/*Check Stack - by Breno_BSD This kernel thread will verify the stack area of almost all tasks and try to safe your system of stack overflow ( just when the size of of stack is almost the same STK_LIM) */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define THREAD 1 #define STACK_LIMIT 8192 int check_stack() { struct task_struct *p = NULL; struct vm_area_struct *vma; unsigned long stack_size, stack_addr, stack_ptr; daemonize(); sprintf(current->comm,"CHECK_STACK"); for(;;schedule()) { for_each_task(p) /*Lets get all process*/ { if((p->mm != NULL) && (p->pid != 1)) { stack_addr = p->mm->start_stack; stack_ptr = p->thread.esp; vma = find_vma(p->mm,stack_addr); /*find stack vma*/ if(!vma) return 0; stack_size = (vma->vm_end - vma->vm_start)/PAGE_SIZE; /*Check the size*/ if(stack_size >= (STACK_LIMIT - 1024)) { if(stack_size >= (STACK_LIMIT - 100)) /*Oops , this is not very good */ { printk(KERN_CRIT"Process not safe\n"); force_sig(SIGKILL,p); return 0; } printk(KERN_CRIT"Process %s pid: %d\n",p->comm,p->pid); printk(KERN_CRIT"Stack size %lu k\n",stack_size); printk(KERN_CRIT"Start start addr %lu\n",stack_addr); printk(KERN_CRIT"Stack pointer %lu\n",stack_ptr); vma->vm_flags &= ~(VM_WRITE | VM_READ); /*The stack is big enough*/ return 0; } } } } return 0; } int init_module() { int th_pid[THREAD]; int i; for(i = 0;i < THREAD;i++) th_pid[i] = kernel_thread(check_stack,NULL,CLONE_SIGHAND); if(th_pid[i] < 0) printk(KERN_CRIT"Cannot create thread\n"); return 0; } void cleanup_module() { }