trying to read iw_statistics but code wont work? - linux

I need to read certain statistics from iw_statistics structure, here's the code:
struct net_device *dev;
struct iw_statistics *wi_stats;
dev = first_net_device(&init_net);
while (dev)
{
if (strncmp(dev->name , "wlan",4)==0 )
{
if (dev->wireless_handlers->get_wireless_stats(dev) !=NULL ) // <--- here's where the code crashes.
{
wi_stats = dev-wireless_handlers->get_wireless_stats(dev);
printk(KERN_INFO "wi_stats = dev-wireless_handlers->get_wireless_stats(dev); worked!!! :D\n");
}
}
}
I'm working on linux kernel 2.6.35 and I'm writing a kernel module. What am I doing wrong here?

Looks like wireless_handlers struct is Null ... Just because a net device has it's name field filled doesn't mean it's configured.
This is where wireless_handlers gets set:
#ifdef CONFIG_WIRELESS_EXT
/* List of functions to handle Wireless Extensions (instead of ioctl).
* See <net/iw_handler.h> for details. Jean II */
const struct iw_handler_def * wireless_handlers;
/* Instance data managed by the core of Wireless Extensions. */
struct iw_public_data * wireless_data;
#endif
You should check the value called CONFIG_WIRELESS_EXT if it's not set , the wireless_handler struct is not set and thus you''ll be pointing to a Null and your module will get stuck

You should check that dev->wireless_handlers is not null. Can you paste the actual code snippet? What is the error you get?

Related

Why doesn't MSVC initialize this const struct?

I have some code written in C, and there is one section that refuses to cooperate when using Visual Studio 2015 Community (clang has no problems). I have a simple struct:
/** Options for enumerating over all documents. */
typedef struct {
unsigned skip; /**< The number of initial results to skip. */
C4EnumeratorFlags flags; /**< Option flags */
} C4EnumeratorOptions;
enum {
kC4Descending = 0x01, /**< If true, iteration goes by descending document IDs. */
kC4InclusiveStart = 0x02, /**< If false, iteration starts just _after_ startDocID. */
kC4InclusiveEnd = 0x04, /**< If false, iteration stops just _before_ endDocID. */
kC4IncludeDeleted = 0x08, /**< If true, include deleted documents. */
kC4IncludeNonConflicted = 0x10, /**< If false, include _only_ documents in conflict. */
kC4IncludeBodies = 0x20 /**< If false, document bodies will not be preloaded, just
metadata (docID, revID, sequence, flags.) This is faster if you
don't need to access the revision tree or revision bodies. You
can still access all the data of the document, but it will
trigger loading the document body from the database. */
};
typedef uint16_t C4EnumeratorFlags;
And I also have a constant "default" value for it:
// In header
extern const C4EnumeratorOptions kC4DefaultEnumeratorOptions;
// In implementation
const C4EnumeratorOptions kC4DefaultEnumeratorOptions = {
0, // skip
kC4InclusiveStart | kC4InclusiveEnd | kC4IncludeNonConflicted | kC4IncludeBodies
};
However, when debugging I noticed that the initialization is not doing anything when I try to use the default value:
// options winds up with a "skip" value of something like 117939945
// and a flags value of 59648
C4EnumeratorOptions options = kC4DefaultEnumeratorOptions;
The section defining is in a DLL, and the second using is in an exe. Again, this only happens on Windows. Furthermore, the value in "options" is garbage but for some reason it's not even the same garbage that is stored in kC4DefaultEnumeratorOptions. I know MSVC is notorious for snubbing C, but this kind of initialization is so old that even MSVC should get it right, shouldn't it? So it must be something I am doing but I can't figure out what.
EDIT The symbol is being exported via a export definitions file. I checked with dumpbin, and found the symbol in the exported symbols list
41 46 00A6EA8 kC4DefaultEnumeratorOptions = kC4DefaultEnumeratorOptions
Also as one more bit of info, the calling code is C++ and the DLL code is C, which I suspect may be playing a part in this madness.
The comments from #M.M helped put me in the right direction. He asked if the symbol was exported. Technically, yes, it was exported since it was in the export list but apparently I also need to export the definition. So instead of including the global symbol in the .def file, I need to manually mark it with __declspec(dllexport) or __declspec(dllimport) in two places so in the end it looks like this:
#ifdef _MSC_VER
#ifdef CBFOREST_EXPORTS
#define CBFOREST_API __declspec(dllexport)
#else
#define CBFOREST_API __declspec(dllimport)
#endif
#endif
// ...
// Header
CBFOREST_API extern const C4EnumeratorOptions kC4DefaultEnumeratorOptions;
// Implementation
CBFOREST_API const C4EnumeratorOptions kC4DefaultEnumeratorOptions = {
0, // skip
kC4InclusiveStart | kC4InclusiveEnd | kC4IncludeNonConflicted | kC4IncludeBodies
};

What is the correct monotouch binding for this?

