---------- Forwarded message ----------
From: MDaemon at fibcom.com <[email protected]>
Date: Thu, Feb 10, 2011 at 11:31 AM
Subject: Permanent Delivery Failure
To: [email protected]
The attached message had PERMANENT fatal delivery errors!
After one or more unsuccessful delivery attempts the attached message has
been removed from the mail queue on this server. The number and frequency
of delivery attempts are determined by local configuration parameters.
YOUR MESSAGE WAS NOT DELIVERED TO ANY OF IT'S RECIPIENTS!
--- Session Transcript ---
Thu 2011-02-10 11:31:36: Parsing message
<xxxxxxxxxxxxxxxxxx\pd50001467261.msg>
Thu 2011-02-10 11:31:36: * From: [email protected]
Thu 2011-02-10 11:31:36: * To: [email protected]
Thu 2011-02-10 11:31:36: * Subject: module prob
Thu 2011-02-10 11:31:36: * Message-ID: <AANLkTi=
[email protected]>
Thu 2011-02-10 11:31:36: * Route slip host: 202.71.129.104
Thu 2011-02-10 11:31:36: * Route slip port: 25
Thu 2011-02-10 11:31:36: Attempting SMTP connection to [202.71.129.104]
Thu 2011-02-10 11:31:36: Attempting to send message to smart host
Thu 2011-02-10 11:31:36: Attempting SMTP connection to [202.71.129.104:25]
Thu 2011-02-10 11:31:36: Waiting for socket connection...
Thu 2011-02-10 11:31:36: * Connection established (192.5.1.2:2559 ->
202.71.129.104:25)
Thu 2011-02-10 11:31:36: Waiting for protocol to start...
Thu 2011-02-10 11:31:36: <-- 220 smtp ready smtp.bizmail.net4india.com
Thu 2011-02-10 11:31:36: --> EHLO fibcom.com
Thu 2011-02-10 11:31:36: <-- 250-smtp.bizmail.net4india.com Hello
fibcom.com [203.101.81.201]
Thu 2011-02-10 11:31:36: <-- 250-SIZE 57671680
Thu 2011-02-10 11:31:36: <-- 250-PIPELINING
Thu 2011-02-10 11:31:36: <-- 250 HELP
Thu 2011-02-10 11:31:36: --> MAIL From:<[email protected]> SIZE=15160
Thu 2011-02-10 11:31:36: <-- 250 OK
Thu 2011-02-10 11:31:36: --> RCPT To:<[email protected]>
Thu 2011-02-10 11:31:36: <-- 550 relay not permitted
--- End Transcript ---
--------------------------------------
LEGAL DISCLAIMER
--------------------------------------
The information contained in this message may be privileged and confidential
and protected from disclosure. If the reader of this message is not the
intended
recipient, or an employee or agent responsible for delivering this message
to the
intended recipient, you are hereby notified that any reproduction,
dissemination
or distribution of this communication is strictly prohibited. If you have
received
this communication in error, please notify us immediately by replying to the
message and deleting it from your computer.
This mail has been checked for viruses. However recipients should undertake
their own virus check. We will not be liable for any losses
Thank you.
Fibcom India Limited
---------- Forwarded message ----------
From: mohit verma <[email protected]>
To: [email protected], kernelnewbies <
[email protected]>
Date: Thu, 10 Feb 2011 11:31:32 +0530
Subject: module prob
hi all,
i have written a tiny module . when i install this one i check in dmesg and
/proc/kallsyms.
these files shows that the module is currently running . but when i go for
"ohm_inode_permission" kernel security function in /proc/kallsyms it does
not show that security operation but
that must be registered along with the registration of module.
i 've attached the source code along with........
i think the problem is while registering the security function
ohm_inode_permission (IMHO). but..................
can someone tell me where am i wrong?
--
........................
*MOHIT VERMA*
_______________________________________________
Kernelnewbies mailing list
[email protected]
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
--
........................
