net: core: Add a GID field to struct sock.

hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I7LTRR CVE: NA Reference: https://gitee.com/openeuler/kernel/commit/f6740a11189620e5fd5ec0642c41b00f71b01689 -------------------------------- UID and GID are requested as filters for socketmap, but we can only get UID from sock structure. This patch adds GID field to struct sock as UID. Signed-off-by: N Lu Wei <luwei32@huawei.com> Signed-off-by: N Liu Jian <liujian56@huawei.com> Conflicts: include/net/sock.h net/core/sock.c Signed-off-by: N JofDiamonds <kwb0523@163.com> Reviewed-by: N wuchangye <wuchangye@huawei.com>

net: core: Add a GID field to struct sock.
hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I7LTRR CVE: NA Reference: https://gitee.com/openeuler/kernel/commit/f6740a11189620e5fd5ec0642c41b00f71b01689 -------------------------------- UID and GID are requested as filters for socketmap, but we can only get UID from sock structure. This patch adds GID field to struct sock as UID. Signed-off-by: N Lu Wei <luwei32@huawei.com> Signed-off-by: N Liu Jian <liujian56@huawei.com> Conflicts: include/net/sock.h net/core/sock.c Signed-off-by: N JofDiamonds <kwb0523@163.com> Reviewed-by: N wuchangye <wuchangye@huawei.com>
932c1a8f · JofDiamonds · 5d7f8933 · 932c1a8f · 932c1a8f · 932c1a8f
隐藏空白更改
内联并排

Showing with 17 addition and 2 deletion

include/net/sock.h include/net/sock.h +11 -0

net/core/sock.c net/core/sock.c +2 -0

net/socket.c net/socket.c +4 -2

未找到文件。
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -300,6 +300,7 @@ struct sk_filter;
  *	@sk_ack_backlog: current listen backlog
  *	@sk_max_ack_backlog: listen backlog set in listen()
  *	@sk_uid: user id of owner
+  *	@sk_gid: group id of owner
  *	@sk_prefer_busy_poll: prefer busypolling over softirq processing
  *	@sk_busy_poll_budget: napi processing budget when busypolling
  *	@sk_priority: %SO_PRIORITY setting
@@ -543,6 +544,10 @@ struct sock {
 	struct bpf_local_storage __rcu	*sk_bpf_storage;
 #endif
 	struct rcu_head		sk_rcu;
+	union {
+		kgid_t	sk_gid;
+		u64	sk_gid_padding;
+	};
 	netns_tracker		ns_tracker;
 	struct hlist_node	sk_bind2_node;
 };
@@ -2095,6 +2100,7 @@ static inline void sock_graft(struct sock *sk, struct socket *parent)
 	parent->sk = sk;
 	sk_set_socket(sk, parent);
 	sk->sk_uid = SOCK_INODE(parent)->i_uid;
+	sk->sk_gid = SOCK_INODE(parent)->i_gid;
 	security_sock_graft(sk, parent);
 	write_unlock_bh(&sk->sk_callback_lock);
 }
@@ -2107,6 +2113,11 @@ static inline kuid_t sock_net_uid(const struct net *net, const struct sock *sk)
 	return sk ? sk->sk_uid : make_kuid(net->user_ns, 0);
 }

+static inline kgid_t sock_net_gid(const struct net *net, const struct sock *sk)
+{
+	return sk ? sk->sk_gid : make_kgid(net->user_ns, 0);
+}
+
 static inline u32 net_tx_rndhash(void)
 {
 	u32 v = get_random_u32();

--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -3384,8 +3384,10 @@ void sock_init_data_uid(struct socket *sock, struct sock *sk, kuid_t uid)
 		sk->sk_type	=	sock->type;
 		RCU_INIT_POINTER(sk->sk_wq, &sock->wq);
 		sock->sk	=	sk;
+		sk->sk_gid = SOCK_INODE(sock)->i_gid;
 	} else {
 		RCU_INIT_POINTER(sk->sk_wq, NULL);
+		sk->sk_gid = make_kgid(sock_net(sk)->user_ns, 0);
 	}
 	sk->sk_uid	=	uid;


--- a/net/socket.c
+++ b/net/socket.c
@@ -600,10 +600,12 @@ static int sockfs_setattr(struct mnt_idmap *idmap,
 	if (!err && (iattr->ia_valid & ATTR_UID)) {
 		struct socket *sock = SOCKET_I(d_inode(dentry));

-		if (sock->sk)
+		if (sock->sk) {
 			sock->sk->sk_uid = iattr->ia_uid;
-		else
+			sock->sk->sk_gid = iattr->ia_gid;
+		} else {
 			err = -ENOENT;
+		}
 	}

 	return err;