A Linux kernel module that implements encrypted character devices for educational purposes. This module demonstrates kernel programming concepts including character device drivers, the /proc filesystem, encryption, and kernel synchronization primitives.
This module uses RC4 encryption, which is cryptographically broken and insecure. This project is for educational purposes only and should NEVER be used in production environments or for protecting sensitive data.
- Dual Interface Design: Both
/devand/procfilesystem interfaces - Symmetric Encryption: RC4 stream cipher (educational implementation)
- Thread-Safe: Mutex-based synchronization for concurrent access
- Security-Conscious: Secure memory zeroing for sensitive data
- Statistics Tracking: Monitor encryption/decryption operations
- Comprehensive Logging: Detailed kernel logs for debugging
- Linux kernel headers (matching your running kernel)
- GCC compiler
- Make
- Root/sudo access for loading modules and creating device nodes
sudo apt update
sudo apt install build-essential linux-headers-$(uname -r)sudo dnf install gcc make kernel-devel kernel-headersmakemake loadsudo dmesg | grep kcipher
# Look for: "kcipher: Allocated major number: XXX"make setup-devices MAJOR=XXX # Replace XXX with the major number from step 3# Set the encryption key
echo "MySecretKey123" > /dev/cipher_key
# Try to read the key (will be denied)
cat /dev/cipher_key
# Output: Go away silly one, you cannot see my key >-:
# Encrypt a message
echo "Hello, World!" > /dev/cipher
# Read encrypted message (gibberish)
cat /dev/cipher
# Output: (binary garbage)
# Decrypt the message
echo "MySecretKey123" > /proc/cipher_key
cat /proc/cipher
# Output: Hello, World!| Interface | Path | Mode | Purpose |
|---|---|---|---|
| Cipher Device | /dev/cipher |
R/W | Write plaintext (encrypts), read ciphertext |
| Key Device | /dev/cipher_key |
W only* | Set encryption key |
| Proc Cipher | /proc/cipher |
R only | Read decrypted message |
| Proc Key | /proc/cipher_key |
W only | Set decryption key |
*Technically readable, but returns a denial message
Encryption Flow:
User → /dev/cipher_key (write key)
User → /dev/cipher (write plaintext) → RC4 encryption → Stored ciphertext
User → /dev/cipher (read) → Returns ciphertext
Decryption Flow:
User → /proc/cipher_key (write key)
User → /proc/cipher (read) → RC4 decryption → Returns plaintext
// Global state (protected by mutexes)
message[4096] // Plaintext buffer
encrypted_message[4096] // Ciphertext buffer
key[128] // Encryption/decryption key
// Synchronization
cipher_mutex // Protects message buffers
key_mutex // Protects key buffer# Set encryption key
echo "MyPassword" > /dev/cipher_key
# Encrypt /etc/hosts
cat /etc/hosts > /dev/cipher
# Save encrypted version
cat /dev/cipher > encrypted_hosts.bin
# Decrypt it
echo "MyPassword" > /proc/cipher_key
cat /proc/cipher# Encrypt with one key
echo "CorrectKey" > /dev/cipher_key
echo "Secret Message" > /dev/cipher
# Try to decrypt with wrong key
echo "WrongKey" > /proc/cipher_key
cat /proc/cipher
# Output: (gibberish - decryption with wrong key)
# Decrypt with correct key
echo "CorrectKey" > /proc/cipher_key
cat /proc/cipher
# Output: Secret Message# Works with binary files too
echo "MyKey" > /dev/cipher_key
cat /bin/ls > /dev/cipher
# Decrypt
echo "MyKey" > /proc/cipher_key
cat /proc/cipher > decrypted_ls| Target | Description |
|---|---|
make |
Build the kernel module |
make clean |
Remove build artifacts |
make load |
Load module into kernel |
make unload |
Unload module from kernel |
make reload |
Unload and reload module |
make setup-devices MAJOR=N |
Create /dev nodes |
make remove-devices |
Remove /dev nodes |
make status |
Show module status |
make logs |
View recent kernel logs |
make help |
Show all available targets |
# Recent kcipher logs
make logs
# Or use dmesg directly
sudo dmesg | grep kcipher
# Follow logs in real-time
sudo dmesg -w | grep kciphermake statusThe module tracks encryption/decryption operations, visible in logs when unloading:
make unload
# Check dmesg for: "Stats - Encryptions: X, Decryptions: Y"This module teaches several important kernel programming concepts:
-
Character Device Drivers
- Device registration with
alloc_chrdev_region() - Character device initialization with
cdev_init()andcdev_add() - File operations structure
- Device registration with
-
Proc Filesystem
- Creating proc entries with
proc_create() - Custom proc operations structure
- Creating proc entries with
-
Kernel Synchronization
- Mutex usage for protecting shared data
- Proper locking order to prevent deadlocks
-
User-Kernel Space Communication
copy_from_user()andcopy_to_user()- Error handling for user space operations
-
Memory Management
- Kernel memory allocation with
kmalloc() - Secure memory zeroing for sensitive data
- Kernel memory allocation with
-
Module Lifecycle
- Initialization and cleanup functions
- Proper resource cleanup on errors
Error: insmod: ERROR: could not insert module
Solution: Check kernel logs
sudo dmesg | tail -20Error: Permission denied when accessing /dev/cipher
Solution: Check permissions
ls -l /dev/cipher*
# Should show: crw-rw-rw-
# If not, fix permissions:
sudo chmod 666 /dev/cipher /dev/cipher_keyError: Device operations fail
Solution: Ensure major number matches
# Check loaded module's major number
sudo dmesg | grep "Allocated major number"
# Check device node's major number
ls -l /dev/cipher
# First number in the middle should match
# If they don't match, recreate nodes:
make remove-devices
make setup-devices MAJOR=XXX # Use correct numberError: rmmod: ERROR: Module kcipher is in use
Solution: Close all file handles
# Find processes using the module
lsof | grep cipher
# Kill those processes or wait for them to finish
# Then try again:
make unloadRemember: This is for learning only. Never use RC4 or this module for actual security needs!