*MOHIT VERMA*
#include<linux/init.h>
#include<linux/kernel.h>
#include<linux/tracehook.h>
#include<linux/errno.h>
#include<linux/sched.h>
#include<linux/security.h>
#include<linux/xattr.h>
#include<linux/capability.h>
#include<linux/unistd.h>
#include<linux/mm.h>
#include<linux/mman.h>
#include<linux/slab.h>
#include<linux/pagemap.h>
#include<linux/swap.h>
#include<linux/spinlock.h>
#include<linux/syscalls.h>
#include<linux/file.h>
#include<linux/fdtable.h>
#include<linux/namei.h>
#include<linux/mount.h>
#include<linux/proc_fs.h>
#include<linux/netfilter_ipv4.h>
#include<linux/netfilter_ipv6.h>
#include<linux/tty.h>
#include<net/icmp.h>
#include<net/ip.h>
#include<net/tcp.h>
#include<net/net_namespace.h>
#include<net/netlabel.h>
#include<linux/uaccess.h>
#include<asm/ioctls.h>
#include<asm/atomic.h>
#include<linux/bitops.h>
#include<linux/interrupt.h>
#include<linux/netdevice.h>
#include<linux/netlink.h>
#include<linux/tcp.h>
#include<linux/udp.h>
#include<linux/dccp.h>
#include<linux/quota.h>
#include<linux/un.h>
#include<net/af_unix.h>
#include<linux/parser.h>
#include<linux/nfs_mount.h>
#include<net/ipv6.h>
#include<linux/hugetlb.h>
#include<linux/personality.h>
#include<linux/sysctl.h>
#include<linux/audit.h>
#include<linux/string.h>
#include<linux/mutex.h>
#include<linux/posix-timers.h>
#include<linux/module.h>
#include<net/sock.h>
#include<linux/socket.h>
#include<linux/net.h>
#include<asm/types.h>
#include<linux/netlink.h>
#include<linux/skbuff.h>
#define NETLINK_TEST 17
#define VFW_GROUP 0
#define MSG_SIZE NLMSG_SPACE(256)
static struct sock *nl_sk = NULL;
unsigned char *data_to_log=NULL;
static int pid=0;
/* to send the data in data_to_log to user space via netlink_unicast*/
static void nltest_snd(unsigned char *data_to_log)
{
struct sk_buff *nl_skb;
struct nlmsghdr *nl_hdr;
nl_skb = alloc_skb(MSG_SIZE, in_interrupt() ? GFP_ATOMIC:GFP_KERNEL);
skb_put(nl_skb,MSG_SIZE);
nl_hdr=(struct nlmsghdr *)nl_skb->data;
nl_hdr->nlmsg_len=MSG_SIZE;
nl_hdr->nlmsg_pid=pid;
nl_hdr->nlmsg_flags=0;
strcpy(NLMSG_DATA(nl_hdr), data_to_log);
NETLINK_CB(nl_skb).pid=0;
//NETLINK_CB(nl_skb).dst_pid=pid;
NETLINK_CB(nl_skb).dst_group=VFW_GROUP;
netlink_unicast(nl_sk, nl_skb, pid, 0);
kfree_skb(nl_skb);
}
/*first we check whether module is bind with some pid , if not then we bind the socket with the very
first and last user space process id. and after that if some other process wanna get connected to
socket , we silently quit*/
static void nltest_recv(struct sk_buff *skb)
{
struct nlmsghdr *nlh = NULL;
if(skb == NULL)
{
printk("skb is NULL \n");
return;
}
nlh=(struct nlmsghdr *)skb->data;
if(pid==0)
pid=nlh->nlmsg_pid;/*pid of sending process*/
}
// this function will be called at module intialization time in ohm_init() so that at the
//module start-up we have the socket of new protocol NETLINK_TEST in hand.
