How to hook the system call?
Geraint Yang
geraint0923 at gmail.com
Wed Nov 23 13:05:31 EST 2011
Hi,
I have tried the LSM framework,but when I make my module , I got
"waining:'register_security' undefined", then I check security/security.c
and found out that register_security is not exported ! So if I want to use
this function ,I must hack kernel by exporting and recompiling kernel which
is allowed for me.
So ...well, it seems that LSM doesn't work for module without modifying the
kernel source.
On Thu, Nov 24, 2011 at 12:59 AM, Alexandru Juncu <alex.juncu at rosedu.org>wrote:
> On Wed, Nov 23, 2011 at 6:50 PM, Geraint Yang <geraint0923 at gmail.com>
> wrote:
> > Hi,
> > Thank all of you for helping me with problem!
> > I don't want to modify my kernel source so I am trying to learn to use
> LSM
> > security hook even though it seems that it couldn't hook all the system
> > calls, I think it should be enough for me.
> > Thanks again!
>
> I know that AppArmor can hock syscalls like read, write and memory
> mapping and can deny or accept them. I am not sure if you can make it
> do something else when hocked, but I know it has a script-like
> configuration, so maybe you can take some other actions.
>
--
Geraint Yang
Tsinghua University Department of Computer Science and Technology
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20111124/90d7aa65/attachment.html
More information about the Kernelnewbies
mailing list