我将 fs/ext2/复制为 fs/myext2/,并修改了我需要修改的所有内容,并且在我更改 fs/myext2/file.c 之前一切正常。 当我这样改变时,效果很好 (
在file.c中添加如下代码,new_sync_write
和new_sync_read
函数是从fs/read_write.c中复制过来的。
我还添加了另一个头文件 linux/uio.h
,
将 .read = new_sync_read_crypt, .write = new_sync_write_crypt
添加到 const struct file_operations myext2_file_operations
)。
ssize_t new_sync_write_crypt(struct file *filp, const char __user *buf, size_t len, loff_t *ppos){
char *mybuf = buf;
int i;
/*for(i=0;i<len;i++){
mybuf[i] += 25;
}*/
printk("haha write encrypt %ld\n",len);
return new_sync_write(filp,mybuf,len,ppos);
}
ssize_t new_sync_read_crypt(struct file *filp, char __user *buf, size_t len, loff_t *ppos){
ssize_t ret = new_sync_read(filp,buf,len,ppos);
int i;
/*for(i = 0; i < len; i++)
buf[i] -= 25;*/
printk("haha read encrypt %ld\n",len);
return ret;
}
“做得很好”意味着,在/mnt 下,我 echo "1234567"> test.txt
,并且在 log(dmesg
) 中它确实有正确的输出, 我可以 'cp', 'cat'。
但是在我移动/**/
之后,一切都出错了。
我不能 'cat test.txt',它说 killed
。
root@ubuntu:/mnt# cat test.txt
killed
root@ubuntu:/mnt#
在日志中:
[ 5640.036210] BUG: unable to handle kernel paging request at b733f000
[ 5640.036215] IP: [<f9072aa0>] new_sync_read_crypt+0xc0/0x100 [myext2]
[ 5640.036220] *pdpt = 0000000011da5001 *pde = 0000000004708067 *pte = 0000000000000000
[ 5640.036222] Oops: 0002 [#21] SMP
[ 5640.036225] Modules linked in: myext2(OE) rfcomm bnep crc32_pclmul vmw_balloon aesni_intel aes_i586 xts lrw gf128mul ablk_helper cryptd joydev input_leds serio_raw snd_ens1371 snd_ac97_codec gameport ac97_bus vmw_vsock_vmci_transport vsock snd_pcm snd_seq_midi uvcvideo videobuf2_vmalloc videobuf2_memops snd_seq_midi_event videobuf2_v4l2 snd_rawmidi btusb btrtl btbcm videobuf2_core btintel videodev bluetooth media snd_seq snd_seq_device snd_timer snd soundcore nfit 8250_fintek mac_hid vmw_vmci i2c_piix4 shpchp parport_pc ppdev lp parport autofs4 hid_generic usbhid hid psmouse vmwgfx ttm drm_kms_helper ahci libahci mptspi mptscsih pcnet32 mii syscopyarea sysfillrect sysimgblt fb_sys_fops drm mptbase scsi_transport_spi pata_acpi fjes [last unloaded: myext2]
[ 5640.036249] CPU: 0 PID: 9011 Comm: cat Tainted: G D OE 4.6.0 #1
[ 5640.036250] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/19/2017
[ 5640.036252] task: f549dc40 ti: d1da6000 task.ti: d1da6000
[ 5640.036253] EIP: 0060:[<f9072aa0>] EFLAGS: 00010206 CPU: 0
[ 5640.036255] EIP is at new_sync_read_crypt+0xc0/0x100 [myext2]
[ 5640.036256] EAX: b735f000 EBX: b733f000 ECX: d1da7f60 EDX: 00000000
[ 5640.036258] ESI: 00020000 EDI: 00000000 EBP: d1da7ed8 ESP: d1da7e88
[ 5640.036259] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 5640.036260] CR0: 80050033 CR2: b733f000 CR3: 30ef0120 CR4: 003406f0
[ 5640.036265] Stack:
[ 5640.036265] 00000001 00020000 d1da7f60 b733f000 00020000 00000000 00000000 00020000
[ 5640.036268] d1da7e94 00000001 f2bdac00 00000000 00000000 00000000 00000000 00000000
[ 5640.036271] ffa41c7b f2bdac00 f90729e0 d1da7f60 d1da7f2c c11ea28f d1da7f60 c6e50cf8
[ 5640.036274] Call Trace:
[ 5640.036277] [<f90729e0>] ? myext2_empty_dir+0x170/0x170 [myext2]
[ 5640.036280] [<c11ea28f>] __vfs_read+0x2f/0x100
[ 5640.036282] [<c11ea76e>] ? rw_verify_area+0x5e/0x140
[ 5640.036284] [<c11ea8bf>] vfs_read+0x6f/0x140
[ 5640.036286] [<c11eb9e1>] SyS_read+0x51/0xb0
[ 5640.036288] [<c100394d>] do_fast_syscall_32+0x8d/0x140
[ 5640.036291] [<c17baa2e>] sysenter_past_esp+0x47/0x75
[ 5640.036292] Code: 8d 45 d8 ff 51 10 3d ef fd ff ff 89 c7 74 54 8b 45 dc 8b 4d b8 85 f6 8b 55 e0 89 01 8d 04 33 89 51 04 74 11 8d b4 26 00 00 00 00 <80> 2b 19 83 c3 01 39 d8 75 f6 89 74 24 04 c7 04 24 b5 b9 07 f9
[ 5640.036311] EIP: [<f9072aa0>] new_sync_read_crypt+0xc0/0x100 [myext2] SS:ESP 0068:d1da7e88
[ 5640.036320] CR2: 00000000b733f000
[ 5640.036322] ---[ end trace d357a556f62edff8 ]---
最佳答案
我会尝试回答。
<强>1。阅读部分:
您依赖于传递的长度,而不是返回的长度ret
:
ssize_t ret = new_sync_read(filp,buf,len,ppos);
所以在缓冲区的末尾,当 len
高于要读取的其余部分时,new_sync_read
返回 ret
,它低于 len
并且您的循环写入边界之外。
我的修复建议:
ssize_t new_sync_read_crypt(struct file *filp, char __user *buf, size_t len, loff_t *ppos){
ssize_t ret = new_sync_read(filp,buf,len,ppos);
size_t i;
for(i = 0; i < ret; i++)
buf[i] -= 25;
return ret;
}
我还会添加 if (buf)
来保护循环,以防传递 buf=NULL
和 len=-1
是合法的
<强>2。写部分:
这里的问题比较棘手。
ssize_t new_sync_write_crypt(struct file *filp, const char __user *buf, size_t len, loff_t *ppos){
char *mybuf = buf;
在这里,您将常量强制转换为非常量,因此您可以加密,这违反了 const
规则。你不能那样做,例如,如果常量缓冲区指向一个字符串文字。
您必须使用 malloc
创建一个副本
size_t new_sync_write_crypt(struct file *filp, const char __user *buf, size_t len, loff_t *ppos){
char *mybuf = malloc(len);
size_t i;
for(i=0;i<len;i++){
mybuf[i] = buf[i]+25;
}
size_t r = new_sync_write(filp,mybuf,len,ppos);
free(mybuf);
return r;
}
关于c - 我更改fs/myext2/file.c读写操作后,我的 'cat'、 'cp'、 'echo'都被kill掉了,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48049016/