Added all ioctl commands

2025-07-17 20:43:21 +00:00 · 2015-11-28 19:26:35 +01:00
parent b316a7bb57
commit 65c3b2584d
2 changed files with 97 additions and 9 deletions
--- a/rtscan/README.md
+++ b/rtscan/README.md
@ -1,5 +1,44 @@
-# Interact with /dev/res
+# Interact with `rtscan`

 `resctl.py` can be used to interact with `rtscan` kernel module via ioctl calls to `/dev/res`.

-**TODO**: Implement all ioctl calls
+*Note*: On Red Star 3.0 this needs to be executed with root privileges.
+
+## Usage Examples
+
+### Disable/Enable `rtscan`
+
+```
+# python resctl.py disable
+```
+```
+# python resctl.py enable
+```
+
+### Protect/Hide a File
+
+The following example adds a new file extension to the list of scanned extensions and a new file to the protected and hidden files:
+
+```
+# cat /tmp/secret.32c3
+Kim loves Katy
+# python resctl.py setsign .32c3
+# python resctl.py protect /tmp/secret.32c3
+# python resctl.py hide /tmp/secret.32c3
+# cat /tmp/secret.32c3
+cat: /tmp/secret.32c3: Operation not permitted
+```
+
+Disabling `rtscan` will make the file readable again:
+
+```
+# python resctl.py disable
+# cat /tmp/secret.32c3
+Kim loves Katy
+```
+
+*Note*: The default list of extensions added by `opprc`:
+
+```
+.mpg.dat.avi.vob.gif.doc.pdf.ppt.xls.mp3.wav.mpa.wma.asf.mp2..jpg.bmp.png.tif.jpeg.tiff.mov.wmv.mp4.rm.rmv.rmvb.swf.flv.3gp.chm..djuv.djv.caj.kdh.teb.nh.caa.docx.xlsx.pptx.txt.htm.html.mht.hwp.pdg.
+```
--- a/rtscan/resctl.py
+++ b/rtscan/resctl.py
@ -1,11 +1,60 @@
 #!/usr/bin/env python2
-from fcntl import ioctl
+# This needs to run under Python2.6
+import sys
+import fcntl

-filename = '/dev/res'
-fd = open(filename, 'wb')
-ret = ioctl(fd, 29187, 0)
+DEV = '/dev/res'
+SCAN_ENABLE = 29188
+SCAN_DISABLE = 29187
+ADD_PID = 29189
+DEL_PID = 29193
+RECV_FILES = 29191
+PROTECT_FILE = 29192
+UNPROTECT_FILE = 29194
+HIDE_FILE = 29195
+UNHIDE_FILE = 29196
+SET_SIGN_EXTS = 29197
+GET_SIGN_EXTS = 29198

-if ret is not 0:
-    print('Error')
+if __name__ == '__main__':
+    if len(sys.argv) < 2:
+        print('usage: {s} [CMD] [ARG]'.format(s=sys.argv[0]))
+        sys.exit(1)

-fd.close()
+    CMD = sys.argv[1]
+
+    if len(sys.argv) is 3:
+        ARG = sys.argv[2]
+    else:
+        ARG = 0
+
+    if CMD == 'enable':
+        CMD = SCAN_ENABLE
+    elif CMD == 'disable':
+        CMD = SCAN_DISABLE
+    elif CMD == 'pid':
+        CMD = ADD_PID
+    elif CMD == 'unpid':
+        CMD = DEL_PID
+    elif CMD == 'recv':
+        CMD = RECV_FILES
+    elif CMD == 'protect':
+        CMD = PROTECT_FILE
+    elif CMD == 'unprotect':
+        CMD = UNPROTECT_FILE
+    elif CMD == 'hide':
+        CMD = HIDE_FILE
+    elif CMD == 'unhide':
+        CMD = UNHIDE_FILE
+    elif CMD == 'setsign':
+        CMD = SET_SIGN_EXTS
+    elif CMD == 'getsign':
+        CMD = GET_SIGN_EXTS
+    else:
+        print('unknown command: {c}'.format(c=CMD))
+        sys.exit(1)
+
+    fd = open(DEV, 'wb')
+    ret = fcntl.ioctl(fd, CMD, ARG)
+    print(ret)
+    fd.close()