Login or Register to Ask a Question and Join Our Community


Programming

Kernel module - How to test if file doesn't exist

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Programming Kernel module - How to test if file doesn't exist
# 8  
Old 03-03-2011
Code:
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/init.h>
#include <linux/elf.h>
#include <linux/fs.h>
#include <linux/slab.h>
#include <linux/binfmts.h>

#define PRINT(x) printk(KERN_INFO x "\n")
#define BSIGN_SIGTYPE 0x80736967    /* ((0x80 << 24)|('s' << 16)|('i' << 8)|'g') */


void readElf(struct elfhdr *elf_Head, Elf32_Shdr *elf_Section) {
    int i = 0;
    char *test;
    // Find Signature
    while(i < elf_Head->e_shnum && 
        elf_Section[i].sh_type != BSIGN_SIGTYPE) {
        printk(KERN_INFO "Sec: %d / %x -- BSIGN_SIGTYPE", i,  elf_Section[i].sh_type);
        i++;
    }
    if(i < elf_Head->e_shnum) {
        PRINT("Signatur gefunden");
        printk(KERN_INFO "Name: und Type:\n %x \n %x", elf_Section[i].sh_name,
            elf_Section[i].sh_type);
        printk(KERN_INFO "%s\n", test);
            return;
    }

    PRINT("NIX GEFUNDEN");
}

void openFile(void) {
    char *buf;
    int cnt, tmp;
    unsigned long off;
    struct elfhdr elfH;
    Elf32_Shdr *elfSec;
    struct file *fp;
    fp = filp_open("/home/chris/Test/test", O_RDONLY, 0);
    
    if(fp == (void *)0L) {
        PRINT("FILE NICHT DA");
        return;
    }

    if(fp->f_dentry == (void *)0L) {
        PRINT("F_DENTRY NICHT DA");
        return;
    }
    
    if(!fp->f_dentry->d_name.name) {
        PRINT("F_DENTRY NICHT DA");
        return;
    }
    
    printk(KERN_INFO "FILENAME: %s\n", fp->f_dentry->d_name.name);
    
    if(!(buf = kmalloc(BINPRM_BUF_SIZE, GFP_KERNEL))) {
        PRINT("KMALLOC");
        return;
    }

    tmp = kernel_read(fp, 0, buf, BINPRM_BUF_SIZE);
    elfH = *((struct elfhdr *) buf);
    printk(KERN_INFO "kernel read: %d \n", tmp);

    cnt = elfH.e_shnum * sizeof(Elf32_Shdr);
    if(!(elfSec = (Elf32_Shdr *) kmalloc(cnt, GFP_KERNEL))) {
        PRINT("KMALLOC2");
        kfree(buf);
        return;
    }

    readElf(&elfH, elfSec);
    kfree(elfSec);
}
    
static int __init testIntro(void) {
    printk(KERN_INFO "elfStart\n");
    openFile();
    return 0;
}

static void __exit testOutro(void) {
    printk(KERN_INFO "Closing down\n");
}

module_init(testIntro);
module_exit(testOutro);

Goal of this program is to run through all the section headers of the ELF-file and check whether one sh_type matches the type defined above. readElf is not working right, but it isn't crashing and therefore don't want to bore you with that Smilie
kernel_read is a kernel function.
And there are no other messages except the ones I put out until it crashes (which produces the already posted message)
# 9  
Old 03-03-2011
BTW, you might want to read this Linux Journal article Things You Never Should Do in the Kernel
This User Gave Thanks to fpmurphy For This Post:
disaster
# 10  
Old 03-03-2011
Quote:
Goal of this program is to run through all the section headers of the ELF-file and check whether one sh_type matches the type defined above. readElf is not working right, but it isn't crashing and therefore don't want to bore you with that Smilie
It's entirely possible for functions to cause crashes after they return by corrupting the stack. Try commenting out that function, see if it still crashes.

