Re: about security_skb_alloc??

From: Yuan ChunYang (cyyuanml@private)
Date: Tue Sep 23 2003 - 18:05:56 PDT

  • Next message: Yuan ChunYang: "why the skb->lsm_security is NULL inskb_free_security after skb_alloc_security ???"

    HI, i am finding the reason for these days.
      But now i find a strange problem about skb_alloc_security hook.
      After i allocated security struct for a sk_buff, i find its
    skb->lsm_security is NULL when calling skb_free_security hook. I test it
    in kernel 2.5.72 with LSM and write codes only two hooks about sk_buff.
      It can not free memory of sk_buff security struct. So my computer is
      Can somebody tell me why the skb->lsm_security is NULL in
    skb_free_security after skb_alloc_security ???
      Is there some functions in kernel set skb->lsm_security NULL ???
    My codes are followed:
    static inline int smos_skb_alloc_security(struct sk_buff * skb, int
      	sk_buff_security_t *sksec;
      	int rc = 0;
    	sksec = skb->lsm_security;
    	if (sksec && sksec->magic == SECOPT_MAGIC) {
    		return rc;
    	sksec = (sk_buff_security_t *)
    	if (!sksec) {
    		rc = -ENOMEM;
    		return rc;
    	memset(sksec, 0, sizeof (sk_buff_security_t));
    	sksec->magic = SECOPT_MAGIC;
    	sksec->skb = skb;
    	skb->lsm_security = sksec;
    	printk(KERN_INFO "smos_skb_alloc_security........skb=%p
    ,skb->lsm_security=%p ..[1-1]\n",skb,skb->lsm_security);
    	return rc;
    static inline void smos_skb_free_security(struct sk_buff * skb)
    	sk_buff_security_t *ssec = skb->lsm_security;
    	printk(KERN_INFO "smos_skb_free_security........skb=%p
    ,skb->lsm_security=%p ..[2-1]\n",skb,ssec);
    	if (!ssec || ssec->magic != SECOPT_MAGIC) return;
    	skb->lsm_security = NULL;
    	printk(KERN_INFO "smos_skb_free_security........skb=%p ,ssec=%p
    DEBUG print info:
    kernel: smos_skb_alloc_security........skb=c3305b80
    ,skb->lsm_security=c2eedea0 ..[1-1]
    kernel: smos_skb_free_security........skb=c3305b80
    ,skb->lsm_security=00000000 ..[2-1]
    > > 	/* Often shutdown HERE !!! */
    > > 	ssec = (struct skb_security_struct *)kmalloc(sizeof(struct
    > > skb_security_struct), GFP_ATOMIC); 
    > Poking around, it appears to me that this hook has been passed the GFP
    > mask value that you should use when allocating memory. Have you tried
    > using it instead of GFP_ATOMIC? (Do you -know- that GFP_ATOMIC is the
    > right mask to use?)

    This archive was generated by hypermail 2b30 : Tue Sep 23 2003 - 18:07:01 PDT