Thread (5 messages) 5 messages, 3 authors, 2015-01-21

Building Hello World LSM

From: Dave Tian <hidden>
Date: 2015-01-20 20:11:18

Possibly related (same subject, not in this thread)

Tested on Fedora 21 using kernel 3.18.3 and there is nothing wrong with LSM. Please make sure your hello world was compiled and built-in.
Yes, LSM now only support built-in, not module.

-daveti


On Jan 20, 2015, at 3:43 AM, Thomas F. J.-M. Pasquier [off-list ref] wrote:

Hi,

I am able to re-build with SELinux now and that's working (using config from /boot/). However, when building with helloworld LSM it does not seem to be working. I can indeed see the "Security Framework initialized", but none of the printk present in my module. I will be doing more test today.

I think LSM should not appear in modprobe as they are not loaded anymore. Am I missing something or is this correct?

Thanks,
Thomas

On Mon Jan 19 2015 at 3:45:15 PM Dave Tian <dave.jing.tian at gmail.com <mailto:dave.jing.tian@gmail.com>> wrote:
LSM does not support dynamic module loading now.

I have tried to create a new LSM based on yama and boot it as the default on my Ubuntu 14.04 (kernel 3.13). It works smoothly. I have NOT tried Fedora with kernel 3.18 yet but I do not think there would be some changes breaking LSM, which has been there for years?Would you please recheck your Kconfig and Makefile? At least, you should see the logging ?Security Framework initialized" from dmesg, saying the LSM is init?d, after which your LSM should be  loaded presumably.

-daveti
quoted
On Jan 18, 2015, at 9:33 PM, Valdis.Kletnieks at vt.edu <mailto:Valdis.Kletnieks@vt.edu> wrote:

On Sun, 18 Jan 2015 23:49:31 +0000, "Thomas F. J.-M. Pasquier" said:
quoted
I am trying to build a skeleton LSM module, but I am not having much luck
so far. The problem seems to be that the LSM init function is never called.
What does 'modprobe' report?  Anything in dmesg?
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org <mailto:Kernelnewbies@kernelnewbies.org>
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies <http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150120/d46316fe/attachment.html
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help