From: Vlad Yasevich <vyasevich-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
Cc: Patrick McHardy <kaber-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>,
Hideaki YOSHIFUJI
<yoshfuji-VfPWfsRibaP+Ru+s062T9g@public.gmane.org>,
netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Arnaldo Carvalho de Melo
<acme-f8uhVLnGfZaxAyOMLChx1axOck334EZe@public.gmane.org>,
Remi Denis-Courmont
<courmisch-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Alexey Kuznetsov <kuznet-v/Mj1YrvjDBInbfyfbPRSQ@public.gmane.org>,
Sridhar Samudrala <sri-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>,
David Miller <davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
Subject: Re: [PATCH 06/21] userns: Print out socket uids in a user namespace aware fashion.
Date: Tue, 14 Aug 2012 23:22:46 -0400 [thread overview]
Message-ID: <502B1606.801@gmail.com> (raw)
In-Reply-To: <1344889115-21610-6-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
On 08/13/2012 04:18 PM, Eric W. Biederman wrote:
> From: "Eric W. Biederman" <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
>
> Cc: David Miller <davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
> Cc: Alexey Kuznetsov <kuznet-v/Mj1YrvjDBInbfyfbPRSQ@public.gmane.org>
> Cc: James Morris <jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>
> Cc: Hideaki YOSHIFUJI <yoshfuji-VfPWfsRibaP+Ru+s062T9g@public.gmane.org>
> Cc: Patrick McHardy <kaber-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org>
> Cc: Remi Denis-Courmont <courmisch-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> Cc: Arnaldo Carvalho de Melo <acme-f8uhVLnGfZaxAyOMLChx1axOck334EZe@public.gmane.org>
> Cc: Vlad Yasevich <vyasevich-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> Cc: Sridhar Samudrala <sri-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> Acked-by: Serge Hallyn <serge.hallyn-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
> Signed-off-by: Eric W. Biederman <ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
ACK sctp parts
Acked-by: Vlad Yasevich <vyasevich-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
> ---
> include/net/tcp.h | 3 ++-
> init/Kconfig | 6 ------
> net/appletalk/atalk_proc.c | 3 ++-
> net/ipv4/ping.c | 4 +++-
> net/ipv4/raw.c | 4 +++-
> net/ipv4/tcp_ipv4.c | 6 +++---
> net/ipv4/udp.c | 4 +++-
> net/ipv6/raw.c | 3 ++-
> net/ipv6/tcp_ipv6.c | 6 +++---
> net/ipv6/udp.c | 3 ++-
> net/ipx/ipx_proc.c | 3 ++-
> net/key/af_key.c | 2 +-
> net/llc/llc_proc.c | 2 +-
> net/packet/af_packet.c | 2 +-
> net/phonet/socket.c | 6 ++++--
> net/sctp/proc.c | 6 ++++--
> 16 files changed, 36 insertions(+), 27 deletions(-)
>
> diff --git a/include/net/tcp.h b/include/net/tcp.h
> index e19124b..91e7467 100644
> --- a/include/net/tcp.h
> +++ b/include/net/tcp.h
> @@ -1509,7 +1509,8 @@ struct tcp_iter_state {
> sa_family_t family;
> enum tcp_seq_states state;
> struct sock *syn_wait_sk;
> - int bucket, offset, sbucket, num, uid;
> + int bucket, offset, sbucket, num;
> + kuid_t uid;
> loff_t last_pos;
> };
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 80fae19..25a6ebb 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -942,10 +942,7 @@ config UIDGID_CONVERTED
> depends on PROC_EVENTS = n
>
> # Networking
> - depends on PACKET = n
> depends on NET_9P = n
> - depends on IPX = n
> - depends on PHONET = n
> depends on NET_CLS_FLOW = n
> depends on NETFILTER_XT_MATCH_OWNER = n
> depends on NETFILTER_XT_MATCH_RECENT = n
> @@ -953,14 +950,11 @@ config UIDGID_CONVERTED
> depends on NETFILTER_NETLINK_LOG = n
> depends on INET = n
> depends on IPV6 = n
> - depends on IP_SCTP = n
> depends on AF_RXRPC = n
> - depends on LLC2 = n
> depends on NET_KEY = n
> depends on INET_DIAG = n
