net: inet: diag: expose the socket mark to privileged processes.

xiaomi-sm8450/android_kernel_xiaomi_sm8450

This adds the capability for a process that has CAP_NET_ADMIN on
a socket to see the socket mark in socket dumps.

Commit a52e95abf7 ("net: diag: allow socket bytecode filters to
match socket marks") recently gave privileged processes the
ability to filter socket dumps based on mark. This patch is
complementary: it ensures that the mark is also passed to
userspace in the socket's netlink attributes.  It is useful for
tools like ss which display information about sockets.

Tested: https://android-review.googlesource.com/270210
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

This commit is contained in:

Lorenzo Colitti

2016-09-08 00:42:25 +09:00

committed by

David S. Miller

parent 74f13c80e2

commit d545caca82

5 changed files with 56 additions and 28 deletions

									
										1

include/uapi/linux/inet_diag.h
									
												View File
												
				@@ -123,6 +123,7 @@ enum {

					INET_DIAG_LOCALS,

					INET_DIAG_PEERS,

					INET_DIAG_PAD,

					INET_DIAG_MARK,

					__INET_DIAG_MAX,

				};

net: inet: diag: expose the socket mark to privileged processes.

1 include/uapi/linux/inet_diag.h Unescape Escape View File

1

include/uapi/linux/inet_diag.h

View File