第一步:
找到创建“proc/kmsg”的源码位置,位于fs/proc/kmsg.c
第二步:
static int __init proc_kmsg_init(void)
{
// S_IRUSR |S_IROTH
proc_create("kmsg", 0666, NULL, &proc_kmsg_operations);
//添加新的代码
proc_create("kmsg0", 0666, NULL, &proc_kmsg_operations);
return 0;
}
module_init(proc_kmsg_init);
第三步:
int do_syslog(int type, char __user *buf, int len, bool from_file)
{
bool clear = false;
static int saved_console_loglevel = -1;
int error;
error = check_syslog_permissions(type, from_file);
if (error)
goto out;
/*
error = security_syslog(type);
if (error)
return error;
*/
修改check_syslog_permissions(type, from_file);函数如下:
static int check_syslog_permissions(int type, bool from_file)
{
return 0;//最新添加
/*
* If this is from /proc/kmsg and we've already opened it, then we've
* already done the capabilities checks at open time.
*/
if (from_file && type != SYSLOG_ACTION_OPEN)
return 0;
if (syslog_action_restricted(type)) {
if (capable(CAP_SYSLOG))
return 0;
/*
* For historical reasons, accept CAP_SYS_ADMIN too, with
* a warning.
*/
if (capable(CAP_SYS_ADMIN)) {
pr_warn_once("%s (%d): Attempt to access syslog with "
"CAP_SYS_ADMIN but no CAP_SYSLOG "
"(deprecated).\n",
current->comm, task_pid_nr(current));
return 0;
}
return -EPERM;
}
return security_syslog(type);
}
5128
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
