__ __ __ __ _____ _ _ _____ _ _ _ | \/ | \ \ / / | __ \ (_) | | / ____| | | | | | \ / |_ __\ V / | |__) | __ ___ ____ _| |_ ___ | (___ | |__ ___| | | | |\/| | '__|> < | ___/ '__| \ \ / / _` | __/ _ \ \___ \| '_ \ / _ \ | | | | | | |_ / . \ | | | | | |\ V / (_| | || __/ ____) | | | | __/ | | |_| |_|_(_)_/ \_\ |_| |_| |_| \_/ \__,_|\__\___| |_____/|_| |_|\___V 2.1 if you need WebShell for Seo everyday contact me on Telegram Telegram Address : @jackleetFor_More_Tools:
/*
* eset_rtp (ESET Real-time file system protection module)
* Copyright (C) 1992-2025 ESET, spol. s r.o.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
* In case of any questions, you can contact us at ESET, spol. s r.o., Einsteinova 24, 851 01 Bratislava, Slovakia.
*/
#include "ertp_memory_dev.h"
#include <linux/cdev.h>
#include <linux/cred.h>
#include <linux/device.h>
#include <linux/module.h>
#include <linux/semaphore.h>
#include <linux/slab.h>
#include <linux/spinlock.h>
#include <linux/uaccess.h>
#include <linux/version.h>
#include "ertp.h"
#include "ertp_event.h"
#include "ertp_logs.h"
#define ERTP_MEM_DEV_BASE_MINOR 0
#define ERTP_MEM_DEV_MAX_COUNT 24
static dev_t mem_dev_base;
static struct cdev ertp_mem_cdev;
static struct ertp_event_memory *mem_dev_minors_usage[ERTP_MEM_DEV_MAX_COUNT];
static DEFINE_SPINLOCK(ertp_mem_dev_num_lock);
static struct class *mem_dev_class;
#define ERTP_MEM_DEV_NAME_SIZE 128
static const char *ERTP_MEM_DEV_PREFIX = "eset/mem_";
static const char *ERTP_MEM_DEV_NAME = "ertp_mem";
static const char *ERTP_MEM_CLASS_NAME = "ertp_mem_class";
struct semaphore ertp_mem_dev_semaphore;
static void init_mem_dev_minors_usage(void) {
int i;
spin_lock(&ertp_mem_dev_num_lock);
for (i = 0; i < ERTP_MEM_DEV_MAX_COUNT; i++) {
mem_dev_minors_usage[i] = NULL;
}
spin_unlock(&ertp_mem_dev_num_lock);
}
static bool get_available_mem_dev_num(struct ertp_event_memory *event,
dev_t *out) {
int i;
spin_lock(&ertp_mem_dev_num_lock);
for (i = 0; i < ERTP_MEM_DEV_MAX_COUNT; i++) {
if (!mem_dev_minors_usage[i]) {
mem_dev_minors_usage[i] = event;
spin_unlock(&ertp_mem_dev_num_lock);
ertp_event_ref(ERTP_EVENT(event));
*out = MKDEV(MAJOR(mem_dev_base), ERTP_MEM_DEV_BASE_MINOR + i);
return true;
}
}
spin_unlock(&ertp_mem_dev_num_lock);
return false;
}
static void release_mem_dev_minor_usage(dev_t num) {
struct ertp_event_memory *event = NULL;
int index = MINOR(num) - ERTP_MEM_DEV_BASE_MINOR;
if (index < 0 || index >= ERTP_MEM_DEV_MAX_COUNT ||
!mem_dev_minors_usage[index]) {
BUG();
return;
}
event = mem_dev_minors_usage[index];
spin_lock(&ertp_mem_dev_num_lock);
mem_dev_minors_usage[index] = NULL;
spin_unlock(&ertp_mem_dev_num_lock);
ertp_event_unref(ERTP_EVENT(event));
}
static struct ertp_event_memory *get_memory_event_of_used_dev_num(dev_t num) {