//struct sock * netlink_kernel_create (struct net *net, int unit, unsigned int groups,void (*input)
// (struct sk_buff *skb),struct mutex *cb_mutex, struct module *module)
static int nltest_init()
{
struct net *net;
printk(KERN_ALERT "INIT/START: nltest\n");
nl_sk = netlink_kernel_create(net,NETLINK_TEST, VFW_GROUP, nltest_recv, 0,THIS_MODULE);
if (!nl_sk) {
printk(KERN_ALERT "ERROR: nltest netlink_kernel_create() failed\n");
return 1;
}
else
{
printk(KERN_ALERT "SUCCESS: security module socket created\n");
}
return 0;
}
/* here is the main leverage of LSM security hook i.e inode_permission */
#ifdef CONFIG_SECURITY_OHM
static int ohm_sysctl(ctl_table *table, int op)
{
return 0;
}
#ifndef CONFIG_SECURITY_PATH
#define CONFIG_SECURITY_PATH
static int ohm_inode_permission(struct inode *inode,int mask)
{
/*here 264812 is the inode of /etc/passwd file in my system . so i've hard coded it so that any process if opens this file eventually
* this security hook will be called and then i pass the string to netlink_snd() to pass this to user space process listening to the socket
*to print it.*/
if(inode->i_ino == 264812L)
netlink_snd("OHM: I am watching u\n");
return 0;
}
#endif
static struct security_operations ohm_ops = {
.name = "ohm",
#ifndef SECURITY_PATH
#define SECURITY_PATH
.inode_permission = ohm_inode_permission,
#endif
};
static __init ohm_init(void){
static int err_sock;
/* register the hooks */
if (!security_module_enable(&ohm_ops)) {
return 0;
}
printk(KERN_INFO "Ohm: Initializing.\n");
if((err_sock=nltest_init()) == 0)
{
printk(KERN_ALERT " ERROR: while creating socket notified in ohm_init\n");
}
else if(err_sock==1)
{
printk(KERN_INFO "SUCCESS:in ohm_init socket notified\n");
}
if (register_security(&ohm_ops))
printk("ohm: Unable to register ohm with kernel.\n");
else
printk("ohm: registered with the kernel\n");
return 0;
}
static void __exit ohm_exit(void)
{
printk(KERN_ALERT "EXIT: ohm\n");
sock_release(nl_sk->sk_socket);
return;
}
module_init(ohm_init);
module_exit(ohm_exit);
security_initcall(ohm_init);
//module_exit (ohm_exit);
MODULE_DESCRIPTION("ohm");
MODULE_LICENSE("GPL");
#endif /* CONFIG_SECURITY_OHM */
#include<sys/types.h>
#include<sys/socket.h>
#include<linux/netlink.h>
#include<stdlib.h>
#include<string.h>
#include<stdio.h>
#define MAX_PAYLOAD 1024 /* maximum payload size*/
#define NETLINK_TEST 17
struct sockaddr_nl src_addr, dest_addr;
struct nlmsghdr *nlh = NULL;
struct iovec iov;
int sock_fd;
struct msghdr msg;
void main() {
int opt;
int errno;
sock_fd=socket(PF_NETLINK, SOCK_RAW, NETLINK_KOBJECT_UEVENT);
memset(&src_addr, 0, sizeof(src_addr));
src_addr.nl_family = AF_NETLINK;
src_addr.nl_pid = 0; /* self pid */
src_addr.nl_groups = 0x7;
if((errno=bind(sock_fd, (struct sockaddr*)&src_addr, sizeof(src_addr))) < 0)
{
printf("erorr while binding");
return ;
}
opt = src_addr.nl_groups;
setsockopt(sock_fd, 270, NETLINK_PKTINFO, &opt, sizeof(opt));
memset(&dest_addr, 0, sizeof(dest_addr));
nlh = (struct nlmsghdr *)malloc(NLMSG_SPACE(MAX_PAYLOAD));
memset(nlh, 0, NLMSG_SPACE(MAX_PAYLOAD));
iov.iov_base = (void *)nlh;
iov.iov_len=nlh->nlmsg_len;
msg.msg_name = (void *)&dest_addr;
msg.msg_namelen=sizeof(dest_addr);
msg.msg_iov=&iov;
msg.msg_iovlen=1;
printf("Waiting for message from kernel\n");
/* Read message from kernel */
recvmsg(sock_fd, &msg, MSG_WAITALL);
printf(" Received message payload: %s\n",(char *)NLMSG_DATA(nlh));
close(sock_fd);
}
_______________________________________________
Kernelnewbies mailing list
[email protected]
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
