On Tue, 23 Jul 2002, Chris Wright wrote: > This seems like a reasonable approach. It allows an easy way for module > authors to give an unload/can't unload override switch. Ok, included below is a patch which does this for the capability module. Loading as a module with the parameter develop_mode=1 allows it to be unloaded. Otherwise, it's unloadable via normal means. Actually, I wonder if this should instead be a compile-time configuration option, like the SELinux development mode option. It's really only useful to kernel developers, so making it a runtime option for everyone may not be the best approach. If this were to be a compilation option, perhaps it could be a single option under either the security or kernel hacking config sections, to be used by all modules (including for any other developer bypasses). Thoughts? - James -- James Morris <jmorrisat_private> diff -urN -X dontdiff lsm-2.5/security/capability.c lsm-2.5.w1/security/capability.c --- lsm-2.5/security/capability.c Tue Jul 23 11:24:17 2002 +++ lsm-2.5.w1/security/capability.c Wed Jul 24 23:04:07 2002 @@ -1201,10 +1201,44 @@ #if defined(CONFIG_SECURITY_CAPABILITIES_MODULE) #define MY_NAME THIS_MODULE->name + +static int develop_mode = 0; + +static int can_unload(void) +{ + return develop_mode ? 0 : -EBUSY; +} + +static int set_unloadable(void) +{ + if (!mod_member_present(&__this_module, can_unload)) + return -EBUSY; + + __this_module.can_unload = can_unload; + return 0; +} + #else #define MY_NAME "capability" +static inline int set_unloadable(void) { return 0; } #endif +static void unregister_self(void) +{ + /* remove ourselves from the security framework */ + if (secondary) { + if (mod_unreg_security (MY_NAME, &capability_ops)) + printk (KERN_INFO "Failure unregistering capabilities " + "with primary module.\n"); + return; + } + + if (unregister_security (&capability_ops)) { + printk (KERN_INFO + "Failure unregistering capabilities with the kernel\n"); + } +} + static int __init capability_init (void) { /* register ourselves with the security framework */ @@ -1219,28 +1253,24 @@ } secondary = 1; } + + if (set_unloadable()) + unregister_self(); + printk (KERN_INFO "Capability LSM initialized\n"); return 0; } static void __exit capability_exit (void) { - /* remove ourselves from the security framework */ - if (secondary) { - if (mod_unreg_security (MY_NAME, &capability_ops)) - printk (KERN_INFO "Failure unregistering capabilities " - "with primary module.\n"); - return; - } - - if (unregister_security (&capability_ops)) { - printk (KERN_INFO - "Failure unregistering capabilities with the kernel\n"); - } + unregister_self(); } module_init (capability_init); module_exit (capability_exit); + +MODULE_PARM(develop_mode, "i"); +MODULE_PARM_DESC(develop_mode, "enable development mode: allows module unload"); MODULE_DESCRIPTION("Standard Linux Capabilities Security Module"); MODULE_LICENSE("GPL"); _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 24 2002 - 06:28:48 PDT