diff --git a/kerneldriver/core/secDetector_workflow.c b/kerneldriver/core/secDetector_workflow.c index 2ad97a5790c59be6ab98ed7a2108c84f75911ac1..c51c5a6bb13a85b9d6e8884912c3e26e2331a0e5 100644 --- a/kerneldriver/core/secDetector_workflow.c +++ b/kerneldriver/core/secDetector_workflow.c @@ -1,20 +1,20 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * create: 2023-09-25 - * Description: detector workflow manager - */ -#include "secDetector_workflow_type.h" - -void preset_workflow(void) { - +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * create: 2023-09-25 + * Description: detector workflow manager + */ +#include "secDetector_workflow_type.h" + +void preset_workflow(void) { + } \ No newline at end of file diff --git a/kerneldriver/include/secDetector_analyze.h b/kerneldriver/include/secDetector_analyze.h index f5dfbe09c25982fdf79293220f9dd24908a5c728..dd41d43bb906782d7c3888d46a2c2eb5968be2da 100644 --- a/kerneldriver/include/secDetector_analyze.h +++ b/kerneldriver/include/secDetector_analyze.h @@ -1,19 +1,19 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector analyze unit header - */ -#ifndef SECDETECTOR_ANALYZE_H -#define SECDETECTOR_ANALYZE_H -#include "secDetector_analyze_type.h" +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector analyze unit header + */ +#ifndef SECDETECTOR_ANALYZE_H +#define SECDETECTOR_ANALYZE_H +#include "secDetector_analyze_type.h" #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_analyze_type.h b/kerneldriver/include/secDetector_analyze_type.h index ef7705273435f026e520488a177e7ee82a15dac8..9ae648c5771329f35ac3e9c90975a4adc90b11f3 100644 --- a/kerneldriver/include/secDetector_analyze_type.h +++ b/kerneldriver/include/secDetector_analyze_type.h @@ -1,32 +1,32 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector analyze unit type header - */ -#ifndef SECDETECTOR_ANALYZE_TYPE_H -#define SECDETECTOR_ANALYZE_TYPE_H - -enum ANALYZE_TYPE{ - ANALYZE_RECORD, - ANALYZE_PRESET_START, - ANALYZE_PRESET_SAVE_CHECK = ANALYZE_PRESET_START, - ANALYZE_PRESET_FREQUENCY_RANGE, - ANALYZE_PRESET_END = ANALYZE_PRESET_FREQUENCY_RANGE, - ANALYZE_CUSTOMIZATION, -}; - -typedef union analyze_func { - void (*func)(void); - void (*analyze_record_func)(void); -}analyze_func_t; +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector analyze unit type header + */ +#ifndef SECDETECTOR_ANALYZE_TYPE_H +#define SECDETECTOR_ANALYZE_TYPE_H + +enum ANALYZE_TYPE{ + ANALYZE_RECORD, + ANALYZE_PRESET_START, + ANALYZE_PRESET_SAVE_CHECK = ANALYZE_PRESET_START, + ANALYZE_PRESET_FREQUENCY_RANGE, + ANALYZE_PRESET_END = ANALYZE_PRESET_FREQUENCY_RANGE, + ANALYZE_CUSTOMIZATION, +}; + +typedef union analyze_func { + void (*func)(void); + void (*analyze_record_func)(void); +}analyze_func_t; #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_collect.h b/kerneldriver/include/secDetector_collect.h index df4ac1f67955d2479b619f67af953152caaddab9..2a032af0d3a4e59a9b90144072e2a145411a3cc8 100644 --- a/kerneldriver/include/secDetector_collect.h +++ b/kerneldriver/include/secDetector_collect.h @@ -1,19 +1,19 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector collect unit header - */ -#ifndef SECDETECTOR_COLLECT_H -#define SECDETECTOR_COLLECT_H -#include "secDetector_collect_type.h" +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector collect unit header + */ +#ifndef SECDETECTOR_COLLECT_H +#define SECDETECTOR_COLLECT_H +#include "secDetector_collect_type.h" #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_collect_type.h