?

Log in

No account? Create an account
n0v's Journal
 
[Most Recent Entries] [Calendar View] [Friends]

Below are the 13 most recent journal entries recorded in n0v's LiveJournal:

Wednesday, May 26th, 2004
8:10 pm
The "Oldie"
Today I've made my PI-100 (aka "Oldie") work. FreeBSD 5.1 boots and works fast on it, but vim is rather slow. I didn't tried to setup X11 since I have no COM mouse for this moment (well, I need ps/2->com adapter) and it's pain in ass to work in X without mice for me :). Btw. I hope to use blackbox on this box when mouse will be installed on it.

For this moment kernel is compiling on this box. I've tweaked as deep as I counld. Btw, I've switched to SHED_ULE. It's interesting also how much time will "make world" take :-)
Tuesday, May 25th, 2004
12:19 pm
Вчера ездил в универ поставить зачёт по ЭВМ, поставить штапм "допущен к сессии". Всё сделал :). Опять меня просили стать старостой, я отказался. :)

Сегодня сдавал зачёт по экологии. Не писал ни одной лекции, не слушал, не ксерил, etc. Каким то чудом удалось сдать: он спрашивал какая эра длинее (даже названия не помню эр), предложил два варианта - я угадал. :)) И весь зачёт в таком же духе.

Так образом, осталось два экзамена и один зачёт.

Current Mood: good
Monday, May 24th, 2004
9:52 pm
On this weekend I was playing with my old P100/16mb (I've wrote about it already). I've plugged 6.4 Gb HDD in it and become installing FreeBSD 5.1. Installation hunged up on "automaticly /etc/fstab genering". I've gave up on FreeBSD and decided to install RedHat 5.0. I've installed it successfully, but It's older than my granny. So, I've decided to try to install FreeBSD again. I've plugged it's HDD to my Cel1000/512Mb machine, installed FreeBSD here, tweeked up the kernel, make.conf, etc. But `make world` faild for some reason. I've gave up on it also and turned HDD back. Then I've found out that video card in "oldie" is broken! So, I cann't play with it for some time. :\

Today I had a very nice talk on #pearpc with some fucking bastard. I was asking developers about their ideas on OpenBSD/macpcc support on the PearPC, and this bastard called me stupid! I was thinking about fucking him, but just /ignore $bastard_nick ALL. That was a kinda wise solution of this situation, IMHO :)
Tuesday, May 11th, 2004
8:56 pm
I wander that there are lots of people who has no idea about how to config the FreeBSD kernel, but who calls themselfs "BSDzoids", etc, and sayis "BSD rules, Linux sux!". Fucking lamaz.
8:38 pm
Writing FreeBSD 5.x syscall modules
Note: this is my first article in English, it's written just for fun


Basics

First of all, every kernel module must have a special function, usually called load(). It should looks something like this:

static int
load (struct module *module, int cmd, void *arg)
{
int error = 0;

switch (cmd) {
case MOD_LOAD:
/*
* This code will be executed when our module will be loaded
*/
printf("module was loaded!\n");
break;
case MOD_UNLOAD:
/*
* And this one'll be executed when our module will be unloaded
*/
printf("module was unloaded!\n");
break;
default:
error = EINVAL;
break;
}

return error;
}

So, I think it' pretty clean for this moment.



Syscalls stuff


As usual, one writes syscall modules to replace (modify) some system syscall (adding the new one is also pretty simple, thougt).

FreeBSD keeps it's syscall list in a struct called sysent. You can find it's defenition here:
/usr/src/sys/kern/init_sysent.c. So, if we want to replace some sytem call, we just need to modify the sysent struct. We need to add something like "sysent[SYS_somesyscall].sy_call = (sy_call_t *)my_new_syscall;" after the MOD_LOAD. If you don't want to have troubles when your module 'll b unloaded, you need to change everything back, i.e, put line "sysent[SYS_somesyscall].sy_call = (sy_call_t *)somesyscall;" to the MOD_UNLOAD section.

