diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-24 03:10:10 -0400 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-08-15 00:48:06 -0400 |
| commit | a7cb5a49bf64ba64864ae16a6be028f8b0d3cc06 (patch) | |
| tree | 0874310cc4af6cd0193e15058cb9ff9e7a955065 /net | |
| parent | adb37c4c67f807f16beb222028fb3ce9a354dc2b (diff) | |
userns: Print out socket uids in a user namespace aware fashion.
Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Cc: James Morris <jmorris@namei.org>
Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
Cc: Patrick McHardy <kaber@trash.net>
Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Cc: Sridhar Samudrala <sri@us.ibm.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/appletalk/atalk_proc.c | 3 | ||||
| -rw-r--r-- | net/ipv4/ping.c | 4 | ||||
| -rw-r--r-- | net/ipv4/raw.c | 4 | ||||
| -rw-r--r-- | net/ipv4/tcp_ipv4.c | 6 | ||||
| -rw-r--r-- | net/ipv4/udp.c | 4 | ||||
| -rw-r--r-- | net/ipv6/raw.c | 3 | ||||
| -rw-r--r-- | net/ipv6/tcp_ipv6.c | 6 | ||||
| -rw-r--r-- | net/ipv6/udp.c | 3 | ||||
| -rw-r--r-- | net/ipx/ipx_proc.c | 3 | ||||
| -rw-r--r-- | net/key/af_key.c | 2 | ||||
| -rw-r--r-- | net/llc/llc_proc.c | 2 | ||||
| -rw-r--r-- | net/packet/af_packet.c | 2 | ||||
| -rw-r--r-- | net/phonet/socket.c | 6 | ||||
| -rw-r--r-- | net/sctp/proc.c | 6 |
14 files changed, 34 insertions, 20 deletions
diff --git a/net/appletalk/atalk_proc.c b/net/appletalk/atalk_proc.c index b5b1a221c24..c30f3a0717f 100644 --- a/net/appletalk/atalk_proc.c +++ b/net/appletalk/atalk_proc.c | |||
| @@ -183,7 +183,8 @@ static int atalk_seq_socket_show(struct seq_file *seq, void *v) | |||
| 183 | ntohs(at->dest_net), at->dest_node, at->dest_port, | 183 | ntohs(at->dest_net), at->dest_node, at->dest_port, |
| 184 | sk_wmem_alloc_get(s), | 184 | sk_wmem_alloc_get(s), |
| 185 | sk_rmem_alloc_get(s), | 185 | sk_rmem_alloc_get(s), |
| 186 | s->sk_state, SOCK_INODE(s->sk_socket)->i_uid); | 186 | s->sk_state, |
| 187 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(s))); | ||
| 187 | out: | 188 | out: |
| 188 | return 0; | 189 | return 0; |
| 189 | } | 190 | } |
diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c index 6232d476f37..bee5eeb676f 100644 --- a/net/ipv4/ping.c +++ b/net/ipv4/ping.c | |||
| @@ -845,7 +845,9 @@ static void ping_format_sock(struct sock *sp, struct seq_file *f, | |||
| 845 | bucket, src, srcp, dest, destp, sp->sk_state, | 845 | bucket, src, srcp, dest, destp, sp->sk_state, |
| 846 | sk_wmem_alloc_get(sp), | 846 | sk_wmem_alloc_get(sp), |
| 847 | sk_rmem_alloc_get(sp), | 847 | sk_rmem_alloc_get(sp), |
| 848 | 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), | 848 | 0, 0L, 0, |
| 849 | from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), | ||
| 850 | 0, sock_i_ino(sp), | ||
| 849 | atomic_read(&sp->sk_refcnt), sp, | 851 | atomic_read(&sp->sk_refcnt), sp, |
| 850 | atomic_read(&sp->sk_drops), len); | 852 | atomic_read(&sp->sk_drops), len); |
| 851 | } | 853 | } |
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c index ff0f071969e..f2425785d40 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c | |||
| @@ -992,7 +992,9 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) | |||