It seems most of the examples regarding binding an Objective-C library to c# show methods and properties, but what do you do with instance variables that are declared?
Here's an example of the .h file I'm trying to create a binding for:
#interface NdefRecord : NSObject
{
#public
uint8_t Flags;
NDEF_TNF_Type Tnf;
uint8_t TypeLength;
uint8_t *Type;
uint8_t IdLength;
uint8_t *Id;
uint32_t PayloadLength;
uint8_t *PayloadData;
}
/**
Initialize this record.
- Optional: Since member fields are public, you can also set them directly.
*/
- (id) init:(NDEF_TNF_Type)tnf type:(NSData*)type Id:(NSData*)IdBytes payload:(NSData*)payload;
/**
Parse an NDEF Record from raw bytes.
*/
- (BOOL) parse:(UInt8*)data;
/**
Returns this entire NDEF Record as a byte array.
*/
- (uint32_t) toByteArray:(UInt8*)buffer;
...
#end
In my binding project, things like the parse: method are easy enough to bind, but things like TypeLength and *Type were missed by Objective Sharpie, and nothing I seem to hand create works properly.
In an iOS XCode project, those variables are accessed with syntax like so:
record->TypeLength instead of [record TypeLength] which leads me to believe a simple binding like:
[Export ("TypeLength")]
Byte TypeLength { get; set; }
isn't going to work.
I'm completely stuck on a solution here, so any guidance is much appreciated!
The binding tool does not support accessing internal fields of a class, which is what you are trying to do here.
The only thing you can bind with an [Export] are actual properties and methods.
You need to alter that library to expose properties to those internals.

How to attach per open() data in a device driver?

I have some code which looks like:
static int devname_read(struct cdev *dev, struct uio *uio, int ioflag)
{
int error = modify_state();
return (error);
}
The issue here is that modify_state() operates on global state when it really should be operating on is per open(2). In other words no reader should conflict with each other, and nothing persist when the device is close(2)ed.
How can I associate state with the file-descriptor or related identifier?
You probably want to use cdevpriv; see http://www.freebsd.org/cgi/man.cgi?devfs_set_cdevpriv.

Ripping out the hidden kernel module by reading kernel memory directly?

Is it possible to find hidden kernel modules by reading kernel memory directly?
By hiding I mean a LKM that removes itself from the kernel module list.
If so, what structure should I expect, or what document should I read?
following #Eugene, I find a way to read kernel memory directly to find the so called not-so-clever hidden module: just compare the module from both procfs perspective and sysfs perspective:
static int detect_hidden_mod_init(void)
{
char *procfs_modules[MAX_MODULE_SIZE];
char *sysfs_modules[MAX_MODULE_SIZE];
int proc_module_index = 0, sys_module_index = 0;
struct module *mod;
struct list_head *p;
// get modules from procfs perspective
list_for_each(p, &__this_module.list){
mod = list_entry(p, struct module, list);
procfs_modules[proc_module_index++] = mod->name;
}
// get modules from sysfs perspective
struct kobject *kobj;
struct kset *kset = __this_module.mkobj.kobj.kset;
list_for_each(p, &kset->list) {
kobj = container_of(p, struct kobject, entry);
sysfs_modules[sys_module_index++] = kobj->k_name;
}
//compare the procfs_modules and sysfs_modules
...
}
Actually it can detect most of current module-hidden rootkit, however as Eugene said, "A clever rootkit could try to hide that data as well". So it is not a perfect way.

What does get_current() return in this kernel module?

I have written a kernel module which reads and writes /proc files, and it is working fine. Now I want to use permissions with it, but when I write the function for permissions shown below it gives me an error. The goal is for everyone to be able to read the file but only root can write to it.
int my_permission(struct inode *inode, int op)
{
if(op == 4||(op == 2 && current->euid = 0)) //euid is not a member of task_struct
return 0;
return -EACCES;
}
const struct inode_operations my_iops = {
.permission = my_permission,
};
The error I'm getting is:
/home/karan/practice/procf/testproc1.c: In function ‘my_permission’:
/home/karan/practice/procf/testproc1.c:50:32: error: ‘struct task_struct’ has no member named ‘euid'
I know that current is #defined to get_current(). Why is this happening? Is there a list of members of the struct returned from get_current()?
The struct task_struct is defined in include/linux/sched.h in the kernel source tree, you can view the members there. The current credentials would be in get_current()->cred , and the effective user id is get_current()->cred->euid
It's not safe to access those members directly, you must rather call current_euid() from include/linux/cred.h
http://www.kernel.org/doc/Documentation/security/credentials.txt might be of interest to you as well

Resources