1 // SPDX-License-Identifier: GPL-2.0 2 3 #include <linux/ptrace.h> 4 #include <linux/bpf.h> 5 6 #include <netinet/in.h> 7 8 #include <bpf/bpf_helpers.h> 9 #include <bpf/bpf_tracing.h> 10 #include "bpf_misc.h" 11 12 static struct sockaddr_in old; 13 14 SEC("kprobe/" SYS_PREFIX "sys_connect") 15 int BPF_KPROBE(handle_sys_connect) 16 { 17 #if SYSCALL_WRAPPER == 1 18 struct pt_regs *real_regs; 19 #endif 20 struct sockaddr_in new; 21 void *ptr; 22 23 #if SYSCALL_WRAPPER == 0 24 ptr = (void *)PT_REGS_PARM2(ctx); 25 #else 26 real_regs = (struct pt_regs *)PT_REGS_PARM1(ctx); 27 bpf_probe_read_kernel(&ptr, sizeof(ptr), &PT_REGS_PARM2(real_regs)); 28 #endif 29 30 bpf_probe_read_user(&old, sizeof(old), ptr); 31 __builtin_memset(&new, 0xab, sizeof(new)); 32 bpf_probe_write_user(ptr, &new, sizeof(new)); 33 34 return 0; 35 } 36 37 char _license[] SEC("license") = "GPL"; 38