Lorenzo Colitti d3cd043531 net: core: Add a UID field to struct sock. ... Protocol sockets (struct sock) don't have UIDs, but most of the time, they map 1:1 to userspace sockets (struct socket) which do. Various operations such as the iptables xt_owner match need access to the "UID of a socket", and do so by following the backpointer to the struct socket. This involves taking sk_callback_lock and doesn't work when there is no socket because userspace has already called close(). Simplify this by adding a sk_uid field to struct sock whose value matches the UID of the corresponding struct socket. The semantics are as follows: 1. Whenever sk_socket is non-null: sk_uid is the same as the UID in sk_socket, i.e., matches the return value of sock_i_uid. Specifically, the UID is set when userspace calls socket(), fchown(), or accept(). 2. When sk_socket is NULL, sk_uid is defined as follows: - For a socket that no longer has a sk_socket because userspace has called close(): the previous UID. - For a cloned socket (e.g., an incoming connection that is established but on which userspace has not yet called accept): the UID of the socket it was cloned from. - For a socket that has never had an sk_socket: UID 0 inside the user namespace corresponding to the network namespace the socket belongs to. Kernel sockets created by sock_create_kern are a special case of #1 and sk_uid is the user that created them. For kernel sockets created at network namespace creation time, such as the per-processor ICMP and TCP sockets, this is the user that created the network namespace. [Backport of net-next 86741ec25462e4c8cdce6df2f41ead05568c7d5e] Bug: 16355602 Change-Id: I73e1a57dfeedf672f4c2dfc9ce6867838b55974b Signed-off-by: Lorenzo Colitti <lorenzo@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org>		2023-02-18 18:37:04 +01:00
..
datagram.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
dev.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
dev_addr_lists.c
drop_monitor.c	net: drop_monitor: fix the value of maxattr	2014-01-15 15:27:10 -08:00
dst.c	net: Document dst->obsolete better.	2020-11-30 19:39:24 +03:00
ethtool.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
fib_rules.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
filter.c	filter: prevent nla extensions to peek beyond the end of the message	2017-04-03 20:07:36 -06:00
flow.c
flow_dissector.c
gen_estimator.c
gen_stats.c
iovec.c	iovec: make sure the caller actually wants anything in memcpy_fromiovecend	2014-08-14 08:42:36 +08:00
kmap_skb.h
link_watch.c
Makefile
neighbour.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
net-sysfs.c
net-sysfs.h
net-traces.c
net_namespace.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
netevent.c
netpoll.c
netprio_cgroup.c
pktgen.c	pktgen: adjust spacing in proc file interface output	2015-10-22 09:20:02 +08:00
request_sock.c
rtnetlink.c	Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1	2017-12-27 17:13:15 +03:00
scm.c	unix: correctly track in-flight fds in sending process user_struct	2017-06-26 16:09:55 +03:00
secure_seq.c	netfilter: ipv6: add IPv6 NAT support	2018-12-07 22:02:09 +04:00
skbuff.c	net: Correctly set segment mac_len in skb_segment().	2014-08-14 08:42:36 +08:00
sock.c	net: core: Add a UID field to struct sock.	2023-02-18 18:37:04 +01:00
sock_diag.c	net: diag: Add the ability to destroy a socket.	2017-12-15 16:50:17 +03:00
stream.c
sysctl_net_core.c	net: avoid to hang up on sending due to sysctl configuration overflow.	2016-03-21 09:17:56 +08:00
timestamping.c
user_dma.c
utils.c	net: core: add function for incremental IPv6 pseudo header checksum updates	2018-12-07 22:02:09 +04:00