net: inet: diag: expose the socket mark to privileged processes.

This adds the capability for a process that has CAP_NET_ADMIN on a socket to see the socket mark in socket dumps. Commit a52e95abf772 ("net: diag: allow socket bytecode filters to match socket marks") recently gave privileged processes the ability to filter socket dumps based on mark. This patch is complementary: it ensures that the mark is also passed to userspace in the socket's netlink attributes. It is useful for tools like ss which display information about sockets. [backport of net-next d545caca827b65aab557a9e9dcdcf1e5a3823c2d] Change-Id: I33336ed9c3ee3fb78fe05c4c47b7fd18c6e33ef1 Tested: https://android-review.googlesource.com/270210 Signed-off-by: Lorenzo Colitti <lorenzo@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Lorenzo Colitti <lorenzo@google.com> 2016-09-08 00:42:25 +0900
committer: Amit Pundir <amit.pundir@linaro.org> 2016-10-12 17:34:22 +0530
commit: 85460b112db6969a2f3b889b241a2ca1a0778f03 (patch)
tree: d1b7ecad10d695299c667b5de0b3c57efcf62c0b /include/uapi/linux
parent: 494cc7175fabc1ea6d3baf945088de18ab9afa8d (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/include/uapi/linux/inet_diag.h b/include/uapi/linux/inet_diag.h
index 35435c348c60..c7f189bd5979 100644
--- a/include/uapi/linux/inet_diag.h
+++ b/include/uapi/linux/inet_diag.h
@@ -120,9 +120,13 @@ enum {
 	INET_DIAG_DCTCPINFO,
 	INET_DIAG_PROTOCOL,  /* response attribute only */
 	INET_DIAG_SKV6ONLY,
+	INET_DIAG_LOCALS,
+	INET_DIAG_PEERS,
+	INET_DIAG_PAD,
+	INET_DIAG_MARK,
 };
 
-#define INET_DIAG_MAX INET_DIAG_SKV6ONLY
+#define INET_DIAG_MAX INET_DIAG_MARK
 
 /* INET_DIAG_MEM */
author	Lorenzo Colitti <lorenzo@google.com>	2016-09-08 00:42:25 +0900
committer	Amit Pundir <amit.pundir@linaro.org>	2016-10-12 17:34:22 +0530
commit	85460b112db6969a2f3b889b241a2ca1a0778f03 (patch)
tree	d1b7ecad10d695299c667b5de0b3c57efcf62c0b /include/uapi/linux
parent	494cc7175fabc1ea6d3baf945088de18ab9afa8d (diff)