From: JP Abgrall Date: Tue, 9 Aug 2011 18:53:11 +0000 (-0700) Subject: netfilter: xt_qtaguid: recognize IPV6 interfaces. root is procfs privileged. X-Git-Tag: firefly_0821_release~7613^2~364 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=f3d9cdd92a341c10bf277a2b84403e7041519251;p=firefly-linux-kernel-4.4.55.git netfilter: xt_qtaguid: recognize IPV6 interfaces. root is procfs privileged. * Allow tracking interfaces that only have an ipv6 address. Deal with ipv6 notifier chains that do NETDEV_UP without the rtnl_lock() * Allow root all access to procfs ctrl/stats. To disable all checks: echo 0 > /sys/module/xt_qtaguid/parameters/ctrl_write_gid echo 0 > /sys/module/xt_qtaguid/parameters/stats_readall_gid * Add CDEBUG define to enable pr_debug output specific to procfs ctrl/stats access. Change-Id: I9a469511d92fe42734daff6ea2326701312a161b Signed-off-by: JP Abgrall --- diff --git a/net/netfilter/xt_qtaguid.c b/net/netfilter/xt_qtaguid.c index 842d4d763e1e..b04b4710574e 100644 --- a/net/netfilter/xt_qtaguid.c +++ b/net/netfilter/xt_qtaguid.c @@ -8,15 +8,11 @@ * published by the Free Software Foundation. */ -/* - * TODO: support ipv6 for iface_stat. - * Currently if an iface is only v6 it will not have stats collected. - */ - /* #define DEBUG */ /* #define IDEBUG */ /* #define MDEBUG */ /* #define RDEBUG */ +/* #define CDEBUG */ /* Iface handling */ #ifdef IDEBUG @@ -36,6 +32,12 @@ #else #define RB_DEBUG(...) no_printk(__VA_ARGS__) #endif +/* procfs ctrl/stats handling */ +#ifdef CDEBUG +#define CT_DEBUG(...) pr_debug(__VA_ARGS__) +#else +#define CT_DEBUG(...) no_printk(__VA_ARGS__) +#endif #include #include @@ -44,6 +46,7 @@ #include #include #include +#include #include #include #include @@ -200,8 +203,14 @@ struct iface_stat { static LIST_HEAD(iface_stat_list); static DEFINE_SPINLOCK(iface_stat_list_lock); +/* This is needed to create proc_dir_entries from atomic context. */ +struct iface_stat_work { + struct work_struct iface_work; + struct iface_stat *iface_entry; +}; + /* - * Track tag that this socket is transferring data for, and not necesseraly + * Track tag that this socket is transferring data for, and not necessarily * the uid that owns the socket. * This is the tag against which tag_stat.counters will be billed. */ @@ -450,7 +459,10 @@ static int get_active_counter_set(tag_t tag) return active_set; } -/* Find the entry for tracking the specified interface. */ +/* + * Find the entry for tracking the specified interface. + * Caller must hold iface_stat_list_lock + */ static struct iface_stat *get_iface_entry(const char *ifname) { struct iface_stat *iface_entry; @@ -463,70 +475,139 @@ static struct iface_stat *get_iface_entry(const char *ifname) /* Iterate over interfaces */ - spin_lock_bh(&iface_stat_list_lock); list_for_each_entry(iface_entry, &iface_stat_list, list) { if (!strcmp(ifname, iface_entry->ifname)) goto done; } iface_entry = NULL; done: - spin_unlock_bh(&iface_stat_list_lock); return iface_entry; } +static void iface_create_proc_worker(struct work_struct *work) +{ + struct proc_dir_entry *proc_entry; + struct iface_stat_work *isw = container_of(work, struct iface_stat_work, + iface_work); + struct iface_stat *new_iface = isw->iface_entry; + + /* iface_entries are not deleted, so safe to manipulate. */ + proc_entry = proc_mkdir(new_iface->ifname, iface_stat_procdir); + if (IS_ERR_OR_NULL(proc_entry)) { + pr_err("qtaguid: iface_stat: create_proc(): alloc failed.