Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial

* git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial: (74 commits) fix do_sys_open() prototype sysfs: trivial: fix sysfs_create_file kerneldoc spelling mistake Documentation: Fix typo in SubmitChecklist. Typo: depricated -> deprecated Add missing profile=kvm option to Documentation/kernel-parameters.txt fix typo about TBI in e1000 comment proc.txt: Add /proc/stat field small documentation fixes Fix compiler warning in smount example program from sharedsubtree.txt docs/sysfs: add missing word to sysfs attribute explanation documentation/ext3: grammar fixes Documentation/java.txt: typo and grammar fixes Documentation/filesystems/vfs.txt: typo fix include/asm-*/system.h: remove unused set_rmb(), set_wmb() macros trivial copy_data_pages() tidy up Fix typo in arch/x86/kernel/tsc_32.c file link fix for Pegasus USB net driver help remove unused return within void return function Typo fixes retrun -> return x86 hpet.h: remove broken links ...
author: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-10-19 23:36:17 -0400
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> 2007-10-19 23:36:17 -0400
commit: c00046c279a2521075250fad682ca0acc10d4fd7 (patch)
tree: 78a7e9089c26f199ad9b0161bb564b7c1ca6daf9 /include/linux/security.h
parent: 9abbf7d028b1598b40ebdc81c48f30da7f3d5bf5 (diff)
parent: 8e8a1407ac23b43cec0412338c1b4f5e1c664550 (diff)
1 files changed, 15 insertions, 2 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index ff3f857f6957..ac050830a873 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -832,9 +832,11 @@ struct request_sock;
 *      incoming sk_buff @skb has been associated with a particular socket, @sk.
 *      @sk contains the sock (not socket) associated with the incoming sk_buff.
 *      @skb contains the incoming network data.
- * @socket_getpeersec:
+ * @socket_getpeersec_stream:
 *      This hook allows the security module to provide peer socket security
- *      state to userspace via getsockopt SO_GETPEERSEC.
+ *      state for unix or connected tcp sockets to userspace via getsockopt
+ *      SO_GETPEERSEC.  For tcp sockets this can be meaningful if the
+ *      socket is associated with an ipsec SA.
 *      @sock is the local socket.
 *      @optval userspace memory where the security state is to be copied.
 *      @optlen userspace int where the module should copy the actual length
@@ -843,6 +845,17 @@ struct request_sock;
 *      by the caller.
 *      Return 0 if all is well, otherwise, typical getsockopt return
 *      values.
+ * @socket_getpeersec_dgram:
+ *      This hook allows the security module to provide peer socket security
+ *      state for udp sockets on a per-packet basis to userspace via
+ *      getsockopt SO_GETPEERSEC.  The application must first have indicated
+ *      the IP_PASSSEC option via getsockopt.  It can then retrieve the
+ *      security state returned by this hook for a packet via the SCM_SECURITY
+ *      ancillary message type.
+ *      @skb is the skbuff for the packet being queried
+ *      @secdata is a pointer to a buffer in which to copy the security data
+ *      @seclen is the maximum length for @secdata
+ *      Return 0 on success, error on failure.
 * @sk_alloc_security:
 *      Allocate and attach a security structure to the sk->sk_security field,
 *      which is used to copy security attributes between local stream sockets.
author	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-10-19 23:36:17 -0400
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	2007-10-19 23:36:17 -0400
commit	c00046c279a2521075250fad682ca0acc10d4fd7 (patch)
tree	78a7e9089c26f199ad9b0161bb564b7c1ca6daf9 /include/linux/security.h
parent	9abbf7d028b1598b40ebdc81c48f30da7f3d5bf5 (diff)
parent	8e8a1407ac23b43cec0412338c1b4f5e1c664550 (diff)