[PATCH] enabling LKM for custom beeper
Hi Linus, Alan, this patch has proven to be stable an useable. It hasn't changed since 2.2.13. The patch affects kd_mksound and kd_nosound which are responsible for generating sound. The default behaviour won't be changed but it's now possible for a LKM to hook into these calls and change the way the system bell rings. Changes in struct timer_list made a separate patch for 2.4.0 necessary. Please incorporante into next release of 2.{2,4} if appropriate; TIA, cu. : Christian --- drivers/char/vt.c.orig Mon Aug 9 21:04:39 1999 +++ drivers/char/vt.c Sun Jan 23 17:10:28 2000 @@ -92,18 +92,20 @@ || (defined(__mips__) && !defined(CONFIG_SGI)) static void -kd_nosound(unsigned long ignored) +_kd_nosound(unsigned long ignored) { /* disable counter 2 */ outb(inb_p(0x61)&0xFC, 0x61); return; } -void +void (*kd_nosound)(unsigned long ignored) = _kd_nosound; + +static void _kd_mksound(unsigned int hz, unsigned int ticks) { static struct timer_list sound_timer = { NULL, NULL, 0, 0, -kd_nosound }; +_kd_nosound }; unsigned int count = 0; --- kernel/ksyms.c.orig Wed Oct 20 02:14:02 1999 +++ kernel/ksyms.c Sun Jan 23 17:10:28 2000 @@ -62,6 +62,9 @@ extern void free_dma(unsigned int dmanr); extern spinlock_t dma_spin_lock; +extern void (*kd_nosound)(unsigned long ignored); +extern void (*kd_mksound)(unsigned int count, unsigned int ticks); + #ifdef CONFIG_MODVERSIONS const struct module_symbol __export_Using_Versions __attribute__((section("__ksymtab"))) = { @@ -341,6 +344,8 @@ EXPORT_SYMBOL(register_reboot_notifier); EXPORT_SYMBOL(unregister_reboot_notifier); EXPORT_SYMBOL(_ctype); +EXPORT_SYMBOL(kd_nosound); +EXPORT_SYMBOL(kd_mksound); EXPORT_SYMBOL(secure_tcp_sequence_number); EXPORT_SYMBOL(get_random_bytes); EXPORT_SYMBOL(securebits); --- include/linux/vt_kern.h.origFri Oct 22 01:48:41 1999 +++ include/linux/vt_kern.h Sun Jan 23 17:10:28 2000 @@ -30,7 +30,7 @@ struct wait_queue *paste_wait; } *vt_cons[MAX_NR_CONSOLES]; -void (*kd_mksound)(unsigned int hz, unsigned int ticks); +extern void (*kd_mksound)(unsigned int hz, unsigned int ticks); /* console.c */ --- linux-2.4.0-pristine/drivers/char/vt.c Thu Jan 4 22:00:55 2001 +++ linux-2.4.0/drivers/char/vt.c Sun Jan 28 21:01:37 2001 @@ -98,17 +98,19 @@ || (defined(__arm__) && defined(CONFIG_HOST_FOOTBRIDGE)) static void -kd_nosound(unsigned long ignored) +_kd_nosound(unsigned long ignored) { /* disable counter 2 */ outb(inb_p(0x61)&0xFC, 0x61); return; } -void +void (*kd_nosound)(unsigned long ignored) = _kd_nosound; + +static void _kd_mksound(unsigned int hz, unsigned int ticks) { - static struct timer_list sound_timer = { function: kd_nosound }; + static struct timer_list sound_timer = { function: _kd_nosound }; unsigned int count = 0; unsigned long flags; --- linux-2.4.0-pristine/include/linux/vt_kern.hThu Jan 4 23:51:24 2001 +++ linux-2.4.0/include/linux/vt_kern.h Sun Jan 28 21:00:32 2001 @@ -30,7 +30,7 @@ wait_queue_head_t paste_wait; } *vt_cons[MAX_NR_CONSOLES]; -void (*kd_mksound)(unsigned int hz, unsigned int ticks); +extern void (*kd_mksound)(unsigned int hz, unsigned int ticks); /* console.c */ --- linux-2.4.0-pristine/kernel/ksyms.c