├── .gitignore ├── COPYING ├── LICENSE ├── Makefile ├── README.md ├── README_generic.md ├── auto-generated-man-pages ├── eventcap.8 └── kloak.8 ├── build.sh ├── changelog.upstream ├── debian ├── changelog ├── control ├── copyright ├── eventcap.8 ├── kloak.8 ├── kloak.install ├── make-helper-overrides.bsh ├── rules ├── source │ ├── format │ └── lintian-overrides └── watch ├── etc └── apparmor.d │ └── usr.sbin.kloak ├── figures ├── kloak.png ├── train-kloak_test-kloak.png ├── train-normal_test-kloak.png └── train-normal_test-normal.png ├── kloak.spec ├── lib └── udev │ └── rules.d │ └── 95-kloak.rules ├── man ├── eventcap.8.ronn └── kloak.8.ronn ├── src ├── eventcap.c ├── keycodes.c ├── keycodes.h ├── kloak.h └── main.c └── usr └── lib └── systemd └── system └── kloak.service /.gitignore: -------------------------------------------------------------------------------- 1 | kloak 2 | eventcap 3 | cmake-build-debug/ 4 | .idea/ 5 | *.o 6 | *~ 7 | *.a 8 | *.bin 9 | *.so 10 | *~ 11 | \#*# 12 | .DS_Store 13 | .project 14 | .cproject 15 | .idea/ 16 | *.log 17 | debian/debhelper-build-stamp 18 | debian/files 19 | debian/kloak.*.debhelper 20 | debian/kloak.substvars 21 | debian/tmp-man/ 22 | -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ 2 | 3 | Files: * 4 | Copyright: Copyright (c) 2016, Vinnie Monaco 5 | License: BSD-3-clause 6 | Copyright (c) 2016, Vinnie Monaco 7 | All rights reserved. 8 | . 9 | Redistribution and use in source and binary forms, with or without 10 | modification, are permitted provided that the following conditions are met: 11 | . 12 | * Redistributions of source code must retain the above copyright notice, this 13 | list of conditions and the following disclaimer. 14 | . 15 | * Redistributions in binary form must reproduce the above copyright notice, 16 | this list of conditions and the following disclaimer in the documentation 17 | and/or other materials provided with the distribution. 18 | . 19 | * Neither the name of the copyright holder nor the names of its 20 | contributors may be used to endorse or promote products derived from 21 | this software without specific prior written permission. 22 | . 23 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 24 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 27 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 29 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 30 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 31 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2016, Vinnie Monaco 2 | All rights reserved. 3 | 4 | Redistribution and use in source and binary forms, with or without 5 | modification, are permitted provided that the following conditions are met: 6 | 7 | * Redistributions of source code must retain the above copyright notice, this 8 | list of conditions and the following disclaimer. 9 | 10 | * Redistributions in binary form must reproduce the above copyright notice, 11 | this list of conditions and the following disclaimer in the documentation 12 | and/or other materials provided with the distribution. 13 | 14 | * Neither the name of the copyright holder nor the names of its 15 | contributors may be used to endorse or promote products derived from 16 | this software without specific prior written permission. 17 | 18 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 21 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 22 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 24 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 26 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | 3 | CC ?= gcc 4 | INSTALL ?= install 5 | PKG_CONFIG ?= pkg-config 6 | RONN ?= ronn 7 | 8 | CFLAGS ?= -O2 -g 9 | 10 | # NOTE: The systemd unit and apparmor profile are hardcoded to use 11 | # /usr/sbin/kloak. So if you change the default install paths, 12 | # you will have to patch those files yourself. 13 | prefix ?= /usr 14 | sbindir ?= $(prefix)/sbin 15 | datadir ?= $(prefix)/share 16 | mandir ?= $(datadir)/man 17 | 18 | udev_rules_dir ?= /lib/udev/rules.d 19 | apparmor_dir ?= /etc/apparmor.d/ 20 | systemd_dir ?= /usr/lib/systemd/system 21 | 22 | TARGETARCH=$(shell $(CC) -dumpmachine) 23 | CC_VERSION=$(shell $(CC) --version) 24 | 25 | # https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html 26 | # 27 | # Omitted the following flags: 28 | # -D_GLIBCXX_ASSERTIONS # application is not written in C++ 29 | # -fstrict-flex-arrays=3 # not supported in Debian Bookworm's GCC version (12) 30 | # -fPIC -shared # not a shared library 31 | # -fexceptions # not multithreaded 32 | # -fhardened # not supported in Debian Bookworm's GCC version (12) 33 | # 34 | # Added the following flags: 35 | # -fsanitize=address,undefined # enable ASan/UBSan 36 | WARN_CFLAGS := -Wall -Wformat -Wformat=2 -Wconversion -Wimplicit-fallthrough \ 37 | -Werror=format-security -Werror=implicit -Werror=int-conversion \ 38 | -Werror=incompatible-pointer-types 39 | 40 | ifeq (,$(findstring clang,$(CC_VERSION))) # if not clang 41 | WARN_CFLAGS += -Wtrampolines -Wbidi-chars=any # clang as for 18.1.8 doesn't support this warnings 42 | endif 43 | 44 | FORTIFY_CFLAGS := -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 -fstack-clash-protection \ 45 | -fstack-protector-strong -fno-delete-null-pointer-checks \ 46 | -fno-strict-overflow -fno-strict-aliasing -fsanitize=undefined 47 | 48 | ifeq (yes,$(patsubst x86_64%-linux-gnu,yes,$(TARGETARCH))) 49 | FORTIFY_CFLAGS += -fcf-protection=full # only supported on x86_64 50 | endif 51 | ifeq (yes,$(patsubst aarch64%-linux-gnu,yes,$(TARGETARCH))) 52 | FORTIFY_CFLAGS += -mbranch-protection=standard # only supported on aarch64 53 | endif 54 | 55 | BIN_CFLAGS := -fPIE 56 | 57 | CFLAGS := $(WARN_CFLAGS) $(FORTIFY_CFLAGS) $(BIN_CFLAGS) $(CFLAGS) 58 | LDFLAGS := -Wl,-z,nodlopen -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now \ 59 | -Wl,--as-needed -Wl,--no-copy-dt-needed-entries -pie $(LDFLAGS) 60 | 61 | ifeq (, $(shell which $(PKG_CONFIG))) 62 | $(error pkg-config not installed!) 63 | endif 64 | 65 | all : kloak eventcap 66 | 67 | kloak : src/main.c src/keycodes.c src/keycodes.h 68 | $(CC) src/main.c src/keycodes.c -o kloak -lm $(shell $(PKG_CONFIG) --cflags --libs libevdev) $(shell $(PKG_CONFIG) --cflags --libs libsodium) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) 69 | 70 | eventcap : src/eventcap.c 71 | $(CC) src/eventcap.c -o eventcap $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) 72 | 73 | MANPAGES := auto-generated-man-pages/eventcap.8 auto-generated-man-pages/kloak.8 74 | 75 | man : $(MANPAGES) 76 | 77 | auto-generated-man-pages/% : man/%.ronn 78 | ronn --manual="kloak Manual" --organization="kloak" <$< >$@ 79 | 80 | clean : 81 | rm -f kloak eventcap 82 | 83 | install : all lib/udev/rules.d/95-kloak.rules etc/apparmor.d/usr.sbin.kloak usr/lib/systemd/system/kloak.service $(MANPAGES) 84 | $(INSTALL) -d -m 755 $(addprefix $(DESTDIR), $(sbindir) $(mandir)/man8 $(udev_rules_dir) $(apparmor_dir) $(systemd_dir)) 85 | $(INSTALL) -m 755 kloak eventcap $(DESTDIR)$(sbindir) 86 | $(INSTALL) -m 644 $(MANPAGES) $(DESTDIR)$(mandir)/man8 87 | $(INSTALL) -m 644 lib/udev/rules.d/95-kloak.rules $(DESTDIR)$(udev_rules_dir) 88 | $(INSTALL) -m 644 etc/apparmor.d/usr.sbin.kloak $(DESTDIR)$(apparmor_dir) 89 | $(INSTALL) -m 644 usr/lib/systemd/system/kloak.service $(DESTDIR)$(systemd_dir) 90 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # anti keystroke deanonymization tool 2 | 3 | kloak: *Keystroke-level online anonymization kernel* 4 | 5 | A privacy tool that makes keystroke biometrics less effective. This 6 | is accomplished by obfuscating the time intervals between key press and 7 | release events, which are typically used for identification. 8 | 9 | ## Usage 10 | 11 | There are two ways to run kloak: 12 | 13 | 1. As an application 14 | 2. As a Linux service 15 | 16 | ### As an application 17 | 18 | Install dependencies: 19 | 20 | Fedora: 21 | 22 | $ sudo dnf install gcc libevdev-devel libsodium-devel libubsan make pkgconf-pkg-config 23 | 24 | Debian: 25 | 26 | $ sudo apt install make pkg-config libsodium-dev libevdev-dev 27 | 28 | First, compile `kloak` and the event capture tool `eventcap`: 29 | 30 | $ make all 31 | 32 | Next, start `kloak` as root. This typically must run as root because `kloak` reads from and writes to device files: 33 | 34 | $ sudo ./kloak 35 | 36 | **If you start `kloak` and lose control of your keyboard, pressing RShift + LShift + Esc will exit.** You can specify the rescue key combination with the `-k` option. 37 | 38 | Verify that `kloak` is running by starting in verbose mode: 39 | 40 | $ sudo ./kloak -v 41 | ... 42 | Bufferred event at time: 1553710016364. Type: 1, Code: 37, Value: 1, Scheduled delay 84 ms 43 | Released event at time : 1553710016364. Type: 1, Code: 37, Value: 1, Missed target -7 ms 44 | Bufferred event at time: 1553710016597. Type: 1, Code: 37, Value: 0, Scheduled delay 39 ms 45 | Released event at time : 1553710016597. Type: 1, Code: 37, Value: 0, Missed target -6 ms 46 | Bufferred event at time: 1553710017039. Type: 1, Code: 32, Value: 1, Scheduled delay 79 ms 47 | Released event at time : 1553710017039. Type: 1, Code: 32, Value: 1, Missed target -3 ms 48 | Bufferred event at time: 1553710017291. Type: 1, Code: 32, Value: 0, Scheduled delay 80 ms 49 | Bufferred event at time: 1553710017354. Type: 1, Code: 39, Value: 1, Scheduled delay 94 ms 50 | Lower bound raised to: 31 ms 51 | Released event at time : 1553710017291. Type: 1, Code: 32, Value: 0, Missed target -33 ms 52 | Released event at time : 1553710017354. Type: 1, Code: 39, Value: 1, Missed target 0 ms 53 | ... 54 | 55 | Notice that the lower bound on the random delay has to be raised when keys are pressed in quick succession. This ensures that the key events are written to `uinput` in the same order as they were generated. 56 | 57 | 58 | ### As a service 59 | 60 | How to install `kloak` using apt-get 61 | 62 | 1\. Download the APT Signing Key. 63 | 64 | ``` 65 | wget https://www.whonix.org/keys/derivative.asc 66 | ``` 67 | 68 | Users can [check the Signing Key](https://www.whonix.org/wiki/Signing_Key) for better security. 69 | 70 | 2\. Add the APT Signing Key. 71 | 72 | ``` 73 | sudo cp ~/derivative.asc /usr/share/keyrings/derivative.asc 74 | ``` 75 | 76 | 3\. Add the derivative repository. 77 | 78 | ``` 79 | echo "deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.whonix.org bookworm main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list 80 | ``` 81 | 82 | 4\. Update your package lists. 83 | 84 | ``` 85 | sudo apt-get update 86 | ``` 87 | 88 | 5\. Install `kloak`. 89 | 90 | ``` 91 | sudo apt-get install kloak 92 | ``` 93 | 94 | ### How to build deb package 95 | 96 | See the [Whonix package build documentation](https://www.whonix.org/wiki/Dev/Build_Documentation/security-misc). Replace the sample package name `security-misc` with `kloak` to download, build, and install kloak. 97 | 98 | ### Whonix contact and support 99 | 100 | * [Free Forum Support](https://forums.whonix.org) 101 | * [Professional Support](https://www.whonix.org/wiki/Professional_Support) 102 | 103 | ### Donate 104 | 105 | `kloak` requires [donations](https://www.whonix.org/wiki/Donate) to stay alive! 106 | 107 | ### Troubleshooting 108 | 109 | #### My keyboard seems very slow 110 | 111 | `kloak` works by introducing a random delay to each key press and release event. This requires temporarily buffering the event before it reaches the application (e.g., a text editor). 112 | 113 | The maximum delay is specified with the -d option. This is the maximum delay (in milliseconds) that can occur between the physical key events and writing key events to the user-level input device. The default is 100 ms, which was shown to achieve about a 20-30% reduction in identification accuracy and doesn't create too much lag between the user and the application (see the paper below). As the maximum delay increases, the ability to obfuscate typing behavior also increases and the responsiveness of the application decreases. This reflects a tradeoff between usability and privacy. 114 | 115 | If you're a fast typist and it seems like there is a long lag between pressing a key and seeing the character on screen, try lowering the maximum delay. Alternately, if you're a slower typist, you might be able to increase the maximum delay without noticing much difference. Automatically determining the best lag for each typing speed is an item for future work. 116 | 117 | ### Options 118 | 119 | The full usage and options are: 120 | 121 | $ ./kloak -h 122 | 123 | Usage: kloak [options] 124 | Options: 125 | -r filename: device file to read events from. Can specify multiple -r options. 126 | -d delay: maximum delay (milliseconds) of released events. Default 100. 127 | -s startup_timeout: time to wait (milliseconds) before startup. Default 500. 128 | -k csv_string: csv list of rescue key names to exit kloak in case the 129 | keyboard becomes unresponsive. Default is 'KEY_LEFTSHIFT,KEY_RIGHTSHIFT,KEY_ESC'. 130 | -p: persistent mode (disable rescue key sequence) 131 | -v: verbose mode 132 | 133 | ## Try it out 134 | 135 | See the [kloak defense testing](https://www.whonix.org/wiki/Keystroke_Deanonymization#Kloak) instructions. 136 | 137 | ## Background 138 | 139 | `kloak` has two goals in mind: 140 | 141 | * Make it difficult for an adversary to identify a user 142 | * Make it difficult for an adversary to replicate a user's typing behavior 143 | 144 | The first goal can theoretically be achieved only if all users cooperate with each other to have the same typing behavior, for example by pressing keys with exactly the same frequency. Since different users type at different speeds, this is not practical. Instead, pseudo-anonymity is achieved by obfuscating a user's typing rhythm, making it difficult for an adversary to re-identify a single user. 145 | 146 | The second goal is to make it difficult for an adversary to forge typing behavior and impersonate a user, perhaps bypassing a two-factor authentication that uses keystroke biometrics. This is achieved by making the time between keystrokes unpredictable. 147 | 148 | For more info, see the paper [Obfuscating Keystroke Time Intervals to Avoid Identification and Impersonation](https://arxiv.org/pdf/1609.07612.pdf). 149 | 150 | ### How it works 151 | 152 | The time between key press and release events are typically used to identify users by their typing behavior. `kloak` obfuscates these time intervals by introducing a random delay between the physical key events and the arrival of key events at the application, for example a web browser. 153 | 154 | `kloak` grabs the input device and writes delayed key events to the output device. Grabbing the device disables any other application from reading the events. Events are scheduled to be released in a separate thread, where a random delay is introduced before they are written to a user-level input device via `uinput`. This was inspired from [kbd-mangler](https://github.com/bgeradz/Input-Mangler/). 155 | 156 | ### When does it fail 157 | 158 | `kloak` does not protect against all forms of keystroke biometrics that can be used for identification. Specifically, 159 | 160 | * If the delay is too small, it is not effective. Adjust the delay to as high a value that's comfortable. 161 | * Repeated key presses are not obfuscated. If your system is set to repeat held-down keys at a unique rate, this could leak your identity. 162 | * Writing style is still apparent, in which [stylometry techniques could be used to determine authorship](https://vmonaco.com/papers/An%20investigation%20of%20keystroke%20and%20stylometry%20traits%20for%20authenticating%20online%20test%20takers.pdf). 163 | * Higher level cognitive behavior, such as editing and application usage, are still apparent. These lower-frequency actions are less understood at this point, but could potentially be used to reveal identity. 164 | -------------------------------------------------------------------------------- /README_generic.md: -------------------------------------------------------------------------------- 1 | # anti keystroke deanonymization tool # 2 | 3 | A keystroke-level online anonymization kernel. 4 | 5 | A privacy tool that makes keystroke biometrics less effective. This 6 | is accomplished by obfuscating the time intervals between key press and 7 | release events, which are typically used for identification. 8 | 9 | ## How to install `kloak` using apt-get ## 10 | 11 | 1\. Download the APT Signing Key. 12 | 13 | ``` 14 | wget https://www.whonix.org/keys/derivative.asc 15 | ``` 16 | 17 | Users can [check the Signing Key](https://www.whonix.org/wiki/Signing_Key) for better security. 18 | 19 | 2\. Add the APT Signing Key. 20 | 21 | ``` 22 | sudo cp ~/derivative.asc /usr/share/keyrings/derivative.asc 23 | ``` 24 | 25 | 3\. Add the derivative repository. 26 | 27 | ``` 28 | echo "deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.whonix.org bookworm main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list 29 | ``` 30 | 31 | 4\. Update your package lists. 32 | 33 | ``` 34 | sudo apt-get update 35 | ``` 36 | 37 | 5\. Install `kloak`. 38 | 39 | ``` 40 | sudo apt-get install kloak 41 | ``` 42 | 43 | ## How to Build deb Package from Source Code ## 44 | 45 | Can be build using standard Debian package build tools such as: 46 | 47 | ``` 48 | dpkg-buildpackage -b 49 | ``` 50 | 51 | See instructions. 52 | 53 | NOTE: Replace `generic-package` with the actual name of this package `kloak`. 54 | 55 | * **A)** [easy](https://www.whonix.org/wiki/Dev/Build_Documentation/generic-package/easy), _OR_ 56 | * **B)** [including verifying software signatures](https://www.whonix.org/wiki/Dev/Build_Documentation/generic-package) 57 | 58 | ## Contact ## 59 | 60 | * [Free Forum Support](https://forums.whonix.org) 61 | * [Premium Support](https://www.whonix.org/wiki/Premium_Support) 62 | 63 | ## Donate ## 64 | 65 | `kloak` requires [donations](https://www.whonix.org/wiki/Donate) to stay alive! 