Add experimental tsak program

tsak may make its way into kdebase in the near future...stay tuned!

3 files changed, 307 insertions, 0 deletions

diff --git a/tsak/Makefile b/tsak/Makefile
new file mode 100644
index 0000000..c234043
--- /dev/null
+++ b/tsak/Makefile
@@ -0,0 +1,15 @@
+CC=g++
+CFLAGS=-c -Wall
+LDFLAGS=
+SOURCES=main.cpp
+OBJECTS=$(SOURCES:.cpp=.o)
+EXECUTABLE=tsak
+
+all: $(SOURCES) $(EXECUTABLE)
+	
+$(EXECUTABLE): $(OBJECTS) 
+	$(CC) $(LDFLAGS) $(OBJECTS) -o $@
+
+.cpp.o:
+	$(CC) $(CFLAGS) $< -o $@
+ 
diff --git a/tsak/README b/tsak/README
new file mode 100644
index 0000000..ef2fe0c
--- /dev/null
+++ b/tsak/README
@@ -0,0 +1,9 @@
+This is an experimental SAK filter that uses evdev and friends to:
+1.) Signal when a SAK (currently hardcoded as Ctrl+Alt+DEL) is pressed
+    This signal is ONLY available to applications running as root
+2.) Filter any SAK press events out, so that no non-root applications are aware of them if they occur.
+    In fact, even root applications will be unaware of the SAK press unless they are monitoring
+    the out-of-band SAK interface.
+
+The interface is very simple.  Listen on /tmp/ksocket-global/tsak and you will receive the null-terminated string "SAK\n\r" when the SAK is pressed.
+Note that the string may be sent multiple times, especially if the SAK is held down.
diff --git a/tsak/main.cpp b/tsak/main.cpp
new file mode 100644
index 0000000..ad32b3c
--- /dev/null
+++ b/tsak/main.cpp
@@ -0,0 +1,283 @@
+/*
+Copyright 2010 Adam Marchetti
+Copyright 2011 Timothy Pearson <kb9vqf@pearsoncomputing.net>
+
+This file is part of tsak.
+
+tsak is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as
+published by the Free Software Foundation, either version 3
+of the License, or (at your option) any later version.
+
+tsak is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public
+License along with tsak. If not, see http://www.gnu.org/licenses/.
+
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <dirent.h>
+#include <linux/input.h>
+#include <linux/uinput.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/select.h>
+#include <sys/time.h>
+#include <termios.h>
+#include <signal.h>
+
+#define FIFO_DIR "/tmp/ksocket-global"
+#define FIFO_FILE_OUT "/tmp/ksocket-global/tsak"
+#define PIPE_CHECK_INTERVAL 50
+
+#define TestBit(bit, array) (array[(bit) / 8] & (1 << ((bit) % 8)))
+
+typedef unsigned char byte;
+
+bool        mPipeOpen_out;
+int         mPipe_fd_out;
+
+struct sigaction usr_action;
+sigset_t block_mask;
+
+char *keycode[256] =
+{
+	"", "<esc>", "1", "2", "3", "4", "5", "6", "7", "8",
+	"9", "0", "−", "=", "<backspace>", "<tab>", "q", "w", "e", "r",
+	"t", "y", "u", "i", "o", "p", "[", "]", "\n", "<control>",
+	"a", "s", "d", "f", "g", "h", "j", "k", "l", ";",
+	"'", "", "<shift>", "\\", "z", "x", "c", "v", "b", "n",
+	"m", ",", ".", "/", "<shift>", "", "<alt>", " ", "<capslock>",
+	"<f1>", "<f2>", "<f3>", "<f4>", "<f5>", "<f6>", "<f7>", "<f8>", "<f9>", "<f10>",