I think you're getting way ahead of yourself. Don't build stuff around the data you've read until you're sure you've read anything sensible.
# 11  
Old 03-03-2011
First off all: Thanks for your help and patience to this point Smilie
I just commented out the readElf() function to see what's happening --- crashes again Smilie


About the point reading from kernel:
I actually now that you shouldn't do that Smilie But my final goal is to write a program which checks the ELF headers upen execution of the binaries. So in that case I'm not reading from user space.
At this point (i.e. at the very beginning) I just want to see if my code does what it should do on a static file and that's why I try to read the file from user space.

Edit:
Your link was quite interesting, but not really helpful in my case. The reason is, that once my final program checks loaded binaries the kernel gives me the struct file * for that binary. That's the reason why I'm using filp_open here.
Last edited by disaster; 03-03-2011 at 12:36 PM..
# 12  
Old 03-03-2011
Quote:
Originally Posted by disaster
I actually now that you shouldn't do that Smilie But my final goal is to write a program which checks the ELF headers upen execution of the binaries. So in that case I'm not reading from user space.
When you execute something, the ELF header appears in user space:

Code:
$ head -n1 /proc/self/maps
08048000-08050000 r-xp 00000000 08:23 98602      /bin/head
$

Quote:
...At this point (i.e. at the very beginning) I just want to see if my code does what it should do on a static file and that's why I try to read the file from user space.
You could convert the ELF header into a constant data array and use that data without worrying about opening and closing files in the kernel. It'd also mean not having to worry about allocating or freeing any memory or transferring anything into/out of userspace. I wrote something for that a long time ago.

---------- Post updated at 10:53 AM ---------- Previous update was at 10:47 AM ----------

Two things further:

You might have an easier time doing this in the ELF loader itself, instead of tagging on your own seperate ELF handler thing later. That way you just have one problem, handling the ELF data as it comes, not 3+ problems, finding/reading/parsing/somehow causing processes that already exist to die as invalid.

And:

You never returned to your original thread. Please do. If we had any idea what your actual goals were we might find easier and better methods than doing insane things to your kernel.
This User Gave Thanks to Corona688 For This Post:
disaster
# 13  
Old 03-03-2011
Okay, I have to say I actually forgot my other thread, sorry for that.

But I don't think that my final goals do not matter for this specific thread. I just cut my code down to basically nothing but the filp_open and the following if-clauses. Nothing else. It crashes again. At this point all I want to do is to understand why it crashes instead of returning out of the function in the if clause.


As for my actual goals: Google DigSig. A little tool that only lets signed ELFs run. Has not been maintained for 5 or 6 years, so it's not working on current kernels. I'm basically starting the same thing, and I think it is actually not that hard. I just do not have any kernel progamming experience yet.
But nevertheless: Thank you so far Smilie


Short edit:
My Code right now:
Code:
void openFile(void) {
    struct file *fp;
    fp = filp_open("/home/chris/Test/testt", O_RDONLY, 0);

    if(fp == (void *)0L) {
        PRINT("FILE NICHT DA");
        return;
    }
    PRINT("TEST");
    if(fp->f_dentry == (void *)0L) {
        PRINT("F_DENTRY NICHT DA");
        return;
    }
    printk(KERN_INFO "FILENAME: %s\n", fp->f_dentry->d_name.name);
}

Commenting out the last printk won't change anything, as this line is not reached when it crashes. I can't understand it... totally weird...
Last edited by disaster; 03-03-2011 at 01:04 PM.. Reason: What just ran here:
# 14  
Old 03-03-2011
Quote:
Originally Posted by disaster
As for my actual goals: Google DigSig.
That's not a goal, just the method you're hellbent on using; what do you intend to do with it? It often pays to step back and review your options. I've spent hours trying to find ways to make old software work when a little research found that nobody maintained it because there was something else now.

