Stephen Smalley wrote:
On Tue, 2005-02-08 at 01:04, Patrick McHardy wrote:
Reception of netlink messages in the kernel happens in the context
of the sending process, so you can simply call
audit_get_loginuid(current->audit_context) in audit_receive_msg().
Then why does netlink_sendmsg() need to save the effective capability
set of the sender in the control buffer (via security_netlink_send) for
later checking by other receive functions in the kernel (via
security_netlink_recv)?
It looks like it doesn't need to, I guess it was copied from
netlink_sendmsg.
netlink transmission to userspace is asynchronous, some values need to be
saved, but userspace->kernel transmission is synchronous.
What prevents audit_receive() or other similar
receive functions in the kernel from processing messages sent by
multiple senders?
Multiple messages from multiple senders are handled by multiple calls to
the input function. Check netlink_kernel_create() and netlink_data_ready().
Regards
Patrick
|