+7
−8
Loading
Merge branch 'so_passrights'
Kuniyuki Iwashima says: ==================== af_unix: Introduce SO_PASSRIGHTS. As long as recvmsg() or recvmmsg() is used with cmsg, it is not possible to avoid receiving file descriptors via SCM_RIGHTS. This series introduces a new socket option, SO_PASSRIGHTS, to allow disabling SCM_RIGHTS. The option is enabled by default. See patch 8 for background/context. This series is related to [0], but is split into a separate series, as most of the patches are specific to af_unix. The v2 of the BPF LSM extension part will be posted later, once this series is merged into net-next and has landed in bpf-next. [0]: https://lore.kernel.org/bpf/20250505215802.48449-1-kuniyu@amazon.com/ Changes: v5: * Patch 4 * Fix BPF selftest failure (setget_sockopt.c) v4: https://lore.kernel.org/netdev/20250515224946.6931-1-kuniyu@amazon.com/ * Patch 6 * Group sk->sk_scm_XXX bits by struct * Patch 9 * Remove errno handling v3: https://lore.kernel.org/netdev/20250514165226.40410-1-kuniyu@amazon.com/ * Patch 3 * Remove inline in scm.c * Patch 4 & 5 & 8 * Return -EOPNOTSUPP in getsockopt() * Patch 5 * Add CONFIG_SECURITY_NETWORK check for SO_PASSSEC * Patch 6 * Add kdoc for sk_scm_unused * Update sk_scm_XXX under lock_sock() in setsockopt() * Patch 7 * Update changelog (recent change -> aed6ecef) v2: https://lore.kernel.org/netdev/20250510015652.9931-1-kuniyu@amazon.com/ * Added patch 4 & 5 to reuse sk_txrehash for scm_recv() flags v1: https://lore.kernel.org/netdev/20250508013021.79654-1-kuniyu@amazon.com/ ==================== Signed-off-by:David S. Miller <davem@davemloft.net>