userns: Print out socket uids in a user namespace aware fashion.

+2 -1

include/net/tcp.h

··· 1509 1509 sa_family_t family; 1510 1510 enum tcp_seq_states state; 1511 1511 struct sock *syn_wait_sk; 1512 - int bucket, offset, sbucket, num, uid; 1512 + int bucket, offset, sbucket, num; 1513 + kuid_t uid; 1513 1514 loff_t last_pos; 1514 1515 }; 1515 1516

-6

init/Kconfig

··· 942 942 depends on PROC_EVENTS = n 943 943 944 944 # Networking 945 - depends on PACKET = n 946 945 depends on NET_9P = n 947 - depends on IPX = n 948 - depends on PHONET = n 949 946 depends on NET_CLS_FLOW = n 950 947 depends on NETFILTER_XT_MATCH_OWNER = n 951 948 depends on NETFILTER_XT_MATCH_RECENT = n ··· 950 953 depends on NETFILTER_NETLINK_LOG = n 951 954 depends on INET = n 952 955 depends on IPV6 = n 953 - depends on IP_SCTP = n 954 956 depends on AF_RXRPC = n 955 - depends on LLC2 = n 956 957 depends on NET_KEY = n 957 958 depends on INET_DIAG = n 958 959 depends on DNS_RESOLVER = n 959 960 depends on AX25 = n 960 - depends on ATALK = n 961 961 962 962 # Filesystems 963 963 depends on USB_GADGETFS = n

+2 -1

net/appletalk/atalk_proc.c

··· 183 183 ntohs(at->dest_net), at->dest_node, at->dest_port, 184 184 sk_wmem_alloc_get(s), 185 185 sk_rmem_alloc_get(s), 186 - s->sk_state, SOCK_INODE(s->sk_socket)->i_uid); 186 + s->sk_state, 187 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s))); 187 188 out: 188 189 return 0; 189 190 }

+3 -1

net/ipv4/ping.c

··· 845 845 bucket, src, srcp, dest, destp, sp->sk_state, 846 846 sk_wmem_alloc_get(sp), 847 847 sk_rmem_alloc_get(sp), 848 - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), 848 + 0, 0L, 0, 849 + from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 850 + 0, sock_i_ino(sp), 849 851 atomic_read(&sp->sk_refcnt), sp, 850 852 atomic_read(&sp->sk_drops), len); 851 853 }

+3 -1

net/ipv4/raw.c

··· 992 992 i, src, srcp, dest, destp, sp->sk_state, 993 993 sk_wmem_alloc_get(sp), 994 994 sk_rmem_alloc_get(sp), 995 - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), 995 + 0, 0L, 0, 996 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 997 + 0, sock_i_ino(sp), 996 998 atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); 997 999 } 998 1000

+3 -3

net/ipv4/tcp_ipv4.c

··· 2382 2382 EXPORT_SYMBOL(tcp_proc_unregister); 2383 2383 2384 2384 static void get_openreq4(const struct sock *sk, const struct request_sock *req, 2385 - struct seq_file *f, int i, int uid, int *len) 2385 + struct seq_file *f, int i, kuid_t uid, int *len) 2386 2386 { 2387 2387 const struct inet_request_sock *ireq = inet_rsk(req); 2388 2388 int ttd = req->expires - jiffies; ··· 2399 2399 1, /* timers active (only the expire timer) */ 2400 2400 jiffies_to_clock_t(ttd), 2401 2401 req->retrans, 2402 - uid, 2402 + from_kuid_munged(seq_user_ns(f), uid), 2403 2403 0, /* non standard timer */ 2404 2404 0, /* open_requests have no inode */ 2405 2405 atomic_read(&sk->sk_refcnt), ··· 2450 2450 timer_active, 2451 2451 jiffies_to_clock_t(timer_expires - jiffies), 2452 2452 icsk->icsk_retransmits, 2453 - sock_i_uid(sk), 2453 + from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)), 2454 2454 icsk->icsk_probes_out, 2455 2455 sock_i_ino(sk), 2456 2456 atomic_read(&sk->sk_refcnt), sk,

+3 -1

net/ipv4/udp.c

··· 2110 2110 bucket, src, srcp, dest, destp, sp->sk_state, 2111 2111 sk_wmem_alloc_get(sp), 2112 2112 sk_rmem_alloc_get(sp), 2113 - 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp), 2113 + 0, 0L, 0, 2114 + from_kuid_munged(seq_user_ns(f), sock_i_uid(sp)), 2115 + 0, sock_i_ino(sp), 2114 2116 atomic_read(&sp->sk_refcnt), sp, 2115 2117 atomic_read(&sp->sk_drops), len); 2116 2118 }

+2 -1

net/ipv6/raw.c

··· 1251 1251 sk_wmem_alloc_get(sp), 1252 1252 sk_rmem_alloc_get(sp), 1253 1253 0, 0L, 0, 1254 - sock_i_uid(sp), 0, 1254 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 1255 + 0, 1255 1256 sock_i_ino(sp), 1256 1257 atomic_read(&sp->sk_refcnt), sp, atomic_read(&sp->sk_drops)); 1257 1258 }