struct ertp_event_memory *event = NULL;
int index = MINOR(num) - ERTP_MEM_DEV_BASE_MINOR;
if (index < 0 || index >= ERTP_MEM_DEV_MAX_COUNT ||
!mem_dev_minors_usage[index]) {
BUG();
return NULL;
}
spin_lock(&ertp_mem_dev_num_lock);
event = mem_dev_minors_usage[index];
spin_unlock(&ertp_mem_dev_num_lock);
ertp_event_ref(ERTP_EVENT(event));
return event;
}
static void ertp_mem_dev_info_free(struct ertp_mem_dev_info *info) {
if (info) {
if (info->name) {
kfree(info->name);
}
kfree(info);
}
}
static char *compute_dev_name(const char *id_str) {
char *dev_name = kmalloc(ERTP_MEM_DEV_NAME_SIZE, GFP_KERNEL);
if (unlikely(!dev_name)) {
return NULL;
}
dev_name[0] = '\0';
strlcat(dev_name, ERTP_MEM_DEV_PREFIX, ERTP_MEM_DEV_NAME_SIZE);
strlcat(dev_name, id_str, ERTP_MEM_DEV_NAME_SIZE);
return dev_name;
}
static int ertp_mem_dev_open(struct inode *inode, struct file *file) {
struct ertp_event_memory *mem_event = NULL;
if (!try_module_get(THIS_MODULE)) {
return -EINVAL;
}
if (!(file->f_mode & FMODE_READ)) {
goto error;
}
mem_event = get_memory_event_of_used_dev_num(inode->i_rdev);
if (!mem_event) {
goto error;
}
file->private_data = mem_event;
return 0;
error:
module_put(THIS_MODULE);
return -EINVAL;
}
static int ertp_mem_dev_release(struct inode *inode, struct file *file) {
if (file->private_data) {
ertp_event_unref(ERTP_EVENT(file->private_data));
file->private_data = NULL;
}
module_put(THIS_MODULE);
return 0;
}
static ssize_t ertp_mem_dev_read(struct file *file, char __user *buf,
size_t size, loff_t *offset) {
int ret;
struct ertp_event_memory *mem_event;
size_t bytes_to_read;
if (size == 0) {
return 0;
}
if (!file->private_data) {
return -EINVAL;
}
mem_event = ERTP_EVENT_MEMORY(file->private_data);
if (*offset > mem_event->size) {
return 0;
}
bytes_to_read = ((*offset + size) <= mem_event->size)
? size
: (mem_event->size - *offset);
ret = copy_to_user(buf, mem_event->memory + *offset, bytes_to_read);
if (ret) {
return -EFAULT;
}
*offset += bytes_to_read;
return bytes_to_read;
}
static loff_t ertp_mem_dev_llseek(struct file *file, loff_t offset,
int whence) {
loff_t new_offset = 0;
struct ertp_event_memory *mem_event = NULL;
if (!file->private_data) {
return -EFAULT;
}
mem_event = ERTP_EVENT_MEMORY(file->private_data);
switch (whence) {
case SEEK_SET:
new_offset = offset;
break;
case SEEK_CUR:
new_offset = file->f_pos + offset;
break;
case SEEK_END:
new_offset = mem_event->size + offset;
break;
default:
return -EINVAL;
}
file->f_pos = new_offset;
return new_offset;
}
static struct file_operations mem_dev_fops = {.owner = THIS_MODULE,
.open = ertp_mem_dev_open,
.release = ertp_mem_dev_release,
.read = ertp_mem_dev_read,
.llseek = ertp_mem_dev_llseek};
