How does a lsm security module open a config file?

From: (phanixat_private)
Date: Sat Jan 18 2003 - 07:11:11 PST

  • Next message: : "(no subject)"

    I am now working on a lsm module.
    I want this module to open and read "/etc/myattr.conf" when initializing.
    There are a lot of functions in the kernel, path_init(), path_walk(),
    dentry_open(), flip_open(), kernel_read(),
    Should I use them? How?
    
    My module looks like this:
    (In fact, I copy most of the open_exec() in fs/exec.c to open_conf_file() )
    
    struct file *open_conf_file(const char *name)
    {
    	struct nameidata nd;
    	struct inode *inode;
    	struct file *file;
    	int err = 0;
    
    	if (path_init(name, LOOKUP_FOLLOW|LOOKUP_POSITIVE, &nd))
    		err = path_walk(name, &nd);
    	file = ERR_PTR(err);
    	if (!err) {
    		inode = nd.dentry->d_inode;
    		file = ERR_PTR(-EACCES);
    		if ( !(nd.mnt->mnt_flags & MNT_NOEXEC) && S_ISREG(inode->i_mode)) {
    			int err = permission(inode, MAY_READ);
    			if (!err && !(inode->i_mode & 0444))
    				err = -EACCES;
    			file = ERR_PTR(err);
    			if (!err) {
    				file = dentry_open(nd.dentry, nd.mnt, O_RDONLY);
    				
    				if (!IS_ERR(file)) {
    					err = deny_write_access(file);
    					if (err) {
    						fput(file);
    						file = ERR_PTR(err);
    					}
    				}
    				
    				
    out:
    				return file;
    			}
    		}
    		path_release(&nd);
    	}
    	goto out;
    }
    
    
    static int __init mec_init (void)
    {
    	struct file *fd = NULL;
             ..........
             ..........
    	
    	/* register module with the security framework */
    	
             ..........
    	
    	// first, read the config file into buf
    	memset( buffer, ' ', BUF_LEN );
    	if( IS_ERR( fd = open_conf_file( "/etc/myattr.conf" ) ) )
    		return -EINVAL;
    	
             ...........
    	}
    
    
    When insmod this module, the kernel collapse.
    Please, help me.
    
                                                            X.H. Beijing
    
    
    
    _________________________________________________________________
    ĵʼϵͳ MSN Hotmail http://www.hotmail.com 
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Sat Jan 18 2003 - 07:13:35 PST