Linux host2.homegym.sg 4.18.0-553.8.1.el8_10.x86_64 #1 SMP Tue Jul 2 07:26:33 EDT 2024 x86_64
Apache
Server IP : 159.223.38.192 & Your IP : 159.223.38.192
Domains : 20 Domain
User : eachadea
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Lock Shell
Lock File++
Readme
/
usr /
src /
file_protector-1.1-1583 /
Delete
Unzip
Name
Size
Permission
Date
Action
common
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
ftrace_hooks
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
lsm_hooks
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
syscall_hooks
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
transport
[ DIR ]
drwxr-xr-x
2025-10-28 18:03
Kbuild
10.29
KB
-rw-r--r--
2025-10-28 18:03
Makefile
2.23
KB
-rw-r--r--
2025-10-28 18:03
compat.c
8.42
KB
-rw-r--r--
2025-10-28 18:03
compat.h
11.98
KB
-rw-r--r--
2025-10-28 18:03
debug.h
3.56
KB
-rw-r--r--
2025-10-28 18:03
dkms.conf
146
B
-rw-r--r--
2025-10-28 18:03
file_contexts.c
60.43
KB
-rw-r--r--
2025-10-28 18:03
file_contexts.h
6.21
KB
-rw-r--r--
2025-10-28 18:03
file_contexts_priv.h
5.48
KB
-rw-r--r--
2025-10-28 18:03
file_handle_tools.h
2.53
KB
-rw-r--r--
2025-10-28 18:03
file_key_tools.h
950
B
-rw-r--r--
2025-10-28 18:03
file_path_tools.h
2.09
KB
-rw-r--r--
2025-10-28 18:03
hashtable_compat.h
2.73
KB
-rw-r--r--
2025-10-28 18:03
hook_trampoline_common.h
4.29
KB
-rw-r--r--
2025-10-28 18:03
interval_tree.h
779
B
-rw-r--r--
2025-10-28 18:03
memory.c
3.31
KB
-rw-r--r--
2025-10-28 18:03
memory.h
2.99
KB
-rw-r--r--
2025-10-28 18:03
module.c
2.67
KB
-rw-r--r--
2025-10-28 18:03
module_ref.h
421
B
-rw-r--r--
2025-10-28 18:03
module_rundown_protection.c
3.64
KB
-rw-r--r--
2025-10-28 18:03
module_rundown_protection.h
743
B
-rw-r--r--
2025-10-28 18:03
path_tools.h
6.06
KB
-rw-r--r--
2025-10-28 18:03
rundown_protection.c
4.2
KB
-rw-r--r--
2025-10-28 18:03
rundown_protection.h
2.83
KB
-rw-r--r--
2025-10-28 18:03
safe_kobject.h
1.28
KB
-rw-r--r--
2025-10-28 18:03
si_common.h
4.3
KB
-rw-r--r--
2025-10-28 18:03
si_fp_properties.h
858
B
-rw-r--r--
2025-10-28 18:03
si_fp_properties_x.h
18.53
KB
-rw-r--r--
2025-10-28 18:03
si_fp_value_types.h
515
B
-rw-r--r--
2025-10-28 18:03
si_fp_value_types_x.h
1.25
KB
-rw-r--r--
2025-10-28 18:03
si_size.h
4.26
KB
-rw-r--r--
2025-10-28 18:03
si_templates.h
2.99
KB
-rw-r--r--
2025-10-28 18:03
si_writer.h
7.52
KB
-rw-r--r--
2025-10-28 18:03
si_writer_common.h
14.63
KB
-rw-r--r--
2025-10-28 18:03
stringify.h
261
B
-rw-r--r--
2025-10-28 18:03
task_info_map.c
17.1
KB
-rw-r--r--
2025-10-28 18:03
task_info_map.h
6.33
KB
-rw-r--r--
2025-10-28 18:03
task_tools.h
1.34
KB
-rw-r--r--
2025-10-28 18:03
tracepoints.c
3.58
KB
-rw-r--r--
2025-10-28 18:03
tracepoints.h
299
B
-rw-r--r--
2025-10-28 18:03
write_protection.h
2.2
KB
-rw-r--r--
2025-10-28 18:03
Save
Rename
