Native kernel APIs for SeND - report 5
Ana Kukec
anchie at fer.hr
Fri Jul 24 22:15:24 UTC 2009
Hi,
Before giving the bulleted list of things that i have implemented in
last two weeks, i will give the brief reminder into the things that are
already finished.The first step was to select just Neighbor Discovery
(ND) packets and send them
to the user space SEND implementation (send-0.2/sendd). Packets were
taged with
m_tag in netinet6/nd6.c, intercept in netinet6/nd6.c: nd6_output_lle(),
from
where they are passed to the SEND input hook (netinet6/send.c:
send_input()).
Opposite to the SEND input hook that is placed on the way through which ND
packets flow from the kernel (actually wire) to the user space, the SEND
output
hook is placed on the way through which SEND packets flow from the user
spaceto kernel and wire. During the last weeks i finished and tested the
code that deals with outgoing packets and the output hook. I.e. the
packets that have been cryptographically protected in SEND user space
application, and are supposed to b
e sent to the corresponding host. This includes:
- modification of send-0.2/sendd in order to send the packet back to the
kernel after doing the cryptographic processing (i.e. adding
SEND-rfc3971 options).Instead of using the NgSendData() the packet is
passed back to the kernelthrough the routing socket now.
- extension of net/rtsock.c: route_output(). Function is now able to
receive
RTM_SND message from the SEND user space application. It passes the SEND
protected packet to the SEND output hook (netinet6/send.c: send_output()).
- implementation of the SEND output hook (netinet6/send.c) that receives
SEND
protected packets from the SEND user space application and sends it out
directly using if_output().
Previous was tested through achieving SEND communication with the netgraph
send-0.2 correspondent node.
Since the code related to the outgoing packets (both the input and
output hook) has been finished and tested, i started working on the
incoming SEND packets:
- extensions of netinet6/icmp6.c: icmp6_input() in order to pass the
incoming
SEND packet to SEND input hook. The input hook prepends to the message
the if_announcemsghdr and sends it to the user space SEND implementation
for SEND validation (i.e. trimming off SEND-rfc3971 options).
Previous code introduced problems with mbuf handling. So, the next step
is to
debug this part of code and test it.
Ana
More information about the soc-status
mailing list