mirror of https://gitee.com/openkylin/linux.git
xfrm: Report user triggered expirations against the users socket
When a policy expiration is triggered from user space the request travels through km_policy_expired and ultimately into xfrm_exp_policy_notify which calls build_polexpire. build_polexpire uses the netlink port passed to km_policy_expired as the source port for the netlink message it builds. When a state expiration is triggered from user space the request travles through km_state_expired and ultimately into xfrm_exp_state_notify which calls build_expire. build_expire uses the netlink port passed to km_state_expired as the source port for the netlink message it builds. Pass nlh->nlmsg_pid from the user generated netlink message that requested the expiration to km_policy_expired and km_state_expired instead of current->pid which is not a netlink port number. Cc: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
15e473046c
commit
c6bb8136c9
|
@ -1930,7 +1930,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
|
|||
// reset the timers here?
|
||||
WARN(1, "Dont know what to do with soft policy expire\n");
|
||||
}
|
||||
km_policy_expired(xp, p->dir, up->hard, current->pid);
|
||||
km_policy_expired(xp, p->dir, up->hard, nlh->nlmsg_pid);
|
||||
|
||||
out:
|
||||
xfrm_pol_put(xp);
|
||||
|
@ -1958,7 +1958,7 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
|
|||
err = -EINVAL;
|
||||
if (x->km.state != XFRM_STATE_VALID)
|
||||
goto out;
|
||||
km_state_expired(x, ue->hard, current->pid);
|
||||
km_state_expired(x, ue->hard, nlh->nlmsg_pid);
|
||||
|
||||
if (ue->hard) {
|
||||
uid_t loginuid = audit_get_loginuid(current);
|
||||
|
|
Loading…
Reference in New Issue