Here is the security part of the .config: # # Security options # CONFIG_KEYS=y CONFIG_PERSISTENT_KEYRINGS=y CONFIG_BIG_KEYS=y # CONFIG_ENCRYPTED_KEYS is not set CONFIG_KEYS_DEBUG_PROC_KEYS=y # CONFIG_SECURITY_DMESG_RESTRICT is not set CONFIG_SECURITY=y CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_PATH=y CONFIG_INTEL_TXT=y # CONFIG_SECURITY_SELINUX is not set # CONFIG_SECURITY_SMACK is not set # CONFIG_SECURITY_TOMOYO is not set # CONFIG_SECURITY_APPARMOR is not set # CONFIG_SECURITY_YAMA is not set CONFIG_SECURITY_HELLOWORLD=y # CONFIG_IMA is not set # CONFIG_EVM is not set CONFIG_DEFAULT_SECURITY_HELLOWORLD=y # CONFIG_DEFAULT_SECURITY_DAC is not set CONFIG_DEFAULT_SECURITY="helloworld" CONFIG_CRYPTO=y
SELinux is not loading before my module. SELinux was working on the kernel that came with the distribution, did not try to build my kernel with it on. I will try to do so. Thank you very much, Thomas On 19 January 2015 at 00:20, Dave Tian <[email protected]> wrote: > Did SELinux get loaded before your changes (Fedora uses SELinux by > default)? Would you please post your security config? I still suspect that > there was sth messed up in the config. > > Thanks, > Dave > > > On Jan 18, 2015, at 7:09 PM, Thomas F. J.-M. Pasquier <[email protected]> > wrote: > > No, other LSM. Checked in the config file. The only one selected is mine > and it is set "Default Security Module" when using menuconfig. > > On Mon Jan 19 2015 at 12:07:33 AM Tian Dave <[email protected]> > wrote: > >> Then which LSM was triggered? SELinux? You probably need to disable other >> LSM before making your LSM work. >> >> Thanks, >> Dave >> >> 2015-01-18 18:49 GMT-05:00 Thomas F. J.-M. Pasquier <[email protected]>: >> >>> Hi everyone, >>> >>> Kernel version 3.17.8 >>> >>> I am trying to build a skeleton LSM module, but I am not having much >>> luck so far. The problem seems to be that the LSM init function is never >>> called. >>> >>> I am selecting my helloworld LSM when building the kernel and it is set >>> as default (checked and re-checked in menuconfig + in the file). >>> >>> The build is going fine (my module is built as I would expect). The rest >>> of the building procedure goes fine. I reboot, the new image works just >>> fine except my LSM is not in (nor any other, it seems, for that matter). >>> >>> Here is the init function: >>> static __init int hw_init(void){ >>> /* avoid security registration races */ >>> if (!security_module_enable(&hw_ops)){ >>> printk(KERN_INFO "hw: Disabled at boot.\n"); >>> return 0; >>> } >>> >>> printk(KERN_INFO "hw: Initializing.\n"); >>> >>> if (register_security(&hw_ops)) >>> panic("hw: Unable to register with kernel.\n"); >>> else >>> printk(KERN_INFO "hw: registered with the kernel.\n"); >>> >>> return 0; >>> } >>> >>> security_initcall(hw_init); >>> >>> I looked at how it was done in SELinux and the other security module and >>> I don't seem to be doing things differently or incorrectly. I checked the >>> log level just in case and that's not the issue either. >>> >>> I am tempted to say the problem come from my building >>> procedure/configuration, rather than the module/code in itself (the dist on >>> top of the kernel is fedora21). I have been at it for a while now and any >>> help would be most welcomed. >>> >>> Thank you in advance. >>> >>> Regards, >>> Thomas >>> >>> >>> >>> _______________________________________________ >>> Kernelnewbies mailing list >>> [email protected] >>> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies >>> >>> >> >
_______________________________________________ Kernelnewbies mailing list [email protected] http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
