Re: [redhat-lspp] auditing labeled ipsec
On Thursday 12 October 2006 10:16, Paul Moore wrote:
PF_KEYv2 is a socket family/protocol defined by RFC2367 whose
original goal
was to standardize the interface between the in-kernel IPsec bits and the
userland key management daemon.
OK, then the question becomes is the communication protocol asyncronous or
synchronous? If synchronous (the request is handled immediately and not
queued like netlink), then current task struct can be used. Otherwise, there
may be some more code needed to grab the loginuid during the send and store
it with the packet until dequeued. If it is async, there may be selinux
implications as well.
-Steve