Building Hello World LSM

Thomas F. J.-M. Pasquier tfjmp2 at cam.ac.uk
Sun Jan 18 19:09:59 EST 2015


No, other LSM. Checked in the config file. The only one selected is mine
and it is set "Default Security Module" when using menuconfig.

On Mon Jan 19 2015 at 12:07:33 AM Tian Dave <dave.jing.tian at gmail.com>
wrote:

> Then which LSM was triggered? SELinux? You probably need to disable other
> LSM before making your LSM work.
>
> Thanks,
> Dave
>
> 2015-01-18 18:49 GMT-05:00 Thomas F. J.-M. Pasquier <tfjmp2 at cam.ac.uk>:
>
>> Hi everyone,
>>
>> Kernel version 3.17.8
>>
>> I am trying to build a skeleton LSM module, but I am not having much luck
>> so far. The problem seems to be that the LSM init function is never called.
>>
>> I am selecting my helloworld LSM when building the kernel and it is set
>> as default (checked and re-checked in menuconfig + in the file).
>>
>> The build is going fine (my module is built as I would expect). The rest
>> of the building procedure goes fine. I reboot, the new image works just
>> fine except my LSM is not in (nor any other, it seems, for that matter).
>>
>> Here is the init function:
>> static __init int hw_init(void){
>> /* avoid security registration races */
>> if (!security_module_enable(&hw_ops)){
>> printk(KERN_INFO "hw:  Disabled at boot.\n");
>> return 0;
>> }
>>
>> printk(KERN_INFO "hw:  Initializing.\n");
>>
>> if (register_security(&hw_ops))
>> panic("hw: Unable to register with kernel.\n");
>> else
>> printk(KERN_INFO "hw: registered with the kernel.\n");
>>
>> return 0;
>> }
>>
>> security_initcall(hw_init);
>>
>> I looked at how it was done in SELinux and the other security module and
>> I don't seem to be doing things differently or incorrectly. I checked the
>> log level just in case and that's not the issue either.
>>
>> I am tempted to say the problem come from my building
>> procedure/configuration, rather than the module/code in itself (the dist on
>> top of the kernel is fedora21). I have been at it for a while now and any
>> help would be most welcomed.
>>
>> Thank you in advance.
>>
>> Regards,
>> Thomas
>>
>>
>>
>> _______________________________________________
>> Kernelnewbies mailing list
>> Kernelnewbies at kernelnewbies.org
>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150119/6eec4e71/attachment-0001.html 


More information about the Kernelnewbies mailing list