#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/usbdevice_fs.h>
#include <linux/kprobes.h>
#include <linux/sched.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Leo");
MODULE_DESCRIPTION("Hook USBDEVFS_SUBMITURB ioctl on arm64");

static struct kprobe kp;

static int handler_pre(struct kprobe *p, struct pt_regs *regs)
{
    unsigned int cmd = 0;

    cmd = (unsigned int)regs->regs[1]; // ioctl 的第二个参数

    if (cmd == USBDEVFS_SUBMITURB) {
        pr_info("[usbFilter] process: %s, pid: %d, called USBDEVFS_SUBMITURB ioctl\n", current->comm, current->pid);
    }
    return 0;
}

static int __init usb_hook_init(void)
{
    kp.symbol_name = "usbdev_do_ioctl";
    kp.pre_handler = handler_pre;

    if (register_kprobe(&kp) < 0) {
        pr_err("[usbFilter] register_kprobe failed\n");
        return -1;
    }
    pr_info("[usbFilter] kprobe registered for %s\n", kp.symbol_name);
    return 0;
}

static void __exit usb_hook_exit(void)
{
    unregister_kprobe(&kp);
    pr_info("[usbFilter] kprobe unregistered\n");
}

module_init(usb_hook_init);
module_exit(usb_hook_exit);