Permalink
Browse files

Fix crash in EL5 for sysctl write

While the previous hijack metho needed the function specific to the kernel
writing, kernels, the pointer interface actually stayed the same. The .write
pointer is to proc_writesys, which makes the call to do_rw_proc, and it accepts
the same number of arguments as the newer kernels.
  • Loading branch information...
cormander committed May 25, 2012
1 parent 594aab3 commit 987bc7cfe98e6f96fea5c182a97a449dc2c3d7ba
Showing with 1 addition and 28 deletions.
  1. +1 −28 security.c
View
@@ -73,33 +73,7 @@ int tpe_security_bprm_check(struct linux_binprm *bprm) {
struct kernsym sym_proc_sys_file_operations;
struct file_operations *ptr_proc_sys_file_operations;
/*
#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 19)
{"do_rw_proc", &sym_proc_sys_write, (unsigned long *)tpe_proc_sys_write},
#endif
*/
static ssize_t (*orig_proc_sys_write)
#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 19)
(int, struct file *, char __user *, size_t, loff_t *);
static ssize_t tpe_proc_sys_write(int write, struct file * file, char __user * buf,
size_t count, loff_t *ppos) {
char filename[MAX_FILE_LEN], *f;
ssize_t ret;
f = tpe_d_path(file, filename, MAX_FILE_LEN);
if (tpe_lock && write && !strncmp("/proc/sys/tpe", f, 13))
return -EPERM;
ret = orig_proc_sys_write(write, file, buf, count, ppos);
return ret;
}
#else
(struct file *, const char __user *, size_t, loff_t *);
static ssize_t (*orig_proc_sys_write) (struct file *, const char __user *, size_t, loff_t *);
static ssize_t tpe_proc_sys_write(struct file *file, const char __user *buf,
size_t count, loff_t *ppos) {
@@ -115,7 +89,6 @@ static ssize_t tpe_proc_sys_write(struct file *file, const char __user *buf,
return ret;
}
#endif
// lsmod

0 comments on commit 987bc7c

Please sign in to comment.