| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Feb 2017 10:18:37 +0900
From: Lorenzo Colitti <lorenzo@...gle.com>
To: Eric Dumazet <eric.dumazet@...il.com>
Cc: Daniel Borkmann <daniel@...earbox.net>,
Chenbo Feng <chenbofeng.kernel@...il.com>,
"David S . Miller" <davem@...emloft.net>,
Alexei Starovoitov <ast@...com>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
Willem de Bruijn <willemb@...gle.com>,
Chenbo Feng <fengc@...gle.com>
Subject: Re: [PATCH net-next 2/2] Add a eBPF helper function to retrieve
socket uid
On Fri, Feb 3, 2017 at 9:31 AM, Eric Dumazet <eric.dumazet@...il.com> wrote:
>> It should be safe to call sock_net_uid on any type of socket
>> (including NULL). sk_uid was added to struct sock in 86741ec25462
>> ("net: core: Add a UID field to struct sock.")
>
> But a request socket or a timewait socket do not have this field.
>
> Daniel point is valid.
My bad. Yes.
It would definitely be useful to have the UID available in request
sockets, and perhaps timewait sockets as well. That could be done by
moving the UID to sock_common, or with something along the lines of:
static inline kuid_t sock_net_uid(const struct net *net, const struct sock *sk)
{
+ if (sk && sk->sk_state == TCP_NEW_SYN_RECV)
+ sk = sk->__sk_common.skc_listener;
+ else if (sk && !sk_fullsock(sk))
+ sk = NULL;
+
return sk ? sk->sk_uid : make_kuid(net->user_ns, 0);
}
Any thoughts on which is better?
Powered by blists - more mailing lists