#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/init.h>
#include <linux/sched.h>
#include <linux/sched/signal.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/fs.h>

MODULE_LICENSE("GPL");
MODULE_AUTHOR("Biswa Kalyan Bhuyan");
MODULE_DESCRIPTION("PID Hiding Demo");
MODULE_VERSION("0.1");

// PID to examine
static unsigned int target_pid = 0;
module_param(target_pid, uint, 0644);
MODULE_PARM_DESC(target_pid, "Process ID to examine");

// Function to examine a process
static void examine_process(unsigned int pid)
{
    struct task_struct *task;
    
    printk(KERN_INFO "PID Demo: Searching for PID %u\n", pid);
    
    for_each_process(task) {
        if (task->pid == pid) {
            printk(KERN_INFO "PID Demo: Found process %u (%s)\n", 
                   task->pid, task->comm);
            
            if (task->parent) {
                printk(KERN_INFO "PID Demo: Parent process is %u (%s)\n", 
                       task->parent->pid, task->parent->comm);
            }
            
            printk(KERN_INFO "PID Demo: Process UID: %u, GID: %u\n", 
                   task->cred->uid.val, task->cred->gid.val);
            return;
        }
    }
    
    printk(KERN_INFO "PID Demo: Process %u not found\n", pid);
}

// Explain how a real process hider works
static void explain_hiding(void)
{
    printk(KERN_INFO "PID Demo: How process hiding works:\n");
    printk(KERN_INFO "PID Demo: 1. Process listings come from /proc directory\n");
    printk(KERN_INFO "PID Demo: 2. Each process has a directory in /proc named by its PID\n");
    printk(KERN_INFO "PID Demo: 3. Commands like ps, top read /proc to get the process list\n");
    printk(KERN_INFO "PID Demo: 4. To hide a process, hook the iterate_shared() function that reads /proc\n");
    printk(KERN_INFO "PID Demo: 5. Filter out directory entries matching the target PID\n");
    printk(KERN_INFO "PID Demo: 6. This makes the process invisible to ps, top and other tools\n");
}

// Module initialization
static int __init pid_demo_init(void)
{
    printk(KERN_INFO "PID Demo: Module loaded\n");
    
    if (target_pid == 0) {
        printk(KERN_INFO "PID Demo: No target PID specified. Use: insmod pid_demo.ko target_pid=<pid>\n");
        return 0;
    }
    
    // Examine the specified process
    examine_process(target_pid);
    
    // Explain hiding technique
    explain_hiding();
    
    printk(KERN_INFO "PID Demo: This module is for hiding the PID's\n");
    
    return 0;
}

// Module cleanup
static void __exit pid_demo_exit(void)
{
    printk(KERN_INFO "PID Demo: Module unloaded\n");
}

module_init(pid_demo_init);
module_exit(pid_demo_exit);