66 | -------------------------------------------------------------------------------- /auto-generated-man-pages/eventcap.8: -------------------------------------------------------------------------------- 1 | .\" generated with Ronn-NG/v0.9.1 2 | .\" http://github.com/apjanke/ronn-ng/tree/0.9.1 3 | .TH "EVENTCAP" "8" "January 2020" "kloak" "kloak Manual" 4 | .SH "NAME" 5 | \fBeventcap\fR \- physical keyboard device detection 6 | .SH "SYNOPSIS" 7 | \fBeventcap\fR device 8 | .SH "DESCRIPTION" 9 | Determine which device file corresponds to the physical keyboard\. Use eventcap can be used to look for the device that generates events when keys are pressed\. This will typically be one of /dev/input/event[0\-7]\. 10 | .SH "EXAMPLES" 11 | In this example, it's /dev/input/event4: 12 | .P 13 | \fBsudo \./eventcap /dev/input/event4\fR 14 | .P 15 | Reading From : /dev/input/event4 (AT Translated Set 2 keyboard) Type: 4 Code: 4 Value: 15 Type: 1 Code: 15 Value: 0 Type: 0 Code: 0 Value: 0 Type: 4 Code: 4 Value: 56 Type: 1 Code: 56 Value: 0 Type: 0 Code: 0 Value: 0 16 | .SH "WWW" 17 | https://github\.com/vmonaco/kloak 18 | .SH "CREDITS" 19 | eventcap was written by Vinnie Monaco\. 20 | .SH "AUTHOR" 21 | This man page has been written by Patrick Schleizer (adrelanos@whonix\.org)\. 22 | -------------------------------------------------------------------------------- /auto-generated-man-pages/kloak.8: -------------------------------------------------------------------------------- 1 | .\" generated with Ronn-NG/v0.9.1 2 | .\" http://github.com/apjanke/ronn-ng/tree/0.9.1 3 | .TH "KLOAK" "8" "January 2020" "kloak" "kloak Manual" 4 | .SH "NAME" 5 | \fBkloak\fR \- anti keystroke deanonymization tool 6 | .SH "SYNOPSIS" 7 | \fBkloak\fR \fIoptions\fR 8 | .SH "OPTIONS" 9 | .IP "\[ci]" 4 10 | \-h 11 | .IP 12 | print usage message and exit 13 | .IP "\[ci]" 4 14 | \-r 15 | .IP 16 | filename: device file to read events from 17 | .IP "\[ci]" 4 18 | \-w 19 | .IP 20 | filename: device file to write events to (should be uinput) 21 | .IP "\[ci]" 4 22 | \-d 23 | .IP 24 | delay: maximum delay (milliseconds) of released events\. Default 100\. 25 | .IP "\[ci]" 4 26 | \-s 27 | .IP 28 | startup_timeout: time to wait (milliseconds) before startup\. Default 500\. 29 | .IP "\[ci]" 4 30 | \-k 31 | .IP 32 | csv_string: csv list of rescue key names to exit kloak in case the keyboard becomes unresponsive\. Default is 'KEY_LEFTSHIFT,KEY_RIGHTSHIFT,KEY_ESC'\. 33 | .IP "\[ci]" 4 34 | \-v 35 | .IP 36 | verbose mode 37 | .IP "" 0 38 | .SH "DESCRIPTION" 39 | kloak is a Keystroke\-level online anonymization kernel\. 40 | .P 41 | kloak is a privacy tool that makes keystroke biometrics less effective\. This is accomplished by obfuscating the time intervals between key press and release events, which are typically used for identification\. 42 | .SH "EXAMPLES" 43 | Use eventcap(8) (or some other event capture tool) and look for the device that generates events when keys are pressed\. 44 | .P 45 | Starting \fBkloak\fR without any options will use sensible defaults and attempt to find the location of the keyboard device and uinput\. Note that since \fBkloak\fR requires reading from and writing to device files, it probably won't work without running as root: 46 | .P 47 | \fBsudo \./kloak\fR 48 | .P 49 | Optionally start \fBkloak\fR by specifying the input and output device files\. The output device should be the location of uinput\. 50 | .P 51 | \fBsudo \./kloak \-r /dev/input/event4 \-w /dev/uinput\fR 52 | .SH "WWW" 53 | https://github\.com/vmonaco/kloak 54 | .SH "CREDITS" 55 | kloak was written by Vinnie Monaco\. 56 | .SH "AUTHOR" 57 | This man page has been written by Patrick Schleizer (adrelanos@whonix\.org)\. 58 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ## For CodeQL autobuild 4 | 5 | set -x 6 | set -e 7 | 8 | sudo --non-interactive apt-get update --error-on=any 9 | sudo --non-interactive apt-get install --yes libevdev2 libevdev-dev libsodium23 libsodium-dev pkg-config 10 | 11 | make 12 | -------------------------------------------------------------------------------- /changelog.upstream: -------------------------------------------------------------------------------- 1 | commit 8710a622496f0c517b6b4f69a1f0bd1dc26f5a79 2 | Author: Patrick Schleizer 3 | Date: Thu Jan 23 11:13:58 2025 -0500 4 | 5 | copyright 6 | 7 | commit b6d521c53a849763f6d692dff9bf24e5da7b022d 8 | Author: Patrick Schleizer 9 | Date: Tue Dec 31 19:26:41 2024 +0000 10 | 11 | bumped changelog version 12 | 13 | commit 383693dd89b802d386b6077c20b75ffd6dc5f705 14 | Author: Patrick Schleizer 15 | Date: Tue Dec 31 13:26:25 2024 -0500 16 | 17 | copyright 18 | 19 | commit aa48914cc47fc5baa19f16d4754f489e615dcbb6 20 | Author: Patrick Schleizer 21 | Date: Thu Nov 21 12:20:04 2024 +0000 22 | 23 | bumped changelog version 24 | 25 | commit 117fad21aeb4ec052fdbdbc4113fc6e36b2fb63c 26 | Merge: 1c4ecca d6ad4e2 27 | Author: Patrick Schleizer 28 | Date: Wed Nov 20 09:52:40 2024 -0500 29 | 30 | Merge remote-tracking branch 'github-whonix/master' 31 | 32 | commit d6ad4e2e65a25d8e78909e6a5eccf6a6012b4489 33 | Merge: 3030e48 76b7750 34 | Author: Patrick Schleizer 35 | Date: Wed Nov 20 09:50:40 2024 -0500 36 | 37 | Merge pull request #5 from Fat-Zer/better-makefile 38 | 39 | A slightly more sophisticated Makefile 40 | 41 | commit 76b775049168cc327b2a13665d528e18fe266679 42 | Author: Alexander Golubev 43 | Date: Fri Nov 15 22:00:07 2024 +0300 44 | 45 | A slightly more sophisticated Makefile 46 | 47 | - support for override of the compiler and utils 48 | - support for append/override CFLAGS 49 | - a target to update man pages 50 | - install target 51 | - better handling of conditional flags, particularly: 52 | - disable some warnings on non-gcc compilers 53 | - handle GNU's tuples like `x86-64-pc-linux-gnu` and 54 | `aarch-unknowv-linux-gnu` 55 | - organize CFLAGS by sorting them into categories 56 | 57 | Signed-off-by: Alexander Golubev 58 | 59 | commit 3030e488a5aa4e9cecae0b932ff2c5564f2d7142 60 | Merge: 1c4ecca 74f12a7 61 | Author: Patrick Schleizer 62 | Date: Mon Nov 18 07:34:36 2024 -0500 63 | 64 | Merge pull request #6 from siliconwaffle/master 65 | 66 | Update kloak.spec 67 | 68 | commit 74f12a71993ba7ec26144730a48dc4c0e6a11a54 69 | Author: siliconwaffle <157927978+siliconwaffle@users.noreply.github.com> 70 | Date: Sun Nov 17 17:13:24 2024 +0000 71 | 72 | Update kloak.spec 73 | 74 | bump version tag 75 | 76 | commit 1c4ecca1fc41b497ea55419e34d4ec999d759a21 77 | Author: Patrick Schleizer 78 | Date: Thu Nov 7 16:04:07 2024 +0000 79 | 80 | bumped changelog version 81 | 82 | commit 3302108e60a944226cd6103f748a69e84a0d55c3 83 | Merge: 55879cf 9c57eba 84 | Author: Patrick Schleizer 85 | Date: Thu Nov 7 11:03:45 2024 -0500 86 | 87 | Merge remote-tracking branch 'ArrayBolt3/arraybolt3' 88 | 89 | commit 9c57eba2e77082f1967ec54a0a42226843df7f17 90 | Author: Aaron Rainbolt 91 | Date: Tue Nov 5 16:07:14 2024 -0600 92 | 93 | Fix default values in code and docs 94 | 95 | commit b8e8fd579ae26b8fe3592e7af16b1319abe5ba14 96 | Merge: da41997 c0884aa 97 | Author: Patrick Schleizer 98 | Date: Mon Oct 28 01:03:40 2024 -0400 99 | 100 | Merge pull request #2 from siliconwaffle/patch-1 101 | 102 | Create kloak.spec 103 | 104 | commit da419970f57770fe247c470a2bfadfb2279c06ee 105 | Merge: 55879cf afca687 106 | Author: Patrick Schleizer 107 | Date: Mon Oct 28 01:00:15 2024 -0400 108 | 109 | Merge pull request #3 from siliconwaffle/patch-2 110 | 111 | Update README.md 112 | 113 | commit afca687e715cab3e5f651fbc02b61dc6bdd3d4b8 114 | Author: siliconwaffle <157927978+siliconwaffle@users.noreply.github.com> 115 | Date: Sun Oct 27 17:45:45 2024 +0000 116 | 117 | Update README.md 118 | 119 | Update dependencies information for Fedora, specifically adding gcc and libubsan(required for newer versions, there is no devel package available for it). And removing libevdev and libsodium(both are required by their respective devel packages, so their explicit listing here is unnecessary). 120 | 121 | commit c0884aa16b2a5c0588677a3ba5a9087eafc3e2b3 122 | Author: siliconwaffle <157927978+siliconwaffle@users.noreply.github.com> 123 | Date: Sun Oct 27 17:40:03 2024 +0000 124 | 125 | Create kloak.spec 126 | 127 | Spec file for rpm, specifically for Fedora. 128 | 129 | commit 55879cf0d80f11e9601e24ed8e01104936f7a25c 130 | Author: Patrick Schleizer 131 | Date: Sun Oct 6 14:01:58 2024 +0000 132 | 133 | bumped changelog version 134 | 135 | commit cbfd81c853ce92f79068f721b4fa9a9f8f84227c 136 | Merge: 62a657e d4e7b4c 137 | Author: Patrick Schleizer 138 | Date: Sun Oct 6 09:58:07 2024 -0400 139 | 140 | Merge remote-tracking branch 'ArrayBolt3/master' 141 | 142 | commit d4e7b4c0428527ea002e1ea61839effc0cb5e88e 143 | Author: Aaron Rainbolt 144 | Date: Sun Oct 6 01:23:57 2024 -0500 145 | 146 | Change emulated device names to keep GTK from treating a cloaked VirtualBox tablet like a touchscreen 147 | 148 | commit 62a657ea69d07eb1164b1c5634f9f4035ce013a9 149 | Author: Patrick Schleizer 150 | Date: Fri Sep 27 00:48:20 2024 +0000 151 | 152 | bumped changelog version 153 | 154 | commit 222994ec63c36898b8a89fca2f0210384da2a0c3 155 | Merge: f5ee77e 29477f9 156 | Author: Patrick Schleizer 157 | Date: Thu Sep 26 20:47:43 2024 -0400 158 | 159 | Merge remote-tracking branch 'ArrayBolt3/master' 160 | 161 | commit 29477f98d1192ced4fb0e630c07dbd8b97942d22 162 | Author: Aaron Rainbolt 163 | Date: Thu Sep 26 14:08:48 2024 -0500 164 | 165 | Generate debugging info 166 | 167 | commit f5ee77ee73f90c02fede10cdc510a1a6417dd74f 168 | Author: Patrick Schleizer 169 | Date: Thu Sep 26 11:07:01 2024 +0000 170 | 171 | bumped changelog version 172 | 173 | commit 9b96a2330e5dd9d2829bb662f0f01ff9c1e5b505 174 | Merge: 3cbe8b2 4bbdf38 175 | Author: Patrick Schleizer 176 | Date: Thu Sep 26 06:53:11 2024 -0400 177 | 178 | Merge remote-tracking branch 'ArrayBolt3/master' 179 | 180 | commit 4bbdf38cc6c6f9162348d9b23deef3169f8465b8 181 | Author: Aaron Rainbolt 182 | Date: Wed Sep 25 15:17:27 2024 -0500 183 | 184 | Update README.md 185 | 186 | commit c3500fc38cea3d69c96765f6691688e4079ecd67 187 | Author: Aaron Rainbolt 188 | Date: Wed Sep 25 13:43:06 2024 -0500 189 | 190 | Don't use AddressSanitizer, incompatible with Whonix's vm.mmap_rnd_bits setting 191 | 192 | commit 38604467ed76f6d236e5c207913d9533bdab05ab 193 | Author: Aaron Rainbolt 194 | Date: Wed Sep 25 12:41:58 2024 -0500 195 | 196 | Don't set the output device name under Qubes OS, it causes a scary notification to appear 197 | 198 | commit 3cbe8b2ba4d50f6d23823736a90109e89a5c07c4 199 | Author: Patrick Schleizer 200 | Date: Wed Sep 25 04:23:39 2024 +0000 201 | 202 | bumped changelog version 203 | 204 | commit db54b34d50df8ffd0b9c6c55338aecea07de6928 205 | Author: Patrick Schleizer 206 | Date: Wed Sep 25 00:23:29 2024 -0400 207 | 208 | apparmor 209 | 210 | commit cec549dbfa81a927775a0f7b1d7c9a8116a45694 211 | Author: Patrick Schleizer 212 | Date: Wed Sep 25 00:19:52 2024 -0400 213 | 214 | add open syscall (required in VirtualBox) 215 | 216 | commit b7831111dfc305ed7fbaa60f69163df38746af51 217 | Author: Patrick Schleizer 218 | Date: Wed Sep 25 04:16:46 2024 +0000 219 | 220 | bumped changelog version 221 | 222 | commit aad35c7038ae645e27af125f5c0b1adf59d0f063 223 | Author: Patrick Schleizer 224 | Date: Wed Sep 25 00:16:22 2024 -0400 225 | 226 | add readlink syscall (required in VirtualBox) 227 | 228 | commit fb6cff17fe950846a1af6c3e4edc323c0bfb56fe 229 | Author: Patrick Schleizer 230 | Date: Wed Sep 25 01:04:05 2024 +0000 231 | 232 | bumped changelog version 233 | 234 | commit 47e67bad20c321a8556e4256ad473e0a97ef3971 235 | Merge: b085979 a290f5f 236 | Author: Patrick Schleizer 237 | Date: Tue Sep 24 20:59:42 2024 -0400 238 | 239 | Merge remote-tracking branch 'ArrayBolt3/master' 240 | 241 | commit a290f5f0fd864ea459e1c3e75a424fe7dd33cca8 242 | Author: Aaron Rainbolt 243 | Date: Tue Sep 24 15:25:56 2024 -0500 244 | 245 | Fix minor bug in makefile, add check for pkg-config 246 | 247 | commit ac9d1fc2712966a5ae834a690a885db9f10b2b0b 248 | Author: Aaron Rainbolt 249 | Date: Tue Sep 24 13:41:35 2024 -0500 250 | 251 | Add -p option for disabling rescue key sequence 252 | 253 | commit b08597935959a9a37d96ec49f372d08084e6a82a 254 | Author: Patrick Schleizer 255 | Date: Tue Sep 24 05:03:38 2024 +0000 256 | 257 | bumped changelog version 258 | 259 | commit 0f3ae73fc107e4103f2e9933960bdedce63df7cf 260 | Author: Patrick Schleizer 261 | Date: Tue Sep 24 01:02:28 2024 -0400 262 | 263 | fork of kloak from upstream 264 | 265 | from now, doing normal version bump with reach rebuild 266 | 267 | since version numbers are now managed by Whonix 268 | 269 | commit 98febd4ffde18ff2d37f6882cf0e1f6d03bfc53a 270 | Author: Patrick Schleizer 271 | Date: Tue Sep 24 05:00:47 2024 +0000 272 | 273 | bumped changelog version 274 | 275 | commit 81a5ef129afff70ca3683ac393031ed51170378c 276 | Merge: e937174 e1e03d7 277 | Author: Patrick Schleizer 278 | Date: Tue Sep 24 00:55:31 2024 -0400 279 | 280 | Merge remote-tracking branch 'github-whonix/master' 281 | 282 | commit e1e03d786078dd8b0e2bddb4a982afd76b864797 283 | Merge: e937174 bb4a714 284 | Author: Patrick Schleizer 285 | Date: Tue Sep 24 00:52:03 2024 -0400 286 | 287 | Merge pull request #1 from ArrayBolt3/arraybolt3 288 | 289 | Harden and enhance Kloak 290 | 291 | commit bb4a7143877eb12904e797224c2b0afc05463713 292 | Author: Aaron Rainbolt 293 | Date: Mon Sep 23 18:41:47 2024 -0500 294 | 295 | Add a useful change from https://github.com/vmonaco/kloak/pull/65 that got missed 296 | 297 | commit ba5df2543f247ed5592690d97019e0444e79b749 298 | Author: Aaron Rainbolt 299 | Date: Mon Sep 23 18:33:55 2024 -0500 300 | 301 | Do resource cleanup on panic 302 | 303 | commit 7fa9500c32f6560bf6ee7fe55438e27869601a0e 304 | Author: Aaron Rainbolt 305 | Date: Mon Sep 23 18:15:42 2024 -0500 306 | 307 | Add some missing syscalls for x86_64 308 | 309 | commit d7f386dcdd25263eb9e7a7031b171fdec3d0d4d3 310 | Author: Aaron Rainbolt 311 | Date: Mon Sep 23 17:59:36 2024 -0500 312 | 313 | Enable use on non-Intel architectures, fix syscall whitelist 314 | 315 | commit 5beda6da49cf1ef9ef09767e35a5660015160ee8 316 | Author: Aaron Rainbolt 317 | Date: Mon Sep 23 15:52:53 2024 -0500 318 | 319 | Add address and undefined behavior sanitization 320 | 321 | commit e9284abf22adb36968011fb9ab47cc1357b58e9b 322 | Author: Aaron Rainbolt 323 | Date: Mon Sep 23 15:31:49 2024 -0500 324 | 325 | Fix build failure, adjust number of supported devices to account for systems with many input devices 326 | 327 | commit 0d91a09a76ffa21b2782d673fcb91b16574b58d6 328 | Author: Aaron Rainbolt 329 | Date: Mon Sep 23 14:27:59 2024 -0500 330 | 331 | Add support for new devices attached after kloak starts (adapted from https://github.com/vmonaco/kloak/pull/67) 332 | 333 | commit 7f9bc1bcfd08e8b3554e135a4c4d59a0a09b26d8 334 | Author: Aaron Rainbolt 335 | Date: Mon Sep 23 13:39:55 2024 -0500 336 | 337 | Harden code based on advice from ChatGPT3 (adapted from https://github.com/vmonaco/kloak/pull/65) 338 | 339 | commit b0f0c926d84a6d60363c89c11b8f36cc55b57459 340 | Author: Aaron Rainbolt 341 | Date: Mon Sep 23 13:24:20 2024 -0500 342 | 343 | Add a header file to make future development easier (adapted from https://github.com/vmonaco/kloak/pull/61) 344 | 345 | commit dd255ad28bd404f3aad6012949d4fb4e04330db9 346 | Author: Aaron Rainbolt 347 | Date: Mon Sep 23 13:08:09 2024 -0500 348 | 349 | Use strtcpy rather than strncpy 350 | 351 | commit c9c5a9876bd7fba17ec638efd065cc0836329766 352 | Author: Aaron Rainbolt 353 | Date: Mon Sep 23 12:36:13 2024 -0500 354 | 355 | Add compiler hardening flags, fix all GCC warnings 356 | 357 | commit 36385d7b0050601e6f255b168c297dab8d8fb027 358 | Author: Aaron Rainbolt 359 | Date: Mon Sep 23 11:16:50 2024 -0500 360 | 361 | Use monotonic time for delay tracking 362 | 363 | commit e937174bb71313d943d8fb8965ae339343d0337f 364 | Author: Patrick Schleizer 365 | Date: Fri Feb 2 12:46:17 2024 +0000 366 | 367 | bumped changelog version 368 | 369 | commit de06819bf221b994e00a0e8ccd93c64f66b20dec 370 | Author: Patrick Schleizer 371 | Date: Fri Feb 2 07:33:00 2024 -0500 372 | 373 | usrmerge debhelper systemd Debian package maintainer scripts fix 374 | 375 | commit ade162aab807499dbf383afcb15effd1dbdb13bd 376 | Author: Patrick Schleizer 377 | Date: Mon Jan 22 13:25:12 2024 +0000 378 | 379 | bumped changelog version 380 | 381 | commit 9b19632b302e534274b43c57c87cf8ead07f8b40 382 | Author: Patrick Schleizer 383 | Date: Mon Jan 22 07:06:02 2024 -0500 384 | 385 | usrmerge 386 | 387 | commit a8f0e5f8ef21befa74d00a6199ed7f30807e4f8e 388 | Author: Patrick Schleizer 389 | Date: Thu Jan 11 13:05:14 2024 +0000 390 | 391 | bumped changelog version 392 | 393 | commit d48c864ace7ff9e4c98f04dea8cec4d4b0061a63 394 | Author: Patrick Schleizer 395 | Date: Thu Jan 11 06:42:24 2024 -0500 396 | 397 | update readme 398 | 399 | commit 49bb0ac90677a35c2abdc1096369bf24b9a1ba45 400 | Author: Patrick Schleizer 401 | Date: Sat Nov 11 20:30:12 2023 +0000 402 | 403 | bumped changelog version 404 | 405 | commit 1526784d9fdc79f7df0802c7519ce4f29fd0b37c 406 | Author: Patrick Schleizer 407 | Date: Sat Nov 11 14:43:10 2023 -0500 408 | 409 | copyright 410 | 411 | commit cfd170899bea518f044359f01c4ce9d7f85ca11a 412 | Author: Patrick Schleizer 413 | Date: Fri Nov 10 12:35:12 2023 -0500 414 | 415 | CodeQL 416 | 417 | commit daafc674bb10a03b7adcbae35015e9297cce6dd5 418 | Author: Patrick Schleizer 419 | Date: Fri Nov 10 12:31:00 2023 -0500 420 | 421 | CodeQL 422 | 423 | commit f10707f108872ba37673aec8303917d71deec8cd 424 | Author: Patrick Schleizer 425 | Date: Mon Sep 25 11:58:40 2023 -0400 426 | 427 | bumped changelog version 428 | 429 | commit 196343c1c614c9d35264c43e502c83477d7107e0 430 | Merge: 61c0b09 9cbdf44 431 | Author: Patrick Schleizer 432 | Date: Mon Sep 25 11:56:55 2023 -0400 433 | 434 | Merge remote-tracking branch 'vmonaco/master' 435 | 436 | commit 9cbdf4484da19eb09653356e59ce42c37cecb523 437 | Merge: 130d81b 2ed1b1f 438 | Author: Vinnie Monaco 439 | Date: Sun Sep 24 21:49:52 2023 -0700 440 | 441 | Merge pull request #62 from skyzzuu/check_rescue_key_str_not_null 442 | 443 | ensure _rescue_keys_str is not null before passing to strncpy to avoid potential null pointer dereference 444 | 445 | commit 130d81b6e5f2c892fbd7596eaf1ad1f10911426e 446 | Merge: af79b08 efa47d1 447 | Author: Vinnie Monaco 448 | Date: Sun Sep 24 21:47:27 2023 -0700 449 | 450 | Merge pull request #63 from vmonaco/dev 451 | 452 | update readme 453 | 454 | commit 61c0b09452ded9bcbd8476ee3aa103f116bc5330 455 | Author: Patrick Schleizer 456 | Date: Sun Sep 24 11:22:09 2023 -0400 457 | 458 | bumped changelog version 459 | 460 | commit 2ed1b1f4e1613d5add68e051fcd1d58fd1ef97e4 461 | Author: Everett Gally 462 | Date: Sat Sep 23 11:25:33 2023 -0400 463 | 464 | ensure _rescue_keys_str is not null before passing to strncpy to avoid potential null pointer dereference 465 | 466 | commit c107815a062251cef694a84cf0710a73168e2bcf 467 | Merge: ca5cf50 af79b08 468 | Author: Patrick Schleizer 469 | Date: Tue Sep 19 08:23:59 2023 -0400 470 | 471 | Merge remote-tracking branch 'vmonaco/master' 472 | 473 | commit efa47d1e0fa7b3cea17491a9520276e408d07569 474 | Merge: f171889 c928a7c 475 | Author: Vinnie Monaco 476 | Date: Mon Sep 18 08:43:59 2023 -0700 477 | 478 | Merge pull request #55 from skyzzuu/readme_changes 479 | 480 | add dependency installation information into readme 481 | 482 | commit af79b08ea3dd83b70c5099391ef3e1233b102511 483 | Merge: 8fb85a0 68c3c70 484 | Author: Vinnie Monaco 485 | Date: Mon Sep 18 08:43:25 2023 -0700 486 | 487 | Merge pull request #53 from adrelanos/indentation-style 488 | 489 | improve indentation style 490 | 491 | commit 68c3c7063d51afee6bee63c15ab2465d83591442 492 | Author: Patrick Schleizer 493 | Date: Mon Sep 18 08:04:34 2023 -0400 494 | 495 | improve indentation style 496 | 497 | fixes https://github.com/vmonaco/kloak/issues/52 498 | 499 | commit ca5cf502265f24bfd871547739d8b86449d00bc1 500 | Author: Patrick Schleizer 501 | Date: Mon Sep 18 07:23:20 2023 -0400 502 | 503 | bumped changelog version 504 | 505 | commit f49d6b8d4575f1694fe5038a6639e04dca9d4bfb 506 | Merge: 537dec7 8fb85a0 507 | Author: Patrick Schleizer 508 | Date: Mon Sep 18 07:22:36 2023 -0400 509 | 510 | Merge remote-tracking branch 'vmonaco/master' 511 | 512 | commit c928a7c52e2fa0b4f2b7e7cf49c94197555fb288 513 | Author: Everett Gally 514 | Date: Mon Sep 18 07:16:55 2023 -0400 515 | 516 | update debian dependency installation information to install devscripts and then use sudo mk-build-deps --remove --install instead of hardcoding dependencies 517 | 518 | commit 8fb85a065a809be2b504075c500cbd1d12c4ecd9 519 | Merge: d343f5e f55cecc 520 | Author: Vinnie Monaco 521 | Date: Sun Sep 17 21:16:31 2023 -0700 522 | 523 | Merge pull request #57 from skyzzuu/avoid_mem_leak_after_exit 524 | 525 | free pfds after exit to avoid memory leak 526 | 527 | commit f55ceccf164a7a2705fd6151bad77e6c421cf9e0 528 | Author: Everett Gally 529 | Date: Sun Sep 17 19:42:08 2023 -0400 530 | 531 | free pfds after while loop in main_loop exits to avoid memory leak after kloak ends 532 | 533 | commit b2f3a2aae1b85e22f40868266927773307131d0d 534 | Author: Everett Gally 535 | Date: Sun Sep 10 17:13:52 2023 -0400 536 | 537 | add dependency installation information into readme 538 | 539 | commit 537dec7423af4635f3fa15a730844a57538a8947 540 | Author: Patrick Schleizer 541 | Date: Wed Aug 16 06:51:59 2023 -0400 542 | 543 | bumped changelog version 544 | 545 | commit cc2e0c39482eafe88c9607c609c790a0266b1837 546 | Merge: 0a1abe0 d343f5e 547 | Author: Patrick Schleizer 548 | Date: Wed Aug 16 06:32:04 2023 -0400 549 | 550 | Merge remote-tracking branch 'vmonaco/master' 551 | 552 | commit d343f5e41124ff32ee78badeee540dfdea59b8ac 553 | Merge: 2a3a45b f171889 554 | Author: Vinnie Monaco 555 | Date: Tue Aug 15 21:57:43 2023 -0700 556 | 557 | Merge pull request #38 from vmonaco/dev 558 | 559 | Multi-device support and multiple bug fixes 560 | 561 | commit f1718890b1620ac6ba42f2e2d1a1c2c84730c8d4 562 | Merge: cda8d74 0a1abe0 563 | Author: Vinnie Monaco 564 | Date: Tue Aug 15 21:57:15 2023 -0700 565 | 566 | Merge pull request #49 from adrelanos/chatgpt 567 | 568 | chatgpt 569 | 570 | commit 0a1abe03dd873058cb3f2e83ce97a4ba1ad89ea1 571 | Author: Patrick Schleizer 572 | Date: Tue Aug 15 09:21:16 2023 -0400 573 | 574 | bumped changelog version 575 | 576 | commit 59056a25d1e14d6d81ee8a9666eda0bc62fe342a 577 | Author: Patrick Schleizer 578 | Date: Tue Aug 15 09:19:43 2023 -0400 579 | 580 | seccomp 581 | 582 | commit 167f38528ed47cef87be2cea9ba1fa5b4bbbe2d8 583 | Author: Patrick Schleizer 584 | Date: Tue Aug 15 09:08:18 2023 -0400 585 | 586 | bumped changelog version 587 | 588 | commit 07d37f52867816ede568c7fb88bde1ae012359e3 589 | Merge: fdd0d49 e488037 590 | Author: Patrick Schleizer 591 | Date: Tue Aug 15 09:02:19 2023 -0400 592 | 593 | Merge branch 'chatgpt' 594 | 595 | commit fdd0d492bca9e125e95ea787066e266ad404fdc3 596 | Author: Patrick Schleizer 597 | Date: Tue Aug 15 08:19:56 2023 -0400 598 | 599 | bumped changelog version 600 | 601 | commit 8e59a85024c4fb4345918d28396e85c85c7abef2 602 | Merge: 6a5f677 cda8d74 603 | Author: Patrick Schleizer 604 | Date: Tue Aug 15 08:15:19 2023 -0400 605 | 606 | Merge remote-tracking branch 'vmonaco/dev' 607 | 608 | commit cda8d74c37227656cc09c1f7324a69b8f908c9cc 609 | Author: Vinnie Monaco 610 | Date: Sun Aug 13 23:00:11 2023 -0700 611 | 612 | one more missing seccomp filter 613 | 614 | commit e475b1c9c552643328da48f39bef999a88d6be21 615 | Merge: 34e9f42 2a3a45b 616 | Author: Vinnie Monaco 617 | Date: Sun Aug 13 22:56:56 2023 -0700 618 | 619 | Merge branch 'master' into dev 620 | 621 | commit 34e9f421d75ef5e99f71c6d84bb6fb088ac91637 622 | Author: Vinnie Monaco 623 | Date: Sun Aug 13 22:54:12 2023 -0700 624 | 625 | added missing seccomp filters 626 | 627 | commit e4880377bf9e3ae638b74c23a8ef92b07c9bad04 628 | Author: Patrick Schleizer 629 | Date: Sun Jul 9 08:27:38 2023 -0400 630 | 631 | apparmor 632 | 633 | commit c8178aea02117addfb28dba06e824ece7732dee2 634 | Author: Patrick Schleizer 635 | Date: Sun Jul 9 07:31:42 2023 -0400 636 | 637 | disable broken seccomp SystemCallFilter 638 | 639 | https://github.com/vmonaco/kloak/pull/38#issuecomment-1627688486 640 | 641 | commit 6e13598c6d8d39c1f891e7ed036f1e1e800d5c85 642 | Author: Patrick Schleizer 643 | Date: Sun Jul 9 07:30:48 2023 -0400 644 | 645 | apparmor 646 | 647 | commit 2f08794c4b238bb08e0e06a9b10f031f739955be 648 | Author: Patrick Schleizer 649 | Date: Sun Jul 9 07:26:22 2023 -0400 650 | 651 | seccomp 652 | 653 | commit 6a5f677a15e34989d4a87382304806e70771c6f0 654 | Author: Patrick Schleizer 655 | Date: Sun Jul 9 06:32:50 2023 -0400 656 | 657 | bumped changelog version 658 | 659 | commit d97fc922d1032594768b77fbbc7c2683f54abaa9 660 | Author: Patrick Schleizer 661 | Date: Sun Jul 9 06:13:21 2023 -0400 662 | 663 | readme 664 | 665 | commit 1ac67d459855b4d623c4ae6aa4bd183ef7bd84b2 666 | Author: Patrick Schleizer 667 | Date: Sun Jul 9 05:32:55 2023 -0400 668 | 669 | bumped changelog version 670 | 671 | commit 2a8b5a6934019598beb8290ac4b214407395c54e 672 | Author: Patrick Schleizer 673 | Date: Sat Jul 8 14:14:05 2023 -0400 674 | 675 | Added a running variable to control the while loop and added a signal handler (handle_signal) to catch the interrupt signal (SIGINT) and terminate the program gracefully. 676 | 677 | Fixed the command-line argument handling by checking if argc is less than 2 (instead of assuming argc > 1). If no arguments are provided, the program displays the usage message and exits. 678 | 679 | Updated the ioctl() call to check the return value for errors. If the ioctl() operation fails to get the device name, an error message is printed, and the program exits. 680 | 681 | Removed the check for root access since it was only printing a message and not affecting the program's execution. If root access is required, it should be checked externally before running the program. 682 | 683 | Closed the device file descriptor (fd) before exiting the program to release system resources properly. 684 | 685 | commit 54f0b3e111a44bb95223200575fe9d19a8c70c09 686 | Author: Patrick Schleizer 687 | Date: Sat Jul 8 14:10:20 2023 -0400 688 | 689 | The rescue_len variable was not initialized, causing undefined behavior. I added the initialization rescue_len = 0 to fix it. 690 | 691 | In the init_inputs() function, I added error handling for the malloc call to allocate memory for the pfds array. 692 | 693 | In the emit_event() function, I added error handling for the libevdev_uinput_write_event function call to check if writing the event to uinput was successful. 694 | 695 | commit cd31cd4060c97c6dabb4af88a17d9a56c3981931 696 | Merge: d11ed97 2a3a45b 697 | Author: Patrick Schleizer 698 | Date: Sat Jul 8 13:17:08 2023 -0400 699 | 700 | Merge remote-tracking branch 'vmonaco/master' into dev 701 | 702 | commit e28ba0939f1d3fe01e3c141727ec5534c4423b0b 703 | Author: Patrick Schleizer 704 | Date: Sat Jul 8 13:08:00 2023 -0400 705 | 706 | same ordering as upstream 707 | 708 | commit 29055528d43cf6d53b459d4e180698fe255c78d2 709 | Merge: d8e06e8 2a3a45b 710 | Author: Patrick Schleizer 711 | Date: Sat Jul 8 13:03:38 2023 -0400 712 | 713 | Merge remote-tracking branch 'vmonaco/master' 714 | 715 | commit d8e06e8e4b8bdff8d4243aa627acbc9233a2b515 716 | Author: Patrick Schleizer 717 | Date: Fri Jul 7 20:08:03 2023 -0400 718 | 719 | bumped changelog version 720 | 721 | commit 327df39693b7fa47baf7fde697006e7f649cf796 722 | Author: Patrick Schleizer 723 | Date: Fri Jul 7 20:04:27 2023 -0400 724 | 725 | seccomp 726 | 727 | commit fb89c86d206aada6dabb818c3dff1f6b3ac6c1a3 728 | Author: Patrick Schleizer 729 | Date: Wed Jun 21 09:43:23 2023 +0000 730 | 731 | bumped changelog version 732 | 733 | commit e1f1f152a406042af0fef3b801b4bd4850c10ae8 734 | Author: Patrick Schleizer 735 | Date: Wed Jun 21 09:11:34 2023 +0000 736 | 737 | bookworm 738 | 739 | commit 2a3a45ba429c8ba6e2c8d8560f79efb6cb43fdb3 740 | Author: Vinnie Monaco 741 | Date: Sat Jun 17 20:57:22 2023 -0700 742 | 743 | Update README.md 744 | 745 | commit e817caef8bdda365838658b232914dfe4c9143d0 746 | Author: Patrick Schleizer 747 | Date: Fri Jun 16 11:28:58 2023 +0000 748 | 749 | bumped changelog version 750 | 751 | commit 9bc6515a828f64e10c367169ecdc249f237fb464 752 | Author: Patrick Schleizer 753 | Date: Fri Jun 16 10:49:08 2023 +0000 754 | 755 | readme 756 | 757 | commit 8f585808b10b080434bcf74f45dee9e826ec89fa 758 | Author: Patrick Schleizer 759 | Date: Wed Jun 14 10:09:18 2023 +0000 760 | 761 | bumped changelog version 762 | 763 | commit 6dbf7832ad67f950fc85fbf12359d318b07652a7 764 | Author: Patrick Schleizer 765 | Date: Wed Jun 14 09:51:12 2023 +0000 766 | 767 | fix lintian warning 768 | 769 | P: kloak source: very-long-line-length-in-source-file 676 > 512 [README.md:170] 770 | 771 | commit 2155a425603c61490458590c5abfe75f3d8aa5cd 772 | Author: Patrick Schleizer 773 | Date: Mon Jun 12 18:15:43 2023 +0000 774 | 775 | bumped changelog version 776 | 777 | commit 39194c7ec3e782594cf7715888013502d6a21824 778 | Author: Patrick Schleizer 779 | Date: Mon Jun 12 16:22:35 2023 +0000 780 | 781 | Standards-Version: 4.6.1.0 782 | 783 | commit 120234dd3cfe9567eef09c8681b4855119d9dd90 784 | Author: Patrick Schleizer 785 | Date: Mon Jun 12 15:38:28 2023 +0000 786 | 787 | bumped changelog version 788 | 789 | commit d8c20cabb38a124ba9e9171c7d897bc2993f0a87 790 | Author: Patrick Schleizer 791 | Date: Mon Jun 12 14:52:04 2023 +0000 792 | 793 | update copyright year 794 | 795 | commit 6b2d75e98af072c68981a677bf66320dafca79fc 796 | Merge: 38eefc5 af2ddc3 797 | Author: Vinnie Monaco 798 | Date: Wed Nov 16 21:02:23 2022 -0800 799 | 800 | Merge pull request #44 from GerHobbelt/master 801 | 802 | README fixes: broken link to paper fixed + 1 language typo 803 | 804 | commit af2ddc31b008ac0042b5cfdcc53cce72dec9cbf3 805 | Author: Ger Hobbelt 806 | Date: Tue Nov 15 19:58:29 2022 +0100 807 | 808 | updated link to stylometry techniques paper. 809 | 810 | commit 53ada224cd9323916f515d5f791050b18ae20639 811 | Author: Ger Hobbelt 812 | Date: Tue Nov 15 19:57:22 2022 +0100 813 | 814 | language fix in README 815 | 816 | commit ad1cb08250b6b052c7232d5d2614606dccb6bd54 817 | Author: Patrick Schleizer 818 | Date: Wed May 25 06:07:59 2022 -0400 819 | 820 | bumped changelog version 821 | 822 | commit a7ce4f5d43e7d90f1add743e7bd602b6be3e825b 823 | Author: Patrick Schleizer 824 | Date: Fri May 20 15:27:14 2022 -0400 825 | 826 | readme 827 | 828 | commit c2752726f56fefa3a51adb234747d53d21851e42 829 | Author: Patrick Schleizer 830 | Date: Fri May 20 14:46:43 2022 -0400 831 | 832 | copyright 833 | 834 | commit 22a0d992b64a9026a6bf01b0e48a8914f34698c6 835 | Author: Patrick Schleizer 836 | Date: Sun Apr 10 12:40:20 2022 -0400 837 | 838 | readme 839 | 840 | commit 38eefc52728e31e89646dd61bb15ecbbb49c0871 841 | Merge: aaf1de4 6cce482 842 | Author: Vinnie Monaco 843 | Date: Tue Jan 11 10:37:41 2022 -0800 844 | 845 | Merge pull request #40 from hardcore-sushi/systemd-fix 846 | 847 | Add some system calls to the systemd whitelist to prevent crashes 848 | 849 | commit 6cce4829066bac632e1730b8f379e3c45ac15a02 850 | Author: Hardcore Sushi 851 | Date: Fri Jan 7 17:24:39 2022 +0100 852 | 853 | Add some system calls to the systemd whitelist to prevent crashes 854 | 855 | commit 64aef6d208f37fde04c4f12d84f16c214ed58087 856 | Author: Patrick Schleizer 857 | Date: Tue Nov 9 14:32:31 2021 -0500 858 | 859 | readme 860 | 861 | commit d11ed97e3c26318ca96a07806d492597950f36bb 862 | Author: Vinnie Monaco 863 | Date: Tue Sep 28 15:22:59 2021 -0700 864 | 865 | fixed typo 866 | 867 | commit edf0a41c9ad05e901d6726804112308dc098965f 868 | Author: Vinnie Monaco 869 | Date: Tue Sep 28 15:21:07 2021 -0700 870 | 871 | fixed apparmor profile: added r to /sys/devices/virtual/input 872 | 873 | commit 5870a8d3c79567333fbb720d2ea1af43ceee2aea 874 | Author: Vinnie Monaco 875 | Date: Tue Sep 28 15:15:49 2021 -0700 876 | 877 | fixed apparmor profile: added w to /dev/uinput 878 | 879 | commit 1e16893c10fbfcac899fe341cae87022a295e626 880 | Author: Vinnie Monaco 881 | Date: Tue Sep 28 15:14:00 2021 -0700 882 | 883 | fixed apparmor profile: added r to /dev/uinput 884 | 885 | commit 2edb4b2bc4c72d6ca457afb4f8265f5ea69e0da9 886 | Author: Vinnie Monaco 887 | Date: Thu Sep 23 16:33:44 2021 -0700 888 | 889 | formatted main.c 890 | 891 | commit 1db17e2ac3113cc5253330d5d459fd64dba93164 892 | Author: Vinnie Monaco 893 | Date: Thu Sep 23 16:11:05 2021 -0700 894 | 895 | added pkg-config to build depends 896 | 897 | commit c2142bf9eafbc4ed8360e1e8a286fbabc68a74d2 898 | Author: Vinnie Monaco 899 | Date: Thu Sep 23 16:10:00 2021 -0700 900 | 901 | added libsodium init 902 | 903 | commit 12f16aac4f8e207a3a23ea9e843e219332a1cd94 904 | Author: Vinnie Monaco 905 | Date: Mon Sep 20 21:32:52 2021 -0700 906 | 907 | typo 908 | 909 | commit 4f271826d6c1621ad8e4a85046da12525698e88f 910 | Author: Vinnie Monaco 911 | Date: Mon Sep 20 21:32:07 2021 -0700 912 | 913 | added deb dependencies 914 | 915 | commit 5fca94d9e7c27a0b3d9dd8332371987fef6047ec 916 | Author: Vinnie Monaco 917 | Date: Mon Sep 20 11:30:55 2021 -0700 918 | 919 | fixed verbose output format 920 | 921 | commit ca5510586597ebd6287afa9c878c2bfc3bbf2b9b 922 | Author: Vinnie Monaco 923 | Date: Mon Sep 20 11:20:52 2021 -0700 924 | 925 | added build flags to makefile 926 | 927 | commit ea6f6be0a33f19038b42aff42aacfd09020b3041 928 | Author: Vinnie Monaco 929 | Date: Fri Sep 17 15:27:14 2021 -0700 930 | 931 | use libsodium for prng 932 | 933 | commit 5dc5412f78b7111c42818b973a7a25248b5d49ca 934 | Author: Vinnie Monaco 935 | Date: Fri Sep 17 15:02:39 2021 -0700 936 | 937 | added support for multiple input devices 938 | 939 | commit 36f83eb631be27e325d9209e956e04f37fbe470c 940 | Merge: 59c47d8 aaf1de4 941 | Author: Vinnie Monaco 942 | Date: Fri Sep 17 15:01:55 2021 -0700 943 | 944 | Merge branch 'master' of github.com:vmonaco/kloak into mouse 945 | 946 | commit aaf1de40cbe9679af908063b75da3e87081714e4 947 | Merge: 7fb3f9e 88477f6 948 | Author: Vinnie Monaco 949 | Date: Fri Sep 17 15:01:42 2021 -0700 950 | 951 | Merge pull request #36 from Whonix/master 952 | 953 | port packaging to Debian bullseye 954 | 955 | commit 59c47d88e4b579e93a85209484681f536035e8d6 956 | Author: Vinnie Monaco 957 | Date: Mon Sep 13 14:34:16 2021 -0700 958 | 959 | removed restrictions on event types 960 | 961 | commit 99d2af051dccbee7f2cd3f35fbc2d7ae64af00c7 962 | Author: Vinnie Monaco 963 | Date: Mon Sep 13 11:51:38 2021 -0700 964 | 965 | fixed typo 966 | 967 | commit 7b94b28e472cef7e3c52960986a3bc7dfa651f94 968 | Author: Vinnie Monaco 969 | Date: Mon Sep 13 11:45:23 2021 -0700 970 | 971 | started support for EV_REL events 972 | 973 | commit 88477f678878d2405b85839c8a9029dc0c9b697a 974 | Author: Patrick Schleizer 975 | Date: Sun Sep 12 11:42:44 2021 -0400 976 | 977 | bumped changelog version 978 | 979 | commit 28d3eef79cfe70828bfe1bbe44bfcf79c5f4c593 980 | Author: Patrick Schleizer 981 | Date: Sat Sep 11 16:33:51 2021 -0400 982 | 983 | readme 984 | 985 | commit e54394894a96c1a0f1cefd95676bcbd142c67add 986 | Author: Patrick Schleizer 987 | Date: Sat Aug 28 13:54:16 2021 -0400 988 | 989 | bumped changelog version 990 | 991 | commit 2b2413d5f97a03560c4f4c88600ce0010e65f8e2 992 | Author: Patrick Schleizer 993 | Date: Thu Aug 5 16:47:52 2021 -0400 994 | 995 | bumped changelog version 996 | 997 | commit 89254249098f7081ea3b029d6715f7c9882b9c1f 998 | Author: Patrick Schleizer 999 | Date: Wed Aug 4 16:03:27 2021 -0400 1000 | 1001 | lintian 1002 | 1003 | commit 