next up previous contents
Next: Control Requirements Up: Implementation Previous: Labeling   Contents

API extensions

The Linux socket calls are implemented as library functions that invoke a single system call, socketcall, with a parameter that indicates the kind of call. Consequently, the extended socket calls were implemented simply by defining new call values to the socketcall system call. To permit the existing fchsid call to be used on sockets, the inode_setattr function was changed to call a new sock_chsid function if a socket is being relabeled.

Internally, the Linux network component uses an abstract interface to call the code specific to each protocol family. Extended forms of the connect, accept, getname, listen, sendmsg and recvmsg operations were added to the struct proto_ops structure to support the corresponding extended socket calls. A chsid operation was added to the struct proto_ops structure to support relabeling of sockets. An extended form of the create operation was added to the net_proto_family operations vector to support the socket_secure call. Within each protocol family, an abstract interface is used to call the transport layer protocol code. Extended forms of the connect, sendmsg, and recvmsg operations were added to the struct proto structure to support the corresponding extended socket calls.

The initialization function for ICMP (icmp.c:__initfunc) was modified to use the extended create operation to create the icmp_socket with the icmp_socket initial SID. Likewise, the initialization function for TCP (tcp_ipv4.c:__initfunc) was modified to create the tcp_socket with the tcp_socket initial SID.

The inet_create and unix_create functions were changed to set the SID of the socket when a particular SID is specified. The inet_listen and unix_listen functions were changed to set the newconn_sid field or the useclient field of the socket if the corresponding parameter was specified. The udp_connect and unix_dgram_connect functions were changed to set the peer SID of the socket. The unix_dgram_sendmsg, ip_build_xmit, and ip_build_xmit_slow functions were changed to set the destination socket SID and/or the message SID of the message if particular values were specified. The tcp_v4_connect function was changed to set the destination socket SID for the connection request message to the specified peer SID. The tcp_v4_sendmsg and unix_stream_sendmsg functions were changed to compare the specified message SID and/or destination socket SID with the actual values determined during connection establishment.

The udp_deliver, raw_rcv_skb, unix_find_other and unix_dgram_sendmsg functions were changed to compare the peer SID of the socket with the source socket SID of the message and to compare the SID of the socket with the destination socket SID of the message. The tcp_v4_do_rcv function was changed to compare the socket SID with the destination socket SID of the message when a message is received on a listening socket. If a mismatch occurs on a raw IP socket, then the packet is silently dropped. If a mismatch occurs on a UDP socket and the packet was to a unicast address, then an ICMP port unreachable message is sent in reply. If a mismatch occurs on a UDP socket and the packet was sent to a multicast or broadcast address, then the message is silently dropped. If a mismatch occurs on a listening TCP socket, then a TCP reset is sent in reply. If a mismatch occurs on a Unix domain socket, a connection refused error is returned to the connecting or sending process.


next up previous contents
Next: Control Requirements Up: Implementation Previous: Labeling   Contents