Wed Jan 3 01:45:37 2001 +++ linux-2.4.0/kernel/ksyms.c Sun Jan 28 21:00:32 2001 @@ -62,6 +62,9 @@ extern void free_dma(unsigned int dmanr); extern spinlock_t dma_spin_lock; +extern void (*kd_nosound)(unsigned long ignored); +extern void (*kd_mksound)(unsigned int count, unsigned int ticks); + #ifdef CONFIG_MODVERSIONS const struct module_symbol __export_Using_Versions __attribute__((section("__ksymtab"))) = { @@ -455,6 +458,8 @@ EXPORT_SYMBOL(machine_halt); EXPORT_SYMBOL(machine_power_off); EXPORT_SYMBOL(_ctype); +EXPORT_SYMBOL(kd_nosound); +EXPORT_SYMBOL(kd_mksound); EXPORT_SYMBOL(secure_tcp_sequence_number); EXPORT_SYMBOL(get_random_bytes); EXPORT_SYMBOL(securebits);
[PATCH] enabling LKM for custom beeper
Hi Linus, Alan, this patch has proven to be stable an useable. It hasn't changed since 2.2.13. The patch affects kd_mksound and kd_nosound which are responsible for generating sound. The default behaviour won't be changed but it's now possible for a LKM to hook into these calls and change the way the system bell rings. Changes in struct timer_list made a separate patch for 2.4.0 necessary. Please incorporante into next release of 2.{2,4} if appropriate; TIA, cu. : Christian --- drivers/char/vt.c.orig Mon Aug 9 21:04:39 1999 +++ drivers/char/vt.c Sun Jan 23 17:10:28 2000 @@ -92,18 +92,20 @@ || (defined(__mips__) !defined(CONFIG_SGI)) static void -kd_nosound(unsigned long ignored) +_kd_nosound(unsigned long ignored) { /* disable counter 2 */ outb(inb_p(0x61)0xFC, 0x61); return; } -void +void (*kd_nosound)(unsigned long ignored) = _kd_nosound; + +static void _kd_mksound(unsigned int hz, unsigned int ticks) { static struct timer_list sound_timer = { NULL, NULL, 0, 0, -kd_nosound }; +_kd_nosound }; unsigned int count = 0; --- kernel/ksyms.c.orig Wed Oct 20 02:14:02 1999 +++ kernel/ksyms.c Sun Jan 23 17:10:28 2000 @@ -62,6 +62,9 @@ extern void free_dma(unsigned int dmanr); extern spinlock_t dma_spin_lock; +extern void (*kd_nosound)(unsigned long ignored); +extern void (*kd_mksound)(unsigned int count, unsigned int ticks); + #ifdef CONFIG_MODVERSIONS const struct module_symbol __export_Using_Versions __attribute__((section("__ksymtab"))) = { @@ -341,6 +344,8 @@ EXPORT_SYMBOL(register_reboot_notifier); EXPORT_SYMBOL(unregister_reboot_notifier); EXPORT_SYMBOL(_ctype); +EXPORT_SYMBOL(kd_nosound); +EXPORT_SYMBOL(kd_mksound); EXPORT_SYMBOL(secure_tcp_sequence_number); EXPORT_SYMBOL(get_random_bytes); EXPORT_SYMBOL(securebits); --- include/linux/vt_kern.h.origFri Oct 22 01:48:41 1999 +++ include/linux/vt_kern.h Sun Jan 23 17:10:28 2000 @@ -30,7 +30,7 @@ struct wait_queue *paste_wait; } *vt_cons[MAX_NR_CONSOLES]; -void (*kd_mksound)(unsigned int hz, unsigned int ticks); +extern void (*kd_mksound)(unsigned int hz, unsigned int ticks); /* console.c */ --- linux-2.4.0-pristine/drivers/char/vt.c Thu Jan 4 22:00:55 2001 +++ linux-2.4.0/drivers/char/vt.c Sun Jan 28 21:01:37 2001 @@ -98,17 +98,19 @@ || (defined(__arm__) defined(CONFIG_HOST_FOOTBRIDGE)) static void -kd_nosound(unsigned long ignored) +_kd_nosound(unsigned long ignored) { /* disable counter 2 */ outb(inb_p(0x61)0xFC, 0x61); return; } -void +void (*kd_nosound)(unsigned long ignored) = _kd_nosound; + +static void _kd_mksound(unsigned int hz, unsigned int ticks) { - static struct timer_list sound_timer = { function: kd_nosound }; + static struct timer_list sound_timer = { function: _kd_nosound }; unsigned int count = 0; unsigned long flags; --- linux-2.4.0-pristine/include/linux/vt_kern.hThu Jan 4 23:51:24 2001 +++ linux-2.4.0/include/linux/vt_kern.h Sun Jan 28 21:00:32 2001 @@ -30,7 +30,7 @@ wait_queue_head_t paste_wait; } *vt_cons[MAX_NR_CONSOLES]; -void (*kd_mksound)(unsigned int hz, unsigned int ticks); +extern void (*kd_mksound)(unsigned int hz, unsigned int ticks); /* console.c */ --- linux-2.4.0-pristine/kernel/ksyms.c Wed Jan 3 01:45:37 2001 +++ linux-2.4.0/kernel/ksyms.c Sun Jan 28 21:00:32 2001 @@ -62,6 +62,9 @@ extern void free_dma(unsigned int dmanr); extern spinlock_t dma_spin_lock; +extern void (*kd_nosound)(unsigned long ignored); +extern void (*kd_mksound)(unsigned int count, unsigned int ticks); + #ifdef CONFIG_MODVERSIONS const struct module_symbol __export_Using_Versions __attribute__((section("__ksymtab"))) = { @@ -455,6 +458,8 @@ EXPORT_SYMBOL(machine_halt); EXPORT_SYMBOL(machine_power_off); EXPORT_SYMBOL(_ctype); +EXPORT_SYMBOL(kd_nosound); +EXPORT_SYMBOL(kd_mksound); EXPORT_SYMBOL(secure_tcp_sequence_number); EXPORT_SYMBOL(get_random_bytes); EXPORT_SYMBOL(securebits);
[PATCH] ipchains log will show all flags
Hi, This tiny patch extends ipchains logging. This way one can distinguish (plain) connection attempts and (stealth) scans. E.g. kernel: Packet log: input - lo PROTO=6 127.0.0.1:40326 127.0.0.1:80 L=40 S=0x00 I=5808 F=0x T=51 (#1) vs. L=40 S=0x00 I=5808 F=0x T=51 SYN ACK (#1) and L=40 S=0x00 I=5808 F=0x T=51 URG PSH SYN FIN (#1) Some comments on the format have been considered. I dislike bloating my logging with "URG ACK PSH RST SYN FIN " and like to see a compact format (eg. "B=fsrpau"). Despite that iptables does it the former way (linux-2.4.0-test11/net/ipv4/netfilter/ipt_LOG.c). Please note that SYN is not any longer SYN && !ACK && !RST. This will break log parser that look for connection initiation packets. Besides ipchains(8) man page is wrong. FIN should be RST? [!] -y, --syn Only match TCP packets with the SYN bit set and the ACK and FIN bits cleared. Such packets are used to Could you please comment on the tradeoff between multiple printk()'s and the printk("%s", "")? Logging the FW Mark value was suggested by Roberto Nibali <[EMAIL PROTECTED]> Could be included as printk(" M=%d", f->ipfw.fw_mark); The patch is against 2.2.17's /net/ipv4/ip_fw.c ipchains logging all flags Christian W. Zuckschwerdt <[EMAIL PROTECTED]> --- linux-2.2.17-pristine/net/ipv4/ip_fw.c.orig Mon Nov 27 00:38:36 2000 +++ linux-2.2.17/net/ipv4/ip_fw.c Mon Dec 11 15:10:51 2000 @@ -41,6 +41,9 @@ * John McDonald <[EMAIL PROTECTED]> * Thomas Lopatic <[EMAIL PROTECTED]> * 21-Oct-1999: Applied count fix by Emanuele Caratti <[EMAIL PROTECTED]> --RR + * 11-Dec-2000: Added "URG ACK PSH RST SYN FIN" in log message. + * Please note SYN is no longer SYN && !ACK && !RST + * Christian W. Zuckschwerdt <[EMAIL PROTECTED]> */ /* @@ -443,7 +443,24 @@ for (opti = 0; opti < (ip->ihl - sizeof(struct iphdr) / 4); opti++) printk(" O=0x%8.8X", *opt++); - printk(" %s(#%d)\n", syn ? "SYN " : /* "PENANCE" */ "", count); + + if ((ip->protocol == IPPROTO_TCP) && !