From patchwork Tue Jun 16 12:58:50 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Roman Kubiak <r.kubiak@samsung.com>
X-Patchwork-Id: 484981
X-Patchwork-Delegate: pablo@netfilter.org
Return-Path: <netfilter-devel-owner@vger.kernel.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id AD87D14027C
	for <incoming@patchwork.ozlabs.org>;
	Tue, 16 Jun 2015 22:58:55 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754917AbbFPM6y (ORCPT <rfc822;incoming@patchwork.ozlabs.org>);
	Tue, 16 Jun 2015 08:58:54 -0400
Received: from mailout3.w1.samsung.com ([210.118.77.13]:14399 "EHLO
	mailout3.w1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754181AbbFPM6y (ORCPT
	<rfc822;netfilter-devel@vger.kernel.org>);
	Tue, 16 Jun 2015 08:58:54 -0400
Received: from eucpsbgm2.samsung.com (unknown [203.254.199.245])
	by mailout3.w1.samsung.com
	(Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5
	2014)) with ESMTP id <0NQ100K58G236880@mailout3.w1.samsung.com> for
	netfilter-devel@vger.kernel.org; Tue, 16 Jun 2015 13:58:51 +0100 (BST)
X-AuditID: cbfec7f5-f794b6d000001495-31-55801d8bbde5
Received: from eusync1.samsung.com ( [203.254.199.211])
	by eucpsbgm2.samsung.com (EUCPMTA) with SMTP id 19.60.05269.B8D10855;
	Tue, 16 Jun 2015 13:58:51 +0100 (BST)
Received: from [106.120.53.13] by eusync1.samsung.com
	(Oracle Communications Messaging Server 7.0.5.31.0 64bit (built May 5
	2014)) with ESMTPA id <0NQ100NFQG232C10@eusync1.samsung.com>; Tue,
	16 Jun 2015 13:58:51 +0100 (BST)
Message-id: <55801D8A.9050701@samsung.com>
Date: Tue, 16 Jun 2015 14:58:50 +0200
From: Roman Kubiak <r.kubiak@samsung.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101
	Thunderbird/31.7.0
MIME-version: 1.0
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Florian Westphal <fw@strlen.de>, netfilter-devel@vger.kernel.org,
	=?UTF-8?B?UmFmYcWCIEtyeXBh?= <r.krypa@samsung.com>
Subject: Re: [PATCH] libmnl: security context retrieval in nf-queue example
References: <5565A4D2.70701@samsung.com> <5565A6AA.90908@samsung.com>
	<20150527124957.GA19819@salvia> <557855B2.8030803@samsung.com>
	<20150610160541.GD7125@breakpoint.cc> <55798582.1040903@samsung.com>
	<20150611233757.GE7125@breakpoint.cc> <557AB559.1000001@samsung.com>
	<20150612130240.GA29551@salvia> <558015A9.8060703@samsung.com>
	<20150616123706.GA32486@salvia>
In-reply-to: <20150616123706.GA32486@salvia>
Content-type: text/plain; charset=UTF-8
Content-transfer-encoding: 7bit
X-Brightmail-Tracker: 
 H4sIAAAAAAAAA+NgFjrBLMWRmVeSWpSXmKPExsVy+t/xy7rdsg2hBof3K1ts613NaDFh3SkW
	i+lvrjJbvJ20gtmBxePt7xNMHn1bVjF6HPq+gNXj8ya5AJYoLpuU1JzMstQifbsErozVO+ew
	FnTzVNw78ISlgXETZxcjJ4eEgInEtubLTBC2mMSFe+vZuhi5OIQEljJKXNi/mhnCecYo8eLK
	bnaQKl4BLYlF8/8AdXBwsAioSizstwUJswloSnzv7QcbJCoQIfH28kkmiHJBiR+T77GA2CIC
	2hLtN1rBbGaBKokt+7+A1QgLeEt8v7+PEWLXdyaJU7uusIEkOAV0JKY/3cIM0aAuMWneIihb
	XmLzmrfMExgFZiHZMQtJ2SwkZQsYmVcxiqaWJhcUJ6XnGukVJ+YWl+al6yXn525ihITv1x2M
	S49ZHWIU4GBU4uGN+FQbKsSaWFZcmXuIUYKDWUmEd55IQ6gQb0piZVVqUX58UWlOavEhRmkO
	FiVx3pm73ocICaQnlqRmp6YWpBbBZJk4OKUaGC+f5Hy27nHnA+OMyetfME1IvByZvymzgq3Z
	ZkWY87ZT7zxivz72eNV7QYOns6028N4Vzz9NM9faXzpxlHe6fqdz1bP8/UpXC9mcI0oL7i7Z
	q5p2u3ju9ehUxWcyMTXXz9qYaqsfMXjxcmO9eaViSnaRr/JkyZ64s/JnfP+ZJ87ysns378CK
	ICWW4oxEQy3mouJEALIHZnJbAgAA
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <netfilter-devel.vger.kernel.org>
X-Mailing-List: netfilter-devel@vger.kernel.org

It seems that there is nothing i can really add to there except maybe:

but that's a one line, will this be sufficient ? if so i'll merge this with the previous libnetfilter_queue patch
and send it as one.

On 06/16/2015 02:37 PM, Pablo Neira Ayuso wrote:
> On Tue, Jun 16, 2015 at 02:25:13PM +0200, Roman Kubiak wrote:
>> This patch is an addition to "[PATCH v3] nfnetlink_queue: add security context information"
>> It adds and example to libmnl that illustrates how to fetch security context.
>> A corresponding patch was sent for libnetfilter_queue already.
>>
>> -- cut here
>>
>> This patch modifies the example program for nf-queue
>> to demonstrate how to retriece security context information
>> for queued packages. This can also be easily extended to
>> retrieve other information supported by this subsystem.
> 
> This extension for the libmnl example is fine.
> 
> However, when we asked for changes, we actually mean that you enhance:
> 
>         libnetfilter_queue/src/nlmsg.c
> 
> to support this. Thanks.
> 
>

diff --git a/src/nlmsg.c b/src/nlmsg.c
index aebdd5e..cabd8be 100644
--- a/src/nlmsg.c
+++ b/src/nlmsg.c
@@ -137,6 +137,7 @@ static int nfq_pkt_parse_attr_cb(const struct nlattr *attr, void *data)
        case NFQA_IFINDEX_PHYSOUTDEV:
        case NFQA_CAP_LEN:
        case NFQA_SKB_INFO:
+       case NFQA_SECCTX:
        case NFQA_UID:
        case NFQA_GID:
                if (mnl_attr_validate(attr, MNL_TYPE_U32) < 0)