headers
tv | 6 Oct 2008 15:37
Favicon

DazukoFS 3.0.0-rc1 doesn't build


Hi,

building dazukofs 3.0.0-rc1 with Linux 2.6.25.17 ends up with:

  LD      /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/built-in.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/super.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/inode.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/file.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/dentry.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/mmap.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/group_dev.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/ctrl_dev.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/dev.o
  CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.o
/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:33: warning: function 
declaration isn't a prototype
/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:33: error: field 'get_current' 
declared as a function
/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c: In function 
'dazukofs_claim_event':
/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:654: error: invalid lvalue in 
assignment
make[1]: *** [/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.o] Error 1
make: *** [_module_/x/tv/kernel-2.6/dazukofs-3.0.0-rc1] Error 2

I'm calling make M=../dazukofs-3.0.0-rc1 from inside the kernel build dir 
(after building the kernel)

I tried "the normal" build way, and Linux 2.6.26, but did not succed
(Continue reading)

Permalink | Reply | 5 comments |
headers
John Ogness | 7 Oct 2008 08:50

Re: DazukoFS 3.0.0-rc1 doesn't build

On 2008-10-06, tv <at> collax.com wrote:
> building dazukofs 3.0.0-rc1 with Linux 2.6.25.17 ends up with:
>
>   CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.o
> /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:33: warning: function 
> declaration isn't a prototype
> /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:33: error: field 'get_current' 
> declared as a function
> /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c: In function 
> 'dazukofs_claim_event':
> /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:654: error: invalid lvalue in 
> assignment
> make[1]: *** [/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.o] Error 1
> make: *** [_module_/x/tv/kernel-2.6/dazukofs-3.0.0-rc1] Error 2
>
> What's happening here?

The problem seems to be that I am using the name "current" for a
member of the dazukofs_proc struct. The patch below should fix it.

John Ogness

--- a/event.c	24 Sep 2008 18:11:11 -0000	1.22
+++ b/event.c	6 Oct 2008 19:37:33 -0000
 <at>  <at>  -30,7 +30,7  <at>  <at> 

 struct dazukofs_proc {
 	struct list_head list;
-	struct task_struct *current;
+	struct task_struct *curr;
(Continue reading)

Permalink | Reply | 4 comments |
headers
tv | 7 Oct 2008 11:56
Favicon

Re: DazukoFS 3.0.0-rc1 doesn't build

On Tue, 7 Oct 2008, John Ogness wrote:

> On 2008-10-06, tv <at> collax.com wrote:
> > building dazukofs 3.0.0-rc1 with Linux 2.6.25.17 ends up with:
> >
> >   CC [M]  /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.o
> > /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:33: warning: function 
> > declaration isn't a prototype
> > /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:33: error: field 'get_current' 
> > declared as a function
> > /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c: In function 
> > 'dazukofs_claim_event':
> > /x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.c:654: error: invalid lvalue in 
> > assignment
> > make[1]: *** [/x/tv/kernel-2.6/dazukofs-3.0.0-rc1/event.o] Error 1
> > make: *** [_module_/x/tv/kernel-2.6/dazukofs-3.0.0-rc1] Error 2
> >
> > What's happening here?
> 
> The problem seems to be that I am using the name "current" for a
> member of the dazukofs_proc struct. The patch below should fix it.

Thanks. Now I can build and use the module.

Do you know if there is way to hack antivir using this version of 
dazukofs? antivir was ok with the previous version 
(dazuko-2.3.5-nullfs-0.0.3).

Greetings,
Thomas
(Continue reading)

Permalink | Reply | 3 comments |
headers
John Ogness | 7 Oct 2008 20:44

Re: DazukoFS 3.0.0-rc1 doesn't build

On 2008-10-07, tv <at> collax.com wrote:
> Do you know if there is way to hack antivir using this version of
> dazukofs? antivir was ok with the previous version
> (dazuko-2.3.5-nullfs-0.0.3).

The previous version (dazuko-2.3.5-nullfs-0.0.3) is based on the
Dazuko 2.x code and model. That model was based on file names being
passed to registered applications and registered applications being
allowed free reign on the system. This has the following security
issues:

1. path names are unreliable

2. giving free reign to any application is a bad idea

DazukoFS 3 takes care of both of these issues by providing the
registered application with a read-only, already opened file
descriptor. This allows the registered application to scan the
contents without ever having to open a file. Thus, the registered
application does not require any more priviledges than any other
application (except for accessing the DazukoFS device, of course).

