Detecting missing hook functions

From: Stephen Smalley (sdsat_private)
Date: Thu Oct 25 2001 - 10:22:01 PDT

  • Next message: Chris Wright: "Re: Detecting missing hook functions"

    At present, if you accidentally miss a hook function when writing your
    security module, you don't get any kind of warning unless it happens to
    be one of the top-level hooks (checked by security/security.c:verify).
    This happened to the SELinux security module.  Back at the beginning of
    August, a set of additional hooks were added to task_security_ops by
    Lachlan, and I missed the getscheduler hook when I updated the SELinux
    module.  We made three releases of the SELinux security module without
    noticing this problem, and only happened to find it after a user reported
    a complete system lockup upon running mozilla on the third release.  Even
    then, it wasn't easy to track down - we didn't get any kind of kernel
    Oops until we rolled forward to 2.4.13-pre6, just a complete lockup.
    
    Although this was my mistake, it would be nice if the verify function
    would catch these kinds of mistakes.  But simply expanding the current set
    tests for each individual hook function pointer seems painful and may not
    be well-maintained as new hooks are added.  Is there a simpler way to
    validate the entire structure?
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Oct 25 2001 - 10:23:35 PDT