I am trying to write a getdents () system call to list all the directories returned by the getdents () call, but I have a small problem that I cannot solve, I am not sure if it is C (since I am still learning it) or what something with the challenge itself. When I type d_name of each structure, I always skip the first letter of the directory / file.
Feb 13 11:39:04 node35 kernel: [ 911.353033] entry: ootkit.c
Feb 13 11:39:04 node35 kernel: [ 911.353035] entry: ootkit.mod.c
Feb 13 11:39:04 node35 kernel: [ 911.353036] entry: ootkit.ko
The file name is the rootkit. *
My code is:
asmlinkage int new_getdents(unsigned int fd, struct linux_dirent64 *dirp, unsigned int count)
{
int nread;
int bpos;
struct linux_dirent64 *d;
int (*orig_func)(unsigned int fd, struct linux_dirent64 *dirp, unsigned int count);
t_syscall_hook *open_hook;
open_hook = find_syscall_hook(__NR_getdents);
orig_func = (void*) open_hook->orig_func;
nread = (*orig_func)(fd, dirp, count);
d = dirp;
for (bpos = 0; bpos < nread;) {
d = (struct linux_dirent64 *) ((char*)dirp + bpos);
printk(KERN_INFO "%s\n", d->d_name);
bpos += d->d_reclen;
}
return nread;
}
source
share