Since the new model represents a fundemental change in the way Dazuko
works, it is not possible to "trick" Dazuko 2.x applications into
using the DazukoFS 3.x interface. It would require adding backwards
compatible hooks into DazukoFS (and I don't want to do that).

I realize that for anti-virus vendors, adapting to the new DazukoFS
requires some effort. That is why I made sure it was a completely
separate interface. If a vendor wanted, they could easily support
(Continue reading)

Permalink | Reply | 2 comments |
headers
tv | 9 Oct 2008 14:10
Favicon

Re: DazukoFS 3.0.0-rc1 doesn't build

On Tue, 7 Oct 2008, John Ogness wrote:

> DazukoFS 3 takes care of both of these issues by providing the
> registered application with a read-only, already opened file
> descriptor. This allows the registered application to scan the
> contents without ever having to open a file. Thus, the registered
> application does not require any more priviledges than any other
> application (except for accessing the DazukoFS device, of course).
> 
> Since the new model represents a fundemental change in the way Dazuko
> works, it is not possible to "trick" Dazuko 2.x applications into
> using the DazukoFS 3.x interface. It would require adding backwards
> compatible hooks into DazukoFS (and I don't want to do that).
> 
> I realize that for anti-virus vendors, adapting to the new DazukoFS
> requires some effort. That is why I made sure it was a completely
> separate interface. If a vendor wanted, they could easily support
> Dazuko and DazukoFS simultaneously, and choose whichever is available
> on the system. In my opinion, the changes required would be rather
> small.
> 
> I know that Avira GmbH is currently evaluating DazukoFS. Once DazukoFS
> is officially released, perhaps they will include support for it in
> their on-access scanner.

Thank you for the explanation.

Btw. for dazuko 2.3.5, the Kconfig says:

         This module will NOT work if both "NSA SELinux Support" and
(Continue reading)

Permalink | Reply | 1 comment |
headers
John Ogness | 9 Oct 2008 15:47

Re: DazukoFS 3.0.0-rc1 doesn't build

On 2008-10-09, tv <at> collax.com wrote:
> Btw. for dazuko 2.3.5, the Kconfig says:
>
>          This module will NOT work if both "NSA SELinux Support" and
>          "Default Linux Capabilities" are enabled.
>
> Could it be that this is true for CONFIG_SECURITY_SMACK aswell?
>
> (CONFIG_SECURITY_CAPABILITIES and CONFIG_SECURITY_SMACK, no 
> CONFIG_SECURITY_SELINUX)
>
> I had no luck booting a kernel with dazuko patch and smack switched
> on.

Generally, only 2 LSM modules can be loaded. If Capabilities and Smack
are already loaded, Dazuko will not be permitted to be loaded. LSM was
not really designed with the idea that someone uses a bunch of
security modules at the same time.

John Ogness

--

-- 
Dazuko Maintainer
Permalink | Reply | 0 comments |
headers
John Ogness | 9 Oct 2008 22:22

DazukoFS 3.0.0-rc2 posted

Hi,

I have posted the next release candidate for DazukoFS 3.0.0. One major
bug and several minor bugs were discovered in the process management
code. These have been fixed. If you encounter _any_ warnings or
errors, please report them to this list. Even if you can't provide (or
don't have time for) a detailed report, it is still helpful for me to
know if problems exist.

3.0.0-rc2 also provides a new feature: ignoring processes. A device
"/dev/dazukofs.ign" exists. Any application that opens this device
will be hidden from DazukoFS and can perform whatever file operations
it wants. As soon the device is closed, the application is no longer
hidden. Only the application (or thread) that opens the device is
hidden.

This feature is off by default, but can be enabled by modifying the
Makefile.

EXTRA_CFLAGS += -DCONFIG_DAZUKOFS_IGNORE

By setting the permission on this device, you can control which user
processes are allowed to make themselves hidden.

