All geek questions in one place

Configuring additional extended attributes in ext4 in kernel mode

I am trying to implement a custom extended attribute on an ext4 file system in a linux kernel. I added two new system calls to install and retrieve the Security_Tag (my new attribute) file. When implementing these system calls, I used setxattr , getxattr and access .

Here is my source code for implementing system calls:

#include <linux/kernel.h>
#include <linux/unistd.h>
#include <linux/syscalls.h>
#include <linux/types.h>
#include <linux/xattr.h>

// Sets the Security_Tag attribute for the given file to the  specified
// integer value.
asmlinkage int sys_set_security_tag(const char *filename, int new_tag)
{
        // Check if the current user has write access to this file
        int permissions = access(filename, W_OK);
        if(permissions < 0){
                printk("ERROR: Permission Denied");
                return -1;
        }

        // Set the value of the Security_Tag attribute to the value of new_tag
        int *val_p = &new_tag;
        int err = setxattr(filename, "Security_Tag", val_p, sizeof(int), 0);
        if(err < 0){
                printk("ERROR: Set attribute failed.");
                return -1;
        }

        return 0;
}

// Returns the value of the Security_Tag attribute for the given file.
asmlinkage int sys_get_security_tag(const char *filename)
{
        // Check if the user has read access to this file
        int permissions = access(filename, R_OK);
        if(permissions < 0){
                printk("ERROR: Permission Denied.");
                return -1;
        }

        // Allocate a buffer for the value of the tag and retrieve it value
        int *buff = kmalloc(sizeof(int));
        ssize_t bytesRead = getxattr(filename, "Security_Tag", buff, sizeof(int));

        if(bytesRead < 0){
                // Attribute does not exist for this file yet, so create the
                // attribute and set it to the default value of 0.
                int val = 0;
                int *val_p = &val;
                int err = setxattr(filename, "Security_Tag", val_p, sizeof(int), XATTR_CREATE);

                if(err < 0){
                        printk("ERROR: Attribute Creation Failed");
                        return -1;
                }
                return val;
        }

        // Store the return value, free the buff pointer, and return the
        // Security_Tag value.
        int ret = *buff;
        free(buff);
        return ret;
}

When I try to make a kernel, I get the following errors:

$ sudo make && sudo make install && sudo make modules_install
make[1]: Entering directory '/usr/rep/out/kernel'
  CHK     include/config/kernel.release
  Using /usr/rep/src/kernel as source for kernel
  CHK     include/generated/uapi/linux/version.h
  CHK     include/generated/utsrelease.h
  CHK     include/generated/bounds.h
  CHK     include/generated/timeconst.h
  CHK     include/generated/asm-offsets.h
  CALL    /usr/rep/src/kernel/scripts/checksyscalls.sh
  CHK     include/generated/compile.h
  SKIPPED include/generated/compile.h
  CC      filesecuritytag/filesecuritytag.o
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c: In function 'sys_set_security_tag':
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:12:2: error: implicit declaration of function 'access' [-Werror=implicit-function-declaration]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:12:37: error: 'W_OK' undeclared (first use in this function)
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:12:37: note: each undeclared identifier is reported only once for each function it appears in
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:19:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:20:2: error: implicit declaration of function 'setxattr' [-Werror=implicit-function-declaration]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c: In function 'sys_get_security_tag':
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:33:37: error: 'R_OK' undeclared (first use in this function)
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:40:2: error: too few arguments to function 'kmalloc'
/usr/rep/src/kernel/include/linux/slab.h:478:30: note: declared here
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:40:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:41:2: error: implicit declaration of function 'getxattr' [-Werror=implicit-function-declaration]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:59:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:60:2: error: implicit declaration of function 'free' [-Werror=implicit-function-declaration]
/usr/rep/src/kernel/filesecuritytag/filesecuritytag.c:60:2: warning: incompatible implicit declaration of built-in function 'free' [enabled by default]
cc1: some warnings being treated as errors

/usr/rep/src/kernel/scripts/Makefile.build:293: recipe for target 'filesecuritytag/filesecuritytag.o' failed
make[2]: *** [filesecuritytag/filesecuritytag.o] Error 1
/usr/rep/src/kernel/Makefile:991: recipe for target 'filesecuritytag' failed
make[1]: *** [filesecuritytag] Error 2
make[1]: Leaving directory '/usr/rep/out/kernel'
Makefile:150: recipe for target 'sub-make' failed
make: *** [sub-make] Error 2

, , , (, , , ). : , , , , , C, - .

:

  • setxattr, getxattr ? , , ? (, printk printf).

  • , unistd.h, sys/types.h attr/xattr.h. , , , , linux/types.h, linux/xattr.h linux/unistd.h. ?

EDIT: . , , , setxattr ( vfs_getxattr), , . , :

  • / , ?
+4

:

:

772
?
134
?

Source: https://habr.com/ru/post/1696336/

More articles:


All Articles