On Wed, Nov 23, 2011 at 11:35 PM, Geraint Yang <[email protected]>wrote:
> Hi, > I have tried the LSM framework,but when I make my module , I got > "waining:'register_security' undefined", then I check security/security.c > and found out that register_security is not exported ! So if I want to use > this function ,I must hack kernel by exporting and recompiling kernel which > is allowed for me. > So ...well, it seems that LSM doesn't work for module without modifying > the kernel source. > > > > This function is declared as extern in header linux/security.h, you can include this header in your code and call this function. > > On Thu, Nov 24, 2011 at 12:59 AM, Alexandru Juncu > <[email protected]>wrote: > >> On Wed, Nov 23, 2011 at 6:50 PM, Geraint Yang <[email protected]> >> wrote: >> > Hi, >> > Thank all of you for helping me with problem! >> > I don't want to modify my kernel source so I am trying to learn to use >> LSM >> > security hook even though it seems that it couldn't hook all the system >> > calls, I think it should be enough for me. >> > Thanks again! >> >> I know that AppArmor can hock syscalls like read, write and memory >> mapping and can deny or accept them. I am not sure if you can make it >> do something else when hocked, but I know it has a script-like >> configuration, so maybe you can take some other actions. >> > > > > -- > Geraint Yang > Tsinghua University Department of Computer Science and Technology > > > Regards, Rohan Puri
_______________________________________________ Kernelnewbies mailing list [email protected] http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
