Vortex Posted October 2, 2013 Share #126 Posted October 2, 2013 Simulate the Synology additional chip on /dev/ttyS1 is a very good idea! But dump/repack Synology property files is very bad Quote Link to comment Share on other sites More sharing options...
neXus Posted October 2, 2013 Share #127 Posted October 2, 2013 I agree it's syno property. @vortex did you check my pm ? Thanks Quote Link to comment Share on other sites More sharing options...
tsygam Posted October 2, 2013 Share #128 Posted October 2, 2013 But dump/repack Synology property files is very bad you are right, i did not think about this Quote Link to comment Share on other sites More sharing options...
Tomek Posted October 2, 2013 Share #129 Posted October 2, 2013 I follow this thread since a few weeks and I'm really amazed by your works, guys ! You deserve the congratulations of all of us Quote Link to comment Share on other sites More sharing options...
Trantor Posted October 2, 2013 Share #130 Posted October 2, 2013 I follow this thread since a few weeks and I'm really amazed by your works, guys ! You deserve the congratulations of all of us +1 I have just repacked/optimized previous xpenology builds but guys your work is amazing Can't wait to work on 4.3 build Quote Link to comment Share on other sites More sharing options...
neXus Posted October 2, 2013 Share #131 Posted October 2, 2013 Thanks it has been fun ! Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 3, 2013 Author Share #132 Posted October 3, 2013 With the info you posted I can probably manualy create a devices file for synology_bromolow_3612xs Yes, you're right, it is a hash check for files + check for hardcodes devices (like sata controller/network controller) in files vs /proc/bus/pci/devices. I do not understand why they did not also check synobios.ko I have a working DS3612xs . Thanks to Vortex's info I created /proc/bus/pci/devices Quote Link to comment Share on other sites More sharing options...
neXus Posted October 3, 2013 Share #133 Posted October 3, 2013 Here too I'm kind of busy theses days so I can only spend halt an hour max to play with... @Venom, did you filter the open hook on current->comm (process name), I mean there could be side effect if all of the open are hooked to the fake file we juste have to build an array with all of the process name calling for it (hoping no side effect) and compare with current->comm. Another thing, I got issue with ia32_sys_call_table at first (because of 64 bit architecture and 32 bits binaries), I made an ugly "hack" (#define __NR32_OPEN = 5), how did you deal with ? If you can share your code I can also share mine. Tanks. I started to look to emulate the ttyS1 device for for example the get_micropid() function with a proper return, it could be easy to do. In fact binaries like scemd use ioctl to /dev/synobios and synobios.ko deal with /dev/ttyS1 (with is a serial device to manage leds, button,...). the module contain also some kernel function to deal with satacontrol and disks. So with a little work, we could : Generate a custom synoboot from pat file : - get the rd.gz and add the module to fake the system (need to be added before synobios.ko) - add a custom kernel for better compatibility (64bits / drivers) Install the DSM from the genuine PAT file without any patching or rebuilding. This way we don't "break" any Synology property. Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 3, 2013 Author Share #134 Posted October 3, 2013 I tried it your way. I only hooked on /proc/bus/pci/devices using sample code from the https://github.com/mfontanini/Programs-Scripts/blob/master/rootkit/rootkit.c. Take a look at it, should help. Then I took a different approach. I created /proc/virtual_devices, removed /proc/bus/pci/devices then symlink /proc/bus/pci/devices to /proc/virtual_devices. static int __init dsmcheck_proc_init(void) { if ( strcmp(syno_hw_version, "synology_bromolow_3612xs") == 0 || strcmp(syno_hw_version, "synology_x86_1511+") == 0 ) { created_virtual_devices = true; printk(KERN_INFO "DSMCHECK : %s found, creating virtual devices\n", syno_hw_version); remove_proc_entry("bus/pci/devices", NULL); proc_create("virtual_devices", 0, NULL, &dsmcheck_proc_fops); proc_symlink("bus/pci/devices", NULL, "../../virtual_devices"); } else { printk(KERN_INFO "DSMCHECK : %s found, not supported yet, skipping\n", syno_hw_version); } return 0; } I insert my module from /etc/rc using syno_hw_version=$UNIQUE as param. # insert virtual devices module insmod /root/dsmcheck.ko syno_hw_version=$UNIQUE I will share the module once I am sure there is no problem. Quote Link to comment Share on other sites More sharing options...
neXus Posted October 3, 2013 Share #135 Posted October 3, 2013 Hmm removing the entry could have side effect if other processes try to gather information about it. Quote Link to comment Share on other sites More sharing options...
doedels Posted October 3, 2013 Share #136 Posted October 3, 2013 for /dev/ttyS1 look here --> http://smallhacks.wordpress.com/2012/04 ... -devttys1/ Quote Link to comment Share on other sites More sharing options...
