diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-25 12:42:54 -0400 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-08-15 00:55:27 -0400 |
| commit | 9eea9515cb5f3a4416511ef54b1cc98ca04869a1 (patch) | |
| tree | bfbcf2b618a42a19128e75230529cd5d1ebf0167 /init | |
| parent | d06ca9564350184a19b5aae9ac150f1b1306de29 (diff) | |
userns: nfnetlink_log: Report socket uids in the log sockets user namespace
At logging instance creation capture the peer netlink socket's user
namespace. Use the captured peer user namespace when reporting socket
uids to the peer.
The peer socket's user namespace is guaranateed to be valid until the user
closes the netlink socket. nfnetlink_log removes instances during the final
close of a socket. __build_packet_message does not get called after an
instance is destroyed. Therefore it is safe to let the peer netlink socket
take care of the user namespace reference counting for us.
Acked-by: David S. Miller <davem@davemloft.net>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'init')
| -rw-r--r-- | init/Kconfig | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/init/Kconfig b/init/Kconfig index 07435e0c3a4b..2660b312ae9d 100644 --- a/init/Kconfig +++ b/init/Kconfig | |||
| @@ -947,7 +947,6 @@ config UIDGID_CONVERTED | |||
| 947 | depends on NETFILTER_XT_MATCH_OWNER = n | 947 | depends on NETFILTER_XT_MATCH_OWNER = n |
| 948 | depends on NETFILTER_XT_MATCH_RECENT = n | 948 | depends on NETFILTER_XT_MATCH_RECENT = n |
| 949 | depends on NETFILTER_XT_TARGET_LOG = n | 949 | depends on NETFILTER_XT_TARGET_LOG = n |
| 950 | depends on NETFILTER_NETLINK_LOG = n | ||
| 951 | depends on AF_RXRPC = n | 950 | depends on AF_RXRPC = n |
| 952 | depends on NET_KEY = n | 951 | depends on NET_KEY = n |
| 953 | depends on DNS_RESOLVER = n | 952 | depends on DNS_RESOLVER = n |