original_kernel/include/asm-i386
Catherine Zhang 877ce7c1b3 [AF_UNIX]: Datagram getpeersec
This patch implements an API whereby an application can determine the
label of its peer's Unix datagram sockets via the auxiliary data mechanism of
recvmsg.

Patch purpose:

This patch enables a security-aware application to retrieve the
security context of the peer of a Unix datagram socket.  The application
can then use this security context to determine the security context for
processing on behalf of the peer who sent the packet.

Patch design and implementation:

The design and implementation is very similar to the UDP case for INET
sockets.  Basically we build upon the existing Unix domain socket API for
retrieving user credentials.  Linux offers the API for obtaining user
credentials via ancillary messages (i.e., out of band/control messages
that are bundled together with a normal message).  To retrieve the security
context, the application first indicates to the kernel such desire by
setting the SO_PASSSEC option via getsockopt.  Then the application
retrieves the security context using the auxiliary data mechanism.

An example server application for Unix datagram socket should look like this:

toggle = 1;
toggle_len = sizeof(toggle);

setsockopt(sockfd, SOL_SOCKET, SO_PASSSEC, &toggle, &toggle_len);
recvmsg(sockfd, &msg_hdr, 0);
if (msg_hdr.msg_controllen > sizeof(struct cmsghdr)) {
    cmsg_hdr = CMSG_FIRSTHDR(&msg_hdr);
    if (cmsg_hdr->cmsg_len <= CMSG_LEN(sizeof(scontext)) &&
        cmsg_hdr->cmsg_level == SOL_SOCKET &&
        cmsg_hdr->cmsg_type == SCM_SECURITY) {
        memcpy(&scontext, CMSG_DATA(cmsg_hdr), sizeof(scontext));
    }
}

sock_setsockopt is enhanced with a new socket option SOCK_PASSSEC to allow
a server socket to receive security context of the peer.

Testing:

We have tested the patch by setting up Unix datagram client and server
applications.  We verified that the server can retrieve the security context
using the auxiliary data mechanism of recvmsg.

