/
usr
/
src
/
file_protector-1.1-1497
/
common
/
File Upload :
llllll
Current File: //usr/src/file_protector-1.1-1497/common/transport_protocol.h
/** @file @brief kernel and userspace transport protocol @details Copyright (c) 2017 Acronis International GmbH @author Mikhail Krivtsov (mikhail.krivtsov@acronis.com) @since $Id: $ */ #pragma once // Note: This file is shared between kernel and user space transport code. // Note: Linux kernel build system defines '__KERNEL__' #if defined __KERNEL__ #include <linux/types.h> // bool, [u]int(8|16|32|64)_t, pid_t #else #include <stdbool.h> // bool #include <stdint.h> // [u]int(8|16|32|64)_t #include <sys/types.h> // pid_t #endif #if !defined PACKED #define PACKED __attribute__((packed)) #endif // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #define TRANSPORT_DEVICE_NAME "apl_transport" // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /* Each message is either a 'query' or a 'reply'. Each message contains an identifier ('id') necessary to match 'reply' to corresponding 'query'. Zero 'id' in 'query' means that 'reply' is not necessary. 'reply' with zero 'id' is not used. */ typedef uint64_t msg_id_t; typedef enum { MT_HELLO, MT_PING, MT_PONG, MT_PID_SET_ST, MT_PID_DEL, MT_GET_PID_INFO, MT_PID_INFO, MT_GET_FS_ROOT, MT_FS_ROOT, MT_EXEC, MT_EXIT, MT_FORK, // file system events: MT_DIR_OPEN, MT_DIR_WRITE, MT_DIR_CLOSE, MT_FILE_PRE_CREATE, MT_FILE_CREATE, MT_FILE_PRE_OPEN, MT_FILE_OPEN, MT_FILE_PRE_WRITE, MT_FILE_WRITE, MT_FILE_CLOSE, MT_PRE_RENAME, MT_RENAME, MT_PRE_UNLINK, MT_UNLINK, } msg_type_t; typedef uint8_t msg_type_img_t; typedef struct PACKED { msg_id_t id; msg_type_img_t type; // msg_type_t bool reply; uint8_t payload[0]; } msg_img_t; inline static msg_id_t msg_img_id(const msg_img_t *msg_img) { return msg_img->id; } inline static msg_type_img_t msg_img_type(const msg_img_t *msg_img) { return msg_img->type; } inline static bool msg_img_is_reply(const msg_img_t *msg_img) { return msg_img->reply; } inline static bool msg_img_is_reply_required(const msg_img_t *msg_img) { return msg_img_id(msg_img) && !msg_img_is_reply(msg_img); } // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /* Generic 'reply' message */ // Note: Empty 'reply' may be used as shortcut for 'default' reply /* // Legacy 'reply_img_t' typedef struct PACKED { uint8_t reply[0]; } reply_img_t; */ typedef enum { RT_ALLOW, RT_BLOCK, } reply_type_t; typedef uint8_t reply_type_img_t; typedef struct PACKED { reply_type_img_t type; uint8_t payload[0]; } reply_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /* 'hello' message is sent on 'first' user space connection. */ typedef struct PACKED { // TODO: add version information here uint8_t payload[0]; } hello_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /* 'transport' testing 'pong' message is 'high level' reply to 'ping' message. 'pong' message returns 'payload' from 'ping' message. 'ping' and 'pong' messages can be sent in both 'synchronous' (i.e with *_reply') and 'asynchronous' (i.e without *_reply') modes. 'ping_reply' and 'pong_reply' are respective 'low level' confirmations for 'ping' and 'pong' messages. They do not return 'payload'. Instead they return some arbitrary 'reply'. */ typedef uint64_t ping_pong_sequence_t; typedef struct PACKED { ping_pong_sequence_t sequence; uint8_t payload[0]; } ping_img_t; typedef struct PACKED { ping_pong_sequence_t sequence; uint8_t payload[0]; } pong_img_t; typedef struct PACKED { uint8_t reply[0]; } ping_reply_img_t; typedef struct PACKED { uint8_t reply[0]; } pong_reply_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /* task_info_map management */ typedef uint32_t pid_img_t; typedef uint32_t uid_img_t; typedef uint32_t gid_img_t; // FIXME: rename 'task_status' to '([fs_]events|monitoring|watch)[ mode]' typedef enum { TS_UNKNOWN, // 0, initial default TS_IGNORE, // active protection daemon and friends TS_WHITE, // harmless TS_BLACK, // harmful TS_GREY, // FIXME: What is this for? } task_status_t; typedef struct PACKED { pid_img_t pid; // pid_t task_status_t status; } pid_set_st_img_t; typedef struct PACKED { pid_img_t pid; // pid_t } pid_del_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // MT_GET_PID_INFO typedef struct PACKED { pid_img_t pid; // pid_t } get_pid_info_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // MT_PID_INFO typedef struct PACKED { pid_img_t pid; // pid_t pid_img_t tid; // pid_t char path[0]; } pid_info_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // MT_GET_FS_ROOT typedef struct PACKED { pid_img_t pid; // pid_t } get_fs_root_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // MT_FS_ROOT typedef struct PACKED { char fs_root[0]; } fs_root_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - typedef struct PACKED { pid_img_t pid; // pid_t pid_img_t tid; // pid_t pid_img_t ppid; // pid_t pid_img_t ptid; // pid_t int8_t sure; // false if process is new for task_info_map char path[0]; } exec_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - typedef struct PACKED { pid_img_t pid; // pid_t pid_img_t tid; // pid_t } exit_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - typedef struct PACKED { struct PACKED { pid_img_t pid; // pid_t pid_img_t tid; // pid_t } parent; struct PACKED { pid_img_t pid; // pid_t pid_img_t tid; // pid_t } child; } fork_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - /* File system events Note: File system events must be 'synchronous' to let userspace backup affected files prior to any actual modification by kernel. */ typedef struct PACKED { pid_img_t pid; // pid_t pid_img_t tid; // pid_t uid_img_t fsuid; gid_img_t fsgid; uint8_t payload[0]; } fs_event_img_t; typedef uint64_t offset_img_t; // Note: 'loff_t' is 'signed' typedef uint64_t size_img_t; // 'RW' message is for CREAT, OPEN, [PRE_]WRITE // Note: 'offset' and 'count' are relevant for 'write' only typedef struct PACKED { int64_t ret_val; uint32_t flags; offset_img_t offset; // loff_t size_img_t count; // size_t char path[0]; } fs_event_rw_img_t; typedef struct PACKED { int64_t ret_val; uint32_t flags; // oldname = names[0] // newname = names[newname_offset] uint16_t newname_offset; char names[0]; } fs_event_rename_img_t; typedef struct PACKED { int64_t ret_val; uint32_t flag; char path[0]; } fs_event_unlink_img_t; // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - typedef enum { IOCTL_READ_MSG = 1, IOCTL_WRITE_MSG = 2, IOCTL_WRITE_AND_READ_MSG = 3, } ioctl_cmd_t; typedef uint16_t ioctl_size_img_t; typedef struct PACKED { ioctl_size_img_t capacity; // payload capacity; ioctl_size_img_t size; // actual payload size; uint8_t payload[0]; } ioctl_hdr_t;
Copyright ©2k19 -
Hexid
|
Tex7ure