Smack: Provide information for UDS getsockopt(SO_PEERCRED)

This patch is targeted for the smack-next tree.

This patch takes advantage of the recent changes for performance
and points the packet labels on UDS connect at the output label of
the far side. This makes getsockopt(...SO_PEERCRED...) function
properly. Without this change the getsockopt does not provide any
information.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>

1 files changed, 9 insertions, 0 deletions

diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index 6a822654132..dab8af17ef3 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -2773,6 +2773,7 @@ static int smack_unix_stream_connect(struct sock *sock,
 {
         struct socket_smack *ssp = sock->sk_security;
         struct socket_smack *osp = other->sk_security;
+        struct socket_smack *nsp = newsk->sk_security;
         struct smk_audit_info ad;
         int rc = 0;
 
@@ -2782,6 +2783,14 @@ static int smack_unix_stream_connect(struct sock *sock,
         if (!capable(CAP_MAC_OVERRIDE))
                 rc = smk_access(ssp->smk_out, osp->smk_in, MAY_WRITE, &ad);
 
+        /*
+         * Cross reference the peer labels for SO_PEERSEC.
+         */
+        if (rc == 0) {
+                nsp->smk_packet = ssp->smk_out;
+                ssp->smk_packet = osp->smk_out;
+        }
+
         return rc;
 }