Re: [redhat-lspp] auditing labeled ipsec
On Thu, 2006-10-12 at 10:24 -0400, Steve Grubb wrote:
On Thursday 12 October 2006 10:16, Paul Moore wrote:
> PF_KEYv2 is a socket family/protocol defined by RFC2367 whose original goal
> was to standardize the interface between the in-kernel IPsec bits and the
> userland key management daemon.
OK, then the question becomes is the communication protocol asyncronous or
synchronous? If synchronous (the request is handled immediately and not
queued like netlink), then current task struct can be used. Otherwise, there
may be some more code needed to grab the loginuid during the send and store
it with the packet until dequeued. If it is async, there may be selinux
implications as well.
pfkey doesn't appear to use a queue like netlink... it registers socket
protocol operations such as .recvmsg and .sendmsg which get called via
sock_recvmsg and sock_sendmsg.
Joy