/** @file hook_trampoline_common.h @brief Common trampoline declaration @details Copyright (c) 2024 Acronis International GmbH @author Denis Kopyrin (denis.kopyrin@acronis.com) @since $Id: $ */ #pragma once #include "stringify.h" #ifdef CONFIG_RETPOLINE #include <asm/nospec-branch.h> #endif // If CONFIG_RETPOLINE is on, this will be magic to mute indirect 'jmp' #ifndef ANNOTATE_RETPOLINE_SAFE #define ANNOTATE_RETPOLINE_SAFE "" #endif #ifndef ASM_ENDBR #define ASM_ENDBR "" #endif // If CONFIG_RETHUNK is on, this will be magic that expands in a suitable 'ret' #ifndef ASM_RET #define ASM_RET "ret\n\t" #endif // Syscall hook may either decide to call to the original function 'fn' or return value 'ret'. // If 'fn' is not NULL, syscall hook trampoline will jump to this function. // If 'fn' is NULL, syscall hook trampoline will return 'ret'. typedef struct { long fn; long ret; } hook_ret_t; // This function is called when x86_64 enters syscall. // All parameters are in registers, push them on stack. // As no params were changed, just call our pre-handler. // Pop back the arguments and either call original function // with the restored arguments or override return value. // This asm function is the following C snippet coded to use tail jmp. #if 0 typedef hook_ret_t (*syscall_hook_generic_t)(long a, long b, long c, long d, long e, long f); typedef long (*syscall_generic_t)(long a, long b, long c, long d, long e, long f); #define HOOK_TRAMPOLINE(abi, tag) long name(long a, long b, long c, long d, long e, long f) { syscall_hook_generic_t fn = (syscall_hook_generic_t)(void*) fn; hook_ret_t ret = fn(a, b, c, d, e, f); if (ret.fn) { syscall_generic_t orig = (syscall_generic_t)(void*) ret.fn; return orig(a, b, c, d, e, f); } else { return ret.ret; } } #endif // In SysV 'RDI, RSI, RDX, RCX, R8, R9' are used for passing arguments, in kernel 'RDI, RSI, RDX, R10, R8, R9' // That's due to the fact that 'RCX' is used for syscall passing in kernel so 'RCX' is clobbered #ifndef KERNEL_MOCK #define HOOK_TRAMPOLINE_SIZE_DECL(name) ".size " STRINGIFY(name) ", .-" STRINGIFY(name) "\n\t" #else #define HOOK_TRAMPOLINE_SIZE_DECL(name) #endif // R10 is being pushed twice to keep the stack aligned #define HOOK_TRAMPOLINE_ASM(name, fn) __asm__( \ ".align 8;" "\n\t" \ ".pushsection .text;" "\n\t" \ STRINGIFY(name) ":" "\n\t" \ ASM_ENDBR "\n\t" \ "push %rbp" "\n\t" \ "mov %rsp, %rbp" "\n\t" \ "push %rdx" "\n\t" \ "push %rdi" "\n\t" \ "push %rsi" "\n\t" \ "push %r10" "\n\t" \ "push %r10" "\n\t" \ "push %rcx" "\n\t" \ "push %r8" "\n\t" \ "push %r9" "\n\t" \ "call " STRINGIFY(fn) "\n\t" \ "test %rax, %rax" "\n\t" \ "je ._ret_" STRINGIFY(name) "\n\t" \ "pop %r9" "\n\t" \ "pop %r8" "\n\t" \ "pop %rcx" "\n\t" \ "pop %r10" "\n\t" \ "pop %r10" "\n\t" \ "pop %rsi" "\n\t" \ "pop %rdi" "\n\t" \ "pop %rdx" "\n\t" \ "pop %rbp" "\n\t" \ "" ANNOTATE_RETPOLINE_SAFE "jmpq *%rax" "\n\t" \ "._ret_" STRINGIFY(name) ":" "\n\t" \ "mov %rdx, %rax" "\n\t" \ "pop %r9" "\n\t" \ "pop %r8" "\n\t" \ "pop %rcx" "\n\t" \ "pop %r10" "\n\t" \ "pop %r10" "\n\t" \ "pop %rsi" "\n\t" \ "pop %rdi" "\n\t" \ "pop %rdx" "\n\t" \ "pop %rbp" "\n\t" \ "" ASM_RET "" "\n\t" \ ".popsection;" "\n\t" \ ".type " STRINGIFY(name) ", @function;" "\n\t" \ HOOK_TRAMPOLINE_SIZE_DECL(name) "\n\t" \ );