NAME
cmpt_get_peer_cid(), cmpt_get_endpoint_cid() — get the compartment IDs for INET domain communications.
SYNOPSIS
#include <sys/ioctl.h>
#include <sys/cmpt.h>
cmpt_t cmpt_get_endpoint_cid(int s);
cmpt_t cmpt_get_peer_cid(int s);
Parameters
- s
INET domain socket or stream.
DESCRIPTION
The
cmpt_get_endpoint_cid()
and
cmpt_get_peer_cid()
functions return the compartments associated with an INET domain transport
endpoint (a socket or a stream).
The
cmpt_get_endpoint_cid()
function returns the compartment ID (cid) associated with the transport
endpoint
s.
The cid of a transport endpoint is set to the process's cid
at the time of creation, and does not change even when it is
transferred between processes or the creating
process changes its compartment.
The
cmpt_get_peer_cid()
function returns the compartment ID of the peer that the transport endpoint
s
is communicating with. For loopback communications, the cid is the
one associated with the peer transport endpoint. For communications over
a network interface, the peer cid is the one associated with the
network interface where communications are being received. For TCP
communications, the peer cid is persistent once a connection is established.
For other protocols, the peer cid may change for each packet that
is received.
The function returns an error if a connection is not established (for TCP)
or no communication has been received (for all other protocols).
RETURN VALUE
cmpt_get_endpoint_cid()
and
cmpt_get_peer_cid()
return the following values:
- n>0
Successful completion.
The function returns a valid compartment ID.
- -1
Function failed.
errno
is set to indicate the error from the underlying
ioctl()
system call.
ERRORS
See
ioctl(2)
for errors indicated by
errno.
DEPENDENCIES
These functions are a part of the
libsec
library.