hi,now i can add labels in ip options in security_socket_sendmsg.
But can i do get ip options in security_socket_recvmsg ?
i try it in security_socket_recvmsg :
----------------------------------------------------------------------
struct sock *sk = sock->sk;
struct inet_opt *inet=inet_sk(sk);
struct ip_options *opt = NULL;
opt = inet->opt;
saddr_skb=inet->saddr;
if ( !opt ){
printk("daddr : %x\n",inet->daddr);
printk("dport : %d\n",inet->dport);
printk("source ip: %x\n",saddr_skb);
printk("sport : %d\n",inet->sport);
printk("inet->opt : %d\n",inet->opt);
printk (KERN_INFO "opt == NULL in smos_socket_recvmsg! \n");
return 0; // 22, Invalid argument
} else
return secopt_socket_check_ip_options((char *)opt);
----------------------------------------------------------------------
BUT opt=NULL.
another question is in security_ip_decode_options function :
static int security_ip_decode_options (struct sk_buff *skb, const char
*optptr,
unsigned char **pp_ptr)
i can not know the meaning of pp_ptr.can somebody explain it clearly ?
it's explained in lsm as:
* pp_ptr contains the
* parameter problem pointer. Returns 0 on success. A non-zero return
value will
* cause an ICMP parameter problem message to be generated and
transmitted to the
* sender. The pp_ptr parameter may be used to point to the offending
option
* parameter.
thanx!
yuan
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Sep 03 2003 - 07:19:25 PDT