> depends on DNS_RESOLVER = n
> depends on AX25 = n
> - depends on ATALK = n
>
> # Filesystems
> depends on USB_GADGETFS = n
> diff --git a/net/appletalk/atalk_proc.c b/net/appletalk/atalk_proc.c
> index b5b1a22..c30f3a0 100644
> --- a/net/appletalk/atalk_proc.c
> +++ b/net/appletalk/atalk_proc.c
> @@ -183,7 +183,8 @@ static int atalk_seq_socket_show(struct seq_file *seq, void *v)
> ntohs(at->dest_net), at->dest_node, at->dest_port,
> sk_wmem_alloc_get(s),
> sk_rmem_alloc_get(s),
> - s->sk_state, SOCK_INODE(s->sk_socket)->i_uid);
> + s->sk_state,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)));
> out:
> return 0;
> }
> diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
> index 6232d47..bee5eeb 100644
> --- a/net/ipv4/ping.c
> +++ b/net/ipv4/ping.c
> @@ -845,7 +845,9 @@ static void ping_format_sock(struct sock *sp, struct seq_file *f,
> bucket, src, srcp, dest, destp, sp->sk_state,
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
> + 0, 0L, 0,
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
> + 0, sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> atomic_read(&sp->sk_drops), len);
> }
> diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> index ff0f071..f242578 100644
> --- a/net/ipv4/raw.c
> +++ b/net/ipv4/raw.c
> @@ -992,7 +992,9 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i)
> i, src, srcp, dest, destp, sp->sk_state,
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
> + 0, 0L, 0,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> + 0, sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops));
> }
>
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index 42b2a6a..642be8a 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -2382,7 +2382,7 @@ void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo)
> EXPORT_SYMBOL(tcp_proc_unregister);
>
> static void get_openreq4(const struct sock *sk, const struct request_sock *req,
> - struct seq_file *f, int i, int uid, int *len)
> + struct seq_file *f, int i, kuid_t uid, int *len)
> {
> const struct inet_request_sock *ireq = inet_rsk(req);
> int ttd = req->expires - jiffies;
> @@ -2399,7 +2399,7 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
> 1, /* timers active (only the expire timer) */
> jiffies_to_clock_t(ttd),
> req->retrans,
> - uid,
> + from_kuid_munged(seq_user_ns(f), uid),
> 0, /* non standard timer */
> 0, /* open_requests have no inode */
> atomic_read(&sk->sk_refcnt),
> @@ -2450,7 +2450,7 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
> timer_active,
> jiffies_to_clock_t(timer_expires - jiffies),
> icsk->icsk_retransmits,
> - sock_i_uid(sk),
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)),
> icsk->icsk_probes_out,
> sock_i_ino(sk),
> atomic_read(&sk->sk_refcnt), sk,
> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> index b4c3582..53b8981 100644
> --- a/net/ipv4/udp.c
> +++ b/net/ipv4/udp.c
> @@ -2110,7 +2110,9 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f,
> bucket, src, srcp, dest, destp, sp->sk_state,
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
> + 0, 0L, 0,
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
> + 0, sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> atomic_read(&sp->sk_drops), len);
> }
> diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
> index ef0579d..7af88ef 100644
> --- a/net/ipv6/raw.c
> +++ b/net/ipv6/raw.c
> @@ -1251,7 +1251,8 @@ static void raw6_sock_seq_show(struct seq_file *seq, struct sock *sp, int i)
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> 0, 0L, 0,
> - sock_i_uid(sp), 0,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> + 0,
> sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops));
> }
> diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
> index c66b90f..4b5b335 100644
> --- a/net/ipv6/tcp_ipv6.c
> +++ b/net/ipv6/tcp_ipv6.c
> @@ -1803,7 +1803,7 @@ static void tcp_v6_destroy_sock(struct sock *sk)
> #ifdef CONFIG_PROC_FS
> /* Proc filesystem TCPv6 sock list dumping. */
> static void get_openreq6(struct seq_file *seq,
> - const struct sock *sk, struct request_sock *req, int i, int uid)
> + const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
> {
> int ttd = req->expires - jiffies;
> const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
> @@ -1827,7 +1827,7 @@ static void get_openreq6(struct seq_file *seq,
> 1, /* timers active (only the expire timer) */
> jiffies_to_clock_t(ttd),
> req->retrans,
> - uid,
> + from_kuid_munged(seq_user_ns(seq), uid),
> 0, /* non standard timer */
> 0, /* open_requests have no inode */
> 0, req);
> @@ -1877,7 +1877,7 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
> timer_active,
> jiffies_to_clock_t(timer_expires - jiffies),
> icsk->icsk_retransmits,
> - sock_i_uid(sp),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> icsk->icsk_probes_out,
> sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
> index 99d0077..bbdff07 100644
> --- a/net/ipv6/udp.c
> +++ b/net/ipv6/udp.c
> @@ -1458,7 +1458,8 @@ static void udp6_sock_seq_show(struct seq_file *seq, struct sock *sp, int bucket
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> 0, 0L, 0,
> - sock_i_uid(sp), 0,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> + 0,
> sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> atomic_read(&sp->sk_drops));
> diff --git a/net/ipx/ipx_proc.c b/net/ipx/ipx_proc.c
> index f8ba30d..02ff7f2 100644
> --- a/net/ipx/ipx_proc.c
> +++ b/net/ipx/ipx_proc.c
> @@ -217,7 +217,8 @@ static int ipx_seq_socket_show(struct seq_file *seq, void *v)
> seq_printf(seq, "%08X %08X %02X %03d\n",
> sk_wmem_alloc_get(s),
> sk_rmem_alloc_get(s),
> - s->sk_state, SOCK_INODE(s->sk_socket)->i_uid);
> + s->sk_state,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)));
> out:
> return 0;
> }
> diff --git a/net/key/af_key.c b/net/key/af_key.c
> index 34e4185..0481d4b 100644
> --- a/net/key/af_key.c
> +++ b/net/key/af_key.c
> @@ -3661,7 +3661,7 @@ static int pfkey_seq_show(struct seq_file *f, void *v)
> atomic_read(&s->sk_refcnt),
> sk_rmem_alloc_get(s),
> sk_wmem_alloc_get(s),
> - sock_i_uid(s),
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(s)),
> sock_i_ino(s)
> );
> return 0;
> diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c
> index a1839c0..7b4799c 100644
> --- a/net/llc/llc_proc.c
> +++ b/net/llc/llc_proc.c
> @@ -151,7 +151,7 @@ static int llc_seq_socket_show(struct seq_file *seq, void *v)
> sk_wmem_alloc_get(sk),
> sk_rmem_alloc_get(sk) - llc->copied_seq,
> sk->sk_state,
> - sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : -1,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> llc->link);
> out:
> return 0;
> diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
> index ceaca7c..d147317 100644
> --- a/net/packet/af_packet.c
> +++ b/net/packet/af_packet.c
> @@ -3846,7 +3846,7 @@ static int packet_seq_show(struct seq_file *seq, void *v)
> po->ifindex,
> po->running,
> atomic_read(&s->sk_rmem_alloc),
> - sock_i_uid(s),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)),
> sock_i_ino(s));
> }
>
> diff --git a/net/phonet/socket.c b/net/phonet/socket.c
> index 0acc943..b7e9827 100644
> --- a/net/phonet/socket.c
> +++ b/net/phonet/socket.c
> @@ -612,7 +612,8 @@ static int pn_sock_seq_show(struct seq_file *seq, void *v)
> sk->sk_protocol, pn->sobject, pn->dobject,
> pn->resource, sk->sk_state,
> sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk),
