aboutsummaryrefslogtreecommitdiffstats
path: root/include/net
diff options
context:
space:
mode:
Diffstat (limited to 'include/net')
-rw-r--r--include/net/af_unix.h6
-rw-r--r--include/net/scm.h17
2 files changed, 23 insertions, 0 deletions
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 795f81f9ec7f..5ba72d95280c 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -53,10 +53,16 @@ struct unix_address {
53struct unix_skb_parms { 53struct unix_skb_parms {
54 struct ucred creds; /* Skb credentials */ 54 struct ucred creds; /* Skb credentials */
55 struct scm_fp_list *fp; /* Passed files */ 55 struct scm_fp_list *fp; /* Passed files */
56#ifdef CONFIG_SECURITY_NETWORK
57 char *secdata; /* Security context */
58 u32 seclen; /* Security length */
59#endif
56}; 60};
57 61
58#define UNIXCB(skb) (*(struct unix_skb_parms*)&((skb)->cb)) 62#define UNIXCB(skb) (*(struct unix_skb_parms*)&((skb)->cb))
59#define UNIXCREDS(skb) (&UNIXCB((skb)).creds) 63#define UNIXCREDS(skb) (&UNIXCB((skb)).creds)
64#define UNIXSECDATA(skb) (&UNIXCB((skb)).secdata)
65#define UNIXSECLEN(skb) (&UNIXCB((skb)).seclen)
60 66
61#define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock) 67#define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock)
62#define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock) 68#define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock)
diff --git a/include/net/scm.h b/include/net/scm.h
index 540619cb7160..02daa097cdcd 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -19,6 +19,10 @@ struct scm_cookie
19{ 19{
20 struct ucred creds; /* Skb credentials */ 20 struct ucred creds; /* Skb credentials */
21 struct scm_fp_list *fp; /* Passed files */ 21 struct scm_fp_list *fp; /* Passed files */
22#ifdef CONFIG_SECURITY_NETWORK
23 char *secdata; /* Security context */
24 u32 seclen; /* Security length */
25#endif
22 unsigned long seq; /* Connection seqno */ 26 unsigned long seq; /* Connection seqno */
23}; 27};
24 28
@@ -48,6 +52,17 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
48 return __scm_send(sock, msg, scm); 52 return __scm_send(sock, msg, scm);
49} 53}
50 54
55#ifdef CONFIG_SECURITY_NETWORK
56static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
57{
58 if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL)
59 put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata);
60}
61#else
62static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
63{ }
64#endif /* CONFIG_SECURITY_NETWORK */
65
51static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg, 66static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
52 struct scm_cookie *scm, int flags) 67 struct scm_cookie *scm, int flags)
53{ 68{
@@ -62,6 +77,8 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
62 if (test_bit(SOCK_PASSCRED, &sock->flags)) 77 if (test_bit(SOCK_PASSCRED, &sock->flags))
63 put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds); 78 put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds);
64 79
80 scm_passec(sock, msg, scm);
81
65 if (!scm->fp) 82 if (!scm->fp)
66 return; 83 return;
67 84