(ip->frag_off & htons(IP_OFFSET))) { + struct tcphdr *tcp=(struct tcphdr *)((__u32 *)ip+ip->ihl); + /* Max length: 36 " URG ACK PSH RST SYN FIN" */ + if (tcp->urg) + printk(" URG"); + if (tcp->ack) + printk(" ACK"); + if (tcp->psh) + printk(" PSH"); + if (tcp->rst) + printk(" RST"); + if (tcp->syn) + printk(" SYN"); + if (tcp->fin) + printk(" FIN"); + } + printk(" (#%d) M=%d\n", count, f->ipfw.fw_mark); } /* function for checking chain labels for user space. */ -- cu. : Christian - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] Please read the FAQ at http://www.tux.org/lkml/
[PATCH] ipchains log will show all flags
Hi, This tiny patch extends ipchains logging. This way one can distinguish (plain) connection attempts and (stealth) scans. E.g. kernel: Packet log: input - lo PROTO=6 127.0.0.1:40326 127.0.0.1:80 L=40 S=0x00 I=5808 F=0x T=51 (#1) vs. L=40 S=0x00 I=5808 F=0x T=51 SYN ACK (#1) and L=40 S=0x00 I=5808 F=0x T=51 URG PSH SYN FIN (#1) Some comments on the format have been considered. I dislike bloating my logging with "URG ACK PSH RST SYN FIN " and like to see a compact format (eg. "B=fsrpau"). Despite that iptables does it the former way (linux-2.4.0-test11/net/ipv4/netfilter/ipt_LOG.c). Please note that SYN is not any longer SYN !ACK !RST. This will break log parser that look for connection initiation packets. Besides ipchains(8) man page is wrong. FIN should be RST? [!] -y, --syn Only match TCP packets with the SYN bit set and the ACK and FIN bits cleared. Such packets are used to Could you please comment on the tradeoff between multiple printk()'s and the printk("%s", "")? Logging the FW Mark value was suggested by Roberto Nibali [EMAIL PROTECTED] Could be included as printk(" M=%d", f-ipfw.fw_mark); The patch is against 2.2.17's /net/ipv4/ip_fw.c ipchains logging all flags Christian W. Zuckschwerdt [EMAIL PROTECTED] --- linux-2.2.17-pristine/net/ipv4/ip_fw.c.orig Mon Nov 27 00:38:36 2000 +++ linux-2.2.17/net/ipv4/ip_fw.c Mon Dec 11 15:10:51 2000 @@ -41,6 +41,9 @@ * John McDonald [EMAIL PROTECTED] * Thomas Lopatic [EMAIL PROTECTED] * 21-Oct-1999: Applied count fix by Emanuele Caratti [EMAIL PROTECTED] --RR + * 11-Dec-2000: Added "URG ACK PSH RST SYN FIN" in log message. + * Please note SYN is no longer SYN !ACK !RST + * Christian W. Zuckschwerdt [EMAIL PROTECTED] */ /* @@ -443,7 +443,24 @@ for (opti = 0; opti (ip-ihl - sizeof(struct iphdr) / 4); opti++) printk(" O=0x%8.8X", *opt++); - printk(" %s(#%d)\n", syn ? "SYN " : /* "PENANCE" */ "", count); + + if ((ip-protocol == IPPROTO_TCP) !(ip-frag_off htons(IP_OFFSET))) { + struct tcphdr *tcp=(struct tcphdr *)((__u32 *)ip+ip-ihl); + /* Max length: 36 " URG ACK PSH RST SYN FIN" */ + if (tcp-urg) + printk(" URG"); + if (tcp-ack) + printk(" ACK"); + if (tcp-psh) + printk(" PSH"); + if (tcp-rst) + printk(" RST"); + if (tcp-syn) + printk(" SYN"); + if (tcp-fin) + printk(" FIN"); + } + printk(" (#%d) M=%d\n", count, f-ipfw.fw_mark); } /* function for checking chain labels for user space. */ -- cu. : Christian - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] Please read the FAQ at http://www.tux.org/lkml/