b/kerneldriver/include/secDetector_collect_type.h index 1122d156e9c2a498178483d56d4ba352287e0e09..d2c6b5d9dea71761733a6943097049292c38cad9 100644 --- a/kerneldriver/include/secDetector_collect_type.h +++ b/kerneldriver/include/secDetector_collect_type.h @@ -1,44 +1,45 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector collect unit type header - */ -#ifndef SECDETECTOR_COLLECT_TYPE_H -#define SECDETECTOR_COLLECT_TYPE_H - -enum COLLECT_TYPE{ - COLLECT_TIME, - COLLECT_CURRENT_START, - COLLECT_CURRENT_PROCESS = COLLECT_CURRENT_START, - COLLECT_CURRENT_FILE, - COLLECT_CURRENT_END = COLLECT_CURRENT_FILE, - COLLECT_GLOBAL_START, - COLLECT_GLOBAL_PROCESS = COLLECT_GLOBAL_START, - COLLECT_GLOBAL_FILE, - COLLECT_GLOBAL_RESOURCE, - COLLECT_GLOBAL_END = COLLECT_GLOBAL_RESOURCE, - COLLECT_CUSTOMIZATION, -}; - -union collect_func { - void (*func)(void); - void (*COLLECT_record_func)(void); -}; - -struct secDetector_collect { - struct list_head list; - struct rcu_head rcu; - unsigned int collect_type; - union collect_func collect_func; -}; +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector collect unit type header + */ +#ifndef SECDETECTOR_COLLECT_TYPE_H +#define SECDETECTOR_COLLECT_TYPE_H +#include +enum COLLECT_TYPE{ + COLLECT_TIME, + COLLECT_CURRENT_START, + COLLECT_CURRENT_PROCESS = COLLECT_CURRENT_START, + COLLECT_CURRENT_FILE, + COLLECT_CURRENT_END = COLLECT_CURRENT_FILE, + COLLECT_GLOBAL_START, + COLLECT_GLOBAL_PROCESS = COLLECT_GLOBAL_START, + COLLECT_GLOBAL_FILE, + COLLECT_GLOBAL_RESOURCE, + COLLECT_GLOBAL_END = COLLECT_GLOBAL_RESOURCE, + COLLECT_CUSTOMIZATION, +}; + +union collect_func { + void (*func)(void); + void (*COLLECT_record_func)(void); +}; + +struct secDetector_collect { + struct list_head list; + struct rcu_head rcu; + unsigned int collect_type; + union collect_func collect_func; +}; + #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_hook_type.h b/kerneldriver/include/secDetector_hook_type.h index 97f5f6682dd55992b53feafa4a6fceaa87786a5d..ae1ce54e9c5ebf4f368031f182f4df2cc9419b86 100644 --- a/kerneldriver/include/secDetector_hook_type.h +++ b/kerneldriver/include/secDetector_hook_type.h @@ -1,31 +1,31 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector hook unit type header - */ -#ifndef SECDETECTOR_HOOK_TYPE_H -#define SECDETECTOR_HOOK_TYPE_H - -enum HOOK_TYPE { - TRACEPOINT_HOOK_START, - TRACEPOINT_CREATE_FILE = TRACEPOINT_HOOK_START, - TRACEPOINT_WRITE_FILE, - TRACEPOINT_CREATE_PROCESS, - TRACEPOINT_HOOK_END = TRACEPOINT_CREATE_PROCESS, - - HOOKEND, - - SECDETECTOR_TIMER, -}; - +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector hook unit type header + */ +#ifndef SECDETECTOR_HOOK_TYPE_H +#define SECDETECTOR_HOOK_TYPE_H + +enum HOOK_TYPE { + TRACEPOINT_HOOK_START, + TRACEPOINT_CREATE_FILE = TRACEPOINT_HOOK_START, + TRACEPOINT_WRITE_FILE, + TRACEPOINT_CREATE_PROCESS, + TRACEPOINT_HOOK_END = TRACEPOINT_CREATE_PROCESS, + + HOOKEND, + + SECDETECTOR_TIMER, +}; + #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_module_type.h b/kerneldriver/include/secDetector_module_type.h index dc9a149c3daac4189eba1fcb41dce631dca4c30b..30a13c8f8f1bf880ee0ad37f8efdefb55933fbdc 100644 --- a/kerneldriver/include/secDetector_module_type.h +++ b/kerneldriver/include/secDetector_module_type.h @@ -1,36 +1,36 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector module type header - */ -#ifndef SECDETECTOR_MODULE_TYPE_H -#define SECDETECTOR_MODULE_TYPE_H -#include -#include -#include -#include "secDetector_workflow_type.h" - -typedef struct