\n"); + kfree(isw); + return; + } + + new_iface->proc_ptr = proc_entry; + + create_proc_read_entry("tx_bytes", proc_iface_perms, proc_entry, + read_proc_u64, &new_iface->tx_bytes); + create_proc_read_entry("rx_bytes", proc_iface_perms, proc_entry, + read_proc_u64, &new_iface->rx_bytes); + create_proc_read_entry("tx_packets", proc_iface_perms, proc_entry, + read_proc_u64, &new_iface->tx_packets); + create_proc_read_entry("rx_packets", proc_iface_perms, proc_entry, + read_proc_u64, &new_iface->rx_packets); + create_proc_read_entry("active", proc_iface_perms, proc_entry, + read_proc_bool, &new_iface->active); + + IF_DEBUG("qtaguid: iface_stat: create_proc(): done " + "entry=%p dev=%s\n", new_iface, new_iface->ifname); + kfree(isw); +} + +/* Caller must hold iface_stat_list_lock */ +static struct iface_stat *iface_alloc(const char *ifname) +{ + struct iface_stat *new_iface; + struct iface_stat_work *isw; + + new_iface = kzalloc(sizeof(*new_iface), GFP_ATOMIC); + if (new_iface == NULL) { + pr_err("qtaguid: iface_stat: create(): failed to alloc iface_stat\n"); + return NULL; + } + new_iface->ifname = kstrdup(ifname, GFP_ATOMIC); + if (new_iface->ifname == NULL) { + pr_err("qtaguid: iface_stat: create(): failed to alloc ifname\n"); + kfree(new_iface); + return NULL; + } + spin_lock_init(&new_iface->tag_stat_list_lock); + new_iface->active = true; + new_iface->tag_stat_tree = RB_ROOT; + + /* + * ipv6 notifier chains are atomic :( + * No create_proc_read_entry() for you! + */ + isw = kmalloc(sizeof(*isw), GFP_ATOMIC); + if (!isw) { + pr_err("qtaguid: iface_stat: create(): " + "failed to alloc work for %s\n", new_iface->ifname); + kfree(new_iface->ifname); + kfree(new_iface); + return NULL; + } + isw->iface_entry = new_iface; + INIT_WORK(&isw->iface_work, iface_create_proc_worker); + schedule_work(&isw->iface_work); + list_add(&new_iface->list, &iface_stat_list); + return new_iface; +} + /* * Create a new entry for tracking the specified interface. * Do nothing if the entry already exists. * Called when an interface is configured with a valid IP address. */ -void iface_stat_create(const struct net_device *net_dev) +void iface_stat_create(const struct net_device *net_dev, + struct in_ifaddr *ifa) { - struct in_device *in_dev; - struct iface_stat *new_iface; - struct proc_dir_entry *proc_entry; + struct in_device *in_dev = NULL; const char *ifname; struct iface_stat *entry; __be32 ipaddr = 0; - struct in_ifaddr *ifa = NULL; - - ASSERT_RTNL(); /* No need for separate locking */ + struct iface_stat *new_iface; - IF_DEBUG("qtaguid: iface_stat: create(): netdev=%p->name=%s\n", - net_dev, net_dev ? net_dev->name : ""); + IF_DEBUG("qtaguid: iface_stat: create(): ifa=%p netdev=%p->name=%s\n", + ifa, net_dev, net_dev ? net_dev->name : ""); if (!net_dev) { pr_err("qtaguid: iface_stat: create(): no net dev!\n"); return; } - in_dev = __in_dev_get_rtnl(net_dev); - if (!in_dev) { - pr_err("qtaguid: iface_stat: create(): no inet dev!