linux_kernel_hacking
linux_kernel_hacking copied to clipboard
compile [3.9_hiding_logged_in_users] failed
qgb@ubuntu:~/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users$ make
make -C /lib/modules/4.4.0-142-generic/build M=/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged
_in_users modules
make[1]: Entering directory '/usr/src/linux-headers-4.4.0-142-generic'
CC [M] /home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.o
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:170:62: error: type default
s to ‘int’ in declaration of ‘buf’ [-Werror=implicit-int]
static asmlinkage long (*orig_pread64)(int fd, const __user *buf, size_t count, loff_t pos);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c: In function ‘hook_openat’:
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:189:28: error: ‘regs’ undec
lared (first use in this function)
return orig_openat(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:189:28: note: each undeclar
ed identifier is reported only once for each function it appears in
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:189:16: error: too few argu
ments to function ‘orig_openat’
return orig_openat(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:196:16: error: too few argu
ments to function ‘orig_openat’
return orig_openat(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:206:21: error: too few argu
ments to function ‘orig_openat’
tamper_fd = orig_openat(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:215:12: error: too few argu
ments to function ‘orig_openat’
return orig_openat(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c: At top level:
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:226:58: error: type default
s to ‘int’ in declaration of ‘buf’ [-Werror=implicit-int]
static asmlinkage int hook_pread64(int fd, const __user *buf, size_t count, loff_t pos)
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c: In function ‘hook_pread64’
:
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:244:33: error: ‘regs’ undec
lared (first use in this function)
return orig_pread64(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:244:20: error: too few argu
ments to function ‘orig_pread64’
return orig_pread64(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:249:15: error: too few argu
ments to function ‘orig_pread64’
ret = orig_pread64(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:275:34: warning: passing ar
gument 1 of ‘copy_to_user’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
error = copy_to_user(buf, kbuf, count);
^
In file included from include/linux/poll.h:11:0,
from include/linux/ring_buffer.h:7,
from include/linux/trace_events.h:5,
from include/trace/syscall.h:6,
from include/linux/syscalls.h:81,
from /home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:4:
./arch/x86/include/asm/uaccess.h:764:1: note: expected ‘void *’ but argument is of type ‘const int *’
copy_to_user(void __user *to, const void *from, unsigned long n)
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:292:12: error: too few argu
ments to function ‘orig_pread64’
return orig_pread64(regs);
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:293:1: warning: control rea
ches end of non-void function [-Wreturn-type]
}
^
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c: In function ‘hook_openat’:
/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.c:216:1: warning: control rea
ches end of non-void function [-Wreturn-type]
}
^
cc1: some warnings being treated as errors
scripts/Makefile.build:291: recipe for target '/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged
_in_users/rootkit.o' failed
make[2]: *** [/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users/rootkit.o] Error 1
Makefile:1454: recipe for target '_module_/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_u
sers' failed
make[1]: *** [_module_/home/qgb/github/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-4.4.0-142-generic'
Makefile:4: recipe for target 'all' failed
make: *** [all] Error 2
https://github.com/xcellerator/linux_kernel_hacking/blob/master/1_Livepatch/1.1_kpatch/README.md
apt install -y net-tools make gcc
apt install dpkg-dev devscripts elfutils ccache
apt build-dep linux
# make ok
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# who │
zhou tty1 2022-04-07 07:30 │
zhou pts/0 2022-04-07 07:33 (tmux(1154).%0) │
zhou pts/1 2022-04-07 09:51 (192.168.8.8) │
zhou pts/2 2022-04-07 07:49 (tmux(1154).%1) │
zhou pts/3 2022-04-07 07:50 (tmux(1154).%2) │
zhou pts/4 2022-04-07 08:32 (tmux(1154).%3) │
zhou pts/5 2022-04-07 09:51 (tmux(1154).%4) │
zhou pts/6 2022-04-07 10:30 (tmux(1154).%6) │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# insmod rootkit.ko │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# who │
zhou tty1 2022-04-07 07:30 │
zhou pts/0 2022-04-07 07:33 (tmux(1154).%0) │
zhou pts/1 2022-04-07 09:51 (192.168.8.8) │
zhou pts/2 2022-04-07 07:49 (tmux(1154).%1) │
zhou pts/3 2022-04-07 07:50 (tmux(1154).%2) │
zhou pts/4 2022-04-07 08:32 (tmux(1154).%3) │
zhou pts/5 2022-04-07 09:51 (tmux(1154).%4) │
zhou pts/6 2022-04-07 10:30 (tmux(1154).%6) │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# rmmod rootkit │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users# who │
zhou tty1 2022-04-07 07:30 │
zhou pts/0 2022-04-07 07:33 (tmux(1154).%0) │
zhou pts/1 2022-04-07 09:51 (192.168.8.8) │
zhou pts/2 2022-04-07 07:49 (tmux(1154).%1) │
zhou pts/3 2022-04-07 07:50 (tmux(1154).%2) │
zhou pts/4 2022-04-07 08:32 (tmux(1154).%3) │
zhou pts/5 2022-04-07 09:51 (tmux(1154).%4) │
zhou pts/6 2022-04-07 10:30 (tmux(1154).%6) │
root@zhou:/home/zhou/linux_kernel_hacking/3_RootkitTechniques/3.9_hiding_logged_in_users#