[英]How to get the real file name in kernel module
I'm creating a kernel module that intercept the unlink command and make a copy of the file that want to be unlinked.我正在创建一个内核模块,它拦截 unlink 命令并制作要取消链接的文件的副本。 For now, I intercept the unlink command and im trying to print the path of the file but it doesn't work right.现在,我拦截了 unlink 命令并尝试打印文件的路径,但它无法正常工作。
I have a method that receive a char *path
parameter and I use printk to show the path, but this print some rare strings like "\\xe07l\\xd3\\xf"我有一个接收char *path
参数的方法,我使用 printk 来显示路径,但这会打印一些罕见的字符串,如“\\xe07l\\xd3\\xf”
asmlinkage int hacked_sys_unlink(const char *pathname)
{
printk("RM_CATCHED: unlink( \"%s\" )\n", pathname);
return original_sys_unlink(pathname);
}
When I unlink some file and use dmesg command i get this:当我取消链接某个文件并使用 dmesg 命令时,我得到了这个:
[ 1531.847856] RM_CATCHED: unlink( "`g\xcfYMV" )
[ 1531.848071] RM_CATCHED: unlink( "\xe07l\xd3\xf" )
[ 1534.851623] RM_CATCHED: unlink( "\xe07l\xd3\xf" )
[ 1534.852091] RM_CATCHED: unlink( "" )
[ 1541.861962] RM_CATCHED: unlink( "" )
How can I get the real path of the file like /path/to/file.txt
?我怎样才能得到像/path/to/file.txt
这样的文件的真实路径?
The core reason of getting rubbish printed instead of a nice real file name is that first you need to copy the string from user space into kernel space.打印垃圾而不是真实文件名的核心原因是首先您需要将字符串从用户空间复制到内核空间。 Usually copy_from_user()
function is used for that.通常使用copy_from_user()
函数。 In this case you have a NULL-terminated string, and there's a variation of that function called strncpy_from_user()
which can be used instead.在这种情况下,您有一个以 NULL 结尾的字符串,并且可以使用该函数的变体strncpy_from_user()
来代替。
To make things easier, it's best to follow what the original function does.为了使事情更容易,最好遵循原始函数的作用。 It calls getname()
function which eventually calls strncpy_from_user
among lots of other things it does to get the name reliably.它调用getname()
函数,该函数最终调用strncpy_from_user
以及它为可靠地获取名称所做的许多其他事情。 Call this function, and it will get you the file name that is passed in the system call.调用这个函数,它会得到系统调用中传递的文件名。
Your pointer here:你的指针在这里:
current_pt_regs()->di;
Example:例子:
printk("%s\n", (char *)current_pt_regs()->di);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.