\n"); - return; - } - - IF_DEBUG("qtaguid: iface_stat: create(): in_dev=%p\n", in_dev); ifname = net_dev->name; - IF_DEBUG("qtaguid: iface_stat: create(): ifname=%p\n", ifname); - for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { - IF_DEBUG("qtaguid: iface_stat: create(): for(): " - "ifa=%p ifname=%p\n", ifa, ifname); - IF_DEBUG("qtaguid: iface_stat: create(): " - "ifname=%s ifa_label=%s\n", - ifname, ifa->ifa_label ? ifa->ifa_label : "(null)"); - if (ifa->ifa_label && !strcmp(ifname, ifa->ifa_label)) - break; + if (!ifa) { + in_dev = in_dev_get(net_dev); + if (!in_dev) { + pr_err("qtaguid: iface_stat: create(): " + "no inet dev for %s!\n", ifname); + return; + } + IF_DEBUG("qtaguid: iface_stat: create(): in_dev=%p ifname=%p\n", + in_dev, ifname); + for (ifa = in_dev->ifa_list; ifa; ifa = ifa->ifa_next) { + IF_DEBUG("qtaguid: iface_stat: create(): " + "ifa=%p ifname=%s ifa_label=%s\n", + ifa, ifname, + ifa->ifa_label ? ifa->ifa_label : "(null)"); + if (ifa->ifa_label && !strcmp(ifname, ifa->ifa_label)) + break; + } } - if (ifa) { - ipaddr = ifa->ifa_local; - } else { + if (!ifa) { IF_DEBUG("qtaguid: iface_stat: create(): " "dev %s has no matching IP\n", ifname); - return; + goto done_put; } + ipaddr = ifa->ifa_local; - entry = get_iface_entry(net_dev->name); + spin_lock_bh(&iface_stat_list_lock); + entry = get_iface_entry(ifname); if (entry != NULL) { IF_DEBUG("qtaguid: iface_stat: create(): dev %s entry=%p\n", ifname, entry); @@ -541,49 +622,91 @@ void iface_stat_create(const struct net_device *net_dev) "enable tracking of dev %s with ip=%pI4\n", ifname, &ipaddr); } - return; + goto done_unlock_put; } else if (ipv4_is_loopback(ipaddr)) { IF_DEBUG("qtaguid: iface_stat: create(): ignore loopback dev %s" " ip=%pI4\n", ifname, &ipaddr); - return; + goto done_unlock_put; } - new_iface = kzalloc(sizeof(*new_iface), GFP_KERNEL); - if (new_iface == NULL) { - pr_err("qtaguid: iface_stat: create(): failed to alloc iface_stat\n"); + new_iface = iface_alloc(ifname); + IF_DEBUG("qtaguid: iface_stat: create(): done " + "entry=%p dev=%s ip=%pI4\n", new_iface, ifname, &ipaddr); + +done_unlock_put: + spin_unlock_bh(&iface_stat_list_lock); +done_put: + if (in_dev) + in_dev_put(in_dev); +} + +void iface_stat_create_ipv6(const struct net_device *net_dev, + struct inet6_ifaddr *ifa) +{ + struct in_device *in_dev; + const char *ifname; + struct iface_stat *entry; + struct iface_stat *new_iface; + int addr_type; + + IF_DEBUG("qtaguid: iface_stat: create6(): ifa=%p netdev=%p->name=%s\n", + ifa, net_dev, net_dev ? net_dev->name : ""); + if (!net_dev) { + pr_err("qtaguid: iface_stat: create6(): no net dev!\n"); return; } - new_iface->ifname = kstrdup(ifname, GFP_KERNEL); - if (new_iface->ifname == NULL) { - pr_err("qtaguid: iface_stat: create(): failed to alloc ifname\n"); - kfree(new_iface); + ifname = net_dev->name; + + in_dev = in_dev_get(net_dev); + if (!in_dev) { + pr_err("qtaguid: iface_stat: create6(): no inet dev for %s!