On Tue, 2007-02-06 at 11:05 +0800, Ian jonhson wrote:
> >
> > (1) Think twice about using a binary struct in your /proc/self/attr API,
> > much less one whose size is not fixed.
> > (2) The return code from the write is not the same thing as the errno
> > value, and the errno value wouldn't be negative in userspace. After the
> > write() call, call perror() to print the human-readable error message
> > for the errno value.
>
> Yes, I have done these using the following codes:
>
> sprintf(path, "/proc/self/attr/current");
> fd = open(path, O_WRONLY);
> if (fd != -1) {
> rc= write(fd, &my_struct, sizeof(mystruct));
> if(rc == -1) perror("write failed due to");
> RETVAL = rc;
> close(fd);
> printf(" fd is ok,errno:%d\n",-errno);
> } else {
> RETVAL = -errno;
> printf("fd is not ok\n");
> }
> return RETVAL;
>
> After running the codes above, I got the output message:
>
> write failed due to: Invalid argument
Ok, so EINVAL rather than EPERM or EACCES.
> > (3) Does your security module implement a setprocattr hook, include it
> > in its security_operations struct, and register itself?
>
> Surely, I have implemented the codes in setprocattr/getprocattr and
> the registered them. The codes are similar with the selinux, but the
> void* data transfers to my_struct.
I asked because the default setprocattr implementation
(dummy_setprocattr) will return -EINVAL, so if you have failed to
properly set up and register your own hook, you will always get EINVAL.
> > (4) Did you remember to disable all other security modules, either in
> > your kernel config or at boot via command line options, so that they
> > don't grab the security_ops before your module can do so?
> >
>
> Of course, If I did not disable all other security modules, I can not
> insmod my LSM modules and run it.
Unclear, as e.g. SELinux might allow it to register as a secondary
(since it supports a secondary module to allow stacking with
capabilitites) but would not pass on the setprocattr request to it.
> I just want to know why I can not set attr information to task_struct
> simply as selinux. Where the error is?If the operations done this work
> more easy to use, the LSM will be more popular, I think.
I think we would have to see your code to identify the problem. At
least your setprocattr hook function.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