| 992 | i, src, srcp, dest, destp, sp->sk_state, | 992 | i, src, srcp, dest, destp, sp->sk_state, |
| 993 | sk_wmem_alloc_get(sp), | 993 | sk_wmem_alloc_get(sp), |
| 994 | sk_rmem_alloc_get(sp), | 994 | sk_rmem_alloc_get(sp), |
| 995 | 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), | 995 | 0, 0L, 0, |
| 996 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), | ||
| 997 | 0, sock_i_ino(sp), | ||
| 996 | atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); | 998 | atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); |
| 997 | } | 999 | } |
| 998 | 1000 | ||
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 42b2a6a7309..642be8a4c6a 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c | |||
| @@ -2382,7 +2382,7 @@ void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo) | |||
| 2382 | EXPORT_SYMBOL(tcp_proc_unregister); | 2382 | EXPORT_SYMBOL(tcp_proc_unregister); |
| 2383 | 2383 | ||
| 2384 | static void get_openreq4(const struct sock *sk, const struct request_sock *req, | 2384 | static void get_openreq4(const struct sock *sk, const struct request_sock *req, |
| 2385 | struct seq_file *f, int i, int uid, int *len) | 2385 | struct seq_file *f, int i, kuid_t uid, int *len) |
| 2386 | { | 2386 | { |
| 2387 | const struct inet_request_sock *ireq = inet_rsk(req); | 2387 | const struct inet_request_sock *ireq = inet_rsk(req); |
| 2388 | int ttd = req->expires - jiffies; | 2388 | int ttd = req->expires - jiffies; |
| @@ -2399,7 +2399,7 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req, | |||
| 2399 | 1, /* timers active (only the expire timer) */ | 2399 | 1, /* timers active (only the expire timer) */ |
| 2400 | jiffies_to_clock_t(ttd), | 2400 | jiffies_to_clock_t(ttd), |
| 2401 | req->retrans, | 2401 | req->retrans, |
| 2402 | uid, | 2402 | from_kuid_munged(seq_user_ns(f), uid), |
| 2403 | 0, /* non standard timer */ | 2403 | 0, /* non standard timer */ |
| 2404 | 0, /* open_requests have no inode */ | 2404 | 0, /* open_requests have no inode */ |
| 2405 | atomic_read(&sk->sk_refcnt), | 2405 | atomic_read(&sk->sk_refcnt), |
| @@ -2450,7 +2450,7 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len) | |||
| 2450 | timer_active, | 2450 | timer_active, |
| 2451 | jiffies_to_clock_t(timer_expires - jiffies), | 2451 | jiffies_to_clock_t(timer_expires - jiffies), |
| 2452 | icsk->icsk_retransmits, | 2452 | icsk->icsk_retransmits, |
| 2453 | sock_i_uid(sk), | 2453 | from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)), |
| 2454 | icsk->icsk_probes_out, | 2454 | icsk->icsk_probes_out, |
| 2455 | sock_i_ino(sk), | 2455 | sock_i_ino(sk), |
| 2456 | atomic_read(&sk->sk_refcnt), sk, | 2456 | atomic_read(&sk->sk_refcnt), sk, |
diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c index b4c3582a991..53b89817c00 100644 --- a/net/ipv4/udp.c +++ b/net/ipv4/udp.c | |||
| @@ -2110,7 +2110,9 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f, | |||
| 2110 | bucket, src, srcp, dest, destp, sp->sk_state, | 2110 | bucket, src, srcp, dest, destp, sp->sk_state, |
| 2111 | sk_wmem_alloc_get(sp), | 2111 | sk_wmem_alloc_get(sp), |
| 2112 | sk_rmem_alloc_get(sp), | 2112 | sk_rmem_alloc_get(sp), |
