[patch] Socket Receive Hook

From: Chris Vance (cvanceat_private)
Date: Thu Aug 09 2001 - 07:46:26 PDT

  • Next message: James Morris: "Re: [patch] Socket Receive Hook"

    Attached is a patch to insert a socket receive hook into the processing
    path for both TCP and UDP/RAW.  We believe the position is the earliest
    point in the input processing where the socket has been looked up and
    associated with the skbuff.
    
    SELinux uses this hook to check receive permissions on messages.
    
    We would also like to insert another hook into tcp_rcv_state_process
    <new/ipv4/tcp_input.c> so that we may perform tcp connection checking
    (separate from this patch). The problem is that by the point that routine
    is called, the skb->dev field has been set to NULL.  Our current checks
    require socket and netdevice security fields.  Can anyone suggest an
    alternative?
    
    chris.
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 07:50:08 PDT