[PATCH] socket.7,unix.7: add initial description for SO_PEERSEC
Stephen Smalley
stephen.smalley.work at gmail.com
Fri Sep 11 19:33:56 UTC 2020
On Thu, Sep 10, 2020 at 5:01 PM Stephen Smalley
<stephen.smalley.work at gmail.com> wrote:
>
> SO_PEERSEC was introduced for AF_UNIX stream sockets connected via
> connect(2) in Linux 2.6.2 and later augmented to support AF_UNIX stream
> and datagram sockets created via socketpair(2) in Linux 4.18. Document
> SO_PEERSEC in the socket.7 and unix.7 man pages following the example
> of the existing SO_PEERCRED descriptions. SO_PEERSEC is also supported
> on AF_INET sockets when using labeled IPSEC or NetLabel but defer
> adding a description of that support to a separate patch.
>
> Signed-off-by: Stephen Smalley <stephen.smalley.work at gmail.com>
Here are the relevant commits introducing SO_PEERSEC and the
socketpair support (the first one is from the pre-git history tree
since it predates git):
https://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git/commit/?id=da6e57a2e6bd7939f610d957afacaf6a131e75ed
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b811db2cb2aabc910e53d34ebb95a15997c33e7
Can add those into the commit message. Not sure if you want them in
the man pages themselves (especially the first pre-git one).
More information about the Linux-security-module-archive
mailing list