diff options
| author | Stephen Smalley <stephen.smalley.work@gmail.com> | 2020-09-14 14:07:00 -0400 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2020-09-19 10:18:46 +0200 |
| commit | e6f90c3fb2f8759d4fa5ee0207eba82a385837a5 (patch) | |
| tree | cc8cc738c1dfe8b3e9ddc6cebe2935377990e214 /man7/unix.7 | |
| parent | 65c0f4271014bab1420ffde5c8aa6c5d259d73d7 (diff) | |
| download | man-pages-e6f90c3fb2f8759d4fa5ee0207eba82a385837a5.tar.gz | |
socket.7, unix.7: Add initial description for SO_PEERSEC
SO_PEERSEC was introduced for AF_UNIX stream sockets connected via
connect(2) in Linux 2.6.2 [1] and later augmented to support
AF_UNIX stream and datagram sockets created via socketpair(2) in
Linux 4.18 [2]. Document SO_PEERSEC in the socket.7 and unix.7
man pages following the example of the existing SO_PEERCRED
descriptions. SO_PEERSEC is also supported on AF_INET sockets
when using labeled IPSEC or NetLabel but defer adding a
description of that support to a separate patch.
The module-independent description of the security context
returned by SO_PEERSEC is from Simon McVittie.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git/commit/?id=da6e57a2e6bd7939f610d957afacaf6a131e75ed
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b811db2cb2aabc910e53d34ebb95a15997c33e7
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Cowritten-by: Simon McVittie <smcv@collabora.com>
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man7/unix.7')
| -rw-r--r-- | man7/unix.7 | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/man7/unix.7 b/man7/unix.7 index 50828a5bc8..298521d4a9 100644 --- a/man7/unix.7 +++ b/man7/unix.7 @@ -349,6 +349,52 @@ stream sockets and for .B AF_UNIX stream and datagram socket pairs created using .BR socketpair (2). +.TP +.B SO_PEERSEC +This read-only socket option returns the +security context of the peer socket connected to this socket. +By default, this will be the same as the security context of +the process that created the peer socket unless overridden +by the policy or by a process with the required permissions. +.IP +The argument to +.BR getsockopt (2) +is a pointer to a +buffer of the specified length in bytes +into which the security context string will be copied. +If the buffer length is less than the length of the security +context string, then +.BR getsockopt (2) +will return the required length +via +.I optlen +and return \-1 and sets +.I errno +to +.BR ERANGE . +The caller should allocate at least +.BR NAME_MAX +bytes for the buffer initially although this is not guaranteed +to be sufficient. Resizing the buffer to the returned length +and retrying may be necessary. +.IP +The security context string may include a terminating null character +in the returned length, but is not guaranteed to do so: a security +context "foo" might be represented as either {'f','o','o'} of length 3 +or {'f','o','o','\\0'} of length 4, which are considered to be +interchangeable. It is printable, does not contain non-terminating +null characters, and is in an unspecified encoding (in particular it +is not guaranteed to be ASCII or UTF-8). +.IP +The use of this option for sockets in the +.B AF_UNIX +address family +is supported since Linux 2.6.2 for connected stream sockets and +since Linux 4.18, +.\" commit 0b811db2cb2aabc910e53d34ebb95a15997c33e7 +also for stream and datagram socket pairs created +using +.BR socketpair (2). .\" .SS Autobind feature If a |