> - sock_i_uid(sk), sock_i_ino(sk),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> + sock_i_ino(sk),
> atomic_read(&sk->sk_refcnt), sk,
> atomic_read(&sk->sk_drops), &len);
> }
> @@ -796,7 +797,8 @@ static int pn_res_seq_show(struct seq_file *seq, void *v)
> struct sock *sk = *psk;
>
> seq_printf(seq, "%02X %5d %lu%n",
> - (int) (psk - pnres.sk), sock_i_uid(sk),
> + (int) (psk - pnres.sk),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> sock_i_ino(sk), &len);
> }
> seq_printf(seq, "%*s\n", 63 - len, "");
> diff --git a/net/sctp/proc.c b/net/sctp/proc.c
> index 1e2eee8..dc12feb 100644
> --- a/net/sctp/proc.c
> +++ b/net/sctp/proc.c
> @@ -216,7 +216,8 @@ static int sctp_eps_seq_show(struct seq_file *seq, void *v)
> seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk,
> sctp_sk(sk)->type, sk->sk_state, hash,
> epb->bind_addr.port,
> - sock_i_uid(sk), sock_i_ino(sk));
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> + sock_i_ino(sk));
>
> sctp_seq_dump_local_addrs(seq, epb);
> seq_printf(seq, "\n");
> @@ -324,7 +325,8 @@ static int sctp_assocs_seq_show(struct seq_file *seq, void *v)
> assoc->assoc_id,
> assoc->sndbuf_used,
> atomic_read(&assoc->rmem_alloc),
> - sock_i_uid(sk), sock_i_ino(sk),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> + sock_i_ino(sk),
> epb->bind_addr.port,
> assoc->peer.port);
> seq_printf(seq, " ");
>
WARNING: multiple messages have this Message-ID (diff)
From: Vlad Yasevich <vyasevich@gmail.com>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
containers@lists.linux-foundation.org,
David Miller <davem@davemloft.net>,
Serge Hallyn <serge@hallyn.com>,
Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
James Morris <jmorris@namei.org>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Patrick McHardy <kaber@trash.net>,
Remi Denis-Courmont <courmisch@gmail.com>,
Arnaldo Carvalho de Melo <acme@ghostprotocols.net>,
Sridhar Samudrala <sri@us.ibm.com>
Subject: Re: [PATCH 06/21] userns: Print out socket uids in a user namespace aware fashion.
Date: Tue, 14 Aug 2012 23:22:46 -0400 [thread overview]
Message-ID: <502B1606.801@gmail.com> (raw)
In-Reply-To: <1344889115-21610-6-git-send-email-ebiederm@xmission.com>
On 08/13/2012 04:18 PM, Eric W. Biederman wrote:
> From: "Eric W. Biederman" <ebiederm@xmission.com>
>
> Cc: David Miller <davem@davemloft.net>
> Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
> Cc: James Morris <jmorris@namei.org>
> Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
> Cc: Patrick McHardy <kaber@trash.net>
> Cc: Remi Denis-Courmont <courmisch@gmail.com>
> Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
> Cc: Vlad Yasevich <vyasevich@gmail.com>
> Cc: Sridhar Samudrala <sri@us.ibm.com>
> Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
ACK sctp parts
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
> ---
> include/net/tcp.h | 3 ++-
> init/Kconfig | 6 ------
> net/appletalk/atalk_proc.c | 3 ++-
> net/ipv4/ping.c | 4 +++-
> net/ipv4/raw.c | 4 +++-
> net/ipv4/tcp_ipv4.c | 6 +++---
> net/ipv4/udp.c | 4 +++-
> net/ipv6/raw.c | 3 ++-
> net/ipv6/tcp_ipv6.c | 6 +++---
> net/ipv6/udp.c | 3 ++-
> net/ipx/ipx_proc.c | 3 ++-
> net/key/af_key.c | 2 +-
> net/llc/llc_proc.c | 2 +-
> net/packet/af_packet.c | 2 +-
> net/phonet/socket.c | 6 ++++--
> net/sctp/proc.c | 6 ++++--
> 16 files changed, 36 insertions(+), 27 deletions(-)
>
> diff --git a/include/net/tcp.h b/include/net/tcp.h
> index e19124b..91e7467 100644
> --- a/include/net/tcp.h
> +++ b/include/net/tcp.h
> @@ -1509,7 +1509,8 @@ struct tcp_iter_state {
> sa_family_t family;
> enum tcp_seq_states state;
> struct sock *syn_wait_sk;
> - int bucket, offset, sbucket, num, uid;
> + int bucket, offset, sbucket, num;
> + kuid_t uid;