| 2113 | 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), | 2113 | 0, 0L, 0, |
| 2114 | from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), | ||
| 2115 | 0, sock_i_ino(sp), | ||
| 2114 | atomic_read(&sp->sk_refcnt), sp, | 2116 | atomic_read(&sp->sk_refcnt), sp, |
| 2115 | atomic_read(&sp->sk_drops), len); | 2117 | atomic_read(&sp->sk_drops), len); |
| 2116 | } | 2118 | } |
diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c index ef0579d5bca..7af88ef0165 100644 --- a/net/ipv6/raw.c +++ b/net/ipv6/raw.c | |||
| @@ -1251,7 +1251,8 @@ static void raw6_sock_seq_show(struct seq_file *seq, struct sock *sp, int i) | |||
| 1251 | sk_wmem_alloc_get(sp), | 1251 | sk_wmem_alloc_get(sp), |
| 1252 | sk_rmem_alloc_get(sp), | 1252 | sk_rmem_alloc_get(sp), |
| 1253 | 0, 0L, 0, | 1253 | 0, 0L, 0, |
| 1254 | sock_i_uid(sp), 0, | 1254 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), |
| 1255 | 0, | ||
| 1255 | sock_i_ino(sp), | 1256 | sock_i_ino(sp), |
| 1256 | atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); | 1257 | atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); |
| 1257 | } | 1258 | } |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index c66b90f71c9..4b5b335ebde 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
| @@ -1803,7 +1803,7 @@ static void tcp_v6_destroy_sock(struct sock *sk) | |||
| 1803 | #ifdef CONFIG_PROC_FS | 1803 | #ifdef CONFIG_PROC_FS |
| 1804 | /* Proc filesystem TCPv6 sock list dumping. */ | 1804 | /* Proc filesystem TCPv6 sock list dumping. */ |
| 1805 | static void get_openreq6(struct seq_file *seq, | 1805 | static void get_openreq6(struct seq_file *seq, |
| 1806 | const struct sock *sk, struct request_sock *req, int i, int uid) | 1806 | const struct sock *sk, struct request_sock *req, int i, kuid_t uid) |
| 1807 | { | 1807 | { |
| 1808 | int ttd = req->expires - jiffies; | 1808 | int ttd = req->expires - jiffies; |
| 1809 | const struct in6_addr *src = &inet6_rsk(req)->loc_addr; | 1809 | const struct in6_addr *src = &inet6_rsk(req)->loc_addr; |
| @@ -1827,7 +1827,7 @@ static void get_openreq6(struct seq_file *seq, | |||
| 1827 | 1, /* timers active (only the expire timer) */ | 1827 | 1, /* timers active (only the expire timer) */ |
| 1828 | jiffies_to_clock_t(ttd), | 1828 | jiffies_to_clock_t(ttd), |
| 1829 | req->retrans, | 1829 | req->retrans, |
| 1830 | uid, | 1830 | from_kuid_munged(seq_user_ns(seq), uid), |
| 1831 | 0, /* non standard timer */ | 1831 | 0, /* non standard timer */ |
| 1832 | 0, /* open_requests have no inode */ | 1832 | 0, /* open_requests have no inode */ |
| 1833 | 0, req); | 1833 | 0, req); |
| @@ -1877,7 +1877,7 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) | |||
| 1877 | timer_active, | 1877 | timer_active, |
| 1878 | jiffies_to_clock_t(timer_expires - jiffies), | 1878 | jiffies_to_clock_t(timer_expires - jiffies), |
| 1879 | icsk->icsk_retransmits, | 1879 | icsk->icsk_retransmits, |
| 1880 | sock_i_uid(sp), | 1880 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), |
| 1881 | icsk->icsk_probes_out, | 1881 | icsk->icsk_probes_out, |
| 1882 | sock_i_ino(sp), | 1882 | sock_i_ino(sp), |
