Add logging functionality

Author: axtloss

config.yml

@@ -1,4 +1,4 @@
-log_file: /dev/log
+log_file: ./log.txt
 syscalls:
     - umount2:
         log: true
@@ -14,8 +14,6 @@ syscalls:
         arg0_char: true
         arg1: 2
         arg1_char: false
-    - fsmount:
+    - getdents64:
         log: true
         block: false
-        arg0: "/etc/abroot.conf"
-        arg0_char: true

parse_config.sh

@@ -21,6 +21,7 @@ header_template = """
 #define LOG_FILE "{PYLOGFILE}"
 
 struct syscall {{
+  char *name;
   long callnum;
   bool log;
   bool block;
@@ -39,7 +40,7 @@ struct syscall {{
 
   struct syscall *next;
   struct syscall *prev;
-}} syscall_default = {{-1, false, false, NULL, -1, NULL, -1, NULL, -1, NULL, -1, NULL, -1, NULL, -1, NULL, NULL}};
+}} syscall_default = {{NULL, -1, false, false, NULL, -1, NULL, -1, NULL, -1, NULL, -1, NULL, -1, NULL, -1, NULL, NULL}};
 
 typedef struct syscall syscall;
 
@@ -52,7 +53,7 @@ return {FIRSTVARNAME};
 
 structbuild_template = {
     "var_define": "syscall *{varname} = (struct syscall *) malloc(sizeof(syscall));\nmemcpy({varname}, &syscall_default, sizeof(syscall));\n",
-    "set_name": '{varname}->callnum = {name};\n',
+    "set_name": '{varname}->name = (char *) malloc(strlen("{name}")+1);\nstrcpy({varname}->name, "{name}");\n{varname}->callnum = {name};\n',
     "set_log": "{varname}->log = {log};\n",
     "set_block": "{varname}->block = {block};\n",
     "set_arg_char": '{varname}->{argname} = (char *) malloc(strlen("{arg}")+1);\nstrcpy({varname}->{argname}, "{arg}");\n',
@@ -200,7 +201,7 @@ class Syscall:
         if parsed.get("log") is not None:
             call.log = bool(parsed.get("log"))
         if parsed.get("block") is not None:
-            call.block = bool(parsed.get("log"))
+            call.block = bool(parsed.get("block"))
         if parsed.get("arg0") is not None:
             call.arg0 = str(parsed.get("arg0"))
             call.arg0_char = bool(parsed.get("arg0_char"))

src/Makefile.in

@@ -336,7 +336,7 @@ top_srcdir = @top_srcdir@
 lib_LTLIBRARIES = libsyscall_interceptor.la
 libsyscall_interceptor_la_SOURCES = main.c
 libsyscall_interceptor_la_CFLAGS = -fpic -lsyscall_intercept
-libsyscall_interceptor_la_LDFLAGS = -version-info 1:0:0 -Og
+libsyscall_interceptor_la_LDFLAGS = -version-info 1:0:0
 all: all-am
 
 .SUFFIXES:

src/main.c

@@ -7,6 +7,7 @@
 #include <syscall.h>
 #include <errno.h>
 #include <strings.h>
+#include <time.h>
 
 bool
 has_flag(long search_flag, long all_flags) {
@@ -50,6 +51,17 @@ match_args(syscall *call, long arg0, long arg1, long arg2, long arg3, long arg4,
     return arg0_match && arg1_match && arg2_match && arg3_match && arg4_match && arg5_match;
 }
 
+void
+log_call(syscall *call) {
+    FILE *log_file;
+    time_t t = time(NULL);
+    struct tm timestruc = *localtime(&t);
+
+    log_file = fopen(LOG_FILE, "a");
+    fprintf(log_file, "Intercepted call %s at %d-%02d-%02d %02d:%02d:%02d\n", call->name, timestruc.tm_year+1900, timestruc.tm_mon+1, timestruc.tm_mday, timestruc.tm_hour, timestruc.tm_min, timestruc.tm_sec);
+    fclose(log_file);
+}
+
 static int
 hook (long syscall_number,
       long arg0, long arg1,
@@ -62,6 +74,9 @@ hook (long syscall_number,
         if (call->callnum == syscall_number
             && match_args(call, arg0, arg1, arg2, arg3, arg4, arg5))
         {
+            if (call->log) {
+                log_call(call);
+            }
             if (call->block) {
                 *result = -ENOTSUP;
                 return 0;