lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-Id: <20120914111757.83aee928b17b60bbbc09f4d7@canb.auug.org.au>
Date:	Fri, 14 Sep 2012 11:17:57 +1000
From:	Stephen Rothwell <sfr@...b.auug.org.au>
To:	David Miller <davem@...emloft.net>, <netdev@...r.kernel.org>
Cc:	linux-next@...r.kernel.org, linux-kernel@...r.kernel.org,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Eric Dumazet <edumazet@...gle.com>
Subject: linux-next: manual merge of the net-next tree with the net tree

Hi all,

Today's linux-next merge of the net-next tree got a conflict in
net/netfilter/xt_LOG.c between commit 0626af313957 ("netfilter: take care
of timewait sockets") from the net tree and commit 8c6e2a941ae7 ("userns:
Convert xt_LOG to print socket kuids and kgids as uids and gids") from
the net-next tree.

I fixed it up (I think - see below) and can carry the fix as necessary
(no action is required).

-- 
Cheers,
Stephen Rothwell                    sfr@...b.auug.org.au

diff --cc net/netfilter/xt_LOG.c
index 91e9af4,02a2bf4..0000000
--- a/net/netfilter/xt_LOG.c
+++ b/net/netfilter/xt_LOG.c
@@@ -145,19 -145,6 +145,21 @@@ static int dump_tcp_header(struct sbuf
  	return 0;
  }
  
 +static void dump_sk_uid_gid(struct sbuff *m, struct sock *sk)
 +{
 +	if (!sk || sk->sk_state == TCP_TIME_WAIT)
 +		return;
 +
 +	read_lock_bh(&sk->sk_callback_lock);
 +	if (sk->sk_socket && sk->sk_socket->file) {
++		const struct cred *cred = sk->sk_socket->file->f_cred;
 +		sb_add(m, "UID=%u GID=%u ",
- 			sk->sk_socket->file->f_cred->fsuid,
- 			sk->sk_socket->file->f_cred->fsgid);
++			from_kuid_munged(&init_user_ns, cred->fsuid),
++			from_kgid_munged(&init_user_ns, cred->fsgid));
++	}
 +	read_unlock_bh(&sk->sk_callback_lock);
 +}
 +
  /* One level of recursion won't kill us */
  static void dump_ipv4_packet(struct sbuff *m,
  			const struct nf_loginfo *info,

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