Re: New hooks for sock structure

From: James Morris (jmorrisat_private)
Date: Wed Jul 10 2002 - 06:04:15 PDT

  • Next message: James Morris: "Re: New hooks for sock structure"

    On Wed, 10 Jul 2002, Wayne Salamon wrote:
    
    > > - Pass priority arg through to socket_sock_alloc_security().
    > >
    > 
    >   Should we address the other alloc hooks (skb_alloc_security, etc.) then
    > too?
    
    Yes, I think so.
    
    > 
    > > - Pointer save not needed in tcp_create_openreq_child().
    > >
    > 
    > 
    > newsk->security is set before this code in the sk_alloc() call, and we
    > need to prevent this pointer from being overwritten with the listening
    > sock's security pointer.
    
    You're right, sorry.
    
    > 
    > > - The socket_sock_connect() hook is TCP specific, probably better to call
    > >   it tcp_create_openreq_child().
    > >
    > 
    >   Well, I went back and forth on this. I'm not sure this hook will always
    > be TCP specific.
    >
    
    It's only called from tcp_create_openreq_child(), and is not a generic 
    socket or sock event.  Also, calling it socket_sock_connect() may cause 
    confusion with the connect() hook -- better to make the API as clear and 
    simple as possible, rather than try and cater for something generic which 
    may happen in the future.
    
    
    - James
    -- 
    James Morris
    <jmorrisat_private>
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 06:05:30 PDT