| 1883 | atomic_read(&sp->sk_refcnt), sp, | 1883 | atomic_read(&sp->sk_refcnt), sp, |
diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c index 99d0077b56b..bbdff07eebe 100644 --- a/net/ipv6/udp.c +++ b/net/ipv6/udp.c | |||
| @@ -1458,7 +1458,8 @@ static void udp6_sock_seq_show(struct seq_file *seq, struct sock *sp, int bucket | |||
| 1458 | sk_wmem_alloc_get(sp), | 1458 | sk_wmem_alloc_get(sp), |
| 1459 | sk_rmem_alloc_get(sp), | 1459 | sk_rmem_alloc_get(sp), |
| 1460 | 0, 0L, 0, | 1460 | 0, 0L, 0, |
| 1461 | sock_i_uid(sp), 0, | 1461 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), |
| 1462 | 0, | ||
| 1462 | sock_i_ino(sp), | 1463 | sock_i_ino(sp), |
| 1463 | atomic_read(&sp->sk_refcnt), sp, | 1464 | atomic_read(&sp->sk_refcnt), sp, |
| 1464 | atomic_read(&sp->sk_drops)); | 1465 | atomic_read(&sp->sk_drops)); |
diff --git a/net/ipx/ipx_proc.c b/net/ipx/ipx_proc.c index f8ba30dfeca..02ff7f2f60d 100644 --- a/net/ipx/ipx_proc.c +++ b/net/ipx/ipx_proc.c | |||
| @@ -217,7 +217,8 @@ static int ipx_seq_socket_show(struct seq_file *seq, void *v) | |||
| 217 | seq_printf(seq, "%08X %08X %02X %03d\n", | 217 | seq_printf(seq, "%08X %08X %02X %03d\n", |
| 218 | sk_wmem_alloc_get(s), | 218 | sk_wmem_alloc_get(s), |
| 219 | sk_rmem_alloc_get(s), | 219 | sk_rmem_alloc_get(s), |
| 220 | s->sk_state, SOCK_INODE(s->sk_socket)->i_uid); | 220 | s->sk_state, |
| 221 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(s))); | ||
| 221 | out: | 222 | out: |
| 222 | return 0; | 223 | return 0; |
| 223 | } | 224 | } |
diff --git a/net/key/af_key.c b/net/key/af_key.c index 34e418508a6..0481d4b5147 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c | |||
| @@ -3661,7 +3661,7 @@ static int pfkey_seq_show(struct seq_file *f, void *v) | |||
| 3661 | atomic_read(&s->sk_refcnt), | 3661 | atomic_read(&s->sk_refcnt), |
| 3662 | sk_rmem_alloc_get(s), | 3662 | sk_rmem_alloc_get(s), |
| 3663 | sk_wmem_alloc_get(s), | 3663 | sk_wmem_alloc_get(s), |
| 3664 | sock_i_uid(s), | 3664 | from_kuid_munged(seq_user_ns(f), sock_i_uid(s)), |
| 3665 | sock_i_ino(s) | 3665 | sock_i_ino(s) |
| 3666 | ); | 3666 | ); |
| 3667 | return 0; | 3667 | return 0; |
diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c index a1839c00435..7b4799cfbf8 100644 --- a/net/llc/llc_proc.c +++ b/net/llc/llc_proc.c | |||
| @@ -151,7 +151,7 @@ static int llc_seq_socket_show(struct seq_file *seq, void *v) | |||
| 151 | sk_wmem_alloc_get(sk), | 151 | sk_wmem_alloc_get(sk), |
| 152 | sk_rmem_alloc_get(sk) - llc->copied_seq, | 152 | sk_rmem_alloc_get(sk) - llc->copied_seq, |
| 153 | sk->sk_state, | 153 | sk->sk_state, |
| 154 | sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : -1, | 154 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), |
| 155 | llc->link); | 155 | llc->link); |
| 156 | out: | 156 | out: |
| 157 | return 0; | 157 | return 0; |
diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c index ceaca7c134a..d147317ce9e 100644 --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c | |||
| @@ -3846,7 +3846,7 @@ static int packet_seq_show(struct seq_file *seq, void *v) | |||
| 3846 | po->ifindex, | 3846 | po->ifindex, |
| 3847 | po->running, | 3847 | po->running, |