> loff_t last_pos;
> };
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 80fae19..25a6ebb 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -942,10 +942,7 @@ config UIDGID_CONVERTED
> depends on PROC_EVENTS = n
>
> # Networking
> - depends on PACKET = n
> depends on NET_9P = n
> - depends on IPX = n
> - depends on PHONET = n
> depends on NET_CLS_FLOW = n
> depends on NETFILTER_XT_MATCH_OWNER = n
> depends on NETFILTER_XT_MATCH_RECENT = n
> @@ -953,14 +950,11 @@ config UIDGID_CONVERTED
> depends on NETFILTER_NETLINK_LOG = n
> depends on INET = n
> depends on IPV6 = n
> - depends on IP_SCTP = n
> depends on AF_RXRPC = n
> - depends on LLC2 = n
> depends on NET_KEY = n
> depends on INET_DIAG = n
> depends on DNS_RESOLVER = n
> depends on AX25 = n
> - depends on ATALK = n
>
> # Filesystems
> depends on USB_GADGETFS = n
> diff --git a/net/appletalk/atalk_proc.c b/net/appletalk/atalk_proc.c
> index b5b1a22..c30f3a0 100644
> --- a/net/appletalk/atalk_proc.c
> +++ b/net/appletalk/atalk_proc.c
> @@ -183,7 +183,8 @@ static int atalk_seq_socket_show(struct seq_file *seq, void *v)
> ntohs(at->dest_net), at->dest_node, at->dest_port,
> sk_wmem_alloc_get(s),
> sk_rmem_alloc_get(s),
> - s->sk_state, SOCK_INODE(s->sk_socket)->i_uid);
> + s->sk_state,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)));
> out:
> return 0;
> }
> diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
> index 6232d47..bee5eeb 100644
> --- a/net/ipv4/ping.c
> +++ b/net/ipv4/ping.c
> @@ -845,7 +845,9 @@ static void ping_format_sock(struct sock *sp, struct seq_file *f,
> bucket, src, srcp, dest, destp, sp->sk_state,
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
> + 0, 0L, 0,
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
> + 0, sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> atomic_read(&sp->sk_drops), len);
> }
> diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> index ff0f071..f242578 100644
> --- a/net/ipv4/raw.c
> +++ b/net/ipv4/raw.c
> @@ -992,7 +992,9 @@ static void raw_sock_seq_show(struct seq_file *seq, struct sock *sp, int i)
> i, src, srcp, dest, destp, sp->sk_state,
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
> + 0, 0L, 0,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> + 0, sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops));
> }
>
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index 42b2a6a..642be8a 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -2382,7 +2382,7 @@ void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo)
> EXPORT_SYMBOL(tcp_proc_unregister);
>
> static void get_openreq4(const struct sock *sk, const struct request_sock *req,
> - struct seq_file *f, int i, int uid, int *len)
> + struct seq_file *f, int i, kuid_t uid, int *len)
> {
> const struct inet_request_sock *ireq = inet_rsk(req);
> int ttd = req->expires - jiffies;
> @@ -2399,7 +2399,7 @@ static void get_openreq4(const struct sock *sk, const struct request_sock *req,
> 1, /* timers active (only the expire timer) */
> jiffies_to_clock_t(ttd),
> req->retrans,
> - uid,
> + from_kuid_munged(seq_user_ns(f), uid),
> 0, /* non standard timer */
> 0, /* open_requests have no inode */
> atomic_read(&sk->sk_refcnt),
> @@ -2450,7 +2450,7 @@ static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i, int *len)
> timer_active,
> jiffies_to_clock_t(timer_expires - jiffies),
> icsk->icsk_retransmits,
> - sock_i_uid(sk),
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)),
> icsk->icsk_probes_out,
> sock_i_ino(sk),
> atomic_read(&sk->sk_refcnt), sk,
> diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
> index b4c3582..53b8981 100644
> --- a/net/ipv4/udp.c
> +++ b/net/ipv4/udp.c