It's time to write your new syscall code. Let's modify the execve(2) syscall for example in a such way that it will not be allowed to run apps from the /tmp folder.

static int
new_execve(struct thread *td, register struct execve_args *uap)
{
if (strncmp(uap->fname, "/tmp/", 5) == 0) {
printf("execve(2): %s by pid %d (%s), user: %d\n", uap->fname, td->td_proc->p_pid,
td->td_proc->p_comm, td->td_ucred->cr_uid);
printf("execve(2): dissallowed for /tmp\n");
return EACCES;
}

return (execve(td, uap));
}

Let's see what's going on here: we take the filename of app to be executed and if it's first 5 chars matches with "/tmp/" we display warning about it and returns EACCESS (Actually, "Permission denied"). That's pretty simple. isn't it?

All we need now is to create sysent struct for our module:

static struct sysent new_execve_sysent = {
AS(execve_args),
(sy_call_t *)new_execve
};

Here is a complite example:

#include <sys/types.h>
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/module.h>
#include <sys/sysent.h>
#include <sys/types.h>
#include <sys/kernel.h>
#include <sys/systm.h>
#include <sys/sysproto.h>
#include <sys/syscall.h>
#include <sys/ucred.h>

static int new_execve(struct thread *td, register struct execve_args *);

static int offset = NO_SYSCALL;

static int
new_execve(struct thread *td, register struct execve_args *uap)
{
if (strncmp(uap->fname, "/tmp/", 5) == 0) {
printf("execve(2): %s by pid %d (%s), user: %d\n", uap->fname, td->td_proc->p_pid,
td->td_proc->p_comm, td->td_ucred->cr_uid);
printf("execve(2): dissallowed for /tmp\n");
return EACCES;
}

return (execve(td, uap));
}

#define AS(name) (sizeof(struct name) / sizeof(register_t))

static struct sysent new_execve_sysent = {
AS(execve_args),
(sy_call_t *)new_execve
};

static int
load (struct module *module, int cmd, void *arg)
{
int error = 0;

switch (cmd) {
case MOD_LOAD:
printf("execve() syscall was replaced\n");
sysent[SYS_execve] = new_execve_sysent;
break;
case MOD_UNLOAD:
printf("execve() syscall was restored\n");
sysent[SYS_execve].sy_call = (sy_call_t *)execve;
break;
default:
error = EINVAL;
break;

}

return error;
}

SYSCALL_MODULE(syscall_execve, &offset, &new_execve_sysent, load, NULL);

Compiling
It is a makefiles I love FreeBSD for. :)
To compile our module you just need to create a such Makefile:

KMOD=my_execve
SRCS=execve.c

.include <bsd.kmod.mk>

That's all. You just need to run "make" now. To load your module, use kldload ./my_execve.ko, to unload: kldunload my_execve.ko.

That's all, have a nice day.

Monday, May 10th, 2004
6:58 pm
Fucking with xmms-wma all day long. :\
7:29 am
I've got a "new" PC, it's a 586/100, 16 Mb of RAM. It's without hdd for this moment, but I'm sure I'll find some one for it. I'm going to install OpenBSD and some Linux distro on it. OpenBSD'll be a main system on this box, Linux I need for testing and packaging the software I'm developing. Actually, it'd be nice to add some mamory. 32-48 Mb 'll be ok, I guess.
Tuesday, January 13th, 2004
4:02 pm
Вот мы и проапгрейдились:

FreeBSD 5.2-RELEASE #7: Tue Jan 13 12:05:49 MSK 2004 root@that_is_noy_your_fot_yor_eyes.ru:/usr/obj/usr/src/sys/NOVEL
Monday, January 12th, 2004
10:51 pm
накатились до 5.2-RELESE утором будем собирать
9:46 pm
User-Agent: Wanderlust/2.10.0 (Venus) EMIKO/1.14.1 (Choanoflagellata) LIMIT/1.14.7 (Fujiidera) APEL/10.4 MULE XEmacs/21.4 (patch 12) (Portable Code) (i586-momonga-linux)

Китайцы долбанные
9:42 pm
Это конечно заебись подписаться на все рассылки altlinux.ru и умничать там при наличии экспириенса чуть выше среднего. Занятие, достойное уважения.
3:49 pm
http://www.filin49.narod.ru/index.html - Этот долбоёб стал "ассемблерщиком".
2:09 pm
А вы знали, что Вологоград - это город хакиров? Все волгоградцы, имеющие какое-то отношение к линуксу - ниибаца хакиры. Даже http://www.openbsd.org ломали. Это вам ни хухры мухры.
About LiveJournal.com