VeNoM Posted October 7, 2013 Author Share #151 Posted October 7, 2013 I was thinking to include the module in the kernel so it can not be removed. Quote Link to comment Share on other sites More sharing options...
k3dt Posted October 7, 2013 Share #152 Posted October 7, 2013 (edited) New Synology "microupdate" techniqie is amazing! Now they can update certain files without updating a whole system.For example DSM 4.3-3776-2 fixes a vulnerabilities by updating some system sfiles. New patches are in .deb format, downloads silently and installs silently or after confirmation. Any idea how apply patch manually? tried dpkg -i *.deb but without success. DiskStation> dpkg -i smallupdate_4.3-3776-s1_all.debAuthenticating smallupdate_4.3-3776-s1_all.deb ... passed (Reading database ... 3 files and directories currently installed.) Preparing to replace smallupdate 4.3-3776-s1 (using smallupdate_4.3-3776-s1_all.deb) ... Unpacking replacement smallupdate ... Setting up smallupdate (4.3-3776-s1) ... DiskStation> edit: got it, nevermind.) Edited October 7, 2013 by Guest Quote Link to comment Share on other sites More sharing options...
neXus Posted October 7, 2013 Share #153 Posted October 7, 2013 That's why I'm working on a patch kernel side. As we have to use a custom kernel, it makes senses to tweak it for that purpose. I don't find yet why when hooking/redirect the open syscall scemd is getting the real device file (maybe it use inode to map the file to memory I don't know). It's harder than we thought but not impossible. Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 7, 2013 Author Share #154 Posted October 7, 2013 I created 2 modules. The first module is statically linked in the kernel and contains the "base". The second module is just a loader that loads, executes the init in the base, then it's unloaded. It works. I would like to remove all the traces of the loader and base with the help of https://github.com/mfontanini/Programs- ... /rootkit.c Quote Link to comment Share on other sites More sharing options...
guldhammer Posted October 9, 2013 Share #155 Posted October 9, 2013 How can i get my hands on the new DSM 4.3?? You have done a amazing work with this guys Quote Link to comment Share on other sites More sharing options...
neXus Posted October 11, 2013 Share #156 Posted October 11, 2013 Finally got it. it's a kernel patch overriding the devices seq_file if specific processes try to open it. Works like a charm I need to make some tests but sounds promising cat scemd.trace.7833 |grep -E "open\(|unlink" [f6f1ccbb] open("/usr/syno/etc.defaults/dnsdsm", O_RDONLY) = 8 [f719fd6b] open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 9 [f6f1ccbb] open("/proc/self/comm", O_RDONLY) = 9 [f719fd6b] open("/usr/syno/bin/findhostd", O_RDONLY) = 11 [f719fd6b] open("/usr/syno/synoman/webman/modules/StorageManager/storagehandler.cgi", O_RDONLY) = 11 [f719fd6b] open("/usr/syno/synoman/webman/modules/StorageManager/volumehandler.cgi", O_RDONLY) = 11 [f719fd6b] open("/usr/syno/synoman/webman/modules/PkgManApp/PkgMan.cgi", O_RDONLY) = 11 [f719fd6b] open("/usr/syno/synoman/webman/modules/PkgManApp/PkgSynoMan.cgi", O_RDONLY) = 11 [f719fd6b] open("/usr/syno/synoman/webman/modules/DSMNotify/dsmnotify.cgi", O_RDONLY) = 11 [f719fd6b] open("/lib/libdsm.so", O_RDONLY) = 11 [f719fd6b] open("/lib/libsynocgi.so", O_RDONLY) = 11 [f6f1ccbb] open("/proc/bus/pci/devices", O_RDONLY) = 8 [f6f1ccbb] open("/etc.defaults/synoinfo.conf", O_RDONLY|O_LARGEFILE) = 9 [f6f1ccbb] open("/etc.defaults/synoinfo.conf", O_RDONLY|O_LARGEFILE) = 9 -> no unlink Quote Link to comment Share on other sites More sharing options...
Mjwatling Posted October 11, 2013 Share #157 Posted October 11, 2013 @nexus great progress. Looking forward to dsm 4.3. All efforts greatly appreciated. Just sent my 413j back, ordering some h/w which is half the price and probably at least as twice as fast (g1610 intel 0ver arm... Probably more..) Thanks for efforts all! Quote Link to comment Share on other sites More sharing options...
Mjwatling Posted October 11, 2013 Share #158 Posted October 11, 2013 Ps used to be a unix developer 20 years ago so really fascinated by the process and thinking going on.... Quote Link to comment Share on other sites More sharing options...
neXus Posted October 12, 2013 Share #159 Posted October 12, 2013 Seems fine Quote Link to comment Share on other sites More sharing options...