+	"<numlock>", "<scrolllock>", "", "", "", "", "", "", "", "",
+	"", "", "\\", "f11", "f12", "", "", "", "", "",
+	"", "", "", "<control>", "", "<sysrq>", "", "", "<control>", "", "",
+	"<alt>", "", "", "", "", "", "", "", "", "",
+	"", "<del>", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", "",
+	"", "", "", "", "", "", "", "", "", ""
+};
+
+/* returns 1 if bit number i is set, otherwise returns 0 */
+int bit_set(size_t i, const byte* a)
+{
+  return a[i/CHAR_BIT] & (1 << i%CHAR_BIT);
+}
+
+/* Assign features (supported axes and keys) of the physical input device (devin)
+ * to the virtual input device (devout) */
+static void copy_features(int devin, int devout)
+{
+	byte evtypes[EV_MAX/CHAR_BIT + 1] = {0};
+	byte codes[KEY_MAX/CHAR_BIT + 1];
+	unsigned i,code;
+	int op;
+	if (ioctl(devin, EVIOCGBIT(0, sizeof(evtypes)), evtypes) < 0) return;
+	for(i=0;i<EV_MAX;++i) {
+		if (bit_set(i, evtypes)) {
+			switch(i) {
+			case EV_KEY: op = UI_SET_KEYBIT; break;
+			case EV_REL: op = UI_SET_RELBIT; break;
+			case EV_ABS: op = UI_SET_ABSBIT; break;
+			case EV_MSC: op = UI_SET_MSCBIT; break;
+			case EV_LED: op = UI_SET_LEDBIT; break;
+			case EV_SND: op = UI_SET_SNDBIT; break;
+			case EV_SW: op = UI_SET_SWBIT; break;
+			default: op = -1;
+		}
+	}
+	if (op == -1) continue;
+	ioctl(devout, UI_SET_EVBIT, i);
+	memset(codes,0,sizeof(codes));
+	if (ioctl(devin, EVIOCGBIT(i, sizeof(codes)), codes) < 0) return;
+	for(code=0;code<KEY_MAX;code++) {
+		if (bit_set(code, codes)) ioctl(devout, op, code);
+		}
+	}
+}
+
+int find_keyboard() {
+	int i, j;
+	int fd;
+	char filename[32];
+	char key_bitmask[(KEY_MAX + 7) / 8];
+	
+	for (i=0; i<32; i++) {
+		snprintf(filename,sizeof(filename), "/dev/input/event%d", i);
+	
+		fd = open(filename, O_RDWR|O_SYNC);
+		ioctl(fd, EVIOCGBIT(EV_KEY, sizeof(key_bitmask)), key_bitmask);
+	
+		/* We assume that anything that has an alphabetic key in the
+			QWERTYUIOP range in it is the main keyboard. */
+		for (j = KEY_Q; j <= KEY_P; j++) {
+			if (TestBit(j, key_bitmask))
+				return fd;
+		}
+	
+		close (fd);
+	}
+	return 0;
+}
+
+void tearDownPipe()
+{
+	mPipeOpen_out = false;
+	close(mPipe_fd_out);
+	unlink(FIFO_FILE_OUT);
+}
+
+void setupPipe()
+{
+
+	/* Create the FIFOs if they do not exist */
+	umask(0);
+	mkdir(FIFO_DIR,0644);
+	
+	mknod(FIFO_FILE_OUT, S_IFIFO|0600, 0);
+	chmod(FIFO_FILE_OUT, 0600);
+	
+	mPipe_fd_out = open(FIFO_FILE_OUT, O_RDWR | O_NONBLOCK);
+	if (mPipe_fd_out > -1) {
+		mPipeOpen_out = true;
+	}
+}
+
+void handle_sigterm (int sig)
+{
+	tearDownPipe();
+	exit(0);
+	return;
+}
+
+int main (int argc, char *argv[])
+{
+	struct input_event ev[64];
+	struct input_event event;
+	struct uinput_user_dev devinfo={0};
+	int fd, devout, rd, value, size = sizeof (struct input_event);
+	char name[256] = "Unknown";
+	bool ctrl_down = false;
+	bool alt_down = false;
+	bool hide_event = false;
+
+	// Initialize signal handlers
+	sigfillset(&block_mask);
+	usr_action.sa_handler = handle_sigterm;
+	usr_action.sa_mask = block_mask;