I chose to add this feature (after much debate) because many
Dazuko-based applications need some sort of "freedom" to work
undetected at times. This would also be necessary for any anti-virus
software that uses a scanning daemon separate from the registered
processes (as ClamAV would like to do).
(Continue reading)

Permalink | Reply | 9 comments |
headers
jim burns | 19 Oct 2008 17:51

Re: DazukoFS 3.0.0-rc2 posted

On Thu October 9 2008 4:22:03 pm John Ogness wrote:
> I have posted the next release candidate for DazukoFS 3.0.0. One major
> bug and several minor bugs were discovered in the process management
> code. These have been fixed. If you encounter _any_ warnings or
> errors, please report them to this list. Even if you can't provide (or
> don't have time for) a detailed report, it is still helpful for me to
> know if problems exist.

As previously reported on 9/28, this won't build on openSuSE 11.0. The error 
is in inode.c, presumably from nullfs, and is reproduced below. Also, any 
other comments on my 9/28 post would be appreciated:

jimb <at> Dell4550 10/19/08 11:44AM:~
[501] > tar xvf jimbur\~1/downloads/unix/dazukofs-3.0.0-rc2.tar.gz       
dazukofs-3.0.0-rc2/                                                      
dazukofs-3.0.0-rc2/Makefile                                              
dazukofs-3.0.0-rc2/group_dev.c                                           
dazukofs-3.0.0-rc2/event.c                                               
dazukofs-3.0.0-rc2/CHANGELOG                                             
dazukofs-3.0.0-rc2/dev.c                                                 
dazukofs-3.0.0-rc2/ctrl_dev.c                                            
dazukofs-3.0.0-rc2/dev.h                                                 
dazukofs-3.0.0-rc2/file.c                                                
dazukofs-3.0.0-rc2/dentry.c                                              
dazukofs-3.0.0-rc2/ign_dev.c                                             
dazukofs-3.0.0-rc2/mmap.c                                                
dazukofs-3.0.0-rc2/dazukofs_fs.h                                         
dazukofs-3.0.0-rc2/LICENSE.GPL-2                                         
dazukofs-3.0.0-rc2/README                                                
dazukofs-3.0.0-rc2/super.c
(Continue reading)

Permalink | Reply | 8 comments |
headers
John Ogness | 19 Oct 2008 22:11

Re: DazukoFS 3.0.0-rc1 posted - nullfs problems on openSuSE 11.0

On 2008-09-29, jim burns <jim_burn <at> bellsouth.net> wrote:
> 1) Do you know if avira will come out with an antivir that works
>    with dazukofs?

I posted my thoughts on this question as a response to another thread:

http://lists.gnu.org/archive/html/dazuko-devel/2008-10/msg00003.html

> 2) SuSE has a dazuko .src.rpm based on redirfs-0.2 and dazuko
>    2.3.4.4 (presumably 2.3.5-pre1, to support redirfs), hence it's a
>    little out of date, plus building it against the current
>    2.6.25.16 kernel works, but the modules don't load, with unknown
>    symbol errors. The .src.rpm was originally designed against
>    2.6.25.5.

SuSE is interested in making sure that Dazuko is available on their
distribution. As far as I know, they are interested in pursuing the
redirfs/dazuko direction to maintain support for Dazuko. If you are
interested in using the SuSE kernel, then I recommend also using the
Dazuko package provided by SuSE.

> 3) Building the tarballs for dazuko 2.3.6-pre2 and redirfs-0.3
>    works, and the modules load, but antivir complains
>    "antivir[29092]: Error: Unable to setup Dazuko parameters" - I
>    get the feeling it can't talk to /dev/dazuko, which has major
>    250.

I do not know why antivir would be having a problem. If the module
loads (and the example program works), then antivir should be
happy. The Dazuko interface was not changed in 2.3.6-pre2. I recommend
(Continue reading)

Permalink | Reply | 0 comments |
headers
John Ogness | 19 Oct 2008 22:15

Re: DazukoFS 3.0.0-rc2 posted

On 2008-10-19, jim burns <jim_burn <at> bellsouth.net> wrote:
> As previously reported on 9/28, this won't build on openSuSE
> 11.0. The error is in inode.c, presumably from nullfs, and is
> reproduced below.

DazukoFS 3.0.0-pre2 was created to work with the Linux 2.6.26 kernel
from kernel.org. Please post the following file:

  fs/ecryptfs/inode.c

With that file I can see what the API looks like on your
kernel. Perhaps it would be a small fix.

John Ogness

--

-- 
Dazuko Maintainer
Permalink | Reply | 0 comments |

Gmane