int ertp_mem_dev_create(const char *id_str, struct ertp_event_memory *event,
int timeout) {
int sema_ret;
struct ertp_mem_dev_info *dev_info = NULL;
sema_ret = down_timeout(&ertp_mem_dev_semaphore, msecs_to_jiffies(timeout));
if (sema_ret) {
ertp_pr_warning("creation of mem dev file took too long (id: %s)", id_str);
return -ETIMEDOUT;
}
dev_info = kmalloc(sizeof(struct ertp_mem_dev_info), GFP_KERNEL);
if (unlikely(!dev_info)) {
return -ENOMEM;
}
dev_info->name = compute_dev_name(id_str);
if (!dev_info->name) {
goto err_dev_info;
}
if (!get_available_mem_dev_num(event, &dev_info->dev_num)) {
goto err_name;
}
dev_info->dev = device_create(mem_dev_class, NULL, dev_info->dev_num, NULL,
dev_info->name);
if (IS_ERR(dev_info->dev)) {
goto err_name;
}
event->dev_info = dev_info;
return 0;
err_name:
kfree(dev_info->name);
dev_info->name = NULL;
err_dev_info:
kfree(dev_info);
dev_info = NULL;
up(&ertp_mem_dev_semaphore);
return -1;
}
void ertp_mem_dev_destroy(struct ertp_event_memory *event) {
if (!event->dev_info) {
BUG();
return;
}
device_destroy(mem_dev_class, event->dev_info->dev_num);
release_mem_dev_minor_usage(event->dev_info->dev_num);
ertp_mem_dev_info_free(event->dev_info);
event->dev_info = NULL;
up(&ertp_mem_dev_semaphore);
}
int ertp_mem_dev_region_init(void) {
int ret = alloc_chrdev_region(&mem_dev_base, ERTP_MEM_DEV_BASE_MINOR,
ERTP_MEM_DEV_MAX_COUNT, ERTP_MEM_DEV_NAME);
if (ret) {
return 1;
}
cdev_init(&ertp_mem_cdev, &mem_dev_fops);
ret = cdev_add(&ertp_mem_cdev, mem_dev_base, ERTP_MEM_DEV_MAX_COUNT);
if (ret) {
return 1;
}
mem_dev_class = ertp_class_create(ERTP_MEM_CLASS_NAME);
if (IS_ERR(mem_dev_class)) {
unregister_chrdev_region(mem_dev_base, ERTP_MEM_DEV_MAX_COUNT);
return 1;
}
init_mem_dev_minors_usage();
sema_init(&ertp_mem_dev_semaphore, ERTP_MEM_DEV_MAX_COUNT);
return 0;
}
void ertp_mem_dev_region_deinit(void) {
cdev_del(&ertp_mem_cdev);
class_destroy(mem_dev_class);
unregister_chrdev_region(mem_dev_base, ERTP_MEM_DEV_MAX_COUNT);
}
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| .ertp_array.o.cmd | File | 67.01 KB | 0644 |
|
| .ertp_cache.o.cmd | File | 62.05 KB | 0644 |
|
| .ertp_cache_container.o.cmd | File | 51.03 KB | 0644 |
|
| .ertp_debug.o.cmd | File | 61.29 KB | 0644 |
|
| .ertp_dev.o.cmd | File | 70.46 KB | 0644 |
|
| .ertp_event.o.cmd | File | 62.23 KB | 0644 |
|
| .ertp_event_check.o.cmd | File | 62.68 KB | 0644 |
|
| .ertp_excludes.o.cmd | File | 50.98 KB | 0644 |
|
| .ertp_ftrace_hook.o.cmd | File | 88.2 KB | 0644 |
|
| .ertp_ftrace_utils.o.cmd | File | 75.37 KB | 0644 |
|
| .ertp_handlers.o.cmd | File | 88.06 KB | 0644 |
|
| .ertp_handlers_close.o.cmd | File | 88.18 KB | 0644 |
|
| .ertp_handlers_execve.o.cmd | File | 88.54 KB | 0644 |
|
| .ertp_handlers_exit.o.cmd | File | 88.51 KB | 0644 |
