From: Lu Wei luwei32@huawei.com
hulk inclusion category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I8KU3B CVE: NA
--------------------------------
UID and GID are requested as filters for socketmap, but we can only get UID from sock structure. This patch adds GID field to struct sock as UID.
Signed-off-by: Lu Wei luwei32@huawei.com Signed-off-by: Zhengchao Shao shaozhengchao@huawei.com --- include/net/sock.h | 18 ++++++++++++++++++ net/Kconfig | 7 +++++++ net/core/sock.c | 6 ++++++ net/socket.c | 8 ++++++-- 4 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/include/net/sock.h b/include/net/sock.h index c86845136ec5..ea3ef223a942 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -300,6 +300,7 @@ struct sk_filter; * @sk_ack_backlog: current listen backlog * @sk_max_ack_backlog: listen backlog set in listen() * @sk_uid: user id of owner + * @sk_gid: group id of owner * @sk_prefer_busy_poll: prefer busypolling over softirq processing * @sk_busy_poll_budget: napi processing budget when busypolling * @sk_priority: %SO_PRIORITY setting @@ -545,6 +546,13 @@ struct sock { struct rcu_head sk_rcu; netns_tracker ns_tracker; struct hlist_node sk_bind2_node; + +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + union { + kgid_t sk_gid; + u64 sk_gid_padding; + }; +#endif };
enum sk_pacing { @@ -2117,6 +2125,9 @@ static inline void sock_graft(struct sock *sk, struct socket *parent) parent->sk = sk; sk_set_socket(sk, parent); sk->sk_uid = SOCK_INODE(parent)->i_uid; +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + sk->sk_gid = SOCK_INODE(parent)->i_gid; +#endif security_sock_graft(sk, parent); write_unlock_bh(&sk->sk_callback_lock); } @@ -2130,6 +2141,13 @@ static inline kuid_t sock_net_uid(const struct net *net, const struct sock *sk) return sk ? sk->sk_uid : make_kuid(net->user_ns, 0); }
+#if IS_ENABLED(CONFIG_NETACC_TERRACE) +static inline kgid_t sock_net_gid(const struct net *net, const struct sock *sk) +{ + return sk ? sk->sk_gid : make_kgid(net->user_ns, 0); +} +#endif + static inline u32 net_tx_rndhash(void) { u32 v = get_random_u32(); diff --git a/net/Kconfig b/net/Kconfig index 7fbd17e188a5..c976c72de26b 100644 --- a/net/Kconfig +++ b/net/Kconfig @@ -514,4 +514,11 @@ config NETACC_BPF help Network acceleration in bpf.
+config NETACC_TERRACE + bool "Terrace Service Acceleration" + default y + help + Accelerating intra-node communication on the data plane of the + Terrace service. + endif # if NET diff --git a/net/core/sock.c b/net/core/sock.c index bfaf47b3f3c7..c77326a07906 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -3426,8 +3426,14 @@ void sock_init_data_uid(struct socket *sock, struct sock *sk, kuid_t uid) sk->sk_type = sock->type; RCU_INIT_POINTER(sk->sk_wq, &sock->wq); sock->sk = sk; +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + sk->sk_gid = SOCK_INODE(sock)->i_gid; +#endif } else { RCU_INIT_POINTER(sk->sk_wq, NULL); +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + sk->sk_gid = make_kgid(sock_net(sk)->user_ns, 0); +#endif } sk->sk_uid = uid;
diff --git a/net/socket.c b/net/socket.c index c4a6f5532955..84d42997abaf 100644 --- a/net/socket.c +++ b/net/socket.c @@ -604,10 +604,14 @@ static int sockfs_setattr(struct mnt_idmap *idmap, if (!err && (iattr->ia_valid & ATTR_UID)) { struct socket *sock = SOCKET_I(d_inode(dentry));
- if (sock->sk) + if (sock->sk) { sock->sk->sk_uid = iattr->ia_uid; - else +#if IS_ENABLED(CONFIG_NETACC_TERRACE) + sock->sk->sk_gid = iattr->ia_gid; +#endif + } else { err = -ENOENT; + } }
return err;