53caa09682651e7a7de554d78acb24151ccb803e 1004 | Author: Patrick Schleizer 1005 | Date: Wed Aug 4 16:01:50 2021 -0400 1006 | 1007 | re-generated man pages 1008 | 1009 | commit b4cab3fcf728bca4783719eb2cd67b074e7ce6ba 1010 | Author: Patrick Schleizer 1011 | Date: Tue Aug 3 11:47:33 2021 -0400 1012 | 1013 | re-generate man pages (generated using "genmkfile manpages") 1014 | 1015 | commit b7d67c0eb8d2fcce495c9ce3213462d5562ba8f1 1016 | Author: Patrick Schleizer 1017 | Date: Tue Aug 3 11:43:33 2021 -0400 1018 | 1019 | man page 1020 | 1021 | commit 8169d9763e89e08bf80d56a8b59e6538b1a82f1a 1022 | Author: Patrick Schleizer 1023 | Date: Tue Aug 3 05:48:22 2021 -0400 1024 | 1025 | bullseye 1026 | 1027 | commit 6eaecb7cb1d5202544ef5b5ebb680b81084dfa7f 1028 | Author: Patrick Schleizer 1029 | Date: Sun Aug 1 16:32:12 2021 -0400 1030 | 1031 | bullseye 1032 | 1033 | commit f37f26053f42964f46a6bfc2f3c20908a11aeb08 1034 | Author: Patrick Schleizer 1035 | Date: Sun Aug 1 16:24:33 2021 -0400 1036 | 1037 | readme 1038 | 1039 | commit 40f31f7351ea32ae84e785c632285cda91203bf1 1040 | Author: Patrick Schleizer 1041 | Date: Thu Mar 18 09:05:55 2021 -0400 1042 | 1043 | bumped changelog version 1044 | 1045 | commit c04e59f03af45615b1a4390b5d14905677b51f3d 1046 | Author: Patrick Schleizer 1047 | Date: Thu Mar 18 08:57:20 2021 -0400 1048 | 1049 | copyright 1050 | 1051 | commit db11450344e2f6d51c078e720b8498ac2ccea611 1052 | Author: Patrick Schleizer 1053 | Date: Thu Mar 18 07:44:35 2021 -0400 1054 | 1055 | bumped changelog version 1056 | 1057 | commit a4c465baa95f865be0e7767fff232857a3aab757 1058 | Author: Patrick Schleizer 1059 | Date: Thu Mar 18 07:39:48 2021 -0400 1060 | 1061 | copyright 1062 | 1063 | commit 13314c1731b39842943d4084db2bb744f4a08414 1064 | Author: Patrick Schleizer 1065 | Date: Wed Mar 17 11:36:32 2021 -0400 1066 | 1067 | bumped changelog version 1068 | 1069 | commit 99e8876ea073604e396bcf102ed98a0c31427b70 1070 | Author: Patrick Schleizer 1071 | Date: Wed Mar 17 09:45:16 2021 -0400 1072 | 1073 | copyright 1074 | 1075 | commit 370a6d563cc64b7f81824fd5f884ebba37a0a9a3 1076 | Author: Patrick Schleizer 1077 | Date: Sat Feb 6 06:30:56 2021 -0500 1078 | 1079 | bumped changelog version 1080 | 1081 | commit 58588a837800c020ff6a380feb2bd14b683fdffe 1082 | Author: Patrick Schleizer 1083 | Date: Sat Feb 6 06:27:53 2021 -0500 1084 | 1085 | readme 1086 | 1087 | commit 509e5327827dac4f279541da1aee0b8d4b4ce3e6 1088 | Author: Patrick Schleizer 1089 | Date: Thu Dec 3 15:52:42 2020 -0500 1090 | 1091 | bumped changelog version 1092 | 1093 | commit bf8ea6f9db66dbde2a9133dc69f5185e94b7067f 1094 | Author: Patrick Schleizer 1095 | Date: Thu Dec 3 11:21:18 2020 -0500 1096 | 1097 | comment 1098 | 1099 | commit 7fb3f9e9885977cac856ded31d80f6c737780518 1100 | Merge: e1eec9d 00c3495 1101 | Author: Vinnie Monaco 1102 | Date: Thu Oct 8 13:32:15 2020 -0700 1103 | 1104 | Merge pull request #32 from madaidan/apparmor 1105 | 1106 | Fix AppArmor and seccomp 1107 | 1108 | commit 3e61d1a6b5ac92ebbfbb8e55c5e85c79973e5bbc 1109 | Author: Patrick Schleizer 1110 | Date: Thu Oct 8 13:40:45 2020 -0400 1111 | 1112 | bumped changelog version 1113 | 1114 | commit 7d02f04592f6f64fa9e472d7624c11645a5bf86b 1115 | Author: Patrick Schleizer 1116 | Date: Thu Oct 8 13:40:45 2020 -0400 1117 | 1118 | readme 1119 | 1120 | commit 0f30fc2370f1406f979567cff60a3aee0e029d96 1121 | Merge: 1a13e75 00c3495 1122 | Author: Patrick Schleizer 1123 | Date: Thu Oct 8 11:19:59 2020 -0400 1124 | 1125 | Merge remote-tracking branch 'madaidan/apparmor' 1126 | 1127 | commit 00c3495ffaa9df609d164aa1f020cd1e5db225ab 1128 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1129 | Date: Thu Oct 8 12:38:42 2020 +0000 1130 | 1131 | Allow getrandom 1132 | 1133 | commit 6c260b638d8835dfe2cb09b7b54c65d8b35449ff 1134 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1135 | Date: Thu Oct 8 12:37:58 2020 +0000 1136 | 1137 | Allow access to more libraries 1138 | 1139 | commit e1eec9ded59a8012d5cc9520bf897380a256fcd2 1140 | Merge: 6694368 bea5410 1141 | Author: Vinnie Monaco 1142 | Date: Mon Sep 7 20:17:29 2020 -0700 1143 | 1144 | Merge pull request #30 from itoffshore/alpine 1145 | 1146 | add service script note for hardened kernels 1147 | 1148 | commit bea5410a0a8f0b3bc8834a42c4c3322c6b8c6beb 1149 | Author: Stuart Cardall 1150 | Date: Mon Sep 7 12:00:54 2020 +0100 1151 | 1152 | add service script note for hardened kernels 1153 | 1154 | * hardened kernels without CONFIG_USER_NS_UNPRIVILEGED fail to start 1155 | the kloak service if private namespaces are enabled. 1156 | 1157 | commit 6694368db2588d828687f0846221f94ccf03e3fa 1158 | Merge: 652105d 1a13e75 1159 | Author: Vinnie Monaco 1160 | Date: Sun Sep 6 20:16:05 2020 -0700 1161 | 1162 | Merge pull request #29 from Whonix/master 1163 | 1164 | packaging improvements and fixes 1165 | 1166 | commit 1a13e7537bd87c46576fe79432855e4842cea255 1167 | Author: Patrick Schleizer 1168 | Date: Thu Aug 6 07:33:56 2020 -0400 1169 | 1170 | bumped changelog version 1171 | 1172 | commit 9ededf2f727e93c7e91fa6988c841b140fce053f 1173 | Author: Patrick Schleizer 1174 | Date: Thu Aug 6 07:31:49 2020 -0400 1175 | 1176 | add `pread64` 1177 | 1178 | Thanks to @haroonrafi / @pcrockett for the report! 1179 | 1180 | fixes https://github.com/vmonaco/kloak/issues/28 1181 | 1182 | commit 3abdb4faeca4f8af3449f7ca58b66e1e6c7fa7c6 1183 | Author: Patrick Schleizer 1184 | Date: Thu Apr 16 08:36:54 2020 -0400 1185 | 1186 | bumped changelog version 1187 | 1188 | commit 0dc802c876b846151615f2076d258d29877c63d1 1189 | Author: Patrick Schleizer 1190 | Date: Wed Apr 15 14:05:33 2020 -0400 1191 | 1192 | readme 1193 | 1194 | commit 94350cf07578c347a0ba054cc4314f6b054689f4 1195 | Author: Patrick Schleizer 1196 | Date: Sun Apr 5 14:05:55 2020 -0400 1197 | 1198 | bumped changelog version 1199 | 1200 | commit fd25e68017becafc1d105d9f415d84425599a2d9 1201 | Author: Patrick Schleizer 1202 | Date: Sun Apr 5 14:02:47 2020 -0400 1203 | 1204 | Architecture: amd64 1205 | 1206 | https://github.com/vmonaco/kloak/issues/24 1207 | https://github.com/vmonaco/kloak/issues/25 1208 | Actually building might be possible but cross building using qemu has issues. 1209 | https://github.com/vivier/qemu-m68k/issues/38 1210 | https://bugs.launchpad.net/qemu/+bug/1756519 1211 | https://bugs.launchpad.net/qemu/+bug/1793539 1212 | qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x60269d8c 1213 | qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x6000178c 1214 | 1215 | commit 7631d7d1bd24353f8a89738f7d80f966988f3c4b 1216 | Author: Patrick Schleizer 1217 | Date: Sun Apr 5 13:50:47 2020 -0400 1218 | 1219 | bumped changelog version 1220 | 1221 | commit 6ca7fbde8147fa90a5c44764490140f54e58656e 1222 | Author: Patrick Schleizer 1223 | Date: Sun Apr 5 13:46:36 2020 -0400 1224 | 1225 | fix packaging for build without genmkfile 1226 | 1227 | commit dfeff821d06ce32b6918ba9f3f97f5d9ec45dfe5 1228 | Author: Patrick Schleizer 1229 | Date: Sun Apr 5 13:27:10 2020 -0400 1230 | 1231 | bumped changelog version 1232 | 1233 | commit e03b8897c0c666f9c77c8b9714889fff5f60a6cd 1234 | Author: Patrick Schleizer 1235 | Date: Sun Apr 5 13:09:26 2020 -0400 1236 | 1237 | copyright 1238 | 1239 | commit 9fe1fdf798a434fcc49a16d7eaa36267232f7712 1240 | Author: Patrick Schleizer 1241 | Date: Sun Apr 5 13:08:44 2020 -0400 1242 | 1243 | apparmor packaging fixes 1244 | 1245 | commit ed1b360678ebddf6d6732d812e54179a76649fc1 1246 | Author: Patrick Schleizer 1247 | Date: Sat Apr 4 16:40:52 2020 -0400 1248 | 1249 | bumped changelog version 1250 | 1251 | commit a12f457d2c5b7b58ecb3e07e5e56023123baf954 1252 | Author: Patrick Schleizer 1253 | Date: Sat Apr 4 16:36:13 2020 -0400 1254 | 1255 | actually can be build for arm64 1256 | 1257 | commit 01bae31488ae1c9b86a214c25c0c8f806a05255e 1258 | Author: Patrick Schleizer 1259 | Date: Thu Apr 2 07:51:28 2020 -0400 1260 | 1261 | bumped changelog version 1262 | 1263 | commit 44eb700387831b6152141ff06e16b2eb426845f1 1264 | Author: Patrick Schleizer 1265 | Date: Thu Apr 2 07:22:38 2020 -0400 1266 | 1267 | readme 1268 | 1269 | commit 652105d67527b3bb24c3b86f219724998f20d83a 1270 | Merge: 54bef10 9733e77 1271 | Author: Vinnie Monaco 1272 | Date: Wed Apr 1 15:51:08 2020 -0700 1273 | 1274 | Merge pull request #26 from Whonix/master 1275 | 1276 | packaging and apparmor improvements 1277 | 1278 | commit 9733e77f2b3b551e209a8830dfb4d57b2f22f90a 1279 | Author: Patrick Schleizer 1280 | Date: Wed Apr 1 16:32:15 2020 -0400 1281 | 1282 | add debian install file 1283 | 1284 | commit 56692cccff9a16766799ac6baf22702de8d958f5 1285 | Author: Patrick Schleizer 1286 | Date: Wed Apr 1 15:56:48 2020 -0400 1287 | 1288 | add man pages (generated using "genmkfile manpages") 1289 | 1290 | commit 7093613c4723787d9e9c9a9dec4b5320a80c9a32 1291 | Author: Patrick Schleizer 1292 | Date: Wed Apr 1 10:48:40 2020 -0400 1293 | 1294 | bumped changelog version 1295 | 1296 | commit 11db9d47895fb401a3ed97ea028ab25d53a6b76e 1297 | Author: Patrick Schleizer 1298 | Date: Wed Apr 1 09:19:55 2020 -0400 1299 | 1300 | copyright 1301 | 1302 | commit 7121b5a21de24b9479d8df7e2b080154c8a82095 1303 | Author: Patrick Schleizer 1304 | Date: Wed Apr 1 09:15:14 2020 -0400 1305 | 1306 | copyright 1307 | 1308 | commit a14a3938bb9adbadeff200a00e1d6bc07ecfc3ca 1309 | Author: Patrick Schleizer 1310 | Date: Wed Apr 1 08:49:57 2020 -0400 1311 | 1312 | update copyright year 1313 | 1314 | commit aa7ca49556fdbae5f474c94caaa0d74b01be2b93 1315 | Author: Patrick Schleizer 1316 | Date: Mon Jan 13 12:36:52 2020 -0500 1317 | 1318 | bumped changelog version 1319 | 1320 | commit 84fca49dc259c68b9d1caa61f4d7cddb78fb6ba9 1321 | Author: Patrick Schleizer 1322 | Date: Mon Jan 13 12:36:11 2020 -0500 1323 | 1324 | apparmor 1325 | 1326 | commit 64d8f75748a5e7364584dab512003016475d7254 1327 | Author: Patrick Schleizer 1328 | Date: Mon Jan 13 12:33:07 2020 -0500 1329 | 1330 | bumped changelog version 1331 | 1332 | commit 081fa02799e60f8e33e39c858fe13853e01c2b5f 1333 | Author: Patrick Schleizer 1334 | Date: Mon Jan 13 12:30:40 2020 -0500 1335 | 1336 | apparmor allow ptrace 1337 | 1338 | https://forums.whonix.org/t/current-state-of-kloak/5605/19 1339 | 1340 | commit ad4288a320da42c74649dc352b8b93c55bfec9be 1341 | Author: Patrick Schleizer 1342 | Date: Wed Jan 1 07:22:03 2020 -0500 1343 | 1344 | bumped changelog version 1345 | 1346 | commit 4381af2f3a1dabc07330751eca1369eeb3e40655 1347 | Author: Patrick Schleizer 1348 | Date: Wed Jan 1 07:14:38 2020 -0500 1349 | 1350 | capability sys_ptrace, 1351 | 1352 | https://forums.whonix.org/t/current-state-of-kloak/5605/17 1353 | 1354 | commit 29b286926062f93cb222e355e1996093d6f682f4 1355 | Author: Patrick Schleizer 1356 | Date: Wed Jan 1 07:12:50 2020 -0500 1357 | 1358 | remove trailing spaces 1359 | 1360 | commit a54eb9333552fefcb2a73310f8f832a046e25fa3 1361 | Author: Patrick Schleizer 1362 | Date: Thu Nov 28 03:16:13 2019 -0500 1363 | 1364 | bumped changelog version 1365 | 1366 | commit 381c686d4d081bbf0547f5cf1e70df7f1ff095ca 1367 | Author: Patrick Schleizer 1368 | Date: Wed Nov 27 10:26:02 2019 -0500 1369 | 1370 | for now "Architecture: amd64" 1371 | 1372 | https://github.com/vmonaco/kloak/issues/24# 1373 | 1374 | https://github.com/vmonaco/kloak/issues/25 1375 | 1376 | commit 076a61d3dc0b4daab4592637464077773cede43e 1377 | Author: Patrick Schleizer 1378 | Date: Wed Nov 27 10:25:46 2019 -0500 1379 | 1380 | comment 1381 | 1382 | commit 7518394c3a3201e5b2138458ce6f01043908a084 1383 | Author: Patrick Schleizer 1384 | Date: Wed Nov 27 07:25:48 2019 -0500 1385 | 1386 | remove make_clean_hook_pre 1387 | 1388 | since no longer required 1389 | 1390 | since upstream Makefile now supports `make clean` 1391 | 1392 | commit bd0a1bb25a8b8a4b26b8d10bb57372e4df951dac 1393 | Author: Patrick Schleizer 1394 | Date: Wed Nov 27 07:24:52 2019 -0500 1395 | 1396 | cleanup 1397 | 1398 | commit 2fd3abd649eadc3797125d0bfbd50891454ba534 1399 | Author: Patrick Schleizer 1400 | Date: Wed Nov 27 07:24:04 2019 -0500 1401 | 1402 | allow building without genmkfile 1403 | 1404 | using standard Debian tools 1405 | 1406 | such as `dpkg-buildpackage -b` 1407 | 1408 | commit a68357c55f7ea3923aa5ab0512a7b32f2f2646c1 1409 | Author: Patrick Schleizer 1410 | Date: Wed Nov 27 07:21:25 2019 -0500 1411 | 1412 | add man pages 1413 | 1414 | created with ronn 1415 | 1416 | created from markdown templates in folder man/ 1417 | 1418 | debian/eventcap.8 1419 | debian/kloak.8 1420 | 1421 | commit 86209ea950c75f9e35bc89549086c174143905e8 1422 | Author: Patrick Schleizer 1423 | Date: Wed Nov 27 07:20:15 2019 -0500 1424 | 1425 | work towards support building without genmkfile 1426 | 1427 | commit 8413f9fa474e6551b7fe515941a6f1deae430867 1428 | Author: Patrick Schleizer 1429 | Date: Tue Nov 26 08:16:49 2019 +0000 1430 | 1431 | version_numbers_by_upstream=true 1432 | 1433 | commit 30869f354a1bd73ea75fd87a1673b949607fcdce 1434 | Author: Patrick Schleizer 1435 | Date: Tue Nov 26 08:16:05 2019 +0000 1436 | 1437 | make-helper-overrides.bsh -> debian/make-helper-overrides.bsh 1438 | 1439 | commit f19cee00fd8c0851d103309096c9063c20103bb9 1440 | Author: Patrick Schleizer 1441 | Date: Thu Sep 19 13:04:18 2019 +0000 1442 | 1443 | bumped changelog version 1444 | 1445 | commit 2f472a8eacdd58bc49c0ac4ab505b095dc0ee320 1446 | Merge: bccd504 54bef10 1447 | Author: Patrick Schleizer 1448 | Date: Thu Sep 19 07:50:06 2019 -0400 1449 | 1450 | Merge remote-tracking branch 'vmonaco/master' 1451 | 1452 | commit 54bef108d45b9ca70b1ef5b0b8fa4142b7832d9b 1453 | Merge: 6f709ff 90dedd6 1454 | Author: Vinnie Monaco 1455 | Date: Wed Sep 18 09:30:12 2019 -0700 1456 | 1457 | Merge pull request #22 from madaidan/fix-apparmor 1458 | 1459 | Allow certain signals needed to start/stop/restart kloak 1460 | 1461 | commit 90dedd6efe115a10612c06bd1e2b3aecba314132 1462 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1463 | Date: Wed Sep 18 16:05:22 2019 +0000 1464 | 1465 | Allow certain signals needed to start/stop/restart kloak 1466 | 1467 | commit 6f709ff7b8133a48701c90f713cfe21fcb529a27 1468 | Merge: f5ba897 bccd504 1469 | Author: Vinnie Monaco 1470 | Date: Tue Sep 17 09:04:38 2019 -0700 1471 | 1472 | Merge pull request #20 from Whonix/master 1473 | 1474 | Apparmor Debian packaging integration 1475 | 1476 | commit bccd504ff2ebe558c3b2c3977f128b192b7bfcf2 1477 | Author: Patrick Schleizer 1478 | Date: Tue Sep 17 14:15:24 2019 +0000 1479 | 1480 | bumped changelog version 1481 | 1482 | commit 7abcaeeed0cf76a9fb6c585ce322de753b7a31db 1483 | Author: Patrick Schleizer 1484 | Date: Tue Sep 17 07:35:47 2019 +0000 1485 | 1486 | remove trailing spaces 1487 | 1488 | commit ed26f834cf781c9e0a7abec038b0cf650b64bc5a 1489 | Merge: 6d29789 f5ba897 1490 | Author: Patrick Schleizer 1491 | Date: Tue Sep 17 07:28:30 2019 +0000 1492 | 1493 | Merge remote-tracking branch 'vmonaco/master' 1494 | 1495 | commit f5ba8977bd36dd5412b2649cfd0adc055676fcab 1496 | Merge: 133804e a0d118b 1497 | Author: Vinnie Monaco 1498 | Date: Mon Sep 16 16:19:14 2019 -0700 1499 | 1500 | Merge pull request #18 from madaidan/systemd-sandbox 1501 | 1502 | Add systemd sandboxing 1503 | 1504 | commit 133804e65377023cb6adeada2d1d7688766ec067 1505 | Merge: 1bada28 887ec7b 1506 | Author: Vinnie Monaco 1507 | Date: Mon Sep 16 16:17:47 2019 -0700 1508 | 1509 | Merge pull request #19 from madaidan/apparmor-profile 1510 | 1511 | Add AppArmor profile 1512 | 1513 | commit 887ec7bd89fd69c724c1350041cc65acd06ce044 1514 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1515 | Date: Mon Sep 16 16:41:56 2019 +0000 1516 | 1517 | Create usr.sbin.kloak 1518 | 1519 | commit 72ad9c9974b0fb85a8ee0ecc4aaee936e51e1699 1520 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1521 | Date: Mon Sep 16 16:41:35 2019 +0000 1522 | 1523 | Update usr.sbin.kloak 1524 | 1525 | commit 78793d1a3607055edbabc66db2c6f066a9a7ecc6 1526 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1527 | Date: Sun Sep 15 21:10:37 2019 +0000 1528 | 1529 | Add AppArmor profile 1530 | 1531 | commit a0d118b443d3d4c634ce47a5f37353f6a4661f47 1532 | Author: madaidan <50278627+madaidan@users.noreply.github.com> 1533 | Date: Sat Sep 14 22:48:24 2019 +0000 1534 | 1535 | Add systemd sandboxing 1536 | 1537 | commit 6d297899bb08f7338a9f77209d90becfbc71c3d7 1538 | Author: Patrick Schleizer 1539 | Date: Thu Sep 12 12:48:51 2019 +0000 1540 | 1541 | bumped changelog version 1542 | 1543 | commit 0445e2779d5cf8ff2ae27320f2bb7e5ee6e6a069 1544 | Merge: 5048819 1bada28 1545 | Author: Patrick Schleizer 1546 | Date: Thu Sep 12 12:17:17 2019 +0000 1547 | 1548 | Merge remote-tracking branch 'vmonaco/master' 1549 | 1550 | commit 5048819fec985d11b1092b07c029e0b9092d7d8c 1551 | Author: Patrick Schleizer 1552 | Date: Thu Sep 12 12:15:38 2019 +0000 1553 | 1554 | restore upstream README.md 1555 | 1556 | https://github.com/vmonaco/kloak/pull/14#issuecomment-530150750 1557 | 1558 | commit 99841155fbf2dcb27988816ea77c48fa661dfad0 1559 | Author: Patrick Schleizer 1560 | Date: Thu Sep 12 12:13:57 2019 +0000 1561 | 1562 | readme 1563 | 1564 | commit 1bada28010607c95991723054b7e07612e56c6c9 1565 | Author: Vinnie Monaco 1566 | Date: Tue Sep 10 16:05:21 2019 -0700 1567 | 1568 | typo 1569 | 1570 | commit 91c2d90c7bac6b1231c400b6369836506438cc09 1571 | Author: Vinnie Monaco 1572 | Date: Tue Sep 10 16:03:40 2019 -0700 1573 | 1574 | updated readme 1575 | 1576 | commit 7827ac96b1297ee4624bafc476b6c779aa364ff5 1577 | Merge: f47066f 2e6d22c 1578 | Author: Vinnie Monaco 1579 | Date: Tue Sep 10 15:52:44 2019 -0700 1580 | 1581 | Merge pull request #14 from Whonix/master 1582 | 1583 | Debian buster 1584 | 1585 | commit f47066fd0481917793ce21dd51cb84e44c411a3f 1586 | Merge: ed7b0ae 3902e48 1587 | Author: Vinnie Monaco 1588 | Date: Tue Sep 10 15:42:33 2019 -0700 1589 | 1590 | Merge pull request #15 from adrelanos/patch-1 1591 | 1592 | implement make clean 1593 | 1594 | commit 2e6d22c6b4bd0de550a9a59cb5aa60d93989f73a 1595 | Author: Patrick