1 #ifndef __LINUX_NET_SCM_H
2 #define __LINUX_NET_SCM_H
4 #include <linux/limits.h>
6 #include <linux/security.h>
8 #include <linux/nsproxy.h>
10 /* Well, we should have at least one descriptor open
11 * to accept passed FDs 8)
13 #define SCM_MAX_FD 255
17 struct list_head list
;
19 struct file
*fp
[SCM_MAX_FD
];
24 struct ucred creds
; /* Skb credentials */
25 struct scm_fp_list
*fp
; /* Passed files */
26 #ifdef CONFIG_SECURITY_NETWORK
27 u32 secid
; /* Passed security ID */
29 unsigned long seq
; /* Connection seqno */
32 extern void scm_detach_fds(struct msghdr
*msg
, struct scm_cookie
*scm
);
33 extern void scm_detach_fds_compat(struct msghdr
*msg
, struct scm_cookie
*scm
);
34 extern int __scm_send(struct socket
*sock
, struct msghdr
*msg
, struct scm_cookie
*scm
);
35 extern void __scm_destroy(struct scm_cookie
*scm
);
36 extern struct scm_fp_list
* scm_fp_dup(struct scm_fp_list
*fpl
);
38 #ifdef CONFIG_SECURITY_NETWORK
39 static __inline__
void unix_get_peersec_dgram(struct socket
*sock
, struct scm_cookie
*scm
)
41 security_socket_getpeersec_dgram(sock
, NULL
, &scm
->secid
);
44 static __inline__
void unix_get_peersec_dgram(struct socket
*sock
, struct scm_cookie
*scm
)
46 #endif /* CONFIG_SECURITY_NETWORK */
48 static __inline__
void scm_destroy(struct scm_cookie
*scm
)
54 static __inline__
int scm_send(struct socket
*sock
, struct msghdr
*msg
,
55 struct scm_cookie
*scm
)
57 struct task_struct
*p
= current
;
58 scm
->creds
.uid
= p
->uid
;
59 scm
->creds
.gid
= p
->gid
;
60 scm
->creds
.pid
= task_tgid_vnr(p
);
63 unix_get_peersec_dgram(sock
, scm
);
64 if (msg
->msg_controllen
<= 0)
66 return __scm_send(sock
, msg
, scm
);
69 #ifdef CONFIG_SECURITY_NETWORK
70 static inline void scm_passec(struct socket
*sock
, struct msghdr
*msg
, struct scm_cookie
*scm
)
76 if (test_bit(SOCK_PASSSEC
, &sock
->flags
)) {
77 err
= security_secid_to_secctx(scm
->secid
, &secdata
, &seclen
);
80 put_cmsg(msg
, SOL_SOCKET
, SCM_SECURITY
, seclen
, secdata
);
81 security_release_secctx(secdata
, seclen
);
86 static inline void scm_passec(struct socket
*sock
, struct msghdr
*msg
, struct scm_cookie
*scm
)
88 #endif /* CONFIG_SECURITY_NETWORK */
90 static __inline__
void scm_recv(struct socket
*sock
, struct msghdr
*msg
,
91 struct scm_cookie
*scm
, int flags
)
93 if (!msg
->msg_control
)
95 if (test_bit(SOCK_PASSCRED
, &sock
->flags
) || scm
->fp
)
96 msg
->msg_flags
|= MSG_CTRUNC
;
101 if (test_bit(SOCK_PASSCRED
, &sock
->flags
))
102 put_cmsg(msg
, SOL_SOCKET
, SCM_CREDENTIALS
, sizeof(scm
->creds
), &scm
->creds
);
104 scm_passec(sock
, msg
, scm
);
109 scm_detach_fds(msg
, scm
);
113 #endif /* __LINUX_NET_SCM_H */