+3 -3

net/ipv6/tcp_ipv6.c

··· 1803 1803 #ifdef CONFIG_PROC_FS 1804 1804 /* Proc filesystem TCPv6 sock list dumping. */ 1805 1805 static void get_openreq6(struct seq_file *seq, 1806 - const struct sock *sk, struct request_sock *req, int i, int uid) 1806 + const struct sock *sk, struct request_sock *req, int i, kuid_t uid) 1807 1807 { 1808 1808 int ttd = req->expires - jiffies; 1809 1809 const struct in6_addr *src = &inet6_rsk(req)->loc_addr; ··· 1827 1827 1, /* timers active (only the expire timer) */ 1828 1828 jiffies_to_clock_t(ttd), 1829 1829 req->retrans, 1830 - uid, 1830 + from_kuid_munged(seq_user_ns(seq), uid), 1831 1831 0, /* non standard timer */ 1832 1832 0, /* open_requests have no inode */ 1833 1833 0, req); ··· 1877 1877 timer_active, 1878 1878 jiffies_to_clock_t(timer_expires - jiffies), 1879 1879 icsk->icsk_retransmits, 1880 - sock_i_uid(sp), 1880 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 1881 1881 icsk->icsk_probes_out, 1882 1882 sock_i_ino(sp), 1883 1883 atomic_read(&sp->sk_refcnt), sp,

+2 -1

net/ipv6/udp.c

··· 1458 1458 sk_wmem_alloc_get(sp), 1459 1459 sk_rmem_alloc_get(sp), 1460 1460 0, 0L, 0, 1461 - sock_i_uid(sp), 0, 1461 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)), 1462 + 0, 1462 1463 sock_i_ino(sp), 1463 1464 atomic_read(&sp->sk_refcnt), sp, 1464 1465 atomic_read(&sp->sk_drops));

+2 -1

net/ipx/ipx_proc.c

··· 217 217 seq_printf(seq, "%08X %08X %02X %03d\n", 218 218 sk_wmem_alloc_get(s), 219 219 sk_rmem_alloc_get(s), 220 - s->sk_state, SOCK_INODE(s->sk_socket)->i_uid); 220 + s->sk_state, 221 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s))); 221 222 out: 222 223 return 0; 223 224 }

+1 -1

net/key/af_key.c

··· 3661 3661 atomic_read(&s->sk_refcnt), 3662 3662 sk_rmem_alloc_get(s), 3663 3663 sk_wmem_alloc_get(s), 3664 - sock_i_uid(s), 3664 + from_kuid_munged(seq_user_ns(f), sock_i_uid(s)), 3665 3665 sock_i_ino(s) 3666 3666 ); 3667 3667 return 0;

+1 -1

net/llc/llc_proc.c

··· 151 151 sk_wmem_alloc_get(sk), 152 152 sk_rmem_alloc_get(sk) - llc->copied_seq, 153 153 sk->sk_state, 154 - sk->sk_socket ? SOCK_INODE(sk->sk_socket)->i_uid : -1, 154 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), 155 155 llc->link); 156 156 out: 157 157 return 0;

+1 -1

net/packet/af_packet.c

··· 3846 3846 po->ifindex, 3847 3847 po->running, 3848 3848 atomic_read(&s->sk_rmem_alloc), 3849 - sock_i_uid(s), 3849 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(s)), 3850 3850 sock_i_ino(s)); 3851 3851 } 3852 3852

+4 -2

net/phonet/socket.c

··· 612 612 sk->sk_protocol, pn->sobject, pn->dobject, 613 613 pn->resource, sk->sk_state, 614 614 sk_wmem_alloc_get(sk), sk_rmem_alloc_get(sk), 615 - sock_i_uid(sk), sock_i_ino(sk), 615 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), 616 + sock_i_ino(sk), 616 617 atomic_read(&sk->sk_refcnt), sk, 617 618 atomic_read(&sk->sk_drops), &len); 618 619 } ··· 797 796 struct sock *sk = *psk; 798 797 799 798 seq_printf(seq, "%02X %5d %lu%n", 800 - (int) (psk - pnres.sk), sock_i_uid(sk), 799 + (int) (psk - pnres.sk), 800 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), 801 801 sock_i_ino(sk), &len); 802 802 } 803 803 seq_printf(seq, "%*s\n", 63 - len, "");

+4 -2

net/sctp/proc.c

··· 216 216 seq_printf(seq, "%8pK %8pK %-3d %-3d %-4d %-5d %5d %5lu ", ep, sk, 217 217 sctp_sk(sk)->type, sk->sk_state, hash, 218 218 epb->bind_addr.port, 219 - sock_i_uid(sk), sock_i_ino(sk)); 219 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), 220 + sock_i_ino(sk)); 220 221 221 222 sctp_seq_dump_local_addrs(seq, epb); 222 223 seq_printf(seq, "\n"); ··· 325 324 assoc->assoc_id, 326 325 assoc->sndbuf_used, 327 326 atomic_read(&assoc->rmem_alloc), 328 - sock_i_uid(sk), sock_i_ino(sk), 327 + from_kuid_munged(seq_user_ns(seq), sock_i_uid(sk)), 328 + sock_i_ino(sk), 329 329 epb->bind_addr.port, 330 330 assoc->peer.port); 331 331 seq_printf(seq, " ");