lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 17 Feb 2007 09:38:53 +0000
From:	Simon Arlott <simon@...ott.org>
To:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: security_fixup_ops

Shouldn't security_fixup_ops be exported?

Otherwise I have to include the kernel's security/dummy.c to use it and there's no other way to fix all the ops for a secondary module without copying a list of all the ops, which may change in future kernels, into the module's code.

Unless of course including kernel source in modules is ok, because the module will need to have been compiled with the right version of struct security_operations anyway.

---
/* http://redrum.lp0.eu/portac/portac.c */

#include <../security/dummy.c>

struct security_operations portac_ops = { 
	.register_security = portac_register_security,
	.unregister_security = portac_unregister_security,

	.socket_bind = portac_socket_bind
};
struct security_operations primary_ops;
struct security_operations *secondary_ops = NULL;

int portac_register_security(const char *name, struct security_operations *ops)
{
	struct security_operations tmp;
...
	/* Copy our current ops because they have
	 * been fixed with dummy functions.
	 *
	 * Keep a reference to the secondary ops
	 * for later use.
	 */
	primary_ops = portac_ops;
	secondary_ops = ops;

	/* Copy the secondary ops, override the
	 * functions we use and call security_fixup_ops
	 * to add missing dummy functions.
	 *
	 * Replace our current ops with these ops.
	 */
	tmp = *ops;
	tmp.socket_bind = portac_socket_bind;
	tmp.unregister_security = portac_unregister_security;
	security_fixup_ops(&tmp); /* from security/dummy.c */
	portac_ops = tmp;
...
}

-- 
Simon Arlott


Download attachment "signature.asc" of type "application/pgp-signature" (830 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