+LaTeX_HEADER: %\renewcommand{\bottomfraction}{0.6}
+#+LaTeX_HEADER: %\renewcommand{\textfraction}{0.2}
+# % references formats
+#+LaTeX_HEADER: \usepackage[round]{natbib}
+# % Chinese supported
+#+LATEX_HEADER: \usepackage{xeCJK}
+# % references formats
+#+LATEX_HEADER: \usepackage[round]{natbib}
+#+LATEX_HEADER: \setCJKmainfont{Noto Serif CJK SC}
+#+LATEX_HEADER: \setCJKsansfont{Noto Sans CJK SC}
+#+LATEX_HEADER: \setCJKmonofont{Noto Sans Mono CJK SC}
+# % End of Chinese supported
+# % Line & paragraph space
+#+LATEX_HEADER: \usepackage{setspace}
+#+LATEX_HEADER: \renewcommand{\baselinestretch}{1.5}
+#+LATEX_HEADER: \setlength{\parskip}{0.8em}
+# % Line & paragraph space end
+# % Breaking Page Between Title and Toc
+#+LATEX_HEADER: \makeatletter \def\@maketitle{\null \begin{center} {\vskip 5em \Huge \@title} \vskip 30em {\LARGE \@author} \vskip 3em {\LARGE \@date} \end{center} \newpage} \makeatother
+# % End of Breaking Page Between Title and Toc
+#+LATEX_HEADER: \usepackage{tikz}
+#+LATEX_HEADER: \renewcommand\contentsname{目录}
+# Generate Tex File: C-c C-e l l; then replace verbatim with minted, and must special the code language
+#+LATEX_HEADER: % Generate PDF: xelatex -shell-escape <tex file>
+#+AUTHOR: jouyouyun
+#+EMAIL: [email protected]
+#+TITLE: 测试读文件
+
+** 背景
+
+在 =kernel 5.10= 以后， =set_fs/get_fs= 被移除了，之前的读文件方式不可用了，需要对代码进行修改
+
+于是写了个 =demo= 来进行测试，相见： [[./read_demo.c][read_demo]]

kernel/file/read_demo.c

@@ -0,0 +1,115 @@
+/**
+ * Copyright (C) 2021 jouyouyun <[email protected]>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * rw_demo.c -- kernel read/write file demo
+ *
+ * Written on 星期五,  1 一月 2021.
+ */
+
+#include <linux/buffer_head.h>
+#include <linux/file.h>
+#include <linux/fs.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include <linux/slab.h>
+#include <linux/version.h>
+
+#define MODULE_NAME "read_demo"
+#define DEMO_FILE "/proc/cmdline"
+#define BUF_SIZE (1<<12)
+
+static char *read_file_content(const char *filename, int *real_size)
+{
+	struct file *filp = NULL;
+	char *buf = NULL;
+	loff_t off = 0;
+	int size = BUF_SIZE;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 10, 0)
+        mm_segment_t old_fs;
+#endif
+
+        filp = filp_open(filename, O_RDONLY, 0);
+	if (IS_ERR(filp)) {
+		printk("[%s] failed to open: %s\n", MODULE_NAME, filename);
+		return NULL;
+	}
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 10, 0)
+        old_fs = get_fs();
+        set_fs(get_fs());
+#endif
+
+        while (1) {
+		buf = kzalloc(size, GFP_KERNEL);
+                if (unlikely(buf == NULL)) {
+			printk("[%s] alloc memory failed\n", MODULE_NAME);
+			break;
+                }
+
+		off = 0;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 14, 0)
+                *real_size = kernel_read(filp, buf, size, &off);
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0)
+                *real_size = vfs_read(filp, (char __user *)buf, size, &off);
+#else
+                *real_size = __vfs_read(filp, (char __user *)buf, size, &off);
+#endif
+                if (*real_size > 0 && *real_size < size) {
+			buf[*real_size] = 0;
+			break;
+                }
+
+                kfree(buf);
+                buf = NULL;
+                if (*real_size != 0)
+			size += BUF_SIZE;
+                else
+			break;
+        }
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 10, 0)
+        set_fs(old_fs);
+#endif
+        filp_close(filp, 0);
+        return buf;
+}
+
+int __init mod_init(void)
+{
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 10, 0)
+	char __kernel *content = NULL;
+#else
+	char *content = NULL;
+#endif
+	int size = 0;
+
+	printk("[%s] will read '%s'", MODULE_NAME, DEMO_FILE);
+	content = read_file_content(DEMO_FILE, &size);
+	if (unlikely(content == NULL)) {
+		printk("[%s] failed to read file", MODULE_NAME);
+		return -1;
+	}
+
+	printk("%s load success, read '%d' byte data: %s\n", MODULE_NAME, size,
+	       content);
+	kfree(content);
+
+	return 0;
+}
+
+void __exit mod_exit(void)
+{
+	printk("[%s] exit", MODULE_NAME);
+}
+
+module_init(mod_init);
+module_exit(mod_exit);
+MODULE_AUTHOR("jouyouyun");
+MODULE_DESCRIPTION("ELF guard implemented by ftrace");
+MODULE_LICENSE("GPL");

kernel/hookmanager/Makefile → kernel/hookmanager/file-remove/Makefile

@@ -1,4 +1,4 @@
-obj-m := demo_test.o
+obj-m := file_remove.o
 ccflags-y := -std=gnu99 -Wno-declaration-after-statement -O3
 cwd := $(shell pwd)