On 2/6/07, Casey Schaufler <[EMAIL PROTECTED]> wrote:
--- Ian jonhson <[EMAIL PROTECTED]> wrote:
> >
> > (1) Think twice about using a binary struct in
> your /proc/self/attr API,
> > much less one whose size is not fixed.
Stephen is correct on this.
> > (2) The return code from the write is not the same
> thing as the errno
> > value, and the errno value wouldn't be negative in
> userspace. After the
> > write() call, call perror() to print the
> human-readable error message
> > for the errno value.
>
> Yes, I have done these using the following codes:
>
> sprintf(path, "/proc/self/attr/current");
> fd = open(path, O_WRONLY);
> if (fd != -1) {
> rc= write(fd, &my_struct,
> sizeof(mystruct));
> if(rc == -1) perror("write failed due
> to");
> RETVAL = rc;
> close(fd);
> printf(" fd is
> ok,errno:%d\n",-errno);
> } else {
> RETVAL = -errno;
> printf("fd is not ok\n");
> }
> return RETVAL;
>
> After running the codes above, I got the output
> message:
>
> write failed due to: Invalid argument
> fd is ok, errno:-29
>
>
>
>
> > (3) Does your security module implement a
> setprocattr hook, include it
> > in its security_operations struct, and register
> itself?
>
> Surely, I have implemented the codes in
> setprocattr/getprocattr and
> the registered them. The codes are similar with the
> selinux, but the
> void* data transfers to my_struct.
Does you hook look something like this?
(advanced apologies for email formatting)
static int blob_setprocattr(struct task_struct *p,
char *name,
void *value, size_t size)
{
blob_t newblob;
if (value == NULL)
return -EINVAL;
if (strcmp(name, "current") == 0) {
if ((newblob = blob_from_above(value))
== BLOB_BAD)
return -EINVAL;
replace_blob(p, newblob);
return size;
}
return -EINVAL;
}
where blob_from_above does formatting and/or
error checking and replace blob does what it
says for your blob.
The above code is very close to what works
for me.
Ok, I have changed the codes struct as yours,
static int my_setprocattr(struct task_struct *p, char *name, void
*value, size_t size)
{
my_struct sl;
my_struct* ts;
if(current != p)
return -EACCES;
if(!size)
return -ERANGE;
if(!strcmp(name, "current"))
{
if (copy_from_user(&sl, value, sizeof(my_struct))) {
return -EFAULT;
}
ts = p->security;
if(ts)
{
ts->v1 = sl.v1;
ts->v2 = sl.v2;
}
else
{
ts->v1 = UNDEFINE_V1;
ts->v2 = UNDEFINE_V2;
}
return 0;
}
return size;
}
After compiling the module and insmod it, I run my setselfattr codes
mentioned last mail and got another error message:
write failed due to: Bad address
Maybe, there are indeed something wrong with my hook.
> I just want to know why I can not set attr
> information to task_struct
> simply as selinux. Where the error is?
I expect that if you provided your setprocattr
code in your next message you'll get all the
help you need. Maybe even more than you really
want.
> If the operations done this work
> more easy to use, the LSM will be more popular, I
> think.
LSM is targeted at large modules that deal
with lots of decisions. The generality required
makes it awkward to use for small things.
> However, thank you very much for discussing my error
> freely.
No worries there. People are always discussing
my errors, too.
Casey Schaufler
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
