C语言 如何从文件描述符中获取内核空间中的绝对路径

thigvfpy  于 2023-03-07  发布在  其他
关注(0)|答案(2)|浏览(121)

我正在尝试挂钩www.example.com挂钩函数。unlinkat.my hooking function.
但是我只得到文件名而不是绝对www.example.com我想要绝对路径来比较字符串。当我尝试rm-r时,我只得到文件名,如果我得到绝对路径,那么它www.example.com请告诉我如何得到绝对路径。 path.so i want absolute path to compare string.when i try rm -r than i get only file name if i get absolute path then it works.so please tell me how i get absolute path.
我的密码是

long mw_sys_unlink(int dfd, const char *filename ,int flag)
{
        long ret;
        if( strstr(filename,"/tmp/a/"))
        {
                printk(KERN_INFO "file %s has not been deleted by kernel module\n", filename);
                return -1;
        }
        else
        {
                ret = orig_sys_unlink(dfd ,filename,flag);
                printk(KERN_INFO "file %s has been deleted", filename);
                return ret;
        }
}
kd3sttzy

kd3sttzy1#

请尝试以下操作:

char *tmp = (char*)__get_free_page(GFP_TEMPORARY);

    file *file = fget(dfd);
    if (!file) {
        goto out
    }

    char *path = d_path(&file->f_path, tmp, PAGE_SIZE);
    if (IS_ERR(path)) {
        printk("error: %d\n", (int)path);
        goto out;
    }

    printk("path: %s\n", path);
out:
    free_page((unsigned long)tmp);
l7wslrjt

l7wslrjt2#

fget也可以在linux内核中使用。
在内核5.15.33的fs/file. c中的第951行:https://elixir.bootlin.com/linux/v5.15.33/source/fs/file.c#L951

相关问题