1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
.\" Copyright, the authors of the Linux man-pages project
.\"
.\" SPDX-License-Identifier: Linux-man-pages-copyleft
.\"
.TH SO_PEERSEC 2const (date) "Linux man-pages (unreleased)"
.SH NAME
SO_PEERSEC
\-
get the security context of a peer socker
.SH LIBRARY
Standard C library
.RI ( libc ,\~ \-lc )
.SH SYNOPSIS
.nf
.BR "#include <netinet/in.h>" " /* Definition of " IP* " constants */"
.B #include <sys/socket.h>
.P
.BI int\~getsockopt(int\~ sockfd ,\~IPPROTO_IP,\~SO_PEERSEC,
.BI " void\~" buf [ size ],\~size_t\~ size );
.fi
.SH DESCRIPTION
If labeled IPSEC or NetLabel is configured on both the sending and
receiving hosts, this read-only socket option returns the security
context of the peer socket connected to this socket.
By default,
this will be the same as the security context of the process that created
the peer socket unless overridden by the policy or by a process with
the required permissions.
.P
The argument to
.BR getsockopt (2)
is a pointer to a buffer of the specified length in bytes
into which the security context string will be copied.
If the buffer length is less than the length of the security
context string, then
.BR getsockopt (2)
returns \-1, sets
.I errno
to
.BR ERANGE ,
and returns the required length via
.IR size .
The caller should allocate at least
.B NAME_MAX
bytes for the buffer initially, although this is not guaranteed
to be sufficient.
Resizing the buffer to the returned length
and retrying may be necessary.
.P
The security context string may include a terminating null character
in the returned length, but is not guaranteed to do so: a security
context "foo" might be represented as either {'f','o','o'} of length 3
or {'f','o','o','\[rs]0'} of length 4, which are considered to be
interchangeable.
The string is printable,
does not contain non-terminating null characters,
and is in an unspecified encoding
(in particular,
it is not guaranteed to be ASCII or UTF-8).
.P
The use of this option for sockets in the
.B AF_INET
address family is supported since Linux 2.6.17
.\" commit 2c7946a7bf45ae86736ab3b43d0085e43947945c
for TCP sockets,
and since Linux 4.17
.\" commit d452930fd3b9031e59abfeddb2fa383f1403d61a
for SCTP sockets.
.P
For SELinux, NetLabel conveys only the MLS portion of the security
context of the peer across the wire, defaulting the rest of the
security context to the values defined in the policy for the
netmsg initial security identifier (SID).
However, NetLabel can
be configured to pass full security contexts over loopback.
Labeled IPSEC always passes full security contexts as part of establishing
the security association (SA) and looks them up based on the association
for each packet.
.SH ERRORS
See
.BR IPPROTO_IP (2const).
See
.BR setsockopt (2).
See
.BR ip (7).
.TP
.B ERANGE
The buffer
.I size
is not enough.
.SH HISTORY
Linux 2.6.17.
.SH SEE ALSO
.BR IPPROTO_IP (2const),
.BR setsockopt (2),
.BR ip (7)
|
