Psst.. new poll here.
[email protected] webmail now available. Want one? Go here.
Cannot use outlook/hotmail/live here to register as they blocking our mail servers. #microsoftdeez
Obey the Epel!
Paste
Pasted as Plain Text by registered user s0rserer ( 13 years ago )
Creating 2.6 kernel modules
To build a VirusScan Enterprise for Linux kernel module from source, you need the source for
your kernel. Most vendor-supplied kernels include a kernel source package, that usually installs
the source into /usr/src/linux-<kernel version>. If you are not familiar with building the Linux
kernel, we recommend that you refer to tutorials available on the Internet.
1 Put your source tree into a known clean state to remove any generated files and any
non-standard configuration. To do this, run make mrproper from the top-level directory of
your kernel source tree:
cd <kernel source directory>
make mrproper
2 Configure the kernel source. You need the configuration file that was used to compile your
kernel.
NOTE: If you are using a vendor-supplied kernel, the /boot directory normally contains a
copy of the configuration file, which has a config- prefix or a .config extension.
3 Copy the configuration file to the file .config in the top-level directory of your kernel source
tree, and run make oldconfig:
cp <kernel config file> .config
make oldconfig
If asked for any configuration items, your configuration file is incomplete, and you need
to ask the supplier about the correct answers.
4 Check the version information in the top-level kernel Makefile. In particular, check that
EXTRAVERSION is set appropriately. Sometimes the version information is set to a custom
value in vendor-supplied source. The definition for KERNELRELEASE when expanded should
match the contents of /proc/sys/kernel/osrelease assuming that you are building modules for
the kernel that is currently running. The standard definition for KERNELRELEASE is:
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)$(EXTRAVERSION)
5 Build the kernel by typing make bzImage. This creates generated files that are necessary
for module compilation.
NOTE: You are now ready to build the VirusScan Enterprise for Linux kernel modules. The
Makefile provided to build the VirusScan Enterprise for Linux modules requires 3.80 or later
of GNU Make. Check your version of make by using make --version. If you have version 3.79
or earlier, you need to upgrade it to 3.80 or later.
6 Unpack the source files into an empty directory, and use the kernel build system to build
the modules:
cd <VirusScan Enterprise for Linux source directory>
make -C <kernel source dir> SUBDIRS='pwd' modules
If there are no errors, you will have two kernel modules — lshook.ko and linuxshield.ko.
7 Copy these modules into your VirusScan Enterprise for Linux module directory. The default
path is: /opt/NAI/LinuxShield/lib/modules.
If you have multiple kernels that cannot be distinguished by the contents of
/proc/sys/kernel/osrelease (the same as the output of uname -r), you need to use the file
kernel.version in the same directory. This file can contain multiple lines, each having the
form:
<prefix>:<build version>
Here <prefix> is a unique string that is derived from the kernel version. Given a version
of 2.6.nn<extra>, the prefix is 2.6.nn<unique tag><extra>, where the unique tag does
not contain ":".
For example, 2.6.9-ls-xyz:#1 SMP Sun May 16 12:27:32 UTC2004
Here <build version> is the contents of /proc/sys/kernel/version (or the output of uname -v)
when the matching kernel is running.
During VirusScan Enterprise for Linux startup, if kernel modules are identified as matching
the running kernel, symbolic links are created in the directory /lib/modules/`uname -r`/nai.
The targets of these links can determine which module files have been loaded.
8 Rename the modules to have .o extension instead of .ko extension.
Revise this Paste