include/net/scm.h at v6.5-rc1

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / include / net / scm.h
at v6.5-rc1 208 lines 5.1 kB view raw
wrap content
  1/* SPDX-License-Identifier: GPL-2.0 */
  2#ifndef __LINUX_NET_SCM_H
  3#define __LINUX_NET_SCM_H
  4
  5#include <linux/limits.h>
  6#include <linux/net.h>
  7#include <linux/cred.h>
  8#include <linux/security.h>
  9#include <linux/pid.h>
 10#include <linux/nsproxy.h>
 11#include <linux/sched/signal.h>
 12
 13/* Well, we should have at least one descriptor open
 14 * to accept passed FDs 8)
 15 */
 16#define SCM_MAX_FD	253
 17
 18struct scm_creds {
 19	u32	pid;
 20	kuid_t	uid;
 21	kgid_t	gid;
 22};
 23
 24struct scm_fp_list {
 25	short			count;
 26	short			max;
 27	struct user_struct	*user;
 28	struct file		*fp[SCM_MAX_FD];
 29};
 30
 31struct scm_cookie {
 32	struct pid		*pid;		/* Skb credentials */
 33	struct scm_fp_list	*fp;		/* Passed files		*/
 34	struct scm_creds	creds;		/* Skb credentials	*/
 35#ifdef CONFIG_SECURITY_NETWORK
 36	u32			secid;		/* Passed security ID 	*/
 37#endif
 38};
 39
 40void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm);
 41void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm);
 42int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm);
 43void __scm_destroy(struct scm_cookie *scm);
 44struct scm_fp_list *scm_fp_dup(struct scm_fp_list *fpl);
 45
 46#ifdef CONFIG_SECURITY_NETWORK
 47static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
 48{
 49	security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
 50}
 51#else
 52static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
 53{ }
 54#endif /* CONFIG_SECURITY_NETWORK */
 55
 56static __inline__ void scm_set_cred(struct scm_cookie *scm,
 57				    struct pid *pid, kuid_t uid, kgid_t gid)
 58{
 59	scm->pid  = get_pid(pid);
 60	scm->creds.pid = pid_vnr(pid);
 61	scm->creds.uid = uid;
 62	scm->creds.gid = gid;
 63}
 64
 65static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
 66{
 67	put_pid(scm->pid);
 68	scm->pid  = NULL;
 69}
 70
 71static __inline__ void scm_destroy(struct scm_cookie *scm)
 72{
 73	scm_destroy_cred(scm);
 74	if (scm->fp)
 75		__scm_destroy(scm);
 76}
 77
 78static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
 79			       struct scm_cookie *scm, bool forcecreds)
 80{
 81	memset(scm, 0, sizeof(*scm));
 82	scm->creds.uid = INVALID_UID;
 83	scm->creds.gid = INVALID_GID;
 84	if (forcecreds)
 85		scm_set_cred(scm, task_tgid(current), current_uid(), current_gid());
 86	unix_get_peersec_dgram(sock, scm);
 87	if (msg->msg_controllen <= 0)
 88		return 0;
 89	return __scm_send(sock, msg, scm);
 90}
 91
 92#ifdef CONFIG_SECURITY_NETWORK
 93static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
 94{
 95	char *secdata;
 96	u32 seclen;
 97	int err;
 98
 99	if (test_bit(SOCK_PASSSEC, &sock->flags)) {
100		err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
101
102		if (!err) {
103			put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
104			security_release_secctx(secdata, seclen);
105		}
106	}
107}
108
109static inline bool scm_has_secdata(struct socket *sock)
110{
111	return test_bit(SOCK_PASSSEC, &sock->flags);
112}
113#else
114static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
115{ }
116
117static inline bool scm_has_secdata(struct socket *sock)
118{
119	return false;
120}
121#endif /* CONFIG_SECURITY_NETWORK */
122
123static __inline__ void scm_pidfd_recv(struct msghdr *msg, struct scm_cookie *scm)
124{
125	struct file *pidfd_file = NULL;
126	int pidfd;
127
128	/*
129	 * put_cmsg() doesn't return an error if CMSG is truncated,
130	 * that's why we need to opencode these checks here.
131	 */
132	if ((msg->msg_controllen <= sizeof(struct cmsghdr)) ||
133	    (msg->msg_controllen - sizeof(struct cmsghdr)) < sizeof(int)) {
134		msg->msg_flags |= MSG_CTRUNC;
135		return;
136	}
137
138	if (!scm->pid)
139		return;
140
141	pidfd = pidfd_prepare(scm->pid, 0, &pidfd_file);
142
143	if (put_cmsg(msg, SOL_SOCKET, SCM_PIDFD, sizeof(int), &pidfd)) {
144		if (pidfd_file) {
145			put_unused_fd(pidfd);
146			fput(pidfd_file);
147		}
148
149		return;
150	}
151
152	if (pidfd_file)
153		fd_install(pidfd, pidfd_file);
154}
155
156static inline bool __scm_recv_common(struct socket *sock, struct msghdr *msg,
157				     struct scm_cookie *scm, int flags)
158{
159	if (!msg->msg_control) {
160		if (test_bit(SOCK_PASSCRED, &sock->flags) ||
161		    test_bit(SOCK_PASSPIDFD, &sock->flags) ||
162		    scm->fp || scm_has_secdata(sock))
163			msg->msg_flags |= MSG_CTRUNC;
164		scm_destroy(scm);
165		return false;
166	}
167
168	if (test_bit(SOCK_PASSCRED, &sock->flags)) {
169		struct user_namespace *current_ns = current_user_ns();
170		struct ucred ucreds = {
171			.pid = scm->creds.pid,
172			.uid = from_kuid_munged(current_ns, scm->creds.uid),
173			.gid = from_kgid_munged(current_ns, scm->creds.gid),
174		};
175		put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
176	}
177
178	scm_passec(sock, msg, scm);
179
180	if (scm->fp)
181		scm_detach_fds(msg, scm);
182
183	return true;
184}
185
186static inline void scm_recv(struct socket *sock, struct msghdr *msg,
187			    struct scm_cookie *scm, int flags)
188{
189	if (!__scm_recv_common(sock, msg, scm, flags))
190		return;
191
192	scm_destroy_cred(scm);
193}
194
195static inline void scm_recv_unix(struct socket *sock, struct msghdr *msg,
196				 struct scm_cookie *scm, int flags)
197{
198	if (!__scm_recv_common(sock, msg, scm, flags))
199		return;
200
201	if (test_bit(SOCK_PASSPIDFD, &sock->flags))
202		scm_pidfd_recv(msg, scm);
203
204	scm_destroy_cred(scm);
205}
206
207#endif /* __LINUX_NET_SCM_H */
208
Configure Feed

Configure Feed