+	usr_action.sa_flags = 0;
+        sigaction(SIGTERM, &usr_action, NULL);
+
+	atexit(tearDownPipe);
+	
+	if ((getuid ()) != 0) {
+		printf ("You are not root! This WILL NOT WORK!\nDO NOT attempt to bypass security restrictions, e.g. by changing keyboard permissions or owner, if you want the SAK system to remain secure...\n");
+		return 5;
+	}
+
+	// Open Device
+	fd = find_keyboard();
+	if (fd == -1) {
+		printf ("Could not find your keyboard!\n");
+	}
+	
+	// Print Device Name
+	ioctl (fd, EVIOCGNAME (sizeof (name)), name);
+	printf ("Reading From : (%s)\n", name);
+
+	// Create filtered virtual output device
+	devout=open("/dev/misc/uinput",O_WRONLY|O_NONBLOCK);
+	if (devout<0) {
+		devout=open("/dev/uinput",O_WRONLY|O_NONBLOCK);
+		if (devout<0) {
+			fprintf(stderr,"Unable to open /dev/uinput or /dev/misc/uinput (char device 10:223).\nPossible causes: Device node inexistent or kernel not compiled with evdev user level driver support or permission denied.\n");
+			perror("open(\"/dev/misc/uinput\")");
+			return 3;
+		}
+	}
+	ioctl(fd, EVIOCGNAME(UINPUT_MAX_NAME_SIZE), devinfo.name);
+	strncat(devinfo.name, "+tsak", UINPUT_MAX_NAME_SIZE-1);
+	fprintf(stderr, "%s\n", devinfo.name);
+	ioctl(fd, EVIOCGID, &devinfo.id);
+	
+	copy_features(fd, devout);
+	write(devout,&devinfo,sizeof(devinfo));
+	if (ioctl(devout,UI_DEV_CREATE)<0) {
+		fprintf(stderr,"Unable to create input device with UI_DEV_CREATE\n");
+		return 2;
+	}
+	else {
+		fprintf(stderr,"Device created.\n");
+	}
+
+	if(ioctl(fd, EVIOCGRAB, 2) < 0) {
+		close(fd);
+		fprintf(stderr, "Failed to grab exclusive input device lock");
+		return 1;
+	}
+
+	// Create the output pipe
+	setupPipe();
+	
+	while (1) {
+
+		if ((rd = read (fd, ev, size * 2)) < size) {
+			fprintf(stderr,"Read failed.\n");
+			return 1;
+		}
+		
+		value = ev[0].value;
+		
+		if (value != ' ' && ev[1].value == 0 && ev[1].type == 1){ // Read the key release event
+			if (keycode[(ev[1].code)]) {
+				if (strcmp(keycode[(ev[1].code)], "<control>") == 0) ctrl_down = false;
+				if (strcmp(keycode[(ev[1].code)], "<alt>") == 0) alt_down = false;
+			}
+		}
+		if (value != ' ' && ev[1].value == 1 && ev[1].type == 1){ // Read the key press event
+			if (keycode[(ev[1].code)]) {
+				if (strcmp(keycode[(ev[1].code)], "<control>") == 0) ctrl_down = true;
+				if (strcmp(keycode[(ev[1].code)], "<alt>") == 0) alt_down = true;
+			}
+		}
+
+		hide_event = false;
+		if (keycode[(ev[1].code)]) {
+			if (alt_down && ctrl_down && (strcmp(keycode[(ev[1].code)], "<del>") == 0)) {
+				hide_event = true;
+			}
+		}
+
+		if (hide_event == false) {
+			// Pass the event on...
+			event = ev[0];
+			write(devout, &event, sizeof event);
+			event = ev[1];
+			write(devout, &event, sizeof event);
+		}
+		if (hide_event == true) {
+			// Let anyone listening to our interface know that an SAK keypress was received
+                        write(mPipe_fd_out, "SAK\n\r", 6);
+		}
+	}
+
+	tearDownPipe();
+
+	return 0;
+}