加入更多打印信息,加入设备控制
This commit is contained in:
kylin_bg
parent
4f2d1c0830
commit
7ce2f1d575
125
libusbMod.c
125
libusbMod.c
@ -29,55 +29,96 @@ static int handler_pre(struct kprobe *p, struct pt_regs *regs)
|
||||
}
|
||||
|
||||
// 打印进程信息、PID
|
||||
pr_info("[usbFilter] process: %s, pid: %d\n",
|
||||
pr_info("[usbFilter] 进程: %s, pid: %d\n",
|
||||
current->comm, current->pid);
|
||||
|
||||
// 获取端点地址、传输长度和 pipe 信息
|
||||
pr_info("[usbFilter] urb_kern: %p, pipe: 0x%08x, ep: 0x%x, len: %d\n",
|
||||
urb_kern,
|
||||
urb_kern->pipe, // 新增打印 pipe 信息
|
||||
urb_kern->ep ? urb_kern->ep->desc.bEndpointAddress : 0, // 检查 urb_kern->ep
|
||||
urb_kern->transfer_buffer_length);
|
||||
// 获取并打印 URB 的详细信息
|
||||
pr_info("[usbFilter] URB详情: 地址=%p, pipe=0x%08x, 状态=%d, 传输标志=0x%08x\n",
|
||||
urb_kern,
|
||||
urb_kern->pipe,
|
||||
urb_kern->status,
|
||||
urb_kern->transfer_flags);
|
||||
|
||||
// 打印 pipe 的解析信息
|
||||
pr_info("[usbFilter] Pipe解析: 设备地址=%d, 端点号=%d, 方向=%s, 类型=%s\n",
|
||||
usb_pipedevice(urb_kern->pipe),
|
||||
usb_pipeendpoint(urb_kern->pipe),
|
||||
usb_pipein(urb_kern->pipe) ? "IN(设备到主机)" : "OUT(主机到设备)",
|
||||
usb_pipetype(urb_kern->pipe) == PIPE_CONTROL ? "控制传输" :
|
||||
usb_pipetype(urb_kern->pipe) == PIPE_ISOCHRONOUS ? "等时传输" :
|
||||
usb_pipetype(urb_kern->pipe) == PIPE_BULK ? "批量传输" :
|
||||
usb_pipetype(urb_kern->pipe) == PIPE_INTERRUPT ? "中断传输" : "未知");
|
||||
|
||||
if (urb_kern->transfer_buffer && urb_kern->transfer_buffer_length > 0) {
|
||||
unsigned char data[16] = {0}; // 局部缓冲区,用于存放拷贝的数据
|
||||
unsigned int to_copy = min((unsigned int)16, urb_kern->transfer_buffer_length);
|
||||
bool data_copied_successfully = false;
|
||||
|
||||
// 尝试从用户空间拷贝
|
||||
if (copy_from_user(data, urb_kern->transfer_buffer, to_copy) == 0) { // 0 表示成功
|
||||
pr_info("[usbFilter] Successfully copied %u bytes using copy_from_user from user buffer at %p.\n", to_copy, urb_kern->transfer_buffer);
|
||||
data_copied_successfully = true;
|
||||
} else {
|
||||
// copy_from_user 失败
|
||||
pr_warn("[usbFilter] copy_from_user failed for buffer at %p. Attempting memcpy (assuming buffer is in kernel space).\n", urb_kern->transfer_buffer);
|
||||
|
||||
// 警告:如果 transfer_buffer 不是有效的内核地址,memcpy 可能会导致内核崩溃。
|
||||
// 这仅作为调试时的后备尝试。
|
||||
memcpy(data, urb_kern->transfer_buffer, to_copy);
|
||||
// 如果 memcpy 没有导致崩溃,我们假设数据为了打印目的是成功拷贝的。
|
||||
pr_info("[usbFilter] memcpy attempted for %u bytes from buffer at %p (assumed kernel space).\n", to_copy, urb_kern->transfer_buffer);
|
||||
data_copied_successfully = true; // 标记为成功,以便后续打印
|
||||
}
|
||||
|
||||
if (data_copied_successfully) {
|
||||
char hex[3 * 16 + 1] = {0}; // 用于存放十六进制字符串
|
||||
int i;
|
||||
for (i = 0; i < to_copy; ++i) {
|
||||
// 确保 snprintf 不会溢出 hex 缓冲区
|
||||
snprintf(hex + i * 3, sizeof(hex) - (i * 3), "%02X ", data[i]);
|
||||
}
|
||||
pr_info("[usbFilter] first %u bytes (hex): %s\n", to_copy, hex);
