Issue
I tried to write my own Linux Security Module (LSM). I took help from this youtube video here (ignore the DEFINE_LSM(yama), it was a typo).
My code is as simple as this:
#include <linux/lsm_hooks.h>
#include <linux/kern_levels.h>
#include <linux/binfmts.h>
static int my_test_bprm_check_security(struct linux_binprm *bprm){
printk(KERN_ERR "Hello my_test_bprm_check_security: %s\n", bprm->interp);
return 0;
}
static struct security_hook_list my_test_hooks[] __lsm_ro_after_init = {
LSM_HOOK_INIT(bprm_check_security, my_test_bprm_check_security),
};
static int __init my_test_init(void){
printk(KERN_ERR "mytest: We are going to do things\n");
security_add_hooks(my_test_hooks, ARRAY_SIZE(my_test_hooks),"my_test");
return 0;
}
DEFINE_LSM(my_test){
.name = "my_test",
.init = my_test_init,
};
When I tried to compile it (as a kernel module so that I can insmod it without the need of integrating it into the kernel itself) with the following Makefile
obj-m += my_test.o
all:
make -C /lib/modules/$(shell uname -r)/build M=$(shell pwd) modules
clean:
make -C /lib/modules/$(shell uname -r)/build M=$(shell pwd) clean
It throws the following error:
In file included from security/my_test.c:1:
./include/linux/lsm_hooks.h:1667:9: error: attributes should be specified before the declarator in a function definition
1667 | static struct lsm_info __lsm_##lsm \
| ^~~~~~
security/my_test.c:20:1: note: in expansion of macro ‘DEFINE_LSM’
20 | DEFINE_LSM(my_test){
| ^~~~~~~~~~
security/my_test.c:14:19: error: ‘my_test_init’ defined but not used [-Werror=unused-function]
14 | static int __init my_test_init(void){
| ^~~~~~~~~~~~
Looking into the lsm_hooks.h at the specified line (1667) I found the following macro defining a struct:
#define DEFINE_LSM(lsm) \
static struct lsm_info __lsm_##lsm \
__used __section(".lsm_info.init") \
__aligned(sizeof(unsigned long))
I went through this post. Could anyone tell me what is the problem and how to deal with this? I am a beginner in kernel programming.
I am using the following version of GCC:
gcc (Ubuntu 11.2.0-19ubuntu1) 11.2.0
Copyright (C) 2021 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Solution
You forgot the equal sign between invocation of DEFINE_LSM macro, which defines a variable, and value of that variable. Correct:
DEFINE_LSM(my_test) = {
.name = "my_test",
.init = my_test_init,
};
Answered By - Tsyvarev Answer Checked By - Marilyn (WPSolving Volunteer)