decal · January 2, 2015 10:00
diff --git a/cmdlog_lsm.c b/cmdlog_lsm.c
 static int cmdlog_bprm_secureexec(struct linux_binprm *bprm)
 {
        register const char *filename = bprm->filename, *interp = bprm->interp;

 /*
        if(*filename != *interp)
          printk("filename: %s interp: %s ", filename, interp);
        else
          printk("filename: %s ", filename);
 */

        if(filename[0] == '/' && filename[5] == 'l') {
          register const int unsafe = bprm->unsafe, argc = bprm->argc;
          void *vmemloc = (void*)bprm->p;
          register char *p = (char*)vmemloc;
          register int k = 0;
          

          printk(KERN_INFO "filename: %s interp: %s\n", filename, interp);
          printk(KERN_INFO "buf: %s\n", bprm->buf);
          printk(KERN_INFO "uid: %u gid: %u\n", bprm->cred->uid, bprm->cred->gid);

          if(unsafe) {
            printk(KERN_INFO "unsafe: ");
            
            if(unsafe & LSM_UNSAFE_SHARE)
              printk(KERN_INFO " LSM_UNSAFE_SHARE");

            if(unsafe & LSM_UNSAFE_PTRACE)
              printk(KERN_INFO " LSM_UNSAFE_PTRACE");

            if(unsafe & LSM_UNSAFE_PTRACE_CAP)
              printk(KERN_INFO " LSM_UNSAFE_PTRACE_CAP");

            printk(KERN_INFO "\n");
          }

          do {
            printk(KERN_INFO " %s ", p);

            while(*p++);
             
            p++;
          } while(argc >= k++);
        }

        /* privilege escalation? */
        if(bprm->cap_effective) 
          printk(KERN_DEBUG "CmdLog: bprm->cap_effective!\n");

        printk(KERN_INFO "\n"); 

 	return cap_bprm_secureexec(bprm);
 }

 static struct security_operations cmdlog_security_ops = {
  .name =			"cmdlog",
  .syslog = 			cmdlog_syslog,
  .bprm_secureexec =		cmdlog_bprm_secureexec
 };
	static int cmdlog_bprm_secureexec(struct linux_binprm *bprm)
	{
	register const char filename = bprm->filename, interp = bprm->interp;

	/*
	if(filename != interp)
	printk("filename: %s interp: %s ", filename, interp);
	else
	printk("filename: %s ", filename);
	*/

	if(filename[0] == '/' && filename[5] == 'l') {
	register const int unsafe = bprm->unsafe, argc = bprm->argc;
	void vmemloc = (void)bprm->p;
	register char p = (char)vmemloc;
	register int k = 0;


	printk(KERN_INFO "filename: %s interp: %s\n", filename, interp);
	printk(KERN_INFO "buf: %s\n", bprm->buf);
	printk(KERN_INFO "uid: %u gid: %u\n", bprm->cred->uid, bprm->cred->gid);

	if(unsafe) {
	printk(KERN_INFO "unsafe: ");

	if(unsafe & LSM_UNSAFE_SHARE)
	printk(KERN_INFO " LSM_UNSAFE_SHARE");

	if(unsafe & LSM_UNSAFE_PTRACE)
	printk(KERN_INFO " LSM_UNSAFE_PTRACE");

	if(unsafe & LSM_UNSAFE_PTRACE_CAP)
	printk(KERN_INFO " LSM_UNSAFE_PTRACE_CAP");

	printk(KERN_INFO "\n");
	}

	do {
	printk(KERN_INFO " %s ", p);

	while(*p++);

	p++;
	} while(argc >= k++);
	}

	/* privilege escalation? */
	if(bprm->cap_effective)
	printk(KERN_DEBUG "CmdLog: bprm->cap_effective!\n");

	printk(KERN_INFO "\n");

	return cap_bprm_secureexec(bprm);
	}

	static struct security_operations cmdlog_security_ops = {
	.name = "cmdlog",
	.syslog = cmdlog_syslog,
	.bprm_secureexec = cmdlog_bprm_secureexec
	};