Schleizer 1596 | Date: Wed Aug 28 12:45:59 2019 +0000 1597 | 1598 | bumped changelog version 1599 | 1600 | commit 31c36bf46c83ecfdd583b5b8da708e7dde9840b6 1601 | Author: Patrick Schleizer 1602 | Date: Wed Aug 28 11:35:21 2019 +0000 1603 | 1604 | use properly override_dh_installman 1605 | 1606 | commit c9b5e58a8f88325cb4e3fa5a6196bac93619c926 1607 | Author: Patrick Schleizer 1608 | Date: Thu Aug 1 11:56:03 2019 +0000 1609 | 1610 | bumped changelog version 1611 | 1612 | commit 1204aad63e67368c9ebfae878baf52ba73d0f0a8 1613 | Author: Patrick Schleizer 1614 | Date: Thu Aug 1 11:13:39 2019 +0000 1615 | 1616 | readme 1617 | 1618 | commit 37869817809e9af988d8859a0a48a4615e729b9f 1619 | Author: Patrick Schleizer 1620 | Date: Wed Jul 31 07:40:23 2019 +0000 1621 | 1622 | bumped changelog version 1623 | 1624 | commit 5dd8323fbe28e75924e24556ee374be6bac15641 1625 | Author: Patrick Schleizer 1626 | Date: Wed Jul 31 03:07:06 2019 -0400 1627 | 1628 | /var/run -> /run 1629 | 1630 | commit 3902e4867eabfbaa012f3fbde5eebcdf0ba7ff51 1631 | Author: Patrick Schleizer 1632 | Date: Mon Jul 22 00:38:55 2019 +0000 1633 | 1634 | implement make clean 1635 | 1636 | commit 9e1bd72f5bfc4a0dd3b8027ca7bf438e50e56e68 1637 | Author: Patrick Schleizer 1638 | Date: Sat Jun 8 11:25:54 2019 +0000 1639 | 1640 | bumped changelog version 1641 | 1642 | commit f5ba837403b21be61699863086639cf75162ac7c 1643 | Author: Patrick Schleizer 1644 | Date: Sat Jun 8 00:05:33 2019 -0400 1645 | 1646 | fix debian/watch lintian warning debian-watch-contains-dh_make-template 1647 | 1648 | commit 1508eeb156d875273a9a123e021748b1b78707b4 1649 | Author: Patrick Schleizer 1650 | Date: Fri May 24 20:43:52 2019 +0000 1651 | 1652 | bumped changelog version 1653 | 1654 | commit c11753a46ad2a744e2b8e88bba5259f93fa16775 1655 | Author: Patrick Schleizer 1656 | Date: Fri May 24 12:29:06 2019 -0400 1657 | 1658 | readme 1659 | 1660 | commit f4dabb0ad696d1aec2dd71d21fa8199bb618cb48 1661 | Author: Patrick Schleizer 1662 | Date: Sun May 12 10:43:25 2019 +0000 1663 | 1664 | bumped changelog version 1665 | 1666 | commit c2054a4dc01f44a14cd95b9c78830bdf263d1b9f 1667 | Author: Patrick Schleizer 1668 | Date: Sun May 12 02:37:40 2019 -0400 1669 | 1670 | comment 1671 | 1672 | commit 1f0639ac92cc22b2054aac2201acb02ac8a8f406 1673 | Author: Patrick Schleizer 1674 | Date: Sun May 12 02:34:26 2019 -0400 1675 | 1676 | disable verbosity 1677 | 1678 | commit c27262d2834d9c43b31081129184d575174f1437 1679 | Author: Patrick Schleizer 1680 | Date: Tue Apr 23 12:39:33 2019 +0000 1681 | 1682 | bumped changelog version 1683 | 1684 | commit 17ad376711e10489c9c56d5927c52f29baa7ca12 1685 | Merge: f1afa53 ed7b0ae 1686 | Author: Patrick Schleizer 1687 | Date: Mon Apr 22 06:58:47 2019 -0400 1688 | 1689 | Merge remote-tracking branch 'vmonaco/master' 1690 | 1691 | commit ed7b0ae41baab7170a76477dde6677cdb6fde76e 1692 | Author: Vinnie Monaco 1693 | Date: Fri Apr 19 22:50:50 2019 +0000 1694 | 1695 | Fixed keyboard freezing/repeating when system time decreases 1696 | 1697 | commit f1afa535fdfe1b6301a6561c3e15c2142b90347d 1698 | Author: Patrick Schleizer 1699 | Date: Thu Apr 11 12:19:07 2019 +0000 1700 | 1701 | bumped changelog version 1702 | 1703 | commit 3b7250dc3bde53b2b87c2014b4004e0acd9972f5 1704 | Author: Patrick Schleizer 1705 | Date: Thu Apr 11 12:15:26 2019 +0000 1706 | 1707 | -v for verbosity due to: 1708 | https://github.com/vmonaco/kloak/issues/13 1709 | 1710 | commit 9a0c0ced31550aeff58e62c6f421ef6fca8349b6 1711 | Author: Patrick Schleizer 1712 | Date: Thu Apr 4 14:19:34 2019 -0400 1713 | 1714 | bumped changelog version 1715 | 1716 | commit 13d4c33ac4cb10f780934972edb8d133dd084365 1717 | Author: Patrick Schleizer 1718 | Date: Thu Apr 4 05:55:51 2019 -0400 1719 | 1720 | port to debian buster 1721 | 1722 | commit e7445c678dcff11e72da51e695b74fddb17bbed5 1723 | Author: Patrick Schleizer 1724 | Date: Thu Apr 4 05:51:04 2019 -0400 1725 | 1726 | port to debian buster 1727 | 1728 | commit 26e5dbf661e92b28dca2dfcbbadd28749fce588e 1729 | Author: Patrick Schleizer 1730 | Date: Tue Apr 2 11:59:43 2019 +0000 1731 | 1732 | bumped changelog version 1733 | 1734 | commit 840d9848d2c66d7860bc768fdee97150e8d66476 1735 | Author: Vinnie Monaco 1736 | Date: Thu Mar 28 20:28:00 2019 +0000 1737 | 1738 | Updated changelog 1739 | 1740 | commit 49ca7208f15b976b51df23666667f14c63a631d7 1741 | Author: Vinnie Monaco 1742 | Date: Wed Mar 27 19:08:56 2019 +0000 1743 | 1744 | Updated readme and docs 1745 | 1746 | commit 1b482f93350f2c4d3b5f613cc566dae1f7743552 1747 | Author: Vinnie Monaco 1748 | Date: Thu Feb 28 12:53:46 2019 -0800 1749 | 1750 | Formatting 1751 | 1752 | commit e8348b1eec42041d54640bf6c956458c54f9bd98 1753 | Author: Vinnie Monaco 1754 | Date: Thu Feb 28 12:53:13 2019 -0800 1755 | 1756 | Removed debugging code 1757 | 1758 | commit 942db81988ef8de2e820a4f3d1fc64bebfd9846c 1759 | Author: Vinnie Monaco 1760 | Date: Thu Feb 28 11:30:37 2019 -0800 1761 | 1762 | Fixed sleep location in main loop 1763 | 1764 | commit 97640be7d3c2cd6087e9948a45edeb783fc06e8d 1765 | Author: Vinnie Monaco 1766 | Date: Thu Feb 28 11:28:27 2019 -0800 1767 | 1768 | Moved current time capture 1769 | 1770 | commit 242eb57da65ba1d4c8d494baaeac315b2893be0e 1771 | Author: Vinnie Monaco 1772 | Date: Wed Feb 27 16:59:01 2019 -0800 1773 | 1774 | fixed output formatting 1775 | 1776 | commit 0302bc52f08d866d485788a5723daf050b94d0e2 1777 | Author: Vinnie Monaco 1778 | Date: Wed Feb 27 16:50:46 2019 -0800 1779 | 1780 | Added autodetect uinput, error checking 1781 | 1782 | commit 7f860ff02cf4e46324e619794461799a6529dfb8 1783 | Author: Vinnie Monaco 1784 | Date: Wed Feb 27 14:56:48 2019 -0800 1785 | 1786 | fixed keyboard autodetect 1787 | 1788 | commit 6963e326ef66e2e21af0311ff5a2323cd7d777cf 1789 | Author: Vinnie Monaco 1790 | Date: Wed Feb 27 14:26:41 2019 -0800 1791 | 1792 | removed options to kloak in service file 1793 | 1794 | commit 26479733905155868ff3ca19223ae405305ffc39 1795 | Author: Vinnie Monaco 1796 | Date: Tue Feb 26 17:04:09 2019 -0800 1797 | 1798 | Cleaned up main loop, started polling interval to quantize output times 1799 | 1800 | commit fab6f9c9d9b65d98236adbe764f2a5190ebd3238 1801 | Author: Vinnie Monaco 1802 | Date: Tue Feb 26 16:02:40 2019 -0800 1803 | 1804 | Cleaned up keycodes table 1805 | 1806 | commit f40484edb85409b8b05272719aeb8562d9de1467 1807 | Author: Vinnie Monaco 1808 | Date: Tue Feb 26 15:57:19 2019 -0800 1809 | 1810 | Added queue to buffer keyboard events, removed dependency on pthreads 1811 | 1812 | commit b9d531ec5c39e344ee46f6078b4be43cd0f4ccd7 1813 | Author: Vinnie Monaco 1814 | Date: Tue Feb 26 13:33:47 2019 -0800 1815 | 1816 | ignore case when detecting keyboard 1817 | 1818 | commit 9dcd78b57ec0509c38642eb2938c49c1976bfa3f 1819 | Author: Vinnie Monaco 1820 | Date: Fri Feb 22 16:38:01 2019 -0800 1821 | 1822 | Added auto detection of keyboard devices 1823 | 1824 | commit 43fcfdaf3ac0c71df2486db22eb758548eb1fda6 1825 | Merge: abe14ab 4ee9fd3 1826 | Author: Vinnie Monaco 1827 | Date: Fri Jan 20 12:41:46 2017 -0500 1828 | 1829 | Merge pull request #9 from adrelanos/master 1830 | 1831 | Debian packaging fixes 1832 | 1833 | commit 4ee9fd3e36bbd2e4d4e4e8ec237ed2dbd7a1d339 1834 | Author: Patrick Schleizer 1835 | Date: Fri Jan 20 17:17:51 2017 +0100 1836 | 1837 | fix typo 1838 | 1839 | since lintian complained about it 1840 | 1841 | commit a00aa67ed61469b4f537b7254532c402f1b8b3ed 1842 | Author: Patrick Schleizer 1843 | Date: Fri Jan 20 17:15:36 2017 +0100 1844 | 1845 | bump Debian Standards-Version to 3.9.8 for Debian stretch comparability 1846 | 1847 | commit bf9edcaf545dded5c0f46af6012de542b9eb3412 1848 | Author: Patrick Schleizer 1849 | Date: Fri Jan 20 17:12:17 2017 +0100 1850 | 1851 | remove faketime from packaging (no longer required for reproducible builds) 1852 | 1853 | commit abe14abcd348f76566801524b5ba8ceb3d677c0c 1854 | Merge: 778f2a0 23146cd 1855 | Author: Vinnie Monaco 1856 | Date: Sun Jan 8 07:43:57 2017 -0500 1857 | 1858 | Merge pull request #8 from dfgg12/patch-1 1859 | 1860 | fixing typo in readme 1861 | 1862 | commit 23146cdcdde0caff1e8012b87b87e8a3227436db 1863 | Author: dfgg12 1864 | Date: Sun Jan 8 11:21:46 2017 +0100 1865 | 1866 | fixing typo in readme 1867 | 1868 | commit 778f2a0bd2b88fff8453b16829b7035002cd1864 1869 | Merge: 241ac94 f4b400b 1870 | Author: Vinnie Monaco 1871 | Date: Fri Jan 6 15:11:10 2017 -0500 1872 | 1873 | Merge pull request #6 from adrelanos/make_clean-fix 1874 | 1875 | fix 'make clean' 1876 | 1877 | commit f4b400b570ea68b12f254d539ce9c80b87cae06b 1878 | Author: Patrick Schleizer 1879 | Date: Fri Jan 6 20:01:20 2017 +0000 1880 | 1881 | fix 'make clean' 1882 | 1883 | fixes the following issue 1884 | 1885 | make clean 1886 | /usr/share/genmkfile/makefile-full:83: warning: overriding recipe for target 'clean' 1887 | 1888 | https://github.com/vmonaco/kloak/issues/3 1889 | https://github.com/vmonaco/kloak/issues/5 1890 | 1891 | commit 241ac947ddb417cc8c03b02daf0572b486788875 1892 | Author: Vinnie Monaco 1893 | Date: Fri Jan 6 14:51:09 2017 -0500 1894 | 1895 | Cleaned up .gitignore 1896 | 1897 | commit c500b2e8fd8610847ffc36295e9f1f22b7dd50b9 1898 | Merge: 63c5b6a 50b531f 1899 | Author: Vinnie Monaco 1900 | Date: Fri Jan 6 14:37:07 2017 -0500 1901 | 1902 | Merge branch 'adrelanos-debian' 1903 | 1904 | commit 63c5b6ad5b13cfdd3fcdd09d90bb2131d39666a1 1905 | Author: Vinnie Monaco 1906 | Date: Fri Jan 6 14:35:04 2017 -0500 1907 | 1908 | Fixed unalloced memory causing sigsev when compiled with -O2 1909 | 1910 | commit 50b531f62b03a7bb32f37640521580cfa9de84d0 1911 | Merge: 0815f83 3613eb9 1912 | Author: Patrick Schleizer 1913 | Date: Fri Jan 6 18:30:27 2017 +0000 1914 | 1915 | Merge remote-tracking branch 'vmonaco/master' into debian 1916 | 1917 | commit 3613eb98601a6fbf749a0ae90a76a672cc8d8774 1918 | Author: Vinnie Monaco 1919 | Date: Fri Jan 6 13:18:53 2017 -0500 1920 | 1921 | Removed for loop inits 1922 | 1923 | commit aaeb28775404b0e0acb087b1e96ce6e2020c1348 1924 | Author: Vinnie Monaco 1925 | Date: Fri Jan 6 13:11:35 2017 -0500 1926 | 1927 | Removed uncommon keys from keycodes.c 1928 | 1929 | commit 0815f830ffae193b04cc68a50f2f499889c0c29f 1930 | Author: Patrick Schleizer 1931 | Date: Fri Jan 6 18:03:46 2017 +0000 1932 | 1933 | fix, readd flags for hardening, added `$(CPPFLAGS) $(CFLAGS) $(LDFLAGS)` 1934 | 1935 | commit ab75d19d5894c4413488d7b82c6752423226b8a3 1936 | Author: Patrick Schleizer 1937 | Date: Fri Jan 6 18:37:41 2017 +0100 1938 | 1939 | refactoring, just append Makefile, abandon Makefile_orig 1940 | 1941 | commit db8aa69d975664080da5fb8fcdb15129c5aee263 1942 | Merge: 30bc816 f54c102 1943 | Author: Patrick Schleizer 1944 | Date: Fri Jan 6 18:35:51 2017 +0100 1945 | 1946 | Merge remote-tracking branch 'vmonaco/master' into debian 1947 | 1948 | Conflicts: 1949 | Makefile 1950 | 1951 | commit f54c10260d8f4e410007df52d0591909c3982179 1952 | Author: Vinnie Monaco 1953 | Date: Thu Jan 5 17:04:07 2017 -0500 1954 | 1955 | Updated readme 1956 | 1957 | commit 1e2da630c48804e29705709d388940db214fa5f5 1958 | Author: Vinnie Monaco 1959 | Date: Thu Jan 5 11:56:52 2017 -0500 1960 | 1961 | Cleaned up Makefile 1962 | 1963 | commit 8bab9fa2688f69ea4dcea061365405b0d24521dc 1964 | Author: Vinnie Monaco 1965 | Date: Thu Jan 5 11:55:46 2017 -0500 1966 | 1967 | Updated readme 1968 | 1969 | commit 77318c14f446fe14b2f0acd515c63b013a67ccaf 1970 | Author: Vinnie Monaco 1971 | Date: Thu Jan 5 11:47:57 2017 -0500 1972 | 1973 | Added option for rescue keys 1974 | 1975 | commit 312590df189269e93ae7e8fc387ba83be0cf4b0f 1976 | Author: Vinnie Monaco 1977 | Date: Thu Jan 5 09:54:59 2017 -0500 1978 | 1979 | Added keycodes lookup hdr and src 1980 | 1981 | commit 4e8b59dab6dec80a0446f0aa5b7faca4b05f984b 1982 | Author: Vinnie Monaco 1983 | Date: Thu Jan 5 09:24:22 2017 -0500 1984 | 1985 | Changed rescue keys to 'Left Shift + Right Shift + Esc' 1986 | 1987 | commit 30bc816ea69eb4fc79e4ebed514a5cccdb5f9e33 1988 | Author: Patrick Schleizer 1989 | Date: Wed Jan 4 20:24:21 2017 +0000 1990 | 1991 | bumped changelog version 1992 | 1993 | commit 31a017ab0e70a3a3a77f13ab6b0adee79c758d1c 1994 | Author: Patrick Schleizer 1995 | Date: Wed Jan 4 20:24:04 2017 +0000 1996 | 1997 | - initial Debian packaging 1998 | - depends on genmkfile, added genmkfile Makefile 1999 | - added systemd unit file for auto start before graphical and getty target 2000 | - for hardening, added `$(CPPFLAGS) $(CFLAGS) $(LDFLAGS)` to original makefile (renamed to Makefile_orig) 2001 | 2002 | RELRO STACK CANARY NX PIE RPATH RUNPATH FILE 2003 | Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH /usr/sbin/kloak 2004 | 2005 | RELRO STACK CANARY NX PIE RPATH RUNPATH FILE 2006 | Full RELRO No canary found NX enabled PIE enabled No RPATH No RUNPATH /usr/sbin/eventcap 2007 | 2008 | - added manpages for kloak and eventcap 2009 | - TODO: somehow auto detect /dev/input/... keyboard device for systemd unit file 2010 | 2011 | commit 24877bac8fdf856f1c7f72a34ff03d45ab872d5f 2012 | Author: Vinnie Monaco 2013 | Date: Wed Dec 21 14:37:57 2016 -0500 2014 | 2015 | Rename LICENSE.txt to LICENSE 2016 | 2017 | commit 521debce06e39083c282f13f165aeef8b081bd16 2018 | Author: Vinnie Monaco 2019 | Date: Wed Dec 21 13:17:29 2016 -0500 2020 | 2021 | Updated readme 2022 | 2023 | commit 28d5f0663fbef868856b7d58a238954ae09f94f5 2024 | Author: Vinnie Monaco 2025 | Date: Wed Dec 21 12:59:23 2016 -0500 2026 | 2027 | Initial commit 2028 | -------------------------------------------------------------------------------- /debian/changelog: -------------------------------------------------------------------------------- 1 | kloak (0:0.4.0-1) unstable; urgency=medium 2 | 3 | * New upstream version (local package). 4 | 5 | -- Patrick Schleizer Fri, 24 Jan 2025 13:21:51 +0000 6 | 7 | kloak (0:0.3.9-1) unstable; urgency=medium 8 | 9 | * New upstream version (local package). 10 | 11 | -- Patrick Schleizer Tue, 31 Dec 2024 19:26:41 +0000 12 | 13 | kloak (0:0.3.8-1) unstable; urgency=medium 14 | 15 | * New upstream version (local package). 16 | 17 | -- Patrick Schleizer Thu, 21 Nov 2024 12:20:03 +0000 18 | 19 | kloak (0:0.3.7-1) unstable; urgency=medium 20 | 21 | * New upstream version (local package). 22 | 23 | -- Patrick Schleizer Thu, 07 Nov 2024 16:04:07 +0000 24 | 25 | kloak (0:0.3.6-1) unstable; urgency=medium 26 | 27 | * New upstream version (local package). 28 | 29 | -- Patrick Schleizer Sun, 06 Oct 2024 14:01:58 +0000 30 | 31 | kloak (0:0.3.5-1) unstable; urgency=medium 32 | 33 | * New upstream version (local package). 34 | 35 | -- Patrick Schleizer Fri, 27 Sep 2024 00:48:20 +0000 36 | 37 | kloak (0:0.3.4-1) unstable; urgency=medium 38 | 39 | * New upstream version (local package). 40 | 41 | -- Patrick Schleizer Thu, 26 Sep 2024 11:07:01 +0000 42 | 43 | kloak (0:0.3.3-1) unstable; urgency=medium 44 | 45 | * New upstream version (local package). 46 | 47 | -- Patrick Schleizer Wed, 25 Sep 2024 04:23:39 +0000 48 | 49 | kloak (0:0.3.2-1) unstable; urgency=medium 50 | 51 | * New upstream version (local package). 52 | 53 | -- Patrick Schleizer Wed, 25 Sep 2024 04:16:46 +0000 54 | 55 | kloak (0:0.3.1-1) unstable; urgency=medium 56 | 57 | * New upstream version (local package). 58 | 59 | -- Patrick Schleizer Wed, 25 Sep 2024 01:04:05 +0000 60 | 61 | kloak (0:0.3.0-1) unstable; urgency=medium 62 | 63 | * New upstream version (local package). 64 | 65 | -- Patrick Schleizer Tue, 24 Sep 2024 05:03:38 +0000 66 | 67 | kloak (0:0.2.53-1) unstable; urgency=medium 68 | 69 | * New upstream version (local package). 70 | 71 | -- Patrick Schleizer Tue, 24 Sep 2024 05:00:47 +0000 72 | 73 | kloak (0:0.2.52-1) unstable; urgency=medium 74 | 75 | * New upstream version (local package). 76 | 77 | -- Patrick Schleizer Fri, 02 Feb 2024 12:46:16 +0000 78 | 79 | kloak (0:0.2.51-1) unstable; urgency=medium 80 | 81 | * New upstream version (local package). 82 | 83 | -- Patrick Schleizer Mon, 22 Jan 2024 13:25:12 +0000 84 | 85 | kloak (0:0.2.50-1) unstable; urgency=medium 86 | 87 | * New upstream version (local package). 88 | 89 | -- Patrick Schleizer Thu, 11 Jan 2024 13:05:14 +0000 90 | 91 | kloak (0:0.2.49-1) unstable; urgency=medium 92 | 93 | * New upstream version (local package). 94 | 95 | -- Patrick Schleizer Sat, 11 Nov 2023 20:30:12 +0000 96 | 97 | kloak (0:0.2.48-1) unstable; urgency=medium 98 | 99 | * New upstream version (local package). 100 | 101 | -- Patrick Schleizer Mon, 25 Sep 2023 15:58:40 +0000 102 | 103 | kloak (0:0.2.47-1) unstable; urgency=medium 104 | 105 | * New upstream version (local package). 106 | 107 | -- Patrick Schleizer Sun, 24 Sep 2023 15:22:09 +0000 108 | 109 | kloak (0:0.2.46-1) unstable; urgency=medium 110 | 111 | * New upstream version (local package). 112 | 113 | -- Patrick Schleizer Mon, 18 Sep 2023 11:23:20 +0000 114 | 115 | kloak (0:0.2.45-1) unstable; urgency=medium 116 | 117 | * New upstream version (local package). 118 | 119 | -- Patrick Schleizer Wed, 16 Aug 2023 10:51:58 +0000 120 | 121 | kloak (0:0.2.44-1) unstable; urgency=medium 122 | 123 | * New upstream version (local package). 124 | 125 | -- Patrick Schleizer Tue, 15 Aug 2023 13:21:16 +0000 126 | 127 | kloak (0:0.2.41-1) unstable; urgency=medium 128 | 129 | * New upstream version (local package). 130 | 131 | -- Patrick Schleizer Tue, 15 Aug 2023 13:08:18 +0000 132 | 133 | kloak (0:0.2.40-1) unstable; urgency=medium 134 | 135 | * New upstream version (local package). 136 | 137 | -- Patrick Schleizer Tue, 15 Aug 2023 12:19:56 +0000 138 | 139 | kloak (0:0.2.39-1) unstable; urgency=medium 140 | 141 | * New upstream version (local package). 142 | 143 | -- Patrick Schleizer Sun, 09 Jul 2023 10:32:50 +0000 144 | 145 | kloak (0:0.2.38-1) unstable; urgency=medium 146 | 147 | * New upstream version (local package). 148 | 149 | -- Patrick Schleizer Sun, 09 Jul 2023 09:32:55 +0000 150 | 151 | kloak (0:0.2.37-1) unstable; urgency=medium 152 | 153 | * New upstream version (local package). 