我将 fs/ext2/复制为 fs/myext2/,
并修改了我需要修改的所有内容,在我更改 fs/myext2/file.c 之前,这一切都做得很好。当我像这样改变时,它做得很好(
将以下代码添加到 file.c 中,new_sync_write 和 new_sync_read 函数将从 fs/read_write.c 复制。
我还添加了另一个标题linux/uio.h,
将.read = new_sync_read_crypt, .write = new_sync_write_crypt添加到const struct file_operations myext2_file_operations (。
ssize_t new_sync_write_crypt(struct file *filp, const char __user *buf, size_t len, loff_t *ppos){
char *mybuf = buf;
int i;
/*for(i=0;i<len;i++){
mybuf[i] += 25;
}*/
printk("haha write encrypt %ldn",len);
return new_sync_write(filp,mybuf,len,ppos);
}
ssize_t new_sync_read_crypt(struct file *filp, char __user *buf, size_t len, loff_t *ppos){
ssize_t ret = new_sync_read(filp,buf,len,ppos);
int i;
/*for(i = 0; i < len; i++)
buf[i] -= 25;*/
printk("haha read encrypt %ldn",len);
return ret;
}
"做得很好"意味着,在/mnt 下,我echo "1234567" > test.txt,而在 log( dmesg (中它确实有正确的输出,我可以"cp"、"猫"。
但是在我移动/**/之后,一切都出错了。我不能"猫测试.txt",它说killed。
root@ubuntu:/mnt# cat test.txt
killed
root@ubuntu:/mnt#
在日志中:
[ 5640.036210] BUG: unable to handle kernel paging request at b733f000
[ 5640.036215] IP: [<f9072aa0>] new_sync_read_crypt+0xc0/0x100 [myext2]
[ 5640.036220] *pdpt = 0000000011da5001 *pde = 0000000004708067 *pte = 0000000000000000
[ 5640.036222] Oops: 0002 [#21] SMP
[ 5640.036225] Modules linked in: myext2(OE) rfcomm bnep crc32_pclmul vmw_balloon aesni_intel aes_i586 xts lrw gf128mul ablk_helper cryptd joydev input_leds serio_raw snd_ens1371 snd_ac97_codec gameport ac97_bus vmw_vsock_vmci_transport vsock snd_pcm snd_seq_midi uvcvideo videobuf2_vmalloc videobuf2_memops snd_seq_midi_event videobuf2_v4l2 snd_rawmidi btusb btrtl btbcm videobuf2_core btintel videodev bluetooth media snd_seq snd_seq_device snd_timer snd soundcore nfit 8250_fintek mac_hid vmw_vmci i2c_piix4 shpchp parport_pc ppdev lp parport autofs4 hid_generic usbhid hid psmouse vmwgfx ttm drm_kms_helper ahci libahci mptspi mptscsih pcnet32 mii syscopyarea sysfillrect sysimgblt fb_sys_fops drm mptbase scsi_transport_spi pata_acpi fjes [last unloaded: myext2]
[ 5640.036249] CPU: 0 PID: 9011 Comm: cat Tainted: G D OE 4.6.0 #1
[ 5640.036250] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/19/2017
[ 5640.036252] task: f549dc40 ti: d1da6000 task.ti: d1da6000
[ 5640.036253] EIP: 0060:[<f9072aa0>] EFLAGS: 00010206 CPU: 0
[ 5640.036255] EIP is at new_sync_read_crypt+0xc0/0x100 [myext2]
[ 5640.036256] EAX: b735f000 EBX: b733f000 ECX: d1da7f60 EDX: 00000000
[ 5640.036258] ESI: 00020000 EDI: 00000000 EBP: d1da7ed8 ESP: d1da7e88
[ 5640.036259] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[ 5640.036260] CR0: 80050033 CR2: b733f000 CR3: 30ef0120 CR4: 003406f0
[ 5640.036265] Stack:
[ 5640.036265] 00000001 00020000 d1da7f60 b733f000 00020000 00000000 00000000 00020000
[ 5640.036268] d1da7e94 00000001 f2bdac00 00000000 00000000 00000000 00000000 00000000
[ 5640.036271] ffa41c7b f2bdac00 f90729e0 d1da7f60 d1da7f2c c11ea28f d1da7f60 c6e50cf8
[ 5640.036274] Call Trace:
[ 5640.036277] [<f90729e0>] ? myext2_empty_dir+0x170/0x170 [myext2]
[ 5640.036280] [<c11ea28f>] __vfs_read+0x2f/0x100
[ 5640.036282] [<c11ea76e>] ? rw_verify_area+0x5e/0x140
[ 5640.036284] [<c11ea8bf>] vfs_read+0x6f/0x140
[ 5640.036286] [<c11eb9e1>] SyS_read+0x51/0xb0
[ 5640.036288] [<c100394d>] do_fast_syscall_32+0x8d/0x140
[ 5640.036291] [<c17baa2e>] sysenter_past_esp+0x47/0x75
[ 5640.036292] Code: 8d 45 d8 ff 51 10 3d ef fd ff ff 89 c7 74 54 8b 45 dc 8b 4d b8 85 f6 8b 55 e0 89 01 8d 04 33 89 51 04 74 11 8d b4 26 00 00 00 00 <80> 2b 19 83 c3 01 39 d8 75 f6 89 74 24 04 c7 04 24 b5 b9 07 f9
[ 5640.036311] EIP: [<f9072aa0>] new_sync_read_crypt+0xc0/0x100 [myext2] SS:ESP 0068:d1da7e88
[ 5640.036320] CR2: 00000000b733f000
[ 5640.036322] ---[ end trace d357a556f62edff8 ]---
我会尝试一个答案。
1. 阅读部分:
您依赖于传递的长度,而不是返回的长度ret此处:
ssize_t ret = new_sync_read(filp,buf,len,ppos);
因此,在缓冲区的末尾,当len高于要读取的其余部分时,new_sync_read返回低于len的ret并且循环在边界之外写入。
我的修复建议:
ssize_t new_sync_read_crypt(struct file *filp, char __user *buf, size_t len, loff_t *ppos){
ssize_t ret = new_sync_read(filp,buf,len,ppos);
size_t i;
for(i = 0; i < ret; i++)
buf[i] -= 25;
return ret;
}
我还会添加if (buf)来保护循环,以防通过buf=NULL和len=-1
2.写部分:
这里的问题比较棘手。
ssize_t new_sync_write_crypt(struct file *filp, const char __user *buf, size_t len, loff_t *ppos){
char *mybuf = buf;
在这里,通过将常量转换为非常量以便进行加密,违反了const规则。您不能这样做,例如,如果常量缓冲区指向字符串文本。
您必须使用 malloc 创建副本
size_t new_sync_write_crypt(struct file *filp, const char __user *buf, size_t len, loff_t *ppos){
char *mybuf = malloc(len);
size_t i;
for(i=0;i<len;i++){
mybuf[i] = buf[i]+25;
}
size_t r = new_sync_write(filp,mybuf,len,ppos);
free(mybuf);
return r;
}