how to get ip options in lsm hook function -- security_socket_recvmsg?

From: Yuan ChunYang (cyyuanmlat_private)
Date: Wed Sep 03 2003 - 07:18:28 PDT

  • Next message: Paula: "We believe in helping you"

    hi,now i can add labels in ip options in security_socket_sendmsg.
    But can i do get ip options in security_socket_recvmsg ?
    i try it in security_socket_recvmsg :
    	struct sock *sk = sock->sk;
    	struct inet_opt *inet=inet_sk(sk);
    	struct ip_options *opt = NULL;
    	opt = inet->opt;
    	if ( !opt ){
    		printk("daddr : %x\n",inet->daddr);
    		printk("dport : %d\n",inet->dport);
    		printk("source ip: %x\n",saddr_skb);
    		printk("sport : %d\n",inet->sport);
    		printk("inet->opt : %d\n",inet->opt);
    		printk (KERN_INFO "opt == NULL in smos_socket_recvmsg! \n");
    		return 0; // 22, Invalid argument
    	} else        
        		return secopt_socket_check_ip_options((char *)opt);
    BUT opt=NULL. 
    another question is in security_ip_decode_options function :
     static int security_ip_decode_options (struct sk_buff *skb, const char
    				    unsigned char **pp_ptr) 
    i can not know the meaning of pp_ptr.can somebody explain it clearly ?
    it's explained in lsm as:
     * pp_ptr contains the 
     * parameter problem pointer. Returns 0 on success. A non-zero return
    value will 
     * cause an ICMP parameter problem message to be generated and
    transmitted to the 
     * sender. The pp_ptr parameter may be used to point to the offending
     * parameter. 
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed Sep 03 2003 - 07:19:25 PDT