154 | 155 | -- Patrick Schleizer Sat, 08 Jul 2023 00:08:03 +0000 156 | 157 | kloak (0:0.2.36-1) unstable; urgency=medium 158 | 159 | * New upstream version (local package). 160 | 161 | -- Patrick Schleizer Wed, 21 Jun 2023 09:43:23 +0000 162 | 163 | kloak (0:0.2.35-1) unstable; urgency=medium 164 | 165 | * New upstream version (local package). 166 | 167 | -- Patrick Schleizer Fri, 16 Jun 2023 11:28:58 +0000 168 | 169 | kloak (0:0.2.34-1) unstable; urgency=medium 170 | 171 | * New upstream version (local package). 172 | 173 | -- Patrick Schleizer Wed, 14 Jun 2023 10:09:18 +0000 174 | 175 | kloak (0:0.2.33-1) unstable; urgency=medium 176 | 177 | * New upstream version (local package). 178 | 179 | -- Patrick Schleizer Mon, 12 Jun 2023 18:15:43 +0000 180 | 181 | kloak (0:0.2.32-1) unstable; urgency=medium 182 | 183 | * New upstream version (local package). 184 | 185 | -- Patrick Schleizer Mon, 12 Jun 2023 15:38:28 +0000 186 | 187 | kloak (0:0.2.31-1) unstable; urgency=medium 188 | 189 | * New upstream version (local package). 190 | 191 | -- Patrick Schleizer Wed, 25 May 2022 10:07:59 +0000 192 | 193 | kloak (0:0.2.30-2) unstable; urgency=medium 194 | 195 | * New upstream version (local package). 196 | 197 | -- Patrick Schleizer Sun, 12 Sep 2021 15:42:44 +0000 198 | 199 | kloak (0:0.2.30-1) unstable; urgency=medium 200 | 201 | * New upstream version (local package). 202 | 203 | -- Patrick Schleizer Sat, 28 Aug 2021 17:53:51 +0000 204 | 205 | kloak (0:0.2.29-2) unstable; urgency=medium 206 | 207 | * New upstream version (local package). 208 | 209 | -- Patrick Schleizer Thu, 05 Aug 2021 20:47:52 +0000 210 | 211 | kloak (0:0.2.29-1) unstable; urgency=medium 212 | 213 | * New upstream version (local package). 214 | 215 | -- Patrick Schleizer Thu, 18 Mar 2021 13:05:55 +0000 216 | 217 | kloak (0:0.2.28-1) unstable; urgency=medium 218 | 219 | * New upstream version (local package). 220 | 221 | -- Patrick Schleizer Thu, 18 Mar 2021 11:44:35 +0000 222 | 223 | kloak (0:0.2.27-1) unstable; urgency=medium 224 | 225 | * New upstream version (local package). 226 | 227 | -- Patrick Schleizer Wed, 17 Mar 2021 15:36:32 +0000 228 | 229 | kloak (0:0.2.26-1) unstable; urgency=medium 230 | 231 | * New upstream version (local package). 232 | 233 | -- Patrick Schleizer Sat, 06 Feb 2021 11:30:56 +0000 234 | 235 | kloak (0:0.2.25-1) unstable; urgency=medium 236 | 237 | * New upstream version (local package). 238 | 239 | -- Patrick Schleizer Thu, 03 Dec 2020 20:52:42 +0000 240 | 241 | kloak (0:0.2.24-1) unstable; urgency=medium 242 | 243 | * New upstream version (local package). 244 | 245 | -- Patrick Schleizer Thu, 08 Oct 2020 17:40:45 +0000 246 | 247 | kloak (0:0.2.23-1) unstable; urgency=medium 248 | 249 | * New upstream version (local package). 250 | 251 | -- Patrick Schleizer Thu, 06 Aug 2020 11:33:56 +0000 252 | 253 | kloak (0:0.2.22-1) unstable; urgency=medium 254 | 255 | * New upstream version (local package). 256 | 257 | -- Patrick Schleizer Thu, 16 Apr 2020 12:36:54 +0000 258 | 259 | kloak (0:0.2.21-1) unstable; urgency=medium 260 | 261 | * New upstream version (local package). 262 | 263 | -- Patrick Schleizer Sun, 05 Apr 2020 18:05:54 +0000 264 | 265 | kloak (0:0.2.20-1) unstable; urgency=medium 266 | 267 | * New upstream version (local package). 268 | 269 | -- Patrick Schleizer Sun, 05 Apr 2020 17:50:47 +0000 270 | 271 | kloak (0:0.2.19-1) unstable; urgency=medium 272 | 273 | * New upstream version (local package). 274 | 275 | -- Patrick Schleizer Sun, 05 Apr 2020 17:27:10 +0000 276 | 277 | kloak (0:0.2.18-1) unstable; urgency=medium 278 | 279 | * New upstream version (local package). 280 | 281 | -- Patrick Schleizer Sat, 04 Apr 2020 20:40:52 +0000 282 | 283 | kloak (0:0.2.17-1) unstable; urgency=medium 284 | 285 | * New upstream version (local package). 286 | 287 | -- Patrick Schleizer Thu, 02 Apr 2020 11:51:28 +0000 288 | 289 | kloak (0:0.2.16-1) unstable; urgency=medium 290 | 291 | * New upstream version (local package). 292 | 293 | -- Patrick Schleizer Wed, 01 Apr 2020 14:48:40 +0000 294 | 295 | kloak (0:0.2.15-1) unstable; urgency=medium 296 | 297 | * New upstream version (local package). 298 | 299 | -- Patrick Schleizer Mon, 13 Jan 2020 17:36:52 +0000 300 | 301 | kloak (0:0.2.14-1) unstable; urgency=medium 302 | 303 | * New upstream version (local package). 304 | 305 | -- Patrick Schleizer Mon, 13 Jan 2020 17:33:07 +0000 306 | 307 | kloak (0:0.2.13-1) unstable; urgency=medium 308 | 309 | * New upstream version (local package). 310 | 311 | -- Patrick Schleizer Wed, 01 Jan 2020 12:22:03 +0000 312 | 313 | kloak (0:0.2.12-1) unstable; urgency=medium 314 | 315 | * New upstream version (local package). 316 | 317 | -- Patrick Schleizer Thu, 28 Nov 2019 08:16:13 +0000 318 | 319 | kloak (0:0.2.11-1) unstable; urgency=medium 320 | 321 | * New upstream version (local package). 322 | 323 | -- Patrick Schleizer Tue, 17 Sep 2019 14:15:21 +0000 324 | 325 | kloak (0:0.2.10-1) unstable; urgency=medium 326 | 327 | * New upstream version (local package). 328 | 329 | -- Patrick Schleizer Thu, 12 Sep 2019 12:48:44 +0000 330 | 331 | kloak (0:0.2.9-1) unstable; urgency=medium 332 | 333 | * New upstream version (local package). 334 | 335 | -- Patrick Schleizer Wed, 28 Aug 2019 12:45:49 +0000 336 | 337 | kloak (0:0.2.8-1) unstable; urgency=medium 338 | 339 | * New upstream version (local package). 340 | 341 | -- Patrick Schleizer Thu, 01 Aug 2019 11:56:00 +0000 342 | 343 | kloak (0:0.2.7-1) unstable; urgency=medium 344 | 345 | * New upstream version (local package). 346 | 347 | -- Patrick Schleizer Wed, 31 Jul 2019 07:40:20 +0000 348 | 349 | kloak (0:0.2.6-1) unstable; urgency=medium 350 | 351 | * New upstream version (local package). 352 | 353 | -- Patrick Schleizer Sat, 08 Jun 2019 11:25:49 +0000 354 | 355 | kloak (0:0.2.5-1) unstable; urgency=medium 356 | 357 | * New upstream version (local package). 358 | 359 | -- Patrick Schleizer Fri, 24 May 2019 20:43:49 +0000 360 | 361 | kloak (0:0.2.4-1) unstable; urgency=medium 362 | 363 | * New upstream version (local package). 364 | 365 | -- Patrick Schleizer Sun, 12 May 2019 10:43:22 +0000 366 | 367 | kloak (0:0.2.3-1) unstable; urgency=medium 368 | 369 | * New upstream version (local package). 370 | 371 | -- Patrick Schleizer Tue, 23 Apr 2019 12:39:21 +0000 372 | 373 | kloak (0:0.2.2-1) unstable; urgency=medium 374 | 375 | * New upstream version (local package). 376 | 377 | -- Patrick Schleizer Thu, 11 Apr 2019 12:18:51 +0000 378 | 379 | kloak (0:0.2.1-1) unstable; urgency=medium 380 | 381 | * New upstream version (local package). 382 | 383 | -- Patrick Schleizer Thu, 04 Apr 2019 14:52:13 +0000 384 | 385 | kloak (0:0.2-1) unstable; urgency=medium 386 | 387 | * New upstream version (local package). 388 | 389 | -- Patrick Schleizer Wed, 04 Jan 2017 20:24:12 +0000 390 | 391 | kloak (0:0.1-2) unstable; urgency=low 392 | 393 | * Initial release. 394 | 395 | -- Patrick Schleizer Tue, 03 Jan 2017 22:01:22 +0000 396 | -------------------------------------------------------------------------------- /debian/control: -------------------------------------------------------------------------------- 1 | ## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC 2 | ## See the file COPYING for copying conditions. 3 | 4 | Source: kloak 5 | Section: misc 6 | Priority: optional 7 | Maintainer: Patrick Schleizer 8 | Build-Depends: debhelper (>= 13.11.4), debhelper-compat (= 13), dh-apparmor, libevdev2, libevdev-dev, libsodium23, libsodium-dev, pkg-config 9 | Homepage: https://github.com/vmonaco/kloak 10 | Vcs-Browser: https://github.com/vmonaco/kloak 11 | Vcs-Git: https://github.com/vmonaco/kloak.git 12 | Standards-Version: 4.6.2 13 | Rules-Requires-Root: no 14 | 15 | Package: kloak 16 | ## Related tickets: 17 | ## https://github.com/vmonaco/kloak/issues/24 18 | ## https://github.com/vmonaco/kloak/issues/25 19 | ## 20 | ## Bug: 21 | ## Actually building might be possible but cross building using qemu has issues: 22 | ## https://github.com/vivier/qemu-m68k/issues/38 23 | ## Update: in above link it is being said that it was fixed. 24 | ## Could try again in Debian bullseye or above. 25 | ## 26 | ## Bug: 27 | ## https://bugs.launchpad.net/qemu/+bug/1756519 28 | ## https://bugs.launchpad.net/qemu/+bug/1793539 29 | ## qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x60269d8c 30 | ## qemu:handle_cpu_signal received signal outside vCPU context @ pc=0x6000178c 31 | ## Update: Same as above. 32 | Architecture: any 33 | Depends: ${shlibs:Depends}, ${misc:Depends}, libevdev2, libsodium23 34 | Description: anti keystroke deanonymization tool 35 | A keystroke-level online anonymization kernel. 36 | . 37 | A privacy tool that makes keystroke biometrics less effective. This 38 | is accomplished by obfuscating the time intervals between key press and 39 | release events, which are typically used for identification. 40 | -------------------------------------------------------------------------------- /debian/copyright: -------------------------------------------------------------------------------- 1 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ 2 | 3 | Files: * 4 | Copyright: Copyright (c) 2016, Vinnie Monaco 5 | License: BSD-3-clause 6 | Copyright (c) 2016, Vinnie Monaco 7 | All rights reserved. 8 | . 9 | Redistribution and use in source and binary forms, with or without 10 | modification, are permitted provided that the following conditions are met: 11 | . 12 | * Redistributions of source code must retain the above copyright notice, this 13 | list of conditions and the following disclaimer. 14 | . 15 | * Redistributions in binary form must reproduce the above copyright notice, 16 | this list of conditions and the following disclaimer in the documentation 17 | and/or other materials provided with the distribution. 18 | . 19 | * Neither the name of the copyright holder nor the names of its 20 | contributors may be used to endorse or promote products derived from 21 | this software without specific prior written permission. 22 | . 23 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 24 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 26 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 27 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 29 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 30 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 31 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 32 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 | -------------------------------------------------------------------------------- /debian/eventcap.8: -------------------------------------------------------------------------------- 1 | .\" generated with Ronn-NG/v0.9.1 2 | .\" http://github.com/apjanke/ronn-ng/tree/0.9.1 3 | .TH "EVENTCAP" "8" "January 2020" "kloak" "kloak Manual" 4 | .SH "NAME" 5 | \fBeventcap\fR \- physical keyboard device detection 6 | .SH "SYNOPSIS" 7 | \fBeventcap\fR device 8 | .SH "DESCRIPTION" 9 | Determine which device file corresponds to the physical keyboard\. Use eventcap can be used to look for the device that generates events when keys are pressed\. This will typically be one of /dev/input/event[0\-7]\. 10 | .SH "EXAMPLES" 11 | In this example, it's /dev/input/event4: 12 | .P 13 | \fBsudo \./eventcap /dev/input/event4\fR 14 | .P 15 | Reading From : /dev/input/event4 (AT Translated Set 2 keyboard) Type: 4 Code: 4 Value: 15 Type: 1 Code: 15 Value: 0 Type: 0 Code: 0 Value: 0 Type: 4 Code: 4 Value: 56 Type: 1 Code: 56 Value: 0 Type: 0 Code: 0 Value: 0 16 | .SH "WWW" 17 | https://github\.com/vmonaco/kloak 18 | .SH "CREDITS" 19 | eventcap was written by Vinnie Monaco\. 20 | .SH "AUTHOR" 21 | This man page has been written by Patrick Schleizer (adrelanos@whonix\.org)\. 22 | -------------------------------------------------------------------------------- /debian/kloak.8: -------------------------------------------------------------------------------- 1 | .\" generated with Ronn-NG/v0.9.1 2 | .\" http://github.com/apjanke/ronn-ng/tree/0.9.1 3 | .TH "KLOAK" "8" "January 2020" "kloak" "kloak Manual" 4 | .SH "NAME" 5 | \fBkloak\fR \- anti keystroke deanonymization tool 6 | .SH "SYNOPSIS" 7 | \fBkloak\fR \fIoptions\fR 8 | .SH "OPTIONS" 9 | .IP "\[ci]" 4 10 | \-h 11 | .IP 12 | print usage message and exit 13 | .IP "\[ci]" 4 14 | \-r 15 | .IP 16 | filename: device file to read events from 17 | .IP "\[ci]" 4 18 | \-w 19 | .IP 20 | filename: device file to write events to (should be uinput) 21 | .IP "\[ci]" 4 22 | \-d 23 | .IP 24 | delay: maximum delay (milliseconds) of released events\. Default 100\. 25 | .IP "\[ci]" 4 26 | \-s 27 | .IP 28 | startup_timeout: time to wait (milliseconds) before startup\. Default 100\. 29 | .IP "\[ci]" 4 30 | \-k 31 | .IP 32 | csv_string: csv list of rescue key names to exit kloak in case the keyboard becomes unresponsive\. Default is 'KEY_LEFTSHIFT,KEY_RIGHTSHIFT,KEY_ESC'\. 33 | .IP "\[ci]" 4 34 | \-v 35 | .IP 36 | verbose mode 37 | .IP "" 0 38 | .SH "DESCRIPTION" 39 | kloak is a Keystroke\-level online anonymization kernel\. 40 | .P 41 | kloak is a privacy tool that makes keystroke biometrics less effective\. This is accomplished by obfuscating the time intervals between key press and release events, which are typically used for identification\. 42 | .SH "EXAMPLES" 43 | Use eventcap(8) (or some other event capture tool) and look for the device that generates events when keys are pressed\. 44 | .P 45 | Starting \fBkloak\fR without any options will use sensible defaults and attempt to find the location of the keyboard device and uinput\. Note that since \fBkloak\fR requires reading from and writing to device files, it probably won't work without running as root: 46 | .P 47 | \fBsudo \./kloak\fR 48 | .P 49 | Optionally start \fBkloak\fR by specifying the input and output device files\. The output device should be the location of uinput\. 50 | .P 51 | \fBsudo \./kloak \-r /dev/input/event4 \-w /dev/uinput\fR 52 | .SH "WWW" 53 | https://github\.com/vmonaco/kloak 54 | .SH "CREDITS" 55 | kloak was written by Vinnie Monaco\. 56 | .SH "AUTHOR" 57 | This man page has been written by Patrick Schleizer (adrelanos@whonix\.org)\. 58 | -------------------------------------------------------------------------------- /debian/kloak.install: -------------------------------------------------------------------------------- 1 | ## Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC 2 | ## See the file COPYING for copying conditions. 3 | 4 | ## Manually maintained file. nogenmkfile 5 | 6 | eventcap usr/sbin/ 7 | kloak usr/sbin/ 8 | 9 | etc/* 10 | usr/* 11 | lib/* 12 | -------------------------------------------------------------------------------- /debian/make-helper-overrides.bsh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ## Copyright (C) 2016 - 2025 ENCRYPTED SUPPORT LLC 4 | ## See the file COPYING for copying conditions. 5 | 6 | ## Fork. 7 | #version_numbers_by_upstream=true 8 | 9 | ## Already included upstream. 10 | genmkfile_lintian_post_opts+=" --suppress-tags maintainer-manual-page" 11 | -------------------------------------------------------------------------------- /debian/rules: -------------------------------------------------------------------------------- 1 | #!/usr/bin/make -f 2 | 3 | ## Copyright (C) 2016 - 2025 ENCRYPTED SUPPORT LLC 4 | ## See the file COPYING for copying conditions. 5 | 6 | export DH_VERBOSE=1 7 | 8 | export DEB_BUILD_MAINT_OPTIONS = hardening=+all 9 | DPKG_EXPORT_BUILDFLAGS = 1 10 | include /usr/share/dpkg/buildflags.mk 11 | 12 | %: 13 | dh $@ 14 | 15 | APPARMOR_PROFILE_NAME=$(shell basename $$(echo ./etc/apparmor.d/*.*)) 16 | 17 | override_dh_installman: 18 | dh_installman $(CURDIR)/debian/eventcap.8 19 | dh_installman $(CURDIR)/debian/kloak.8 20 | 21 | override_dh_installchangelogs: 22 | dh_installchangelogs changelog.upstream upstream 23 | 24 | override_dh_install: 25 | dh_apparmor --profile-name=$(APPARMOR_PROFILE_NAME) -p$(shell dh_listpackages) 26 | dh_install 27 | -------------------------------------------------------------------------------- /debian/source/format: -------------------------------------------------------------------------------- 1 | 3.0 (quilt) 2 | -------------------------------------------------------------------------------- /debian/source/lintian-overrides: -------------------------------------------------------------------------------- 1 | ## https://phabricator.whonix.org/T277 2 | debian-watch-does-not-check-openpgp-signature 3 | -------------------------------------------------------------------------------- /debian/watch: -------------------------------------------------------------------------------- 1 | ## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC 2 | ## See the file COPYING for copying conditions. 3 | 4 | version=4 5 | opts=filenamemangle=s/.+\/v?(\d\S+)\.tar\.gz/kloak-$1\.tar\.gz/ \ 6 | https://github.com/Whonix/kloak/tags .*/v?(\d\S+)\.tar\.gz 7 | -------------------------------------------------------------------------------- /etc/apparmor.d/usr.sbin.kloak: -------------------------------------------------------------------------------- 1 | # Last Modified: Wed Sep 25 04:21:21 2024 2 | include 3 | 4 | ## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC 5 | ## See the file COPYING for copying conditions. 6 | 7 | 8 | /usr/sbin/kloak { 9 | include 10 | 11 | ## Required for 'kloak -v' (verbose) only. 12 | network unix stream, 13 | 14 | signal receive set=cont peer=unconfined, 15 | signal receive set=exists peer=unconfined, 16 | signal receive set=kill peer=unconfined, 17 | signal receive set=term peer=unconfined, 18 | 19 | ptrace readby, 20 | 21 | /etc/ld.so.cache r, 22 | /etc/ld.so.preload r, 23 | /usr/sbin/kloak mr, 24 | /{,usr/}lib{,32,64}/** mr, 25 | owner /dev/input/event* r, 26 | owner /dev/uinput rw, 27 | owner /proc/*/cmdline r, 28 | owner /proc/*/environ r, 29 | owner /proc/*/maps r, 30 | owner /sys/devices/virtual/input/** r, 31 | 32 | # Site-specific additions and overrides. See local/README for details. 