Thursday, July 15, 2021

Continuing Linux Kernel Development - My second Linux Kernel Module (LKM) - Adding parameters

In the previous post, I had a basic module without any parameters. In this second post, I have modified the code in the previous post to accommodate parameters.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
/*
 * This is my second crack at writing a Linux Kernel Module (LKM)
 * This file accommodates parameters
 * Author: Nik Alleyne
 * Blog: www.securitynik.com
 * File: helloWorld-parmameters.c
 */


// init.h needed for entry and exit macros
#include <linux/init.h>

// Remember every module needs module linux/module.h
#include <linux/module.h>

// kernel.h is needed for printk() in this example
#include <linux/kernel.h>

#include <asm/current.h>



// Specify the license information. License choice impacts the way the kernel treats your module.
MODULE_LICENSE("GPL v2");
MODULE_AUTHOR("Nik Alleyne - www.securitynik.com");
MODULE_DESCRIPTION("My Second shot at Kernel Module (LKM) \n\t\tRequires 2 parameters: name and count");
MODULE_VERSION("0.2");
MODULE_ALIAS("SecurityNik Hello World with parameters");


/*
 * Here is where this program differs from the one in the previous post
 * Below represents the declaration of the arguments via the module_param() macro
 * S_IRUGO permission allows the parameter to be read by the world but not changed
 */

// Setup for the name parameter
static char *fname = "SecurityNik";
module_param(fname, charp, S_IRUGO);
MODULE_PARM_DESC(fname, " Specify a fist name for the user");

static char *lname = "SecurityNik";
module_param(lname, charp, S_IRUGO);
MODULE_PARM_DESC(lname, " Specify a last name for the user");

// Setup the initialization module. Basically what the LKM does at startup
static int __init hello_init(void)
	{
		printk(KERN_INFO "[*] WELCOME!! '%s %s' to SecurityNik LKM World! \n Enjoy your stay!", fname, lname);
		printk(KERN_INFO "[*] The current process is [%s] with PID[%i]\n", current->comm, current->pid);
		
		// Always return 0 to show success.
		// If a non-zero value is returned it more than likely means an error occurred while loading
		return 0;
	}


// Setup the cleanup module. Basically what the LKM does upon exit
static void __exit hello_exit(void)
	{
		printk(KERN_INFO "[*] THANK YOU!! '%s %s' for visiting. See ya ...\n", fname, lname);
	}

// Now tell the system which module to load upon initialization
module_init(hello_init);

// Which module to call upon exit
module_exit(hello_exit);


/*
 * References:
 * https://elixir.bootlin.com/linux/latest/source/include/linux/module.h
 * https://elixir.bootlin.com/linux/latest/source/include/linux/kernel.h
 * https://elixir.bootlin.com/linux/latest/source/include/linux/printk.h
 * https://elixir.bootlin.com/linux/latest/source/include/linux/tty.h
 * http://www.makelinux.net/ldd3/chp-2-sect-8.shtml
 */

Perform the make similar to what was done before and created the following files:

1
2
3
4
5
6
7
8
9
kali@securitynik:~/rootkits/HelloWorld2$ make all
make --directory=/lib/modules/5.5.0-kali2-amd64/build/ M=/home/kali/rootkits/HelloWorld2 modules
make[1]: Entering directory '/usr/src/linux-headers-5.5.0-kali2-amd64'
  CC [M]  /home/kali/rootkits/HelloWorld2/helloWorld-parmameters.o
  Building modules, stage 2.
  MODPOST 1 modules
  CC [M]  /home/kali/rootkits/HelloWorld2/helloWorld-parmameters.mod.o
  LD [M]  /home/kali/rootkits/HelloWorld2/helloWorld-parmameters.ko
make[1]: Leaving directory '/usr/src/linux-headers-5.5.0-kali2-amd64'

Peeking into the module before installing it and we see the two parameters below in the last two lines.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
kali@securitynik:~/rootkits/HelloWorld2$ sudo modinfo helloWorld-parmameters.ko
filename:       /home/kali/rootkits/HelloWorld2/helloWorld-parmameters.ko
alias:          SecurityNik Hello World with parameters
version:        0.2
description:    My Second shot at Kernel Module (LKM) 
                Requires 2 parameters: name and count
author:         Nik Alleyne - www.securitynik.com
license:        GPL v2
srcversion:     49300DF20231CF765D9471F
depends:        
retpoline:      Y
name:           helloWorld_parmameters
vermagic:       5.5.0-kali2-amd64 SMP mod_unload modversions 
parm:           fname: Specify a fist name for the user (charp)
parm:           lname: Specify a last name for the user (charp)

Now I install the module, using the two parameters.

1
kali@securitynik:~/rootkits/HelloWorld2$ sudo insmod helloWorld-parmameters.ko fname="Nik" lname="Alleyne"

Let's confirm the module was installed

1
2
3
4
5
6
kali@securitynik:~/rootkits/HelloWorld2$ sudo lsmod 
Module                  Size  Used by
helloWorld_parmameters    16384  0
tcp_diag               16384  0
inet_diag              20480  1 tcp_diag
....


Let's now uninstall the module
1
kali@securitynik:~/rootkits/HelloWorld2$ sudo rmmod helloWorld_parmameters

Let's now confirm the first and last name was successfully written via "dmesg --ctime".

1
2
3
4
[Sun Jul  5 21:50:10 2020] [*] WELCOME!! 'Nik Alleyne' to SecurityNik LKM World! 
                            Enjoy your stay!
[Sun Jul  5 21:50:10 2020] [*] The current process is [insmod] with PID[34871]
[Sun Jul  5 21:53:22 2020] [*] THANK YOU!! 'Nik Alleyne' for visiting. See ya ...

Looks good and looks like I am making progress. Join me in the next post where I learn a bit more about processes.

Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)