Re: NKE: Socket filter
Re: NKE: Socket filter
- Subject: Re: NKE: Socket filter
- From: Vincent Lubet <email@hidden>
- Date: Mon, 17 Feb 2014 09:46:54 -0800
On Feb 17, 2014, at 1:18 AM, Ivan Ostres <email@hidden> wrote:
> Hello!
>
> I am building a socket filter (NKE) that should ask what do do with specific event (tcp connect in this case) to userspace app. Kext communicates to userspace using mach notification while userspace app should send feedback via UserClient.
>
> I would like to know whether all sflt callbacks are called within same kernel thread or that happens in multiple threads?
The socket filter callbacks for input operations are called in the kernel thread where the data is received from the network interface. In general there is one such input thread per network interface.
> If there are multiple threads, what would be preferred way to "unblock" specific thread and deliver data to it via UserClient? Is there a better way to achieve this communication?
You should not block any network interface input thread as this will affect all traffic coming from that network interface. While waiting to hear back from the userspace app, the socket filter can return EJUSTRETURN and the data in its own queue. When it hears from the userspace app, the socket filter may either drop the queued data or re-inject it.
Vincent
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden