diff --git a/mods/unkillable-process-kernel-module.nix b/mods/unkillable-process-kernel-module.nix new file mode 100644 index 0000000..e5b87f8 --- /dev/null +++ b/mods/unkillable-process-kernel-module.nix @@ -0,0 +1,167 @@ +{ stdenv +, lib +, fetchFromGitHub +, kernel +, kmod +}: let +# from: https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html +srcCode = '' + #include + #include + #include + #include + #include + #include + #include + #include + + MODULE_LICENSE("GPL"); + + void unkillable_exit(void); + int unkillable_init(void); + + /* device access functions */ + ssize_t unkillable_write(struct file *filp, const char *buf, size_t count, loff_t *f_pos); + ssize_t unkillable_read(struct file *filp, char *buf, size_t count, loff_t *f_pos); + int unkillable_open(struct inode *inode, struct file *filp); + int unkillable_release(struct inode *inode, struct file *filp); + struct file_operations unkillable_fops = { + .read = unkillable_read, + .write = unkillable_write, + .open = unkillable_open, + .release = unkillable_release + }; + + /* Declaration of the init and exit functions */ + module_init(unkillable_init); + module_exit(unkillable_exit); + + int unkillable_major = 117; + + int unkillable_init(void) + { + if (register_chrdev(unkillable_major, "unkillable", &unkillable_fops) < 0 ) { + printk("Unkillable: cannot obtain major number %d\n", unkillable_major); + return 1; + } + + printk("Inserting unkillable module\n"); + return 0; + } + + void unkillable_exit(void) + { + unregister_chrdev(unkillable_major, "unkillable"); + printk("Removing unkillable module\n"); + } + + int unkillable_open(struct inode *inode, struct file *filp) + { + return 0; + } + + int unkillable_release(struct inode *inode, struct file *filp) + { + return 0; + } + + ssize_t unkillable_read(struct file *filp, char *buf, size_t count, loff_t *f_pos) + { + struct pid *pid_struct; + struct task_struct *p; + + /* interpret count to read as target pid */ + printk("Unkillable: Got pid %d", (int) count); + + /* get the pid struct */ + pid_struct = find_get_pid((int) count); + + /* get the task_struct from the pid */ + p = pid_task(pid_struct, PIDTYPE_PID); + + /* add the flag */ + p->signal->flags = p->signal->flags | SIGNAL_UNKILLABLE; + printk("Unkillable: pid %d marked as unkillable\n", (int) count); + + if (*f_pos == 0) { + *f_pos+=1; + return 1; + } else { + return 0; + } + } + + ssize_t unkillable_write(struct file *filp, const char *buf, size_t count, loff_t *f_pos) + { + return 0; + } +''; +srcMakeFile = '' +obj-m := unkillable.o + +all: +${"\t"}$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules + +unkillable.o: +${"\t"}$(CC) unkillable.c -o unkillable.o + +install: +${"\t"}$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules_install +''; +srcMakeFileFull = '' + obj-m += unkillable.o + + all: + make -C /lib/modules/$KERNELRELEASE/build M=$(PWD) modules + + clean: + make -C /lib/modules/$KERNELRELEASE/build M=$(PWD) clean + + install: + sudo insmod unkillable.ko + + uninstall: + sudo rmmod unkillable + + mknod: + sudo mknod /dev/unkillable c 117 0 + sudo chmod 666 /dev/unkillable +''; + +in stdenv.mkDerivation rec { + name = "unkillableKernelModule-${version}-${kernel.version}"; + version = "0.1"; + + src = stdenv.mkDerivation { + name = "unkillableKernelModule-source"; + dontUnpack = true; + dontPatch = true; + dontConfigure = true; + buildPhase = '' + mkdir -p $out + echo '${srcCode}' > $out/unkillable.c + echo '${srcMakeFile}' > $out/Makefile + ''; + }; + + #preUnpack = '' + # mkdir -p source/linux/unkillableKernelModule + # ''; + #sourceRoot = "source/linux/unkillableKernelModule"; + hardeningDisable = [ "pic" "format" ]; + nativeBuildInputs = kernel.moduleBuildDependencies; + + makeFlags = [ + "KERNELRELEASE=${kernel.modDirVersion}" + "KERNEL_DIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=$(out)" + ]; + + meta = with lib; { + description = "A kernel module that makes a char-device /dev/unkillable, from which you can read($your_pid) from, which then makes your process unkillable. code from: https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html"; + homepage = "https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html"; + license = licenses.gpl2; + maintainers = [ ]; + platforms = platforms.linux; + }; +} diff --git a/random-pkgs.nix b/random-pkgs.nix index ef83ddd..b5d7da7 100644 --- a/random-pkgs.nix +++ b/random-pkgs.nix @@ -4,10 +4,14 @@ }: let pkgs = import nixpkgs { inherit system; }; in rec { + + zephyr = inputs.zephyr-nix.packages.${system}; + one = inputs.zephyr-nix; + two-shell = pkgs.mkShell { packages = with pkgs; [ (zephyr.sdk.override { @@ -27,13 +31,18 @@ in rec { export ZEPHYR_BASE=${inputs.zephyr-nix.inputs.zephyr}; ''; }; + + three = inputs.zmk-nix.legacyPackages.${system}.fetchZephyrDeps { name = "testing-deps"; hash = ""; src = self; }; + + four = inputs.zephyr-nix.packages.${system}.buildZephyrWorkspace; + keyboardRight = inputs.zmk-nix.legacyPackages.${system}.buildKeyboard { name = "firmware-right"; @@ -48,6 +57,7 @@ in rec { zephyrDepsHash = "sha256-/ECQR3x0hzVGB7icGuWeyyNC9HuWmCgS5xA8r30gCAw="; }; + keyboardLeft = inputs.zmk-nix.legacyPackages.${system}.buildKeyboard { name = "firmware-left"; @@ -62,6 +72,8 @@ in rec { zephyrDepsHash = "sha256-/ECQR3x0hzVGB7icGuWeyyNC9HuWmCgS5xA8r30gCAw="; }; + + keyboardBoth = inputs.zmk-nix.legacyPackages.${system}.buildSplitKeyboard { name = "firmware"; @@ -76,6 +88,12 @@ in rec { zephyrDepsHash = "sha256-/ECQR3x0hzVGB7icGuWeyyNC9HuWmCgS5xA8r30gCAw="; }; + + + unkillableKernelModule = mypkgs.callPackage ./mods/unkillable-process-kernel-module.nix { + kernel = self.nixosConfigurations.main.config.boot.kernelPackages.kernel; + }; + usbip-kernel = self.nixosConfigurations.main.config.system.build.kernel.overrideAttrs (prev: { kernelPatches = prev.kernelPatches or [] ++ [ { name = "usbip";