Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261492AbUKWVyy (ORCPT ); Tue, 23 Nov 2004 16:54:54 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261292AbUKWVxI (ORCPT ); Tue, 23 Nov 2004 16:53:08 -0500 Received: from fw.osdl.org ([65.172.181.6]:39579 "EHLO mail.osdl.org") by vger.kernel.org with ESMTP id S261505AbUKWVvp (ORCPT ); Tue, 23 Nov 2004 16:51:45 -0500 Date: Tue, 23 Nov 2004 13:51:44 -0800 From: Chris Wright To: Guillaume Thouvenin Cc: lkml Subject: Re: [PATCH 2.6.9] fork: add a hook in do_fork() Message-ID: <20041123135144.F14339@build.pdx.osdl.net> References: <1101189797.6210.53.camel@frecb000711.frec.bull.fr> <20041123080643.GD23974@kroah.com> <1101219268.6210.133.camel@frecb000711.frec.bull.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <1101219268.6210.133.camel@frecb000711.frec.bull.fr>; from Guillaume.Thouvenin@Bull.net on Tue, Nov 23, 2004 at 03:14:28PM +0100 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1383 Lines: 38 * Guillaume Thouvenin (Guillaume.Thouvenin@Bull.net) wrote: > static int elsa_task_alloc_security(struct task_struct *p) > { > printk(KERN_ALERT "intercept a fork: %d created by %d\n", > p->pid, p->parent->pid); It's created by current. So, current->pid. p is not completely setup yet, and is still largely duplication of current from dup_task_struct(). > PID PPID USER %CPU CPU COMMAND > 2009 2008 guill 0.0 0 bash > 2109 2108 guill 0.0 0 bash > 2704 2109 guill 0.0 0 top > > and here is the message found in the kernel log: > > intercept a fork: 2704 created by 2108 > > It should be 2109... not 2108 > I think that the problem occurs because the security_task_alloc() is > called, the field p->parent is not set. > > Is it true? and if it is, is it possible to move the hook after the > initialization of the variable p->parent? No, it's correct where it is. And, IIRC, elsa is accounting related. LSM is not the right framework, you should be using something like PAGG or CKRM. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/