Date: Tue, 2 Mar 2021 18:43:47 GMT From: Edward Tomasz Napierala <trasz@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 47d6ee406e03 - stable/13 - linux: add support for SO_PEERSEC getsockopt Message-ID: <202103021843.122IhlBs018823@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by trasz: URL: https://cgit.FreeBSD.org/src/commit/?id=47d6ee406e03061be2e8c333e1931531bb074a9e commit 47d6ee406e03061be2e8c333e1931531bb074a9e Author: Edward Tomasz Napierala <trasz@FreeBSD.org> AuthorDate: 2021-02-07 20:28:35 +0000 Commit: Edward Tomasz Napierala <trasz@FreeBSD.org> CommitDate: 2021-03-02 18:43:27 +0000 linux: add support for SO_PEERSEC getsockopt It returns "unconfined", like Linux without SELinux would. Sponsored By: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D28164 (cherry picked from commit e44a78ce6f249f1eb7df94cb6953698953ebd88b) --- sys/compat/linux/linux_socket.c | 26 ++++++++++++++++++++++++++ sys/compat/linux/linux_socket.h | 1 + 2 files changed, 27 insertions(+) diff --git a/sys/compat/linux/linux_socket.c b/sys/compat/linux/linux_socket.c index c723af9dfba0..a4c5bf0b581e 100644 --- a/sys/compat/linux/linux_socket.c +++ b/sys/compat/linux/linux_socket.c @@ -82,6 +82,8 @@ __FBSDID("$FreeBSD$"); #include <compat/linux/linux_timer.h> #include <compat/linux/linux_util.h> +#define SECURITY_CONTEXT_STRING "unconfined" + static int linux_sendmsg_common(struct thread *, l_int, struct l_msghdr *, l_uint); static int linux_recvmsg_common(struct thread *, l_int, struct l_msghdr *, @@ -1861,6 +1863,28 @@ linux_setsockopt(struct thread *td, struct linux_setsockopt_args *args) return (error); } +static int +linux_getsockopt_so_peersec(struct thread *td, + struct linux_getsockopt_args *args) +{ + socklen_t len; + int error; + + len = sizeof(SECURITY_CONTEXT_STRING); + if (args->optlen < len) { + error = copyout(&len, PTRIN(args->optlen), sizeof(len)); + if (error == 0) + error = ERANGE; + return (error); + } + + error = copyout(SECURITY_CONTEXT_STRING, + PTRIN(args->optval), sizeof(SECURITY_CONTEXT_STRING)); + if (error == 0) + error = copyout(&len, PTRIN(args->optlen), sizeof(len)); + return (error); +} + int linux_getsockopt(struct thread *td, struct linux_getsockopt_args *args) { @@ -1875,6 +1899,8 @@ linux_getsockopt(struct thread *td, struct linux_getsockopt_args *args) level = linux_to_bsd_sockopt_level(args->level); switch (level) { case SOL_SOCKET: + if (args->optname == LINUX_SO_PEERSEC) + return (linux_getsockopt_so_peersec(td, args)); name = linux_to_bsd_so_sockopt(args->optname); switch (name) { case LOCAL_CREDS_PERSISTENT: diff --git a/sys/compat/linux/linux_socket.h b/sys/compat/linux/linux_socket.h index 5ebd6392264b..32a19a348312 100644 --- a/sys/compat/linux/linux_socket.h +++ b/sys/compat/linux/linux_socket.h @@ -195,6 +195,7 @@ int linux_accept(struct thread *td, struct linux_accept_args *args); #endif #define LINUX_SO_TIMESTAMP 29 #define LINUX_SO_ACCEPTCONN 30 +#define LINUX_SO_PEERSEC 31 #define LINUX_SO_SNDBUFFORCE 32 #define LINUX_SO_RCVBUFFORCE 33 #define LINUX_SO_PROTOCOL 38
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202103021843.122IhlBs018823>