Skip to content
Commit a08846c6 authored by Maciej Żenczykowski's avatar Maciej Żenczykowski
Browse files

netd.c: handle overflowuid in bpf_owner_match() 



Linux kernel implementation is:

sock* sk_to_full_sk(sk):
  return (sk && sk->sk_state == TCP_NEW_SYN_RECV) ? inet_reqsk(sk)->rsk_listener : sk;

bool sk_fullsock(sk):
  return (1 << sk->sk_state) & ~(TCPF_TIME_WAIT | TCPF_NEW_SYN_RECV)

u32 bpf_get_socket_uid(skb):
  sk = sk_to_full_sk(skb->sk);
  if (!sk || !sk_fullsock(sk)) return overflowuid;
  kuid = sock_net_uid(sock_net(sk), sk);
  return from_kuid_munged(sock_net(sk)->user_ns, kuid);

u64 bpf_get_socket_cookie(skb):
  return skb->sk ? __sock_gen_cookie(skb->sk) : 0

Test: TreeHugger
Signed-off-by: default avatarMaciej Żenczykowski <maze@google.com>
Change-Id: I0f9c2ffc24821068ebd2e5712789ff68aa196c48
parent b8ad2428
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment