diff options
| author | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2012-02-19 06:14:24 +0000 |
|---|---|---|
| committer | Samuel Thibault <samuel.thibault@ens-lyon.org> | 2012-02-19 06:14:24 +0000 |
| commit | 6fafeb146e9efd59140ea58cebd7dd38ae9a6379 (patch) | |
| tree | 7db89ba6a28932514b105d620bba4884ec332ec3 /libdde_linux26/contrib/include/net/scm.h | |
| parent | 38c2c2458e3f4ecb329ff35621806252aac209b9 (diff) | |
| parent | 8df772b3c665e663f6f9d2a70f9c691590bd3f91 (diff) | |
Merge branch 'dde' into upstream-merged
Diffstat (limited to 'libdde_linux26/contrib/include/net/scm.h')
| -rw-r--r-- | libdde_linux26/contrib/include/net/scm.h | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/libdde_linux26/contrib/include/net/scm.h b/libdde_linux26/contrib/include/net/scm.h new file mode 100644 index 00000000..f45bb6ec --- /dev/null +++ b/libdde_linux26/contrib/include/net/scm.h @@ -0,0 +1,114 @@ +#ifndef __LINUX_NET_SCM_H +#define __LINUX_NET_SCM_H + +#include <linux/limits.h> +#include <linux/net.h> +#include <linux/security.h> +#include <linux/pid.h> +#include <linux/nsproxy.h> + +/* Well, we should have at least one descriptor open + * to accept passed FDs 8) + */ +#define SCM_MAX_FD 255 + +struct scm_fp_list +{ + struct list_head list; + int count; + struct file *fp[SCM_MAX_FD]; +}; + +struct scm_cookie +{ + struct ucred creds; /* Skb credentials */ + struct scm_fp_list *fp; /* Passed files */ +#ifdef CONFIG_SECURITY_NETWORK + u32 secid; /* Passed security ID */ +#endif + unsigned long seq; /* Connection seqno */ +}; + +extern void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm); +extern void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm); +extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm); +extern void __scm_destroy(struct scm_cookie *scm); +extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl); + +#ifdef CONFIG_SECURITY_NETWORK +static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm) +{ + security_socket_getpeersec_dgram(sock, NULL, &scm->secid); +} +#else +static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm) +{ } +#endif /* CONFIG_SECURITY_NETWORK */ + +static __inline__ void scm_destroy(struct scm_cookie *scm) +{ + if (scm && scm->fp) + __scm_destroy(scm); +} + +static __inline__ int scm_send(struct socket *sock, struct msghdr *msg, + struct scm_cookie *scm) +{ + struct task_struct *p = current; + scm->creds.uid = current_uid(); + scm->creds.gid = current_gid(); + scm->creds.pid = task_tgid_vnr(p); + scm->fp = NULL; + scm->seq = 0; + unix_get_peersec_dgram(sock, scm); + if (msg->msg_controllen <= 0) + return 0; + return __scm_send(sock, msg, scm); +} + +#ifdef CONFIG_SECURITY_NETWORK +static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) +{ + char *secdata; + u32 seclen; + int err; + + if (test_bit(SOCK_PASSSEC, &sock->flags)) { + err = security_secid_to_secctx(scm->secid, &secdata, &seclen); + + if (!err) { + put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata); + security_release_secctx(secdata, seclen); + } + } +} +#else +static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) +{ } +#endif /* CONFIG_SECURITY_NETWORK */ + +static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, + struct scm_cookie *scm, int flags) +{ + if (!msg->msg_control) + { + if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp) + msg->msg_flags |= MSG_CTRUNC; + scm_destroy(scm); + return; + } + + if (test_bit(SOCK_PASSCRED, &sock->flags)) + put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds); + + scm_passec(sock, msg, scm); + + if (!scm->fp) + return; + + scm_detach_fds(msg, scm); +} + + +#endif /* __LINUX_NET_SCM_H */ + |