aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/asm-alpha/socket.h1
-rw-r--r--include/asm-arm/socket.h1
-rw-r--r--include/asm-arm26/socket.h1
-rw-r--r--include/asm-cris/socket.h1
-rw-r--r--include/asm-frv/socket.h1
-rw-r--r--include/asm-h8300/socket.h1
-rw-r--r--include/asm-i386/socket.h1
-rw-r--r--include/asm-ia64/socket.h1
-rw-r--r--include/asm-m32r/socket.h1
-rw-r--r--include/asm-m68k/socket.h1
-rw-r--r--include/asm-mips/socket.h1
-rw-r--r--include/asm-parisc/socket.h1
-rw-r--r--include/asm-powerpc/socket.h1
-rw-r--r--include/asm-s390/socket.h1
-rw-r--r--include/asm-sh/socket.h1
-rw-r--r--include/asm-sparc/socket.h1
-rw-r--r--include/asm-sparc64/socket.h1
-rw-r--r--include/asm-v850/socket.h1
-rw-r--r--include/asm-x86_64/socket.h1
-rw-r--r--include/asm-xtensa/socket.h1
-rw-r--r--include/linux/net.h1
-rw-r--r--include/net/af_unix.h6
-rw-r--r--include/net/scm.h17
23 files changed, 44 insertions, 0 deletions
diff --git a/include/asm-alpha/socket.h b/include/asm-alpha/socket.h
index b5193229132..d22ab97ea72 100644
--- a/include/asm-alpha/socket.h
+++ b/include/asm-alpha/socket.h
@@ -51,6 +51,7 @@
#define SCM_TIMESTAMP SO_TIMESTAMP
#define SO_PEERSEC 30
+#define SO_PASSSEC 34
/* Security levels - as per NRL IPv6 - don't actually do anything */
#define SO_SECURITY_AUTHENTICATION 19
diff --git a/include/asm-arm/socket.h b/include/asm-arm/socket.h
index 3c51da6438c..19f7df702b0 100644
--- a/include/asm-arm/socket.h
+++ b/include/asm-arm/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-arm26/socket.h b/include/asm-arm26/socket.h
index 3c51da6438c..19f7df702b0 100644
--- a/include/asm-arm26/socket.h
+++ b/include/asm-arm26/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-cris/socket.h b/include/asm-cris/socket.h
index 8b1da3e58c5..01cfdf1d6d3 100644
--- a/include/asm-cris/socket.h
+++ b/include/asm-cris/socket.h
@@ -50,6 +50,7 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-frv/socket.h b/include/asm-frv/socket.h
index 7177f8b9817..31db18fc871 100644
--- a/include/asm-frv/socket.h
+++ b/include/asm-frv/socket.h
@@ -48,6 +48,7 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-h8300/socket.h b/include/asm-h8300/socket.h
index d98cf85bafc..ebc830fee0d 100644
--- a/include/asm-h8300/socket.h
+++ b/include/asm-h8300/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-i386/socket.h b/include/asm-i386/socket.h
index 802ae76195b..5755d57c4e9 100644
--- a/include/asm-i386/socket.h
+++ b/include/asm-i386/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-ia64/socket.h b/include/asm-ia64/socket.h
index a255006fb7b..d638ef3d50c 100644
--- a/include/asm-ia64/socket.h
+++ b/include/asm-ia64/socket.h
@@ -57,5 +57,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_IA64_SOCKET_H */
diff --git a/include/asm-m32r/socket.h b/include/asm-m32r/socket.h
index 8b6680f223c..acdf748fcdc 100644
--- a/include/asm-m32r/socket.h
+++ b/include/asm-m32r/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_M32R_SOCKET_H */
diff --git a/include/asm-m68k/socket.h b/include/asm-m68k/socket.h
index f578ca4b776..a5966ec005a 100644
--- a/include/asm-m68k/socket.h
+++ b/include/asm-m68k/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-mips/socket.h b/include/asm-mips/socket.h
index 0bb31e5aaca..36ebe4e186a 100644
--- a/include/asm-mips/socket.h
+++ b/include/asm-mips/socket.h
@@ -69,6 +69,7 @@ To add: #define SO_REUSEPORT 0x0200 /* Allow local address and port reuse. */
#define SO_PEERSEC 30
#define SO_SNDBUFFORCE 31
#define SO_RCVBUFFORCE 33
+#define SO_PASSSEC 34
#ifdef __KERNEL__
diff --git a/include/asm-parisc/socket.h b/include/asm-parisc/socket.h
index 1bf54dc53c1..ce2eae1708b 100644
--- a/include/asm-parisc/socket.h
+++ b/include/asm-parisc/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 0x401c
#define SO_PEERSEC 0x401d
+#define SO_PASSSEC 0x401e
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-powerpc/socket.h b/include/asm-powerpc/socket.h
index e4b8177d4ac..c8b1da50e72 100644
--- a/include/asm-powerpc/socket.h
+++ b/include/asm-powerpc/socket.h
@@ -55,5 +55,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_POWERPC_SOCKET_H */
diff --git a/include/asm-s390/socket.h b/include/asm-s390/socket.h
index 15a5298c874..1778a49a74c 100644