\n", + ifname); return; } - spin_lock_init(&new_iface->tag_stat_list_lock); - new_iface->active = true; + IF_DEBUG("qtaguid: iface_stat: create6(): in_dev=%p ifname=%p\n", + in_dev, ifname); + + if (!ifa) { + IF_DEBUG("qtaguid: iface_stat: create6(): " + "dev %s has no matching IP\n", + ifname); + goto done_put; + } + addr_type = ipv6_addr_type(&ifa->addr); - new_iface->tag_stat_tree = RB_ROOT; spin_lock_bh(&iface_stat_list_lock); - list_add(&new_iface->list, &iface_stat_list); - spin_unlock_bh(&iface_stat_list_lock); + entry = get_iface_entry(ifname); + if (entry != NULL) { + IF_DEBUG("qtaguid: iface_stat: create6(): dev %s entry=%p\n", + ifname, entry); + if (addr_type & IPV6_ADDR_LOOPBACK) { + entry->active = false; + IF_DEBUG("qtaguid: iface_stat: create6(): " + "disable tracking of loopback dev %s\n", + ifname); + } else { + entry->active = true; + IF_DEBUG("qtaguid: iface_stat: create6(): " + "enable tracking of dev %s with ip=%pI6c\n", + ifname, &ifa->addr); + } + goto done_unlock_put; + } else if (addr_type & IPV6_ADDR_LOOPBACK) { + IF_DEBUG("qtaguid: iface_stat: create6(): " + "ignore loopback dev %s ip=%pI6c\n", + ifname, &ifa->addr); + goto done_unlock_put; + } - proc_entry = proc_mkdir(ifname, iface_stat_procdir); - new_iface->proc_ptr = proc_entry; + new_iface = iface_alloc(ifname); + IF_DEBUG("qtaguid: iface_stat: create6(): done " + "entry=%p dev=%s ip=%pI6c\n", new_iface, ifname, &ifa->addr); - create_proc_read_entry("tx_bytes", proc_iface_perms, proc_entry, - read_proc_u64, &new_iface->tx_bytes); - create_proc_read_entry("rx_bytes", proc_iface_perms, proc_entry, - read_proc_u64, &new_iface->rx_bytes); - create_proc_read_entry("tx_packets", proc_iface_perms, proc_entry, - read_proc_u64, &new_iface->tx_packets); - create_proc_read_entry("rx_packets", proc_iface_perms, proc_entry, - read_proc_u64, &new_iface->rx_packets); - create_proc_read_entry("active", proc_iface_perms, proc_entry, - read_proc_bool, &new_iface->active); - - IF_DEBUG("qtaguid: iface_stat: create(): done " - "entry=%p dev=%s ip=%pI4\n", new_iface, ifname, &ipaddr); +done_unlock_put: + spin_unlock_bh(&iface_stat_list_lock); +done_put: + in_dev_put(in_dev); } static struct sock_tag *get_sock_stat_nl(const struct sock *sk) @@ -632,13 +755,14 @@ static void iface_stat_update(struct net_device *dev) { struct rtnl_link_stats64 dev_stats, *stats; struct iface_stat *entry; - stats = dev_get_stats(dev, &dev_stats); - ASSERT_RTNL(); + stats = dev_get_stats(dev, &dev_stats); + spin_lock_bh(&iface_stat_list_lock); entry = get_iface_entry(dev->name); if (entry == NULL) { IF_DEBUG("qtaguid: iface_stat: dev %s monitor not found\n", dev->name); + spin_unlock_bh(&iface_stat_list_lock); return; } if (entry->active) { @@ -653,6 +777,7 @@ static void iface_stat_update(struct net_device *dev) IF_DEBUG("qtaguid: iface_stat: Did not update stats for " "dev %s which went down\n", dev->name); } + spin_unlock_bh(&iface_stat_list_lock); } static void tag_stat_update(struct tag_stat *tag_entry, @@ -715,10 +840,7 @@ static void if_tag_stat_update(const char *ifname, uid_t uid, pr_err("qtaguid: iface_stat: interface %s not found\n", ifname); return; } - /* - * else { If the iface_entry becomes inactive, it is still ok - * to process the data. } - */ + /* It is ok to process data when an iface_entry is inactive */ MT_DEBUG("qtaguid: iface_stat: stat_update() got entry=%p\n", iface_entry); @@ -797,7 +919,7 @@ static int iface_netdev_event_handler(struct notifier_block *nb, case NETDEV_CHANGEADDR: /* MAC addr change */ case NETDEV_CHANGENAME: case NETDEV_FEAT_CHANGE: /* Might be usefull when cell type changes */ - iface_stat_create(dev); + iface_stat_create(dev, NULL); break; case NETDEV_UNREGISTER: iface_stat_update(dev); @@ -806,23 +928,47 @@ static int iface_netdev_event_handler(struct notifier_block *nb, return NOTIFY_DONE; } -static int iface_inetaddr_event_handler(struct notifier_block *nb, - unsigned long event, void *ptr) { +static int iface_inet6addr_event_handler(struct notifier_block *nb, + unsigned long event, void *ptr) +{ + struct inet6_ifaddr *ifa = ptr; + struct net_device *dev; + + if (unlikely(module_passive)) + return NOTIFY_DONE; + + IF_DEBUG("qtaguid: iface_stat: inet6addr_event(): " + "ev=0x%lx ifa=%p\n", + event, ifa); + + switch (event) { + case NETDEV_UP: + BUG_ON(!ifa || !ifa->idev); + dev = (struct net_device *)ifa->idev->dev; + iface_stat_create_ipv6(dev, ifa); + break; + } + return NOTIFY_DONE; +} +static int iface_inetaddr_event_handler(struct notifier_block *nb, + unsigned long event, void *ptr) +{ struct in_ifaddr *ifa = ptr; - struct in_device *in_dev = ifa->ifa_dev; - struct net_device *dev = in_dev->dev; + struct net_device *dev; if (unlikely(module_passive)) return NOTIFY_DONE; IF_DEBUG("qtaguid: iface_stat: inetaddr_event(): " - "ev=0x%lx netdev=%p->name=%s\n", - event, dev, dev ? dev->name : ""); + "ev=0x%lx ifa=%p\n", + event, ifa); switch (event) { case NETDEV_UP: - iface_stat_create(dev); + BUG_ON(!ifa || !ifa->ifa_dev); + dev = ifa->ifa_dev->dev; + iface_stat_create(dev, ifa); break; } return NOTIFY_DONE; @@ -836,6 +982,10 @@ static struct notifier_block iface_inetaddr_notifier_blk = { .notifier_call = iface_inetaddr_event_handler, }; +static struct notifier_block iface_inet6addr_notifier_blk = { + .notifier_call = iface_inet6addr_event_handler, +}; + static int __init iface_stat_init(struct proc_dir_entry *parent_procdir) { int err; @@ -849,15 +999,25 @@ static int __init iface_stat_init(struct proc_dir_entry *parent_procdir) err = register_netdevice_notifier(&iface_netdev_notifier_blk); if (err) { pr_err("qtaguid: iface_stat: failed to register dev event handler\n"); - goto err_unreg_nd; + goto err_zap_entry; } err = register_inetaddr_notifier(&iface_inetaddr_notifier_blk); if (err) { - pr_err("qtaguid: iface_stat: failed to register dev event handler\n"); - goto err_zap_entry; + pr_err("qtaguid: iface_stat: " + "failed to register ipv4 dev event handler\n"); + goto err_unreg_nd; + } + + err = register_inet6addr_notifier(&iface_inet6addr_notifier_blk); + if (err) { + pr_err("qtaguid: iface_stat: " + "failed to register ipv6 dev event handler\n"); + goto err_unreg_ip4_addr; } return 0; +err_unreg_ip4_addr: + unregister_inetaddr_notifier(&iface_inetaddr_notifier_blk); err_unreg_nd: unregister_netdevice_notifier(&iface_netdev_notifier_blk); err_zap_entry: @@ -1082,7 +1242,7 @@ static int qtaguid_ctrl_proc_read(char *page, char **num_items_returned, return 0; } - pr_debug("qtaguid: proc ctrl page=%p off=%ld char_count=%d *eof=%d\n", + CT_DEBUG("qtaguid: proc ctrl page=%p off=%ld char_count=%d *eof=%d\n", page, items_to_skip, char_count, *eof); if (*eof) @@ -1096,7 +1256,7 @@ static int qtaguid_ctrl_proc_read(char *page, char **num_items_returned, continue; sock_tag_entry = rb_entry(node, struct sock_tag, node); uid = get_uid_from_tag(sock_tag_entry->tag); - pr_debug("qtaguid: proc_read(): sk=%p tag=0x%llx (uid=%d)\n", + CT_DEBUG("qtaguid: proc_read(): sk=%p tag=0x%llx (uid=%d)\n", sock_tag_entry->sk, sock_tag_entry->tag, uid); @@ -1119,7 +1279,9 @@ static int qtaguid_ctrl_proc_read(char *page, char **num_items_returned, static bool can_manipulate_uids(void) { - return !proc_ctrl_write_gid || in_egroup_p(proc_ctrl_write_gid); + /* root pwnd */ + return unlikely(!current_fsuid()) || unlikely(!proc_ctrl_write_gid) + || in_egroup_p(proc_ctrl_write_gid); } static bool can_impersonate_uid(uid_t uid) @@ -1129,7 +1291,9 @@ static bool can_impersonate_uid(uid_t uid) static bool can_read_other_uid_stats(uid_t uid) { - return uid == current_fsuid() || !proc_ctrl_write_gid + /* root pwnd */ + return unlikely(!current_fsuid()) || uid == current_fsuid() + || unlikely(!proc_stats_readall_gid) || in_egroup_p(proc_stats_readall_gid); } @@ -1151,9 +1315,9 @@ static int ctrl_cmd_delete(const char *input) struct tag_stat *ts_entry; struct tag_counter_set *tcs_entry; - pr_debug("qtaguid: ctrl_delete(%s): entered\n", input); + CT_DEBUG("qtaguid: ctrl_delete(%s): entered\n", input); argc = sscanf(input, "%c %llu %u", &cmd, &acct_tag, &uid); - pr_debug("qtaguid: ctrl_delete(%s): argc=%d cmd=%c " + CT_DEBUG("qtaguid: ctrl_delete(%s): argc=%d cmd=%c " "acct_tag=0x%llx uid=%u\n", input, argc, cmd, acct_tag, uid); if (argc < 2) { @@ -1185,7 +1349,7 @@ static int ctrl_cmd_delete(const char *input) continue; if (!acct_tag || st_entry->tag == tag) { - pr_debug("qtaguid: ctrl_delete(): " + CT_DEBUG("qtaguid: ctrl_delete(): " "erase st: sk=%p tag=0x%llx (uid=%d)\n", st_entry->sk, st_entry->tag, @@ -1202,7 +1366,7 @@ static int ctrl_cmd_delete(const char *input) spin_lock_bh(&tag_counter_set_list_lock); tcs_entry = tag_counter_set_tree_search(&tag_counter_set_tree, tag); if (tcs_entry) { - pr_debug("qtaguid: ctrl_delete(): " + CT_DEBUG("qtaguid: ctrl_delete(): " "erase tcs: tag=0x%llx (uid=%d) set=%d\n", tcs_entry->tn.tag, get_uid_from_tag(tcs_entry->tn.tag), @@ -1218,7 +1382,6 @@ static int ctrl_cmd_delete(const char *input) */ spin_lock_bh(&iface_stat_list_lock); list_for_each_entry(iface_entry, &iface_stat_list, list) { - spin_lock_bh(&iface_entry->tag_stat_list_lock); node = rb_first(&iface_entry->tag_stat_tree); while (node) { @@ -1228,7 +1391,7 @@ static int ctrl_cmd_delete(const char *input) if (entry_uid != uid) continue; if (!acct_tag || ts_entry->tn.tag == tag) { - pr_debug("qtaguid: ctrl_delete(): " + CT_DEBUG("qtaguid: ctrl_delete(): " "erase ts: %s 0x%llx %u\n", iface_entry->ifname, get_atag_from_tag(ts_entry->tn.tag), @@ -1239,14 +1402,13 @@ static int ctrl_cmd_delete(const char *input) } } spin_unlock_bh(&iface_entry->tag_stat_list_lock); - } spin_unlock_bh(&iface_stat_list_lock); res = 0; err: - pr_debug("qtaguid: ctrl_delete(%s) res=%d\n", input, res); + CT_DEBUG("qtaguid: ctrl_delete(%s) res=%d\n", input, res); return res; } @@ -1259,9 +1421,9 @@ static int ctrl_cmd_counter_set(const char *input) struct tag_counter_set *tcs; int counter_set; - pr_debug("qtaguid: ctrl_counterset(%s): entered\n", input); + CT_DEBUG("qtaguid: ctrl_counterset(%s): entered\n", input); argc = sscanf(input, "%c %d %u", &cmd, &counter_set, &uid); - pr_debug("qtaguid: ctrl_counterset(%s): argc=%d cmd=%c " + CT_DEBUG("qtaguid: ctrl_counterset(%s): argc=%d cmd=%c " "set=%d uid=%u\n", input, argc, cmd, counter_set, uid); if (argc != 3) { @@ -1296,7 +1458,7 @@ static int ctrl_cmd_counter_set(const char *input) } tcs->tn.tag = tag; tag_counter_set_tree_insert(tcs, &tag_counter_set_tree); - pr_debug("qtaguid: ctrl_counterset(%s): added tcs tag=0x%llx " + CT_DEBUG("qtaguid: ctrl_counterset(%s): added tcs tag=0x%llx " "(uid=%d) set=%d\n", input, tag, get_uid_from_tag(tag), counter_set); } @@ -1306,7 +1468,7 @@ static int ctrl_cmd_counter_set(const char *input) res = 0; err: - pr_debug("qtaguid: ctrl_counterset(%s) res=%d\n", input, res); + CT_DEBUG("qtaguid: ctrl_counterset(%s) res=%d\n", input, res); return res; } @@ -1322,7 +1484,7 @@ static int ctrl_cmd_tag(const char *input) /* Unassigned args will get defaulted later. */ argc = sscanf(input, "%c %d %llu %u", &cmd, &sock_fd, &acct_tag, &uid); - pr_debug("qtaguid: ctrl_tag(%s): argc=%d cmd=%c sock_fd=%d " + CT_DEBUG("qtaguid: ctrl_tag(%s): argc=%d cmd=%c sock_fd=%d " "acct_tag=0x%llx uid=%u\n", input, argc, cmd, sock_fd, acct_tag, uid); if (argc < 2) { @@ -1370,14 +1532,14 @@ static int ctrl_cmd_tag(const char *input) } spin_unlock_bh(&sock_tag_list_lock); - pr_debug("qtaguid: tag: sock_tag_entry->sk=%p " + CT_DEBUG("qtaguid: tag: sock_tag_entry->sk=%p " "...->tag=0x%llx (uid=%u)\n", sock_tag_entry->sk, sock_tag_entry->tag, get_uid_from_tag(sock_tag_entry->tag)); res = 0; err: - pr_debug("qtaguid: ctrl_tag(%s) res=%d\n", input, res); + CT_DEBUG("qtaguid: ctrl_tag(%s) res=%d\n", input, res); return res; } @@ -1389,9 +1551,9 @@ static int ctrl_cmd_untag(const char *input) int res, argc; struct sock_tag *sock_tag_entry; - pr_debug("qtaguid: ctrl_untag(%s): entered\n", input); + CT_DEBUG("qtaguid: ctrl_untag(%s): entered\n", input); argc = sscanf(input, "%c %d", &cmd, &sock_fd); - pr_debug("qtaguid: ctrl_untag(%s): argc=%d cmd=%c sock_fd=%d\n", + CT_DEBUG("qtaguid: ctrl_untag(%s): argc=%d cmd=%c sock_fd=%d\n", input, argc, cmd, sock_fd); if (argc < 2) { res = -EINVAL; @@ -1418,7 +1580,7 @@ static int ctrl_cmd_untag(const char *input) res = 0; err: - pr_debug("qtaguid: ctrl_untag(%s): res=%d\n", input, res); + CT_DEBUG("qtaguid: ctrl_untag(%s): res=%d\n", input, res); return res; } @@ -1427,7 +1589,7 @@ static int qtaguid_ctrl_parse(const char *input, int count) char cmd; int res; - pr_debug("qtaguid: ctrl(%s): entered\n", input); + CT_DEBUG("qtaguid: ctrl(%s): entered\n", input); cmd = input[0]; /* Collect params for commands */ switch (cmd) { @@ -1454,7 +1616,7 @@ static int qtaguid_ctrl_parse(const char *input, int count) if (!res) res = count; err: - pr_debug("qtaguid: ctrl(%s): res=%d\n", input, res); + CT_DEBUG("qtaguid: ctrl(%s): res=%d\n", input, res); return res; } @@ -1505,7 +1667,7 @@ static int pp_stats_line(struct proc_print_info *ppi, int cnt_set) tag_t tag = ppi->ts_entry->tn.tag; uid_t stat_uid = get_uid_from_tag(tag); if (!can_read_other_uid_stats(stat_uid)) { - pr_debug("qtaguid: insufficient priv for stat line:" + CT_DEBUG("qtaguid: insufficient priv for stat line:" "%s 0x%llx %u\n", ppi->iface_entry->ifname, get_atag_from_tag(tag), stat_uid); @@ -1590,7 +1752,7 @@ static int qtaguid_stats_proc_read(char *page, char **num_items_returned, return 0; } - pr_debug("qtaguid:proc stats page=%p *num_items_returned=%p off=%ld " + CT_DEBUG("qtaguid:proc stats page=%p *num_items_returned=%p off=%ld " "char_count=%d *eof=%d\n", page, *num_items_returned, items_to_skip, char_count, *eof);