74 lines
1.7 KiB
Markdown
74 lines
1.7 KiB
Markdown
# mod_hello
|
|
|
|
|
|
## building
|
|
|
|
```shell
|
|
make all
|
|
```
|
|
|
|
This produces `./helloctl/helloctl` binary for talking to the `mod_hello` over
|
|
ioctl through `/dev/helloctl`, as well as `./mod_hello.ko` kernel module
|
|
itself.
|
|
|
|
|
|
## Testing
|
|
|
|
### Host
|
|
|
|
```shell
|
|
$> make build
|
|
$> sudo insmod ./mod_hello.ko
|
|
$> sudo dmesg | tail
|
|
[ 1679.566426] [mod_hello] pid: 8418, comm: insmod
|
|
[ 1679.566427] [mod_hello] module loaded.
|
|
[ 1679.566428] [mod_hello] looking up 'files'
|
|
[ 1679.574011] [mod_hello] files 0xffffffff87e57e40
|
|
[ 1679.574013] [mod_hello] files (0xffffffff87e57e40): usage
|
|
[ 1679.579120] [mod_hello] fib of 0 and 1 (up to 10000000): 8644293272739028509 (in only 5 jiffies)
|
|
$> sudo ./helloctl/helloctl
|
|
$> sudo dmesg | tail -1
|
|
[ 1734.248270] [mod_hello] received command: 1
|
|
```
|
|
|
|
### Container
|
|
|
|
Assuming we've already `insmod` the module above:
|
|
|
|
```shell
|
|
sudo docker run -it --rm -v $(pwd)/helloctl/helloctl:/usr/bin/helloctl:ro --device /dev/helloctl fedora /usr/bin/helloctl
|
|
```
|
|
|
|
Now `dmesg | tail` will reflect the command ran successfully, but at the sake of running an non-isolated container.
|
|
|
|
### runc
|
|
|
|
Determining major/minor for setting permissions requires inserting the module, then collecting the major/minor device, and putting that to a runc `config.json`.
|
|
|
|
```shell
|
|
$> stat -c "%t %T" /dev/helloctl
|
|
a 39
|
|
$> echo "$((16#$(stat -c "%t" /dev/helloctl )))"
|
|
10
|
|
$> echo "$((16#$(stat -c "%T" /dev/helloctl )))"
|
|
57
|
|
```
|
|
|
|
Now in the `config.json`, under `linux.resources.devices`, that array, it needs the following with the major/minor integers from your `/dev/helloctl`:
|
|
|
|
```json
|
|
{
|
|
"allow": true,
|
|
"type": "c",
|
|
"major": 10,
|
|
"minor": 57,
|
|
"access": "rwm"
|
|
},
|
|
```
|
|
|
|
### cleanup
|
|
|
|
```shell
|
|
make clean
|
|
sudo rmmod mod_hello
|
|
```
|