| 3848 | atomic_read(&s->sk_rmem_alloc), | 3848 | atomic_read(&s->sk_rmem_alloc), |
| 3849 | sock_i_uid(s), | 3849 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)), |
| 3850 | sock_i_ino(s)); | 3850 | sock_i_ino(s)); |
| 3851 | } | 3851 | } |
| 3852 | 3852 | ||
diff --git a/net/phonet/socket.c b/net/phonet/socket.c index 0acc943f713..b7e98278225 100644 --- a/net/phonet/socket.c +++ b/net/phonet/socket.c | |||
| @@ -612,7 +612,8 @@ static int pn_sock_seq_show(struct seq_file *seq, void *v) | |||
| 612 | sk->sk_protocol, pn->sobject, pn->dobject, | 612 | sk->sk_protocol, pn->sobject, pn->dobject, |
| 613 | pn->resource, sk->sk_state, | 613 | pn->resource, sk->sk_state, |
| 614 | sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk), | 614 | sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk), |
| 615 | sock_i_uid(sk), sock_i_ino(sk), | 615 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), |
| 616 | sock_i_ino(sk), | ||
| 616 | atomic_read(&sk->sk_refcnt), sk, | 617 | atomic_read(&sk->sk_refcnt), sk, |
| 617 | atomic_read(&sk->sk_drops), &len); | 618 | atomic_read(&sk->sk_drops), &len); |
| 618 | } | 619 | } |
| @@ -796,7 +797,8 @@ static int pn_res_seq_show(struct seq_file *seq, void *v) | |||
| 796 | struct sock *sk = *psk; | 797 | struct sock *sk = *psk; |
| 797 | 798 | ||
| 798 | seq_printf(seq, "%02X %5d %lu%n", | 799 | seq_printf(seq, "%02X %5d %lu%n", |
| 799 | (int) (psk - pnres.sk), sock_i_uid(sk), | 800 | (int) (psk - pnres.sk), |
| 801 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), | ||
| 800 | sock_i_ino(sk), &len); | 802 | sock_i_ino(sk), &len); |
| 801 | } | 803 | } |
| 802 | seq_printf(seq, "%*s\n", 63 - len, ""); | 804 | seq_printf(seq, "%*s\n", 63 - len, ""); |
diff --git a/net/sctp/proc.c b/net/sctp/proc.c index 1e2eee88c3e..dc12febc977 100644 --- a/net/sctp/proc.c +++ b/net/sctp/proc.c | |||
| @@ -216,7 +216,8 @@ static int sctp_eps_seq_show(struct seq_file *seq, void *v) | |||
| 216 | seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk, | 216 | seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk, |
| 217 | sctp_sk(sk)->type, sk->sk_state, hash, | 217 | sctp_sk(sk)->type, sk->sk_state, hash, |
| 218 | epb->bind_addr.port, | 218 | epb->bind_addr.port, |
| 219 | sock_i_uid(sk), sock_i_ino(sk)); | 219 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), |
| 220 | sock_i_ino(sk)); | ||
| 220 | 221 | ||
| 221 | sctp_seq_dump_local_addrs(seq, epb); | 222 | sctp_seq_dump_local_addrs(seq, epb); |
| 222 | seq_printf(seq, "\n"); | 223 | seq_printf(seq, "\n"); |
| @@ -324,7 +325,8 @@ static int sctp_assocs_seq_show(struct seq_file *seq, void *v) | |||
| 324 | assoc->assoc_id, | 325 | assoc->assoc_id, |
| 325 | assoc->sndbuf_used, | 326 | assoc->sndbuf_used, |
| 326 | atomic_read(&assoc->rmem_alloc), | 327 | atomic_read(&assoc->rmem_alloc), |
| 327 | sock_i_uid(sk), sock_i_ino(sk), | 328 | from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), |
| 329 | sock_i_ino(sk), | ||
| 328 | epb->bind_addr.port, | 330 | epb->bind_addr.port, |
| 329 | assoc->peer.port); | 331 | assoc->peer.port); |
| 330 | seq_printf(seq, " "); | 332 | seq_printf(seq, " "); |