Re: [PATCH 2.6.9] fork: add a hook in do_fork()

[Chris Wright]

* Guillaume Thouvenin (Guillaume.Thouvenin@xxxxxxxx) wrote:
> static int elsa_task_alloc_security(struct task_struct *p)
> {
> 	printk(KERN_ALERT "intercept a fork: %d created by %d\n",
> 	       p->pid, p->parent->pid);
		       
It's created by current.  So, current->pid.  p is not completely setup
yet, and is still largely duplication of current from dup_task_struct().

>   PID  PPID USER     %CPU CPU COMMAND
>  2009  2008 guill     0.0   0 bash
>  2109  2108 guill     0.0   0 bash
>  2704  2109 guill     0.0   0 top
> 
> and here is the message found in the kernel log:
> 
>  intercept a fork: 2704 created by 2108
> 
> It should be 2109... not 2108
> I think that the problem occurs because the security_task_alloc() is
> called, the field p->parent is not set. 
> 
> Is it true? and if it is, is it possible to move the hook after the
> initialization of the variable p->parent?

No, it's correct where it is.  And, IIRC, elsa is accounting related.
LSM is not the right framework, you should be using something like PAGG
or CKRM.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/