On Wed, 2006-07-26 at 16:19 -0400, Catherine Zhang wrote: > diff -puN include/net/scm.h~af_unix-datagram-getpeersec-ml-fix > include/net/scm.h > --- linux-2.6.18-rc2/include/net/scm.h~af_unix-datagram-getpeersec-ml-fix > 2006-07-22 21:28:21.000000000 -0400 > +++ linux-2.6.18-rc2-cxzhang/include/net/scm.h 2006-07-24 > 11:19:54.000000000 -0400 > @@ -3,6 +3,7 @@ > > #include <linux/limits.h> > #include <linux/net.h> > +#include <linux/security.h> > > /* Well, we should have at least one descriptor open > * to accept passed FDs 8) > @@ -20,8 +21,7 @@ struct scm_cookie > struct ucred creds; /* Skb credentials */ > struct scm_fp_list *fp; /* Passed files */ > #ifdef CONFIG_SECURITY_NETWORK > - char *secdata; /* Security context */ > - u32 seclen; /* Security length */ > + u32 sid; /* Passed security ID */
I think that "secid" is what has been chosen for security identifiers outside of the core SELinux code to to avoid confusion with session identifiers. Lingering references to sid or ctxid are going to be converted to secid. > diff -puN net/unix/af_unix.c~af_unix-datagram-getpeersec-ml-fix > net/unix/af_unix.c > --- linux-2.6.18-rc2/net/unix/af_unix.c~af_unix-datagram-getpeersec-ml-fix > 2006-07-22 23:01:26.000000000 -0400 > +++ linux-2.6.18-rc2-cxzhang/net/unix/af_unix.c 2006-07-22 > 23:14:15.000000000 -0400 > @@ -1323,8 +1299,9 @@ static int unix_dgram_sendmsg(struct kio > memcpy(UNIXCREDS(skb), &siocb->scm->creds, sizeof(struct ucred)); > if (siocb->scm->fp) > unix_attach_fds(siocb->scm, skb); > - > - unix_get_peersec_dgram(skb); > +#ifdef CONFIG_SECURITY_NETWORK > + memcpy(UNIXSID(skb), &siocb->scm->sid, sizeof(u32)); > +#endif /* CONFIG_SECURITY_NETWORK */ You want to retain the static inlines, and just update their contents, not replace them with embedded #ifdefs. And this could be a direct assignment, right? -- Stephen Smalley National Security Agency - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html