|
| .ertp_handlers_mmap.o.cmd | File | 88.69 KB | 0644 |
|
| .ertp_handlers_module.o.cmd | File | 88.39 KB | 0644 |
|
| .ertp_handlers_open.o.cmd | File | 88.58 KB | 0644 |
|
| .ertp_handlers_rename.o.cmd | File | 88.54 KB | 0644 |
|
| .ertp_handlers_unlink.o.cmd | File | 88.54 KB | 0644 |
|
| .ertp_heap.o.cmd | File | 67 KB | 0644 |
|
| .ertp_logs.o.cmd | File | 15.1 KB | 0644 |
|
| .ertp_memory_dev.o.cmd | File | 70.16 KB | 0644 |
|
| .ertp_mod.o.cmd | File | 88.99 KB | 0644 |
|
| .ertp_path.o.cmd | File | 65.63 KB | 0644 |
|
| .ertp_qos.o.cmd | File | 67.84 KB | 0644 |
|
| .ertp_qos_event_data.o.cmd | File | 61.74 KB | 0644 |
|
| .ertp_qos_queue.o.cmd | File | 61.73 KB | 0644 |
|
| .ertp_stats.o.cmd | File | 61.66 KB | 0644 |
|
| .ertp_sysfs.o.cmd | File | 68.08 KB | 0644 |
|
| .eset_rtp.ko.cmd | File | 256 B | 0644 |
|
| .eset_rtp.mod.cmd | File | 612 B | 0644 |
|
| .eset_rtp.mod.o.cmd | File | 67.08 KB | 0644 |
|
| .eset_rtp.o.cmd | File | 139 B | 0644 |
|
| .modules.order.cmd | File | 95 B | 0644 |
|
| Makefile | File | 1.44 KB | 0644 |
|
| ertp.h | File | 2.24 KB | 0644 |
|
| ertp_array.c | File | 4.44 KB | 0644 |
|
| ertp_array.h | File | 2.02 KB | 0644 |
|
| ertp_array.o | File | 37.93 KB | 0644 |
|
| ertp_cache.c | File | 6.42 KB | 0644 |
|
| ertp_cache.h | File | 1.51 KB | 0644 |
|
| ertp_cache.o | File | 152.7 KB | 0644 |
|
| ertp_cache_container.c | File | 4.91 KB | 0644 |
|
| ertp_cache_container.h | File | 1.84 KB | 0644 |
|
| ertp_cache_container.o | File | 38.19 KB | 0644 |
|
| ertp_debug.c | File | 1.32 KB | 0644 |
|
| ertp_debug.h | File | 1.25 KB | 0644 |
|
| ertp_debug.o | File | 14.66 KB | 0644 |
|
| ertp_dev.c | File | 13.64 KB | 0644 |
|
| ertp_dev.o | File | 245.34 KB | 0644 |
|
| ertp_event.c | File | 20.85 KB | 0644 |
|
| ertp_event.h | File | 4.98 KB | 0644 |
|
| ertp_event.o | File | 258.2 KB | 0644 |
|
| ertp_event_check.c | File | 8.15 KB | 0644 |
|
| ertp_event_check.h | File | 1.92 KB | 0644 |
|
| ertp_event_check.o | File | 157.53 KB | 0644 |
|
| ertp_excludes.c | File | 6.42 KB | 0644 |
|
| ertp_excludes.h | File | 1.48 KB | 0644 |
|
| ertp_excludes.o | File | 56.93 KB | 0644 |
|
| ertp_ftrace_hook.c | File | 4.54 KB | 0644 |
|
| ertp_ftrace_hook.h | File | 1.37 KB | 0644 |
|
| ertp_ftrace_hook.o | File | 50.73 KB | 0644 |
|
| ertp_ftrace_utils.c | File | 1.7 KB | 0644 |
|
| ertp_ftrace_utils.h | File | 1.63 KB | 0644 |
|
| ertp_ftrace_utils.o | File | 17.97 KB | 0644 |
|
| ertp_handlers.c | File | 7.86 KB | 0644 |
|
| ertp_handlers.h | File | 1.21 KB | 0644 |
|
| ertp_handlers.o | File | 44.59 KB | 0644 |
|
| ertp_handlers_close.c | File | 3.08 KB | 0644 |
|
| ertp_handlers_close.h | File | 1.72 KB | 0644 |
|
| ertp_handlers_close.o | File | 292.04 KB | 0644 |
