Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp740641ybm; Wed, 22 May 2019 10:41:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqy2ytSN2kPz5vGMjlyuoe05LODeGFYZBiWkrKwFoIz4/ahaq1pYp1KpTuxYc+rqDhMNgEzq X-Received: by 2002:a63:1512:: with SMTP id v18mr39988922pgl.69.1558546896114; Wed, 22 May 2019 10:41:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1558546896; cv=none; d=google.com; s=arc-20160816; b=BeuUs9KA34FvsZCOlpET/L2wdxujqWsuLHATrq2/lIiHGGTWjmRibVenw01EMKwMIq 8y4K9DadS/RzdwP1XpuUTbUnfkOFP3t6SI+PH3CZX49wpCJlywNYZKknzNPk+VPS6ZE3 Wh/xCD1oghv5iYzJtgm3Gflday2S5SEw38ExhUyE3AjCFv128DShIKqVuF+O1sbKiW2v ocRxR3q8D0fiVss9YZJldfYFmUYI3QFurd+5QSWkmSjHZkUx0UrD5orT/m3x8z26FCwY iDJSgIxfgqSZ+c/wUyvjV1AXqP/QrfsjXIfx5IhVrpfT928khMnjX5MEfIq1ekWvCKJo /WYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:from:subject:cc:to:message-id:date; bh=tOB8t9T8e4fiN2rT1sd5A4Hj/+zHrkDC9vbJ44F6/d0=; b=09CktYsMfGHvhaCP4g6VHM+TsjSoL+noFHPfvN8aov8fIlKWzfYM11rYKPVN6ZCKH/ KoZMu9VL3Jm2sS04TpMrzbd3yhUhV6aRNnCWjIzDa6FNdHZLsHQ2Px7OVuR40mZqV+FJ WYKfzCxToaVRIERpFtRG6o7kEkFQeQ3WbgmlraG8N6kNGlam7NiU6UDjJw1NRqqxeubz xqT017f5TTVzvftFMD+2MbHoWFg/ZO+VJven+5UlA8dh2SV0kfoWD/07KkB8J/O0Jd55 N7LjdGmCZ2JWnNwPmdBmxRTw7fFz0kNPk6s4CV+O9kf8uUsC2pZzQCSN/tCvH0KVBLLD 4bTg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 95si25979683pld.143.2019.05.22.10.41.20; Wed, 22 May 2019 10:41:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729481AbfEVRg5 (ORCPT + 99 others); Wed, 22 May 2019 13:36:57 -0400 Received: from shards.monkeyblade.net ([23.128.96.9]:59068 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729085AbfEVRg4 (ORCPT ); Wed, 22 May 2019 13:36:56 -0400 Received: from localhost (unknown [IPv6:2601:601:9f80:35cd::3d8]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: davem-davemloft) by shards.monkeyblade.net (Postfix) with ESMTPSA id F2C6615002409; Wed, 22 May 2019 10:36:55 -0700 (PDT) Date: Wed, 22 May 2019 10:36:55 -0700 (PDT) Message-Id: <20190522.103655.1021678724919980639.davem@davemloft.net> To: felipe@felipegasper.com Cc: viro@zeniv.linux.org.uk, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, linux-api@vger.kernel.org Subject: Re: [PATCH v4] net: Add UNIX_DIAG_UID to Netlink UNIX socket diagnostics. From: David Miller In-Reply-To: <20190521004351.23706-1-felipe@felipegasper.com> References: <20190521004351.23706-1-felipe@felipegasper.com> X-Mailer: Mew version 6.8 on Emacs 26.1 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 22 May 2019 10:36:56 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Felipe Gasper Date: Mon, 20 May 2019 19:43:51 -0500 > This adds the ability for Netlink to report a socket's UID along with the > other UNIX diagnostic information that is already available. This will > allow diagnostic tools greater insight into which users control which > socket. > > To test this, do the following as a non-root user: > > unshare -U -r bash > nc -l -U user.socket.$$ & > > .. and verify from within that same session that Netlink UNIX socket > diagnostics report the socket's UID as 0. Also verify that Netlink UNIX > socket diagnostics report the socket's UID as the user's UID from an > unprivileged process in a different session. Verify the same from > a root process. > > Signed-off-by: Felipe Gasper Applied to net-next, thanks.