> @@ -2110,7 +2110,9 @@ static void udp4_format_sock(struct sock *sp, struct seq_file *f,
> bucket, src, srcp, dest, destp, sp->sk_state,
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
> + 0, 0L, 0,
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)),
> + 0, sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> atomic_read(&sp->sk_drops), len);
> }
> diff --git a/net/ipv6/raw.c b/net/ipv6/raw.c
> index ef0579d..7af88ef 100644
> --- a/net/ipv6/raw.c
> +++ b/net/ipv6/raw.c
> @@ -1251,7 +1251,8 @@ static void raw6_sock_seq_show(struct seq_file *seq, struct sock *sp, int i)
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> 0, 0L, 0,
> - sock_i_uid(sp), 0,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> + 0,
> sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops));
> }
> diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
> index c66b90f..4b5b335 100644
> --- a/net/ipv6/tcp_ipv6.c
> +++ b/net/ipv6/tcp_ipv6.c
> @@ -1803,7 +1803,7 @@ static void tcp_v6_destroy_sock(struct sock *sk)
> #ifdef CONFIG_PROC_FS
> /* Proc filesystem TCPv6 sock list dumping. */
> static void get_openreq6(struct seq_file *seq,
> - const struct sock *sk, struct request_sock *req, int i, int uid)
> + const struct sock *sk, struct request_sock *req, int i, kuid_t uid)
> {
> int ttd = req->expires - jiffies;
> const struct in6_addr *src = &inet6_rsk(req)->loc_addr;
> @@ -1827,7 +1827,7 @@ static void get_openreq6(struct seq_file *seq,
> 1, /* timers active (only the expire timer) */
> jiffies_to_clock_t(ttd),
> req->retrans,
> - uid,
> + from_kuid_munged(seq_user_ns(seq), uid),
> 0, /* non standard timer */
> 0, /* open_requests have no inode */
> 0, req);
> @@ -1877,7 +1877,7 @@ static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
> timer_active,
> jiffies_to_clock_t(timer_expires - jiffies),
> icsk->icsk_retransmits,
> - sock_i_uid(sp),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> icsk->icsk_probes_out,
> sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
> index 99d0077..bbdff07 100644
> --- a/net/ipv6/udp.c
> +++ b/net/ipv6/udp.c
> @@ -1458,7 +1458,8 @@ static void udp6_sock_seq_show(struct seq_file *seq, struct sock *sp, int bucket
> sk_wmem_alloc_get(sp),
> sk_rmem_alloc_get(sp),
> 0, 0L, 0,
> - sock_i_uid(sp), 0,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
> + 0,
> sock_i_ino(sp),
> atomic_read(&sp->sk_refcnt), sp,
> atomic_read(&sp->sk_drops));
> diff --git a/net/ipx/ipx_proc.c b/net/ipx/ipx_proc.c
> index f8ba30d..02ff7f2 100644
> --- a/net/ipx/ipx_proc.c
> +++ b/net/ipx/ipx_proc.c
> @@ -217,7 +217,8 @@ static int ipx_seq_socket_show(struct seq_file *seq, void *v)
> seq_printf(seq, "%08X %08X %02X %03d\n",
> sk_wmem_alloc_get(s),
> sk_rmem_alloc_get(s),
> - s->sk_state, SOCK_INODE(s->sk_socket)->i_uid);
> + s->sk_state,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)));
> out:
> return 0;
> }
> diff --git a/net/key/af_key.c b/net/key/af_key.c
> index 34e4185..0481d4b 100644
> --- a/net/key/af_key.c
> +++ b/net/key/af_key.c
> @@ -3661,7 +3661,7 @@ static int pfkey_seq_show(struct seq_file *f, void *v)
> atomic_read(&s->sk_refcnt),
> sk_rmem_alloc_get(s),
> sk_wmem_alloc_get(s),
> - sock_i_uid(s),
> + from_kuid_munged(seq_user_ns(f), sock_i_uid(s)),
> sock_i_ino(s)
> );
> return 0;
> diff --git a/net/llc/llc_proc.c b/net/llc/llc_proc.c
> index a1839c0..7b4799c 100644
> --- a/net/llc/llc_proc.c
> +++ b/net/llc/llc_proc.c
> @@ -151,7 +151,7 @@ static int llc_seq_socket_show(struct seq_file *seq, void *v)
> sk_wmem_alloc_get(sk),
> sk_rmem_alloc_get(sk) - llc->copied_seq,
> sk->sk_state,
> - sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : -1,
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> llc->link);
> out:
> return 0;
> diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
> index ceaca7c..d147317 100644
> --- a/net/packet/af_packet.c
> +++ b/net/packet/af_packet.c
> @@ -3846,7 +3846,7 @@ static int packet_seq_show(struct seq_file *seq, void *v)
> po->ifindex,
> po->running,
> atomic_read(&s->sk_rmem_alloc),
> - sock_i_uid(s),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)),
> sock_i_ino(s));
> }
>
> diff --git a/net/phonet/socket.c b/net/phonet/socket.c
> index 0acc943..b7e9827 100644
> --- a/net/phonet/socket.c
> +++ b/net/phonet/socket.c
> @@ -612,7 +612,8 @@ static int pn_sock_seq_show(struct seq_file *seq, void *v)
> sk->sk_protocol, pn->sobject, pn->dobject,
> pn->resource, sk->sk_state,
> sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk),
> - sock_i_uid(sk), sock_i_ino(sk),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> + sock_i_ino(sk),
> atomic_read(&sk->sk_refcnt), sk,
> atomic_read(&sk->sk_drops), &len);
> }
> @@ -796,7 +797,8 @@ static int pn_res_seq_show(struct seq_file *seq, void *v)
> struct sock *sk = *psk;
>
> seq_printf(seq, "%02X %5d %lu%n",
> - (int) (psk - pnres.sk), sock_i_uid(sk),
> + (int) (psk - pnres.sk),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> sock_i_ino(sk), &len);
> }
> seq_printf(seq, "%*s\n", 63 - len, "");
> diff --git a/net/sctp/proc.c b/net/sctp/proc.c
> index 1e2eee8..dc12feb 100644
> --- a/net/sctp/proc.c
> +++ b/net/sctp/proc.c
> @@ -216,7 +216,8 @@ static int sctp_eps_seq_show(struct seq_file *seq, void *v)
> seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk,
> sctp_sk(sk)->type, sk->sk_state, hash,
> epb->bind_addr.port,
> - sock_i_uid(sk), sock_i_ino(sk));
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> + sock_i_ino(sk));
>
> sctp_seq_dump_local_addrs(seq, epb);
> seq_printf(seq, "\n");
> @@ -324,7 +325,8 @@ static int sctp_assocs_seq_show(struct seq_file *seq, void *v)
> assoc->assoc_id,
> assoc->sndbuf_used,
> atomic_read(&assoc->rmem_alloc),
> - sock_i_uid(sk), sock_i_ino(sk),
> + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)),
> + sock_i_ino(sk),
> epb->bind_addr.port,
> assoc->peer.port);
> seq_printf(seq, " ");
>
next prev parent reply other threads:[~2012-08-15 3:22 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-13 20:07 [REVIEW][PATCH 0/21] User namespace changes to the networking stack Eric W. Biederman
2012-08-13 20:07 ` Eric W. Biederman
[not found] ` <87ehnav9n5.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-13 20:18 ` [PATCH 01/21] userns: Convert net/core/scm.c to use kuids and kgids Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 10/21] userns: Convert net/ax25 to use kuid_t where appropriate Eric W. Biederman
[not found] ` <1344889115-21610-1-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-13 20:18 ` [PATCH 02/21] userns: Convert __dev_set_promiscuity to use kuids in audit logs Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 03/21] userns: Convert sock_i_uid to return a kuid_t Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 04/21] userns: Allow USER_NS and NET simultaneously in Kconfig Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 05/21] userns: Make seq_file's user namespace accessible Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 06/21] userns: Print out socket uids in a user namespace aware fashion Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
[not found] ` <1344889115-21610-6-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-13 20:26 ` Rémi Denis-Courmont
2012-08-13 20:26 ` Rémi Denis-Courmont
[not found] ` <201208132326.35045.remi-AzDNUFsAnHasTnJN9+BGXg@public.gmane.org>
2012-08-15 4:47 ` Eric W. Biederman
2012-08-15 4:47 ` Eric W. Biederman
2012-08-15 3:22 ` Vlad Yasevich [this message]
2012-08-15 3:22 ` Vlad Yasevich
2012-08-13 20:18 ` [PATCH 07/21] userns: Use kgids for sysctl_ping_group_range Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
[not found] ` <1344889115-21610-7-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-20 18:09 ` Vasiliy Kulikov
2012-08-20 18:09 ` Vasiliy Kulikov
2012-08-13 20:18 ` [PATCH 08/21] net ip6 flowlabel: Make owner a union of struct pid * and kuid_t Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 09/21] pidns: Export free_pid_ns Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 10/21] userns: Convert net/ax25 to use kuid_t where appropriate Eric W. Biederman
2012-08-13 20:18 ` [PATCH 11/21] netlink: Make the sending netlink socket availabe in NETLINK_CB Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 12/21] userns: Implement sk_user_ns Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 13/21] userns: Teach inet_diag to work with user namespaces Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
[not found] ` <1344889115-21610-13-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-14 8:35 ` Pavel Emelyanov
2012-08-14 8:35 ` Pavel Emelyanov
2012-08-13 20:18 ` [PATCH 14/21] userns: nfnetlink_log: Report socket uids in the log sockets user namespace Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 15/21] net sched: Pass the skb into change so it can access NETLINK_CB Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
[not found] ` <1344889115-21610-15-git-send-email-ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-15 8:11 ` Jamal Hadi Salim
2012-08-15 8:11 ` Jamal Hadi Salim
2012-08-13 20:18 ` [PATCH 16/21] userns: Convert cls_flow to work with user namespaces enabled Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 17/21] userns: Convert xt_LOG to print socket kuids and kgids as uids and gids Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 18/21] userns xt_recent: Specify the owner/group of ip_list_perms in the initial user namespace Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 19/21] userns: xt_owner: Add basic user namespace support Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 20/21] userns: Make the airo wireless driver use kuids for proc uids and gids Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` [PATCH 21/21] userns: Convert tun/tap to use kuid and kgid where appropriate Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-13 20:18 ` Eric W. Biederman
2012-08-15 0:12 ` [REVIEW][PATCH 0/21] User namespace changes to the networking stack David Miller
2012-08-15 0:47 ` Eric W. Biederman
[not found] ` <20120814.171203.1784557890475348401.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2012-08-15 0:47 ` Eric W. Biederman
2012-08-15 6:37 ` Eric W. Biederman
[not found] ` <87boicfyo9.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-08-25 1:42 ` David Miller
[not found] ` <20120824.214237.2157641321364380276.davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org>
2012-08-25 3:46 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=502B1606.801@gmail.com \
--to=vyasevich-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=acme-f8uhVLnGfZaxAyOMLChx1axOck334EZe@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=courmisch-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=davem-fT/PcQaiUtIeIZ0/mPfg9Q@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=kaber-dcUjhNyLwpNeoWH0uzbU5w@public.gmane.org \
--cc=kuznet-v/Mj1YrvjDBInbfyfbPRSQ@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=netdev-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=sri-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=yoshfuji-VfPWfsRibaP+Ru+s062T9g@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.