|
| ertp_handlers_execve.c | File | 4.37 KB | 0644 |
|
| ertp_handlers_execve.h | File | 1.75 KB | 0644 |
|
| ertp_handlers_execve.o | File | 299.2 KB | 0644 |
|
| ertp_handlers_exit.c | File | 1.97 KB | 0644 |
|
| ertp_handlers_exit.h | File | 1.49 KB | 0644 |
|
| ertp_handlers_exit.o | File | 284.45 KB | 0644 |
|
| ertp_handlers_mmap.c | File | 1.92 KB | 0644 |
|
| ertp_handlers_mmap.h | File | 1.11 KB | 0644 |
|
| ertp_handlers_mmap.o | File | 280.8 KB | 0644 |
|
| ertp_handlers_module.c | File | 4.2 KB | 0644 |
|
| ertp_handlers_module.h | File | 1.53 KB | 0644 |
|
| ertp_handlers_module.o | File | 295.03 KB | 0644 |
|
| ertp_handlers_open.c | File | 3.77 KB | 0644 |
|
| ertp_handlers_open.h | File | 1.72 KB | 0644 |
|
| ertp_handlers_open.o | File | 291.44 KB | 0644 |
|
| ertp_handlers_rename.c | File | 5.14 KB | 0644 |
|
| ertp_handlers_rename.h | File | 1.75 KB | 0644 |
|
| ertp_handlers_rename.o | File | 292.21 KB | 0644 |
|
| ertp_handlers_unlink.c | File | 3.47 KB | 0644 |
|
| ertp_handlers_unlink.h | File | 1.49 KB | 0644 |
|
| ertp_handlers_unlink.o | File | 287.87 KB | 0644 |
|
| ertp_heap.c | File | 9.87 KB | 0644 |
|
| ertp_heap.h | File | 2.04 KB | 0644 |
|
| ertp_heap.o | File | 30 KB | 0644 |
|
| ertp_logs.c | File | 1.14 KB | 0644 |
|
| ertp_logs.h | File | 2.59 KB | 0644 |
|
| ertp_logs.o | File | 10.13 KB | 0644 |
|
| ertp_memory_dev.c | File | 8.34 KB | 0644 |
|
| ertp_memory_dev.h | File | 1.33 KB | 0644 |
|
| ertp_memory_dev.o | File | 224.05 KB | 0644 |
|
| ertp_mod.c | File | 3.18 KB | 0644 |
|
| ertp_mod.o | File | 28.85 KB | 0644 |
|
| ertp_path.c | File | 4.38 KB | 0644 |
|
| ertp_path.h | File | 1.31 KB | 0644 |
|
| ertp_path.o | File | 185.7 KB | 0644 |
|
| ertp_qos.c | File | 17.06 KB | 0644 |
|
| ertp_qos.h | File | 2.18 KB | 0644 |
|
| ertp_qos.o | File | 254.39 KB | 0644 |
|
| ertp_qos_event_data.c | File | 2.41 KB | 0644 |
|
| ertp_qos_event_data.h | File | 1.61 KB | 0644 |
|
| ertp_qos_event_data.o | File | 129.95 KB | 0644 |
|
| ertp_qos_queue.c | File | 4.32 KB | 0644 |
|
| ertp_qos_queue.h | File | 1.98 KB | 0644 |
|
| ertp_qos_queue.o | File | 34.61 KB | 0644 |
|
| ertp_stats.c | File | 8.53 KB | 0644 |
|
| ertp_stats.h | File | 1.53 KB | 0644 |
|
| ertp_stats.o | File | 46.95 KB | 0644 |
|
| ertp_sysfs.c | File | 5.51 KB | 0644 |
|
| ertp_sysfs.o | File | 185.59 KB | 0644 |
|
| ertp_types.h | File | 1.15 KB | 0644 |
|
| eset_rtp.h | File | 4.2 KB | 0644 |
|
| eset_rtp.ko | File | 4.46 MB | 0644 |
|
| eset_rtp.mod | File | 755 B | 0644 |
|
| eset_rtp.mod.c | File | 8.4 KB | 0644 |
|
| eset_rtp.mod.o | File | 159.15 KB | 0644 |
|
| eset_rtp.o | File | 4.29 MB | 0644 |
|
| eset_rtp_sysfs.h | File | 1.26 KB | 0644 |
|
| modules.order | File | 20 B | 0644 |
|