t6recvfrom(3N)t6recvfrom(3N)NAMEt6recvfrom - Read security attributes and data from a trusted endpoint
SYNOPSIS
cc [ flags ... ] file
#include <sys/t6attrs.h>
int t6recvfrom(int fd, char *buf, int len, int flags,
struct sockaddr *from, int *fromlen,
t6attr_t attr_ptr, t6mask_t *new_attrs);
DESCRIPTIONt6recvfrom receives data and its associated security attributes from a
communication endpoint. The from and fromlen parameters are only used if
you wish to receive the source address for the data. This may not be
applicable for some trusted endpoints. If not used, these fields should
be set to 0. If from is not a NULL pointer, the source address of the
message is filled in. fromlen is a value-result parameter, initialized
to the size of the buffer associated with from, and modified on return to
indicate the actual size of the address stored there. The length of the
message is returned. If a message is too long to fit in the supplied
buffer, excess bytes may be discarded depending on the type of socket the
message is received from (see socket(3N)).
The flags parameter is formed by ORing one or more of the following:
MSG_OOB
Read any out-of-band data present on the socket rather than the
regular in-band data. If attr_ptr is non-NULL, out-of-band data
security attributes are also retrieved.
MSG_PEEK
Peek at the data present on the socket; the data is returned, but
not consumed, so that a subsequent receive operation will see the
same data. If attr_ptr is non-NULL, security attributes of the data
are also peeked.
attr_ptr specifies a control structure in which to store those attributes
the caller wishes to retrieve. To get an attribute from the control
structure, see t6get_attr(3N). Any attribute that the receiving process
does not care to receive may not be specified in the control structure.
This minimizes the attribute translation time when passing the attributes
out of the kernel.
Note that the following attributes will never be returned in the argument
t6attr_t: T6_NAT_CAVEATS, T6_ACL, T6_IL, T6_PID, T6_RESV10,
T6_AUDIT_INFO, T6_CLEARANCE.
If the t6new_attr(3N) call was made previously with a setting of ON, the
security attributes of the received data will be returned only if they
have changed from the last set read. *new_attrs is set to the mask of
Page 1
t6recvfrom(3N)t6recvfrom(3N)
those attributes actually returned. If new attributes are detected, all
attributes requested by the receiving process are returned, not just
those that have changed.
Again, it is critical that the return value always be checked. It is the
number of bytes actually received, or -1 with the error code stored in
errno. Revocation of access is possible if the received data changes to
a level not accessible to the receiving process.
RETURN VALUEt6recvfrom returns the appropriate error code on failure, and the number
of bytes read on successful completion.
ERRORS
[EBADF] fd is an invalid file descriptor.
[EINTR] The operation was interrupted by delivery of a signal
before any data was available to be received.
[EIO] An I/O error occurred while reading from or writing to the
file system.
[ENOMEM] There was insufficient user memory available for the
operation to complete.
[ENOSR] There were insufficient STREAMS resources available for
the operation to complete.
[ENOTSOCK] fd is not a socket.
[ESTALE] A stale NFS file handle exists.
SEE ALSOlibt6(3N), t6get_attr(3N), t6sendto(3N).
SOURCE
Trusted Systems Interoperability Group
NOTES
Page 2
