Building Hello World LSM
From: Dave Tian <hidden>
Date: 2015-01-19 00:20:20
Did SELinux get loaded before your changes (Fedora uses SELinux by default)? Would you please post your security config? I still suspect that there was sth messed up in the config. Thanks, Dave
On Jan 18, 2015, at 7:09 PM, Thomas F. J.-M. Pasquier [off-list ref] wrote:
No, other LSM. Checked in the config file. The only one selected is mine and it is set "Default Security Module" when using menuconfig.
On Mon Jan 19 2015 at 12:07:33 AM Tian Dave <dave.jing.tian at gmail.com <mailto:dave.jing.tian@gmail.com>> wrote:
Then which LSM was triggered? SELinux? You probably need to disable other LSM before making your LSM work.
Thanks,
Dave
2015-01-18 18:49 GMT-05:00 Thomas F. J.-M. Pasquier <tfjmp2 at cam.ac.uk <mailto:tfjmp2@cam.ac.uk>>:
Hi everyone,
Kernel version 3.17.8
I am trying to build a skeleton LSM module, but I am not having much luck so far. The problem seems to be that the LSM init function is never called.
I am selecting my helloworld LSM when building the kernel and it is set as default (checked and re-checked in menuconfig + in the file).
The build is going fine (my module is built as I would expect). The rest of the building procedure goes fine. I reboot, the new image works just fine except my LSM is not in (nor any other, it seems, for that matter).
Here is the init function:
static __init int hw_init(void){
/* avoid security registration races */
if (!security_module_enable(&hw_ops)){
printk(KERN_INFO "hw: Disabled at boot.\n");
return 0;
}
printk(KERN_INFO "hw: Initializing.\n");
if (register_security(&hw_ops))
panic("hw: Unable to register with kernel.\n");
else
printk(KERN_INFO "hw: registered with the kernel.\n");
return 0;
}
security_initcall(hw_init);
I looked at how it was done in SELinux and the other security module and I don't seem to be doing things differently or incorrectly. I checked the log level just in case and that's not the issue either.
I am tempted to say the problem come from my building procedure/configuration, rather than the module/code in itself (the dist on top of the kernel is fedora21). I have been at it for a while now and any help would be most welcomed.
Thank you in advance.
Regards,
Thomas
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org <mailto:Kernelnewbies@kernelnewbies.org>
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies <http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies>
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150118/379b77d3/attachment.html