diff options
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/af_unix.h | 6 | ||||
-rw-r--r-- | include/net/scm.h | 17 |
2 files changed, 23 insertions, 0 deletions
diff --git a/include/net/af_unix.h b/include/net/af_unix.h index 795f81f9ec7f..5ba72d95280c 100644 --- a/include/net/af_unix.h +++ b/include/net/af_unix.h | |||
@@ -53,10 +53,16 @@ struct unix_address { | |||
53 | struct unix_skb_parms { | 53 | struct unix_skb_parms { |
54 | struct ucred creds; /* Skb credentials */ | 54 | struct ucred creds; /* Skb credentials */ |
55 | struct scm_fp_list *fp; /* Passed files */ | 55 | struct scm_fp_list *fp; /* Passed files */ |
56 | #ifdef CONFIG_SECURITY_NETWORK | ||
57 | char *secdata; /* Security context */ | ||
58 | u32 seclen; /* Security length */ | ||
59 | #endif | ||
56 | }; | 60 | }; |
57 | 61 | ||
58 | #define UNIXCB(skb) (*(struct unix_skb_parms*)&((skb)->cb)) | 62 | #define UNIXCB(skb) (*(struct unix_skb_parms*)&((skb)->cb)) |
59 | #define UNIXCREDS(skb) (&UNIXCB((skb)).creds) | 63 | #define UNIXCREDS(skb) (&UNIXCB((skb)).creds) |
64 | #define UNIXSECDATA(skb) (&UNIXCB((skb)).secdata) | ||
65 | #define UNIXSECLEN(skb) (&UNIXCB((skb)).seclen) | ||
60 | 66 | ||
61 | #define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock) | 67 | #define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock) |
62 | #define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock) | 68 | #define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock) |
diff --git a/include/net/scm.h b/include/net/scm.h index 540619cb7160..02daa097cdcd 100644 --- a/include/net/scm.h +++ b/include/net/scm.h | |||
@@ -19,6 +19,10 @@ struct scm_cookie | |||
19 | { | 19 | { |
20 | struct ucred creds; /* Skb credentials */ | 20 | struct ucred creds; /* Skb credentials */ |
21 | struct scm_fp_list *fp; /* Passed files */ | 21 | struct scm_fp_list *fp; /* Passed files */ |
22 | #ifdef CONFIG_SECURITY_NETWORK | ||
23 | char *secdata; /* Security context */ | ||
24 | u32 seclen; /* Security length */ | ||
25 | #endif | ||
22 | unsigned long seq; /* Connection seqno */ | 26 | unsigned long seq; /* Connection seqno */ |
23 | }; | 27 | }; |
24 | 28 | ||
@@ -48,6 +52,17 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg, | |||
48 | return __scm_send(sock, msg, scm); | 52 | return __scm_send(sock, msg, scm); |
49 | } | 53 | } |
50 | 54 | ||
55 | #ifdef CONFIG_SECURITY_NETWORK | ||
56 | static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) | ||
57 | { | ||
58 | if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL) | ||
59 | put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata); | ||
60 | } | ||
61 | #else | ||
62 | static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) | ||
63 | { } | ||
64 | #endif /* CONFIG_SECURITY_NETWORK */ | ||
65 | |||
51 | static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, | 66 | static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, |
52 | struct scm_cookie *scm, int flags) | 67 | struct scm_cookie *scm, int flags) |
53 | { | 68 | { |
@@ -62,6 +77,8 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, | |||
62 | if (test_bit(SOCK_PASSCRED, &sock->flags)) | 77 | if (test_bit(SOCK_PASSCRED, &sock->flags)) |
63 | put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds); | 78 | put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds); |
64 | 79 | ||
80 | scm_passec(sock, msg, scm); | ||
81 | |||
65 | if (!scm->fp) | 82 | if (!scm->fp) |
66 | return; | 83 | return; |
67 | 84 | ||