secDetector_workflow secDetector_workflow_t; -struct secDetector_module { - struct list_head list; - struct rcu_head rcu; - unsigned int id; - char *name; - struct module *kmodule; - atomic_t enabled; - - secDetector_workflow_t *workflow_array; - uint32_t workflow_array_len; -}; - +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector module type header + */ +#ifndef SECDETECTOR_MODULE_TYPE_H +#define SECDETECTOR_MODULE_TYPE_H +#include +#include +#include +#include "secDetector_workflow_type.h" + +typedef struct secDetector_workflow secDetector_workflow_t; +struct secDetector_module { + struct list_head list; + struct rcu_head rcu; + unsigned int id; + char *name; + struct module *kmodule; + atomic_t enabled; + + secDetector_workflow_t *workflow_array; + uint32_t workflow_array_len; +}; + #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_response.h b/kerneldriver/include/secDetector_response.h index 5231b24d4f297ce3c8a33694a466b811c71e8bc5..6769394b27b91b902d71351508360ea366d3dc55 100644 --- a/kerneldriver/include/secDetector_response.h +++ b/kerneldriver/include/secDetector_response.h @@ -18,8 +18,8 @@ #include "secDetector_response_type.h" struct secdetector_response { - struct list_head list; - struct rcu_head rcu; + struct list_head list; + struct rcu_head rcu; unsigned int response_type; response_func_t response_func; }; diff --git a/kerneldriver/include/secDetector_response_type.h b/kerneldriver/include/secDetector_response_type.h index 652046793f8a82efdc435450a126d53673c1b8b2..133292da3bfb9bc293da08df3cb29be64924063a 100644 --- a/kerneldriver/include/secDetector_response_type.h +++ b/kerneldriver/include/secDetector_response_type.h @@ -18,18 +18,18 @@ #include enum { - RESPONSE_REPORT, - RESPONSE_REJECT, - NR_RESPONSE, + RESPONSE_REPORT, + RESPONSE_REJECT, + NR_RESPONSE, }; struct response_report_data { - const char *text; - size_t len; + const char *text; + size_t len; }; typedef union response_data { - struct response_report_data *report_data; + struct response_report_data *report_data; } response_data_t; typedef void (*response_func_t)(response_data_t *data); diff --git a/kerneldriver/include/secDetector_workflow.h b/kerneldriver/include/secDetector_workflow.h index 37ee8124c2afb6b9d533ec3ef6e70226e799beda..7512a8c85a32a73ae4fca6a319bb55fb890e72df 100644 --- a/kerneldriver/include/secDetector_workflow.h +++ b/kerneldriver/include/secDetector_workflow.h @@ -1,25 +1,25 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector workflow header - */ -#ifndef SECDETECTOR_WORKFLOW_H -#define SECDETECTOR_WORKFLOW_H -#include "secDetector_collect.h" -#include "secDetector_analyze.h" -#include "secDetector_response.h" -#include "secDetector_workflow_type.h" - - -void preset_workflow(void); +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector workflow header + */ +#ifndef SECDETECTOR_WORKFLOW_H +#define SECDETECTOR_WORKFLOW_H +#include "secDetector_collect.h" +#include "secDetector_analyze.h" +#include "secDetector_response.h" +#include "secDetector_workflow_type.h" + + +void preset_workflow(void); #endif \ No newline at end of file diff --git a/kerneldriver/include/secDetector_workflow_type.h b/kerneldriver/include/secDetector_workflow_type.h index 146a905c4a8d76abe793544807e3ba9b3063621a..da16c3496d05ac4fcad8e2ff01d840aa8ad7ab94 100644 --- a/kerneldriver/include/secDetector_workflow_type.h +++ b/kerneldriver/include/secDetector_workflow_type.h @@ -1,67 +1,67 @@ -/* - * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. - * secDetector is