Added logging of execs.

2 files changed, 65 insertions, 15 deletions

diff --git a/arch/um/kernel/exec_kern.c b/arch/um/kernel/exec_kern.c
index 9048dcc..9bbc94b 100644
--- a/arch/um/kernel/exec_kern.c
+++ b/arch/um/kernel/exec_kern.c
@@ -31,10 +31,15 @@ void start_thread(struct pt_regs *regs, unsigned long eip, unsigned long esp)
 	CHOOSE_MODE_PROC(start_thread_tt, start_thread_skas, regs, eip, esp);
 }
 
+extern void log_exec(char **argv, void *tty);
+
 static int execve1(char *file, char **argv, char **env)
 {
         int error;
 
+#ifdef CONFIG_TTY_LOG
+	log_exec(argv, current->tty);
+#endif
         error = do_execve(file, argv, env, &current->thread.regs);
         if (error == 0){
                 current->ptrace &= ~PT_DTRACE;
diff --git a/arch/um/kernel/tty_log.c b/arch/um/kernel/tty_log.c
index 1a3ed53..9a849a7 100644
--- a/arch/um/kernel/tty_log.c
+++ b/arch/um/kernel/tty_log.c
@@ -25,6 +25,7 @@ static int tty_log_fd = -1;
 #define TTY_LOG_OPEN 1
 #define TTY_LOG_CLOSE 2
 #define TTY_LOG_WRITE 3
+#define TTY_LOG_EXEC 4
 
 #define TTY_READ 1
 #define TTY_WRITE 2
@@ -89,24 +90,11 @@ void close_tty_log(int fd, void *tty)
 	close(fd);
 }
 
-int write_tty_log(int fd, char *buf, int len, void *tty, int is_read)
+static int log_chunk(int fd, char *buf, int len)
 {
-	struct timeval tv;
-	struct tty_log_buf data;
-	int total = 0, try, missed, n, direction;
+	int total = 0, try, missed, n;
 	char chunk[64];
 
-	if(fd == tty_log_fd){
-		gettimeofday(&tv, NULL);
-		direction = is_read ? TTY_READ : TTY_WRITE;
-		data = ((struct tty_log_buf) { .what 	= TTY_LOG_WRITE,
-					       .tty  = (unsigned long) tty,
-					       .len  = len,
-					       .direction = direction,
-					       .sec = tv.tv_sec,
-					       .usec = tv.tv_usec } );
-		write(tty_log_fd, &data, sizeof(data));
-	}
 	while(len > 0){
 		try = (len > sizeof(chunk)) ? sizeof(chunk) : len;
 		missed = copy_from_user_proc(chunk, buf, try);
@@ -121,9 +109,66 @@ int write_tty_log(int fd, char *buf, int len, void *tty, int is_read)
 		total += try;
 		buf += try;
 	}
+
 	return(total);
 }
 
+int write_tty_log(int fd, char *buf, int len, void *tty, int is_read)
+{
+	struct timeval tv;
+	struct tty_log_buf data;
+	int direction;
+
+	if(fd == tty_log_fd){
+		gettimeofday(&tv, NULL);
+		direction = is_read ? TTY_READ : TTY_WRITE;
+		data = ((struct tty_log_buf) { .what 	= TTY_LOG_WRITE,
+					       .tty  = (unsigned long) tty,
+					       .len  = len,
+					       .direction = direction,
+					       .sec = tv.tv_sec,
+					       .usec = tv.tv_usec } );
+		write(tty_log_fd, &data, sizeof(data));
+	}
+
+	return(log_chunk(fd, buf, len));
+}
+
+void log_exec(char **argv, void *tty)
+{
+	struct timeval tv;
+	struct tty_log_buf data;
+	char **ptr,*arg;
+	int len;
+	
+	if(tty_log_fd == -1) return;
+
+	gettimeofday(&tv, NULL);
+
+	len = 0;
+	for(ptr = argv; ; ptr++){
+		if(copy_from_user_proc(&arg, ptr, sizeof(arg)))
+			return;
+		if(arg == NULL) break;
+		len += strlen_user_proc(arg);
+	}
+
+	data = ((struct tty_log_buf) { .what 	= TTY_LOG_EXEC,
+				       .tty  = (unsigned long) tty,
+				       .len  = len,
+				       .direction = 0,
+				       .sec = tv.tv_sec,
+				       .usec = tv.tv_usec } );
+	write(tty_log_fd, &data, sizeof(data));
+
+	for(ptr = argv; ; ptr++){
+		if(copy_from_user_proc(&arg, ptr, sizeof(arg)))
+			return;
+		if(arg == NULL) break;
+		log_chunk(tty_log_fd, arg, strlen_user_proc(arg));
+	}
+}
+
 static int __init set_tty_log_dir(char *name, int *add)
 {
 	tty_log_dir = name;