On Mon, 16 May 2005 15:15:22 EDT, Reiner Sailer said: > > I am writing a Linux Security Module that needs SHA1 support very early in > the kernel startup (before any fs are mounted,modules are loaded, or > files are mapped; including initrd). Therefore, I use the __initcall > to initialize the security module. SHA1 can currently be used only > through the crypto-api (static definitions and hidden context structure). > > This crypto-API, however, initializes AFTER the security module > code in the __initicall block. Currently, I use the following patch into > the main Linux Makefile to start up the crypto-API earlier: I hit the same problem trying to add sysctl's from inside the LSM. What I ended up doing was letting the security_initcall() set up the *other* stuff I needed, and then had a regular initcall() that ended up called after sysctl was initialized, but before we went to userspace. I'm pretty sure that all the initcall chails get run before we mount the initrd and all that.
Attachment:
pgpzKMmMrvPXY.pgp
Description: PGP signature
- References:
- crypto api initialized late
- From: Reiner Sailer <[email protected]>
- crypto api initialized late
- Prev by Date: Re: [PATCH] Factor in buddy allocator alignment requirements in node memory alignment
- Next by Date: semaphore understanding: sys_semtimedop()
- Previous by thread: Re: crypto api initialized late
- Next by thread: Re: crypto api initialized late
- Index(es):