xref: /openbmc/linux/include/net/scm.h (revision fa0dadde)
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef __LINUX_NET_SCM_H
3 #define __LINUX_NET_SCM_H
4 
5 #include <linux/limits.h>
6 #include <linux/net.h>
7 #include <linux/cred.h>
8 #include <linux/security.h>
9 #include <linux/pid.h>
10 #include <linux/nsproxy.h>
11 #include <linux/sched/signal.h>
12 
13 /* Well, we should have at least one descriptor open
14  * to accept passed FDs 8)
15  */
16 #define SCM_MAX_FD	253
17 
18 struct scm_creds {
19 	u32	pid;
20 	kuid_t	uid;
21 	kgid_t	gid;
22 };
23 
24 struct scm_fp_list {
25 	short			count;
26 	short			max;
27 	struct user_struct	*user;
28 	struct file		*fp[SCM_MAX_FD];
29 };
30 
31 struct scm_cookie {
32 	struct pid		*pid;		/* Skb credentials */
33 	struct scm_fp_list	*fp;		/* Passed files		*/
34 	struct scm_creds	creds;		/* Skb credentials	*/
35 #ifdef CONFIG_SECURITY_NETWORK
36 	u32			secid;		/* Passed security ID 	*/
37 #endif
38 };
39 
40 void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm);
41 void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm);
42 int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm);
43 void __scm_destroy(struct scm_cookie *scm);
44 struct scm_fp_list *scm_fp_dup(struct scm_fp_list *fpl);
45 
46 #ifdef CONFIG_SECURITY_NETWORK
47 static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
48 {
49 	security_socket_getpeersec_dgram(sock, NULL, &scm->secid);
50 }
51 #else
52 static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
53 { }
54 #endif /* CONFIG_SECURITY_NETWORK */
55 
56 static __inline__ void scm_set_cred(struct scm_cookie *scm,
57 				    struct pid *pid, kuid_t uid, kgid_t gid)
58 {
59 	scm->pid  = get_pid(pid);
60 	scm->creds.pid = pid_vnr(pid);
61 	scm->creds.uid = uid;
62 	scm->creds.gid = gid;
63 }
64 
65 static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
66 {
67 	put_pid(scm->pid);
68 	scm->pid  = NULL;
69 }
70 
71 static __inline__ void scm_destroy(struct scm_cookie *scm)
72 {
73 	scm_destroy_cred(scm);
74 	if (scm->fp)
75 		__scm_destroy(scm);
76 }
77 
78 static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
79 			       struct scm_cookie *scm, bool forcecreds)
80 {
81 	memset(scm, 0, sizeof(*scm));
82 	scm->creds.uid = INVALID_UID;
83 	scm->creds.gid = INVALID_GID;
84 	if (forcecreds)
85 		scm_set_cred(scm, task_tgid(current), current_uid(), current_gid());
86 	unix_get_peersec_dgram(sock, scm);
87 	if (msg->msg_controllen <= 0)
88 		return 0;
89 	return __scm_send(sock, msg, scm);
90 }
91 
92 #ifdef CONFIG_SECURITY_NETWORK
93 static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
94 {
95 	char *secdata;
96 	u32 seclen;
97 	int err;
98 
99 	if (test_bit(SOCK_PASSSEC, &sock->flags)) {
100 		err = security_secid_to_secctx(scm->secid, &secdata, &seclen);
101 
102 		if (!err) {
103 			put_cmsg(msg, SOL_SOCKET, SCM_SECURITY, seclen, secdata);
104 			security_release_secctx(secdata, seclen);
105 		}
106 	}
107 }
108 
109 static inline bool scm_has_secdata(struct socket *sock)
110 {
111 	return test_bit(SOCK_PASSSEC, &sock->flags);
112 }
113 #else
114 static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
115 { }
116 
117 static inline bool scm_has_secdata(struct socket *sock)
118 {
119 	return false;
120 }
121 #endif /* CONFIG_SECURITY_NETWORK */
122 
123 static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
124 				struct scm_cookie *scm, int flags)
125 {
126 	if (!msg->msg_control) {
127 		if (test_bit(SOCK_PASSCRED, &sock->flags) || scm->fp ||
128 		    scm_has_secdata(sock))
129 			msg->msg_flags |= MSG_CTRUNC;
130 		scm_destroy(scm);
131 		return;
132 	}
133 
134 	if (test_bit(SOCK_PASSCRED, &sock->flags)) {
135 		struct user_namespace *current_ns = current_user_ns();
136 		struct ucred ucreds = {
137 			.pid = scm->creds.pid,
138 			.uid = from_kuid_munged(current_ns, scm->creds.uid),
139 			.gid = from_kgid_munged(current_ns, scm->creds.gid),
140 		};
141 		put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
142 	}
143 
144 	scm_destroy_cred(scm);
145 
146 	scm_passec(sock, msg, scm);
147 
148 	if (!scm->fp)
149 		return;
150 
151 	scm_detach_fds(msg, scm);
152 }
153 
154 
155 #endif /* __LINUX_NET_SCM_H */
156 
157