include/net/scm.h at v2.6.31-rc1

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / include / net / scm.h
at v2.6.31-rc1 114 lines 2.9 kB view raw
wrap content
  1#ifndef __LINUX_NET_SCM_H
  2#define __LINUX_NET_SCM_H
  3
  4#include <linux/limits.h>
  5#include <linux/net.h>
  6#include <linux/security.h>
  7#include <linux/pid.h>
  8#include <linux/nsproxy.h>
  9
 10/* Well, we should have at least one descriptor open
 11 * to accept passed FDs 8)
 12 */
 13#define SCM_MAX_FD	255
 14
 15struct scm_fp_list
 16{
 17	struct list_head	list;
 18	int			count;
 19	struct file		*fp[SCM_MAX_FD];
 20};
 21
 22struct scm_cookie
 23{
 24	struct ucred		creds;		/* Skb credentials	*/
 25	struct scm_fp_list	*fp;		/* Passed files		*/
 26#ifdef CONFIG_SECURITY_NETWORK
 27	u32			secid;		/* Passed security ID 	*/
 28#endif
 29	unsigned long		seq;		/* Connection seqno	*/
 30};
 31
 32extern void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm);
 33extern void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm);
 34extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm);
 35extern void __scm_destroy(struct scm_cookie *scm);
 36extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
 37
 38#ifdef CONFIG_SECURITY_NETWORK
 39static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
 40{
 41	security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
 42}
 43#else
 44static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
 45{ }
 46#endif /* CONFIG_SECURITY_NETWORK */
 47
 48static __inline__ void scm_destroy(struct scm_cookie *scm)
 49{
 50	if (scm && scm->fp)
 51		__scm_destroy(scm);
 52}
 53
 54static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
 55			       struct scm_cookie *scm)
 56{
 57	struct task_struct *p = current;
 58	scm->creds.uid = current_uid();
 59	scm->creds.gid = current_gid();
 60	scm->creds.pid = task_tgid_vnr(p);
 61	scm->fp = NULL;
 62	scm->seq = 0;
 63	unix_get_peersec_dgram(sock, scm);
 64	if (msg->msg_controllen <= 0)
 65		return 0;
 66	return __scm_send(sock, msg, scm);
 67}
 68
 69#ifdef CONFIG_SECURITY_NETWORK
 70static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
 71{
 72	char *secdata;
 73	u32 seclen;
 74	int err;
 75
 76	if (test_bit(SOCK_PASSSEC, &sock->flags)) {
 77		err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
 78
 79		if (!err) {
 80			put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
 81			security_release_secctx(secdata, seclen);
 82		}
 83	}
 84}
 85#else
 86static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
 87{ }
 88#endif /* CONFIG_SECURITY_NETWORK */
 89
 90static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
 91				struct scm_cookie *scm, int flags)
 92{
 93	if (!msg->msg_control)
 94	{
 95		if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp)
 96			msg->msg_flags |= MSG_CTRUNC;
 97		scm_destroy(scm);
 98		return;
 99	}
100
101	if (test_bit(SOCK_PASSCRED, &sock->flags))
102		put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds);
103
104	scm_passec(sock, msg, scm);
105
106	if (!scm->fp)
107		return;
108	
109	scm_detach_fds(msg, scm);
110}
111
112
113#endif /* __LINUX_NET_SCM_H */
114
Configure Feed

Configure Feed
