diff options
| author |   Anthony Harivel <aharivel@redhat.com> | 2024-05-22 17:34:50 +0200 |
|---|---|---|
| committer |   Paolo Bonzini <pbonzini@redhat.com> | 2024-07-22 13:47:41 +0200 |
| commit | 95fa0c79a04f3ebebb9f3b68cc05b4b8082b5444 (patch) | |
| tree | 5d3aad1d136fa89c45036b626434832fba82c120 /io/channel-socket.c | |
| parent | target/i386: do not crash if microvm guest uses SGX CPUID leaves (diff) | |
| download | qemu-95fa0c79a04f3ebebb9f3b68cc05b4b8082b5444.tar.xz qemu-95fa0c79a04f3ebebb9f3b68cc05b4b8082b5444.zip | |
qio: add support for SO_PEERCRED for socket channel
The function qio_channel_get_peercred() returns a pointer to the
credentials of the peer process connected to this socket.
This credentials structure is defined in <sys/socket.h> as follows:
struct ucred {
pid_t pid; /* Process ID of the sending process */
uid_t uid; /* User ID of the sending process */
gid_t gid; /* Group ID of the sending process */
};
The use of this function is possible only for connected AF_UNIX stream
sockets and for AF_UNIX stream and datagram socket pairs.
On platform other than Linux, the function return 0.
Signed-off-by: Anthony Harivel <aharivel@redhat.com>
Link: https://lore.kernel.org/r/20240522153453.1230389-2-aharivel@redhat.com
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'io/channel-socket.c')
| -rw-r--r-- | io/channel-socket.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/io/channel-socket.c b/io/channel-socket.c index 3a899b0608..608bcf066e 100644 --- a/io/channel-socket.c +++ b/io/channel-socket.c @@ -841,6 +841,33 @@ qio_channel_socket_set_cork(QIOChannel *ioc, socket_set_cork(sioc->fd, v); } +static int +qio_channel_socket_get_peerpid(QIOChannel *ioc, + unsigned int *pid, + Error **errp) +{ +#ifdef CONFIG_LINUX + QIOChannelSocket *sioc = QIO_CHANNEL_SOCKET(ioc); + Error *err = NULL; + socklen_t len = sizeof(struct ucred); + + struct ucred cred; + if (getsockopt(sioc->fd, + SOL_SOCKET, SO_PEERCRED, + &cred, &len) == -1) { + error_setg_errno(&err, errno, "Unable to get peer credentials"); + error_propagate(errp, err); + *pid = -1; + return -1; + } + *pid = (unsigned int)cred.pid; + return 0; +#else + error_setg(errp, "Unsupported feature"); + *pid = -1; + return -1; +#endif +} static int qio_channel_socket_close(QIOChannel *ioc, @@ -938,6 +965,7 @@ static void qio_channel_socket_class_init(ObjectClass *klass, #ifdef QEMU_MSG_ZEROCOPY ioc_klass->io_flush = qio_channel_socket_flush; #endif + ioc_klass->io_peerpid = qio_channel_socket_get_peerpid; } static const TypeInfo qio_channel_socket_info = { |