Document AF_UNIX control messages in unix(4) only, not split between unix(4)
and recv(2).
Also, warn about LOCAL_CREDS effective uid/gid fields, since the write could
be from a setuid or setgid program (with the explicit SCM_CREDS and
LOCAL_PEERCRED, the credentials are read at such a time that it can be
assumed that the process intends for them to be used in this context).
Reviewed by: wblock
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D9298
This change allows creating file descriptors with close-on-exec set in some
situations. SOCK_CLOEXEC and SOCK_NONBLOCK can be OR'ed in socket() and
socketpair()'s type parameter, and MSG_CMSG_CLOEXEC to recvmsg() makes file
descriptors (SCM_RIGHTS) atomically close-on-exec.
The numerical values for SOCK_CLOEXEC and SOCK_NONBLOCK are as in NetBSD.
MSG_CMSG_CLOEXEC is the first free bit for MSG_*.
The SOCK_* flags are not passed to MAC because this may cause incorrect
failures and can be done later via fcntl() anyway. On the other hand, audit
is expected to cope with the new flags.
For MSG_CMSG_CLOEXEC, unp_externalize() is extended to take a flags
argument.
Reviewed by: kib
o Describe passing file descriptors as separate section.
- Descriptors can be passed through any protocol of the UNIX family,
not SOCK_STREAM and SOCK_SEQPACKET only. [1]
o Describe socket options as separate section.
- Move LOCAL_PEERCRED option to this section.
- Describe struct xucred.
- In LOCAL_CREDS section mention that credentials
are passed only on the first read on non-datagram
sockets.
o Xref all mentioned system calls.
Noticed by: Igor Sysoev [1]
- Add unp_addsockcred() (for LOCAL_CREDS).
- Add an argument to unp_connect2() to differentiate between
PRU_CONNECT and PRU_CONNECT2. (for LOCAL_CONNWAIT)
Obtained from: NetBSD (with some changes)
`struct xucred` with the credentials of the connected peer.
Obviously this only works (and makes sense) on SOCK_STREAM
sockets. This works for both the connect(2) and listen(2)
callers.
There is precise documentation of the semantics in unix(4).
Reviewed by: dwmalone (eyeballed)
cd src/share; find man[1-9] -type f|xargs perl -pi -e 's/[ \t]+$//'
BTW, what editors are the culprits? I'm using vim and it shows
me whitespace at EOL in troff files with a thick blue block...
Reviewed by: Silence from cvs diff -b
MFC after: 7 days