[PATCH] ipchains log will show all flags
Hi Linus, This tiny patch extends ipchains logging. This way one can distinguish (plain) connection attempts and (Xmas, Fin,...) scans. E.g. kernel: Packet log: input - lo PROTO=6 127.0.0.1:40326 127.0.0.1:80 L=40 S=0x00 I=5808 F=0x T=51 (#1) vs. L=40 S=0x00 I=5808 F=0x T=51 (#1) B=-s--a- and L=40 S=0x00 I=5808 F=0x T=51 (#1) B=fs-p-u Please comment on the format (B=...) and implementation details (speed). The patch is against 2.2.17's /net/ipv4/ip_fw.c ipchains log with flags Christian W. Zuckschwerdt <[EMAIL PROTECTED]> --- linux-2.2.17-pristine/net/ipv4/ip_fw.c.orig Mon Nov 27 00:38:36 2000 +++ linux-2.2.17/net/ipv4/ip_fw.c Sun Dec 3 23:58:06 2000 @@ -415,6 +415,7 @@ { __u32 *opt = (__u32 *) (ip + 1); int opti; + struct tcphdr *tcp=(struct tcphdr *)((__u32 *)ip+ip->ihl); if (f) { @@ -443,7 +444,15 @@ for (opti = 0; opti < (ip->ihl - sizeof(struct iphdr) / 4); opti++) printk(" O=0x%8.8X", *opt++); - printk(" %s(#%d)\n", syn ? "SYN " : /* "PENANCE" */ "", count); + printk(" %s(#%d)", syn ? "SYN " : /* "PENANCE" */ "", count); + + if (ip->protocol == IPPROTO_TCP) + printk(" B=%c%c%c%c%c%c\n", tcp->fin ? 'f' : '-', + tcp-syn ? 's' : '-', tcp->rst ? 'r' : '-', + tcp->psh ? 'p' : '-', tcp->ack ? 'a' : '-', + tcp->urg ? 'u' : '-'); + else + printk("\n"); } /* function for checking chain labels for user space. */ -- cu. : Christian - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] Please read the FAQ at http://www.tux.org/lkml/
[PATCH] ipchains log will show all flags
Hi Linus, This tiny patch extends ipchains logging. This way one can distinguish (plain) connection attempts and (Xmas, Fin,...) scans. E.g. kernel: Packet log: input - lo PROTO=6 127.0.0.1:40326 127.0.0.1:80 L=40 S=0x00 I=5808 F=0x T=51 (#1) vs. L=40 S=0x00 I=5808 F=0x T=51 (#1) B=-s--a- and L=40 S=0x00 I=5808 F=0x T=51 (#1) B=fs-p-u Please comment on the format (B=...) and implementation details (speed). The patch is against 2.2.17's /net/ipv4/ip_fw.c ipchains log with flags Christian W. Zuckschwerdt [EMAIL PROTECTED] --- linux-2.2.17-pristine/net/ipv4/ip_fw.c.orig Mon Nov 27 00:38:36 2000 +++ linux-2.2.17/net/ipv4/ip_fw.c Sun Dec 3 23:58:06 2000 @@ -415,6 +415,7 @@ { __u32 *opt = (__u32 *) (ip + 1); int opti; + struct tcphdr *tcp=(struct tcphdr *)((__u32 *)ip+ip-ihl); if (f) { @@ -443,7 +444,15 @@ for (opti = 0; opti (ip-ihl - sizeof(struct iphdr) / 4); opti++) printk(" O=0x%8.8X", *opt++); - printk(" %s(#%d)\n", syn ? "SYN " : /* "PENANCE" */ "", count); + printk(" %s(#%d)", syn ? "SYN " : /* "PENANCE" */ "", count); + + if (ip-protocol == IPPROTO_TCP) + printk(" B=%c%c%c%c%c%c\n", tcp-fin ? 'f' : '-', + tcp-syn ? 's' : '-', tcp-rst ? 'r' : '-', + tcp-psh ? 'p' : '-', tcp-ack ? 'a' : '-', + tcp-urg ? 'u' : '-'); + else + printk("\n"); } /* function for checking chain labels for user space. */ -- cu. : Christian - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] Please read the FAQ at http://www.tux.org/lkml/