And seriously, I have no idea why that's crashing your kernel. Beyond the problem that you're taking the path of most resistance, that is. Files aren't supposed to be opened in the kernel and doing so likely has unintended consequences(there's not even a proper way to close a file you open that way). Make it an array and it probably won't crash.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Homework & Coursework Questions

Group Doesn't Exist

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: I'm able to create a group but when I'm trying to delete the group it keeps stating Group Doesn't Exist. I know... (2 Replies)
Discussion started by: GoBoyGo
2 Replies

2. Linux

Unload kernel module at boot time (Debian Wheezy 7.2, 3.2.0-4-686-pae kernel)

Hi everyone, I am trying to prevent the ehci_hcd kernel module to load at boot time. Here's what I've tried so far: 1) Add the following line to /etc/modprobe.d/blacklist.conf (as suggested here): 2) Blacklisted the module by adding the following string to 3) Tried to blacklist the module... (0 Replies)
Discussion started by: gacanepa
0 Replies

3. Shell Programming and Scripting

Need to generate a file with random data. /dev/[u]random doesn't exist.

Need to use dd to generate a large file from a sample file of random data. This is because I don't have /dev/urandom. I create a named pipe then: dd if=mynamed.fifo do=myfile.fifo bs=1024 count=1024 but when I cat a file to the fifo that's 1024 random bytes: cat randomfile.txt >... (7 Replies)
Discussion started by: Devyn
7 Replies

4. Programming

Kernel module - Check whether file (/dev node) exists

Hi, I'm pretty new to kernel coding and I'm working on a device driver that works with an existing framework. Basically my module will be loaded/unloaded multiple times and I'd like to create a register a class, driver, and create a /dev node on the first load only. The existing framework... (0 Replies)
Discussion started by: ThomasBrez
0 Replies

5. Solaris

User directory doesn't exist

Hii all, i create the user useradd -d /home/kk kk passwd kk when i tried to login to kk i get a error user directory doesn't exist then i tried useradd kkk passwd kkkwhen i tried to login to kkk i get the same error user directory doesn't exist. (4 Replies)
Discussion started by: vipinkumarr89
4 Replies

6. Shell Programming and Scripting

ln -s creates symlink in symlink, if [ -f ... ] says file that exists doesn't exist

Hi Forums, I got a little problem, I made a few modifications to the code of the launch script of a testing server(minecraft) and now updating is broken aswell as the automatic directory creation. These Lines somehow create an endless symlink that refers to itself and I don't know how to fix... (0 Replies)
Discussion started by: Xaymar
0 Replies

7. Shell Programming and Scripting

File exist test

Can someone please shed light on why this may not be working, file does exist, but I get an error if ] then echo "No ${source_path}/${file_mask} found - ">> ${logfile} result=1 check_result ${result} "Failed to find file... (4 Replies)
Discussion started by: Pokermad
4 Replies

8. Shell Programming and Scripting

sftp mget where file doesn't exist BASH

I have a script that is working: #!/bin/bash sftp user@domain.com <<EOF cd somedir mget *.csv quit EOF but on a crontab I want to only pull newer files, so I want to do something like: while read ls current dir local file != true do mget that new file but I'm not sure the syntax... (2 Replies)
Discussion started by: unclecameron
2 Replies

9. Linux

How to convert Linux Kernel built-in module into a loadable module

Hi all, I am working on USB data monitoring on Fedora Core 9. Kernel 2.6.25 has a built-in module (the one that isn't loadable, but compiles and links statically with the kernel during compilation) to snoop USB data. It is in <kernel_source_code>/drivers/usb/mon/. I need to know if I can... (0 Replies)
Discussion started by: anitemp
0 Replies

10. SuSE

max number of slabs per kernel module (kernel 2.6.17, suse)

Hi All, Is there a max number of slabs that can be used per kernel module? I'm having a tough time finding out that kind of information, but the array 'node_zonelists' (mmzone.h) has a size of 5. I just want to avoid buffer overruns and other bad stuff. Cheers, Brendan (4 Replies)
Discussion started by: Brendan Kennedy
4 Replies
Login or Register to Ask a Question