On Tue, 09 Nov 2004 at 10:39, Stephen Smalley wrote:

> In the kernel, you can obtain the security context of a socket via the

> security field of its associated inode.  Look at socket_has_perm()

> and selinux_socket_sock_rcv_skb() in security/selinux/hooks.c for

> examples.

I'm now trying to do something on integrating IPsec with SELinux. Now I need to get the security context of a socket and the socket itself.

Would you please tell me further that when an outbound packet is going to be send, How can we get the struct socket itself (i.e. the socket that is related to the outbound packet. it refers that when we want to send the packet, we should first set up the socket )?

 

And, in kernel-space, How can we transfer a SID to a security context? Is there any function can we use to achieve it?

 

Thank you.