Commit 5663ac3e authored by Eric Dumazet's avatar Eric Dumazet Committed by Florian Westphal
Browse files

netfilter: nf_log_syslog: no longer acquire sk_callback_lock in nf_log_dump_sk_uid_gid() 



After commit 983512f3 ("net: Drop the lock in skb_may_tx_timestamp()")
from Sebastian Andrzej Siewior, apply the same logic in nf_log_dump_sk_uid_gid()
to avoid touching sk_callback_lock.

Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
parent 1c32b24c

net/netfilter/nf_log_syslog.c

+12 −4
Original line number Diff line number Diff line
@@ -165,18 +165,26 @@ static struct nf_logger nf_arp_logger __read_mostly = { 
static void nf_log_dump_sk_uid_gid(struct net *net, struct nf_log_buf *m,

				   struct sock *sk)

{

	const struct socket *sock;

	const struct file *file;



	if (!sk || !sk_fullsock(sk) || !net_eq(net, sock_net(sk)))

		return;



	read_lock_bh(&sk->sk_callback_lock);

	if (sk->sk_socket && sk->sk_socket->file) {

		const struct cred *cred = sk->sk_socket->file->f_cred;

	/* The sk pointer remains valid as long as the skb is. The sk_socket and

	 * file pointer may become NULL if the socket is closed. Both structures

	 * (including file->cred) are RCU freed which means they can be accessed

	 * within a RCU read section.

	 */

	sock = READ_ONCE(sk->sk_socket);

	file = sock ? READ_ONCE(sock->file) : NULL;

	if (file) {

		const struct cred *cred = file->f_cred;



		nf_log_buf_add(m, "UID=%u GID=%u ",

			       from_kuid_munged(&init_user_ns, cred->fsuid),

			       from_kgid_munged(&init_user_ns, cred->fsgid));

	}

	read_unlock_bh(&sk->sk_callback_lock);

}



static noinline_for_stack int