Signed-off-by: Catherine Zhang <cxzhang@watson.ibm.com>
Acked-by: Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2006-06-29 16:58:06 -07:00
..
mach-bigsmp
mach-default Merge branch 'x86-64' 2006-06-26 10:51:09 -07:00
mach-es7000
mach-generic
mach-numaq
mach-summit [PATCH] Time: i386 Conversion - part 2: Rework TSC Support 2006-06-26 09:58:21 -07:00
mach-visws [PATCH] fix sgivwfb compile 2006-06-29 10:26:19 -07:00
mach-voyager [PATCH] Clean up and refactor i386 sub-architecture setup 2006-06-25 10:00:55 -07:00
8253pit.h
a.out.h
acpi.h
agp.h
alternative.h [PATCH] x86_64: x86_64 version of the smp alternative patch. 2006-06-26 10:48:14 -07:00
apic.h [PATCH] x86_64: nmi watchdog header cleanup 2006-06-26 10:48:16 -07:00
apicdef.h
arch_hooks.h
atomic.h
auxvec.h
bitops.h
boot.h
bug.h
bugs.h
byteorder.h
cache.h
cacheflush.h
checksum.h
cpu.h [PATCH] Register sysfs file for hotplugged new node 2006-06-27 17:32:36 -07:00
cpufeature.h [PATCH] x86_64: i386/x86-64 Add nmi watchdog support for new Intel CPUs 2006-06-26 10:48:22 -07:00
cputime.h
current.h
debugreg.h
delay.h [PATCH] Time: i386 Conversion - part 3: Enable Generic Timekeeping 2006-06-26 09:58:21 -07:00
desc.h
div64.h
dma-mapping.h
dma.h
dmi.h
dwarf2.h [PATCH] i386: reliable stack trace support i386 entry.S 2006-06-26 10:48:17 -07:00
e820.h
edac.h
elf.h [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
emergency-restart.h
errno.h
fcntl.h
fixmap.h [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
floppy.h [PATCH] random: remove SA_SAMPLE_RANDOM from floppy driver 2006-06-25 10:01:00 -07:00
futex.h
genapic.h
hardirq.h
highmem.h
hpet.h
hw_irq.h [PATCH] genirq: add ->retrigger() irq op to consolidate hw_irq_resend() 2006-06-29 10:26:23 -07:00
i387.h [PATCH] i386: fix broken FP exception handling 2006-04-29 14:13:16 -07:00
i8253.h
i8259.h
ide.h
intel_arch_perfmon.h [PATCH] x86_64: i386/x86-64 Add nmi watchdog support for new Intel CPUs 2006-06-26 10:48:22 -07:00
io.h
io_apic.h Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 2006-05-24 09:22:21 +01:00
ioctl.h
ioctls.h
ipc.h
ipcbuf.h
irq.h
ist.h
k8.h [PATCH] x86_64: Clean and enhance up K8 northbridge access code 2006-06-26 10:48:15 -07:00
kdebug.h [PATCH] Notify page fault call chain for i386 2006-06-26 09:58:22 -07:00
kexec.h
kmap_types.h
kprobes.h [PATCH] Notify page fault call chain 2006-06-26 09:58:22 -07:00
ldt.h
linkage.h
local.h [PATCH] x86_64: Fix race in cpu_local_* on preemptible kernels 2006-06-26 10:48:21 -07:00
math_emu.h
mc146818rtc.h
mca.h
mca_dma.h
mce.h [PATCH] Don't trigger full rebuild via CONFIG_X86_MCE 2006-06-23 07:42:56 -07:00
mman.h
mmu.h [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
mmu_context.h
mmx.h
mmzone.h
module.h
mpspec.h
mpspec_def.h
msgbuf.h
msi.h [PATCH] PCI: cleanup unused variable about msi driver 2006-06-21 12:00:00 -07:00
msr.h
mtrr.h [PATCH] Don't trigger full rebuild via CONFIG_MTRR 2006-06-23 07:42:56 -07:00
mutex.h
namei.h
nmi.h [PATCH] x86_64: nmi watchdog header cleanup 2006-06-26 10:48:16 -07:00
numa.h
numaq.h
page.h [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
param.h
parport.h
pci-direct.h
pci.h
percpu.h
pgalloc.h
pgtable-2level-defs.h
pgtable-2level.h [PATCH] x86/PAE: Fix pte_clear for the >4GB RAM case 2006-04-27 12:00:59 -07:00
pgtable-3level-defs.h
pgtable-3level.h [PATCH] x86/PAE: Fix pte_clear for the >4GB RAM case 2006-04-27 12:00:59 -07:00
pgtable.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 2006-04-29 01:42:26 +01:00
poll.h
posix_types.h
processor.h [PATCH] i386: move phys_proc_id and cpu_core_id to cpuinfo_x86 2006-06-27 17:32:37 -07:00
ptrace.h
resource.h
rtc.h
rwlock.h
rwsem.h
scatterlist.h
seccomp.h
sections.h
segment.h
semaphore.h
sembuf.h
serial.h
setup.h [PATCH] Clean up and refactor i386 sub-architecture setup 2006-06-25 10:00:55 -07:00
shmbuf.h
shmparam.h
sigcontext.h
siginfo.h
signal.h
smp.h
socket.h [AF_UNIX]: Datagram getpeersec 2006-06-29 16:58:06 -07:00
sockios.h
sparsemem.h
spinlock.h
spinlock_types.h
srat.h
stat.h
statfs.h
string.h
suspend.h
system.h spelling fixes 2006-06-26 18:35:02 +02:00
termbits.h
termios.h
thread_info.h [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
timer.h [PATCH] Time: i386 Conversion - part 3: Enable Generic Timekeeping 2006-06-26 09:58:21 -07:00
timex.h [PATCH] Time: i386 Conversion - part 2: Rework TSC Support 2006-06-26 09:58:21 -07:00
tlb.h
tlbflush.h
topology.h [PATCH] sched: mc/smt power savings sched policy 2006-06-27 17:32:45 -07:00
tsc.h [PATCH] Time: i386 Conversion - part 2: Rework TSC Support 2006-06-26 09:58:21 -07:00
types.h
uaccess.h [PATCH] Make copy_from_user_inatomic NOT zero the tail on i386 2006-06-25 10:01:09 -07:00
ucontext.h
unaligned.h
unistd.h [PATCH] sys_move_pages: 32bit support (i386, x86_64) 2006-06-23 07:42:53 -07:00
unwind.h [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
user.h
vga.h [PATCH] vgacon: make VGA_MAP_MEM take size, remove extra use 2006-06-22 15:05:58 -07:00
vic.h
vm86.h
voyager.h
xor.h