33 | #include 34 | } 35 | -------------------------------------------------------------------------------- /figures/kloak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Whonix/kloak/804b2c649974f657d152b8c8a0a1231facf34dd3/figures/kloak.png -------------------------------------------------------------------------------- /figures/train-kloak_test-kloak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Whonix/kloak/804b2c649974f657d152b8c8a0a1231facf34dd3/figures/train-kloak_test-kloak.png -------------------------------------------------------------------------------- /figures/train-normal_test-kloak.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Whonix/kloak/804b2c649974f657d152b8c8a0a1231facf34dd3/figures/train-normal_test-kloak.png -------------------------------------------------------------------------------- /figures/train-normal_test-normal.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Whonix/kloak/804b2c649974f657d152b8c8a0a1231facf34dd3/figures/train-normal_test-normal.png -------------------------------------------------------------------------------- /kloak.spec: -------------------------------------------------------------------------------- 1 | Name: kloak 2 | Version: 0.3.7 3 | Release: %autorelease 4 | Summary: Keystroke-level online anonymization kernel 5 | 6 | License: BSD-3-Clause 7 | # vmonaco no longer maintains kloak, Whonix Project now actively maintains a fork. 8 | # URL: https://github.com/vmonaco/%%{name} 9 | URL: https://github.com/Whonix/%{name} 10 | Source0: %{url}/archive/%{version}-1/%{name}-%{version}-1.tar.gz 11 | 12 | BuildRequires: gcc 13 | BuildRequires: libubsan 14 | BuildRequires: make 15 | BuildRequires: pkgconf-pkg-config 16 | BuildRequires: pkgconfig(libevdev) 17 | BuildRequires: pkgconfig(libsodium) 18 | BuildRequires: pkgconfig(udev) 19 | BuildRequires: systemd-rpm-macros 20 | Requires: systemd-udev 21 | %{?systemd_requires} 22 | 23 | %description 24 | A privacy tool that makes keystroke biometrics less effective. This is 25 | accomplished by obfuscating the time intervals between key press and release 26 | events, which are typically used for identification. 27 | 28 | %prep 29 | %autosetup -n %{name}-%{version}-1 30 | 31 | %build 32 | %make_build all 33 | 34 | %install 35 | %{__install} -Dm 0644 usr/lib/systemd/system/%{name}.service -t %{buildroot}%{_unitdir} 36 | %{__install} -Dm 0644 lib/udev/rules.d/*.rules -t %{buildroot}%{_udevrulesdir} 37 | %{__install} -Dm 0755 eventcap -t %{buildroot}%{_sbindir} 38 | %{__install} -Dm 0755 %{name} -t %{buildroot}%{_sbindir} 39 | %{__install} -Dm 0644 auto-generated-man-pages/*.8 -t %{buildroot}%{_mandir}/man8 40 | 41 | %post 42 | %systemd_post %{name}.service 43 | %udev_rules_update 44 | 45 | %preun 46 | %systemd_preun %{name}.service 47 | 48 | %postun 49 | %systemd_postun_with_restart %{name}.service 50 | %udev_rules_update 51 | 52 | %files 53 | %license COPYING LICENSE 54 | %doc *.md 55 | %{_unitdir}/%{name}.service 56 | %{_udevrulesdir}/*-%{name}.rules 57 | %{_sbindir}/eventcap 58 | %{_sbindir}/%{name} 59 | %{_mandir}/man8/eventcap.8* 60 | %{_mandir}/man8/%{name}.8* 61 | 62 | %changelog 63 | %autochangelog 64 | -------------------------------------------------------------------------------- /lib/udev/rules.d/95-kloak.rules: -------------------------------------------------------------------------------- 1 | SUBSYSTEM!="input", GOTO="end" 2 | 3 | 4 | # do not run kloak on devices created by kloak 5 | KERNEL=="event*", ATTRS{name}=="*kloak", GOTO="end" 6 | 7 | # new keyboard or mouse attached, start kloak@event[0-9].service 8 | KERNEL=="event*", ACTION=="add", ENV{ID_INPUT_KEYBOARD}=="1", RUN+="/usr/bin/systemctl restart kloak.service" 9 | KERNEL=="event*", ACTION=="add", ENV{ID_INPUT_KEYBOARD}=="1", GOTO="end" 10 | 11 | KERNEL=="event*", ACTION=="add", ENV{ID_INPUT_MOUSE}=="1", RUN+="/usr/bin/systemctl restart kloak.service" 12 | KERNEL=="event*", ACTION=="add", ENV{ID_INPUT_MOUSE}=="1", GOTO="end" 13 | 14 | 15 | # keyboard or mouse removed, stop the service 16 | KERNEL=="event*", ACTION=="remove", ENV{ID_INPUT_KEYBOARD}=="1", RUN+="/usr/bin/systemctl restart kloak.service" 17 | KERNEL=="event*", ACTION=="remove", ENV{ID_INPUT_KEYBOARD}=="1", GOTO="end" 18 | 19 | KERNEL=="event*", ACTION=="remove", ENV{ID_INPUT_MOUSE}=="1", RUN+="/usr/bin/systemctl restart kloak.service" 20 | KERNEL=="event*", ACTION=="remove", ENV{ID_INPUT_MOUSE}=="1", GOTO="end" 21 | 22 | 23 | LABEL="end" 24 | -------------------------------------------------------------------------------- /man/eventcap.8.ronn: -------------------------------------------------------------------------------- 1 | eventcap(8) -- physical keyboard device detection 2 | ============================================= 3 | 4 | 15 | 16 | ## SYNOPSIS 17 | `eventcap` device 18 | 19 | ## DESCRIPTION 20 | Determine which device file corresponds to the physical keyboard. Use eventcap 21 | can be used to look for the device that generates 22 | events when keys are pressed. This will typically be one of 23 | /dev/input/event[0-7]. 24 | 25 | ## EXAMPLES 26 | In this example, it's /dev/input/event4: 27 | 28 | `sudo ./eventcap /dev/input/event4` 29 | 30 | Reading From : /dev/input/event4 (AT Translated Set 2 keyboard) 31 | Type: 4 Code: 4 Value: 15 32 | Type: 1 Code: 15 Value: 0 33 | Type: 0 Code: 0 Value: 0 34 | Type: 4 Code: 4 Value: 56 35 | Type: 1 Code: 56 Value: 0 36 | Type: 0 Code: 0 Value: 0 37 | 38 | ## WWW 39 | https://github.com/vmonaco/kloak 40 | 41 | ## CREDITS 42 | eventcap was written by Vinnie Monaco. 43 | 44 | ## AUTHOR 45 | This man page has been written by Patrick Schleizer (adrelanos@whonix.org). 46 | -------------------------------------------------------------------------------- /man/kloak.8.ronn: -------------------------------------------------------------------------------- 1 | kloak(8) -- anti keystroke deanonymization tool 2 | ============================================= 3 | 4 | 15 | 16 | ## SYNOPSIS 17 | `kloak` [options] 18 | 19 | ## OPTIONS 20 | * -h 21 | 22 | print usage message and exit 23 | 24 | * -r 25 | 26 | filename: device file to read events from 27 | 28 | * -w 29 | 30 | filename: device file to write events to (should be uinput) 31 | 32 | * -d 33 | 34 | delay: maximum delay (milliseconds) of released events. Default 100. 35 | 36 | * -s 37 | 38 | startup_timeout: time to wait (milliseconds) before startup. Default 500. 39 | 40 | * -k 41 | 42 | csv_string: csv list of rescue key names to exit kloak in case the 43 | keyboard becomes unresponsive. Default is 'KEY_LEFTSHIFT,KEY_RIGHTSHIFT,KEY_ESC'. 44 | 45 | * -v 46 | 47 | verbose mode 48 | 49 | ## DESCRIPTION 50 | kloak is a Keystroke-level online anonymization kernel. 51 | 52 | kloak is a privacy tool that makes keystroke biometrics less effective. 53 | This is accomplished by obfuscating the time intervals between key press 54 | and release events, which are typically used for identification. 55 | 56 | ## EXAMPLES 57 | Use eventcap(8) (or some other event capture tool) and look for the device 58 | that generates events when keys are pressed. 59 | 60 | Starting `kloak` without any options will use sensible defaults and attempt to 61 | find the location of the keyboard device and uinput. Note that since `kloak` 62 | requires reading from and writing to device files, it probably won't work 63 | without running as root: 64 | 65 | `sudo ./kloak` 66 | 67 | Optionally start `kloak` by specifying the input and output device files. 68 | The output device should be the location of uinput. 69 | 70 | `sudo ./kloak -r /dev/input/event4 -w /dev/uinput` 71 | 72 | ## WWW 73 | https://github.com/vmonaco/kloak 74 | 75 | ## CREDITS 76 | kloak was written by Vinnie Monaco. 77 | 78 | ## AUTHOR 79 | This man page has been written by Patrick Schleizer (adrelanos@whonix.org). 80 | -------------------------------------------------------------------------------- /src/eventcap.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | 11 | #include 12 | 13 | #include 14 | #include 15 | #include 16 | #include 17 | 18 | volatile int running = 1; 19 | 20 | void usage() { 21 | fprintf(stderr, "Usage: eventcap \n"); 22 | exit(1); 23 | } 24 | 25 | void handle_signal(int signal) { 26 | running = 0; 27 | } 28 | 29 | int main(int argc, char *argv[]) { 30 | struct input_event ev; 31 | int fd; 32 | char name[256] = "Unknown"; 33 | char *device = NULL; 34 | 35 | if (argc < 2) { 36 | usage(); 37 | } 38 | 39 | if (getuid() != 0) 40 | printf("You are not root! This may not work...\n"); 41 | 42 | device = argv[1]; 43 | 44 | // Open Device 45 | if ((fd = open(device, O_RDONLY)) == -1) { 46 | fprintf(stderr, "%s is not a valid device\n", device); 47 | exit(1); 48 | } 49 | 50 | // Print Device Name 51 | if (ioctl(fd, EVIOCGNAME(sizeof(name)), name) == -1) { 52 | fprintf(stderr, "Failed to get device name\n"); 53 | exit(1); 54 | } 55 | printf("Reading From: %s (%s)\n", device, name); 56 | 57 | // Set up signal handler for graceful termination 58 | signal(SIGINT, handle_signal); 59 | 60 | while (running) { 61 | if (read(fd, &ev, sizeof(struct input_event)) <= 0) { 62 | perror("read()"); 63 | exit(1); 64 | } 65 | printf("Type: %*d Code: %*d Value: %*d\n", 3, ev.type, 3, ev.code, 3, ev.value); 66 | } 67 | 68 | // Close the device 69 | close(fd); 70 | 71 | return 0; 72 | } 73 | -------------------------------------------------------------------------------- /src/keycodes.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include "keycodes.h" 4 | 5 | struct name_value { 6 | const char *name; 7 | const int value; 8 | }; 9 | 10 | static struct name_value key_table[] = { 11 | {"KEY_ESC", KEY_ESC}, 12 | {"KEY_1", KEY_1}, 13 | {"KEY_2", KEY_2}, 14 | {"KEY_3", KEY_3}, 15 | {"KEY_4", KEY_4}, 16 | {"KEY_5", KEY_5}, 17 | {"KEY_6", KEY_6}, 18 | {"KEY_7", KEY_7}, 19 | {"KEY_8", KEY_8}, 20 | {"KEY_9", KEY_9}, 21 | {"KEY_0", KEY_0}, 22 | {"KEY_MINUS", KEY_MINUS}, 23 | {"KEY_EQUAL", KEY_EQUAL}, 24 | {"KEY_BACKSPACE", KEY_BACKSPACE}, 25 | {"KEY_TAB", KEY_TAB}, 26 | {"KEY_Q", KEY_Q}, 27 | {"KEY_W", KEY_W}, 28 | {"KEY_E", KEY_E}, 29 | {"KEY_R", KEY_R}, 30 | {"KEY_T", KEY_T}, 31 | {"KEY_Y", KEY_Y}, 32 | {"KEY_U", KEY_U}, 33 | {"KEY_I", KEY_I}, 34 | {"KEY_O", KEY_O}, 35 | {"KEY_P", KEY_P}, 36 | {"KEY_LEFTBRACE", KEY_LEFTBRACE}, 37 | {"KEY_RIGHTBRACE", KEY_RIGHTBRACE}, 38 | {"KEY_ENTER", KEY_ENTER}, 39 | {"KEY_LEFTCTRL", KEY_LEFTCTRL}, 40 | {"KEY_A", KEY_A}, 41 | {"KEY_S", KEY_S}, 42 | {"KEY_D", KEY_D}, 43 | {"KEY_F", KEY_F}, 44 | {"KEY_G", KEY_G}, 45 | {"KEY_H", KEY_H}, 46 | {"KEY_J", KEY_J}, 47 | {"KEY_K", KEY_K}, 48 | {"KEY_L", KEY_L}, 49 | {"KEY_SEMICOLON", KEY_SEMICOLON}, 50 | {"KEY_APOSTROPHE", KEY_APOSTROPHE}, 51 | {"KEY_GRAVE", KEY_GRAVE}, 52 | {"KEY_LEFTSHIFT", KEY_LEFTSHIFT}, 53 | {"KEY_BACKSLASH", KEY_BACKSLASH}, 54 | {"KEY_Z", KEY_Z}, 55 | {"KEY_X", KEY_X}, 56 | {"KEY_C", KEY_C}, 57 | {"KEY_V", KEY_V}, 58 | {"KEY_B", KEY_B}, 59 | {"KEY_N", KEY_N}, 60 | {"KEY_M", KEY_M}, 61 | {"KEY_COMMA", KEY_COMMA}, 62 | {"KEY_DOT", KEY_DOT}, 63 | {"KEY_SLASH", KEY_SLASH}, 64 | {"KEY_RIGHTSHIFT", KEY_RIGHTSHIFT}, 65 | {"KEY_KPASTERISK", KEY_KPASTERISK}, 66 | {"KEY_LEFTALT", KEY_LEFTALT}, 67 | {"KEY_SPACE", KEY_SPACE}, 68 | {"KEY_CAPSLOCK", KEY_CAPSLOCK}, 69 | {"KEY_F1", KEY_F1}, 70 | {"KEY_F2", KEY_F2}, 71 | {"KEY_F3", KEY_F3}, 72 | {"KEY_F4", KEY_F4}, 73 | {"KEY_F5", KEY_F5}, 74 | {"KEY_F6", KEY_F6}, 75 | {"KEY_F7", KEY_F7}, 76 | {"KEY_F8", KEY_F8}, 77 | {"KEY_F9", KEY_F9}, 78 | {"KEY_F10", KEY_F10}, 79 | {"KEY_NUMLOCK", KEY_NUMLOCK}, 80 | {"KEY_SCROLLLOCK", KEY_SCROLLLOCK}, 81 | {"KEY_KP7", KEY_KP7}, 82 | {"KEY_KP8", KEY_KP8}, 83 | {"KEY_KP9", KEY_KP9}, 84 | {"KEY_KPMINUS", KEY_KPMINUS}, 85 | {"KEY_KP4", KEY_KP4}, 86 | {"KEY_KP5", KEY_KP5}, 87 | {"KEY_KP6", KEY_KP6}, 88 | {"KEY_KPPLUS", KEY_KPPLUS}, 89 | {"KEY_KP1", KEY_KP1}, 90 | {"KEY_KP2", KEY_KP2}, 91 | {"KEY_KP3", KEY_KP3}, 92 | {"KEY_KP0", KEY_KP0}, 93 | {"KEY_KPDOT", KEY_KPDOT}, 94 | 95 | {"KEY_ZENKAKUHANKAKU", KEY_ZENKAKUHANKAKU}, 96 | {"KEY_102ND", KEY_102ND}, 97 | {"KEY_F11", KEY_F11}, 98 | {"KEY_F12", KEY_F12}, 99 | {"KEY_RO", KEY_RO}, 100 | {"KEY_KATAKANA", KEY_KATAKANA}, 101 | {"KEY_HIRAGANA", KEY_HIRAGANA}, 102 | {"KEY_HENKAN", KEY_HENKAN}, 103 | {"KEY_KATAKANAHIRAGANA", KEY_KATAKANAHIRAGANA}, 104 | {"KEY_MUHENKAN", KEY_MUHENKAN}, 105 | {"KEY_KPJPCOMMA", KEY_KPJPCOMMA}, 106 | {"KEY_KPENTER", KEY_KPENTER}, 107 | {"KEY_RIGHTCTRL", KEY_RIGHTCTRL}, 108 | {"KEY_KPSLASH", KEY_KPSLASH}, 109 | {"KEY_SYSRQ", KEY_SYSRQ}, 110 | {"KEY_RIGHTALT", KEY_RIGHTALT}, 111 | {"KEY_LINEFEED", KEY_LINEFEED}, 112 | {"KEY_HOME", KEY_HOME}, 113 | {"KEY_UP", KEY_UP}, 114 | {"KEY_PAGEUP", KEY_PAGEUP}, 115 | {"KEY_LEFT", KEY_LEFT}, 116 | {"KEY_RIGHT", KEY_RIGHT}, 117 | {"KEY_END", KEY_END}, 118 | {"KEY_DOWN", KEY_DOWN}, 119 | {"KEY_PAGEDOWN", KEY_PAGEDOWN}, 120 | {"KEY_INSERT", KEY_INSERT}, 121 | {"KEY_DELETE", KEY_DELETE}, 122 | {"KEY_MACRO", KEY_MACRO}, 123 | {"KEY_MUTE", KEY_MUTE}, 124 | {"KEY_VOLUMEDOWN", KEY_VOLUMEDOWN}, 125 | {"KEY_VOLUMEUP", KEY_VOLUMEUP}, 126 | {"KEY_POWER", KEY_POWER}, 127 | {"KEY_KPEQUAL", KEY_KPEQUAL}, 128 | {"KEY_KPPLUSMINUS", KEY_KPPLUSMINUS}, 129 | {"KEY_PAUSE", KEY_PAUSE}, 130 | {"KEY_SCALE", KEY_SCALE}, 131 | 132 | {"KEY_KPCOMMA", KEY_KPCOMMA}, 133 | {"KEY_HANGEUL", KEY_HANGEUL}, 134 | {"KEY_HANGUEL", KEY_HANGUEL}, 135 | {"KEY_HANJA", KEY_HANJA}, 136 | {"KEY_YEN", KEY_YEN}, 137 | {"KEY_LEFTMETA", KEY_LEFTMETA}, 138 | {"KEY_RIGHTMETA", KEY_RIGHTMETA}, 139 | {"KEY_COMPOSE", KEY_COMPOSE}, 140 | 141 | {"KEY_F13", KEY_F13}, 142 | {"KEY_F14", KEY_F14}, 143 | {"KEY_F15", KEY_F15}, 144 | {"KEY_F16", KEY_F16}, 145 | {"KEY_F17", KEY_F17}, 146 | {"KEY_F18", KEY_F18}, 147 | {"KEY_F19", KEY_F19}, 148 | {"KEY_F20", KEY_F20}, 149 | {"KEY_F21", KEY_F21}, 150 | {"KEY_F22", KEY_F22}, 151 | {"KEY_F23", KEY_F23}, 152 | {"KEY_F24", KEY_F24}, 153 | 154 | {"KEY_UNKNOWN", KEY_UNKNOWN}, 155 | 156 | {NULL, 0} 157 | }; 158 | 159 | int lookup_keycode(const char *name) { 160 | struct name_value *p; 161 | for (p = key_table; p->name != NULL; ++p) { 162 | if (strcmp(p->name, name) == 0) { 163 | return p->value; 164 | } 165 | } 166 | return -1; 167 | } 168 | 169 | const char *lookup_keyname(const int code) { 170 | struct name_value *p; 171 | for (p = key_table; p->name != NULL; ++p) { 172 | if (code == p->value) { 173 | return p->name; 174 | } 175 | } 176 | return "KEY_UNKNOWN"; 177 | } 178 | -------------------------------------------------------------------------------- /src/keycodes.h: -------------------------------------------------------------------------------- 1 | #ifndef KEYCODES_H_INCLUDED 2 | #define KEYCODES_H_INCLUDED 3 | 4 | int lookup_keycode(const char *); 5 | const char* lookup_keyname(const int); 6 | 7 | #endif // KEYCODES_H_INCLUDED 8 | -------------------------------------------------------------------------------- /src/kloak.h: -------------------------------------------------------------------------------- 1 | #ifndef KLOAK_H 2 | #define KLOAK_H 3 | 4 | struct entry { 5 | struct input_event iev; 6 | long time; 7 | TAILQ_ENTRY(entry) entries; 8 | int device_index; 9 | }; 10 | 11 | ssize_t strtcpy(char *, const char *, size_t); 12 | void sleep_ms(long int); 13 | long current_time_ms(void); 14 | long int random_between(long int, long int); 15 | void set_rescue_keys(const char*); 16 | int supports_event_type(int, int); 17 | int supports_specific_key(int, unsigned int); 18 | int is_keyboard(int); 19 | int is_mouse(int); 20 | void detect_devices(); 21 | void init_inputs(); 22 | void init_outputs(); 23 | void emit_event(struct entry *); 24 | void main_loop(); 25 | void usage(); 26 | void banner(); 27 | 28 | #endif 29 | -------------------------------------------------------------------------------- /src/main.c: -------------------------------------------------------------------------------- 1 | #define _GNU_SOURCE 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #include "kloak.h" 16 | #include "keycodes.h" 17 | 18 | #define BUFSIZE 256 // for device names and rescue key sequence 19 | #define MAX_INPUTS 48 // number of devices to try autodetection 20 | #define MAX_DEVICES 48 // max number of devices to read events from 21 | #define MAX_RESCUE_KEYS 10 // max number of rescue keys to exit in case of emergency 22 | #define MIN_KEYBOARD_KEYS 20 // need at least this many keys to be a keyboard 23 | #define POLL_TIMEOUT_MS 1 // timeout to check for new events 24 | #define DEFAULT_MAX_DELAY_MS 100 // upper bound on event delay 25 | #define DEFAULT_STARTUP_DELAY_MS 500 // wait before grabbing the input device 26 | 27 | #define panic(format, ...) do { fprintf(stderr, format "\n", ## __VA_ARGS__); fflush(stderr); cleanup(); exit(EXIT_FAILURE); } while (0) 28 | 29 | #ifndef min 30 | #define min(a, b) ( ((a) < (b)) ? (a) : (b) ) 31 | #endif 32 | 33 | #ifndef max 34 | #define max(a, b) ( ((a) > (b)) ? (a) : (b) ) 35 | #endif 36 | 37 | const char *qubes_detect_file = "/usr/share/qubes/marker-vm"; 38 | static bool is_qubes_vm = false; 39 | 40 | static int interrupt = 0; // flag to interrupt the main loop and exit 41 | static int verbose = 0; // flag for verbose output 42 | static int persistent = 0; // flag for persistent mode (diables rescue key sequence) 43 | static int custom_rescue = 0; // flag for setting a custom rescue key sequence 44 | 45 | static char rescue_key_seps[] = ", "; // delims to strtok 46 | static char rescue_keys_str[BUFSIZE] = "KEY_LEFTSHIFT,KEY_RIGHTSHIFT,KEY_ESC"; 47 | static int rescue_keys[MAX_RESCUE_KEYS]; // Codes of the rescue key combo 48 | static int rescue_len = 0; // Number of rescue keys, set during initialization 49 | 50 | static int max_delay = DEFAULT_MAX_DELAY_MS; // lag will never exceed this upper bound 51 | static int startup_timeout = DEFAULT_STARTUP_DELAY_MS; 52 | 53 | static unsigned int