name : tcp_socket_manager.h /** @file tcp_socket_manager.h @brief Manager for TCP socket flow @details Copyright (c) 2024 Acronis International GmbH @author Denis Kopyrin (denis.kopyrin@acronis.com) @since $Id: $ */ #pragma once #include <linux/dcache.h> #include <linux/fs.h> #ifdef KERNEL_MOCK #include "mock/mock_net.h" #endif #include <linux/net.h> #include <linux/socket.h> #include "task_info_map.h" void tcp_socket_manager_init(void); void tcp_socket_manager_activate(void); void tcp_socket_manager_deactivate(void); // This hook is used to ensure that inode for sb is free'd void tcp_socket_manager_inode_free_security(const struct inode *inode); // sockets passed here must refer to SOCK_STREAM protocol (and probably be not loopback'd) // Accept is called on a socket but LSM does not provide the address where 'socket' was accepted on till after LSM hook is done. // Queue the socket for post accept event. void tcp_socket_manager_will_post_accept(task_info_t* task_info, struct socket *sock); // Queue the socket for sendmsg sniffing. Normally this is queued from 'connect' LSM hook. void tcp_socket_manager_will_sniff_sendmsg(task_info_t* task_info, struct socket *sock); // Check if the socket is queued for post accept event from 'tcp_socket_manager_will_post_accept' and send the event if needed. // It might be called from multiple hooks that appear after 'accept' might be called. void tcp_socket_manager_check_post_accept(task_info_t* task_info, struct socket *sock); // Check if the socket is queued for sendmsg sniffing from 'tcp_socket_manager_will_sniff_sendmsg' and send the event if needed. void tcp_socket_manager_sendmsg(task_info_t* task_info, struct socket *sock, struct msghdr *msg, int size);