NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | RETURN VALUES | ERRORS | SEE ALSO | NOTES
#include <tsix/t6attrs.h>int t6sendto(int sock, const char *msg, size_t len, int flags, const struct sockaddr *name, socklen_t namelen, const t6attr_t handle);
t6sendto() allows a privileged process to specify the security attributes to send with an IPC message. A process may specify only those attributes for which it possesses the appropriate override privilege and need not specify a full set. Any unspecified attributes are supplied by the kernel.
fd is a socket created with socket(3SOCKET). The address of the target is given by to with tolen specifying its size. The length of the message is given by len.
The to pointer and to_len parameter are used only if you are specifying the destination address; otherwise they should be set to 0. You may not specify the address if the trusted endpoint was created for a connection-oriented protocol, such as TCP. If the message is too long to pass atomically through the underlying protocol, then the message is not transmitted and the error EMSGSIZE is returned.
A return value of -1 indicates locally detected errors only, not implicitly that the message was not delivered.
The flags parameter is formed from the bitwise OR of zero or more of these values:
Send out-of-band data and any security attributes specified by a privileged process on sockets that support this notion provided that the underlying protocol also supports out-of-band data. Data and attributes sent with this flag are typically not subject to the internal buffering normally applied by the network to improve network efficiency.
The SO_DONTROUTE option is turned on for the duration of the operation. This option is used only by diagnostic or routing programs.
The security attributes are specified by the attr_ptr parameter. To set up attr_ptr, see t6set_attr(3NSL).
Only a process with the appropriate override privileges can specify
the security attributes associated with the data it sends. To specify an
attribute, a process must have the override privilege corresponding to the
attribute. The override privilege required to specify an attribute is implementation
specific. For Trusted Solaris, one or more of these privileges may be required: PRIV_NET_DOWNGRADE_SL
, PRIV_NET_UPGRADE_SL
, PRIV_NET_DOWNGRADE_IL
, PRIV_NET_UPGRADE_IL
, PRIV_NET_SETCLR
, PRIV_NET_SETID
, PRIV_NET_SETPRIV
, PRIV_NET_BROADCAST
.
Information Labels (ILs) are now obsolete. See NOTES.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
---|---|
Availability | SUNWtsu |
MT-Level | MT-Safe |
Upon success, the return value is the number of bytes actually sent. Upon failure, the call returns -1 and sets the error code in errno.
Always checking the return value is critical, for the addition of security means that access to an endpoint may be revoked in response to a security violation.
t6sendto() fails if any of these conditions is true:
fd is an invalid file descriptor.
The operation was interrupted by delivery of a signal before any data could be buffered to be sent.
tolen is not the size of a valid address for the specified address family.
The socket requires that message be sent atomically, and the message was too long.
There was insufficient memory available to complete the operation.
There were insufficient STREAMS resources available for the operation to complete.
fd is not a socket.
libt6(3NSL), t6set_attr(3NSL), t6set_endpt_default(3NSL), Trusted Solaris Developer's Guide
This man page is based on the version from the TSIX(RE) 1.1 Application Programming Interface (API) document; and this interface is available in TSIX(RE) 1.1-API-compliant systems.
Only SOCK_STREAM sockets created in the AF_INET address family support out-of-band data.
Information labels (ILs) are not supported in Trusted
Solaris 7 and later releases. Trusted Solaris software interprets any ILs on communications and files from systems running earlier releases
as ADMIN_LOW
.
Objects still have CMW labels, and CMW labels still include the IL component: IL[SL]; however, the IL component is fixed
at ADMIN_LOW
.
As a result, Trusted Solaris 7 and later releases have the following characteristics:
ILs do not display in window labels; SLs (Sensitivity Labels) display alone within brackets.
ILs do not float.
Setting an IL on an object has no effect.
Getting an object's IL will always return ADMIN_LOW
.
Although certain utilities, library functions, and system
calls can manipulate IL strings, the resulting ILs are always ADMIN_LOW
,
and cannot be set on any objects.
NAME | SYNOPSIS | DESCRIPTION | ATTRIBUTES | RETURN VALUES | ERRORS | SEE ALSO | NOTES