|
||||
}
|
||||
// 端点信息
|
||||
if (urb_kern->ep) {
|
||||
pr_info("[usbFilter] 端点信息: 地址=0x%02x, 属性=0x%02x, 最大包大小=%d, 间隔=%d\n",
|
||||
urb_kern->ep->desc.bEndpointAddress,
|
||||
urb_kern->ep->desc.bmAttributes,
|
||||
urb_kern->ep->desc.wMaxPacketSize,
|
||||
urb_kern->ep->desc.bInterval);
|
||||
} else {
|
||||
pr_info("[usbFilter] 端点信息: urb_kern->ep 为 NULL\n");
|
||||
}
|
||||
|
||||
// 打印设备信息(如果可用)
|
||||
if (urb_kern->dev) {
|
||||
pr_info("[usbFilter] USB设备: VID=0x%04x, PID=0x%04x\n",
|
||||
urb_kern->dev->descriptor.idVendor,
|
||||
urb_kern->dev->descriptor.idProduct);
|
||||
;
|
||||
}
|
||||
|
||||
// 传输缓冲区信息
|
||||
pr_info("[usbFilter] 传输缓冲区: buffer=%p, length=%d, actual_length=%d\n",
|
||||
urb_kern->transfer_buffer,
|
||||
urb_kern->transfer_buffer_length,
|
||||
urb_kern->actual_length);
|
||||
|
||||
|
||||
// 如果是等时传输,打印相关信息
|
||||
if (usb_pipetype(urb_kern->pipe) == PIPE_ISOCHRONOUS) {
|
||||
pr_info("[usbFilter] 等时传输: number_of_packets=%d, start_frame=%d, error_count=%d\n",
|
||||
urb_kern->number_of_packets,
|
||||
urb_kern->start_frame,
|
||||
urb_kern->error_count);
|
||||
}
|
||||
|
||||
// 如果是控制传输,打印setup包
|
||||
if (usb_pipetype(urb_kern->pipe) == PIPE_CONTROL && urb_kern->setup_packet) {
|
||||
struct usb_ctrlrequest *setup = (struct usb_ctrlrequest *)urb_kern->setup_packet;
|
||||
pr_info("[usbFilter] 控制传输Setup包: bRequestType=0x%02x, bRequest=0x%02x, wValue=0x%04x, wIndex=0x%04x, wLength=%u\n",
|
||||
setup->bRequestType, setup->bRequest,
|
||||
le16_to_cpu(setup->wValue), le16_to_cpu(setup->wIndex),
|
||||
le16_to_cpu(setup->wLength));
|
||||
}
|
||||
|
||||
// 传输数据内容打印
|
||||
if (urb_kern->transfer_buffer && urb_kern->transfer_buffer_length > 0) {
|
||||
unsigned char data[32] = {0}; // 增加到32字节
|
||||
unsigned int to_copy = min((unsigned int)32, urb_kern->transfer_buffer_length);
|
||||
|
||||
// 尝试从用户空间拷贝
|
||||
if (copy_from_user(data, urb_kern->transfer_buffer, to_copy) != 0) { // 0 表示成功
|
||||
memcpy(data, urb_kern->transfer_buffer, to_copy);
|
||||
}
|
||||
|
||||
char hex[3 * 32 + 1] = {0}; // 修改为适应32字节的大小
|
||||
int i;
|
||||
for (i = 0; i < to_copy; ++i) {
|
||||
// 确保 snprintf 不会溢出 hex 缓冲区
|
||||
snprintf(hex + i * 3, sizeof(hex) - (i * 3), "%02X ", data[i]);
|
||||
}
|
||||
pr_info("[usbFilter] 数据内容(hex, %u字节): %s\n", to_copy, hex);
|
||||
}
|
||||
|
||||
if(urb_kern->dev->descriptor.idVendor == 0x1a86 && urb_kern->dev->descriptor.idProduct == 0x55de) {
|
||||
pr_info("[usbFilter] 发现目标设备,阻断提交URB\n");
|
||||
regs->regs[0] = 0; // 设置 x0 寄存器(返回值)为 0 (成功)
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
// 这里一定要设置返回成功,如果不设置返回成功,将会导致一直重复发送;
|
||||
// regs->regs[0] = 0; // 设置 x0 寄存器(返回值)为 0 (成功)
|
||||
//这里return 1表示阻断,return 0 表示继续运行
|
||||
// return 1;
|
||||
return 0;
|
||||
|
||||
}
|
||||
|
||||
static int __init usb_hook_init(void)
|
||||
|
||||
Reference in New Issue
Block a user