diff options
Diffstat (limited to 'net/unix/af_unix.c')
| -rw-r--r-- | net/unix/af_unix.c | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index d901465ce013..aca650109425 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c | |||
| @@ -83,7 +83,6 @@ | |||
| 83 | */ | 83 | */ |
| 84 | 84 | ||
| 85 | #include <linux/module.h> | 85 | #include <linux/module.h> |
| 86 | #include <linux/config.h> | ||
| 87 | #include <linux/kernel.h> | 86 | #include <linux/kernel.h> |
| 88 | #include <linux/signal.h> | 87 | #include <linux/signal.h> |
| 89 | #include <linux/sched.h> | 88 | #include <linux/sched.h> |
| @@ -128,6 +127,30 @@ static atomic_t unix_nr_socks = ATOMIC_INIT(0); | |||
| 128 | 127 | ||
| 129 | #define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash != UNIX_HASH_SIZE) | 128 | #define UNIX_ABSTRACT(sk) (unix_sk(sk)->addr->hash != UNIX_HASH_SIZE) |
| 130 | 129 | ||
| 130 | #ifdef CONFIG_SECURITY_NETWORK | ||
| 131 | static void unix_get_peersec_dgram(struct sk_buff *skb) | ||
| 132 | { | ||
| 133 | int err; | ||
| 134 | |||
| 135 | err = security_socket_getpeersec_dgram(skb, UNIXSECDATA(skb), | ||
| 136 | UNIXSECLEN(skb)); | ||
| 137 | if (err) | ||
| 138 | *(UNIXSECDATA(skb)) = NULL; | ||
| 139 | } | ||
| 140 | |||
| 141 | static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb) | ||
| 142 | { | ||
| 143 | scm->secdata = *UNIXSECDATA(skb); | ||
| 144 | scm->seclen = *UNIXSECLEN(skb); | ||
| 145 | } | ||
| 146 | #else | ||
| 147 | static void unix_get_peersec_dgram(struct sk_buff *skb) | ||
| 148 | { } | ||
| 149 | |||
| 150 | static inline void unix_set_secdata(struct scm_cookie *scm, struct sk_buff *skb) | ||
| 151 | { } | ||
| 152 | #endif /* CONFIG_SECURITY_NETWORK */ | ||
| 153 | |||
| 131 | /* | 154 | /* |
| 132 | * SMP locking strategy: | 155 | * SMP locking strategy: |
| 133 | * hash table is protected with spinlock unix_table_lock | 156 | * hash table is protected with spinlock unix_table_lock |
| @@ -1291,6 +1314,8 @@ static int unix_dgram_sendmsg(struct kiocb *kiocb, struct socket *sock, | |||
| 1291 | if (siocb->scm->fp) | 1314 | if (siocb->scm->fp) |
| 1292 | unix_attach_fds(siocb->scm, skb); | 1315 | unix_attach_fds(siocb->scm, skb); |
| 1293 | 1316 | ||
| 1317 | unix_get_peersec_dgram(skb); | ||
| 1318 | |||
| 1294 | skb->h.raw = skb->data; | 1319 | skb->h.raw = skb->data; |
| 1295 | err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); | 1320 | err = memcpy_fromiovec(skb_put(skb,len), msg->msg_iov, len); |
| 1296 | if (err) | 1321 | if (err) |
| @@ -1570,6 +1595,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock, | |||
| 1570 | memset(&tmp_scm, 0, sizeof(tmp_scm)); | 1595 | memset(&tmp_scm, 0, sizeof(tmp_scm)); |
| 1571 | } | 1596 | } |
| 1572 | siocb->scm->creds = *UNIXCREDS(skb); | 1597 | siocb->scm->creds = *UNIXCREDS(skb); |
| 1598 | unix_set_secdata(siocb->scm, skb); | ||
| 1573 | 1599 | ||
| 1574 | if (!(flags & MSG_PEEK)) | 1600 | if (!(flags & MSG_PEEK)) |
| 1575 | { | 1601 | { |