--- a/include/asm-s390/socket.h
+++ b/include/asm-s390/socket.h
@@ -56,5 +56,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-sh/socket.h b/include/asm-sh/socket.h
index 553904ff933..ca70362eb56 100644
--- a/include/asm-sh/socket.h
+++ b/include/asm-sh/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* __ASM_SH_SOCKET_H */
diff --git a/include/asm-sparc/socket.h b/include/asm-sparc/socket.h
index 4e0ce3a35ea..f6c4e5baf3f 100644
--- a/include/asm-sparc/socket.h
+++ b/include/asm-sparc/socket.h
@@ -48,6 +48,7 @@
#define SCM_TIMESTAMP SO_TIMESTAMP
#define SO_PEERSEC 0x001e
+#define SO_PASSSEC 0x001f
/* Security levels - as per NRL IPv6 - don't actually do anything */
#define SO_SECURITY_AUTHENTICATION 0x5001
diff --git a/include/asm-sparc64/socket.h b/include/asm-sparc64/socket.h
index 59987dad335..754d46a50af 100644
--- a/include/asm-sparc64/socket.h
+++ b/include/asm-sparc64/socket.h
@@ -48,6 +48,7 @@
#define SCM_TIMESTAMP SO_TIMESTAMP
#define SO_PEERSEC 0x001e
+#define SO_PASSSEC 0x001f
/* Security levels - as per NRL IPv6 - don't actually do anything */
#define SO_SECURITY_AUTHENTICATION 0x5001
diff --git a/include/asm-v850/socket.h b/include/asm-v850/socket.h
index 0240d366a0a..0dfe55ac2ef 100644
--- a/include/asm-v850/socket.h
+++ b/include/asm-v850/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* __V850_SOCKET_H__ */
diff --git a/include/asm-x86_64/socket.h b/include/asm-x86_64/socket.h
index f2cdbeae5d5..b4670260793 100644
--- a/include/asm-x86_64/socket.h
+++ b/include/asm-x86_64/socket.h
@@ -48,5 +48,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _ASM_SOCKET_H */
diff --git a/include/asm-xtensa/socket.h b/include/asm-xtensa/socket.h
index 00f83f3a6d7..971d231be60 100644
--- a/include/asm-xtensa/socket.h
+++ b/include/asm-xtensa/socket.h
@@ -59,5 +59,6 @@
#define SO_ACCEPTCONN 30
#define SO_PEERSEC 31
+#define SO_PASSSEC 34
#endif /* _XTENSA_SOCKET_H */
diff --git a/include/linux/net.h b/include/linux/net.h
index 385e68f5bd9..b20c53c7441 100644
--- a/include/linux/net.h
+++ b/include/linux/net.h
@@ -61,6 +61,7 @@ typedef enum {
#define SOCK_ASYNC_WAITDATA 1
#define SOCK_NOSPACE 2
#define SOCK_PASSCRED 3
+#define SOCK_PASSSEC 4
#ifndef ARCH_HAS_SOCKET_TYPES
/**
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 795f81f9ec7..5ba72d95280 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -53,10 +53,16 @@ struct unix_address {
struct unix_skb_parms {
struct ucred creds; /* Skb credentials */
struct scm_fp_list *fp; /* Passed files */
+#ifdef CONFIG_SECURITY_NETWORK
+ char *secdata; /* Security context */
+ u32 seclen; /* Security length */
+#endif
};
#define UNIXCB(skb) (*(struct unix_skb_parms*)&((skb)->cb))
#define UNIXCREDS(skb) (&UNIXCB((skb)).creds)
+#define UNIXSECDATA(skb) (&UNIXCB((skb)).secdata)
+#define UNIXSECLEN(skb) (&UNIXCB((skb)).seclen)
#define unix_state_rlock(s) spin_lock(&unix_sk(s)->lock)
#define unix_state_runlock(s) spin_unlock(&unix_sk(s)->lock)
diff --git a/include/net/scm.h b/include/net/scm.h
index 540619cb716..02daa097cdc 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -19,6 +19,10 @@ struct scm_cookie
{
struct ucred creds; /* Skb credentials */
struct scm_fp_list *fp; /* Passed files */
+#ifdef CONFIG_SECURITY_NETWORK
+ char *secdata; /* Security context */
+ u32 seclen; /* Security length */
+#endif
unsigned long seq; /* Connection seqno */
};
@@ -48,6 +52,17 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
return __scm_send(sock, msg, scm);
}
+#ifdef CONFIG_SECURITY_NETWORK
+static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
+{
+ if (test_bit(SOCK_PASSSEC, &sock->flags) && scm->secdata != NULL)
+ put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, scm->seclen, scm->secdata);
+}
+#else
+static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
+{ }
+#endif /* CONFIG_SECURITY_NETWORK */
+
static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
struct scm_cookie *scm, int flags)
{
@@ -62,6 +77,8 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
if (test_bit(SOCK_PASSCRED, &sock->flags))
put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(scm->creds), &scm->creds);
+ scm_passec(sock, msg, scm);
+
if (!scm->fp)
return;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 07:38:15 +0000