* Koichi ONOUE (koichiat_private) wrote: > I would like to use "mod_reg_security()" in order to use > multiple modules. > I succeed at "insmond" as each sub-modules of primary module, > but I don't know how each sub-modules are classify in hook > function. Please tell me how to classify (and use) specified > sub-module in hook function. Say you have two modules: the primary which is loaded first and uses register_security(); and the secondary, which is loaded second and uses mod_reg_security(). The way to actually use both modules really through the primary module. The primary module registers with the kernel (using register_security()) so the kernel hooks will only call into the primary module. The primary module can then choose to call into the secondary module if desired. So here is very rough example code from a primary module that can stack with a secondary module (this does not account for sharing the security blob in the object, e.g. inode->i_security). For more detailed info, look at David Wheeler's Stacker module <http://www.dwheeler.com/misc/stacker.c>. static struct security_operations my_ops = { ... }; /* fill out your ops */ static struct security_operations my_second_ops; static int secondary; /* statically initialized to zero */ my_module_init() { register_security(&my_ops); } my_mod_reg_security_hook(name, ops) { /* do some validation */ my_second_ops = ops; secondary = 1; /* toggle secondary mode */ } my_random_lsm_hook(...) { int error; if (secondary) error = my_second_ops->random_lsm_hook(...); if (error) goto out; error = /* the stuff this module cares about */ out: return error; } hope that helps, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jan 16 2003 - 17:41:03 PST