next up previous
Next: PACKET sockets Up: Design and implementation Previous: TCP

RAW sockets

RAW socket processing is modified to prevent slices from receiving packets that belong to other slices, or to root. This filter is run when a RAW socket is looked up based on a socket. The following predicate is added to the search function, which otherwise matches the address of the socket with the packet header.

lstlisting] (!sk->sk_nx_info || tag == 1 || sk->sk_nid == tag)

The first two clauses of the predicate check if the socket is owned by root, in which case it is permitted to use the socket by definition. The third clause checks if the packet tag is equal to the xid of the socket.



2008-09-17