hi, guys:
Some questions about LSM hooks "sk_alloc_security" in 2.6 are puzzling me.
Attaching a security structer to sk->security field of sock is hook function:
In 2.6 is :
int (*sk_alloc_security) (struct sock *sk, int family, int priority);
In 2.5.72 is :
int (*socket_sock_alloc_security) (struct sock * sk, int gfp_mask);
I developed something in 2.5.72 using hook of " socket_sock_alloc_security " to attach a security structer to sk->security field . It's OK! But when I port it to 2.6.4, I find that only PF_UNIX sock can be attached security structer in sk_alloc_security function. And the PF_INET sock can not be attached to security structer, i.e. I can not start winX in 2.6.4 . But the locations of two hook functions are the same.
Can someone tell me the reason?
How about attaching a security structer to sk->security field for PF_INET sock or else type sock?
+++++++++++++++++ My function ++++++++++++++++++++++++++++++++++++++++++++
static int mls_sk_alloc_security(struct sock *sk, int family, int priority)
{
struct mls_sock_security_struct *sksec;
sksec = (struct mls_sock_security_struct *)
kmalloc(sizeof(struct mls_sock_security_struct), priority);
if (!sksec) {
printk(KERN_INFO "allocate security failed\n");
return -ENOMEM;
}
memset(sksec, 0, sizeof(struct mls_sock_security_struct));
sksec->magic = MLS_MAGIC;
sksec->sk = sk;
/*
* Error in this statement : In 2.6.4,
* with it , can not startx.
* no it , startx normally
*/
sk->sk_security = sksec;
return 0;
}
++++++++++++++++++++++ My function ++++++++++++++++++++++++++++++++++
*** Another question *** :
Why take the tcp hooks out of LSM in 2.6 , such as tcp_create_openreq_child ?
_ __
|\/ \/ ______ Yuan Chunyang
\| . . || |\\\\\ Open System & Chinese Information Processing Center
( ( oo))| | ------ Institute of Software , Chinese Academy of Sciences
/ \ \| | |||| P.O.Box 8718 Beijing 100080 P.R.China
(___\^^^^^|_|___|||| Email: chunyang03at_private
This archive was generated by hypermail 2b30 : Mon May 17 2004 - 23:12:07 PDT