Trantor Posted October 12, 2013 Share #160 Posted October 12, 2013 Awsome work Does the package manager work, I mean can you install several packages without removing the /dev/sd* ? Quote Link to comment Share on other sites More sharing options...
neXus Posted October 12, 2013 Share #161 Posted October 12, 2013 It seems, I just installed surveillance station, Volumes are still here. Quote Link to comment Share on other sites More sharing options...
guldhammer Posted October 12, 2013 Share #162 Posted October 12, 2013 Seems fine How do you make a copy that can be installed?? Please share Quote Link to comment Share on other sites More sharing options...
smacrae Posted October 13, 2013 Share #163 Posted October 13, 2013 yes yes, please share a copy and howto Quote Link to comment Share on other sites More sharing options...
gfacek Posted October 13, 2013 Share #164 Posted October 13, 2013 Hi, i know, it's a bit off topic, but I need to ask Vortex to do me a favor. And in fact, I can't write him a PM, I need to ask him this way. Please be gentle on me... @Vortex: You posted a link of your latest qnology-version on qnap-forum. But the file on mega doesn't exist anymore. Could you please give me a link to download this file? I have a Qnap SS-839 Pro, and don't need to have the NAS running 24h. At work I'm used to Synology-Devices, and there is an Standby-Mode I wanted to use with my Qnap, too. The only way I see to get the Standby, is to use an alternate software. And because I really like the Synology-Interface and Apps, your Qnology will be my first choice. Many thanks in advance! Regards, Tobi Quote Link to comment Share on other sites More sharing options...
Akhlan Posted October 14, 2013 Share #165 Posted October 14, 2013 Hi all, If DSM 4.3 work, when we can install 4.3 version ourselves? Quote Link to comment Share on other sites More sharing options...
np_74 Posted October 14, 2013 Share #166 Posted October 14, 2013 Great work guys , I am looking forward for getting binary to upgrade my hp N54l from DSM 4.2 to 4.3 Please share more details what's running and what's not thanks Quote Link to comment Share on other sites More sharing options...
gfacek Posted October 14, 2013 Share #167 Posted October 14, 2013 Thanks Vortex for your Message. I'll try to get 4.2 working first. Maybe then 4.3 is out... I'm looking forward to this regards Tobi Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 15, 2013 Author Share #168 Posted October 15, 2013 I now only have one statically linked kernel module (using kernel timers) that replaces the /proc/bus/pci/devices and hides its traces in /proc/kallsyms on boot. And I think I found a way to use the original pat file to install by just modifying the kernel and the ramdisk. Quote Link to comment Share on other sites More sharing options...
yup Posted October 15, 2013 Share #169 Posted October 15, 2013 I now only have one statically linked kernel module (using kernel timers) that replaces the /proc/bus/pci/devices and hides its traces in /proc/kallsyms on boot.And I think I found a way to use the original pat file to install by just modifying the kernel and the ramdisk. Great work,VeNoM!I hope 4.3 can run my NAS by your help. Quote Link to comment Share on other sites More sharing options...
neXus Posted October 15, 2013 Share #170 Posted October 15, 2013 I just added two more kernel parameters to pass pid/vid of a device considered as a "synoboot USB flash" device. No more synoboot erased and the stick doesn't appear either in file station or Storagemanager Quote Link to comment Share on other sites More sharing options...
Trexx Posted October 15, 2013 Share #171 Posted October 15, 2013 It would also be helpful to get a custom 4.3 ".pat" file for those of us running QNAP (leveraging all of Vortex hard work) who are not booting from USB, but have flashed our internal eprom. The USB route will be handy for initial testing, but would like to not have a dependency on it if possible. Well that and I am running out of USB ports Thanks again for all the hard work here. T. Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 15, 2013 Author Share #172 Posted October 15, 2013 I did it! I can now install 4.3 with an unmodified (original) pat file. The filesystem is untoched, including synobios.ko. All is done from the kernel and the ramdisk. Quote Link to comment Share on other sites More sharing options...
neXus Posted October 15, 2013 Share #173 Posted October 15, 2013 ttyS1 simulation or just removed the unload line from linuxrc ? Quote Link to comment Share on other sites More sharing options...
VeNoM Posted October 15, 2013 Author Share #174 Posted October 15, 2013 (edited) Loaded a patched synobios from ramdisk al the end of linuxrc.syno. If you think about it is obvious. SYNOLoadModules "synobios" SYNOLoadModules() { local _mod= _modpath= _args= _env= local _kv=$(KernelVersion) local _mach=$(/bin/uname -m) local _suffix=".ko" [ -f /etc.defaults/modules.conf ] && source /etc.defaults/modules.c [ -f /etc/modules.local.conf ] && source /etc/modules.local.conf # for _mod in "$@"; do _modpath=/lib/modules/${_mod}${_suffix} SYNOCheckModule $_mod && continue SYNOLoadModules checks if the module is loaded with SYNOCheckModule and doesn't load the original one. Edited October 15, 2013 by Guest Quote Link to comment Share on other sites More sharing options...
neXus Posted October 15, 2013 Share #175 Posted October 15, 2013 So we are at the same state for now with maybe two different approach. Could be nice to discuss it in pm Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.