diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-24 19:21:27 -0400 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-08-15 00:49:49 -0400 |
| commit | 3fbc290540a1ed1a8a076ed8f53bee7a38a9f408 (patch) | |
| tree | f3794a6038eca1b848c98577ace64027b1fe6bb1 | |
| parent | d13fda8564a67341aad257465cf319bdb2327e33 (diff) | |
netlink: Make the sending netlink socket availabe in NETLINK_CB
The sending socket of an skb is already available by it's port id
in the NETLINK_CB. If you want to know more like to examine the
credentials on the sending socket you have to look up the sending
socket by it's port id and all of the needed functions and data
structures are static inside of af_netlink.c. So do the simple
thing and pass the sending socket to the receivers in the NETLINK_CB.
I intend to use this to get the user namespace of the sending socket
in inet_diag so that I can report uids in the context of the process
who opened the socket, the same way I report uids in the contect
of the process who opens files.
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
| -rw-r--r-- | include/linux/netlink.h | 1 | ||||
| -rw-r--r-- | net/netlink/af_netlink.c | 6 |
2 files changed, 5 insertions, 2 deletions
diff --git a/include/linux/netlink.h b/include/linux/netlink.h index f74dd133788f..c9fdde2bc73f 100644 --- a/include/linux/netlink.h +++ b/include/linux/netlink.h | |||
| @@ -165,6 +165,7 @@ struct netlink_skb_parms { | |||
| 165 | struct ucred creds; /* Skb credentials */ | 165 | struct ucred creds; /* Skb credentials */ |
| 166 | __u32 pid; | 166 | __u32 pid; |
| 167 | __u32 dst_group; | 167 | __u32 dst_group; |
| 168 | struct sock *ssk; | ||
| 168 | }; | 169 | }; |
| 169 | 170 | ||
| 170 | #define NETLINK_CB(skb) (*(struct netlink_skb_parms*)&((skb)->cb)) | 171 | #define NETLINK_CB(skb) (*(struct netlink_skb_parms*)&((skb)->cb)) |
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 5463969da45b..7cb7867cc369 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c | |||
| @@ -912,7 +912,8 @@ static void netlink_rcv_wake(struct sock *sk) | |||
| 912 | wake_up_interruptible(&nlk->wait); | 912 | wake_up_interruptible(&nlk->wait); |
| 913 | } | 913 | } |
| 914 | 914 | ||
| 915 | static int netlink_unicast_kernel(struct sock *sk, struct sk_buff *skb) | 915 | static int netlink_unicast_kernel(struct sock *sk, struct sk_buff *skb, |
| 916 | struct sock *ssk) | ||
| 916 | { | 917 | { |
| 917 | int ret; | 918 | int ret; |
| 918 | struct netlink_sock *nlk = nlk_sk(sk); | 919 | struct netlink_sock *nlk = nlk_sk(sk); |
| @@ -921,6 +922,7 @@ static int netlink_unicast_kernel(struct sock *sk, struct sk_buff *skb) | |||
| 921 | if (nlk->netlink_rcv != NULL) { | 922 | if (nlk->netlink_rcv != NULL) { |
| 922 | ret = skb->len; | 923 | ret = skb->len; |
| 923 | skb_set_owner_r(skb, sk); | 924 | skb_set_owner_r(skb, sk); |
| 925 | NETLINK_CB(skb).ssk = ssk; | ||
| 924 | nlk->netlink_rcv(skb); | 926 | nlk->netlink_rcv(skb); |
| 925 | consume_skb(skb); | 927 | consume_skb(skb); |
| 926 | } else { | 928 | } else { |
| @@ -947,7 +949,7 @@ retry: | |||
| 947 | return PTR_ERR(sk); | 949 | return PTR_ERR(sk); |
| 948 | } | 950 | } |
| 949 | if (netlink_is_kernel(sk)) | 951 | if (netlink_is_kernel(sk)) |
| 950 | return netlink_unicast_kernel(sk, skb); | 952 | return netlink_unicast_kernel(sk, skb, ssk); |
| 951 | 953 | ||
| 952 | if (sk_filter(sk, skb)) { | 954 | if (sk_filter(sk, skb)) { |
| 953 | err = skb->len; | 955 | err = skb->len; |