diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-07 17:17:17 -0400 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-09-10 15:34:30 -0400 |
commit | c6bb8136c95ce16545f8c4028e958c0ee6c86f23 (patch) | |
tree | 0ec3bd7a23eccd33e3f1857de1637715eb65c17d /net/xfrm | |
parent | 15e473046cb6e5d18a4d0057e61d76315230382b (diff) |
xfrm: Report user triggered expirations against the users socket
When a policy expiration is triggered from user space the request
travels through km_policy_expired and ultimately into
xfrm_exp_policy_notify which calls build_polexpire. build_polexpire
uses the netlink port passed to km_policy_expired as the source port for
the netlink message it builds.
When a state expiration is triggered from user space the request travles
through km_state_expired and ultimately into xfrm_exp_state_notify which
calls build_expire. build_expire uses the netlink port passed to
km_state_expired as the source port for the netlink message it builds.
Pass nlh->nlmsg_pid from the user generated netlink message that
requested the expiration to km_policy_expired and km_state_expired
instead of current->pid which is not a netlink port number.
Cc: Jamal Hadi Salim <hadi@cyberus.ca>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Jamal Hadi Salim <jhs@mojatatu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/xfrm')
-rw-r--r-- | net/xfrm/xfrm_user.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index b313d932d678..5d6eb4b3c089 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
@@ -1930,7 +1930,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
1930 | // reset the timers here? | 1930 | // reset the timers here? |
1931 | WARN(1, "Dont know what to do with soft policy expire\n"); | 1931 | WARN(1, "Dont know what to do with soft policy expire\n"); |
1932 | } | 1932 | } |
1933 | km_policy_expired(xp, p->dir, up->hard, current->pid); | 1933 | km_policy_expired(xp, p->dir, up->hard, nlh->nlmsg_pid); |
1934 | 1934 | ||
1935 | out: | 1935 | out: |
1936 | xfrm_pol_put(xp); | 1936 | xfrm_pol_put(xp); |
@@ -1958,7 +1958,7 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
1958 | err = -EINVAL; | 1958 | err = -EINVAL; |
1959 | if (x->km.state != XFRM_STATE_VALID) | 1959 | if (x->km.state != XFRM_STATE_VALID) |
1960 | goto out; | 1960 | goto out; |
1961 | km_state_expired(x, ue->hard, current->pid); | 1961 | km_state_expired(x, ue->hard, nlh->nlmsg_pid); |
1962 | 1962 | ||
1963 | if (ue->hard) { | 1963 | if (ue->hard) { |
1964 | uid_t loginuid = audit_get_loginuid(current); | 1964 | uid_t loginuid = audit_get_loginuid(current); |