|To:||Stephen Smalley <sds@xxxxxxxxxxxxxx>|
|Subject:||Re: [PATCH] Add audit uid to netlink credentials|
|From:||Patrick McHardy <kaber@xxxxxxxxx>|
|Date:||Wed, 09 Feb 2005 15:10:08 +0100|
|Cc:||Linux Audit Discussion <linux-audit@xxxxxxxxxx>, "Serge E. Hallyn" <serue@xxxxxxxxxx>, netdev@xxxxxxxxxxx, davem@xxxxxxxxxxxxx, kuznet@xxxxxxxxxxxxx|
|References:||<20050204165840.GA2320@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.62.0502080658310.32526@xxxxxxxxxxxxxxxxxx> <1107956079.17568.42.camel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>|
|User-agent:||Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.5) Gecko/20050106 Debian/1.7.5-1|
Stephen Smalley wrote:
It looks like it doesn't need to, I guess it was copied from netlink_sendmsg.On Tue, 2005-02-08 at 01:04, Patrick McHardy wrote:Reception of netlink messages in the kernel happens in the context of the sending process, so you can simply call audit_get_loginuid(current->audit_context) in audit_receive_msg().Then why does netlink_sendmsg() need to save the effective capability set of the sender in the control buffer (via security_netlink_send) for later checking by other receive functions in the kernel (via security_netlink_recv)?
netlink transmission to userspace is asynchronous, some values need to be saved, but userspace->kernel transmission is synchronous.
What prevents audit_receive() or other similar receive functions in the kernel from processing messages sent by multiple senders?
Multiple messages from multiple senders are handled by multiple calls to the input function. Check netlink_kernel_create() and netlink_data_ready(). Regards Patrick
|<Prev in Thread]||Current Thread||[Next in Thread>|
|Previous by Date:||Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley|
|Next by Date:||Re: [PATCH] Add audit uid to netlink credentials, David Woodhouse|
|Previous by Thread:||Re: [PATCH] Add audit uid to netlink credentials, Stephen Smalley|
|Next by Thread:||Re: [PATCH] Add audit uid to netlink credentials, Alexey Kuznetsov|
|Indexes:||[Date] [Thread] [Top] [All Lists]|