centos lkm create strange behavior and panic eventually
Linux - KernelThis forum is for all discussion relating to the Linux kernel.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
centos lkm create strange behavior and panic eventually
I got this massage in dmesg log module verification failed: signature and/or required key missing - tainting kernel
when loading the lkm and sometimes before crashin i get
systemd-journald[1131]: Failed to generate stream ID: No such file or directory
. and also when the lkm is loaded i get strange behavior (the root authentication is taking a lot longer and the chrome browser is crashing the system)
Last edited by danielhaish; 06-26-2020 at 02:24 AM.
Distribution: debian, lfs, whatever else i need in qemu
Posts: 268
Rep:
Great, now you know it's caused by your module, next thing is to fix the source!
Writing anything in C takes decades learning and yet mistakes happen anyway. The point is, though, that you must never have any mistakes in kernel code. ideally. So ideally you should also never use C these days(it's 2020 out there!) unless... unless you 10^google% sure you know what you're doing. I played around with C for the most part of my life and frankly I'm not sure what I'm doing at all.
Anyway writing kernel module isn't the same thing as writing hello world. There are thousands of things to consider before each operation. Regardless, it should never be taken lightly.
If you want some real help post some real code with some real research you did. Otherwise there's no way to help you without knowing a thing on what and how you're trying to achieve.
Great, now you know it's caused by your module, next thing is to fix the source!
Writing anything in C takes decades learning and yet mistakes happen anyway. The point is, though, that you must never have any mistakes in kernel code. ideally. So ideally you should also never use C these days(it's 2020 out there!) unless... unless you 10^google% sure you know what you're doing. I played around with C for the most part of my life and frankly I'm not sure what I'm doing at all.
Anyway writing kernel module isn't the same thing as writing hello world. There are thousands of things to consider before each operation. Regardless, it should never be taken lightly.
If you want some real help post some real code with some real research you did. Otherwise there's no way to help you without knowing a thing on what and how you're trying to achieve.
well after i found out that the module is trigger the kernel panic i build very simple one and the methods in module work because the module doing is job it not crashing on some action . maybe it how i build it how can I fix the signature problem
Distribution: debian, lfs, whatever else i need in qemu
Posts: 268
Rep:
you don't need to fix it, it doesn't affect the execution. you CAN sign your own module with your own key (there are helper scripts for that in scripts/ directory) but again, that would simply remove the message.
you don't need to fix it, it doesn't affect the execution. you CAN sign your own module with your own key (there are helper scripts for that in scripts/ directory) but again, that would simply remove the message.
thanks you I also found few more logs my lkm code is okey because i compiled it on other version and i worked fine this is the logs I found traps: chrome[pid] general protection fault
traps: chrome[pid] trap int3 ip:55ece3d43014 sp:7ffeff71de90 error:0 in chrome[55ecdf647000+7858000]
when attempt to open chrome
another log which i found on the internet but the fix i found didn't worked is journald[<pid>]: Failed to open runtime journal: No such file or directory
do you think it means anything
Last edited by danielhaish; 06-29-2020 at 08:56 AM.
Distribution: debian, lfs, whatever else i need in qemu
Posts: 268
Rep:
I kinda have the feeling you're trying to do something nasty there.
If not, you probably should know why it's not working from reading the similar articles about making a module on google or elsewhere.
I kinda have the feeling you're trying to do something nasty there.
If not, you probably should know why it's not working from reading the similar articles about making a module on google or elsewhere.
I am sorry but not at all i am working on security system and i hooked those system call for monitoring them and also the module is working fine its just that change the behavior of the system for some how maybe there is some security module that blocked it because it worked fine on ubuntu kernel 14.5 of curse i made the necessary changes betweens the kernels other wise it wouldn't work at all the problem is that the module is does works but it change a bit the behavior of the kernel
Distribution: debian, lfs, whatever else i need in qemu
Posts: 268
Rep:
And those kernels were like 10, 15 years old, right?
There is of course but it doesn't involve .ko there. Just add your code to the tree. sc table isn't exported to the modules.
Distribution: debian, lfs, whatever else i need in qemu
Posts: 268
Rep:
Let me also add that there's never been a secure system built which is based on blacklists. That's not how it works. You only need to allow what you only need to do, that's it. We'll leave the speculation over whether secure systems exist at all out of this, just concentrate on the idea of granting a limited set of permissions rather than taking unneeded away.
Let me also add that there's never been a secure system built which is based on blacklists. That's not how it works. You only need to allow what you only need to do, that's it. We'll leave the speculation over whether secure systems exist at all out of this, just concentrate on the idea of granting a limited set of permissions rather than taking unneeded away.
well I fixed it thanks but the true is that i wanted to build something spacial based on ML
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.