1 #ifndef __LINUX_NET_SCM_H
2 #define __LINUX_NET_SCM_H
4 #include <linux/limits.h>
6 #include <linux/security.h>
8 #include <linux/nsproxy.h>
10 /* Well, we should have at least one descriptor open
11 * to accept passed FDs 8)
13 #define SCM_MAX_FD 253
17 struct list_head list
;
20 struct file
*fp
[SCM_MAX_FD
];
25 struct ucred creds
; /* Skb credentials */
26 struct scm_fp_list
*fp
; /* Passed files */
27 #ifdef CONFIG_SECURITY_NETWORK
28 u32 secid
; /* Passed security ID */
32 extern void scm_detach_fds(struct msghdr
*msg
, struct scm_cookie
*scm
);
33 extern void scm_detach_fds_compat(struct msghdr
*msg
, struct scm_cookie
*scm
);
34 extern int __scm_send(struct socket
*sock
, struct msghdr
*msg
, struct scm_cookie
*scm
);
35 extern void __scm_destroy(struct scm_cookie
*scm
);
36 extern struct scm_fp_list
* scm_fp_dup(struct scm_fp_list
*fpl
);
38 #ifdef CONFIG_SECURITY_NETWORK
39 static __inline__
void unix_get_peersec_dgram(struct socket
*sock
, struct scm_cookie
*scm
)
41 security_socket_getpeersec_dgram(sock
, NULL
, &scm
->secid
);
44 static __inline__
void unix_get_peersec_dgram(struct socket
*sock
, struct scm_cookie
*scm
)
46 #endif /* CONFIG_SECURITY_NETWORK */
48 static __inline__
void scm_destroy(struct scm_cookie
*scm
)
54 static __inline__
int scm_send(struct socket
*sock
, struct msghdr
*msg
,
55 struct scm_cookie
*scm
)
57 struct task_struct
*p
= current
;
58 scm
->creds
.uid
= current_uid();
59 scm
->creds
.gid
= current_gid();
60 scm
->creds
.pid
= task_tgid_vnr(p
);
62 unix_get_peersec_dgram(sock
, scm
);
63 if (msg
->msg_controllen
<= 0)
65 return __scm_send(sock
, msg
, scm
);
68 #ifdef CONFIG_SECURITY_NETWORK
69 static inline void scm_passec(struct socket
*sock
, struct msghdr
*msg
, struct scm_cookie
*scm
)
75 if (test_bit(SOCK_PASSSEC
, &sock
->flags
)) {
76 err
= security_secid_to_secctx(scm
->secid
, &secdata
, &seclen
);
79 put_cmsg(msg
, SOL_SOCKET
, SCM_SECURITY
, seclen
, secdata
);
80 security_release_secctx(secdata
, seclen
);
85 static inline void scm_passec(struct socket
*sock
, struct msghdr
*msg
, struct scm_cookie
*scm
)
87 #endif /* CONFIG_SECURITY_NETWORK */
89 static __inline__
void scm_recv(struct socket
*sock
, struct msghdr
*msg
,
90 struct scm_cookie
*scm
, int flags
)
92 if (!msg
->msg_control
)
94 if (test_bit(SOCK_PASSCRED
, &sock
->flags
) || scm
->fp
)
95 msg
->msg_flags
|= MSG_CTRUNC
;
100 if (test_bit(SOCK_PASSCRED
, &sock
->flags
))
101 put_cmsg(msg
, SOL_SOCKET
, SCM_CREDENTIALS
, sizeof(scm
->creds
), &scm
->creds
);
103 scm_passec(sock
, msg
, scm
);
108 scm_detach_fds(msg
, scm
);
112 #endif /* __LINUX_NET_SCM_H */