neXus Posted October 3, 2013 Share #137 Posted October 3, 2013 Thanks got that one already good stuff in here. Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 3, 2013 Author Share #138 Posted October 3, 2013 I just finished the other module that does the hooking on /proc/bus/pci/devices LE : Works like a charm. Quote Link to comment Share on other sites More sharing options...
yup Posted October 3, 2013 Share #139 Posted October 3, 2013 From the beginning of this thread,I have been concerned about this progress.GOOD job! Quote Link to comment Share on other sites More sharing options...
k3dt Posted October 4, 2013 Share #140 Posted October 4, 2013 Congratulations guys! IMO hooking was the best possible (and clean!) solution. Please give required files to Trantor so he can make test build. Can't wait Quote Link to comment Share on other sites More sharing options...
myhtpc Posted October 4, 2013 Share #141 Posted October 4, 2013 Hey Guys, you are so great. I'm using Transtor's 4.2 3211 with some limitation (have a H87 Intel Board and this seems not to be fully recognized). I hope, that this 4.3 will include newest hardware driver support;-) I'll stop working to optimize my 4.2 (e.g. dsaudio doesn't work) and continue with 4.3 once it is there. But don't hurry, you already did a great job and I can wait some more time before jumping on that new train. all the best myhtpc Quote Link to comment Share on other sites More sharing options...
interested Posted October 4, 2013 Share #142 Posted October 4, 2013 I knew you would make it. In this time and case, I think that the word thank you is not enough. Quote Link to comment Share on other sites More sharing options...
Trexx Posted October 4, 2013 Share #143 Posted October 4, 2013 I appreciate all the time and effort people have put into working through these new hurdles. I hope there will be a 4.3 QNap x59 release for this, similar to what Vortex has released in the past. Thanks again, T. Quote Link to comment Share on other sites More sharing options...
toshas Posted October 4, 2013 Share #144 Posted October 4, 2013 THANKS A LOT! Guys, great job! p.s. You are very familiar with Linux tools. You proved it once more. Could you look at one old problem in Xpenology - BIOS goes to reset state (there are several reports for different hardware configurations) when power-off shedule is enabled? thanks again! Quote Link to comment Share on other sites More sharing options...
Trantor Posted October 5, 2013 Share #145 Posted October 5, 2013 @VeNoM and @ Vortex: If you want I can repack your testing files/modules into a debug 4.3 build so we can test it and fix remaining issue ? Quote Link to comment Share on other sites More sharing options...
k3dt Posted October 6, 2013 Share #146 Posted October 6, 2013 Did someone test mount --rbind command? ( mount --rbind /tmp/pci/ /proc/bus/pci/ ) should do the same. Quote Link to comment Share on other sites More sharing options...
k3dt Posted October 7, 2013 Share #147 Posted October 7, 2013 Yep.. it works too! No kernel module required. No modifications. Just mount edited directory(file). https://www.dropbox.com/s/iiln8gdp7gr6h ... .41.23.png Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 7, 2013 Author Share #148 Posted October 7, 2013 The problem with this is that if you unmount, /dev/sda will get deleted. Even if my module gets unloaded cat /proc/bus/pci/devices returns null so the check doesn't do anything (I spoke too soon, it will remove /dev/sda). DiskStation43> dmesg | grep DSM [ 2.785396] DSMVD : synology_x86_1511+ found, hooking virtual devices DiskStation43> rmmod dsmvd DiskStation43> dmesg | grep DSM [ 2.785396] DSMVD : synology_x86_1511+ found, hooking virtual devices [ 96.543365] DSMVD : unhooking virtual devices, replacing with NULL DiskStation43> cat /proc/bus/pci/devices cat: read error: Invalid argument Anyway, I would not use 4.3 with this check in production. Syno can do anything in their apps, so they can unload/unmount anything we do here. So let's say you install/update AudioStation and then you notice that all your data is gone. Quote Link to comment Share on other sites More sharing options...
k3dt Posted October 7, 2013 Share #149 Posted October 7, 2013 (edited) Anyway, I would not use 4.3 with this check in production. Syno can do anything in their apps, so they can unload/unmount anything we do here. So let's say you install/update AudioStation and then you notice that all your data is gone. Agree. But I'll use 4.3 in production New features are important for me. I will not have problem check updated packages if they are safe before upgrading. Edited October 7, 2013 by Guest Quote Link to comment Share on other sites More sharing options...
Vortex Posted October 7, 2013 Share #150 Posted October 7, 2013 New Synology "microupdate" techniqie is amazing! Now they can update certain files without updating a whole system. For example DSM 4.3-3776-2 fixes a vulnerabilities by updating some system sfiles. New patches are in .deb format, downloads silently and installs silently or after confirmation. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.