Re: How does a lsm security module open a config file?

From: Chris Wright (chrisat_private)
Date: Mon Jan 20 2003 - 14:15:17 PST

  • Next message: Chris Wright: "Re: I'm sorry. I know I'm boring."

    * ¶«·½ ó»ÎÄ (phanixat_private) wrote:
    > 
    > I am now working on a lsm module.
    > I want this module to open and read "/etc/myattr.conf" when initializing.
    > There are a lot of functions in the kernel, path_init(), path_walk(),
    > dentry_open(), flip_open(), kernel_read(),
    > Should I use them? How?
    
    You should send the config information to the module another way.  Have
    a userspace tool read the config file, parse it, and send the proper
    input to the module via something like a /proc entry, a char device, a
    filesystem, etc.
    
    <sniped module open routine>
    
    > static int __init mec_init (void)
    > {
    > 	struct file *fd = NULL;
    >          ..........
    >          ..........
    > 	
    > 	/* register module with the security framework */
    > 	
    >          ..........
    > 	
    > 	// first, read the config file into buf
    > 	memset( buffer, ' ', BUF_LEN );
    > 	if( IS_ERR( fd = open_conf_file( "/etc/myattr.conf" ) ) )
    > 		return -EINVAL;
    > 	
    >          ...........
    > 	}
    > 
    > When insmod this module, the kernel collapse.
    > Please, help me.
    
    Well, without more information it's going to be difficult to diagnose
    the problem.  I'd suspect the memset() right away.  How big is the
    buffer, and where is it allocated (kmalloc, or from stack)?  Within the
    kernel the stack size is limited, so large buffers on the stack will
    oops the kernel quickly.  Try re-arranging your module to take config
    input from userspace, and then see if you can insmod.
    
    thanks,
    -chris
    -- 
    Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Jan 20 2003 - 14:21:40 PST