From ab2910921064b657610a3b501358a305e13087ea Mon Sep 17 00:00:00 2001 From: Jianjun Kong Date: Mon, 3 Nov 2008 18:23:09 -0800 Subject: net: remove two duplicated #include Removed duplicated #include in net/9p/trans_rdma.c and #include in net/socket.c Signed-off-by: Jianjun Kong Signed-off-by: David S. Miller --- net/socket.c | 1 - 1 file changed, 1 deletion(-) (limited to 'net/socket.c') diff --git a/net/socket.c b/net/socket.c index 2b7a4b5c9b7..d23cdba10d7 100644 --- a/net/socket.c +++ b/net/socket.c @@ -69,7 +69,6 @@ #include #include #include -#include #include #include #include -- cgit v1.2.3-70-g09d2 From 8192b0c482d7078fcdcb4854341b977426f6f09b Mon Sep 17 00:00:00 2001 From: David Howells Date: Fri, 14 Nov 2008 10:39:10 +1100 Subject: CRED: Wrap task credential accesses in the networking subsystem Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells Reviewed-by: James Morris Acked-by: Serge Hallyn Cc: netdev@vger.kernel.org Signed-off-by: James Morris --- include/net/scm.h | 4 ++-- net/core/dev.c | 8 ++++++-- net/core/scm.c | 8 ++++---- net/socket.c | 4 ++-- 4 files changed, 14 insertions(+), 10 deletions(-) (limited to 'net/socket.c') diff --git a/include/net/scm.h b/include/net/scm.h index 06df126103c..f160116db54 100644 --- a/include/net/scm.h +++ b/include/net/scm.h @@ -54,8 +54,8 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm) { struct task_struct *p = current; - scm->creds.uid = p->uid; - scm->creds.gid = p->gid; + scm->creds.uid = current_uid(); + scm->creds.gid = current_gid(); scm->creds.pid = task_tgid_vnr(p); scm->fp = NULL; scm->seq = 0; diff --git a/net/core/dev.c b/net/core/dev.c index d9038e328cc..262df226b3c 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -2958,6 +2958,8 @@ static void dev_change_rx_flags(struct net_device *dev, int flags) static int __dev_set_promiscuity(struct net_device *dev, int inc) { unsigned short old_flags = dev->flags; + uid_t uid; + gid_t gid; ASSERT_RTNL(); @@ -2982,15 +2984,17 @@ static int __dev_set_promiscuity(struct net_device *dev, int inc) printk(KERN_INFO "device %s %s promiscuous mode\n", dev->name, (dev->flags & IFF_PROMISC) ? "entered" : "left"); - if (audit_enabled) + if (audit_enabled) { + current_uid_gid(&uid, &gid); audit_log(current->audit_context, GFP_ATOMIC, AUDIT_ANOM_PROMISCUOUS, "dev=%s prom=%d old_prom=%d auid=%u uid=%u gid=%u ses=%u", dev->name, (dev->flags & IFF_PROMISC), (old_flags & IFF_PROMISC), audit_get_loginuid(current), - current->uid, current->gid, + uid, gid, audit_get_sessionid(current)); + } dev_change_rx_flags(dev, IFF_PROMISC); } diff --git a/net/core/scm.c b/net/core/scm.c index 10f5c65f6a4..4681d8f9b45 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -45,10 +45,10 @@ static __inline__ int scm_check_creds(struct ucred *creds) { if ((creds->pid == task_tgid_vnr(current) || capable(CAP_SYS_ADMIN)) && - ((creds->uid == current->uid || creds->uid == current->euid || - creds->uid == current->suid) || capable(CAP_SETUID)) && - ((creds->gid == current->gid || creds->gid == current->egid || - creds->gid == current->sgid) || capable(CAP_SETGID))) { + ((creds->uid == current_uid() || creds->uid == current_euid() || + creds->uid == current_suid()) || capable(CAP_SETUID)) && + ((creds->gid == current_gid() || creds->gid == current_egid() || + creds->gid == current_sgid()) || capable(CAP_SETGID))) { return 0; } return -EPERM; diff --git a/net/socket.c b/net/socket.c index 57550c3bcab..62c7729527f 100644 --- a/net/socket.c +++ b/net/socket.c @@ -491,8 +491,8 @@ static struct socket *sock_alloc(void) sock = SOCKET_I(inode); inode->i_mode = S_IFSOCK | S_IRWXUGO; - inode->i_uid = current->fsuid; - inode->i_gid = current->fsgid; + inode->i_uid = current_fsuid(); + inode->i_gid = current_fsgid(); get_cpu_var(sockets_in_use)++; put_cpu_var(sockets_in_use); -- cgit v1.2.3-70-g09d2 From 1b08534e562dae7b084326f8aa8cc12a4c1b6593 Mon Sep 17 00:00:00 2001 From: Wei Yongjun Date: Thu, 18 Dec 2008 19:35:10 -0800 Subject: net: Fix module refcount leak in kernel_accept() The kernel_accept() does not hold the module refcount of newsock->ops->owner, so we need __module_get(newsock->ops->owner) code after call kernel_accept() by hand. In sunrpc, the module refcount is missing to hold. So this cause kernel panic. Used following script to reproduct: while [ 1 ]; do mount -t nfs4 192.168.0.19:/ /mnt touch /mnt/file umount /mnt lsmod | grep ipv6 done This patch fixed the problem by add __module_get(newsock->ops->owner) to kernel_accept(). So we do not need to used __module_get(newsock->ops->owner) in every place when used kernel_accept(). Signed-off-by: Wei Yongjun Signed-off-by: David S. Miller --- net/bluetooth/rfcomm/core.c | 2 -- net/socket.c | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) (limited to 'net/socket.c') diff --git a/net/bluetooth/rfcomm/core.c b/net/bluetooth/rfcomm/core.c index ba537fae0a4..ce68e046d96 100644 --- a/net/bluetooth/rfcomm/core.c +++ b/net/bluetooth/rfcomm/core.c @@ -1786,8 +1786,6 @@ static inline void rfcomm_accept_connection(struct rfcomm_session *s) if (err < 0) return; - __module_get(nsock->ops->owner); - /* Set our callbacks */ nsock->sk->sk_data_ready = rfcomm_l2data_ready; nsock->sk->sk_state_change = rfcomm_l2state_change; diff --git a/net/socket.c b/net/socket.c index 92764d83689..76ba80aeac1 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2307,6 +2307,7 @@ int kernel_accept(struct socket *sock, struct socket **newsock, int flags) } (*newsock)->ops = sock->ops; + __module_get((*newsock)->ops->owner); done: return err; -- cgit v1.2.3-70-g09d2