diff options
Diffstat (limited to 'include/net/scm.h')
| -rw-r--r-- | include/net/scm.h | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/include/net/scm.h b/include/net/scm.h index 7dc0854f0b38..975cca01048b 100644 --- a/include/net/scm.h +++ b/include/net/scm.h | |||
| @@ -12,6 +12,12 @@ | |||
| 12 | */ | 12 | */ |
| 13 | #define SCM_MAX_FD 253 | 13 | #define SCM_MAX_FD 253 |
| 14 | 14 | ||
| 15 | struct scm_creds { | ||
| 16 | u32 pid; | ||
| 17 | kuid_t uid; | ||
| 18 | kgid_t gid; | ||
| 19 | }; | ||
| 20 | |||
| 15 | struct scm_fp_list { | 21 | struct scm_fp_list { |
| 16 | short count; | 22 | short count; |
| 17 | short max; | 23 | short max; |
| @@ -22,7 +28,7 @@ struct scm_cookie { | |||
| 22 | struct pid *pid; /* Skb credentials */ | 28 | struct pid *pid; /* Skb credentials */ |
| 23 | const struct cred *cred; | 29 | const struct cred *cred; |
| 24 | struct scm_fp_list *fp; /* Passed files */ | 30 | struct scm_fp_list *fp; /* Passed files */ |
| 25 | struct ucred creds; /* Skb credentials */ | 31 | struct scm_creds creds; /* Skb credentials */ |
| 26 | #ifdef CONFIG_SECURITY_NETWORK | 32 | #ifdef CONFIG_SECURITY_NETWORK |
| 27 | u32 secid; /* Passed security ID */ | 33 | u32 secid; /* Passed security ID */ |
| 28 | #endif | 34 | #endif |
| @@ -49,7 +55,9 @@ static __inline__ void scm_set_cred(struct scm_cookie *scm, | |||
| 49 | { | 55 | { |
| 50 | scm->pid = get_pid(pid); | 56 | scm->pid = get_pid(pid); |
| 51 | scm->cred = cred ? get_cred(cred) : NULL; | 57 | scm->cred = cred ? get_cred(cred) : NULL; |
| 52 | cred_to_ucred(pid, cred, &scm->creds); | 58 | scm->creds.pid = pid_vnr(pid); |
| 59 | scm->creds.uid = cred ? cred->euid : INVALID_UID; | ||
| 60 | scm->creds.gid = cred ? cred->egid : INVALID_GID; | ||
| 53 | } | 61 | } |
| 54 | 62 | ||
| 55 | static __inline__ void scm_destroy_cred(struct scm_cookie *scm) | 63 | static __inline__ void scm_destroy_cred(struct scm_cookie *scm) |
| @@ -65,7 +73,7 @@ static __inline__ void scm_destroy_cred(struct scm_cookie *scm) | |||
| 65 | static __inline__ void scm_destroy(struct scm_cookie *scm) | 73 | static __inline__ void scm_destroy(struct scm_cookie *scm) |
| 66 | { | 74 | { |
| 67 | scm_destroy_cred(scm); | 75 | scm_destroy_cred(scm); |
| 68 | if (scm && scm->fp) | 76 | if (scm->fp) |
| 69 | __scm_destroy(scm); | 77 | __scm_destroy(scm); |
| 70 | } | 78 | } |
| 71 | 79 | ||
| @@ -112,8 +120,15 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, | |||
| 112 | return; | 120 | return; |
| 113 | } | 121 | } |
| 114 | 122 | ||
| 115 | if (test_bit(SOCK_PASSCRED, &sock->flags)) | 123 | if (test_bit(SOCK_PASSCRED, &sock->flags)) { |
| 116 | put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds); | 124 | struct user_namespace *current_ns = current_user_ns(); |
| 125 | struct ucred ucreds = { | ||
| 126 | .pid = scm->creds.pid, | ||
| 127 | .uid = from_kuid_munged(current_ns, scm->creds.uid), | ||
| 128 | .gid = from_kgid_munged(current_ns, scm->creds.gid), | ||
| 129 | }; | ||
| 130 | put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds); | ||
| 131 | } | ||
| 117 | 132 | ||
| 118 | scm_destroy_cred(scm); | 133 | scm_destroy_cred(scm); |
| 119 | 134 | ||