Message ID | 87pq5xhtky.fsf_-_@xmission.com |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
On 12-09-08 03:17 AM, Eric W. Biederman wrote: > When a policy expiration is triggered from user space the request > travles through km_policy_expired and ultimately into > xfrm_exp_policy_notify which calls build_polexpire. build_polexpire > uses the netlink port passed to km_policy_expired as the source port for > the netlink message it builds. > > When a state expiration is triggered from user space the request travles > through km_state_expired and ultimately into xfrm_exp_state_notify which > calls build_expire. build_expire uses the netlink port passed to > km_state_expired as the source port for the netlink message it builds. > > Pass nlh->nlmsg_pid from the user generated netlink message that > requested the expiration to km_policy_expired and km_state_expired > instead of current->pid which is not a netlink port number. > > Cc: Jamal Hadi Salim <hadi@cyberus.ca> > Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> > I suppose. Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> cheers, jamal -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From: Jamal Hadi Salim <jhs@mojatatu.com> Date: Sat, 08 Sep 2012 07:48:14 -0400 > On 12-09-08 03:17 AM, Eric W. Biederman wrote: >> When a policy expiration is triggered from user space the request >> travles through km_policy_expired and ultimately into >> xfrm_exp_policy_notify which calls build_polexpire. build_polexpire >> uses the netlink port passed to km_policy_expired as the source port >> for >> the netlink message it builds. >> >> When a state expiration is triggered from user space the request >> travles >> through km_state_expired and ultimately into xfrm_exp_state_notify >> which >> calls build_expire. build_expire uses the netlink port passed to >> km_state_expired as the source port for the netlink message it builds. >> >> Pass nlh->nlmsg_pid from the user generated netlink message that >> requested the expiration to km_policy_expired and km_state_expired >> instead of current->pid which is not a netlink port number. >> >> Cc: Jamal Hadi Salim <hadi@cyberus.ca> >> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> >> > > I suppose. > Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Applied to net-next, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 4801c81..c1fbdbf 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -1930,7 +1930,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, // reset the timers here? WARN(1, "Dont know what to do with soft policy expire\n"); } - km_policy_expired(xp, p->dir, up->hard, current->pid); + km_policy_expired(xp, p->dir, up->hard, nlh->nlmsg_pid); out: xfrm_pol_put(xp); @@ -1958,7 +1958,7 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, err = -EINVAL; if (x->km.state != XFRM_STATE_VALID) goto out; - km_state_expired(x, ue->hard, current->pid); + km_state_expired(x, ue->hard, nlh->nlmsg_pid); if (ue->hard) { uid_t loginuid = audit_get_loginuid(current);
When a policy expiration is triggered from user space the request travles through km_policy_expired and ultimately into xfrm_exp_policy_notify which calls build_polexpire. build_polexpire uses the netlink port passed to km_policy_expired as the source port for the netlink message it builds. When a state expiration is triggered from user space the request travles through km_state_expired and ultimately into xfrm_exp_state_notify which calls build_expire. build_expire uses the netlink port passed to km_state_expired as the source port for the netlink message it builds. Pass nlh->nlmsg_pid from the user generated netlink message that requested the expiration to km_policy_expired and km_state_expired instead of current->pid which is not a netlink port number. Cc: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> --- net/xfrm/xfrm_user.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-)