licensed under Mulan PSL v2. - * You can use this software according to the terms and conditions of the Mulan PSL v2. - * You may obtain a copy of Mulan PSL v2 at: - * http://license.coscl.org.cn/MulanPSL2 - * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, - * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, - * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. - * See the Mulan PSL v2 for more details. - * - * Author: yieux - * Create: 2023-09-25 - * Description: secDetector workflow type header - */ -#ifndef SECDETECTOR_WORKFLOW_TYPE_H -#define SECDETECTOR_WORKFLOW_TYPE_H -#include "secDetector_hook_type.h" -#include "secDetector_collect_type.h" -#include "secDetector_analyze_type.h" -#include "secDetector_response_type.h" -#include "secDetector_module_type.h" - -enum WORKFLOW_TYPE{ - WORKFLOW_CUSTOMIZATION, - WORKFLOW_PRESET, -}; - -union workflow_func { - void (*func)(void); - void (*create_file)(struct filename *); - void (*write_file)(struct filename *); - void (*create_process)(int); - void (*timer_func)(struct timer_list *); -}; - -typedef struct secDetector_module secDetector_module_t; -typedef struct secDetector_workflow { - struct list_head list; - struct rcu_head rcu; - unsigned int id; - secDetector_module_t *module; - atomic_t enabled; - unsigned int workflow_type; - union workflow_func workflow_func; - - //hook - unsigned int hook_type; - int interval; - - //collect - struct secDetector_collect *collect_array; - uint32_t collect_array_len; - - //analyze - unsigned int analyze_type; - analyze_func_t analyze_func; - - //response - struct secdetector_response *response_array; - uint32_t response_array_len; - -} secDetector_workflow_t; - - - +/* + * Copyright (c) 2023 Huawei Technologies Co., Ltd. All rights reserved. + * secDetector is licensed under Mulan PSL v2. + * You can use this software according to the terms and conditions of the Mulan PSL v2. + * You may obtain a copy of Mulan PSL v2 at: + * http://license.coscl.org.cn/MulanPSL2 + * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, + * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, + * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. + * See the Mulan PSL v2 for more details. + * + * Author: yieux + * Create: 2023-09-25 + * Description: secDetector workflow type header + */ +#ifndef SECDETECTOR_WORKFLOW_TYPE_H +#define SECDETECTOR_WORKFLOW_TYPE_H +#include "secDetector_hook_type.h" +#include "secDetector_collect_type.h" +#include "secDetector_analyze_type.h" +#include "secDetector_response_type.h" +#include "secDetector_module_type.h" + +enum WORKFLOW_TYPE{ + WORKFLOW_CUSTOMIZATION, + WORKFLOW_PRESET, +}; + +union workflow_func { + void (*func)(void); + void (*create_file)(struct filename *); + void (*write_file)(struct filename *); + void (*create_process)(int); + void (*timer_func)(struct timer_list *); +}; + +typedef struct secDetector_module secDetector_module_t; +typedef struct secDetector_workflow { + struct list_head list; + struct rcu_head rcu; + unsigned int id; + secDetector_module_t *module; + atomic_t enabled; + unsigned int workflow_type; + union workflow_func workflow_func; + + //hook + unsigned int hook_type; + int interval; + + //collect + struct secDetector_collect *collect_array; + uint32_t collect_array_len; + + //analyze + unsigned int analyze_type; + analyze_func_t analyze_func; + + //response + struct secdetector_response *response_array; + uint32_t response_array_len; + +} secDetector_workflow_t; + + + #endif \ No newline at end of file