/*
 * kernel module 
 * anti ptrace for non-root users only kernel > 2.4
 *
 * original by sacrine[at]netric.org
 * changes and bug fixes by agramajo[at]uolsinectis.com.ar
 *
 * gcc -c no-ptrace.c -I/lib/modules/$(uname -r)/build/include
 * insmod ./no-ptrace.o
 */

#define __KERNEL__
#define MODULE
#define LINUX

#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/types.h>
#include <linux/version.h>
#include <linux/slab.h>
#include <linux/sched.h>
#include <linux/fs.h>
#include <linux/ctype.h>
#include <linux/tty.h>
#include <sys/syscall.h>
#include <linux/ptrace.h>

long (*o_ptrace) (int action, pid_t pid, void *addr, void *data);
extern struct task_struct *current;
extern void* sys_call_table[];

long anti_ptrace (int action, pid_t pid, void *addr, void *data)
{
    if(current->uid == 0)
        return (o_ptrace(action, pid, addr, data));
   
    printk("warning: ptrace(); violation\npid=[%i] uid=[%i]\n"
        ,current->pid
        ,current->uid);
   
    console_print("warning: non-root users are not allowed to use ptrace();\n");
    return EPERM;
}

int init_module(void)
{
    o_ptrace = sys_call_table[SYS_ptrace];
    sys_call_table[SYS_ptrace] = anti_ptrace;
   
    printk("anti-ptrace kernel module loaded with pid=[%i]\n"
        ,current->pid);
   
    return(0);
}

void cleanup_module(void)
{
    sys_call_table[SYS_ptrace]=o_ptrace;
    printk("anti-ptrace kernel module ended with pid=[%i]\n"
        ,current->pid);
}