LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page How to make an extraordinarily incompatible kernel module
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-11-2014, 06:55 AM   #1
salantrax
LQ Newbie
 
Registered: Feb 2014
Posts: 7

Rep: Reputation: Disabled
How to make an extraordinarily incompatible kernel module

Hello!

I was wondering if you could recommend a kernel module that would fail miserably and reliably when inserting it into a "foreign" kernel, i.e. one for which the module was not built.

The plan is to store that module probe/key on an encrypted rootfs and watch for module errors that would indicate that the kernel image has been swapped.

EDIT: That module would get loaded by systemd, according to the list /etc/modules-load.d/modules.conf:
Code:
# List of modules to load at boot
module-that-does-not-play-nice-with-unfamiliar-kernels
Last edited by salantrax; 08-11-2014 at 07:15 AM. Reason: More info
 
Old 09-06-2014, 04:17 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by salantrax View Post
I was wondering if you could recommend a kernel module that would fail miserably and reliably when inserting it into a "foreign" kernel, i.e. one for which the module was not built.
Take something that's been deprecated since kernel 2.0.23? ;-p


Quote:
Originally Posted by salantrax View Post
The plan is to store that module probe/key on an encrypted rootfs and watch for module errors that would indicate that the kernel image has been swapped.
...so I load something before your encrypted rootfs is mounted that hides any LKM error messages?
 
Old 09-08-2014, 01:57 PM   #3
salantrax
LQ Newbie
 
Registered: Feb 2014
Posts: 7

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by unSpawn View Post
Take something that's been deprecated since kernel 2.0.23? ;-p
Needs to be compatible with current kernel (> 3.16).


Quote:
Originally Posted by unSpawn View Post
...so I load something before your encrypted rootfs is mounted that hides any LKM error messages?
Then how do you explain that the module doesn't say:
"Hello! I loaded successfully, and the secret passphrase is 4324984234."?
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to make two instances of kernel module ....??? Help. skate Linux - Software 5 07-08-2008 03:17 AM
how to make my module part of kernel furahm Linux - General 1 07-10-2006 03:33 AM
What can you ACTUALLY make a module for in the kernel? djuhl30 Linux - Hardware 2 01-30-2006 02:34 AM
compile kernel module without 'make' whysyn Linux - Software 2 01-29-2006 12:56 AM
cmedia cmi9739a incompatible module format FirebirdV0273 Linux - Hardware 2 10-25-2004 09:13 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:36 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration