[NETFILTER]: nfnetlink_log: include GID in netlink message
authorPatrick McHardy <kaber@trash.net>
Tue, 18 Dec 2007 06:41:52 +0000 (22:41 -0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 28 Jan 2008 22:59:04 +0000 (14:59 -0800)
Similar to Maciej Soltysiak's ipt_LOG patch, include GID in addition
to UID in netlink message.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/linux/netfilter/nfnetlink_log.h
net/netfilter/nfnetlink_log.c

index 5966afa..a857213 100644 (file)
@@ -47,6 +47,7 @@ enum nfulnl_attr_type {
        NFULA_UID,                      /* user id of socket */
        NFULA_SEQ,                      /* instance-local sequence number */
        NFULA_SEQ_GLOBAL,               /* global sequence number */
+       NFULA_GID,                      /* group id of socket */
 
        __NFULA_MAX
 };
index 950b1f0..5013cb9 100644 (file)
@@ -467,9 +467,11 @@ __build_packet_message(struct nfulnl_instance *inst,
                read_lock_bh(&skb->sk->sk_callback_lock);
                if (skb->sk->sk_socket && skb->sk->sk_socket->file) {
                        __be32 uid = htonl(skb->sk->sk_socket->file->f_uid);
+                       __be32 gid = htons(skb->sk->sk_socket->file->f_gid);
                        /* need to unlock here since NLA_PUT may goto */
                        read_unlock_bh(&skb->sk->sk_callback_lock);
                        NLA_PUT_BE32(inst->skb, NFULA_UID, uid);
+                       NLA_PUT_BE32(inst->skb, NFULA_GID, gid);
                } else
                        read_unlock_bh(&skb->sk->sk_callback_lock);
        }
@@ -564,6 +566,7 @@ nfulnl_log_packet(unsigned int pf,
 #endif
                + nla_total_size(sizeof(u_int32_t))     /* mark */
                + nla_total_size(sizeof(u_int32_t))     /* uid */
+               + nla_total_size(sizeof(u_int32_t))     /* gid */
                + nla_total_size(plen)                  /* prefix */
                + nla_total_size(sizeof(struct nfulnl_msg_packet_hw))
                + nla_total_size(sizeof(struct nfulnl_msg_packet_timestamp));