Re: why is sk->skb->sk_socket->file NULL on incoming packets?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Chris Wright <chrisw@osdl.org>
To: Luke Kenneth Casson Leighton <lkcl@lkcl.net>
Cc: linux-kernel@vger.kernel.org, coreteam@netfilter.org
Subject: Re: why is sk->skb->sk_socket->file  NULL on incoming packets?
Date: Thu, 9 Sep 2004 18:20:54 -0700	[thread overview]
Message-ID: <20040909182053.P1973@build.pdx.osdl.net> (raw)
In-Reply-To: <20040910004517.GC7587@lkcl.net>; from lkcl@lkcl.net on Fri, Sep 10, 2004 at 01:45:17AM +0100

* Luke Kenneth Casson Leighton (lkcl@lkcl.net) wrote:
> hi, simple question - if a userspace ip_queue program (fireflier)
> can determine the pid of an incoming packet, why can't ipt_owner.c
> do the same?
> 
> how do i force, even by using a userspace thing which asks the
> packet to be "re-examined", the skb->sk->sk_socket->file to be
> set?

I assume the netfilter hook you come in on is NF_IP_LOCAL_IN?  This is
at ip level.  The sock (sk) is protocol specific, and hasn't been
looked up yet.  Look at the protocols' input handlers (i.e. udp_rcv or
tcp_v4_rcv), they do this lookup (i.e. udp_v4_lookup or __tcp_v4_lookup).
The sk_filter() point is probably the first time you have an association
between the skb (inbound) and the sock it's going to be queued to.
LSM modules use security_sock_rcv_skb at this point.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net

next prev parent reply	other threads:[~2004-09-10  1:21 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-09-10  0:45 why is sk->skb->sk_socket->file NULL on incoming packets? Luke Kenneth Casson Leighton
2004-09-10  1:20 ` Chris Wright [this message]
2004-09-10  1:36   ` Luke Kenneth Casson Leighton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040909182053.P1973@build.pdx.osdl.net \
    --to=chrisw@osdl.org \
    --cc=coreteam@netfilter.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lkcl@lkcl.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.