Commit 76aa1ce1 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: nfnetlink_log: include GID in netlink message

Similar to Maciej Soltysiak's ipt_LOG patch, include GID in addition
to UID in netlink message.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 0dfedd28
...@@ -47,6 +47,7 @@ enum nfulnl_attr_type { ...@@ -47,6 +47,7 @@ enum nfulnl_attr_type {
NFULA_UID, /* user id of socket */ NFULA_UID, /* user id of socket */
NFULA_SEQ, /* instance-local sequence number */ NFULA_SEQ, /* instance-local sequence number */
NFULA_SEQ_GLOBAL, /* global sequence number */ NFULA_SEQ_GLOBAL, /* global sequence number */
NFULA_GID, /* group id of socket */
__NFULA_MAX __NFULA_MAX
}; };
......
...@@ -467,9 +467,11 @@ __build_packet_message(struct nfulnl_instance *inst, ...@@ -467,9 +467,11 @@ __build_packet_message(struct nfulnl_instance *inst,
read_lock_bh(&skb->sk->sk_callback_lock); read_lock_bh(&skb->sk->sk_callback_lock);
if (skb->sk->sk_socket && skb->sk->sk_socket->file) { if (skb->sk->sk_socket && skb->sk->sk_socket->file) {
__be32 uid = htonl(skb->sk->sk_socket->file->f_uid); __be32 uid = htonl(skb->sk->sk_socket->file->f_uid);
__be32 gid = htons(skb->sk->sk_socket->file->f_gid);
/* need to unlock here since NLA_PUT may goto */ /* need to unlock here since NLA_PUT may goto */
read_unlock_bh(&skb->sk->sk_callback_lock); read_unlock_bh(&skb->sk->sk_callback_lock);
NLA_PUT_BE32(inst->skb, NFULA_UID, uid); NLA_PUT_BE32(inst->skb, NFULA_UID, uid);
NLA_PUT_BE32(inst->skb, NFULA_GID, gid);
} else } else
read_unlock_bh(&skb->sk->sk_callback_lock); read_unlock_bh(&skb->sk->sk_callback_lock);
} }
...@@ -564,6 +566,7 @@ nfulnl_log_packet(unsigned int pf, ...@@ -564,6 +566,7 @@ nfulnl_log_packet(unsigned int pf,
#endif #endif
+ nla_total_size(sizeof(u_int32_t)) /* mark */ + nla_total_size(sizeof(u_int32_t)) /* mark */
+ nla_total_size(sizeof(u_int32_t)) /* uid */ + nla_total_size(sizeof(u_int32_t)) /* uid */
+ nla_total_size(sizeof(u_int32_t)) /* gid */
+ nla_total_size(plen) /* prefix */ + nla_total_size(plen) /* prefix */
+ nla_total_size(sizeof(struct nfulnl_msg_packet_hw)) + nla_total_size(sizeof(struct nfulnl_msg_packet_hw))
+ nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp)); + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment