nokeyctl.c at trunk

File nokeyctl.c artifact c5e833d508 on branch trunk


/*
 * Kernel module to disable the keyctl() system call.
 *
 * Compile:
 * $ make
 *
 * Usage:
 * # insmod nokeyctl.ko
 * # rmmod nokeyctl
 *
 * Copyright (C) 2011 Alessandro Ghedini <alessandro@ghedini.me>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

#include <linux/init.h>

#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/syscalls.h>
#include <linux/sched.h>
#include <linux/cred.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Alessandro Ghedini and Mike Perry");
MODULE_DESCRIPTION("disable the keyctl() system call");

/* ia32 entry */
#define __NR_compat_keyctl 311

static asmlinkage long (*o_ptr)(int cmd, ...);
#if defined(__enable_32bits_support)
static asmlinkage long (*o_ptr32)(int cmd, ...);
#endif

asmlinkage long nokeyctl(int cmd, ...) {
	printk("[nokeyctl] keyctl() invoked by process %llu, user id = %llu\n", \
		(unsigned long long) current->pid, \
		(unsigned long long) (get_current_user()->uid.val)
	);

	return(-EPERM);
}

static void sys_call_table_make_rw(void **addr);
static void sys_call_table_make_ro(void **addr);

static int __init init_nokeyctl(void) {
	void **sys_call_tbl = sys_call_table_addr;
#if defined(__enable_32bits_support)
	void **ia32_sys_call_tbl = ia32_sys_call_table_addr;
#endif

	sys_call_table_make_rw(sys_call_tbl);
	o_ptr = sys_call_tbl[__NR_keyctl];
	sys_call_tbl[__NR_keyctl] = nokeyctl;
	sys_call_table_make_ro(sys_call_tbl);

#if defined(__enable_32bits_support)
	sys_call_table_make_rw(ia32_sys_call_tbl);
	o_ptr32 = ia32_sys_call_tbl[__NR_compat_keyctl];
	ia32_sys_call_tbl[__NR_compat_keyctl] = nokeyctl;
	sys_call_table_make_ro(ia32_sys_call_tbl);
#endif

	printk("[nokeyctl] keyctl syscall disabled\n");

	return 0;
}

static void __exit exit_nokeyctl(void) {
	void **sys_call_tbl = sys_call_table_addr;
#if defined(__enable_32bits_support)
	void **ia32_sys_call_tbl = ia32_sys_call_table_addr;
#endif

	sys_call_table_make_rw(sys_call_tbl);
	sys_call_tbl[__NR_keyctl] = o_ptr;
	sys_call_table_make_ro(sys_call_tbl);

#if defined(__enable_32bits_support)
	sys_call_table_make_rw(ia32_sys_call_tbl);
	ia32_sys_call_tbl[__NR_compat_keyctl] = o_ptr32;
	sys_call_table_make_ro(ia32_sys_call_tbl);
#endif

	printk("[nokeyctl] keyctl syscall restored\n");
}

module_init(init_nokeyctl);
module_exit(exit_nokeyctl);

static void sys_call_table_make_rw(void **addr) {
	unsigned int lvl;

	pte_t *pte = lookup_address((unsigned long) addr, &lvl);

	if (pte -> pte &~ _PAGE_RW)
		pte -> pte |= _PAGE_RW;

	write_cr0(read_cr0() & (~ 0x10000));
}

static void sys_call_table_make_ro(void **addr) {
	unsigned int lvl;

	pte_t *pte = lookup_address((unsigned long) addr, &lvl);
	pte -> pte = pte -> pte &~_PAGE_RW;

	write_cr0(read_cr0() | 0x10000);
}