I see.
I have some questions.
Q1: Can I use skb_kill_datagram() here?
skb_kill_datagram() uses spin_lock_bh() while __skb_recv_datagram() uses
spin_lock_irqsave(). Since this codepath is called inside
__skb_recv_datagram(), I used spin_lock_irqsave() rather than calling
skb_kill_datagram().
Q2: Do I need to use skb_free_datagram() here rather than kfree_skb()?
In the past ( http://lkml.org/lkml/2007/11/16/406 ), there was no
difference between skb_free_datagram() and kfree_skb().
| void skb_free_datagram(struct sock *sk, struct sk_buff *skb)
| {
| kfree_skb(skb);
| }
But now (as of 2.6.30-rc2), there is a difference.
| void skb_free_datagram(struct sock *sk, struct sk_buff *skb)
| {
| consume_skb(skb);
| sk_mem_reclaim_partial(sk);
| }
Q3: Is __skb_recv_datagram() called from contexts that are not permitted to
sleep?
If so, TOMOYO has to check whether it is allowed to sleep, for TOMOYO will
prompt the user "whether to allow App1 to read this datagram or not".
Q4: Is there a way to distinguish requests from userland programs and requests
from kernel code?
Some kernel code (e.g. NFS) sends/receives UDP packets to deal requests
from userland program's requests. TOMOYO wants to distinguish "direct
requests" (requests issued by userland programs, such as open()/read()/
write() against files on NFS) and "indirect requests" (requests issued by
reasons of kernel's own which are needed to handle "direct requests", such
as fetching file data from NFS server). But currently, TOMOYO can't
distinguish these requests. As a result, those who use NFS have to give
permissions for sending/receiving UDP packets to/from NFS server to all
userland programs.
This means that TOMOYO allows userland programs to send/receive crafted
packets to/from NFS server. I want to solve this problem.
Regards.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
