How to hook the system call?

rohan puri rohan.puri15 at gmail.com
Wed Nov 23 23:04:24 EST 2011


On Wed, Nov 23, 2011 at 11:35 PM, Geraint Yang <geraint0923 at gmail.com>wrote:

> Hi,
> I have tried the LSM framework,but when I make my module , I got
> "waining:'register_security' undefined", then I check security/security.c
> and found out that register_security is not exported ! So if I want to use
> this function ,I must hack kernel by exporting and recompiling kernel which
> is allowed for me.
> So ...well, it seems that LSM doesn't work for module without modifying
> the kernel source.
>
>
>
> This function is declared as extern in header linux/security.h, you can
include this header in your code and call this function.

>
> On Thu, Nov 24, 2011 at 12:59 AM, Alexandru Juncu <alex.juncu at rosedu.org>wrote:
>
>> On Wed, Nov 23, 2011 at 6:50 PM, Geraint Yang <geraint0923 at gmail.com>
>> wrote:
>> > Hi,
>> > Thank all of you for helping me with problem!
>> > I don't want to modify my kernel source so I am trying to learn to use
>> LSM
>> > security hook even though it seems that it couldn't hook all the system
>> > calls, I think it should be enough for me.
>> > Thanks again!
>>
>> I know that AppArmor can hock syscalls like read, write and memory
>> mapping and can deny or accept them. I am not sure if you can make it
>> do something else when hocked, but I know it has a script-like
>> configuration, so maybe you can take some other actions.
>>
>
>
>
> --
> Geraint Yang
> Tsinghua University Department of Computer Science and Technology
>
>
> Regards,
Rohan Puri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20111124/091d5b86/attachment.html 


More information about the Kernelnewbies mailing list