about security_skb_alloc??

From: Yuan ChunYang (cyyuanmlat_private)
Date: Sun Sep 21 2003 - 02:20:12 PDT

  • Next message: Seth Arnold: "Re: about security_skb_alloc??"

    hi, i am  programing a module using LSM hooks function. But it often
    shutdown my computer. And you can not know when it will happen and
    happens suddenly .I do not catch the reason now. But from the debug, i
    find that there maybe are mistakes in security_skb_alloc hooks function.
    The codes is followed:
    	struct skb_security_struct *ssec;
            /* in skb_security_struct there is a struct point of mls_range_t
    	mls_range_t *mlsrange; 
    	int rc = 0;
    	ssec = skb->lsm_security;
    	if (ssec && ssec->magic == SECOPT_MAGIC) {
    		return rc;
    	/* Often shutdown HERE !!! */
    	ssec = (struct skb_security_struct *)kmalloc(sizeof(struct
    skb_security_struct), GFP_ATOMIC); 
    	if (!ssec) {
    		rc = -ENOMEM;
    		return rc;
    	memset(ssec, 0, sizeof (struct skb_security_struct));
    	ssec->magic = SECOPT_MAGIC;
    	ssec->skb = skb;
    	mlsrange = (mls_range_t *)kmalloc(sizeof(mls_range_t), SAFE_ALLOC);
    	if(!mlsrange) {
    		return -ENOMEM;
    	memset(mlsrange, 0, sizeof (mls_range_t));
    	mlsrange->label[0].level = 1;
    	mlsrange->label[0].cates = 0xf0fff1fff2ffff3f;
    	memcpy(&mlsrange->label[1], &mlsrange->label[0], sizeof(mls_label_t));
    	ssec->mlsrange = mlsrange;
    	skb->lsm_security = ssec;
    	return rc;
    Can anybody help me analysis the reason of shutdown computer?
    Another question is : 
        Is it necessary to add reference count in sk_buff security struct
    when clone ? I think it only copy control struct and security struct 
    but not copy data when clone a sk_buff. So it's necessary to add another
    reference count in security struct because there is a reference count in
    sk_buff struct. It's right?

    This archive was generated by hypermail 2b30 : Sun Sep 21 2003 - 02:21:47 PDT