]> bbs.cooldavid.org Git - net-next-2.6.git/blame - include/net/scm.h
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
[net-next-2.6.git] / include / net / scm.h
CommitLineData
1da177e4
LT		 1#ifndef __LINUX_NET_SCM_H
2#define __LINUX_NET_SCM_H
3
4#include <linux/limits.h>
5#include <linux/net.h>
dc49c1f9 6#include <linux/security.h>
b488893a
PE		 7#include <linux/pid.h>
8#include <linux/nsproxy.h>
1da177e4
LT		 9
10/* Well, we should have at least one descriptor open
11 * to accept passed FDs 8)
12 */
c09edd6e 13#define SCM_MAX_FD 255
1da177e4
LT		 14
15struct scm_fp_list
16{
17 int count;
18 struct file *fp[SCM_MAX_FD];
19};
20
21struct scm_cookie
22{
23 struct ucred creds; /* Skb credentials */
24 struct scm_fp_list *fp; /* Passed files */
877ce7c1 25#ifdef CONFIG_SECURITY_NETWORK
dc49c1f9 26 u32 secid; /* Passed security ID */
877ce7c1 27#endif
1da177e4
LT		 28 unsigned long seq; /* Connection seqno */
29};
30
31extern void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm);
32extern void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm);
33extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm);
34extern void __scm_destroy(struct scm_cookie *scm);
35extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
36
dc49c1f9
CZ		 37#ifdef CONFIG_SECURITY_NETWORK
38static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
39{
40 security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
41}
42#else
43static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
44{ }
45#endif /* CONFIG_SECURITY_NETWORK */
46
1da177e4
LT		 47static __inline__ void scm_destroy(struct scm_cookie *scm)
48{
49 if (scm && scm->fp)
50 __scm_destroy(scm);
51}
52
53static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
54 struct scm_cookie *scm)
55{
1d541ddd
BL		 56 struct task_struct *p = current;
57 scm->creds.uid = p->uid;
58 scm->creds.gid = p->gid;
b488893a 59 scm->creds.pid = task_tgid_vnr(p);
1d541ddd
BL		 60 scm->fp = NULL;
61 scm->seq = 0;
dc49c1f9 62 unix_get_peersec_dgram(sock, scm);
1da177e4
LT		 63 if (msg->msg_controllen <= 0)
64 return 0;
65 return __scm_send(sock, msg, scm);
66}
67
877ce7c1
CZ		 68#ifdef CONFIG_SECURITY_NETWORK
69static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
70{
dc49c1f9
CZ		 71 char *secdata;
72 u32 seclen;
73 int err;
74
75 if (test_bit(SOCK_PASSSEC, &sock->flags)) {
76 err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
77
78 if (!err) {
79 put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
80 security_release_secctx(secdata, seclen);
81 }
82 }
877ce7c1
CZ		 83}
84#else
85static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
86{ }
87#endif /* CONFIG_SECURITY_NETWORK */
88
1da177e4
LT		 89static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
90 struct scm_cookie *scm, int flags)
91{
92 if (!msg->msg_control)
93 {
94 if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp)
95 msg->msg_flags |= MSG_CTRUNC;
96 scm_destroy(scm);
97 return;
98 }
99
100 if (test_bit(SOCK_PASSCRED, &sock->flags))
101 put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds);
102
877ce7c1
CZ		 103 scm_passec(sock, msg, scm);
104
1da177e4
LT		 105 if (!scm->fp)
106 return;
107
108 scm_detach_fds(msg, scm);
109}
110
111
112#endif /* __LINUX_NET_SCM_H */
113
Clone of davem's net-next-2.6 tree