grabpkg

[bcc]

So I made a grabpkg that runs on the native 2.4.20 tivo kernel (it dynamically finds the sys_call_table). Is everyone else running custom kernels to capture slices? I could post the changes if there's interest.

[cheer]

Please do. Not running a custom kernel, just a kernel module from AO.

[bcc]

Please do. Not running a custom kernel, just a kernel module from AO.

Oh, so it's been done already? Ie if the AO kernel module works on stock tivo kernels then a new grabpkg is unnecessary.

[cheer]

From AO, courtesy of embeem:

Code:

#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/sched.h>
#include <syscall.h>
#include <linux/fs.h>
#include <strings.h>
#include <asm/uaccess.h>
#include <sys/mman.h>

extern void *sys_call_table[];
extern struct task_struct *current_set[NR_CPUS];

static asmlinkage int (*orig_open)(const char * filename,int flags,int mode);
static asmlinkage int (*link)(const char * oldname, const char * newname);
static asmlinkage int (*symlink)(const char * oldname, const char * newname);

extern unsigned long do_mmap(struct file * file, unsigned long addr, unsigned long len,
        unsigned long prot, unsigned long flags, unsigned long off);
extern int do_munmap(unsigned long, size_t);

static char *from    = "/var/packages/";
static int  from_len = 14;
MODULE_PARM(from,"s");

static char *to      = "/tmp/";
static int to_len    = 5;
MODULE_PARM(to,"s");


static int new_open(const char * filename,int flags,int mode)
{
        int ret;
        if (filename && !strncmp(filename,from,from_len) && flags&O_WRONLY)
        {
                int len = strlen(filename) + 1 - from_len + to_len;
                char *new_file = (char *)do_mmap(0,0,len,PROT_READ | PROT_WRITE | PROT_EXEC,MAP_PRIVATE,0);

                __copy_tofrom_user((void *)(new_file+0),(const void *)to,to_len);
                __copy_tofrom_user((void *)(new_file+to_len),(const void *)(filename+from_len),len-to_len);

                ret = (*orig_open)(new_file,flags,mode);
                if ((*link)((const char *)new_file,(const char *)filename)<0) {
                        (*symlink)((const char *)new_file,(const char *)filename);
                }
                do_munmap((unsigned long)new_file,(size_t)len);
        } else {
                ret = (*orig_open)(filename,flags,mode);
        }

        return ret;
}

int init_module( void )
{
        to_len   = strlen(to);
        from_len = strlen(from);

        symlink = sys_call_table[__NR_symlink];
        link    = sys_call_table[__NR_link];

        orig_open  = sys_call_table[__NR_open];
        sys_call_table[__NR_open]  = new_open;
        return 0;
}
void cleanup_module( void ) {
        sys_call_table[__NR_open]  = orig_open;

}

[bcc]

... which requires sys_call_table to be exported, which implies you're using a custom kernel.

Why do you say you're not using a custom kernel then? By custom I mean a kernel other than the stock (or killhdinitd patched) one.

[cheer]

Ah, fair enough. I had not even noticed that. I am running a custom kernel, but only for increased extraction speed. My bad.

[bcc]

Ah, fair enough. I had not even noticed that. I am running a custom kernel, but only for increased extraction speed. My bad.

Ok, then you don't need a tweaked grabpkg, as the original will work fine in your case.

[tivo4mevo]

I would be interested in a tweaked grabpkg (that can dynamically find the sys_call_table). Do you still have this available?

[Jamie]

I haven't used this in quite some time, but it looks to me like it does the dynamic syscall table lookup. The original grabpkg code on alt.org is credited to mbm. It's possible I got this code from bcc, but I think I added the syscall table location code myself. It's all over the net if you look for it. Here's one variation, although it is for a 2.6 kernel: link.

[bcc]

Here's the version I cobbled up when I started this thread. I never cleaned it up as I had no takers way back when
As you can see I just hacked in the sys_call_table search from embeem's code in kmonte. grabpkg-adh.c is the original version I started with.