From patchwork Sat Apr 26 04:48:25 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Colitti X-Patchwork-Id: 343047 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 7E1AF140128 for ; Sat, 26 Apr 2014 14:49:21 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751366AbaDZEtR (ORCPT ); Sat, 26 Apr 2014 00:49:17 -0400 Received: from mail-pb0-f41.google.com ([209.85.160.41]:43889 "EHLO mail-pb0-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751246AbaDZEs6 (ORCPT ); Sat, 26 Apr 2014 00:48:58 -0400 Received: by mail-pb0-f41.google.com with SMTP id rr13so3902165pbb.14 for ; Fri, 25 Apr 2014 21:48:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=C2J+DjH+VrXAmw5bWuCILN3Hb68RioRrh9wBsdTJlqI=; b=HcEsgftyCa8ONZYu/0WiVJxYPvRrWnULgo3V+pZD9i2aqOcaPP/KATooybJr59lhU4 fPEW26GxKA7I+OzVB3NhlcW+psErjQUvCJnOdwBBAtorxmPi1+U4iXf0Z6rTjv2b5YUG JQSYbmRvTgDhAeRmqM6bt2ugFa/4YSHmAxuxSJx3LOE9rDmBvGrRomcMyPP+sQblCZXy VD6R3Qvt0mQ1VUlCJOJ/N0vFXUObzF4yElHkLkGj5cptalkWVYc1oa3dY0z5UyawfK3X a1CWjAVs9ULnDivrQnX1V2Z70HmVpiTAAzQ+i2741IZ2vkGnAYvWYBvUMk+tpZHyk/dk e1Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=C2J+DjH+VrXAmw5bWuCILN3Hb68RioRrh9wBsdTJlqI=; b=f4FyolIDwtjhHoegfoUtndTL9ygfALlzCr7707XCMBLZa5RqROmNPV3TNaxjWq/HDy zhWfj7DXrFlyU3WUwy9Aoti8LwCSFiy9jPj9vwFji1qxvd7bisMpW+Enln84YGs19MZX gFr2cuUJv9q8uYvrf+zs+zLRHTk9VSZ2uKyeMSrZhCNbubdcNnqR/mVa6SLM4QQSlxYt AJDIlsvPfX5FycHkwtfDP4BcQe4p8wzBti17dF1Jl6zJq9/vi0UDcR8BuXqQsbwFofDg yenwvh7uIyCDt42rjnzBJnBxxcP5sk8cKDugiCU6DKuy7F5wauzWpWtln4iV+1pNvBhq RPXA== X-Gm-Message-State: ALoCoQnKXCdkPpaiJoei2fvNzb9DvqsZuqjLp1hGzsI145FQT3jSXuYdBdsNXi3YUh045zvNjIl36M8aWPJLr6hegjgX/GNAldITG4Nim49Xz9EFeCG90280Nq+9BhtctiNRHE5n54o3thcwZ3ZF0aJROi/EGPlpjlJ0zuDqTLFDBEae7Rkvj2HP/WusPNeJo22nm4A+MzzcY4W/XxAaSa0jxUgwqlDKOMvHvrPBmEQ8EvFpG3oqIqk= X-Received: by 10.67.14.98 with SMTP id ff2mr12253748pad.101.1398487737864; Fri, 25 Apr 2014 21:48:57 -0700 (PDT) Received: from flyingsaucer.corp.google.com (softbank126065243124.bbtec.net. [126.65.243.124]) by mx.google.com with ESMTPSA id el14sm49373403pac.31.2014.04.25.21.48.56 for (version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 25 Apr 2014 21:48:57 -0700 (PDT) From: Lorenzo Colitti To: netdev@vger.kernel.org Cc: hannes@stressinduktion.org, davem@davemloft.net, jpa@google.com, Lorenzo Colitti Subject: [RFC net-next 4/4] net: core: Add a RTA_UID attribute to routes. Date: Sat, 26 Apr 2014 13:48:25 +0900 Message-Id: <1398487705-13430-5-git-send-email-lorenzo@google.com> X-Mailer: git-send-email 1.9.1.423.g4596e3a In-Reply-To: <1398487705-13430-1-git-send-email-lorenzo@google.com> References: <1398487705-13430-1-git-send-email-lorenzo@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This is so that userspace can do per-UID route lookups. Signed-off-by: Lorenzo Colitti --- include/uapi/linux/rtnetlink.h | 1 + net/ipv4/fib_frontend.c | 1 + net/ipv4/route.c | 5 +++++ net/ipv6/route.c | 7 +++++++ 4 files changed, 14 insertions(+) diff --git a/include/uapi/linux/rtnetlink.h b/include/uapi/linux/rtnetlink.h index eb0f1a5..01757b7 100644 --- a/include/uapi/linux/rtnetlink.h +++ b/include/uapi/linux/rtnetlink.h @@ -297,6 +297,7 @@ enum rtattr_type_t { RTA_TABLE, RTA_MARK, RTA_MFC_STATS, + RTA_UID, __RTA_MAX }; diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 255aa99..dca307c 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -531,6 +531,7 @@ const struct nla_policy rtm_ipv4_policy[RTA_MAX + 1] = { [RTA_METRICS] = { .type = NLA_NESTED }, [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, [RTA_FLOW] = { .type = NLA_U32 }, + [RTA_UID] = { .type = NLA_U32 }, }; static int rtm_to_fib_config(struct net *net, struct sk_buff *skb, diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 58017b1..57daf60 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2385,6 +2385,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) int err; int mark; struct sk_buff *skb; + kuid_t uid; err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy); if (err < 0) @@ -2412,6 +2413,9 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0; iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0; mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0; + uid = tb[RTA_UID] ? + make_kuid(current_user_ns(), nla_get_u32(tb[RTA_UID])) : + current_uid(); memset(&fl4, 0, sizeof(fl4)); fl4.daddr = dst; @@ -2419,6 +2423,7 @@ static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh) fl4.flowi4_tos = rtm->rtm_tos; fl4.flowi4_oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0; fl4.flowi4_mark = mark; + fl4.flowi4_uid = uid; if (iif) { struct net_device *dev; diff --git a/net/ipv6/route.c b/net/ipv6/route.c index 4011617..75a5d41 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c @@ -2321,6 +2321,7 @@ static const struct nla_policy rtm_ipv6_policy[RTA_MAX+1] = { [RTA_PRIORITY] = { .type = NLA_U32 }, [RTA_METRICS] = { .type = NLA_NESTED }, [RTA_MULTIPATH] = { .len = sizeof(struct rtnexthop) }, + [RTA_UID] = { .type = NLA_U32 }, }; static int rtm_to_fib6_config(struct sk_buff *skb, struct nlmsghdr *nlh, @@ -2707,6 +2708,12 @@ static int inet6_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh) if (tb[RTA_OIF]) oif = nla_get_u32(tb[RTA_OIF]); + if (tb[RTA_UID]) + fl6.flowi6_uid = make_kuid(current_user_ns(), + nla_get_u32(tb[RTA_UID])); + else + fl6.flowi6_uid = current_uid(); + if (iif) { struct net_device *dev; int flags = 0;