device_count = 0; 54 | static char named_inputs[MAX_INPUTS][BUFSIZE]; 55 | 56 | static int input_fds[MAX_INPUTS]; 57 | struct libevdev *output_devs[MAX_INPUTS]; 58 | struct libevdev_uinput *uidevs[MAX_INPUTS]; 59 | 60 | static struct option long_options[] = { 61 | {"read", 1, 0, 'r'}, 62 | {"delay", 1, 0, 'd'}, 63 | {"start", 1, 0, 's'}, 64 | {"keys", 1, 0, 'k'}, 65 | {"verbose", 0, 0, 'v'}, 66 | {"help", 0, 0, 'h'}, 67 | {0, 0, 0, 0} 68 | }; 69 | 70 | TAILQ_HEAD(tailhead, entry) head; 71 | 72 | // From string_copying manpage 73 | ssize_t strtcpy(char *restrict dst, const char *restrict src, size_t dsize) 74 | { 75 | bool trunc; 76 | size_t dlen, slen; 77 | 78 | if (dsize == 0) { 79 | errno = ENOBUFS; 80 | return -1; 81 | } 82 | 83 | slen = strnlen(src, dsize); 84 | trunc = (slen == dsize); 85 | dlen = slen - trunc; 86 | 87 | stpcpy(mempcpy(dst, src, dlen), ""); 88 | if (trunc) 89 | errno = E2BIG; 90 | return trunc ? -1 : (ssize_t)slen; 91 | } 92 | 93 | void cleanup() { 94 | for (int i = 0; i < device_count; i++) { 95 | libevdev_uinput_destroy(uidevs[i]); 96 | libevdev_free(output_devs[i]); 97 | close(input_fds[i]); 98 | } 99 | } 100 | 101 | void sleep_ms(long milliseconds) { 102 | struct timespec ts; 103 | ts.tv_sec = milliseconds / 1000; 104 | ts.tv_nsec = (milliseconds % 1000) * 1000000; 105 | if (nanosleep(&ts, NULL) == -1) 106 | panic("nanosleep failed: %s", strerror(errno)); 107 | } 108 | 109 | long current_time_ms(void) { 110 | struct timespec spec; 111 | clock_gettime(CLOCK_MONOTONIC, &spec); 112 | return (spec.tv_sec) * 1000 + (spec.tv_nsec) / 1000000; 113 | } 114 | 115 | long random_between(long lower, long upper) { 116 | long maxval; 117 | long randval; 118 | // default to max if the interval is not valid 119 | if (lower >= upper) 120 | return upper; 121 | 122 | maxval = upper - lower + 1; 123 | if (maxval > UINT32_MAX) 124 | return UINT32_MAX; 125 | 126 | randval = randombytes_uniform((uint32_t)maxval); 127 | return lower + randval; 128 | } 129 | 130 | void set_rescue_keys(const char* rescue_keys_str) { 131 | char* _rescue_keys_str = malloc(strlen(rescue_keys_str) + 1); 132 | if(_rescue_keys_str == NULL) { 133 | panic("Failed to allocate memory for _rescue_keys_str"); 134 | } 135 | strncpy(_rescue_keys_str, rescue_keys_str, strlen(rescue_keys_str)); 136 | _rescue_keys_str[strlen(rescue_keys_str)] = '\0'; 137 | 138 | char* token = strtok(_rescue_keys_str, rescue_key_seps); 139 | 140 | while (token != NULL) { 141 | int keycode = lookup_keycode(token); 142 | if (keycode < 0) { 143 | panic("Invalid key name: '%s'\nSee keycodes.h for valid names", token); 144 | } else if (rescue_len < MAX_RESCUE_KEYS) { 145 | rescue_keys[rescue_len] = keycode; 146 | rescue_len++; 147 | } else { 148 | panic("Cannot set more than %d rescue keys", MAX_RESCUE_KEYS); 149 | } 150 | token = strtok(NULL, rescue_key_seps); 151 | } 152 | free(_rescue_keys_str); 153 | } 154 | 155 | int supports_event_type(int device_fd, int event_type) { 156 | unsigned long evbit = 0; 157 | // Get the bit field of available event types. 158 | if (ioctl(device_fd, EVIOCGBIT(0, sizeof(evbit)), &evbit) == -1) 159 | panic("ioctl EVIOCGBIT failed: %s", strerror(errno)); 160 | // NOTE: EVIOCGBIT ioctl returns an int, see handle_eviocgbit function in 161 | // linux/drivers/input/evdev.c, thus this cast is safe 162 | return (int)evbit & (1 << event_type); 163 | } 164 | 165 | int supports_specific_key(int device_fd, unsigned int key) { 166 | size_t nchar = KEY_MAX/8 + 1; 167 | unsigned char bits[nchar]; 168 | // Get the bit fields of available keys. 169 | if (ioctl(device_fd, EVIOCGBIT(EV_KEY, sizeof(bits)), &bits) == -1) 170 | panic("ioctl EVIOCGBIT for EV_KEY failed: %s", strerror(errno)); 171 | return bits[key/8] & (1 << (key % 8)); 172 | } 173 | 174 | int is_keyboard(int fd) { 175 | unsigned int key; 176 | int num_supported_keys = 0; 177 | 178 | // Only check devices that support EV_KEY events 179 | if (supports_event_type(fd, EV_KEY)) { 180 | // Count the number of KEY_* events that are supported 181 | for (key = 0; key <= KEY_MAX; key++) { 182 | if (supports_specific_key(fd, key)) { 183 | num_supported_keys += 1; 184 | } 185 | } 186 | } 187 | 188 | return (num_supported_keys > MIN_KEYBOARD_KEYS); 189 | } 190 | 191 | int is_mouse(int fd) { 192 | return (supports_event_type(fd, EV_REL) || supports_event_type(fd, EV_ABS)); 193 | } 194 | 195 | void detect_devices() { 196 | int fd; 197 | char device[BUFSIZE]; 198 | 199 | for (int i = 0; i < MAX_DEVICES; i++) { 200 | snprintf(device, sizeof(device), "/dev/input/event%d", i); 201 | 202 | if ((fd = open(device, O_RDONLY)) < 0) { 203 | continue; 204 | } 205 | 206 | if (is_keyboard(fd)) { 207 | strtcpy(named_inputs[device_count++], device, BUFSIZE); 208 | if (verbose) 209 | printf("Found keyboard at: %s\n", device); 210 | } else if (is_mouse(fd)) { 211 | strtcpy(named_inputs[device_count++], device, BUFSIZE); 212 | if (verbose) 213 | printf("Found mouse at: %s\n", device); 214 | } 215 | 216 | if (close(fd) == -1) 217 | panic("close failed on device: %s, error: %s", device, strerror(errno)); 218 | 219 | if (device_count >= MAX_INPUTS) { 220 | if (verbose) 221 | printf("Warning: ran out of inputs while detecting devices\n"); 222 | break; 223 | } 224 | } 225 | } 226 | 227 | void init_inputs() { 228 | int fd; 229 | int one = 1; 230 | 231 | for (int i = 0; i < device_count; i++) { 232 | if ((fd = open(named_inputs[i], O_RDONLY)) < 0) 233 | panic("Could not open: %s", named_inputs[i]); 234 | 235 | // set the device to nonblocking mode 236 | if (ioctl(fd, FIONBIO, &one) < 0) 237 | panic("Could set to nonblocking: %s", named_inputs[i]); 238 | 239 | // grab the input device 240 | if (ioctl(fd, EVIOCGRAB, &one) < 0) 241 | panic("Could not grab: %s", named_inputs[i]); 242 | 243 | input_fds[i] = fd; 244 | } 245 | } 246 | 247 | void init_outputs() { 248 | char *name; 249 | const char *suffix = " kloak"; 250 | for (int i = 0; i < device_count; i++) { 251 | int err = libevdev_new_from_fd(input_fds[i], &output_devs[i]); 252 | 253 | if (err != 0) 254 | panic("Could not create evdev for input device: %s", named_inputs[i]); 255 | 256 | // Setting the device name under Qubes is pointless, as a Qubes VM 257 | // will never have a dynamically changing number of input devices like 258 | // a normal VM or a physical system. Furthermore, setting the device 259 | // name causes an alarming "Denied qubes.InputKeyboard from vm to 260 | // dom0" notification. 261 | if (!is_qubes_vm) { 262 | const char *tmp_name = libevdev_get_name(output_devs[i]); 263 | name = malloc(strlen(tmp_name) + strlen(suffix) + 1); 264 | if (name == NULL) 265 | panic("Could not allocate memory for device name: %s", tmp_name); 266 | 267 | strcpy(name, tmp_name); 268 | strcat(name, suffix); 269 | 270 | libevdev_set_name(output_devs[i], name); 271 | 272 | free(name); 273 | } 274 | 275 | err = libevdev_uinput_create_from_device(output_devs[i], LIBEVDEV_UINPUT_OPEN_MANAGED, &uidevs[i]); 276 | 277 | if (err != 0) 278 | panic("Could not create uidev for input device: %s", named_inputs[i]); 279 | } 280 | } 281 | 282 | void emit_event(struct entry *e) { 283 | int res, delay; 284 | long now = current_time_ms(); 285 | delay = (int) (e->time - now); 286 | 287 | res = libevdev_uinput_write_event(uidevs[e->device_index], e->iev.type, e->iev.code, e->iev.value); 288 | if (res != 0) { 289 | panic("Failed to write event to uinput: %s", strerror(-res)); 290 | } 291 | 292 | if (verbose) { 293 | printf("Released event at time : %ld. Device: %d, Type: %*d, " 294 | "Code: %*d, Value: %*d, Missed target: %*d ms \n", 295 | e->time, e->device_index, 3, e->iev.type, 5, e->iev.code, 5, e->iev.value, 5, delay); 296 | } 297 | } 298 | 299 | void main_loop() { 300 | long int err; 301 | long prev_release_time = 0; 302 | long current_time = 0; 303 | long lower_bound = 0; 304 | long random_delay = 0; 305 | struct input_event ev; 306 | struct entry *n1, *np; 307 | 308 | // initialize the rescue state 309 | int rescue_state[MAX_RESCUE_KEYS]; 310 | for (int i = 0; i < rescue_len; i++) { 311 | rescue_state[i] = 0; 312 | } 313 | 314 | // load input file descriptors for polling 315 | struct pollfd *pfds = calloc(device_count, sizeof(struct pollfd)); 316 | if (pfds == NULL) { 317 | panic("Failed to allocate memory for pollfd array"); 318 | } 319 | for (int j = 0; j < device_count; j++) { 320 | pfds[j].fd = input_fds[j]; 321 | pfds[j].events = POLLIN; 322 | } 323 | 324 | // the main loop breaks when the rescue keys are detected 325 | // On each iteration, wait for input from the input devices 326 | // If the event is a key press/release, then schedule for 327 | // release in the future by generating a random delay. The 328 | // range of the delay depends on the previous event generated 329 | // so that events are always scheduled in the order they 330 | // arrive (FIFO). 331 | while (!interrupt) { 332 | // Emit any events exceeding the current time 333 | current_time = current_time_ms(); 334 | while ((np = TAILQ_FIRST(&head)) && (current_time >= np->time)) { 335 | emit_event(np); 336 | TAILQ_REMOVE(&head, np, entries); 337 | free(np); 338 | } 339 | 340 | // Wait for next input event 341 | if ((err = poll(pfds, device_count, POLL_TIMEOUT_MS)) < 0) 342 | panic("poll() failed: %s\n", strerror(errno)); 343 | 344 | // timed out, do nothing 345 | if (err == 0) 346 | continue; 347 | 348 | // An event is available, mark the current time 349 | current_time = current_time_ms(); 350 | 351 | // Buffer the event with a random delay 352 | for (int k = 0; k < device_count; k++) { 353 | if (pfds[k].revents & POLLIN) { 354 | if ((err = read(pfds[k].fd, &ev, sizeof(ev))) <= 0) 355 | panic("read() failed: %s", strerror(errno)); 356 | 357 | // check for the rescue sequence. 358 | if (!persistent) { 359 | if (ev.type == EV_KEY) { 360 | int all = 1; 361 | for (int j = 0; j < rescue_len; j++) { 362 | if (rescue_keys[j] == ev.code) 363 | rescue_state[j] = (ev.value == 0 ? 0 : 1); 364 | all = all && rescue_state[j]; 365 | } 366 | if (all) 367 | interrupt = 1; 368 | } 369 | } 370 | 371 | // schedule the keyboard event to be released sometime in the future. 372 | // lower bound must be bounded between time since last scheduled event and max delay 373 | // preserves event order and bounds the maximum delay 374 | lower_bound = min(max(prev_release_time - current_time, 0), max_delay); 375 | 376 | // syn events are not delayed 377 | if (ev.type == EV_SYN) { 378 | random_delay = lower_bound; 379 | } else { 380 | random_delay = random_between(lower_bound, max_delay); 381 | } 382 | 383 | // Buffer the event 384 | n1 = malloc(sizeof(struct entry)); 385 | if (n1 == NULL) { 386 | panic("Failed to allocate memory for entry"); 387 | } 388 | n1->time = current_time + random_delay; 389 | n1->iev = ev; 390 | n1->device_index = k; 391 | TAILQ_INSERT_TAIL(&head, n1, entries); 392 | 393 | // Keep track of the previous scheduled release time 394 | prev_release_time = n1->time; 395 | 396 | if (verbose) { 397 | printf("Buffered event at time: %ld. Device: %d, Type: %*d, " 398 | "Code: %*d, Value: %*d, Scheduled delay: %*ld ms \n", 399 | n1->time, k, 3, n1->iev.type, 5, n1->iev.code, 5, n1->iev.value, 400 | 4, random_delay); 401 | if (lower_bound > 0) { 402 | printf("Lower bound raised to: %*ld ms\n", 4, lower_bound); 403 | } 404 | } 405 | } 406 | } 407 | } 408 | 409 | free(pfds); 410 | } 411 | 412 | void usage() { 413 | fprintf(stderr, "Usage: kloak [options]\n"); 414 | fprintf(stderr, "Options:\n"); 415 | fprintf(stderr, " -r filename: device file to read events from. Can specify multiple -r options.\n"); 416 | fprintf(stderr, " -d delay: maximum delay (milliseconds) of released events. Default 100.\n"); 417 | fprintf(stderr, " -s startup_timeout: time to wait (milliseconds) before startup. Default 500.\n"); 418 | fprintf(stderr, " -k csv_string: csv list of rescue key names to exit kloak in case the\n" 419 | " keyboard becomes unresponsive. Default is 'KEY_LEFTSHIFT,KEY_RIGHTSHIFT,KEY_ESC'.\n"); 420 | fprintf(stderr, " -p: persistent mode (disable rescue key sequence)\n"); 421 | fprintf(stderr, " -v: verbose mode\n"); 422 | } 423 | 424 | void banner() { 425 | printf("********************************************************************************\n" 426 | "* Started kloak : Keystroke-level Online Anonymizing Kernel\n" 427 | "* Maximum delay : %d ms\n" 428 | "* Reading from : %s\n", 429 | max_delay, named_inputs[0]); 430 | 431 | for (int i = 1; i < device_count; i++) { 432 | printf("* %s\n", named_inputs[i]); 433 | } 434 | if (persistent) { 435 | printf("* Persistent mode, rescue keys disabled"); 436 | } else { 437 | printf("* Rescue keys : %s", lookup_keyname(rescue_keys[0])); 438 | for (int i = 1; i < rescue_len; i++) { 439 | printf(" + %s", lookup_keyname(rescue_keys[i])); 440 | } 441 | } 442 | 443 | printf("\n"); 444 | printf("********************************************************************************\n"); 445 | } 446 | 447 | int main(int argc, char **argv) { 448 | if (sodium_init() == -1) { 449 | panic("sodium_init failed"); 450 | } 451 | 452 | if ((getuid()) != 0) 453 | printf("You are not root! This may not work...\n"); 454 | 455 | if (access(qubes_detect_file, F_OK) == 0) { 456 | is_qubes_vm = true; 457 | } 458 | 459 | while (1) { 460 | int c = getopt_long(argc, argv, "r:d:s:k:vph", long_options, NULL); 461 | 462 | if (c < 0) 463 | break; 464 | 465 | switch (c) { 466 | case 'r': 467 | if (device_count >= MAX_INPUTS) 468 | panic("Too many -r options: can read from at most %d devices\n", MAX_INPUTS); 469 | strtcpy(named_inputs[device_count++], optarg, BUFSIZE); 470 | break; 471 | 472 | case 'd': 473 | if ((max_delay = atoi(optarg)) < 0) 474 | panic("Maximum delay must be >= 0\n"); 475 | break; 476 | 477 | case 's': 478 | if ((startup_timeout = atoi(optarg)) < 0) 479 | panic("Startup timeout must be >= 0\n"); 480 | break; 481 | 482 | case 'k': 483 | if (persistent) { 484 | panic("-k and -p options are mutually exclusive, try -h for help\n"); 485 | } 486 | strtcpy(rescue_keys_str, optarg, BUFSIZE); 487 | custom_rescue = 1; 488 | break; 489 | 490 | case 'v': 491 | verbose = 1; 492 | break; 493 | 494 | case 'p': 495 | if (custom_rescue) { 496 | panic("-k and -p options are mutually exclusive, try -h for help\n"); 497 | } 498 | persistent = 1; 499 | break; 500 | 501 | case 'h': 502 | usage(); 503 | exit(0); 504 | break; 505 | 506 | default: 507 | usage(); 508 | panic("Unknown option: %c \n", optopt); 509 | } 510 | } 511 | 512 | // autodetect devices if none were specified 513 | if (device_count == 0) 514 | detect_devices(); 515 | 516 | // autodetect failed 517 | if (device_count == 0) 518 | panic("Unable to find any keyboards or mice. Specify which input device(s) to use with -r"); 519 | 520 | // set rescue keys from the default sequence or -k arg 521 | set_rescue_keys(rescue_keys_str); 522 | 523 | // wait for pending events to finish, avoids keys being "held down" 524 | printf("Waiting %d ms...\n", startup_timeout); 525 | sleep_ms(startup_timeout); 526 | 527 | // open the input devices and create the output devices 528 | init_inputs(); 529 | init_outputs(); 530 | 531 | // initialize the event queue 532 | TAILQ_INIT(&head); 533 | 534 | banner(); 535 | main_loop(); 536 | 537 | // close everything 538 | cleanup(); 539 | 540 | exit(EXIT_SUCCESS); 541 | } 542 | -------------------------------------------------------------------------------- /usr/lib/systemd/system/kloak.service: -------------------------------------------------------------------------------- 1 | ## Copyright (C) 2016 - 2025 ENCRYPTED SUPPORT LLC 2 | ## See the file COPYING for copying conditions. 3 | 4 | [Unit] 5 | Description=kloak anti keystroke deanonymization tool 6 | Documentation=https://github.com/vmonaco/kloak 7 | ConditionPathExists=!/run/qubes/this-is-templatevm 8 | Before=graphical.target 9 | Before=getty.target 10 | 11 | [Service] 12 | Type=simple 13 | 14 | ## -v for verbosity due to: 15 | ## https://github.com/vmonaco/kloak/issues/13 16 | #ExecStart=/usr/sbin/kloak -v 17 | 18 | ## This cannot be trivially made work on Qubes! 19 | ## 20 | ## /dev/input/event0 is not a keyboard device. 21 | ## 22 | ## ls -la /dev/input/event0 23 | ## crw-rw---- 1 root input 13, 64 May 6 08:25 /dev/input/event0 24 | ## 25 | ## ls -la /dev/input/by-path/platform-pcspkr-event-spkr 26 | ## lrwxrwxrwx 1 root root 9 May 6 08:25 /dev/input/by-path/platform-pcspkr-event-spkr -> ../event0 27 | ## 28 | ## https://github.com/QubesOS/qubes-issues/issues/2558 29 | ## https://github.com/QubesOS/qubes-issues/issues/1850 30 | ## https://forums.whonix.org/t/current-state-of-kloak/5605/6 31 | 32 | ExecStart=/usr/sbin/kloak 33 | 34 | Restart=always 35 | 36 | ## Kloak doesn't require any capabilities. This is 37 | ## likely because the things it needs are already 38 | ## owned by the root user which it runs as. 39 | CapabilityBoundingSet= 40 | 41 | ProtectSystem=strict 42 | ProtectHome=true 43 | ProtectKernelTunables=true 44 | ProtectKernelModules=true 45 | ProtectControlGroups=true 46 | ## hardened kernels without CONFIG_USER_NS_UNPRIVILEGED=Y 47 | ## need to: 48 | ## * disable or comment out the 3 'Private' namespaces below 49 | ## $ systemctl edit --full kloak 50 | PrivateTmp=true 51 | PrivateUsers=true 52 | PrivateNetwork=true 53 | MemoryDenyWriteExecute=true 54 | NoNewPrivileges=true 55 | RestrictRealtime=true 56 | RestrictNamespaces=true 57 | SystemCallArchitectures=native 58 | SystemCallFilter=brk clock_nanosleep close execve faccessat getdents64 getpid getrandom getuid ioctl madvise mmap mprotect munmap newfstatat openat ppoll prlimit64 read readlinkat rseq rt_sigaction set_robust_list set_tid_address sigaltstack write rt_sigprocmask sysinfo uname getcwd access fstat pread64 poll readlink open 59 | 60 | [Install] 61 | WantedBy=multi-user.target 62 | --------------------------------------------------------------------------------